CKV2_AWS_74 should only apply when load balancer's protocol is HTTPS or TLS

**Describe the issue**
The CKV2_AWS_74 [ introduced recently](https://github.com/bridgecrewio/checkov/pull/7108) results in false positives for load balancers which are pass-through (network load balancers) or do not use TLS at all. Per TF [documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener#ssl_policy-1) `ssl_policy` is required only if protocol is HTTPS or TLS 

**Examples**
This block describing an NLB listener should not be flagged:
```
resource "aws_lb_listener" "external_https" {
  load_balancer_arn = aws_lb.external_lb.arn
  port              = 443
  protocol          = "TCP"

  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.external_tg.arn
  }
}
```

**Version (please complete the following information):**
 - Checkov Version 3.2.407 

**Additional context**



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CKV2_AWS_74 should only apply when load balancer's protocol is HTTPS or TLS #7120

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CKV2_AWS_74 should only apply when load balancer's protocol is HTTPS or TLS #7120

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions