AWS code-library documentation change
Summary
Added PowerShell V5 example for CreateWebAcl with emphasis on required DefaultAction configuration
Security assessment
Documentation update clarifies proper security configuration of Web ACLs (a security feature), but doesn't address any specific vulnerability. The note about DefaultAction requirements helps prevent misconfiguration.
Diff
diff --git a/code-library/latest/ug/wafv2_example_wafv2_CreateWebAcl_section.md b/code-library/latest/ug/wafv2_example_wafv2_CreateWebAcl_section.md index 8c19bc81d..fa3f0d1f6 100644 --- a//code-library/latest/ug/wafv2_example_wafv2_CreateWebAcl_section.md +++ b//code-library/latest/ug/wafv2_example_wafv2_CreateWebAcl_section.md @@ -127,0 +128,23 @@ PowerShell +**Tools for PowerShell V5** + + +**Example 1: This command creates a new web ACL named "waf-test". Kindly note that as per service API documentation, 'DefaultAction' is a required property. Hence, value for either '-DefaultAction_Allow' and/or '-DefaultAction_Block' should be specified. Since '-DefaultAction_Allow' and '-DefaultAction_Block' are not the required properties, value '@{}' could be used as placeholder as shown in above example.** + + + New-WAF2WebACL -Name "waf-test" -Scope REGIONAL -Region eu-west-1 -VisibilityConfig_CloudWatchMetricsEnabled $true -VisibilityConfig_SampledRequestsEnabled $true -VisibilityConfig_MetricName "waf-test" -Description "Test" -DefaultAction_Allow @{} + + +**Output:** + + + ARN : arn:aws:wafv2:eu-west-1:139480602983:regional/webacl/waf-test/19460b3f-db14-4b9a-8e23-a417e1eb007f + Description : Test + Id : 19460b3f-db14-4b9a-8e23-a417e1eb007f + LockToken : 5a0cd5eb-d911-4341-b313-b429e6d6b6ab + Name : waf-test + + * For API details, see [CreateWebAcl](https://docs.aws.amazon.com/powershell/v5/reference) in _AWS Tools for PowerShell Cmdlet Reference (V5)_. + + + +