AWS Security ChangesHomeSearch

AWS elasticloadbalancing documentation change

Service: elasticloadbalancing · 2025-11-13 · Documentation medium

File: elasticloadbalancing/latest/application/add-rule.md

Summary

Added JWT validation options to listener rule configuration

Security assessment

Introduces documentation for new JWT validation features that enhance security but doesn't indicate a specific vulnerability being addressed.

Diff

diff --git a/elasticloadbalancing/latest/application/add-rule.md b/elasticloadbalancing/latest/application/add-rule.md
index 70a4f949b..a132cd2a6 100644
--- a//elasticloadbalancing/latest/application/add-rule.md
+++ b//elasticloadbalancing/latest/application/add-rule.md
@@ -75 +75 @@ Regex matching – Maximum 128 characters.
-  9. (Optional) To add an authentication rule to an HTTPS listener, choose **Actions** , **Authenticate users** , chose an identity provider, and provide the required information. For more information, see [Authenticate users using an Application Load Balancer](./listener-authenticate-users.html).
+  9. (Optional, HTTPS listeners only) For **Pre-routing action** , select one of the following actions:
@@ -77 +77,5 @@ Regex matching – Maximum 128 characters.
-  10. For **Actions** , **Routing action** , select one of the following routing actions and provide the required information:
+     * **Authenticate user** – Choose an identity provider and provide the required information. For more information, see [Authenticate users using an Application Load Balancer](./listener-authenticate-users.html).
+
+     * **Validate token** – Enter the JWKS endpoint, issues, and any additional claims. For more information, see [Verify JWTs using an Application Load Balancer](./listener-verify-jwt.html).
+
+  10. For **Routing action** , select one of the following actions: