Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added note for default cipher values #3915

Merged
merged 4 commits into from
Jul 12, 2022
Merged

added note for default cipher values #3915

merged 4 commits into from
Jul 12, 2022

Conversation

arpit-srivastava-ibm
Copy link
Contributor

Issue - #3736

hkantare
hkantare reviewed Jul 8, 2022
View reviewed changes
website/docs/r/cis_domain_settings.html.markdown Outdated
@@ -80,7 +80,7 @@ Review the argument references that you can specify for your resource.
- `browser_check` - (Optional, String) Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are `off` and `on`.
- `brotli` - (Optional, String) Supported values are `off` and `on`.
- `challenge_ttl` - (Optional, String) Challenge TTL values are `300`, `900`, `1800`, `2700`, `3600`, `7200`, `10800`, `14400`, `28800`, `57600`, `86400`, `604800`, `2592000`, and `31536000`.
- `cipher` - (Optional, String) Cipher setting values are `ECDHE-ECDSA-AES128-GCM-SHA256`, `ECDHE-ECDSA-CHACHA20-POLY1305`,`ECDHE-RSA-AES128-GCM-SHA256`, `ECDHE-RSA-CHACHA20-POLY1305`, `ECDHE-ECDSA-AES128-SHA256`, `ECDHE-ECDSA-AES128-SHA`, `ECDHE-RSA-AES128-SHA256`, `ECDHE-RSA-AES128-SHA`, `AES128-GCM-SHA256`, `AES128-SHA256`, `AES128-SHA`, `ECDHE-ECDSA-AES256-GCM-SHA384`, `ECDHE-ECDSA-AES256-SHA384`, `ECDHE-RSA-AES256-GCM-SHA384`, `ECDHE-RSA-AES256-SHA384`, `ECDHE-RSA-AES256-SHA`, `AES256-GCM-SHA384`, `AES256-SHA256`, `AES256-SHA`, `DES-CBC3-SHA`, `AEAD-AES128-GCM-SHA256`, `AEAD-AES256-GCM-SHA384`, `AEAD-CHACHA20-POLY1305-SHA256`.
- `cipher` - (Optional, List) Cipher setting values are `ECDHE-ECDSA-AES128-GCM-SHA256`, `ECDHE-ECDSA-CHACHA20-POLY1305`,`ECDHE-RSA-AES128-GCM-SHA256`, `ECDHE-RSA-CHACHA20-POLY1305`, `ECDHE-ECDSA-AES128-SHA256`, `ECDHE-ECDSA-AES128-SHA`, `ECDHE-RSA-AES128-SHA256`, `ECDHE-RSA-AES128-SHA`, `AES128-GCM-SHA256`, `AES128-SHA256`, `AES128-SHA`, `ECDHE-ECDSA-AES256-GCM-SHA384`, `ECDHE-ECDSA-AES256-SHA384`, `ECDHE-RSA-AES256-GCM-SHA384`, `ECDHE-RSA-AES256-SHA384`, `ECDHE-RSA-AES256-SHA`, `AES256-GCM-SHA384`, `AES256-SHA256`, `AES256-SHA`, `DES-CBC3-SHA`. To use default cipher value, pass emply list `[]`.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Empty spelling wrong

website/docs/r/cis_domain_settings.html.markdown Outdated
@@ -92,7 +92,7 @@ Review the argument references that you can specify for your resource.
- `ipv6` - (Optional, String) Supported values are `off` and `on`.
- `ip_geolocation` - (Optional, String) Supported values are `off` and `on`.
- `max_upload` - (Optional, String) Maximum upload values are `100`, `125`, `150`, `175`, `200`, `225`, `250`, `275`, `300`, `325`, `350`, `375`, `400`, `425`, `450`, `475`, and `500`.
- `min_tls_version` - (Optional, String) The minimum TLS version that you want to allow. Allowed values are `1.1`, `1.2`, or `1.3`.
- `min_tls_version` - (Optional, String) The minimum TLS version that you want to allow. Allowed values are `1.1`, `1.2`, or `1.3`. To set value as `1.3`, we can not customize which ciphers to use. Only default value can be set for version `1.3`.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think shd we re phrase the senetence ...something like when we set min_tls_version as 1.3 we can't customize which ciphers to use. The ciphers needs to be set to empty list. (this shd be added as NOTE )

May be you add one more example above for 1.3 tls

@hkantare hkantare merged commit a34b25b into IBM-Cloud:master Jul 12, 2022
SunithaGudisagarIBM pushed a commit to ibm-vpc/terraform-provider-ibm that referenced this pull request Sep 14, 2022
@arpit-srivastava-ibm @SunithaGudisagarIBM1
added note for default cipher values (IBM-Cloud#3915)
7e2bd8d 
* added note for default cipher values

* added example

* added example

* added example

Co-authored-by: Arpit Srivastava <[email protected]>
SunithaGudisagarIBM pushed a commit to ibm-vpc/terraform-provider-ibm that referenced this pull request Sep 14, 2022
@arpit-srivastava-ibm @SunithaGudisagarIBM1
added note for default cipher values (IBM-Cloud#3915)
791aa47 
* added note for default cipher values

* added example

* added example

* added example

Co-authored-by: Arpit Srivastava <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hkantare hkantare hkantare left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@arpit-srivastava-ibm @hkantare