I am using the following egress rule in a security group definition of a cloudformation template
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 0
ToPort: 65535
CidrIp: 0.0.0.0/0
However this does not end up in a rule that allow all outbound traffic;
What is the proper way to define an allow-all-outbound rule?
This is an old thread, but people still find it in searches... True, there are times the default doesn't work well, such as when using cfn_nag_scan to scan the cft.
Here is what you are looking for:
SecurityGroupEgress:
- Description: Allow all outbound traffic
IpProtocol: "-1"
CidrIp: 0.0.0.0/0