Skip to content

Resource: awsDefaultRouteTable

Provides a resource to manage a default route table of a VPC. This resource can manage the default route table of the default or a non-default VPC.

\~> NOTE: This is an advanced resource with special caveats. Please read this document in its entirety before using this resource. The awsDefaultRouteTable resource behaves differently from normal resources. Terraform does not create this resource but instead attempts to "adopt" it into management. Do not use both awsDefaultRouteTable to manage a default route table and awsMainRouteTableAssociation with the same VPC due to possible route conflicts. See aws_main_route_table_association documentation for more details.

Every VPC has a default route table that can be managed but not destroyed. When Terraform first adopts a default route table, it immediately removes all defined routes. It then proceeds to create any routes specified in the configuration. This step is required so that only the routes specified in the configuration exist in the default route table.

For more information, see the Amazon VPC User Guide on Route Tables. For information about managing normal route tables in Terraform, see awsRouteTable.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.defaultRouteTable.DefaultRouteTable(this, "example", {
  defaultRouteTableId: "${aws_vpc.example.default_route_table_id}",
  route: [
    {
      cidrBlock: "10.0.1.0/24",
      gatewayId: "${aws_internet_gateway.example.id}",
    },
    {
      egressOnlyGatewayId: "${aws_egress_only_internet_gateway.example.id}",
      ipv6CidrBlock: "::/0",
    },
  ],
  tags: {
    Name: "example",
  },
});

To subsequently remove all managed routes:

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.defaultRouteTable.DefaultRouteTable(this, "example", {
  defaultRouteTableId: "${aws_vpc.example.default_route_table_id}",
  route: [],
  tags: {
    Name: "example",
  },
});

Argument Reference

The following arguments are required:

  • defaultRouteTableId - (Required) ID of the default route table.

The following arguments are optional:

  • propagatingVgws - (Optional) List of virtual gateways for propagation.
  • route - (Optional) Configuration block of routes. Detailed below. This argument is processed in attribute-as-blocks mode. This means that omitting this argument is interpreted as ignoring any existing routes. To remove all managed routes an empty list should be specified. See the example above.
  • tags - (Optional) Map of tags to assign to the resource. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

route

This argument is processed in attribute-as-blocks mode.

One of the following destination arguments must be supplied:

  • cidrBlock - (Required) The CIDR block of the route.
  • ipv6CidrBlock - (Optional) The Ipv6 CIDR block of the route
  • destinationPrefixListId - (Optional) The ID of a managed prefix list destination of the route.

One of the following target arguments must be supplied:

  • coreNetworkArn - (Optional) The Amazon Resource Name (ARN) of a core network.
  • egressOnlyGatewayId - (Optional) Identifier of a VPC Egress Only Internet Gateway.
  • gatewayId - (Optional) Identifier of a VPC internet gateway or a virtual private gateway.
  • instanceId - (Optional) Identifier of an EC2 instance.
  • natGatewayId - (Optional) Identifier of a VPC NAT gateway.
  • networkInterfaceId - (Optional) Identifier of an EC2 network interface.
  • transitGatewayId - (Optional) Identifier of an EC2 Transit Gateway.
  • vpcEndpointId - (Optional) Identifier of a VPC Endpoint. This route must be removed prior to VPC Endpoint deletion.
  • vpcPeeringConnectionId - (Optional) Identifier of a VPC peering connection.

Note that the default route, mapping the VPC's CIDR block to "local", is created implicitly and cannot be specified.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - ID of the route table.
  • arn - The ARN of the route table.
  • ownerId - ID of the AWS account that owns the route table.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
  • vpcId - ID of the VPC.

Timeouts

Configuration options:

  • create - (Default 2M)
  • update - (Default 2M)

Import

Default VPC route tables can be imported using the vpcId, e.g.,

$ terraform import aws_default_route_table.example vpc-33cc44dd