Optional
Readonly
destination(OPTIONAL) The destination IPv4 CIDR block or dynamic subnet reference for the route table entry.
You can either use IPv4 CIDR notation (i.e. 10.0.0.0/16) or target a subnet by referencing its logical name
property.
If referencing a subnet name, the subnet MUST be defined in the same VPC. This feature is intended for ingress routing scenarios
where a gateway route table must target a Gateway Load Balancer or Network Firewall endpoint in a dynamic IPAM-created subnet.
SubnetConfig and RouteTableConfig.
destination
, ipv6Destination
, or destinationPrefixList
must be specified for the following route entry types:
transitGateway
, natGateway
, internetGateway
, networkInterface
, vpcPeering
, virtualPrivateGateway
.
destination
or ipv6Destination
MUST be specified for route entry type networkFirewall
or gatewayLoadBalancerEndpoint
.
Note: Leave undefined for route entry type gatewayEndpoint
.
Optional
Readonly
destinationThe friendly name of the destination prefix list for the route table entry.
This is the logical name
property of the prefix list as defined in network-config.yaml.
destination
, ipv6Destination
, or destinationPrefixList
must be specified for the following route entry types:
transitGateway
, natGateway
, internetGateway
, egressOnlyIgw
, networkInterface
, vpcPeering
, virtualPrivateGateway
.
Cannot be specified for route entry type networkFirewall
or gatewayLoadBalancerEndpoint
. Use destination
or ipv6Destination
instead.
Note: Leave undefined for route entry type gatewayEndpoint
.
PrefixListConfig
Optional
Readonly
ipv6(OPTIONAL) The destination IPv6 CIDR block or dynamic subnet reference for the route table entry.
You can either use IPv6 CIDR notation (i.e. fd00::/8) or target a subnet by referencing its logical name
property.
If referencing a subnet name, the subnet MUST be defined in the same VPC. This feature is intended for ingress routing scenarios
where a gateway route table must target a Gateway Load Balancer or Network Firewall endpoint in a dynamic IPAM-created subnet.
SubnetConfig and RouteTableConfig.
destination
, ipv6Destination
, or destinationPrefixList
must be specified for the following route entry types:
transitGateway
, natGateway
, internetGateway
, egressOnlyIgw
, networkInterface
, vpcPeering
, virtualPrivateGateway
.
destination
or ipv6Destination
MUST be specified for route entry type networkFirewall
or gatewayLoadBalancerEndpoint
.
Note: Leave undefined for route entry type gatewayEndpoint
.
Readonly
nameA friendly name for the route table.
Optional
Readonly
targetThe friendly name of the destination target.
Optional
Readonly
targetThe Availability Zone (AZ) the target resides in.
Include only the letter of the AZ name (i.e. 'a' for 'us-east-1a') to target a subnet created in a specific AZ. Use an integer (i.e. 1) for subnets using a physical mapping ID to an AZ. Use the availability zone suffix e.g. "laz-1a" for Local Zones. Please reference the documentation Availability Zone IDs for your AWS resources for more information.
Note: Leave undefined for targets of route entry types other than networkFirewall
.
Optional
Readonly
typeThe destination type of route table entry.
NetworkConfig / VpcConfig | VpcTemplatesConfig / RouteTableConfig / RouteTableEntryConfig
VPC route table static route entry configuration.
Description
Use this configuration to define static route entries in a VPC subnet or gateway route table. Static routes are used determine traffic flow from your subnet to a defined destination address and target.
Example
Transit Gateway Attachment
NAT Gateway
Internet Gateway
VPC Peering
Network Firewall with CIDR destination:
Network Firewall with subnet destination:
Gateway Load Balancer Endpoint with CIDR destination:
Gateway Load Balancer Endpoint with subnet destination:
Local Gateway associated with an AWS Outpost:
Network Interface associated with a dynamic lookup:
Network Interface associated with an explicit ENI Id:
IPv6 route targeting an Egress-only IGW: