minimum
Parameters
If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:
The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.
The ciphers that CloudFront can use to encrypt the content that it returns to viewers. For more information, see Security Policy and Supported Protocols and Ciphers Between Viewers and CloudFront in the Amazon CloudFront Developer Guide. On the CloudFront console, this setting is called Security Policy. When you're using SNI only (you set
`SSLSupportMethod`to`sni-only`), you must specify`TLSv1`or higher. (In CloudFormation, the field name is`SslSupportMethod`. Note the different capitalization.) If the distribution uses the CloudFront domain name such as`d111111abcdef8.cloudfront.net`(you set`CloudFrontDefaultCertificate`to`true`), CloudFront automatically sets the security policy to`TLSv1`regardless of the value that you set here.