AWS Security ChangesHomeSearch

AWS AmazonCloudFront documentation change

Service: AmazonCloudFront · 2026-05-31 · Documentation low

File: AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.md

Summary

Updated image references for checkmark icons to include descriptive alt text

Security assessment

The changes only modify image references by adding descriptive alt text ('Green circle with white checkmark icon') without altering security content, features, or configurations. The security-related features mentioned (DDoS protection, WAF, etc.) remain unchanged.

Diff

diff --git a/AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.md b/AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.md
index 20665b9ea..33ff77968 100644
--- a//AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.md
+++ b//AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.md
@@ -111,15 +111,15 @@ Performance and Delivery | Free | Pro | Business | Premium
-**Global CDN** Use CloudFront's 750+ global edge locations as a massive, distributed, single point of entry for your web application. Accelerate static, dynamic, and non-cacheable applications. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Content caching** Store copies of your content in CloudFront's 750+ edge locations worldwide, delivering it to users from the nearest location. Reduces load times, protects your application from traffic spikes, and saves costs by serving repeated requests locally instead of from your application servers. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Fast cache invalidations** Remove or update cached content across all edge locations within seconds. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Invalidations by cache tag** Assign custom tags to your content and remove all cached content sharing a specific tag, without tracking individual file paths. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Smart routing** Intelligently routes users to the optimal edge location using real-time network data, and connects to your AWS origin through the AWS private network for better performance. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Tiered caching** [Regional edge caches](./HowCloudFrontWorks.html#CloudFrontRegionaledgecaches) sit between edge locations and your application to store content longer, reducing load on your application and maintaining fast delivery. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Default caching rules** Makes effective caching decisions to cache most web applications without custom configuration. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Custom caching rules** Control how CloudFront caches content by specifying which request values to use, optimizing for your application's performance, personalization, and freshness needs using [cache policies](./controlling-the-cache-key.html). |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**High-speed origin routing** With [Origin Shield](./origin-shield.html), dynamic requests are routed from edge locations to your origin using CloudFront's private network for high-performance path to your origin. |  |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Origin load reduction** Adds an additional caching layer close to your web application using [Origin Shield](./origin-shield.html). Origin Shield consolidates requests from all edge locations, reducing load on your application particularly during traffic spikes. |  |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Automatic origin failover** Automatically routes traffic to a backup origin if your primary origin fails, [maintaining high availability](./high_availability_origin_failover.html) without disrupting users. |  |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Default origin request rules** Control which information from viewer requests is automatically included in requests to your origin, using [AWS managed origin request policies](./using-managed-origin-request-policies.html) optimized for common scenarios. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Default response header rules** Use [AWS managed response header policies](./using-managed-response-headers-policies.html) to add or remove HTTP headers in responses to viewers, preconfigured for common security headers, CORS settings, and other standard use cases. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Custom origin request rules** Create your own [origin request policies](./controlling-origin-requests.html) to specify exactly which URL query strings, headers, and cookies are forwarded to your origin, enabling custom analytics and request handling. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Custom response header rules** Create your own [response header policies](./modifying-response-headers.html) to control exactly which HTTP headers CloudFront adds or removes in responses to viewers, such as security headers, Content Security Policy (CSP), CORS settings, and custom application headers. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Global CDN** Use CloudFront's 750+ global edge locations as a massive, distributed, single point of entry for your web application. Accelerate static, dynamic, and non-cacheable applications. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Content caching** Store copies of your content in CloudFront's 750+ edge locations worldwide, delivering it to users from the nearest location. Reduces load times, protects your application from traffic spikes, and saves costs by serving repeated requests locally instead of from your application servers. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Fast cache invalidations** Remove or update cached content across all edge locations within seconds. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Invalidations by cache tag** Assign custom tags to your content and remove all cached content sharing a specific tag, without tracking individual file paths. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Smart routing** Intelligently routes users to the optimal edge location using real-time network data, and connects to your AWS origin through the AWS private network for better performance. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Tiered caching** [Regional edge caches](./HowCloudFrontWorks.html#CloudFrontRegionaledgecaches) sit between edge locations and your application to store content longer, reducing load on your application and maintaining fast delivery. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Default caching rules** Makes effective caching decisions to cache most web applications without custom configuration. