AWS elasticloadbalancing documentation change
Summary
Updated terminology from 'ELB' to 'Elastic Load Balancing' throughout the document for consistency and clarity.
Security assessment
The changes are purely terminological updates replacing the acronym 'ELB' with the full service name 'Elastic Load Balancing'. No security vulnerabilities, weaknesses, or incidents are mentioned or addressed. The security implications of bucket policies and log handling remain unchanged from previous documentation.
Diff
diff --git a/elasticloadbalancing/latest/application/enable-health-check-logging.md b/elasticloadbalancing/latest/application/enable-health-check-logging.md index ad39f8179..07c9269bc 100644 --- a//elasticloadbalancing/latest/application/enable-health-check-logging.md +++ b//elasticloadbalancing/latest/application/enable-health-check-logging.md @@ -9 +9 @@ Step 1: Create an S3 bucketStep 2: Attach a policy to your S3 bucketStep 3: Conf -When you enable health check logs for your load balancer, you must specify the name of the S3 bucket where the load balancer will store the logs. The bucket must have a bucket policy that grants ELB permission to write to the bucket. +When you enable health check logs for your load balancer, you must specify the name of the S3 bucket where the load balancer will store the logs. The bucket must have a bucket policy that grants Elastic Load Balancing permission to write to the bucket. @@ -60 +60 @@ When you enable health-check logs, you must specify an S3 bucket for the health- -Your S3 bucket must have a bucket policy that grants ELB permission to write the health check logs to the bucket. Bucket policies are a collection of JSON statements written in the access policy language to define access permissions for your bucket. Each statement includes information about a single permission and contains a series of elements. +Your S3 bucket must have a bucket policy that grants Elastic Load Balancing permission to write the health check logs to the bucket. Bucket policies are a collection of JSON statements written in the access policy language to define access permissions for your bucket. Each statement includes information about a single permission and contains a series of elements. @@ -62 +62 @@ Your S3 bucket must have a bucket policy that grants ELB permission to write the -If you're using an existing bucket that already has an attached policy, you can add the statement for ELB health check logs to the policy. If you do so, we recommend that you evaluate the resulting set of permissions to ensure that they are appropriate for the users that need access to the bucket for health check logs. +If you're using an existing bucket that already has an attached policy, you can add the statement for Elastic Load Balancing health check logs to the policy. If you do so, we recommend that you evaluate the resulting set of permissions to ensure that they are appropriate for the users that need access to the bucket for health check logs. @@ -113 +113 @@ AWS GovCloud (US) – The following example uses the ARN syntax for the AWS GovC -Previously, for Regions available before August 2022, we required a policy that granted permissions to an ELB account that was specific to the Region. This legacy policy is still supported, but we recommend that you replace it with the newer policy above. If you prefer to keep using the legacy policy, which is not shown here, you can. +Previously, for Regions available before August 2022, we required a policy that granted permissions to an Elastic Load Balancing account that was specific to the Region. This legacy policy is still supported, but we recommend that you replace it with the newer policy above. If you prefer to keep using the legacy policy, which is not shown here, you can. @@ -115 +115 @@ Previously, for Regions available before August 2022, we required a policy that -For reference, here are the IDs of the ELB accounts to specify in `Principal` in the legacy policy. Note that Regions that are not in this list do not support the legacy policy. +For reference, here are the IDs of the Elastic Load Balancing accounts to specify in `Principal` in the legacy policy. Note that Regions that are not in this list do not support the legacy policy. @@ -256 +256 @@ The bucket must meet the requirements described in step 1, and you must attach a -Be sure to disable health check logs before you delete the bucket that you configured for health check logs. Otherwise, if there is a new bucket with the same name and the required bucket policy but created in an AWS account that you don't own, ELB could write the health check logs for your load balancer to this new bucket. +Be sure to disable health check logs before you delete the bucket that you configured for health check logs. Otherwise, if there is a new bucket with the same name and the required bucket policy but created in an AWS account that you don't own, Elastic Load Balancing could write the health check logs for your load balancer to this new bucket. @@ -329 +329 @@ Update the [AWS::ElasticLoadBalancingV2::LoadBalancer](https://docs.aws.amazon.c -After health check logs are enabled for your load balancer, ELB validates the S3 bucket and creates a test file to ensure that the bucket policy specifies the required permissions. You can use the Amazon S3 console to verify that the test file was created. The test file is not an actual health check log file; it doesn't contain example records. +After health check logs are enabled for your load balancer, Elastic Load Balancing validates the S3 bucket and creates a test file to ensure that the bucket policy specifies the required permissions. You can use the Amazon S3 console to verify that the test file was created. The test file is not an actual health check log file; it doesn't contain example records. @@ -331 +331 @@ After health check logs are enabled for your load balancer, ELB validates the S3 -###### To verify that ELB created a test file in your S3 bucket +###### To verify that Elastic Load Balancing created a test file in your S3 bucket @@ -350 +350 @@ If you receive an access denied error, the following are possible causes: - * The bucket policy does not grant ELB permission to write health check logs to the bucket. Verify that you are using the correct bucket policy for the Region. Verify that the resource ARN uses the same bucket name that you specified when you enabled health check logs. Verify that the resource ARN does not include a prefix if you did not specify a prefix when you enabled health check logs. + * The bucket policy does not grant Elastic Load Balancing permission to write health check logs to the bucket. Verify that you are using the correct bucket policy for the Region. Verify that the resource ARN uses the same bucket name that you specified when you enabled health check logs. Verify that the resource ARN does not include a prefix if you did not specify a prefix when you enabled health check logs.