AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-06-16 · Documentation low

File: AWSCloudFormation/latest/TemplateReference/aws-properties-wafv2-webacl-statement.md

Summary

Added AsnMatchStatement documentation with DDoS prevention guidance

Security assessment

Expands documentation for ASN-based traffic inspection capabilities used in security controls, without addressing a specific vulnerability.

Diff

diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-wafv2-webacl-statement.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-wafv2-webacl-statement.md
index b22562b5c..2c4e2fab7 100644
--- a//AWSCloudFormation/latest/TemplateReference/aws-properties-wafv2-webacl-statement.md
+++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-wafv2-webacl-statement.md
@@ -19,0 +20 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+      "AsnMatchStatement" : [AsnMatchStatement](./aws-properties-wafv2-webacl-asnmatchstatement.html),
@@ -41,0 +43,2 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+      AsnMatchStatement: 
+        [AsnMatchStatement](./aws-properties-wafv2-webacl-asnmatchstatement.html)
@@ -84,0 +88,13 @@ _Required_ : No
+`AsnMatchStatement`
+    
+
+A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.
+
+For additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). 
+
+_Required_ : No
+
+ _Type_ : [AsnMatchStatement](./aws-properties-wafv2-webacl-asnmatchstatement.html)
+
+ _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
+