Detect, troubleshoot & optimize AWS environments in real-time ->

Amazon Web Service (AWS)

Route Table

A route table is a set of rules that is used to determine where traffic from your subnet is directed. It contains all the information required to forward a packet along the best path toward its destination.
There is no additional charge for using Route Tables, as it is a fundamental component of Amazon VPC and included in the overall VPC usage charge. The cost of using an Amazon VPC will depend on the number of subnets, the number of IP addresses, and the amount of data processed.
Direct Cost


Indirect Cost
No items found.
Terraform Name
Route Table
  • vpc_id - (Required) The VPC ID.
  • route - (Optional) A list of route objects. Their keys are documented below. This argument is processed in attribute-as-blocks mode. This means that omitting this argument is interpreted as ignoring any existing routes. To remove all managed routes an empty list should be specified. See the example above.
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
  • propagating_vgws - (Optional) A list of virtual gateways for propagation.

route Argument Reference

This argument is processed in attribute-as-blocks mode.

One of the following destination arguments must be supplied:

  • cidr_block - (Required) The CIDR block of the route.
  • ipv6_cidr_block - (Optional) The Ipv6 CIDR block of the route.
  • destination_prefix_list_id - (Optional) The ID of a managed prefix list destination of the route.

One of the following target arguments must be supplied:

  • carrier_gateway_id - (Optional) Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.
  • core_network_arn - (Optional) The Amazon Resource Name (ARN) of a core network.
  • egress_only_gateway_id - (Optional) Identifier of a VPC Egress Only Internet Gateway.
  • gateway_id - (Optional) Identifier of a VPC internet gateway or a virtual private gateway.
  • instance_id - (Optional, Deprecated use network_interface_id instead) Identifier of an EC2 instance.
  • local_gateway_id - (Optional) Identifier of a Outpost local gateway.
  • nat_gateway_id - (Optional) Identifier of a VPC NAT gateway.
  • network_interface_id - (Optional) Identifier of an EC2 network interface.
  • transit_gateway_id - (Optional) Identifier of an EC2 Transit Gateway.
  • vpc_endpoint_id - (Optional) Identifier of a VPC Endpoint.
  • vpc_peering_connection_id - (Optional) Identifier of a VPC peering connection.

Note that the default route, mapping the VPC's CIDR block to "local", is created implicitly and cannot be specified.

Associating resources with a
Route Table
Resources do not "belong" to a
Route Table
Rather, one or more Security Groups are associated to a resource.
Route Table
via Terraform:
The following HCL creates a route table for the specified VPC

resource "aws_route_table" "example" {
 vpc_id =

 route {
   cidr_block = ""
   gateway_id =

 route {
   ipv6_cidr_block        = "::/0"
   egress_only_gateway_id =

 tags = {
   Name = "example"

Route Table
via CLI:

[--dry-run | --no-dry-run]
--vpc-id <value>
[--tag-specifications <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--endpoint-url <value>]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]


aws ec2 create-route-table --vpc-id vpc-a01106c2

Best Practices for
Route Table

Categorized by Availability, Security & Compliance and Cost

Explore all the rules our platform covers
Related blog posts
All Resources