AWS waf documentation change
Summary
Added console announcement and updated protection scope documentation (web ACL -> protection pack or web ACL)
Security assessment
Clarifies Shield Advanced's automated protection implementation details but does not address vulnerabilities. The protection pack reference documents security feature operation.
Diff
diff --git a/waf/latest/developerguide/ddos-viewing-events.md b/waf/latest/developerguide/ddos-viewing-events.md index cca496f69..0875b6ef2 100644 --- a//waf/latest/developerguide/ddos-viewing-events.md +++ b//waf/latest/developerguide/ddos-viewing-events.md @@ -4,0 +5,4 @@ +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -27 +31 @@ When you subscribe to Shield Advanced and add protections to your resources, you -If you enable automatic application layer DDoS mitigation for an application layer protection, Shield Advanced adds a rule group to your web ACL that it uses to manage automated protections. This rule group generates AWS WAF metrics, but they are not available to view. This is the same as for any other rule groups that you use in your web ACL but do not own, such as AWS Managed Rules rule groups. For more information about AWS WAF metrics, see [AWS WAF metrics and dimensions](./waf-metrics.html). For information about this Shield Advanced protection option, see [Automating application layer DDoS mitigation with Shield Advanced ](./ddos-automatic-app-layer-response.html). +If you enable automatic application layer DDoS mitigation for an application layer protection, Shield Advanced adds a rule group to your protection pack or web ACL that it uses to manage automated protections. This rule group generates AWS WAF metrics, but they are not available to view. This is the same as for any other rule groups that you use in your protection pack or web ACL but do not own, such as AWS Managed Rules rule groups. For more information about AWS WAF metrics, see [AWS WAF metrics and dimensions](./waf-metrics.html). For information about this Shield Advanced protection option, see [Automating application layer DDoS mitigation with Shield Advanced ](./ddos-automatic-app-layer-response.html).