AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/aws-managed-rule-groups.md

Summary

Clarified terminology around protection packs and web ACL capacity units (WCU), changing 'protection pack or web ACL' to 'protection pack (web ACL)' in two places

Security assessment

The changes appear to be grammatical corrections and terminology clarifications rather than addressing specific security vulnerabilities. While the document discusses security features (WAF rules), there's no evidence these changes fix a security issue or introduce new security documentation.

Diff

diff --git a/waf/latest/developerguide/aws-managed-rule-groups.md b/waf/latest/developerguide/aws-managed-rule-groups.md
index 04a195261..b8e2d6be2 100644
--- a//waf/latest/developerguide/aws-managed-rule-groups.md
+++ b//waf/latest/developerguide/aws-managed-rule-groups.md
@@ -13 +13 @@ This section explains what AWS Managed Rules for AWS WAF is.
-AWS Managed Rules for AWS WAF is a managed service that provides protection against application vulnerabilities or other unwanted traffic. You have the option of selecting one or more rule groups from AWS Managed Rules for each web ACL, up to the maximum protection pack or web ACL capacity unit (WCU) limit. 
+AWS Managed Rules for AWS WAF is a managed service that provides protection against application vulnerabilities or other unwanted traffic. You have the option of selecting one or more rule groups from AWS Managed Rules for each web ACL, up to the maximum protection pack (web ACL) capacity unit (WCU) limit. 
@@ -17 +17 @@ AWS Managed Rules for AWS WAF is a managed service that provides protection agai
-Before using any managed rule group in production, test it in a non-production environment according to the guidance at [Testing and tuning your AWS WAF protections](./web-acl-testing.html). Follow the testing and tuning guidance when you add a rule group to your protection pack or web ACL, to test a new version of a rule group, and whenever a rule group isn't handling your web traffic as you need it to. 
+Before using any managed rule group in production, test it in a non-production environment according to the guidance at [Testing and tuning your AWS WAF protections](./web-acl-testing.html). Follow the testing and tuning guidance when you add a rule group to your protection pack (web ACL), to test a new version of a rule group, and whenever a rule group isn't handling your web traffic as you need it to.