An outdated SSL policy is in use by a load balancer.
Explanation
You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.
Insecure Example
The following example will fail the AWS010 check.
resource "aws_alb_listener" "my-resource" {
ssl_policy = "ELBSecurityPolicy-TLS-1-1-2017-01"
protocol = "HTTPS"
}
Secure Example
The following example will pass the AWS010 check.
resource "aws_alb_listener" "my-resource" {
ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01"
protocol = "HTTPS"
}