Data Source schema for AWS::EC2::SecurityGroupEgress
id
(String) Uniquely identifies the resource.cidr_ip
(String) The IPv4 address range, in CIDR format.
You must specify exactly one of the following: CidrIp
, CidrIpv6
, DestinationPrefixListId
, or DestinationSecurityGroupId
.
For examples of rules that you can add to security groups for specific access scenarios, see Security group rules for different use cases in the User Guide.cidr_ipv_6
(String) The IPv6 address range, in CIDR format.
You must specify exactly one of the following: CidrIp
, CidrIpv6
, DestinationPrefixListId
, or DestinationSecurityGroupId
.
For examples of rules that you can add to security groups for specific access scenarios, see Security group rules for different use cases in the User Guide.description
(String) The description of an egress (outbound) security group rule.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*destination_prefix_list_id
(String) The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.
You must specify exactly one of the following: CidrIp
, CidrIpv6
, DestinationPrefixListId
, or DestinationSecurityGroupId
.destination_security_group_id
(String) The ID of the security group.
You must specify exactly one of the following: CidrIp
, CidrIpv6
, DestinationPrefixListId
, or DestinationSecurityGroupId
.from_port
(Number) If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).group_id
(String) The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.ip_protocol
(String) The IP protocol name (tcp
, udp
, icmp
, icmpv6
) or number (see Protocol Numbers).
Use -1
to specify all protocols. When authorizing security group rules, specifying -1
or a protocol number other than tcp
, udp
, icmp
, or icmpv6
allows traffic on all ports, regardless of any port range you specify. For tcp
, udp
, and icmp
, you must specify a port range. For icmpv6
, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.security_group_egress_id
(String)to_port
(Number) If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).