AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-06-19 · Documentation low

File: waf/latest/developerguide/waf-atp-with-tokens.md

Summary

Added section about new console experience and updated web ACL references to 'protection pack or web ACL'

Security assessment

Changes focus on UI updates and terminology consistency. The existing security guidance about challenge tokens/CAPTCHA remains unchanged except for terminology updates. No new security features or vulnerabilities addressed.

Diff

diff --git a/waf/latest/developerguide/waf-atp-with-tokens.md b/waf/latest/developerguide/waf-atp-with-tokens.md
index fc433347e..b2f6dd7c6 100644
--- a//waf/latest/developerguide/waf-atp-with-tokens.md
+++ b//waf/latest/developerguide/waf-atp-with-tokens.md
@@ -4,0 +5,4 @@
+**Introducing a new console experience for AWS WAF**
+
+You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). 
+
@@ -11 +15 @@ The ATP managed rule group requires the challenge tokens that the application in
-We highly recommend implementing the application integration SDKs, for the most effective use of the ATP rule group. The challenge script must run before the ATP rule group in order for the rule group to benefit from the tokens that the script acquires. This happens automatically with the application integration SDKs. If you are unable to use the SDKs, you can alternately configure your web ACL so that it runs the Challenge or CAPTCHA rule action against all requests that will be inspected by the ATP rule group. Using the Challenge or CAPTCHA rule action can incur additional fees. For pricing details, see [AWS WAF Pricing](https://aws.amazon.com/waf/pricing/). 
+We highly recommend implementing the application integration SDKs, for the most effective use of the ATP rule group. The challenge script must run before the ATP rule group in order for the rule group to benefit from the tokens that the script acquires. This happens automatically with the application integration SDKs. If you are unable to use the SDKs, you can alternately configure your protection pack or web ACL so that it runs the Challenge or CAPTCHA rule action against all requests that will be inspected by the ATP rule group. Using the Challenge or CAPTCHA rule action can incur additional fees. For pricing details, see [AWS WAF Pricing](https://aws.amazon.com/waf/pricing/).