AWS elasticloadbalancing documentation change
Summary
Updated documentation to use 'ELB' acronym instead of 'Elastic Load Balancing' throughout the text
Security assessment
The changes are purely terminological updates (full service name to acronym) without altering security requirements or recommendations. No new security guidance was added and no vulnerabilities were addressed. The existing security implications of proper S3 bucket policies remain unchanged.
Diff
diff --git a/elasticloadbalancing/latest/application/enable-access-logging.md b/elasticloadbalancing/latest/application/enable-access-logging.md index 87f4f0f58..d3f252e0e 100644 --- a//elasticloadbalancing/latest/application/enable-access-logging.md +++ b//elasticloadbalancing/latest/application/enable-access-logging.md @@ -9 +9 @@ Step 1: Create an S3 bucketStep 2: Attach a policy to your S3 bucketStep 3: Conf -When you enable access logs for your load balancer, you must specify the name of the S3 bucket where the load balancer will store the logs. The bucket must have a bucket policy that grants Elastic Load Balancing permission to write to the bucket. +When you enable access logs for your load balancer, you must specify the name of the S3 bucket where the load balancer will store the logs. The bucket must have a bucket policy that grants ELB permission to write to the bucket. @@ -60 +60 @@ When you enable access logs, you must specify an S3 bucket for the access logs. -Your S3 bucket must have a bucket policy that grants Elastic Load Balancing permission to write the access logs to the bucket. Bucket policies are a collection of JSON statements written in the access policy language to define access permissions for your bucket. Each statement includes information about a single permission and contains a series of elements. +Your S3 bucket must have a bucket policy that grants ELB permission to write the access logs to the bucket. Bucket policies are a collection of JSON statements written in the access policy language to define access permissions for your bucket. Each statement includes information about a single permission and contains a series of elements. @@ -62 +62 @@ Your S3 bucket must have a bucket policy that grants Elastic Load Balancing perm -If you're using an existing bucket that already has an attached policy, you can add the statement for Elastic Load Balancing access logs to the policy. If you do so, we recommend that you evaluate the resulting set of permissions to ensure that they are appropriate for the users that need access to the bucket for access logs. +If you're using an existing bucket that already has an attached policy, you can add the statement for ELB access logs to the policy. If you do so, we recommend that you evaluate the resulting set of permissions to ensure that they are appropriate for the users that need access to the bucket for access logs. @@ -113 +113 @@ AWS GovCloud (US) – The following example uses the ARN syntax for the AWS GovC -Previously, for Regions available before August 2022, we required a policy that granted permissions to an Elastic Load Balancing account that was specific to the Region. This legacy policy is still supported, but we recommend that you replace it with the newer policy above. If you prefer to keep using the legacy policy, which is not shown here, you can. +Previously, for Regions available before August 2022, we required a policy that granted permissions to an ELB account that was specific to the Region. This legacy policy is still supported, but we recommend that you replace it with the newer policy above. If you prefer to keep using the legacy policy, which is not shown here, you can. @@ -115 +115 @@ Previously, for Regions available before August 2022, we required a policy that -For reference, here are the IDs of the Elastic Load Balancing accounts to specify in `Principal` in the legacy policy. Note that Regions that are not in this list do not support the legacy policy. +For reference, here are the IDs of the ELB accounts to specify in `Principal` in the legacy policy. Note that Regions that are not in this list do not support the legacy policy. @@ -298 +298 @@ The bucket must meet the requirements described in step 1, and you must attach a -Be sure to disable access logs before you delete the bucket that you configured for access logs. Otherwise, if there is a new bucket with the same name and the required bucket policy but created in an AWS account that you don't own, Elastic Load Balancing could write the access logs for your load balancer to this new bucket. +Be sure to disable access logs before you delete the bucket that you configured for access logs. Otherwise, if there is a new bucket with the same name and the required bucket policy but created in an AWS account that you don't own, ELB could write the access logs for your load balancer to this new bucket. @@ -371 +371 @@ Update the [AWS::ElasticLoadBalancingV2::LoadBalancer](https://docs.aws.amazon.c -After access logs are enabled for your load balancer, Elastic Load Balancing validates the S3 bucket and creates a test file to ensure that the bucket policy specifies the required permissions. You can use the Amazon S3 console to verify that the test file was created. The test file is not an actual access log file; it doesn't contain example records. +After access logs are enabled for your load balancer, ELB validates the S3 bucket and creates a test file to ensure that the bucket policy specifies the required permissions. You can use the Amazon S3 console to verify that the test file was created. The test file is not an actual access log file; it doesn't contain example records. @@ -392 +392 @@ If you receive an access denied error, the following are possible causes: - * The bucket policy does not grant Elastic Load Balancing permission to write access logs to the bucket. Verify that you are using the correct bucket policy for the Region. Verify that the resource ARN uses the same bucket name that you specified when you enabled access logs. Verify that the resource ARN does not include a prefix if you did not specify a prefix when you enabled access logs. + * The bucket policy does not grant ELB permission to write access logs to the bucket. Verify that you are using the correct bucket policy for the Region. Verify that the resource ARN uses the same bucket name that you specified when you enabled access logs. Verify that the resource ARN does not include a prefix if you did not specify a prefix when you enabled access logs.