AWS waf documentation change
Summary
Updated terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' throughout documentation for consistency and clarity
Security assessment
The changes are purely terminological clarifications to align 'protection pack' with 'web ACL' terminology. No security vulnerabilities, mitigations, or new security features are mentioned. The updates maintain existing security documentation about logging practices without altering security implications.
Diff
diff --git a/waf/latest/developerguide/logging.md b/waf/latest/developerguide/logging.md index 40901396c..667dddeac 100644 --- a//waf/latest/developerguide/logging.md +++ b//waf/latest/developerguide/logging.md @@ -9 +9 @@ You can now use the updated experience to access AWS WAF functionality anywhere -# Logging AWS WAF protection pack or web ACL traffic +# Logging AWS WAF protection pack (web ACL) traffic @@ -11 +11 @@ You can now use the updated experience to access AWS WAF functionality anywhere -This section explains the logging options for your AWS WAF protection pack or web ACLs. +This section explains the logging options for your AWS WAF protection packs (web ACLs). @@ -13 +13 @@ This section explains the logging options for your AWS WAF protection pack or we -You can enable logging to get detailed information about traffic that is analyzed by your web ACL. Logged information includes the time that AWS WAF received a web request from your AWS resource, detailed information about the request, and details about the rules that the request matched. You can send protection pack or web ACL logs to an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Data Firehose delivery stream. +You can enable logging to get detailed information about traffic that is analyzed by your web ACL. Logged information includes the time that AWS WAF received a web request from your AWS resource, detailed information about the request, and details about the rules that the request matched. You can send protection pack (web ACL) logs to an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Data Firehose delivery stream. @@ -15 +15 @@ You can enable logging to get detailed information about traffic that is analyze -In addition to logs that you can enable for your protection pack or web ACLs, AWS also uses service logs of website or application traffic processed by AWS WAF to provide support for and protect the security of AWS customers and services. +In addition to logs that you can enable for your protection packs (web ACLs), AWS also uses service logs of website or application traffic processed by AWS WAF to provide support for and protect the security of AWS customers and services. @@ -19 +19 @@ In addition to logs that you can enable for your protection pack or web ACLs, AW -The protection pack or web ACL logging configuration only affects the AWS WAF logs. In particular, the redacted fields configuration for logging has no impact on request sampling or Security Lake data collection. You can exclude fields from collection or sampling by configuring protection pack or web ACL data protection. Other than data protection, Security Lake data collection is configured entirely through the Security Lake service. +The protection pack (web ACL) logging configuration only affects the AWS WAF logs. In particular, the redacted fields configuration for logging has no impact on request sampling or Security Lake data collection. You can exclude fields from collection or sampling by configuring protection pack (web ACL) data protection. Other than data protection, Security Lake data collection is configured entirely through the Security Lake service. @@ -23 +23 @@ The protection pack or web ACL logging configuration only affects the AWS WAF lo - * [Pricing for logging protection pack or web ACL traffic information](./logging-pricing.html) + * [Pricing for logging protection pack (web ACL) traffic information](./logging-pricing.html) @@ -27 +27 @@ The protection pack or web ACL logging configuration only affects the AWS WAF lo - * [Configuring logging for a protection pack or web ACL](./logging-management-configure.html) + * [Configuring logging for a protection pack (web ACL)](./logging-management-configure.html) @@ -29 +29 @@ The protection pack or web ACL logging configuration only affects the AWS WAF lo - * [Finding your protection pack or web ACL records](./logging-management.html) + * [Finding your protection pack (web ACL) records](./logging-management.html) @@ -31 +31 @@ The protection pack or web ACL logging configuration only affects the AWS WAF lo - * [Log fields for protection pack or web ACL traffic](./logging-fields.html) + * [Log fields for protection pack (web ACL) traffic](./logging-fields.html) @@ -33 +33 @@ The protection pack or web ACL logging configuration only affects the AWS WAF lo - * [Log examples for protection pack or web ACL traffic](./logging-examples.html) + * [Log examples for protection pack (web ACL) traffic](./logging-examples.html) @@ -42 +42 @@ In addition to logging, you can enable the following options for data collection - * **Amazon Security Lake** – You can configure Security Lake to collect protection pack or web ACL data. Security Lake collects log and event data from various sources for normalization, analysis, and management. For information about this option, see [What is Amazon Security Lake?](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html) and [Collecting data from AWS services](https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html) in the _Amazon Security Lake user guide_. + * **Amazon Security Lake** – You can configure Security Lake to collect protection pack (web ACL) data. Security Lake collects log and event data from various sources for normalization, analysis, and management. For information about this option, see [What is Amazon Security Lake?](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html) and [Collecting data from AWS services](https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html) in the _Amazon Security Lake user guide_. @@ -46 +46 @@ AWS WAF doesn't charge you for using this option. For pricing information, see [ - * **Request sampling** – You can configure your protection pack or web ACL to sample the web requests that it evaluates, to get an idea of the type of traffic that your application is receiving. For information about this option, see [Viewing a sample of web requests](./web-acl-testing-view-sample.html). + * **Request sampling** – You can configure your protection pack (web ACL) to sample the web requests that it evaluates, to get an idea of the type of traffic that your application is receiving. For information about this option, see [Viewing a sample of web requests](./web-acl-testing-view-sample.html).