AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/waf-acfp-control-example-response-inspection.md

Summary

Standardized terminology to 'protection pack (web ACL)' and updated possessive forms. Added clarity about ATP response inspection availability.

Security assessment

Changes improve documentation accuracy for a security feature (response inspection configuration) but do not indicate a security vulnerability fix. Updates are editorial rather than addressing exploits or weaknesses.

Diff

diff --git a/waf/latest/developerguide/waf-acfp-control-example-response-inspection.md b/waf/latest/developerguide/waf-acfp-control-example-response-inspection.md
index 09093db3f..fece1d385 100644
--- a//waf/latest/developerguide/waf-acfp-control-example-response-inspection.md
+++ b//waf/latest/developerguide/waf-acfp-control-example-response-inspection.md
@@ -11 +11 @@ You can now use the updated experience to access AWS WAF functionality anywhere
-The following JSON listing shows an example protection pack or web ACL with an AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group that is configured to inspect origin responses. Note the response inspection configuration, which specifies success and response status codes. You can also configure success and response settings based on header, body, and body JSON matches. This JSON includes the protection pack or web ACL's automatically generated settings, like the label namespace and the protection pack or web ACL's application integration URL.
+The following JSON listing shows an example protection pack (web ACL) with an AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group that is configured to inspect origin responses. Note the response inspection configuration, which specifies success and response status codes. You can also configure success and response settings based on header, body, and body JSON matches. This JSON includes the protection pack (web ACL)'s automatically generated settings, like the label namespace and the protection pack (web ACL)'s application integration URL.
@@ -15 +15 @@ The following JSON listing shows an example protection pack or web ACL with an A
-ATP response inspection is available only in protection pack or web ACLs that protect CloudFront distributions.
+ATP response inspection is available only in protection packs (web ACLs) that protect CloudFront distributions.