Yeah, no worries, this site could be doing enough NAT G/W processed traffic to make it worth it, I have stuff already there so I could “re-enable” NAT G/Ws if it became a pain or proved unreliable in practice.
Yes, the route modifications is the other way of doing it, AWS already have an article on it that I read that references the healthcheck stuff etc. I figured from a terraform perspective, having an ASG with the user data stuff handling the ENI connection would be cleaner and wouldn’t require some ignores which route modifications would :shrug:
Thanks for your help though, glad to hear I’m not going down the wrong road, much appreciated.
