By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How does one automatically disable source\destination checks on network interfaces

0

I want to configure an auto scaling group to spin up new EC2 instances, the source\destination check on the network card is however enabled by default, even though the AMI was taken of an instance where the check was disabled, I understand that the new instance is assigned a new network interface on creation, how do i make sure the source\destination check is disabled automatically?

Topics
Management & GovernanceNetworking & Content DeliveryCompute
Tags
AWS Auto ScalingNetworking & Content DeliveryAmazon Machine Images (AMI)
Language
English
Don
asked 8 months ago429 views
1 Answer
1

There isn't a way to do this by default as of now, but I've added this post to an internal feature request to toggle source/dest check in a Launch Template.

In the meantime, you'll need to run a userdata script similar to the below example to toggle it (as always, scripts are provided as a sample, please thoroughly test in a dev environment before using in production)

#!/bin/bash

TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 3600"`
id=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/instance-id)

echo $(`aws ec2 modify-instance-attribute --instance-id $id --no-source-dest-check`)
AWS
Shahad_C
answered 8 months ago
profile pictureAWS
EXPERT
Brettski-AWS
reviewed 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content