Monitoring Security Groups with Amazon CloudWatch EventsGo to Lab
11) the EventsRole policy is out of date. The current policy limits to t2 instances. 39) TCP/80 and TCP/443 can be found by filtering for "This permission must be authorized". However, TCP/465 can only be found by filtering for "This permission must be revoked".
in step #39 the filter "This permission must be authorized" excludes the sample SMTPS item to be revoked.... shorten the filter to ""This permission must be" for desired outcome.
The instructions were easy to follow. I learned a lot.