AWS CloudFormation
User Guide (API Version 2010-05-15)
AWS Documentation » AWS CloudFormation » User Guide » Template Reference » AWS Resource Types Reference » AWS::EC2::SecurityGroupEgress
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...

AWS::EC2::SecurityGroupEgress

The AWS::EC2::SecurityGroupEgress type adds an egress rule to an Amazon VPC security group.

This type supports updates. For more information about updating stacks, see Updating AWS CloudFormation Stacks.

For more information about adding egress rules to Amazon VPC security groups, go to AuthorizeSecurityGroupEgress in the Amazon Elastic Compute Cloud API Reference.

Syntax

{
   "CidrIp" : String,
   "DestinationSecurityGroupId" : String,
   "FromPort" : Number,
   "GroupId" : String,
   "IpProtocol" : String,
   "ToPort" : Number
}

Properties

CidrIp

CIDR range.

Type: String.

Required: Conditional. Cannot be used when specifying a destination security group.

Update requires: no interruption

DestinationSecurityGroupId

Specifies the GroupId of the destination Amazon VPC security group.

Type: String.

Required: Conditional. Cannot be used when specifying a CIDR IP address.

Update requires: no interruption

FromPort

Start of port range for the TCP and UDP protocols, or an ICMP type number. An ICMP type number of -1 indicates a wildcard (i.e., any ICMP type number).

Type: String.

Required: Yes.

Update requires: no interruption

GroupId

ID of the Amazon VPC security group to modify. This value can be a reference to an AWS::EC2::SecurityGroup resource that has a valid VpcId property or the ID of an existing Amazon VPC security group.

Type: String.

Required: Yes.

Update requires: no interruption

IpProtocol

IP protocol name or number. For valid values, see the IpProtocol parameter in AuthorizeSecurityGroupIngress

Type: String.

Required: Yes.

Update requires: no interruption

ToPort

End of port range for the TCP and UDP protocols, or an ICMP code. An ICMP code of -1 indicates a wildcard (i.e., any ICMP code).

Type: String.

Required: Yes.

Update requires: no interruption

Return Values

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, it returns the resource name.

For more information about using the Ref function, see Ref.

Example

"SecurityGroupEgress" : [ {
   "IpProtocol" : "tcp",
   "FromPort" : "80",
   "ToPort" : "80",
   "CidrIp" : "0.0.0.0/0"
} ]
Document Conventions« PreviousNext »
Terms of UseDid this page help you?  Yes | No |  Tell us about it...