AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-12-10 · Documentation low

File: waf/latest/developerguide/create-policy.md

Summary

Multiple updates: 1) Console link update, 2) Security group reference documentation link change, 3) Network Firewall import documentation link update

Security assessment

Changes are documentation improvements and link corrections. No security vulnerabilities addressed, though some links relate to security features (security groups/firewalls). The modifications clarify existing documentation without adding new security guidance

Diff

diff --git a/waf/latest/developerguide/create-policy.md b/waf/latest/developerguide/create-policy.md
index 539ddcd97..ac06cbd74 100644
--- a//waf/latest/developerguide/create-policy.md
+++ b//waf/latest/developerguide/create-policy.md
@@ -9 +9 @@ Create a policy for AWS WAFCreate a policy for AWS WAF ClassicCreate a policy fo
-You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). 
+You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the console](https://docs.aws.amazon.com/waf/latest/developerguide/working-with-console.html). 
@@ -327 +327 @@ Firewall Manager won't distribute system tags added by AWS services into the rep
-If you choose **Distribute security group references from the primary security group to the security groups created by this policy** , Firewall Manager only distributes the security group references if they have an active peering connection in Amazon VPC. For information about this option, see [Policy rules settings](./security-group-policies-common.html#sg-references).
+If you choose **Distribute security group references from the primary security group to the security groups created by this policy** , Firewall Manager only distributes the security group references if they have an active peering connection in Amazon VPC. For information about this option, see [Using common security group policies with Firewall Manager](./security-group-policies-common.html).
@@ -661 +661 @@ Auto remediation happens automatically for AWS Firewall Manager Network Firewall
-     * If you're using a **import existing firewalls** firewall management type, in **Resource sets** add one or more resource sets. A resource set defines the existing Network Firewall firewalls owned by your organization's account that you want to centrally manage in this policy. To add a resource set to the policy, you must first create a resource set using the console or the [PutResourceSet](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutResourceSet.html) API. For information about resource sets, see [Grouping your resources in Firewall Manager](./fms-resource-sets.html). For more information about importing existing firewalls from Network Firewall, see [import existing firewalls.](./fms-create-firewall-endpoints.html#import-existing-nwfw-firewalls-limitations)
+     * If you're using a **import existing firewalls** firewall management type, in **Resource sets** add one or more resource sets. A resource set defines the existing Network Firewall firewalls owned by your organization's account that you want to centrally manage in this policy. To add a resource set to the policy, you must first create a resource set using the console or the [PutResourceSet](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutResourceSet.html) API. For information about resource sets, see [Grouping your resources in Firewall Manager](./fms-resource-sets.html). For more information about importing existing firewalls from Network Firewall, see [How Firewall Manager creates firewall endpoints](./fms-create-firewall-endpoints.html).