AWS waf documentation change
Summary
Added notice about new console experience and replaced 'web ACL' with 'protection pack or web ACL' terminology throughout document
Security assessment
Changes focus on terminology updates and UI announcements rather than addressing security vulnerabilities or describing new security features. The 'protection pack' terminology appears to be a product naming update without security implications.
Diff
diff --git a/waf/latest/developerguide/waf-acfp-rg-using.md b/waf/latest/developerguide/waf-acfp-rg-using.md index ce7271439..b274df913 100644 --- a//waf/latest/developerguide/waf-acfp-rg-using.md +++ b//waf/latest/developerguide/waf-acfp-rg-using.md @@ -4,0 +5,4 @@ +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -17 +21 @@ The ACFP stolen credentials database only contains usernames in email format. -This guidance is intended for users who know generally how to create and manage AWS WAF web ACLs, rules, and rule groups. Those topics are covered in prior sections of this guide. For basic information about how to add a managed rule group to your web ACL, see [Adding a managed rule group to a web ACL through the console](./waf-using-managed-rule-group.html). +This guidance is intended for users who know generally how to create and manage AWS WAF protection pack or web ACLs, rules, and rule groups. Those topics are covered in prior sections of this guide. For basic information about how to add a managed rule group to your protection pack or web ACL, see [Adding a managed rule group to a protection pack or web ACL through the console](./waf-using-managed-rule-group.html). @@ -23 +27 @@ Use the ACFP rule group in accordance with the best practices at [Best practices -###### To use the `AWSManagedRulesACFPRuleSet` rule group in your web ACL +###### To use the `AWSManagedRulesACFPRuleSet` rule group in your protection pack or web ACL @@ -25 +29 @@ Use the ACFP rule group in accordance with the best practices at [Best practices - 1. Add the AWS managed rule group, `AWSManagedRulesACFPRuleSet` to your web ACL, and **Edit** the rule group settings before saving. + 1. Add the AWS managed rule group, `AWSManagedRulesACFPRuleSet` to your protection pack or web ACL, and **Edit** the rule group settings before saving. @@ -89 +93 @@ For example, for an HTML form with user and password input elements named `usern -ACFP response inspection is available only in web ACLs that protect CloudFront distributions. +ACFP response inspection is available only in protection pack or web ACLs that protect CloudFront distributions. @@ -105 +109 @@ You can further limit the scope of requests that the rule group inspects by addi - 4. Save your changes to the web ACL. + 4. Save your changes to the protection pack or web ACL.