AWS Security ChangesHomeSearch

AWS solutions medium security documentation change

Service: solutions · 2025-07-01 · Security-related medium

File: solutions/latest/cloud-migration-factory-on-aws/security.md

Summary

Added important note about WAF IP restrictions requiring CMF automation server/NAT Gateway IP inclusion

Security assessment

Addresses potential misconfiguration that could block legitimate automation traffic or create security gaps. Explicitly warns about critical access requirements for security controls.

Diff

diff --git a/solutions/latest/cloud-migration-factory-on-aws/security.md b/solutions/latest/cloud-migration-factory-on-aws/security.md
index 5902d901b..dfd53e3b0 100644
--- a//solutions/latest/cloud-migration-factory-on-aws/security.md
+++ b//solutions/latest/cloud-migration-factory-on-aws/security.md
@@ -30,0 +31,4 @@ If deployment type selected in the stack is Public with [AWS WAF](https://aws.am
+###### Important
+
+When configuring WAF IP restrictions, ensure that the IP address of your CMF automation server or the outgoing NAT Gateway IP is included in the allowed CIDR ranges. This is critical for the proper functioning of CMF automation scripts that need to access the solution’s API endpoints.
+