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Custom caching rules** Control how CloudFront caches content by specifying which request values to use, optimizing for your application's performance, personalization, and freshness needs using [cache policies](./controlling-the-cache-key.html). |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**High-speed origin routing** With [Origin Shield](./origin-shield.html), dynamic requests are routed from edge locations to your origin using CloudFront's private network for high-performance path to your origin. |  |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Origin load reduction** Adds an additional caching layer close to your web application using [Origin Shield](./origin-shield.html). Origin Shield consolidates requests from all edge locations, reducing load on your application particularly during traffic spikes. |  |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Automatic origin failover** Automatically routes traffic to a backup origin if your primary origin fails, [maintaining high availability](./high_availability_origin_failover.html) without disrupting users. |  |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Default origin request rules** Control which information from viewer requests is automatically included in requests to your origin, using [AWS managed origin request policies](./using-managed-origin-request-policies.html) optimized for common scenarios. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Default response header rules** Use [AWS managed response header policies](./using-managed-response-headers-policies.html) to add or remove HTTP headers in responses to viewers, preconfigured for common security headers, CORS settings, and other standard use cases. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Custom origin request rules** Create your own [origin request policies](./controlling-origin-requests.html) to specify exactly which URL query strings, headers, and cookies are forwarded to your origin, enabling custom analytics and request handling. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Custom response header rules** Create your own [response header policies](./modifying-response-headers.html) to control exactly which HTTP headers CloudFront adds or removes in responses to viewers, such as security headers, Content Security Policy (CSP), CORS settings, and custom application headers. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -128,3 +128,3 @@ Performance and Delivery | Free | Pro | Business | Premium
-**Always-on DDoS protection** Protect against DDoS attacks that target your websites or applications. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Advanced DDoS Protection** Identify and block DDoS attacks in seconds using the [AntiDDoS AMR](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html). AWS learns your unique application patterns to distinguish between attacks and natural surges from legitimate users. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Web Application Firewall (WAF)** Protect against common application vulnerabilities and potential threats based on Amazon internal threat intelligence. Requests are blocked before reaching your servers. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Always-on DDoS protection** Protect against DDoS attacks that target your websites or applications. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Advanced DDoS Protection** Identify and block DDoS attacks in seconds using the [AntiDDoS AMR](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html). AWS learns your unique application patterns to distinguish between attacks and natural surges from legitimate users. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Web Application Firewall (WAF)** Protect against common application vulnerabilities and potential threats based on Amazon internal threat intelligence. Requests are blocked before reaching your servers. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -132,11 +132,11 @@ Performance and Delivery | Free | Pro | Business | Premium
-**Protections for WordPress, PHP, and SQL databases** Use-case based security rules to protect common applications and operating systems like WordPress, PHP, SQL databases, Linux, and Windows. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**AI traffic analytics** Monitor access patterns, request volumes, and popular paths of AI bots interacting with your content. AI bots are classified based on intent to detect activities like potentially unauthorized scraping used for training. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**IP-based rate limiting** Automatically block IP addresses that exceed a configurable number of requests over a 5-minute period, protecting against HTTP flood attacks and Denial of Service (DoS) attempts. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Geographic traffic blocking** Block requests from selected countries or regions. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**CAPTCHA challenge** Require requests matching specific security rules to solve a CAPTCHA puzzle to prove that a human being is sending the request. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Header-based threat filtering** Create WAF security rules that filter threats based on HTTP request headers. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Regex-based threat filtering** Create WAF security rules using regular expressions to match URI paths and HTTP request attributes. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**JavaScript challenge** Block automated threats by requiring browsers to complete JavaScript challenges that verify legitimate users. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Bot management and analytics (+AI bots)** Detect and analyze bot traffic with [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) for common bots. Provides controls to block, challenge, or allow unverified bots while identifying and distinguishing verified bots like search engines. Monitor AI bots and take action based on bot intent. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Custom WAF response** Set a specific HTTP status code and optional custom HTML, plain text, or JSON response when requests are blocked by a rule. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Header Insertion** Add custom HTTP headers to requests that pass WAF inspection, enabling downstream applications to process requests differently or flag them for analysis. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Protections for WordPress, PHP, and SQL databases** Use-case based security rules to protect common applications and operating systems like WordPress, PHP, SQL databases, Linux, and Windows. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**AI traffic analytics** Monitor access patterns, request volumes, and popular paths of AI bots interacting with your content. AI bots are classified based on intent to detect activities like potentially unauthorized scraping used for training. