AWS waf documentation change
Summary
Updated documentation to include references to 'protection packs' alongside web ACLs in multiple sections, added note about new console experience
Security assessment
The changes primarily introduce documentation for 'protection packs' - a security-related feature that appears to be a new organizational unit in AWS WAF. While this adds documentation about security features, there is no evidence of addressing a specific security vulnerability or incident.
Diff
diff --git a/waf/latest/developerguide/waf-custom-request-response.md b/waf/latest/developerguide/waf-custom-request-response.md index a0cf3bcc8..d7f571635 100644 --- a//waf/latest/developerguide/waf-custom-request-response.md +++ b//waf/latest/developerguide/waf-custom-request-response.md @@ -4,0 +5,4 @@ +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -7 +11 @@ -This section explains how to add custom web request and response handling behavior to your AWS WAF rule actions and default web ACL actions. Your custom settings apply whenever the action they're attached to applies. +This section explains how to add custom web request and response handling behavior to your AWS WAF rule actions and default protection pack or web ACL actions. Your custom settings apply whenever the action they're attached to applies. @@ -27 +31 @@ You can specify a custom request or response when you define the following actio - * Default action for a web ACL. For information, see [Setting the web ACL default action in AWS WAF](./web-acl-default-action.html). + * Default action for a protection pack or web ACL. For information, see [Setting the protection pack or web ACL default action in AWS WAF](./web-acl-default-action.html). @@ -34 +38 @@ You can specify a custom request or response when you define the following actio -You _cannot_ specify custom request handling in the override action for a rule group that you use in a web ACL. See [Using web ACLs with rules and rule groups in AWS WAF](./web-acl-processing.html). Also see [Using managed rule group statements in AWS WAF](./waf-rule-statement-type-managed-rule-group.html) and [Using rule group statements in AWS WAF](./waf-rule-statement-type-rule-group.html). +You _cannot_ specify custom request handling in the override action for a rule group that you use in a protection pack or web ACL. See [Using protection pack or web ACLs with rules and rule groups in AWS WAF](./web-acl-processing.html). Also see [Using managed rule group statements in AWS WAF](./waf-rule-statement-type-managed-rule-group.html) and [Using rule group statements in AWS WAF](./waf-rule-statement-type-rule-group.html). @@ -38 +42 @@ You _cannot_ specify custom request handling in the override action for a rule g -When you create or change a web ACL or other AWS WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes. +When you create or change a protection pack or web ACL or other AWS WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes. @@ -42 +46 @@ The following are examples of the temporary inconsistencies that you might notic - * After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable. + * After you create a protection pack or web ACL, if you try to associate it with a resource, you might get an exception indicating that the protection pack or web ACL is unavailable. @@ -44 +48 @@ The following are examples of the temporary inconsistencies that you might notic - * After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another. + * After you add a rule group to a protection pack or web ACL, the new rule group rules might be in effect in one area where the protection pack or web ACL is used and not in another. @@ -55 +59 @@ The following are examples of the temporary inconsistencies that you might notic -AWS WAF defines maximum settings for your use of custom requests and responses. For example, a maximum number of request headers per web ACL or rule group, and a maximum number of custom headers for a single custom response definition. For information, see [AWS WAF quotas](./limits.html). +AWS WAF defines maximum settings for your use of custom requests and responses. For example, a maximum number of request headers per protection pack or web ACL or rule group, and a maximum number of custom headers for a single custom response definition. For information, see [AWS WAF quotas](./limits.html).