AWS Security ChangesHomeSearch

AWS elasticloadbalancing documentation change

Service: elasticloadbalancing · 2025-06-22 · Documentation low

File: elasticloadbalancing/latest/application/application-load-balancers.md

Summary

Updated list of unsupported features for Local Zone and Outpost subnets, including changes to restrictions around AWS WAF, Lambda targets, Mutual TLS authentication, and sticky sessions

Security assessment

The changes clarify restrictions related to security features like AWS WAF integration and Mutual TLS authentication, but there is no evidence this addresses an active security vulnerability. The updates help users understand security feature limitations in specific configurations.

Diff

diff --git a/elasticloadbalancing/latest/application/application-load-balancers.md b/elasticloadbalancing/latest/application/application-load-balancers.md
index 2977fb5c2..1aa63994e 100644
--- a//elasticloadbalancing/latest/application/application-load-balancers.md
+++ b//elasticloadbalancing/latest/application/application-load-balancers.md
@@ -103 +103 @@ You must select at least two Availability Zone subnets. The following restrictio
-You can specify one or more Local Zone subnets. The following restrictions apply:
+You can specify one or more Local Zone subnets. The following features are not supported:
@@ -105 +105 @@ You can specify one or more Local Zone subnets. The following restrictions apply
-  * You cannot use AWS WAF with the load balancer.
+  * Lambda functions as targets
@@ -107 +107 @@ You can specify one or more Local Zone subnets. The following restrictions apply
-  * You cannot use a Lambda function as a target.
+  * Mutual TLS authentication
@@ -109 +109,3 @@ You can specify one or more Local Zone subnets. The following restrictions apply
-  * You cannot use sticky sessions or application stickiness.
+  * Sticky sessions
+
+  * AWS WAF integration
@@ -124 +126,13 @@ You can specify a single Outpost subnet. The following restrictions apply:
-  * The following features are not available: Lambda functions as targets, AWS WAF integration, sticky sessions, authentication support, and integration with AWS Global Accelerator.
+  * The following features are not supported:
+
+    * AWS Global Accelerator integration
+
+    * Lambda functions as targets
+
+    * Mutual TLS authentication
+
+    * Sticky sessions
+
+    * User authentication
+
+    * AWS WAF integration