AWS network-firewall documentation change
Summary
Added three quotas for container associations: max associations per account (100), max monitoring configs per association (5), and max references per rule group (30).
Security assessment
Operational quota definitions for new feature. No security implications mentioned; quotas prevent resource exhaustion but aren't tied to specific vulnerabilities.
Diff
diff --git a/network-firewall/latest/developerguide/quotas.md b/network-firewall/latest/developerguide/quotas.md index 39974774c..58ca52cd2 100644 --- a//network-firewall/latest/developerguide/quotas.md +++ b//network-firewall/latest/developerguide/quotas.md @@ -21,0 +22 @@ Maximum number of TLS inspection configurations per account per Region. | 20 +Maximum number of container associations per account per Region. | 100 @@ -31,0 +33,2 @@ Maximum number of IP set references per Suricata compatible stateful rule group. +Maximum number of monitoring configurations per container association. | 5 +Maximum number of container association references per rule group. | 30