AWS cli documentation change
Summary
Added documentation for EnableTLSSessionHolding parameter requiring TLS inspection of SNI rules
Security assessment
Documents a new TLS inspection capability that delays traffic until SNI evaluation, enhancing security controls but not addressing a known vulnerability.
Diff
diff --git a/cli/latest/reference/network-firewall/describe-firewall-policy.md b/cli/latest/reference/network-firewall/describe-firewall-policy.md index d992c0b98..cfec4bf7a 100644 --- a//cli/latest/reference/network-firewall/describe-firewall-policy.md +++ b//cli/latest/reference/network-firewall/describe-firewall-policy.md @@ -15 +15 @@ - * [AWS CLI 2.30.2 Command Reference](../../index.html) » + * [AWS CLI 2.30.5 Command Reference](../../index.html) » @@ -470,0 +471,4 @@ FirewallPolicy -> (structure) +> +> EnableTLSSessionHolding -> (boolean) +> +>> When true, prevents TCP and TLS packets from reaching destination servers until TLS Inspection has evaluated Server Name Indication (SNI) rules. Requires an associated TLS Inspection configuration. @@ -482 +486 @@ FirewallPolicy -> (structure) - * [AWS CLI 2.30.2 Command Reference](../../index.html) » + * [AWS CLI 2.30.5 Command Reference](../../index.html) »