AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-07-25 · Documentation low

File: cognito/latest/developerguide/user-pool-waf.md

Summary

Clarified documentation about AWS WAF ATP rule group usage with Cognito user pools

Security assessment

The change clarifies the relationship between ATP features and managed rule groups, but does not indicate a security vulnerability being addressed. It improves documentation about security-related WAF configurations.

Diff

diff --git a/cognito/latest/developerguide/user-pool-waf.md b/cognito/latest/developerguide/user-pool-waf.md
index c36548c65..5a6bf4577 100644
--- a//cognito/latest/developerguide/user-pool-waf.md
+++ b//cognito/latest/developerguide/user-pool-waf.md
@@ -27 +27 @@ When you have an AWS WAF web ACL associated with a user pool, Amazon Cognito for
-  * You can’t associate a web ACL that uses AWS WAF [Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) with an Amazon Cognito user pool. You implement the ATP feature when you add the `AWS-AWSManagedRulesATPRuleSet` managed rule group. Before you associate it with a user pool, ensure that your web ACL doesn’t use this managed rule group.
+  * You can’t associate a web ACL that uses AWS WAF [Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) with an Amazon Cognito user pool. The ATP feature is in the `AWS-AWSManagedRulesATPRuleSet` managed rule group. Before you associate a web ACL with a user pool, be sure that it doesn’t use this managed rule group.
@@ -64,0 +65,6 @@ To work with a web ACL in your user pool, your AWS Identity and Access Managemen
+JSON
+    
+
+****
+    
+