How to specify all ports in Security group - CloudFormation
Solution 1
The original solution I posted (and accepted by the original poster) stopped working as AWS no longer supports it. To avoid the barrage of downvotes, I deleted the answer. The alternatives are:
- Specify the ports 0 and 65535
or
Open all ports for all protocols not just TCP (as suggested by thewire247
below)
"SecurityGroupIngress" : [{
"IpProtocol" : "-1",
"CidrIp" : "0.0.0.0/0"
}]
Solution 2
If you are looking to allow all protocols and all ports, then you can do the following
{
"IpProtocol" : "-1"
"CidrIp" : "0.0.0.0/0"
}
Solution 3
FromPort
Start of port range for the TCP and UDP protocols, or an ICMP type number. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP type number).
ToPort
End of port range for the TCP and UDP protocols, or an ICMP code. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP code).
ex.
{ "IpProtocol" : "icmp", "FromPort" : "8", "ToPort" : "-1", "CidrIp" : "10.0.0.0/24" }
Related videos on Youtube
Steven Yong
Updated on February 16, 2020Comments
-
Steven Yong about 4 years
I have my CloudFormation script like this now:
"SecurityGroupIngress" : [{ "IpProtocol" : "tcp", "FromPort" : "0", "ToPort" : "65535", "CidrIp" : "0.0.0.0/0" }]
and it looks like this, which is fine:
But I am wondering how to I update the template to get this:
Notice the Ports say All. I also wonder if they are different?
-
geerlingguy over 6 yearsUnfortunately, this seems not to work (at least not anymore). I tried this and got
TCP/UDP (from) port (-1) out of range
. I had to specify0
and65535
explicitly :( -
Sam Hammamy over 5 yearsPlease change this to the accepted answer, the current accepted answer no longer works