Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in AWS by (5.6k points)

I'm working with AWS and I want to set a Security Group egress rule that will block all outbound traffic. How can I do this using CloudFormation?

1 Answer

0 votes
by (12.4k points)

There is no option for denying traffic for security groups, it's just that you can leave them empty.

So you can define a rule that doesn't do anything so that the default rule is not applied.

You can take reference from the below:

"InstanceSecurityGroup": {

  "Type": "AWS::EC2::SecurityGroup",

  "Properties": {

    "VpcId": {

      "Ref": "VPC"

    },

    "SecurityGroupIngress": [

      {

        "IpProtocol": "tcp",

        "FromPort": "80",

        "ToPort": "80",

        "CidrIp": "0.0.0.0/0"

      }

    ],

    "SecurityGroupEgress": [

      {

        "IpProtocol": "tcp",

        "FromPort": "1",

        "ToPort": "1",

        "CidrIp": "0.0.0.0/32"

      }

    ]

  }

Enroll in this AWS Training to learn AWS in depth.

For more details on AWS CloudFormation, you can check out the video tutorial below.

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer
0 votes
1 answer

31k questions

32.8k answers

501 comments

693 users

Browse Categories

...