Ephemeral ports rule is optional, you can add outbound rule for specific port or use ephemeral ports, both will work.

You might want to use a different range for your network ACLs depending on the type of client that you’re using or with which you’re communicating.
In practice, to cover the different types of clients that might initiate traffic to public-facing instances in your VPC, you can open ephemeral ports 1024–65535.

Reference: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html#nacl-ephemeral-ports