Is it possible to set a different check/enforce value for inbound and outbound security group rules?

At this time with v3, it is not possible. Setting the policy to check or enforce will affect both inbound and outbound security group rules in the same way.

This functionality will be available in our new v5 version via a calculated policy, and we have additional logic that can process differently based on the ports. e.g. if 443 inbound to 0.0.0.0/0 just alarm, if 22 inbound from 0.0.0.0/0 delete.

Was this article helpful?
0 out of 0 found this helpful