AWS AmazonCloudFront documentation change
Summary
Added clarification that Anycast static IP lists can be used with one or more distributions
Security assessment
The change provides usage clarification about static IP address applicability but does not address a specific security vulnerability or introduce new security controls. Static IP allowlisting for firewalls was already mentioned in previous documentation.
Diff
diff --git a/AmazonCloudFront/latest/DeveloperGuide/request-static-ips.md b/AmazonCloudFront/latest/DeveloperGuide/request-static-ips.md index 55d421c84..d5dd0e652 100644 --- a//AmazonCloudFront/latest/DeveloperGuide/request-static-ips.md +++ b//AmazonCloudFront/latest/DeveloperGuide/request-static-ips.md @@ -11 +11 @@ You can request Anycast static IPs from CloudFront to use with your distribution -You can request 21 Anycast static IP addresses to allowlist with network providers so that you can waive data charges for viewers who access your application. Alternatively, you can use these static IPs within outbound security firewalls to control traffic exchange with approved applications. +You can request 21 Anycast static IP addresses to allowlist with network providers so that you can waive data charges for viewers who access your application. Alternatively, you can use these static IPs within outbound security firewalls to control traffic exchange with approved applications. Anycast static IP lists can be used with one or more distributions.