AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-10-22 · Documentation low

File: waf/latest/developerguide/security_iam_id-based-policy-examples.md

Summary

Removed mention of specific interfaces (AWS Management Console, CLI, API) where default permissions apply, simplifying the explanation of AWS WAF resource permissions.

Security assessment

The change clarifies IAM policy defaults but doesn't address a specific vulnerability or weakness. It maintains existing security documentation about permission requirements without introducing new security features or acknowledging a security incident.

Diff

diff --git a/waf/latest/developerguide/security_iam_id-based-policy-examples.md b/waf/latest/developerguide/security_iam_id-based-policy-examples.md
index 059afcb40..53512c76c 100644
--- a//waf/latest/developerguide/security_iam_id-based-policy-examples.md
+++ b//waf/latest/developerguide/security_iam_id-based-policy-examples.md
@@ -15 +15 @@ This section provides identity-based policy examples for AWS WAF.
-By default, users and roles don't have permission to create or modify AWS WAF resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles.
+By default, users and roles don't have permission to create or modify AWS WAF resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.