AWS Route53 documentation change
Summary
Renamed documentation references from 'Resolver DNS Firewall domain lists' to 'DNS Firewall Foundational Rules' and 'Resolver DNS Firewall Advanced' to 'DNS Firewall Advanced Rules' throughout the file.
Security assessment
This change only updates terminology and link names without introducing new security content or addressing vulnerabilities. The DNS Firewall features themselves are security-related, but the change is purely documentation labeling.
Diff
diff --git a/Route53/latest/DeveloperGuide/resolver-dns-firewall-overview.md b/Route53/latest/DeveloperGuide/resolver-dns-firewall-overview.md index d4dcd594f..b32b0fb29 100644 --- a//Route53/latest/DeveloperGuide/resolver-dns-firewall-overview.md +++ b//Route53/latest/DeveloperGuide/resolver-dns-firewall-overview.md @@ -46 +46 @@ Defines a named, reusable collection of domain specifications for use in DNS fil -For more information, see [Resolver DNS Firewall domain lists](./resolver-dns-firewall-domain-lists.html). +For more information, see [DNS Firewall Foundational Rules](./resolver-dns-firewall-domain-lists.html). @@ -88 +88 @@ In a DNS Firewall Advanced rule you can choose to either block, or alert on a qu -For more information, see [Resolver DNS Firewall Advanced](./firewall-advanced.html). +For more information, see [DNS Firewall Advanced Rules](./firewall-advanced.html). @@ -152 +152 @@ When DNS Firewall receives a DNS query, it filters the query using the rule grou - * When DNS Firewall finds a match with a rule's domain list, or anomalies identified by DNS Firewall Advanced rule protections, it terminates the query evaluation and responds to VPC Resolver with the result. If the action is `alert`, DNS Firewall also sends an alert to the configured VPC Resolver logs. For more information, see [Rule actions in DNS Firewall](./resolver-dns-firewall-rule-actions.html), [Resolver DNS Firewall domain lists](./resolver-dns-firewall-domain-lists.html), and [Resolver DNS Firewall Advanced](./firewall-advanced.html). + * When DNS Firewall finds a match with a rule's domain list, or anomalies identified by DNS Firewall Advanced rule protections, it terminates the query evaluation and responds to VPC Resolver with the result. If the action is `alert`, DNS Firewall also sends an alert to the configured VPC Resolver logs. For more information, see [Rule actions in DNS Firewall](./resolver-dns-firewall-rule-actions.html), [DNS Firewall Foundational Rules](./resolver-dns-firewall-domain-lists.html), and [DNS Firewall Advanced Rules](./firewall-advanced.html). @@ -165 +165 @@ To implement Resolver DNS Firewall filtering in your Amazon Virtual Private Clou - * **Define your filtering approach, your domain lists, or DNS Firewall protections** – Decide how you want to filter queries, identify the domain specifications that you'll need, and define the logic you'll use to evaluate queries. For example, you might want to allow all queries except for those that are in a list of known bad domains. Or you might want to do the opposite and block all but an approved list of domains, in what is known as a walled garden approach. You can create and manage your own lists of approved or blocked domain specifications and you can use domain lists that AWS manages for you. For DNS Firewall protections you can filter the queries by blocking them all, or you can alert on any suspicious query traffic to domains that may contain anomalies associated with threats (DGA, DNS tunneling, Dictionary DGA) to test your DNS Firewall settings. For more information, see [Resolver DNS Firewall domain lists](./resolver-dns-firewall-domain-lists.html) and [Resolver DNS Firewall Advanced](./firewall-advanced.html). + * **Define your filtering approach, your domain lists, or DNS Firewall protections** – Decide how you want to filter queries, identify the domain specifications that you'll need, and define the logic you'll use to evaluate queries. For example, you might want to allow all queries except for those that are in a list of known bad domains. Or you might want to do the opposite and block all but an approved list of domains, in what is known as a walled garden approach. You can create and manage your own lists of approved or blocked domain specifications and you can use domain lists that AWS manages for you. For DNS Firewall protections you can filter the queries by blocking them all, or you can alert on any suspicious query traffic to domains that may contain anomalies associated with threats (DGA, DNS tunneling, Dictionary DGA) to test your DNS Firewall settings. For more information, see [DNS Firewall Foundational Rules](./resolver-dns-firewall-domain-lists.html) and [DNS Firewall Advanced Rules](./firewall-advanced.html).