I started my professional career in 2012 as Systems Administrator and continued it until 2018 to become DevOps Engineer. I work with AWS since 2016 and I am 5 times certified AWS Specialist.
I'm available for mentoring and infrastructure consultations
Thank you for the clarification Tomek! I was not really aware of the networking specifics that cause the behaviour of using all protocols, I'm not that fluent with networks - and I believe more people might also not understand the underlying reason so your comment brings a great value here! I had successfully set -1 as protocol with Terraform but perhaps I used older provider when I did so - unfortunately I'm not able to verify that anymore as I don't continue that project.
Thank you for the question! The Tale of the CloudFormation is there to explain it a little - the CF code was built through years by many people that were more or less experienced with the CloudFormation and eventually it became really hard to maintain - unmaintained, not up to date, tons of drifts, etc... Then there was an internal team built for taking care of all the infrastructure, with expertise in Terraform and inability to dive into existing CloudFormation stacks in any reasonable time. Terraform has just some little inconveniences that the team is aware of and we decided it's easier for us to get rid of CloudFormation as it was easier to achieve than fixing all the stacks - especially when not being experts in them. To make things more complicated, there were parts of the infrastructure in Terraform too - but in a similar state as CF stacks and we decided to not reanimate them but build new code from scratch on what we actually see in the infrastructure.