chore(elbv2): add post-quantum cryptography SSL policies #36297
Conversation
- Add 6 new post-quantum hybrid key exchange SSL policies using ML-KEM * TLS13_13_PQ: TLS 1.3 only with quantum resistance * TLS13_12_PQ: TLS 1.2 and 1.3 with quantum resistance * TLS13_12_RES_PQ: Restricted cipher suite with quantum resistance * TLS13_12_EXT1_PQ: Extended cipher suite 1 with quantum resistance * TLS13_12_EXT2_PQ: Extended cipher suite 2 with quantum resistance * TLS13_10_PQ: TLS 1.0 through 1.3 with quantum resistance - Add 8 new FIPS-compliant post-quantum cryptography SSL policies * FIPS_TLS13_13_PQ: FIPS TLS 1.3 only with quantum resistance * FIPS_TLS13_12_PQ: FIPS TLS 1.2 and 1.3 with quantum resistance * FIPS_TLS13_12_RES_PQ: FIPS restricted cipher suite with quantum resistance * FIPS_TLS13_12_EXT0_PQ: FIPS extended cipher suite 0 with quantum resistance * FIPS_TLS13_12_EXT1_PQ: FIPS extended cipher suite 1 with quantum resistance * FIPS_TLS13_12_EXT2_PQ: FIPS extended cipher suite 2 with quantum resistance * FIPS_TLS13_11_PQ: FIPS TLS 1.1 through 1.3 with quantum resistance * FIPS_TLS13_10_PQ: FIPS TLS 1.0 through 1.3 with quantum resistance - Support AWS recommended post-quantum cryptography policies for enhanced security
github-actions
bot
added
feature-request
pahud
changed the title
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
aws-cdk-automation
added
the
pr/needs-maintainer-review
|
Can you also update |
Sure I will look into this and update this PR. |
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html
Key Discrepancy: The AWS Console already defaults to post-quantum security, but all programmatic methods (CLI, CloudFormation, CDK) still use older, non-post-quantum policies. This creates an inconsistent experience where Console users get better security by default than infrastructure-as-code users. I am on board to make CDK default to We have two options here to move this path forward: Option 1: Feature Flag// Add a new feature flag
RECOMMENDED_TLS_PQ = 'ELBSecurityPolicy-TLS13-1-2-Res-PQ-2025-09'
// Keep existing for backward compatibility
RECOMMENDED_TLS = 'ELBSecurityPolicy-TLS13-1-2-2021-06'Users opt-in via CDK feature flags: // cdk.json
{
"context": {
"@aws-cdk/aws-elasticloadbalancingv2:usePostQuantumTlsPolicy": true
}
}export enum SslPolicy {
/**
* The recommended security policy for TLS listeners.
*
* When feature flag @aws-cdk/aws-elasticloadbalancingv2:usePostQuantumTlsPolicy is enabled,
* this uses ELBSecurityPolicy-TLS13-1-2-Res-PQ-2025-09 (post-quantum).
* Otherwise uses ELBSecurityPolicy-TLS13-1-2-2021-06 (legacy).
*/
RECOMMENDED_TLS = // dynamically determined based on feature flag
FeatureFlags.of(this).isEnabled(ELB_USE_POST_QUANTUM_TLS_POLICY)
? 'ELBSecurityPolicy-TLS13-1-2-Res-PQ-2025-09'
: 'ELBSecurityPolicy-TLS13-1-2-2021-06',
}Result:
This way existing code using SslPolicy.RECOMMENDED_TLS gets the new behavior only when users explicitly opt-in via the feature flag. Option 2: New Enum Value// Add alongside existing
RECOMMENDED_TLS = 'ELBSecurityPolicy-TLS13-1-2-2021-06' // unchanged
RECOMMENDED_TLS_PQ = 'ELBSecurityPolicy-TLS13-1-2-Res-PQ-2025-09' // newexport enum SslPolicy {
/**
* The recommended security policy for TLS listeners.
* This policy includes TLS 1.3, and is backwards compatible with TLS 1.2
*/
RECOMMENDED_TLS = 'ELBSecurityPolicy-TLS13-1-2-2021-06', // UNCHANGED
/**
* The recommended post-quantum security policy for TLS listeners.
* AWS recommended policy for post-quantum cryptography.
