AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2025-02-27 · Documentation low

File: solutions/latest/security-automations-for-aws-waf/build-monitoring-dashboard.md

Summary

Updated formatting and added a heading for the CloudFront dashboard screenshot in monitoring documentation

Security assessment

The changes involve formatting improvements and adding a heading for a screenshot. While the content discusses security monitoring, the changes themselves do not add or modify security-related information.

Diff

diff --git a/solutions/latest/security-automations-for-aws-waf/build-monitoring-dashboard.md
index ab3bb87ca..5858f86c9 100644
--- a/solutions/latest/security-automations-for-aws-waf/build-monitoring-dashboard.md
+++ b/solutions/latest/security-automations-for-aws-waf/build-monitoring-dashboard.md
@@ -7 +7 @@
-AWS recommends that you configure a custom baseline monitoring system for each critical endpoint. For information on creating and using customized metric views, refer to [CloudWatch Dashboards – Create & Use Customized Metrics Views](https://aws.amazon.com/blogs/aws/cloudwatch-dashboards-create-use-customized-metrics-views/) and [Using Amazon CloudWatch dashboards](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Dashboards.html). 
+AWS recommends that you configure a custom baseline monitoring system for each critical endpoint. For information on creating and using customized metric views, refer to [CloudWatch Dashboards - Create & Use Customized Metrics Views](https://aws.amazon.com/blogs/aws/cloudwatch-dashboards-create-use-customized-metrics-views/) and [Using Amazon CloudWatch dashboards](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Dashboards.html).
@@ -11 +11,3 @@ The following dashboard screenshot shows an example of a custom baseline monitor
-![Screenshot of CloudFront dashboard](/images/solutions/latest/security-automations-for-aws-waf/images/waf-monitoring-dashboard.png)
+**Screenshot of CloudFront dashboard**
+
+![waf monitoring dashboard](/images/solutions/latest/security-automations-for-aws-waf/images/waf-monitoring-dashboard.png)
@@ -15 +17 @@ The dashboard displays the following metrics:
-  * **Allowed vs Blocked Requests** – Shows if you receive a surge in allowed access (twice the normal peak access) or blocked access (any period that identifies more than 1K blocked requests). CloudWatch sends an alert to a Slack channel. You can use this metric to track known DDoS attacks (when blocked requests increase) or a new version of an attack (when the requests are allowed to access the system). 
+  * **Allowed vs Blocked Requests** \- Shows if you receive a surge in allowed access (twice the normal peak access) or blocked access (any period that identifies more than 1K blocked requests). CloudWatch sends an alert to a Slack channel. You can use this metric to track known DDoS attacks (when blocked requests increase) or a new version of an attack (when the requests are allowed to access the system).
@@ -21 +23 @@ The dashboard displays the following metrics:
-  * **BytesDownloaded vs Uploaded** – Helps identify when a DDoS attack targets a service that normally doesn’t receive a large amount of access to exhaust resources (for example, search engine component sending MBs of information for one specific request parameters set). 
+  * **BytesDownloaded vs Uploaded** \- Helps identify when a DDoS attack targets a service that normally doesn’t receive a large amount of access to exhaust resources (for example, search engine component sending MBs of information for one specific request parameters set).
@@ -23 +25 @@ The dashboard displays the following metrics:
-  * **ELB Spillover and Queue length** – Helps verify if a DDoS attack is causing damage to the infrastructure and the attacker is bypassing CloudFront or the AWS WAF layer, and attacking directly unprotected resources. 
+  * **ELB Spillover and Queue length** \- Helps verify if a DDoS attack is causing damage to the infrastructure and the attacker is bypassing CloudFront or the AWS WAF layer, and attacking directly unprotected resources.
@@ -25 +27 @@ The dashboard displays the following metrics:
-  * **ELB Request Count** – Helps identify damage to the infrastructure. This metric shows if the attacker is bypassing the protection layer, or if you should review a CloudFront cache rule to increase the cache hit rate. 
+  * **ELB Request Count** \- Helps identify damage to the infrastructure. This metric shows if the attacker is bypassing the protection layer, or if you should review a CloudFront cache rule to increase the cache hit rate.
@@ -27 +29 @@ The dashboard displays the following metrics:
-  * **ELB Healthy Host** – You can use this as another system health check metric. 
+  * **ELB Healthy Host** \- You can use this as another system health check metric.
@@ -29 +31 @@ The dashboard displays the following metrics:
-  * **ASG CPU Utilization** – Helps identify if the attacker is bypassing CloudFront, AWS WAF, and Elastic Load Balancing. You can also use this metric to identify the damage of an attack. 
+  * **ASG CPU Utilization** \- Helps identify if the attacker is bypassing CloudFront, AWS WAF, and Elastic Load Balancing. You can also use this metric to identify the damage of an attack.