AWS Security ChangesHomeSearch

AWS network-firewall documentation change

Service: network-firewall · 2025-05-10 · Documentation low

File: network-firewall/latest/developerguide/reporting.md

Summary

Added information about automatic report deletion after 30 days and UNKNOWN_DOMAIN classification

Security assessment

Enhances documentation about security-related reporting features including data retention policies and domain classification, though no specific vulnerability is addressed.

Diff

diff --git a/network-firewall/latest/developerguide/reporting.md b/network-firewall/latest/developerguide/reporting.md
index d3803933f..bfd1dd270 100644
--- a//network-firewall/latest/developerguide/reporting.md
+++ b//network-firewall/latest/developerguide/reporting.md
@@ -17 +17 @@ Before you can generate a traffic analysis report, you must enable **Traffic ana
-You can generate up to one report per traffic type, per 30 day period. For example, when you successfully create an HTTP traffic report, you cannot create another HTTP traffic report until 30 days pass. Alternatively, if you generate a report that combines metrics on both HTTP and HTTPS traffic, you cannot create another report for either traffic type until 30 days pass.
+You can generate up to one report per traffic type, per 30 day period. For example, when you successfully create an HTTP traffic report, you cannot create another HTTP traffic report until 30 days pass. Alternatively, if you generate a report that combines metrics on both HTTP and HTTPS traffic, you cannot create another report for either traffic type until 30 days pass. Network Firewall automatically deletes the report after 30 days. If the custom HTTP and TLS logs do not contain an SNI or the HTTP hostname, Network Firewall will classify it as UNKNOWN_DOMAIN.