*/
RECOMMENDED_TLS_PQ = 'ELBSecurityPolicy-TLS13-1-2-Res-PQ-2025-09', // NEW
}Behavior:
Personally, if the console now defaults to TLS_PQ, I don't see any reason CDK should not by introducing a FF. Let me know if there's any other concerns. |
|
I'm in favor of |
3 participants
Issue # (if applicable)
Closes #36283.
Reason for this change
AWS announced support for post-quantum (PQ) security policies for Application Load Balancers and Network Load Balancers on November 21, 2025. These policies use hybrid post-quantum key exchange with ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism) to protect against "Harvest Now, Decrypt Later" attacks. The CDK's
SslPolicyenum currently lacks these new policies, forcing users to use string literals and losing type safety.Description of changes
Added 14 new post-quantum security policy enum values to the
SslPolicyenum inpackages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/shared/enums.ts:Standard TLS Policies with PQ:
TLS13_13_PQ- TLS 1.3 only with post-quantum hybrid key exchangeTLS13_12_PQ- TLS 1.2 and 1.3 with post-quantum hybrid key exchangeTLS13_12_RES_PQ- TLS 1.2 and 1.3 restricted cipher suite with PQ (AWS recommended)TLS13_12_EXT1_PQ- TLS 1.2 and 1.3 extended cipher suite 1 with PQTLS13_12_EXT2_PQ- TLS 1.2 and 1.3 extended cipher suite 2 with PQTLS13_10_PQ- TLS 1.0 through 1.3 with post-quantum hybrid key exchangeFIPS-Compliant Policies with PQ:
FIPS_TLS13_13_PQ- TLS 1.3 only FIPS-compliant with PQFIPS_TLS13_12_PQ- TLS 1.2 and 1.3 FIPS-compliant with PQFIPS_TLS13_12_RES_PQ- TLS 1.2 and 1.3 restricted FIPS-compliant with PQ (AWS recommended for FIPS)FIPS_TLS13_12_EXT0_PQ- TLS 1.2 and 1.3 extended cipher suite 0 FIPS-compliant with PQFIPS_TLS13_12_EXT1_PQ- TLS 1.2 and 1.3 extended cipher suite 1 FIPS-compliant with PQFIPS_TLS13_12_EXT2_PQ- TLS 1.2 and 1.3 extended cipher suite 2 FIPS-compliant with PQFIPS_TLS13_11_PQ- TLS 1.1 through 1.3 FIPS-compliant with PQFIPS_TLS13_10_PQ- TLS 1.0 through 1.3 FIPS-compliant with PQAll enum values map to their corresponding AWS policy names (e.g.,
ELBSecurityPolicy-TLS13-1-2-Res-PQ-2025-09) and include JSDoc comments describing their purpose and quantum resistance capabilities.This is a purely additive change with no breaking changes. All existing enum values remain unchanged.
Description of changes to permissions
N/A - This change only adds enum values and does not modify IAM permissions or resource access patterns.
Description of how you validated changes
aws elbv2 describe-ssl-policiesto verify post-quantum policy names exist in AWSOfficial AWS Documentation Proof:
All 14 policy names are documented in the official AWS ELB documentation:
The documentation explicitly lists all PQ policies in the "Protocols by policy" and "Ciphers by policy" tables, including:
ELBSecurityPolicy-TLS13-1-3-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-Res-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-Ext1-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-Ext2-PQ-2025-09,ELBSecurityPolicy-TLS13-1-0-PQ-2025-09ELBSecurityPolicy-TLS13-1-3-FIPS-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-FIPS-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-Res-FIPS-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-Ext0-FIPS-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-Ext1-FIPS-PQ-2025-09,ELBSecurityPolicy-TLS13-1-2-Ext2-FIPS-PQ-2025-09,ELBSecurityPolicy-TLS13-1-1-FIPS-PQ-2025-09,ELBSecurityPolicy-TLS13-1-0-FIPS-PQ-2025-09AWS documentation states: "Security policies with PQ in their names offer hybrid post-quantum key exchange. For compatibility, they support both classical and post-quantum ML-KEM key exchange algorithms."
Live AWS API Validation:
Validation script (
poc.sh) confirmed 13 of 14 policies are currently available via the AWS API:Note:
ELBSecurityPolicy-TLS13-1-1-FIPS-PQ-2025-09is documented but not yet available in the live AWS API (may be rolling out or region-specific). All enum values match the official AWS documentation.Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license