diff --git a/terraform/README.md b/terraform/README.md
index cf730e8b..5171889c 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -483,6 +483,7 @@ terraform apply -var-file=<your_workspace>.tfvars
 | [aws_security_group_rule.bod_bastion_egress_all_icmp_to_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.bod_bastion_egress_all_tcp_to_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.bod_bastion_egress_all_udp_to_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
+| [aws_security_group_rule.bod_bastion_https_egress_to_anywhere](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.bod_bastion_ingress_all_icmp_from_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.bod_bastion_ingress_all_tcp_from_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.bod_bastion_ingress_all_udp_from_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
@@ -495,6 +496,7 @@ terraform apply -var-file=<your_workspace>.tfvars
 | [aws_security_group_rule.cyhy_bastion_egress_all_icmp_to_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.cyhy_bastion_egress_all_tcp_to_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.cyhy_bastion_egress_all_udp_to_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
+| [aws_security_group_rule.cyhy_bastion_https_egress_to_anywhere](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.cyhy_bastion_ingress_all_icmp_from_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.cyhy_bastion_ingress_all_tcp_from_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.cyhy_bastion_ingress_all_udp_from_mgmt_vulnscan](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
diff --git a/terraform/bod_bastion_security_group_rules.tf b/terraform/bod_bastion_security_group_rules.tf
index d79ad8fa..34934b36 100644
--- a/terraform/bod_bastion_security_group_rules.tf
+++ b/terraform/bod_bastion_security_group_rules.tf
@@ -26,6 +26,16 @@ resource "aws_security_group_rule" "bastion_self_ssh" {
   to_port   = 22
 }
 
+# Allow HTTPS egress anywhere
+resource "aws_security_group_rule" "bod_bastion_https_egress_to_anywhere" {
+  security_group_id = aws_security_group.bod_bastion_sg.id
+  type              = "egress"
+  protocol          = "tcp"
+  cidr_blocks       = ["0.0.0.0/0"]
+  from_port         = 443
+  to_port           = 443
+}
+
 # Allow ssh egress to the docker security group
 resource "aws_security_group_rule" "bastion_ssh_to_docker" {
   security_group_id        = aws_security_group.bod_bastion_sg.id
diff --git a/terraform/cyhy_bastion_security_group_rules.tf b/terraform/cyhy_bastion_security_group_rules.tf
index 9ba1cdfc..1925e3ef 100644
--- a/terraform/cyhy_bastion_security_group_rules.tf
+++ b/terraform/cyhy_bastion_security_group_rules.tf
@@ -40,6 +40,16 @@ resource "aws_security_group_rule" "bastion_self_egress" {
   to_port   = 22
 }
 
+# Allow HTTPS egress anywhere
+resource "aws_security_group_rule" "cyhy_bastion_https_egress_to_anywhere" {
+  security_group_id = aws_security_group.cyhy_bastion_sg.id
+  type              = "egress"
+  protocol          = "tcp"
+  cidr_blocks       = ["0.0.0.0/0"]
+  from_port         = 443
+  to_port           = 443
+}
+
 # Allow egress via ssh to the private security group
 resource "aws_security_group_rule" "bastion_egress_to_private_sg_via_ssh" {
   security_group_id        = aws_security_group.cyhy_bastion_sg.id