Complete the code to create a default security group that allows all inbound traffic from anywhere.
resource "aws_security_group" "default" { name = "default" description = "Default security group" ingress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = [[1]] } }
The CIDR block "0.0.0.0/0" allows inbound traffic from all IP addresses.
Complete the code to allow all outbound traffic in the default security group.
resource "aws_security_group" "default" { egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = [[1]] } }
The default security group allows all outbound traffic to all IP addresses, so the CIDR block is "0.0.0.0/0".
Fix the error in the ingress rule to allow traffic only from the same security group.
resource "aws_security_group" "default" { ingress { from_port = 0 to_port = 0 protocol = "-1" [1] = aws_security_group.default.id } }
cidr_blocks instead of source_security_group_id.security_groups which is deprecated.self which is not a valid attribute.To allow traffic from the same security group, use the attribute source_security_group_id with the security group ID.
Fill both blanks to define an ingress rule that allows all protocols and ports from the same security group.
resource "aws_security_group" "default" { ingress { from_port = [1] to_port = [2] protocol = "-1" source_security_group_id = aws_security_group.default.id } }
To allow all ports, set both from_port and to_port to 0 when protocol is "-1" (all protocols).
Fill all three blanks to create an egress rule that allows all outbound IPv4 traffic.
resource "aws_security_group" "default" { egress { from_port = [1] to_port = [2] protocol = [3] cidr_blocks = ["0.0.0.0/0"] } }
To allow all outbound IPv4 traffic, set from_port to 0, to_port to 0, and protocol to "-1" which means all protocols.