Policy Packs
Enforce AWS VPC Default Security Groups Deny All Traffic

Policy Setting: AWS > VPC > Security Group > Egress Rules > Approved > Rules

Policies

This policy setting is dependent on the following policy types:

Source

resource "turbot_policy_setting" "aws_vpc_security_group_egress_rules_approved_rules" {
resource = turbot_policy_pack.main.id
type = "tmod:@turbot/aws-vpc-security#/policy/types/securityGroupEgressRulesApprovedRules"
template_input = <<-EOT
{
resource {
name: get(path: "GroupName")
}
}
EOT
template = <<-EOT
{%- if $.resource.name == "default" -%}
REJECT *
{%- endif -%}
EOT
}