This template creates two VPC security groups with egress and ingress rules. The `SourceSG` security group allows outbound traffic to the `TargetSG` security group. The `TargetSG` security group allows inbound traffic from the `SourceSG` security group. The outbound rule allows TCP traffic from port 0 to port 65535, and the inbound rule allows TCP traffic from port 0 to port 65535.

Build a custom security group.

A security group that allows inbound web traffic (TCP ports 80 and 443).

A security group that allows inbound RDP traffic (TCP port 3389).

A security group that allows inbound SSH traffic (TCP port 22).

A security group that allows domain controller services on Microsoft Active Directory servers.

A security group that allows inbound DNS traffic (TCP and UDP port 53).

A security group that allows inbound ICMP traffic.

A security group that allows inbound access to a Maria DB instance.

A security group that allows inbound access to a Microsoft SQL server instance.

A security group that allows inbound access to a MySQL server instance.

A security group that allows inbound access to an Oracle server instance.

A security group that allows inbound access to an PostgreSQL server instance.

A security group for Amazon EFS that allows inbound NFS access from resources (including the mount target) associated with this security group (TCP 2049).

A security group that allows inbound access to an Amazon Redshift cluster (TCP 5439)

A security group that allows inbound access to an Amazon OpenSearch (TCP 443 and 80)

Build a custom network ACL.

A network ACL that blacklist inbound traffic based on IP address(es).

A network ACL that blacklist inbound and outbound traffic based on Port(s).

A network ACL that whitelists inbound and outbound traffic based on Port(s) and blocks all other traffic.

This template creates a network ACL and adds an entry to allow all outbound IPv4 traffic. The network ACL is associated with a VPC and has a rule number, protocol, rule action, CIDR block, and egress flag specified.

This template creates a network ACL and adds an entry to allow inbound SSH traffic from a specified network. The network ACL is associated with a VPC and has a rule number, protocol, rule action, CIDR block, and port range specified.