Is it not possible to create a AmazonMQ broker and a EC2 SecurityGroup in the same cloud formation?

I have the following cloud formation:

Resources:
  ActiveMQSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Security Group for Amazon MQ that allows traffic for all supported protocols and GUI access.
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 61616
          ToPort: 61616
          CidrIp: 0.0.0.0/0
          Description: OpenWire

  MyBroker:
    Type: AWS::AmazonMQ::Broker
    DependsOn: ActiveMQSecurityGroup
    Properties:
      AutoMinorVersionUpgrade: true
      BrokerName: MyBroker
      DeploymentMode: SINGLE_INSTANCE
      EngineType: ACTIVEMQ
      EngineVersion: 5.17.6
      HostInstanceType: mq.t3.micro
      PubliclyAccessible: true
      SecurityGroups:
        - !Ref ActiveMQSecurityGroup
      Logs:
        Audit: true
        General: true
      Users:
          -
            Username: '{{resolve:secretsmanager:MQSecret:SecretString:username}}'
            Password: '{{resolve:secretsmanager:MQSecret:SecretString:password}}'
            ConsoleAccess: true
            Groups:
              - admin

But I get an error saying that the security group does not exists. If I look in the console I can see that the security group was indeed created before the broker. Also if I leave the SecurityGroups out, everything is created and the broker is connected to the default security group. My understanding was that DependsOn (and implicitly via !Ref) would solve this kinda issue.