AWS waf documentation change
Summary
Added references to 'protection pack' alongside web ACL in multiple sections, introduced new console experience documentation
Security assessment
Changes primarily introduce terminology updates (adding 'protection pack') and UI documentation. No specific security vulnerabilities or security feature enhancements are mentioned. The propagation warnings and testing recommendations are existing security best practices that were not modified in substance.
Diff
diff --git a/waf/latest/developerguide/waf-rule-group-editing.md b/waf/latest/developerguide/waf-rule-group-editing.md index 02e2ad361..b4452d255 100644 --- a//waf/latest/developerguide/waf-rule-group-editing.md +++ b//waf/latest/developerguide/waf-rule-group-editing.md @@ -4,0 +5,4 @@ +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -11 +15 @@ To add or remove rules from a rule group or change configuration settings, acces -If you change a rule group that you're currently using in a web ACL, those changes will affect your web ACL behavior wherever it's being used. Be sure to test and tune all changes in a staging or testing environment until you are comfortable with the potential impact to your traffic. Then test and tune your updated rules in count mode with your production traffic before enabling them. For guidance, see [Testing and tuning your AWS WAF protections](./web-acl-testing.html). +If you change a rule group that you're currently using in a protection pack or web ACL, those changes will affect your protection pack or web ACL behavior wherever it's being used. Be sure to test and tune all changes in a staging or testing environment until you are comfortable with the potential impact to your traffic. Then test and tune your updated rules in count mode with your production traffic before enabling them. For guidance, see [Testing and tuning your AWS WAF protections](./web-acl-testing.html). @@ -29 +33 @@ If you don't see the rule group that you want to edit, check the Region selectio -If you change the name of a rule and you want the rule's metric name to reflect the change, you must update the metric name as well. AWS WAF doesn't automatically update the metric name for a rule when you change the rule name. You can change the metric name when you edit the rule in the console, by using the rule JSON editor. You can also change both names through the APIs and in any JSON listing that you use to define your web ACL or rule group. +If you change the name of a rule and you want the rule's metric name to reflect the change, you must update the metric name as well. AWS WAF doesn't automatically update the metric name for a rule when you change the rule name. You can change the metric name when you edit the rule in the console, by using the rule JSON editor. You can also change both names through the APIs and in any JSON listing that you use to define your protection pack or web ACL or rule group. @@ -36 +40 @@ If you change the name of a rule and you want the rule's metric name to reflect -When you create or change a web ACL or other AWS WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes. +When you create or change a protection pack or web ACL or other AWS WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes. @@ -40 +44 @@ The following are examples of the temporary inconsistencies that you might notic - * After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable. + * After you create a protection pack or web ACL, if you try to associate it with a resource, you might get an exception indicating that the protection pack or web ACL is unavailable. @@ -42 +46 @@ The following are examples of the temporary inconsistencies that you might notic - * After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another. + * After you add a rule group to a protection pack or web ACL, the new rule group rules might be in effect in one area where the protection pack or web ACL is used and not in another. @@ -59 +63 @@ Creating a rule group -Using your rule group in a web ACL +Using your rule group in a protection pack or web ACL