AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2026-05-22 · Documentation low

File: solutions/latest/distributed-load-testing-on-aws/front-end.md

Summary

Expanded web console documentation to detail three hosting options including secure ALB+ECS Fargate deployment with AWS WAF protection and headless option for network isolation.

Security assessment

The change documents security features like AWS WAF integration and private hosting options but doesn't address any specific security vulnerability.

Diff

diff --git a/solutions/latest/distributed-load-testing-on-aws/front-end.md b/solutions/latest/distributed-load-testing-on-aws/front-end.md
index 608fbf9c3..b1f0d9c4b 100644
--- a//solutions/latest/distributed-load-testing-on-aws/front-end.md
+++ b//solutions/latest/distributed-load-testing-on-aws/front-end.md
@@ -34 +34,11 @@ For more information on the solution’s API, refer to the [Distributed load tes
-This solution includes a web console that you can use to configure and run tests, monitor running tests, and view detailed test results. The console is a ReactJS application built with [Cloudscape](https://cloudscape.design/), an open-source design system for building intuitive web applications. The console is hosted in Amazon S3 and accessed through Amazon CloudFront. The application leverages AWS Amplify to integrate with Amazon Cognito to authenticate users. The web console also contains an option to view live data for a running test, in which it subscribes to the corresponding topic in AWS IoT Core.
+This solution includes a web console that you can use to configure and run tests, monitor running tests, and view detailed test results. The console is a ReactJS application built with [Cloudscape](https://cloudscape.design/), an open-source design system for building intuitive web applications. The application leverages AWS Amplify to integrate with Amazon Cognito to authenticate users. The web console also contains an option to view live data for a running test, in which it subscribes to the corresponding topic in AWS IoT Core.
+
+The solution supports three web console hosting options. The backend architecture and Cognito authentication are identical across all options:
+
+  * **CloudFront + S3 (default)** — The console is hosted in Amazon S3 and accessed through Amazon CloudFront. The web console URL is the CloudFront distribution domain name which can be found in the CloudFormation outputs as **Console**. After you launch the CloudFormation template, you will also receive an email that contains the web console URL and the one-time password to log into it.
+
+  * **ALB + ECS Fargate** — The console runs on an ECS Fargate service behind an Application Load Balancer with a customer-provided ACM certificate and custom domain. An AWS WAF web ACL is deployed in front of the ALB to filter common web-based attacks. This option is suitable for environments where VPC Block Public Access (BPA) policies prevent traffic from public CloudFront distributions, or organizations with zero public internet exposure requirements. For deployment instructions, refer to [Deploy using ALB + ECS Fargate](./deploy-alb-ecs-fargate.html).
+
+  * **Headless (bring your own web server)** — The solution deploys the backend only and provides a downloadable zip archive of the web console static assets. You host the console on your own web server. This option is suitable for organizations that require complete network isolation with no public-facing AWS endpoints, or that need to host the console on existing on-premises or corporate-managed infrastructure. For deployment instructions, refer to [Deploy using headless template (bring your own web server)](./deploy-self-hosted.html).
+
+
@@ -36 +45,0 @@ This solution includes a web console that you can use to configure and run tests
-The web console URL is the CloudFront distribution domain name which can be found in the CloudFormation outputs as **Console**. After you launch the CloudFormation template, you will also receive an email that contains the web console URL and the one-time password to log into it.