HomePlatformAsk DuploCloudPricing

Disable Source Destination Check

Disable CloudFormation's SourceDestCheck in EC2 Host metadata

Source/destination checking is a security feature. Disabling it is only needed in specific use cases. In most cases, disabling it creates a security gap. We recommend consulting with the DuploCloud team before using this.

AWS EC2 ensures that each instance is either the source or the destination of any network traffic that it receives. This is called "source/destination checking". In the DuploCloud Portal, this parameter is specified as true, by default, enabling source and destination checks.

There are times when you may want to override this default behavior, such as when an EC2 instance runs services Network Address Translation (NAT), routing, or firewalls. To override the default behavior and set the SourceDestCheck parameter to false, use this procedure.

Disable SourceDestCheck in the DuploCloud Portal

Set SourceDestCheck to false for an EC2 Host:

  1. In the DuploCloud Portal, navigate to Cloud Services -> Hosts.

  2. In the EC2 tab, select the Host for which you want to disable SourceDestCheck.

  3. Click the Metadata tab.

  4. Click Add. The Add Metadata pane displays.

    Add Metadata pane for Key SourceDestCheck

  5. In the Key field, enter SourceDestCheck.

  6. In the Value field, enter False.

  7. Click Create. The Key/Value pair is displayed in the Metadata tab.

EC2 Host page Metadata tab displaying SourceDestCheck Value of False
PreviousTaints for EKS NodesNextAuditing

Last updated

Was this helpful?