I have a application security group and a database security group. The instances are in separate subnets.
If I set both security groups to:
incoming - all traffic - source: 0.0.0.0/0outgoing - all traffic - source: 0.0.0.0/0
then I am not able to get traffic to flow. I am trying to rule out the security groups as the problem. Are the above rules sufficient or do I also have to explicitly grant the security group ID as all traffic incoming/outgoing?