Skip to content

(aws-elasticloadbalancingv2): Please add post-quantum security policies #36283

New issue
New issue
Open
#36297
Open
(aws-elasticloadbalancingv2): Please add post-quantum security policies#36283
#36297
Labels
@aws-cdk/aws-elasticloadbalancingv2Related to Amazon Elastic Load Balancing V2effort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.p2
@michael-k

Description

@michael-k
michael-k
opened on Dec 3, 2025

Describe the feature

Add post-quantum security policies available for Network Load Balancer (NLB) and/or Application Load Balancer (ALB), eg. ELBSecurityPolicy-TLS13-1-3-PQ-2025-09.

Announcement: https://aws.amazon.com/about-aws/whats-new/2025/11/network-load-balancers-post-quantum-key-exchange-tls/

Use Case

“I'm always frustrated when…” I cannot use the best security available. I'd love to be able to use ELBSecurityPolicy-TLS13-1-3-PQ-2025-09 and other PQ policies.

Proposed Solution

Add PQ security policies to enum SslPolicy.

Other Information

Adding a custom NetworkListener to our code seems a bit much and others won't be able to benefit from PQ security policies.

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

AWS CDK Library version (aws-cdk-lib)

[email protected]

AWS CDK CLI version

2.1033.0 (build 1ec3310)

Environment details (OS name and version, etc.)

Linux :) (but it doesn't really matter)

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-elasticloadbalancingv2Related to Amazon Elastic Load Balancing V2effort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.p2

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions