AWS waf documentation change
Summary
Updated console URL and added note about automatic DDoS protection when associating ALB
Security assessment
Added documentation about enabling resource-level DDoS protection through AntiDDoSRuleSet, which describes a security feature but does not indicate a security issue fix.
Diff
diff --git a/waf/latest/developerguide/web-acl-creating.md b/waf/latest/developerguide/web-acl-creating.md index aa77b0cc5..e1aec7e5c 100644 --- a//waf/latest/developerguide/web-acl-creating.md +++ b//waf/latest/developerguide/web-acl-creating.md @@ -21 +21 @@ Using more than 1,500 WCUs in a web ACL incurs costs beyond the basic web ACL pr - 1. Sign in to the AWS Management Console and open the AWS WAF console at [https://console.aws.amazon.com/wafv2/](https://console.aws.amazon.com/wafv2/). + 1. Sign in to the AWS Management Console and open the AWS WAF console at [https://console.aws.amazon.com/wafv2/homev2](https://console.aws.amazon.com/wafv2/homev2). @@ -48,0 +49,4 @@ You only need to choose this option for Regional resource types. For CloudFront +###### Note + +When you choose to associate an Application Load Balancer with your webACL, **Resource-level DDoS protection** is enabled. For more information, see [AWS WAF Distributed Denial of Service (DDoS) prevention](./waf-anti-ddos.html). +