Open Poweranimal opened 2 years ago
Hi,
The AWS CDK generates the following block all egress rule for SecurityGroups:
SecurityGroup
... "SecurityGroupEgress": [ { "CidrIp": "255.255.255.255/32", "Description": "Disallow all traffic", "FromPort": 252, "IpProtocol": "tcp", "ToPort": 86 } ] ...
The rational for this rule can be found here: https://github.com/aws/aws-cdk/blob/9975ec8ba98fcef7156148d9af79adfdb171514a/packages/%40aws-cdk/aws-ec2/lib/security-group.ts#L621
Though, the generated egress rule fails the W29 (= Security Groups found egress with port range instead of just a single port).
W29
I would suggest to whitelabel this rule for W29.
Hi,
The AWS CDK generates the following block all egress rule for
SecurityGroups:The rational for this rule can be found here: https://github.com/aws/aws-cdk/blob/9975ec8ba98fcef7156148d9af79adfdb171514a/packages/%40aws-cdk/aws-ec2/lib/security-group.ts#L621
Though, the generated egress rule fails the
W29(= Security Groups found egress with port range instead of just a single port).I would suggest to whitelabel this rule for
W29.