source_dest_check flag for aws_network_interface

[kayvonghaffari]

Not sure if this is currently in another issue. We're setting up a cluster of 2 NATs which connects to 2 ENIs. We'd like to set the source_dest_check flag for the ENIs to false. It seems like the only way to accomplish this is through the aws_instance resource. Since we're using Auto Scaling Groups + a Launch Configuration for the NATs, we're not

Our workaround at the moment is to manually set the flag to false via the AWS console.

Ideally it would look something like this:

resource "aws_network_interface" "network_interface" {
  subnet_id = "${aws_subnet.public_subnet.id}"
  security_groups = ["${aws_security_group.nat_security_group.id}"]
  source_dest_check = false
}

resource "aws_eip" "nat_eip" {
  vpc = true
  network_interface = "${aws_network_interface.network_interface.id}"
}

... 

resource "aws_launch_configuration" "nat_launch_config" {
   ...
}

[phinze]

Looks like we can accomplish this with ModifyNetworkInterfaceAttribute. Tagged and we'll take a look!

[stack72]

I have just added a PR that may allow this #2721

[jszwedko]

Fixed by #2741 (released as 0.6.2)

[phinze]

Fixed indeed, thanks folks!

[timstoop]

Apologies for using this ticket to request support, but I'm looking for a way to actually use this. How would you use an aws_eip in combination with a launch configuration for an autoscaling group?

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.