Amazon Web Service (AWS)

Route Table

A route table is a set of rules that is used to determine where traffic from your subnet is directed. It contains all the information required to forward a packet along the best path toward its destination.
Route Table
  • vpc_id - (Required) The VPC ID.
  • route - (Optional) A list of route objects. Their keys are documented below. This argument is processed in attribute-as-blocks mode. This means that omitting this argument is interpreted as ignoring any existing routes. To remove all managed routes an empty list should be specified. See the example above.
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
  • propagating_vgws - (Optional) A list of virtual gateways for propagation.

route Argument Reference

This argument is processed in attribute-as-blocks mode.

One of the following destination arguments must be supplied:

  • cidr_block - (Required) The CIDR block of the route.
  • ipv6_cidr_block - (Optional) The Ipv6 CIDR block of the route.
  • destination_prefix_list_id - (Optional) The ID of a managed prefix list destination of the route.

One of the following target arguments must be supplied:

  • carrier_gateway_id - (Optional) Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.
  • core_network_arn - (Optional) The Amazon Resource Name (ARN) of a core network.
  • egress_only_gateway_id - (Optional) Identifier of a VPC Egress Only Internet Gateway.
  • gateway_id - (Optional) Identifier of a VPC internet gateway or a virtual private gateway.
  • instance_id - (Optional, Deprecated use network_interface_id instead) Identifier of an EC2 instance.
  • local_gateway_id - (Optional) Identifier of a Outpost local gateway.
  • nat_gateway_id - (Optional) Identifier of a VPC NAT gateway.
  • network_interface_id - (Optional) Identifier of an EC2 network interface.
  • transit_gateway_id - (Optional) Identifier of an EC2 Transit Gateway.
  • vpc_endpoint_id - (Optional) Identifier of a VPC Endpoint.
  • vpc_peering_connection_id - (Optional) Identifier of a VPC peering connection.

Note that the default route, mapping the VPC's CIDR block to "local", is created implicitly and cannot be specified.

Associating resources with a
Route Table
Resources do not "belong" to a
Route Table
Rather, one or more Security Groups are associated to a resource.
Route Table
via Terraform:
The following HCL creates a route table for the specified VPC

resource "aws_route_table" "example" {
 vpc_id =

 route {
   cidr_block = ""
   gateway_id =

 route {
   ipv6_cidr_block        = "::/0"
   egress_only_gateway_id =

 tags = {
   Name = "example"

Route Table
via CLI:

[--dry-run | --no-dry-run]
--vpc-id <value>
[--tag-specifications <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--endpoint-url <value>]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]


aws ec2 create-route-table --vpc-id vpc-a01106c2

Best Practices for
Route Table

Categorized by Availability, Security & Compliance and Cost

Route Table changes alarm
Explore all the rules our platform covers
All Resources