Policy Setting: AWS > VPC > Security Group > Egress Rules > Approved > Rules
Policies
This policy setting is dependent on the following policy types:
Source
resource "turbot_policy_setting" "aws_vpc_security_group_egress_rules_approved_rules" { resource = turbot_policy_pack.main.id type = "tmod:@turbot/aws-vpc-security#/policy/types/securityGroupEgressRulesApprovedRules" note = "AWS CIS v3.0.0 - Controls: 5.4" template_input = <<-EOT { securityGroup { GroupName: get(path: "GroupName") IpPermissionsEgress: get(path: "IpPermissionsEgress") } } EOT template = <<-EOT {%- if $.securityGroup.GroupName == "default" and $.securityGroup.IpPermissionsEgress | length > 0 -%} REJECT * {%- endif %} EOT}