AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-03-30 · Documentation low

File: waf/latest/developerguide/how-aws-waf-works-resources.md

Summary

Added AWS Amplify as a regional resource type and clarified web ACL region requirements for Amplify

Security assessment

Clarifies configuration requirements but doesn't address specific security vulnerabilities or introduce new security features

Diff

diff --git a/waf/latest/developerguide/how-aws-waf-works-resources.md b/waf/latest/developerguide/how-aws-waf-works-resources.md
index 079e60af1..2e1e1e66b 100644
--- a/waf/latest/developerguide/how-aws-waf-works-resources.md
+++ b/waf/latest/developerguide/how-aws-waf-works-resources.md
@@ -32,0 +33,2 @@ You can use AWS WAF to protect the following regional resource types:
+  * AWS Amplify
+
@@ -37,0 +40,2 @@ You can only associate a web ACL to an Application Load Balancer that's within A
+You must create web ACLs that you want to associate with an Amplify app in the Global CloudFront Region. Regional web ACLs might already exist in your AWS account, but they are not compatible with Amplify.
+