AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-10-22 · Documentation low

File: waf/latest/developerguide/classic-security_iam_id-based-policy-examples.md

Summary

Removed redundant statement about default lack of permissions to perform tasks via AWS Management Console/CLI/API, while maintaining core explanation about IAM policies granting permissions.

Security assessment

The change simplifies existing documentation about default permissions without altering security implications. No specific vulnerability or security feature is mentioned. The edit appears to be editorial in nature to improve clarity.

Diff

diff --git a/waf/latest/developerguide/classic-security_iam_id-based-policy-examples.md b/waf/latest/developerguide/classic-security_iam_id-based-policy-examples.md
index 9f775bc26..529bd97d0 100644
--- a//waf/latest/developerguide/classic-security_iam_id-based-policy-examples.md
+++ b//waf/latest/developerguide/classic-security_iam_id-based-policy-examples.md
@@ -23 +23 @@ This is **AWS WAF Classic** documentation. You should only use this version if y
-By default, users and roles don't have permission to create or modify AWS WAF Classic resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles.
+By default, users and roles don't have permission to create or modify AWS WAF Classic resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.