In the "Network Controls and Security Groups" chapter 00:45, it’s said that "Remember ephemeral ports for outbound if you need them".
I don’t think we need to use ephemeral ports in Security Group rules.
Hi Henry, I agree with you. They are more often needed in the NACL rules. I can’t think of a reason to include ephemeral ports for outbound rules in Security Groups since the Security Groups are stateful. I haven’t listened to the module you are referring to yet, but will do so and submit a support ticket if required. (Updated – I watched the lecture and have submitted a ticket to the ACG content team, and given you a point for noticing and reporting this. Thank you.)