AWS cognito documentation change
Summary
Removed section about AWS WAF web ACLs applying only to classic hosted UI
Security assessment
Removal of a note about WAF scope without explicit evidence of addressing a security issue. Could reflect updated functionality but lacks security context.
Diff
diff --git a/cognito/latest/developerguide/cognito-user-pools-managed-login.md b/cognito/latest/developerguide/cognito-user-pools-managed-login.md index f7889bfe9..7a6afb833 100644 --- a//cognito/latest/developerguide/cognito-user-pools-managed-login.md +++ b//cognito/latest/developerguide/cognito-user-pools-managed-login.md @@ -191,4 +190,0 @@ Amazon Cognito user pool tokens are signed using an RS256 algorithm. You can dec -###### AWS WAF web ACLs - -You can configure your user pool to protect the domain that serves your login pages and authorization server with rules in AWS WAF web ACLs. Currently, the rules that you configure apply to these pages only when you managed login branding version is **Hosted UI (classic)**. For more information, see [Things to know about AWS WAF web ACLs and Amazon Cognito](./user-pool-waf.html#user-pool-waf-things-to-know). -