AWS waf documentation change
Summary
Updated compliance status reporting behavior for web ACLs in CloudFront flat-rate pricing plans managed by Firewall Manager
Security assessment
The change clarifies compliance status reporting behavior but does not address a security vulnerability or introduce security features. It corrects documentation about system behavior without security implications.
Diff
diff --git a/waf/latest/developerguide/getting-started-fms.md b/waf/latest/developerguide/getting-started-fms.md index 5370b782c..986600417 100644 --- a//waf/latest/developerguide/getting-started-fms.md +++ b//waf/latest/developerguide/getting-started-fms.md @@ -38 +38 @@ A Firewall Manager AWS WAF policy contains the rule groups that you want to appl -Web ACLs that Firewall Manager creates can't participate in CloudFront flat-rate pricing plans. If you attempt to manage a web ACL that's part of a CloudFront flat-rate pricing plan, Firewall Manager permanently displays a noncompliant status for both the CloudFront distribution and the Firewall Manager policy. This state can't be remediated through Firewall Manager or any other action. +Web ACLs that Firewall Manager creates can't participate in CloudFront flat-rate pricing plans. If you attempt to manage a web ACL that's part of a CloudFront flat-rate pricing plan, Firewall Manager does not report compliance status for both the CloudFront distribution and the Firewall Manager policy. This state can't be remediated through Firewall Manager or any other action.