AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2025-04-03 · Documentation low

File: solutions/latest/security-automations-for-aws-waf/component-details.md

Summary

Refined S3 log path formatting and added explicit partitioning structure for Athena logs

Security assessment

Improves log storage documentation but doesn't address security vulnerabilities or introduce security features

Diff

diff --git a/solutions/latest/security-automations-for-aws-waf/component-details.md b/solutions/latest/security-automations-for-aws-waf/component-details.md
index fbc546444..42718d7a2 100644
--- a//solutions/latest/security-automations-for-aws-waf/component-details.md
+++ b//solutions/latest/security-automations-for-aws-waf/component-details.md
@@ -21 +21 @@ The Application log parser helps protect against scanners and probes.
-    1. (Optional) If you select `Yes - Amazon Athena log parser` for the template parameters **Activate HTTP Flood Protection** and **Activate Scanner & Probe Protection**, a Lambda function moves access logs from their original folder ` <customer-bucket> `/AWSLogs` ` to a newly partitioned folder ` <customer-bucket> `/hour=` <HH> ` upon their arrival in Amazon S3.
+    1. (Optional) If you select `Yes - Amazon Athena log parser` for the template parameters **Activate HTTP Flood Protection** and **Activate Scanner & Probe Protection**, a Lambda function moves access logs from their original folder `<customer-bucket>` `/AWSLogs` to a newly partitioned folder `<customer-bucket>` `/AWSLogs-partitioned/` `<optional-prefix>` `/year=` `<YYYY>` `/month=` `<MM>` `/day=` `<DD>` `/hour=` `<HH>`/ upon their arrival in Amazon S3.
@@ -48 +48 @@ If you select `yes - AWS Lambda log parser` or `yes - Amazon Athena log parser`
-  1. When AWS WAF receives access logs, it sends the logs to an Firehose endpoint. Firehose then delivers the logs to a partitioned bucket in Amazon S3 named ` <customer-bucket> `/AWSLogs/ <optional-prefix>/year=<YYYY> ` /month=<MM> `/day=<DD> `/hour= <HH>/`
+  1. When AWS WAF receives access logs, it sends the logs to an Firehose endpoint. Firehose then delivers the logs to a partitioned bucket in Amazon S3 named `<customer-bucket>` `/AWSLogs/` `<optional-prefix>` `/year=` `<YYYY>` `/month=` `<MM>` `/day=` `<DD>` `/hour=` `<HH>` `/`