AWS Security ChangesHomeSearch

AWS AWSCloudFormation medium security documentation change

Service: AWSCloudFormation · 2025-07-04 · Security-related medium

File: AWSCloudFormation/latest/TemplateReference/aws-properties-cloudfront-distribution-distributionconfig.md

Summary

Clarified connection mode description and added note about AWS WAF V2 requirement for multi-tenant distributions

Security assessment

The change explicitly states multi-tenant distributions require AWS WAF V2 web ACLs. Since WAF V2 includes improved security features and this enforces proper security controls for multi-tenant environments, this directly relates to security configuration requirements.

Diff

diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-cloudfront-distribution-distributionconfig.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-cloudfront-distribution-distributionconfig.md
index c5fad54bc..7cebe3d30 100644
--- a//AWSCloudFormation/latest/TemplateReference/aws-properties-cloudfront-distribution-distributionconfig.md
+++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-cloudfront-distribution-distributionconfig.md
@@ -160 +160 @@ _Required_ : No
-The connection mode to filter distributions by.
+This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants(tenant-only).
@@ -439,0 +440,4 @@ _Required_ : No
+###### Note
+
+Multi-tenant distributions only support AWS WAF V2 web ACLs.
+