SecurityGroup Hook does not allow creation of an SG for outbound rules only

aws-cloudformation / aws-cloudformation-samples

Apache License 2.0

134 stars 55 forks source link

SecurityGroup Hook does not allow creation of an SG for outbound rules only #73

Closed networkprogrammer closed 1 year ago

networkprogrammer commented 1 year ago

I am running into an issue where I need to create an SG for outbound only lambda communication. This hook causes a failure when creating such a rule.

Resources:
    InstanceSecurityGroup:
        Type: "AWS::EC2::SecurityGroup"
        Properties:
            GroupName: "Security Group"
            GroupDescription: "Lambda Traffic"
            VpcId: !Ref "VPCId"
            SecurityGroupEgress:
                - IpProtocol: "-1"
                  CidrIp: "0.0.0.0/0"

mrinaudo-aws commented 1 year ago

Hi @networkprogrammer ! I have used the example snippet you mentioned above (together with a test VPC resource I referenced), and I am not able to reproduce the issue: I can see the hook's status to be successful for the AWS::EC2::SecurityGroup resource I am creating. Can you please try again/confirm?

mrinaudo-aws commented 1 year ago

Hi @networkprogrammer - closing this issue, and feel free to reopen it as needed. Thank you!