AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-06-19 · Documentation low

File: waf/latest/developerguide/logging-kinesis.md

Summary

Updated documentation to include 'protection pack' alongside web ACL references in logging configuration steps, permissions, and pricing. Added note about new console experience.

Security assessment

The changes expand logging documentation to include protection packs, which are likely security-related features. However, there is no evidence of addressing a specific security vulnerability. The updates enhance documentation about security monitoring capabilities (logging) rather than patching vulnerabilities.

Diff

diff --git a/waf/latest/developerguide/logging-kinesis.md b/waf/latest/developerguide/logging-kinesis.md
index 52a53259f..c23f15085 100644
--- a//waf/latest/developerguide/logging-kinesis.md
+++ b//waf/latest/developerguide/logging-kinesis.md
@@ -7 +7 @@ Configuration guidelinesPermissions for logging
-# Sending web ACL traffic logs to an Amazon Data Firehose delivery stream
+**Introducing a new console experience for AWS WAF**
@@ -9 +9,5 @@ Configuration guidelinesPermissions for logging
-This section provides information for sending your web ACL traffic logs to an Amazon Data Firehose delivery stream. 
+You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). 
+
+# Sending protection pack or web ACL traffic logs to an Amazon Data Firehose delivery stream
+
+This section provides information for sending your protection pack or web ACL traffic logs to an Amazon Data Firehose delivery stream. 
@@ -13 +17 @@ This section provides information for sending your web ACL traffic logs to an Am
-You are charged for logging in addition to the charges for using AWS WAF. For information, see [Pricing for logging web ACL traffic information](./logging-pricing.html).
+You are charged for logging in addition to the charges for using AWS WAF. For information, see [Pricing for logging protection pack or web ACL traffic information](./logging-pricing.html).
@@ -15 +19 @@ You are charged for logging in addition to the charges for using AWS WAF. For in
-To send logs to Amazon Data Firehose, you send logs from your web ACL to an Amazon Data Firehose delivery stream which you configure in Firehose. After you enable logging, AWS WAF delivers logs to your storage destination through the HTTPS endpoint of Firehose. 
+To send logs to Amazon Data Firehose, you send logs from your protection pack or web ACL to an Amazon Data Firehose delivery stream which you configure in Firehose. After you enable logging, AWS WAF delivers logs to your storage destination through the HTTPS endpoint of Firehose. 
@@ -23 +27 @@ For information about creating your delivery stream, see [Creating an Amazon Dat
-## Configuring an Amazon Data Firehose delivery stream for your web ACL 
+## Configuring an Amazon Data Firehose delivery stream for your protection pack or web ACL 
@@ -25 +29 @@ For information about creating your delivery stream, see [Creating an Amazon Dat
-Configure an Amazon Data Firehose delivery stream for your web ACL as follows.
+Configure an Amazon Data Firehose delivery stream for your protection pack or web ACL as follows.
@@ -27 +31 @@ Configure an Amazon Data Firehose delivery stream for your web ACL as follows.
-  * Create it using the same account as you use to manage the web ACL.
+  * Create it using the same account as you use to manage the protection pack or web ACL.
@@ -29 +33 @@ Configure an Amazon Data Firehose delivery stream for your web ACL as follows.
-  * Create it in the same Region as the web ACL. If you are capturing logs for Amazon CloudFront, create the firehose in US East (N. Virginia) Region, `us-east-1`.
+  * Create it in the same Region as the protection pack or web ACL. If you are capturing logs for Amazon CloudFront, create the firehose in US East (N. Virginia) Region, `us-east-1`.
@@ -46 +50 @@ To understand the permissions required for your Kinesis Data Firehose configurat
-You must have the following permissions to successfully enable web ACL logging with an Amazon Data Firehose delivery stream.
+You must have the following permissions to successfully enable protection pack or web ACL logging with an Amazon Data Firehose delivery stream.