AWS waf documentation change
Summary
Standardized phrasing to use 'protection pack (web ACL)' instead of 'protection pack or web ACL' and updated regional usage guidance
Security assessment
Documentation updates focus on terminology consistency and regional deployment guidance. No security vulnerabilities are mentioned or addressed. The deletion warning text remains functionally equivalent to previous version.
Diff
diff --git a/waf/latest/developerguide/waf-regex-pattern-set-managing.md b/waf/latest/developerguide/waf-regex-pattern-set-managing.md index b4c9f0a9f..0683d14d1 100644 --- a//waf/latest/developerguide/waf-regex-pattern-set-managing.md +++ b//waf/latest/developerguide/waf-regex-pattern-set-managing.md @@ -15 +15 @@ A regex pattern set provides a collection of regular expressions that you want t -To use a regex pattern set in a protection pack or web ACL or rule group, you first create an AWS resource, `RegexPatternSet` with your regex pattern specifications. Then you reference the set when you add a regex pattern set rule statement to a protection pack or web ACL or rule group. A regex pattern set must contain at least one regex pattern. +To use a regex pattern set in a protection pack (web ACL) or rule group, you first create an AWS resource, `RegexPatternSet` with your regex pattern specifications. Then you reference the set when you add a regex pattern set rule statement to a protection pack (web ACL) or rule group. A regex pattern set must contain at least one regex pattern. @@ -37 +37 @@ You can't change the name after you create the regex pattern set. - 4. For **Region** , choose Global (CloudFront) or choose the Region where you want to store the regex pattern set. You can use regional regex pattern sets only in protection pack or web ACLs that protect regional resources. To use a regex pattern set in protection pack or web ACLs that protect Amazon CloudFront distributions, you must use Global (CloudFront). + 4. For **Region** , choose Global (CloudFront) or choose the Region where you want to store the regex pattern set. You can use regional regex pattern sets only in protection packs (web ACLs) that protect regional resources. To use a regex pattern set in protection packs (web ACLs) that protect Amazon CloudFront distributions, you must use Global (CloudFront). @@ -56 +56 @@ Follow the guidance in this section to delete a referenced set. -When you delete an entity that you can use in a protection pack or web ACL, like an IP set, regex pattern set, or rule group, AWS WAF checks to see if the entity is currently being used in a protection pack or web ACL. If it finds that it is in use, AWS WAF warns you. AWS WAF is almost always able to determine if an entity is being referenced by a protection pack or web ACL. However, in rare cases it might not be able to do so. If you need to be sure that nothing is currently using the entity, check for it in your protection pack or web ACLs before deleting it. If the entity is a referenced set, also check that no rule groups are using it. +When you delete an entity that you can use in a protection pack (web ACL), like an IP set, regex pattern set, or rule group, AWS WAF checks to see if the entity is currently being used in a protection pack (web ACL). If it finds that it is in use, AWS WAF warns you. AWS WAF is almost always able to determine if an entity is being referenced by a protection pack (web ACL). However, in rare cases it might not be able to do so. If you need to be sure that nothing is currently using the entity, check for it in your protection packs (web ACLs) before deleting it. If the entity is a referenced set, also check that no rule groups are using it.