Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to specify all ports in Security group - CloudFormation

I have my CloudFormation script like this now:

    "SecurityGroupIngress" : [{       "IpProtocol" : "tcp",       "FromPort" : "0",       "ToPort" : "65535",       "CidrIp" : "0.0.0.0/0"     }] 

and it looks like this, which is fine:

enter image description here

But I am wondering how to I update the template to get this:

enter image description here

Notice the Ports say All. I also wonder if they are different?

like image 716
Steven Yong Avatar asked Aug 18 '16 15:08

Steven Yong


People also ask

What is port range in security group?

In the Port Range box, enter a specific port number used by your server applications as secure alternative to the range of ports. In the Source section, select Anywhere, Custom or My IP to define the appropriate source of incoming traffic.

What is AWS :: EC2 :: SecurityGroup?

A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic. Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic from your instance. When you launch an instance, you can specify one or more security groups.

How do I create a security group in CloudFormation?

To create a security group, use the VpcId property to specify the VPC for which to create the security group. This type supports updates. For more information about updating stacks, see AWS CloudFormation Stacks Updates.


2 Answers

If you are looking to allow all protocols and all ports, then you can do the following

{   "IpProtocol" : "-1"   "CidrIp" : "0.0.0.0/0" } 
like image 41
thewire247 Avatar answered Sep 20 '22 22:09

thewire247


The original solution I posted (and accepted by the original poster) stopped working as AWS no longer supports it. To avoid the barrage of downvotes, I deleted the answer. The alternatives are:

  • Specify the ports 0 and 65535

or

Open all ports for all protocols not just TCP (as suggested by thewire247 below)

"SecurityGroupIngress" : [{   "IpProtocol" : "-1",   "CidrIp" : "0.0.0.0/0" }] 
like image 80
helloV Avatar answered Sep 21 '22 22:09

helloV