AWS waf documentation change
Summary
Added references to 'protection pack' alongside web ACL configurations throughout the document and introduced new console experience documentation
Security assessment
The changes introduce 'protection pack' terminology and updated console guidance but do not address specific vulnerabilities. The updates appear to document expanded security configuration options rather than remediate security issues.
Diff
diff --git a/waf/latest/developerguide/web-acl-testing-enable-production.md b/waf/latest/developerguide/web-acl-testing-enable-production.md index 3166f1ed3..160ee3128 100644 --- a//waf/latest/developerguide/web-acl-testing-enable-production.md +++ b//waf/latest/developerguide/web-acl-testing-enable-production.md @@ -4,0 +5,4 @@ +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -13 +17 @@ When you've finished the final stage of testing and tuning in your production en -Before you deploy your web ACL implementation for production traffic, test and tune it in a test environment until you are comfortable with the potential impact to your traffic. Also test and tune it in count mode with your production traffic before enabling your protections for production traffic. +Before you deploy your protection pack or web ACL implementation for production traffic, test and tune it in a test environment until you are comfortable with the potential impact to your traffic. Also test and tune it in count mode with your production traffic before enabling your protections for production traffic. @@ -17 +21 @@ Before you deploy your web ACL implementation for production traffic, test and t -To follow the guidance in this section, you need to understand generally how to create and manage AWS WAF protections like web ACLs, rules, and rule groups. That information is covered in earlier sections of this guide. +To follow the guidance in this section, you need to understand generally how to create and manage AWS WAF protections like protection pack or web ACLs, rules, and rule groups. That information is covered in earlier sections of this guide. @@ -25 +29 @@ Perform these steps first in your test environment, then in production. -Update your web ACL and switch your settings for production. +Update your protection pack or web ACL and switch your settings for production. @@ -35 +39 @@ Change the action settings for your new rules to their intended production setti - * **Rule defined in the web ACL** – Edit the rules in the web ACL and change their actions from Count to their production actions. + * **Rule defined in the protection pack or web ACL** – Edit the rules in the protection pack or web ACL and change their actions from Count to their production actions. @@ -37 +41 @@ Change the action settings for your new rules to their intended production setti - * **Rule group** – In your web ACL configuration of the rule group, switch rules to use their own actions or leave them with the Count action override, according to the results of your testing and tuning activities. If you're using a label matching rule to filter the results of a rule group rule, be sure to leave the override for that rule in place. + * **Rule group** – In your protection pack or web ACL configuration of the rule group, switch rules to use their own actions or leave them with the Count action override, according to the results of your testing and tuning activities. If you're using a label matching rule to filter the results of a rule group rule, be sure to leave the override for that rule in place. @@ -39 +43 @@ Change the action settings for your new rules to their intended production setti -To switch to using a rule's action, in your web ACL configuration, edit the rule statement for the rule group and remove the Count override for the rule. If you manage the web ACL in JSON, in the rule group reference statement, remove the entry for the rule from the `RuleActionOverrides` list. +To switch to using a rule's action, in your protection pack or web ACL configuration, edit the rule statement for the rule group and remove the Count override for the rule. If you manage the protection pack or web ACL in JSON, in the rule group reference statement, remove the entry for the rule from the `RuleActionOverrides` list. @@ -41 +45 @@ To switch to using a rule's action, in your web ACL configuration, edit the rule - * **Web ACL** – If you changed the web ACL default action for your tests, switch it to its production setting. + * **protection pack or web ACL** – If you changed the protection pack or web ACL default action for your tests, switch it to its production setting. @@ -45 +49 @@ With these settings, your new protections will be managing web traffic as you in -When you save your web ACL, the resources that it's associated with will be using your production settings. +When you save your protection pack or web ACL, the resources that it's associated with will be using your production settings.