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**IP-based rate limiting** Automatically block IP addresses that exceed a configurable number of requests over a 5-minute period, protecting against HTTP flood attacks and Denial of Service (DoS) attempts. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Geographic traffic blocking** Block requests from selected countries or regions. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**CAPTCHA challenge** Require requests matching specific security rules to solve a CAPTCHA puzzle to prove that a human being is sending the request. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Header-based threat filtering** Create WAF security rules that filter threats based on HTTP request headers. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Regex-based threat filtering** Create WAF security rules using regular expressions to match URI paths and HTTP request attributes. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**JavaScript challenge** Block automated threats by requiring browsers to complete JavaScript challenges that verify legitimate users. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Bot management and analytics (+AI bots)** Detect and analyze bot traffic with [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) for common bots. Provides controls to block, challenge, or allow unverified bots while identifying and distinguishing verified bots like search engines. Monitor AI bots and take action based on bot intent. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Custom WAF response** Set a specific HTTP status code and optional custom HTML, plain text, or JSON response when requests are blocked by a rule. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Header Insertion** Add custom HTTP headers to requests that pass WAF inspection, enabling downstream applications to process requests differently or flag them for analysis. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -144,6 +144,6 @@ Performance and Delivery | Free | Pro | Business | Premium
-**Private origins within VPC** Enhance security by keeping your application in a VPC private subnet, accessible only through your CloudFront distributions and hidden from the public internet, using [VPC origins](./private-content-vpc-origins.html). |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Mutual TLS (origin)** Restrict unauthorized access to your application (origin) using TLS-based client certificates, ensuring only your authorized CloudFront distributions can establish connections to your application. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Origin Access Control (OAC)** Maintain a private S3 bucket and only allow access through your designated CloudFront distribution, ensuring your content is protected by your WAF rules, rate limits, and other security controls configured in your CloudFront distribution. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Free TLS certificate** Free TLS certificate for your domain with automatic renewal through AWS Certificate Manager. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Signed URLs** Create secure URLs that provide temporary access to private content for specific users. Commonly used to share private documents with authorized users or grant secure access to protected content after payment verification. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Mutual TLS (mTLS)** Restrict access to your application using mTLS authentication, ensuring only trusted clients with valid certificates can connect. |  |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Private origins within VPC** Enhance security by keeping your application in a VPC private subnet, accessible only through your CloudFront distributions and hidden from the public internet, using [VPC origins](./private-content-vpc-origins.html). |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Mutual TLS (origin)** Restrict unauthorized access to your application (origin) using TLS-based client certificates, ensuring only your authorized CloudFront distributions can establish connections to your application. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Origin Access Control (OAC)** Maintain a private S3 bucket and only allow access through your designated CloudFront distribution, ensuring your content is protected by your WAF rules, rate limits, and other security controls configured in your CloudFront distribution. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Free TLS certificate** Free TLS certificate for your domain with automatic renewal through AWS Certificate Manager. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Signed URLs** Create secure URLs that provide temporary access to private content for specific users. Commonly used to share private documents with authorized users or grant secure access to protected content after payment verification. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Mutual TLS (mTLS)** Restrict access to your application using mTLS authentication, ensuring only trusted clients with valid certificates can connect. |  |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -151,2 +151,2 @@ Performance and Delivery | Free | Pro | Business | Premium
-**Serverless edge compute** Run lightweight JavaScript at the edge to modify URLs, HTTP headers, and request/response elements in milliseconds using [CloudFront Functions](./cloudfront-functions.html). Lambda@Edge can also be used with all plan tiers, but unlike CloudFront Functions, Lambda@Edge invocations are billed on a pay-as-you-go basis. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Edge key-value store** Store data at the edge using [KeyValueStore](./kvs-with-functions.html) for fast and dynamic content customization with CloudFront Functions. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Serverless edge compute** Run lightweight JavaScript at the edge to modify URLs, HTTP headers, and request/response elements in milliseconds using [CloudFront Functions](./cloudfront-functions.html). Lambda@Edge can also be used with all plan tiers, but unlike CloudFront Functions, Lambda@Edge invocations are billed on a pay-as-you-go basis. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Edge key-value store** Store data at the edge using [KeyValueStore](./kvs-with-functions.html) for fast and dynamic content customization with CloudFront Functions. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -154,5 +154,5 @@ Performance and Delivery | Free | Pro | Business | Premium
