AWS waf documentation change
Summary
Updated documentation to introduce new console experience and expand migration guidance to include protection packs alongside web ACLs. Added references to protection packs throughout migration considerations and switchover procedures.
Security assessment
Changes primarily focus on UI updates and terminology expansion (adding 'protection pack' references). While security best practices like AWS Managed Rules are mentioned, this is existing guidance updated with new terminology rather than addressing a specific vulnerability or adding new security features.
Diff
diff --git a/waf/latest/developerguide/waf-migrating-procedure-additional.md b/waf/latest/developerguide/waf-migrating-procedure-additional.md index e9eef0eb2..0e98c0aa5 100644 --- a//waf/latest/developerguide/waf-migrating-procedure-additional.md +++ b//waf/latest/developerguide/waf-migrating-procedure-additional.md @@ -5 +5 @@ -# Migrating a web ACL: additional considerations +**Introducing a new console experience for AWS WAF** @@ -7 +7,5 @@ -Review your new web ACL and consider the options available to you in the new AWS WAF to be sure that the configuration is as efficient as possible and that it's using the latest available security options. +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + +# Migrating a protection pack or web ACL: additional considerations + +Review your new protection pack or web ACL and consider the options available to you in the new AWS WAF to be sure that the configuration is as efficient as possible and that it's using the latest available security options. @@ -11 +15 @@ Review your new web ACL and consider the options available to you in the new AWS -Consider implementing additional AWS Managed Rules in your web ACL to increase the security posture for your application. These are included with AWS WAF at no additional cost. AWS Managed Rules feature the following types of rule groups: +Consider implementing additional AWS Managed Rules in your protection pack or web ACL to increase the security posture for your application. These are included with AWS WAF at no additional cost. AWS Managed Rules feature the following types of rule groups: @@ -38 +42 @@ Work with your application team and check your security posture. Find out what f -Plan the timing of the switch with your application team. The switch from the old web ACL association to the new one can take a small amount of time to propagate to all areas where your resources are stored. The propagation time can be from a few seconds to a number of minutes. During this time, some requests will be processed by the old web ACL and others will be processed by the new web ACL. Your resources will be protected throughout the switch, but you might notice inconsistencies in request handling while the switch is underway. +Plan the timing of the switch with your application team. The switch from the old protection pack or web ACL association to the new one can take a small amount of time to propagate to all areas where your resources are stored. The propagation time can be from a few seconds to a number of minutes. During this time, some requests will be processed by the old protection pack or web ACL and others will be processed by the new protection pack or web ACL. Your resources will be protected throughout the switch, but you might notice inconsistencies in request handling while the switch is underway. @@ -40 +44 @@ Plan the timing of the switch with your application team. The switch from the ol -When you are ready to switch over, follow the procedure at [Migrating a web ACL: switchover](./waf-migrating-procedure-switchover.html). +When you are ready to switch over, follow the procedure at [Migrating a protection pack or web ACL: switchover](./waf-migrating-procedure-switchover.html).