AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2025-09-19 · Documentation medium

File: cli/latest/reference/network-firewall/update-firewall-policy.md

Summary

Added EnableTLSSessionHolding parameter documentation for TLS inspection

Security assessment

Documents the same TLS inspection capability as describe-firewall-policy.md, enhancing security controls without addressing a specific vulnerability.

Diff

diff --git a/cli/latest/reference/network-firewall/update-firewall-policy.md b/cli/latest/reference/network-firewall/update-firewall-policy.md
index 50b6e9684..b0c16c301 100644
--- a//cli/latest/reference/network-firewall/update-firewall-policy.md
+++ b//cli/latest/reference/network-firewall/update-firewall-policy.md
@@ -15 +15 @@
-  * [AWS CLI 2.30.2 Command Reference](../../index.html) »
+  * [AWS CLI 2.30.5 Command Reference](../../index.html) »
@@ -304,0 +305,4 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/networ
+> 
+> EnableTLSSessionHolding -> (boolean)
+>
+>> When true, prevents TCP and TLS packets from reaching destination servers until TLS Inspection has evaluated Server Name Indication (SNI) rules. Requires an associated TLS Inspection configuration.
@@ -360 +364,2 @@ JSON Syntax:
-      }
+      },
+      "EnableTLSSessionHolding": true|false
@@ -590 +595 @@ FirewallPolicyResponse -> (structure)
-  * [AWS CLI 2.30.2 Command Reference](../../index.html) »
+  * [AWS CLI 2.30.5 Command Reference](../../index.html) »