AWS waf documentation change
Summary
Updated Amazon S3 documentation links from 'gsg' (Getting Started Guide) to 'userguide' references
Security assessment
The changes only update URL paths to point to the correct S3 User Guide sections instead of Getting Started Guide. No security-related content modifications or additions were made - this is purely a documentation structure update.
Diff
diff --git a/waf/latest/developerguide/logging-s3.md b/waf/latest/developerguide/logging-s3.md index e4c80b6dc..6ab020e60 100644 --- a//waf/latest/developerguide/logging-s3.md +++ b//waf/latest/developerguide/logging-s3.md @@ -15 +15 @@ You are charged for logging in addition to the charges for using AWS WAF. For in -To send your web ACL traffic logs to Amazon S3, you set up an Amazon S3 bucket from the same account as you use to manage the web ACL, and you name the bucket starting with `aws-waf-logs-`. When you enable logging in AWS WAF, you provide the bucket name. For information about creating a logging bucket, see [Create a Bucket](https://docs.aws.amazon.com/AmazonS3/latest/gsg/CreatingABucket.html) in the _Amazon Simple Storage Service User Guide_. +To send your web ACL traffic logs to Amazon S3, you set up an Amazon S3 bucket from the same account as you use to manage the web ACL, and you name the bucket starting with `aws-waf-logs-`. When you enable logging in AWS WAF, you provide the bucket name. For information about creating a logging bucket, see [Create a Bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CreatingABucket.html) in the _Amazon Simple Storage Service User Guide_. @@ -57 +57 @@ This option is not available through the console. Use the AWS WAF APIs, CLI, or -For information about using prefixes in Amazon S3, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/gsg/using-prefixes.html) in the _Amazon Simple Storage Service User Guide_. +For information about using prefixes in Amazon S3, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the _Amazon Simple Storage Service User Guide_. @@ -188 +188 @@ Your bucket names for AWS WAF logging must start with `aws-waf-logs-` and can en -If the user creating the log doesn't own the bucket, or doesn't have the `GetBucketPolicy` and `PutBucketPolicy` permissions for the bucket, the log creation fails. In this case, the bucket owner must manually add the preceding policy to the bucket and specify the log creator's AWS account ID. For more information, see [How Do I Add an S3 Bucket Policy?](https://docs.aws.amazon.com/AmazonS3/latest/gsg/add-bucket-policy.html) in the _Amazon Simple Storage Service User Guide_. If the bucket receives logs from multiple accounts, add a `Resource` element entry to the `AWSLogDeliveryWrite` policy statement for each account. +If the user creating the log doesn't own the bucket, or doesn't have the `GetBucketPolicy` and `PutBucketPolicy` permissions for the bucket, the log creation fails. In this case, the bucket owner must manually add the preceding policy to the bucket and specify the log creator's AWS account ID. For more information, see [How Do I Add an S3 Bucket Policy?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/add-bucket-policy.html) in the _Amazon Simple Storage Service User Guide_. If the bucket receives logs from multiple accounts, add a `Resource` element entry to the `AWSLogDeliveryWrite` policy statement for each account. @@ -260 +260 @@ Add the following key policy to your KMS key to allow AWS WAF to log to your Ama -Amazon S3 uses access control lists (ACLs) to manage access to the log files created by an AWS WAF log. By default, the bucket owner has `FULL_CONTROL` permissions on each log file. The log delivery owner, if different from the bucket owner, has no permissions. The log delivery account has `READ` and `WRITE` permissions. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/gsg/acl-overview.html) in the _Amazon Simple Storage Service User Guide_. +Amazon S3 uses access control lists (ACLs) to manage access to the log files created by an AWS WAF log. By default, the bucket owner has `FULL_CONTROL` permissions on each log file. The log delivery owner, if different from the bucket owner, has no permissions. The log delivery account has `READ` and `WRITE` permissions. For more information, see [Access Control List (ACL) Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html) in the _Amazon Simple Storage Service User Guide_.