How to tag an instance's eni?

When I create an instance or an LB it automatically creates an eni network interface for it behind the scenes.

Is there a way to get at that to tag it?

I see that for aws_instances with EBS volumes there’s a “volume_tags” option to propagate the tags but I don’t see anything for network interfaces.

I suppose I could get artistic and create a dummy resource with a provisioner which executes an AWS CLI call against the resource’s “primary_network_interface_id” output, but that seems a bit of a stretch…

Well, of course I found out how to do it immediately after posing the question…

resource "aws_ec2_tag" "ecs_node_eni" {
  resource_id = aws_instance.ecs_node.primary_network_interface_id
  key         = "Name"       
  value       = var.tags["Name"]
}

Presumably I could step through the tags with a for_each to get all of them included.

yep.

resource "aws_ec2_tag" "ecs_node_eni" {
  resource_id = aws_instance.ecs_node.primary_network_interface_id
  for_each    = var.tags
  key         = each.key
  value       = each.value
}

In my case I have 3 instance which I am creating using count so in aws_ec2_tag I am using count to get resource_id for each resources. when I use for_each for tagging those 3 instances ENI I am getting error say that The "count" and "for_each" meta-arguments are mutually-exclusive, only one should be used to be explicit about the number of resources to be created. . How can I tackle this problem?.

Here is my code

resource "aws_ec2_tag" "ecs_node_eni" {
  count = local.instance_count
  resource_id = aws_instance.ecs_node[count.index].primary_network_interface_id
  for_each    = var.tags
  key         = each.key
  value       = each.value
}

A quick&easy solution could be to build a local variable to encompass the two, something along the lines of this (sorry, I’m not at a terminal)

locals {
instance_tags = for_each = … {
<instance_id> = var.tags

}

}

Apologize but I do not understand your code line. Can you write it in proper format?