AWS waf documentation change
Summary
Added console experience notice and updated example configuration to reference 'protection pack or web ACL' instead of just web ACL
Security assessment
The changes document new organizational options (protection packs) for security configurations but don't address any specific security vulnerability. The updates expand documentation for security feature implementation without indicating resolution of security flaws.
Diff
diff --git a/waf/latest/developerguide/waf-acfp-control-example-basic.md b/waf/latest/developerguide/waf-acfp-control-example-basic.md index 08bea924d..96daf1feb 100644 --- a//waf/latest/developerguide/waf-acfp-control-example-basic.md +++ b//waf/latest/developerguide/waf-acfp-control-example-basic.md @@ -4,0 +5,4 @@ +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -7 +11 @@ -The following JSON listing shows an example web ACL with an AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group. Note the additional `CreationPath` and `RegistrationPagePath` configurations, along with the payload type and the information needed to locate new account information in the payload, in order to verify it. The rule group uses this information to monitor and manage your account creation requests. This JSON includes the web ACL's automatically generated settings, like the label namespace and the web ACL's application integration URL. +The following JSON listing shows an example protection pack or web ACL with an AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group. Note the additional `CreationPath` and `RegistrationPagePath` configurations, along with the payload type and the information needed to locate new account information in the payload, in order to verify it. The rule group uses this information to monitor and manage your account creation requests. This JSON includes the protection pack or web ACL's automatically generated settings, like the label namespace and the protection pack or web ACL's application integration URL.