AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-06-19 · Documentation low

File: waf/latest/developerguide/waf-atp-control-example-response-inspection.md

Summary

Added console experience note and updated terminology to include 'protection pack' references in response inspection documentation

Security assessment

Changes focus on terminology updates and UI documentation. The response inspection configuration relates to security monitoring but there's no evidence of addressing specific vulnerabilities.

Diff

diff --git a/waf/latest/developerguide/waf-atp-control-example-response-inspection.md b/waf/latest/developerguide/waf-atp-control-example-response-inspection.md
index f609b12aa..dcb9a7f80 100644
--- a//waf/latest/developerguide/waf-atp-control-example-response-inspection.md
+++ b//waf/latest/developerguide/waf-atp-control-example-response-inspection.md
@@ -4,0 +5,4 @@
+**Introducing a new console experience for AWS WAF**
+
+You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). 
+
@@ -7 +11 @@
-The following JSON listing shows an example web ACL with an AWS WAF Fraud Control account takeover prevention (ATP) managed rule group that is configured to inspect origin responses. Note the response inspection configuration, which specifies success and response status codes. You can also configure success and response settings based on header, body, and body JSON matches. This JSON includes the web ACL's automatically generated settings, like the label namespace and the web ACL's application integration URL.
+The following JSON listing shows an example protection pack or web ACL with an AWS WAF Fraud Control account takeover prevention (ATP) managed rule group that is configured to inspect origin responses. Note the response inspection configuration, which specifies success and response status codes. You can also configure success and response settings based on header, body, and body JSON matches. This JSON includes the protection pack or web ACL's automatically generated settings, like the label namespace and the protection pack or web ACL's application integration URL.
@@ -11 +15 @@ The following JSON listing shows an example web ACL with an AWS WAF Fraud Contro
-ATP response inspection is available only in web ACLs that protect CloudFront distributions.
+ATP response inspection is available only in protection pack or web ACLs that protect CloudFront distributions.
@@ -18 +22 @@ ATP response inspection is available only in web ACLs that protect CloudFront di
-            "Description": "This is a test web ACL for ATP.",
+            "Description": "This is a test protection pack or web ACL for ATP.",