AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-03-26 · Documentation low

File: AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.md

Summary

Added 'EnabledAnalysisTypes' property to configure specific traffic analysis types on the firewall

Security assessment

The change introduces documentation for enabling traffic analysis capabilities, which is a security monitoring feature but does not address a specific vulnerability

Diff

diff --git a/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.md b/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.md
index 821e57462..9a0d37711 100644
--- a/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.md
+++ b/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.md
@@ -22,0 +23 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+          "EnabledAnalysisTypes" : [ String, ... ],
@@ -40,0 +42,2 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+      EnabledAnalysisTypes: 
+        - String
@@ -79,0 +83,11 @@ _Maximum_ : `512`
+`EnabledAnalysisTypes`
+    
+
+An optional setting indicating the specific traffic analysis types to enable on the firewall. 
+
+_Required_ : No
+
+ _Type_ : Array of String
+
+ _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
+