-**IPv6** Deliver content over both modern IPv6 and traditional IPv4 connections from CloudFront to viewers and origins. Enables end-to-end IPv6 support for your applications. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**HTTP/2** Enable faster page loads through modern protocol features like multiplexing, header compression, and stream prioritization. Automatically used when supported by browsers and clients. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**HTTP/3** Deliver content using QUIC to browsers and clients that support it, enabling faster connections and improved performance. Particularly benefits mobile users and maintains connections when network conditions change. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**TLS 1.3** Deliver faster HTTPS connections through a handshake process that requires one round-trip compared to two in TLS 1.2. Reduces first byte latency by up to 33% compared to previous TLS versions. Enabled end-to-end for your applications. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**WebSockets** Enable real-time, persistent two-way communication between browsers and servers. Ideal for AI chat applications, multi-player gaming, collaborative workspaces, and real-time data feeds like financial trading platforms. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**IPv6** Deliver content over both modern IPv6 and traditional IPv4 connections from CloudFront to viewers and origins. Enables end-to-end IPv6 support for your applications. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**HTTP/2** Enable faster page loads through modern protocol features like multiplexing, header compression, and stream prioritization. Automatically used when supported by browsers and clients. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**HTTP/3** Deliver content using QUIC to browsers and clients that support it, enabling faster connections and improved performance. Particularly benefits mobile users and maintains connections when network conditions change. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**TLS 1.3** Deliver faster HTTPS connections through a handshake process that requires one round-trip compared to two in TLS 1.2. Reduces first byte latency by up to 33% compared to previous TLS versions. Enabled end-to-end for your applications. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**WebSockets** Enable real-time, persistent two-way communication between browsers and servers. Ideal for AI chat applications, multi-player gaming, collaborative workspaces, and real-time data feeds like financial trading platforms. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -160,3 +160,3 @@ Performance and Delivery | Free | Pro | Business | Premium
-**Access Logs** Access detailed CloudFront [request logs](./standard-logs-reference.html) to understand security and delivery traffic patterns, with Amazon CloudWatch Logs ingestion is included at no extra cost. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**WAF request logs** Access detailed AWS WAF request logs to understand security and delivery traffic patterns. Amazon CloudWatch Logs ingestion is included at no extra cost. |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Security dashboard** Monitor security events, investigate threats, and take immediate blocking actions using visual analytics without writing security rules. Pro and above includes visual log analyzer to quickly understand traffic patterns without querying logs. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Access Logs** Access detailed CloudFront [request logs](./standard-logs-reference.html) to understand security and delivery traffic patterns, with Amazon CloudWatch Logs ingestion is included at no extra cost. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**WAF request logs** Access detailed AWS WAF request logs to understand security and delivery traffic patterns. Amazon CloudWatch Logs ingestion is included at no extra cost. |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Security dashboard** Monitor security events, investigate threats, and take immediate blocking actions using visual analytics without writing security rules. Pro and above includes visual log analyzer to quickly understand traffic patterns without querying logs. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -164 +164 @@ Performance and Delivery | Free | Pro | Business | Premium
-**Amazon Route 53 DNS** Fast, reliable public authoritative DNS service using Route 53. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Amazon Route 53 DNS** Fast, reliable public authoritative DNS service using Route 53. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -166 +166 @@ Performance and Delivery | Free | Pro | Business | Premium
-**DNSSEC** Protect your domain against DNS spoofing and man-in-the-middle attacks where attackers intercept DNS queries and redirect visitors to fake websites. Secures DNS traffic by cryptographically signing your DNS records. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**DNSSEC** Protect your domain against DNS spoofing and man-in-the-middle attacks where attackers intercept DNS queries and redirect visitors to fake websites. Secures DNS traffic by cryptographically signing your DNS records. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
@@ -170,3 +170,3 @@ Performance and Delivery | Free | Pro | Business | Premium
-**24x7 account and billing support** One-on-one responses to account and billing questions. If you have a paid support plan, you're eligible to receive support on all flat-rate plans. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Documentation and AWS Support forums** Access product documentation, technical papers, best practices guides, AWS re:Post community forums, and service health information to help you plan and troubleshoot. | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
-**Uptime SLA** Service Level Agreements (SLA) for Amazon CloudFront, AWS WAF, Amazon Route 53, and Amazon CloudWatch provide service availability commitments. In the event AWS does not meet the associated SLA's commitment, you will be eligible to receive a service credit. |  |  | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**24x7 account and billing support** One-on-one responses to account and billing questions. If you have a paid support plan, you're eligible to receive support on all flat-rate plans. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Documentation and AWS Support forums** Access product documentation, technical papers, best practices guides, AWS re:Post community forums, and service health information to help you plan and troubleshoot. | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)  
+**Uptime SLA** Service Level Agreements (SLA) for Amazon CloudFront, AWS WAF, Amazon Route 53, and Amazon CloudWatch provide service availability commitments. In the event AWS does not meet the associated SLA's commitment, you will be eligible to receive a service credit. |  |  | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png) | Yes ![Green circle with white checkmark icon.](/images/AmazonCloudFront/latest/DeveloperGuide/images/icon-yes.png)