AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/logging-cw-logs.md

Summary

Updated terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' throughout documentation

Security assessment

Changes appear to be terminology clarification between protection packs and web ACLs without introducing new security concepts or addressing vulnerabilities. No mention of security incidents, vulnerabilities, or mitigations.

Diff

diff --git a/waf/latest/developerguide/logging-cw-logs.md b/waf/latest/developerguide/logging-cw-logs.md
index 18713fd56..97215d486 100644
--- a//waf/latest/developerguide/logging-cw-logs.md
+++ b//waf/latest/developerguide/logging-cw-logs.md
@@ -11 +11 @@ You can now use the updated experience to access AWS WAF functionality anywhere
-# Sending protection pack or web ACL traffic logs to a Amazon CloudWatch Logs log group
+# Sending protection pack (web ACL) traffic logs to a Amazon CloudWatch Logs log group
@@ -13 +13 @@ You can now use the updated experience to access AWS WAF functionality anywhere
-This topic provides information for sending your protection pack or web ACL traffic logs to a CloudWatch Logs log group. 
+This topic provides information for sending your protection pack (web ACL) traffic logs to a CloudWatch Logs log group. 
@@ -17 +17 @@ This topic provides information for sending your protection pack or web ACL traf
-You are charged for logging in addition to the charges for using AWS WAF. For information, see [Pricing for logging protection pack or web ACL traffic information](./logging-pricing.html).
+You are charged for logging in addition to the charges for using AWS WAF. For information, see [Pricing for logging protection pack (web ACL) traffic information](./logging-pricing.html).
@@ -19 +19 @@ You are charged for logging in addition to the charges for using AWS WAF. For in
-To send logs to Amazon CloudWatch Logs, you create a CloudWatch Logs log group. When you enable logging in AWS WAF, you provide the log group ARN. After you enable logging for your protection pack or web ACL, AWS WAF delivers logs to the CloudWatch Logs log group in log streams. 
+To send logs to Amazon CloudWatch Logs, you create a CloudWatch Logs log group. When you enable logging in AWS WAF, you provide the log group ARN. After you enable logging for your protection pack (web ACL), AWS WAF delivers logs to the CloudWatch Logs log group in log streams. 
@@ -21 +21 @@ To send logs to Amazon CloudWatch Logs, you create a CloudWatch Logs log group.
-When you use CloudWatch Logs, you can explore the logs for your protection pack or web ACL in the AWS WAF console. In your protection pack or web ACL page, select the tab **Logging insights**. This option is in addition to the logging insights that are provided for CloudWatch Logs through the CloudWatch console. 
+When you use CloudWatch Logs, you can explore the logs for your protection pack (web ACL) in the AWS WAF console. In your protection pack (web ACL) page, select the tab **Logging insights**. This option is in addition to the logging insights that are provided for CloudWatch Logs through the CloudWatch console. 
@@ -23 +23 @@ When you use CloudWatch Logs, you can explore the logs for your protection pack
-Configure the log group for AWS WAF protection pack or web ACL logs in the same Region as the protection pack or web ACL and using the same account as you use to manage the protection pack or web ACL. For information about configuring a CloudWatch Logs log group, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html).
+Configure the log group for AWS WAF protection pack (web ACL) logs in the same Region as the protection pack (web ACL) and using the same account as you use to manage the protection pack (web ACL). For information about configuring a CloudWatch Logs log group, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html).
@@ -43 +43 @@ The log streams have the following naming format:
-The following shows an example log stream for protection pack or web ACL `TestWebACL` in Region `us-east-1`. 
+The following shows an example log stream for protection pack (web ACL) `TestWebACL` in Region `us-east-1`. 
@@ -50 +50 @@ The following shows an example log stream for protection pack or web ACL `TestWe
-Configuring protection pack or web ACL traffic logging for a CloudWatch Logs log group requires the permissions settings described in this section. The permissions are set for you when you use one of the AWS WAF full access managed policies, `AWSWAFConsoleFullAccess` or `AWSWAFFullAccess`. If you want to manage finer-grained access to your logging and AWS WAF resources, you can set the permissions yourself. For information about managing permissions, see [Access management for AWS resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) in the _IAM User Guide_. For information about the AWS WAF managed policies, see [AWS managed policies for AWS WAF](./security-iam-awsmanpol.html). 
+Configuring protection pack (web ACL) traffic logging for a CloudWatch Logs log group requires the permissions settings described in this section. The permissions are set for you when you use one of the AWS WAF full access managed policies, `AWSWAFConsoleFullAccess` or `AWSWAFFullAccess`. If you want to manage finer-grained access to your logging and AWS WAF resources, you can set the permissions yourself. For information about managing permissions, see [Access management for AWS resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) in the _IAM User Guide_. For information about the AWS WAF managed policies, see [AWS managed policies for AWS WAF](./security-iam-awsmanpol.html). 
@@ -52 +52 @@ Configuring protection pack or web ACL traffic logging for a CloudWatch Logs log
-These permissions allow you to change the protection pack or web ACL logging configuration, to configure log delivery for CloudWatch Logs, and to retrieve information about your log group. These permissions must be attached to the user that you use to manage AWS WAF. 
+These permissions allow you to change the protection pack (web ACL) logging configuration, to configure log delivery for CloudWatch Logs, and to retrieve information about your log group. These permissions must be attached to the user that you use to manage AWS WAF.