AWS::EC2::SecurityGroup:

Properties:
   GroupDescription: "\"allow something and not allow something\""
   SecurityGroupEgress: |
    [
      {
         "CidrIp"                     => "0.0.0.0/0",
         "FromPort"                   => "80",
         "IpProtocol"                 => "tcp, udp, icmp, -1",
         "SourceSecurityGroupId"      => "sg-xxx, For VPC security groups only.",
         "SourceSecurityGroupName"    => "use in EC2-Classic, default VPC",
         "SourceSecurityGroupOwnerId" => "[EC2-Classic, default VPC] The AWS account number for the source security group.",
         "ToPort"                     => "80"
      }
    ]
   SecurityGroupIngress: |
    [
      {
         "CidrIp"                     => "192.168.0.0/24",
         "FromPort"                   => "80",
         "IpProtocol"                 => "tcp, udp, icmp, -1",
         "DestinationSecurityGroupId" => "Specifies the GroupId of the destination Amazon VPC security group.",
         "ToPort"                     => "80"
      }
    ]
   Tags:  |
    [
      {
        "Key"   => "Name",
        "Value" => "allow HTTP Eg and In"
      }
    ]
   VpcId: "\"vpc-xxxxx\""