@stephenw10
The AWS side will likely propagate whatever you advertise to it, because I manage both ends and that's just how the virtual private gateway works in AWS.
I guess there might be a slight risk here, but hopefully AWS won't make a change that reject these routes.
Of course, ideally I hope that pfSense will allow the source to be configured in a future release of the OS. As far as I know, other firewall vendors are able to do so.
/Thomas