AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2026-01-25 · Documentation low

File: prescriptive-guidance/latest/security-reference-architecture/network.md

Summary

Updated Elastic Load Balancing references from 'ELB' to 'Elastic Load Balancing' for terminology consistency

Security assessment

The change standardizes terminology by replacing 'ELB' with 'Elastic Load Balancing' in Shield Advanced documentation. While the context involves DDoS protection (a security feature), the modification itself doesn't alter security guidance or address vulnerabilities.

Diff

diff --git a/prescriptive-guidance/latest/security-reference-architecture/network.md b/prescriptive-guidance/latest/security-reference-architecture/network.md
index 00df85d79..e8b3b83e1 100644
--- a//prescriptive-guidance/latest/security-reference-architecture/network.md
+++ b//prescriptive-guidance/latest/security-reference-architecture/network.md
@@ -171 +171 @@ You can send full AWS WAF logs to an S3 bucket in the Log Archive account by con
-[AWS Shield](https://aws.amazon.com/shield/) is a managed DDoS protection service that safeguards applications that run on AWS. There are two tiers of Shield: Shield Standardand Shield Advanced. Shield Standard provides all AWS customers with protection against the most common infrastructure (layers 3 and 4) events at no additional charge. Shield Advanced provides more sophisticated automatic mitigations for unauthorized events that target applications on protected Amazon EC2, Elastic Load Balancing (ELB), CloudFront, AWS Global Accelerator, and Route 53 hosted zones. If you own high-visibility websites or are prone to frequent DDoS attacks, you can consider the additional features that Shield Advanced provides.
+[AWS Shield](https://aws.amazon.com/shield/) is a managed DDoS protection service that safeguards applications that run on AWS. There are two tiers of Shield: Shield Standardand Shield Advanced. Shield Standard provides all AWS customers with protection against the most common infrastructure (layers 3 and 4) events at no additional charge. Shield Advanced provides more sophisticated automatic mitigations for unauthorized events that target applications on protected Amazon EC2, Elastic Load Balancing (Elastic Load Balancing), CloudFront, AWS Global Accelerator, and Route 53 hosted zones. If you own high-visibility websites or are prone to frequent DDoS attacks, you can consider the additional features that Shield Advanced provides.
@@ -173 +173 @@ You can send full AWS WAF logs to an S3 bucket in the Log Archive account by con
-You can use the [Shield Advanced automatic application layer DDoS mitigation feature](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-automatic-app-layer-response.html) to configure Shield Advanced to respond automatically to mitigate application layer (layer 7) attacks against your protected CloudFront distributions, Elastic Load Balancing (ELB) load balancers (Application, Network, and Classic), Amazon Route 53 hosted zones, Amazon EC2 Elastic IP addresses, and AWS Global Accelerator standard accelerators. When you enable this feature, Shield Advanced automatically generates custom AWS WAF rules to mitigate DDoS attacks. Shield Advanced also gives you access to the [AWS Shield Response Team](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-srt-support.html) (SRT). You can contact SRT at any time to create and manage custom mitigations for your application or during an active DDoS attack. If you want SRT to proactively monitor your protected resources and contact you during a DDoS attempt, consider enabling the [proactive engagement](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-srt-proactive-engagement.html) feature.
+You can use the [Shield Advanced automatic application layer DDoS mitigation feature](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-automatic-app-layer-response.html) to configure Shield Advanced to respond automatically to mitigate application layer (layer 7) attacks against your protected CloudFront distributions, Elastic Load Balancing (Elastic Load Balancing) load balancers (Application, Network, and Classic), Amazon Route 53 hosted zones, Amazon EC2 Elastic IP addresses, and AWS Global Accelerator standard accelerators. When you enable this feature, Shield Advanced automatically generates custom AWS WAF rules to mitigate DDoS attacks. Shield Advanced also gives you access to the [AWS Shield Response Team](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-srt-support.html) (SRT). You can contact SRT at any time to create and manage custom mitigations for your application or during an active DDoS attack. If you want SRT to proactively monitor your protected resources and contact you during a DDoS attempt, consider enabling the [proactive engagement](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-srt-proactive-engagement.html) feature.