Class RouteTableEntryConfig

NetworkConfig / VpcConfig | VpcTemplatesConfig / RouteTableConfig / RouteTableEntryConfig

VPC route table static route entry configuration. Use this configuration to define static route entries in a VPC subnet or gateway route table. Static routes are used determine traffic flow from your subnet to a defined destination address and target.

Example

Transit Gateway Attachment

- name: TgwRoute
  destination: 0.0.0.0/0
  type: transitGateway
  target: Network-Main

NAT Gateway

- name: NatRoute
  destination: 0.0.0.0/0
  type: natGateway
  target: Nat-A

Internet Gateway

- name: IgwRoute
  destination: 0.0.0.0/0
  type: internetGateway

VPC Peering

- name: PeerRoute
  destination: 10.0.0.0/16
  type: vpcPeering
  target: Peering

Network Firewall with CIDR destination:

- name: NfwRoute
  destination: 0.0.0.0/0
  type: networkFirewall
  target: accelerator-firewall
  targetAvailabilityZone: a

Network Firewall with subnet destination:

- name: NfwRoute
  destination: subnet-a
  type: networkFirewall
  target: accelerator-firewall
  targetAvailabilityZone: a

Gateway Load Balancer Endpoint with CIDR destination:

- name: GwlbRoute
  destination: 0.0.0.0/0
  type: gatewayLoadBalancerEndpoint
  target: Endpoint-A

Gateway Load Balancer Endpoint with subnet destination:

- name: GwlbRoute
  destination: subnet-a
  type: gatewayLoadBalancerEndpoint
  target: Endpoint-A

Local Gateway associated with an AWS Outpost:

- name: LgwRoute
  destination: 10.0.0.0/16
  type: localGateway
  target: LocalGateway-A

Network Interface associated with a dynamic lookup:

  • NOTE: This lookup value is not supported for firewalls defined in Ec2FirewallAutoScalingGroupConfig. The interface must have the associateElasticIp property set to 'true' or the sourceDestCheck property set to 'false'
- name: EniRoute
  destination: 10.0.0.0/16
  type: networkInterface
  target: ${ACCEL_LOOKUP::EC2:ENI_0:accelerator-firewall:Id}

Network Interface associated with an explicit ENI Id:

- name: EniRoute
  destination: 10.0.0.0/16
  type: networkInterface
  target: eni-0123456789abcdef

Hierarchy

  • RouteTableEntryConfig

Implements

Constructors

constructor

Properties

destination destinationPrefixList name target targetAvailabilityZone type

Constructors

constructor

Properties

Readonly destination

destination: undefined | string = undefined

(OPTIONAL) The destination CIDR block or dynamic subnet reference for the route table entry.

Remarks

You can either use CIDR notation (i.e. 10.0.0.0/16) or target a subnet by referencing its logical name property. If referencing a subnet name, the subnet MUST be defined in the same VPC. This feature is intended for ingress routing scenarios where a gateway route table must target a Gateway Load Balancer or Network Firewall endpoint in a dynamic IPAM-created subnet.

See

SubnetConfig and RouteTableConfig.

Either destination or destinationPrefixList must be specified for the following route entry types: transitGateway, natGateway, internetGateway, networkInterface, vpcPeering, virtualPrivateGateway.

destination MUST be specified for route entry type networkFirewall or gatewayLoadBalancerEndpoint.

Note: Leave undefined for route entry type gatewayEndpoint.

Readonly destinationPrefixList

destinationPrefixList: undefined | string = undefined

The friendly name of the destination prefix list for the route table entry.

Remarks

This is the logical name property of the prefix list as defined in network-config.yaml.

Either destination or destinationPrefixList must be specified for the following route entry types: transitGateway, natGateway, internetGateway, networkInterface, vpcPeering, virtualPrivateGateway.

Cannot be specified for route entry type networkFirewall or gatewayLoadBalancerEndpoint. Use destination instead.

Note: Leave undefined for route entry type gatewayEndpoint.

See

PrefixListConfig

Readonly name

name: string = ''

A friendly name for the route table.

Remarks

CAUTION: Changing this value after initial deployment will cause the route table to be recreated. Please be aware that any downstream dependencies may cause this property update to fail.

Readonly target

target: undefined | string = undefined

The friendly name of the destination target.

Remarks

Use s3 or dynamodb as the string when specifying a route entry type of gatewayEndpoint.

This is the logical name property of other target types as defined in network-config.yaml.

Note: Leave undefined for route entry type internetGateway or virtualPrivateGateway.

Readonly targetAvailabilityZone

targetAvailabilityZone: undefined | string | number = undefined

The Availability Zone (AZ) the target resides in.

Remarks

Include only the letter of the AZ name (i.e. 'a' for 'us-east-1a') to target a subnet created in a specific AZ. Use an integer (i.e. 1) for subnets using a physical mapping ID to an AZ. Please reference the documentation Availability Zone IDs for your AWS resources for more information.

Note: Leave undefined for targets of route entry types other than networkFirewall.

Readonly type

type: undefined | "virtualPrivateGateway" | "transitGateway" | "natGateway" | "internetGateway" | "local" | "localGateway" | "gatewayEndpoint" | "gatewayLoadBalancerEndpoint" | "networkFirewall" | "networkInterface" | "vpcPeering" = undefined

The destination type of route table entry.

See

routeTableEntryTypeEnum

Settings

Member Visibility

Theme

Generated using TypeDoc