AWS cognito documentation change
Summary
Clarified documentation about AWS WAF ATP rule group usage with Cognito user pools
Security assessment
The change clarifies the relationship between ATP features and managed rule groups, but does not indicate a security vulnerability being addressed. It improves documentation about security-related WAF configurations.
Diff
diff --git a/cognito/latest/developerguide/user-pool-waf.md b/cognito/latest/developerguide/user-pool-waf.md index c36548c65..5a6bf4577 100644 --- a//cognito/latest/developerguide/user-pool-waf.md +++ b//cognito/latest/developerguide/user-pool-waf.md @@ -27 +27 @@ When you have an AWS WAF web ACL associated with a user pool, Amazon Cognito for - * You can’t associate a web ACL that uses AWS WAF [Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) with an Amazon Cognito user pool. You implement the ATP feature when you add the `AWS-AWSManagedRulesATPRuleSet` managed rule group. Before you associate it with a user pool, ensure that your web ACL doesn’t use this managed rule group. + * You can’t associate a web ACL that uses AWS WAF [Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) with an Amazon Cognito user pool. The ATP feature is in the `AWS-AWSManagedRulesATPRuleSet` managed rule group. Before you associate a web ACL with a user pool, be sure that it doesn’t use this managed rule group. @@ -64,0 +65,6 @@ To work with a web ACL in your user pool, your AWS Identity and Access Managemen +JSON + + +**** + +