Skip to content

Resource: awsRoute

Provides a resource to create a routing table entry (a route) in a VPC routing table.

\~> NOTE on Route Tables and Routes: Terraform currently provides both a standalone Route resource and a Route Table resource with routes defined in-line. At this time you cannot use a Route Table with in-line routes in conjunction with any Route resources. Doing so will cause a conflict of rule settings and will overwrite rules.

\~> NOTE on gatewayId attribute: The AWS API is very forgiving with the resource ID passed in the gatewayId attribute. For example an awsRoute resource can be created with an awsNatGateway or awsEgressOnlyInternetGateway ID specified for the gatewayId attribute. Specifying anything other than an awsInternetGateway or awsVpnGateway ID will lead to Terraform reporting a permanent diff between your configuration and recorded state, as the AWS API returns the more-specific attribute. If you are experiencing constant diffs with an awsRoute resource, the first thing to check is that the correct attribute is being specified.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.route.Route(this, "r", {
  depends_on: ["${aws_route_table.testing}"],
  destinationCidrBlock: "10.0.1.0/22",
  routeTableId: "rtb-4fbb3ac4",
  vpcPeeringConnectionId: "pcx-45ff3dc1",
});

Example IPv6 Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsVpcVpc = new aws.vpc.Vpc(this, "vpc", {
  assignGeneratedIpv6CidrBlock: true,
  cidrBlock: "10.1.0.0/16",
});
const awsEgressOnlyInternetGatewayEgress =
  new aws.egressOnlyInternetGateway.EgressOnlyInternetGateway(this, "egress", {
    vpcId: awsVpcVpc.id,
  });
new aws.route.Route(this, "r", {
  destinationIpv6CidrBlock: "::/0",
  egressOnlyGatewayId: awsEgressOnlyInternetGatewayEgress.id,
  routeTableId: "rtb-4fbb3ac4",
});

Argument Reference

The following arguments are supported:

  • routeTableId - (Required) The ID of the routing table.

One of the following destination arguments must be supplied:

  • destinationCidrBlock - (Optional) The destination CIDR block.
  • destinationIpv6CidrBlock - (Optional) The destination IPv6 CIDR block.
  • destinationPrefixListId - (Optional) The ID of a managed prefix list destination.

One of the following target arguments must be supplied:

  • carrierGatewayId - (Optional) Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.
  • coreNetworkArn - (Optional) The Amazon Resource Name (ARN) of a core network.
  • egressOnlyGatewayId - (Optional) Identifier of a VPC Egress Only Internet Gateway.
  • gatewayId - (Optional) Identifier of a VPC internet gateway or a virtual private gateway.
  • instanceId - (Optional, Deprecated use networkInterfaceId instead) Identifier of an EC2 instance.
  • natGatewayId - (Optional) Identifier of a VPC NAT gateway.
  • localGatewayId - (Optional) Identifier of a Outpost local gateway.
  • networkInterfaceId - (Optional) Identifier of an EC2 network interface.
  • transitGatewayId - (Optional) Identifier of an EC2 Transit Gateway.
  • vpcEndpointId - (Optional) Identifier of a VPC Endpoint.
  • vpcPeeringConnectionId - (Optional) Identifier of a VPC peering connection.

Note that the default route, mapping the VPC's CIDR block to "local", is created implicitly and cannot be specified.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

\~> NOTE: Only the arguments that are configured (one of the above) will be exported as an attribute once the resource is created.

  • id - Route identifier computed from the routing table identifier and route destination.
  • instanceOwnerId - The AWS account ID of the owner of the EC2 instance.
  • origin - How the route was created - createRouteTable, createRoute or enableVgwRoutePropagation.
  • state - The state of the route - active or blackhole.

Timeouts

Configuration options:

  • create - (Default 5M)
  • update - (Default 2M)
  • delete - (Default 5M)

Import

Individual routes can be imported using ROUTETABLEID_DESTINATION.

For example, import a route in route table rtb656C65616E6F72 with an IPv4 destination CIDR of 104200/16 like this:

$ terraform import aws_route.my_route rtb-656C65616E6F72_10.42.0.0/16

Import a route in route table rtb656C65616E6F72 with an IPv6 destination CIDR of 2620:0:2D0:200::8/125 similarly:

$ terraform import aws_route.my_route rtb-656C65616E6F72_2620:0:2d0:200::8/125

Import a route in route table rtb656C65616E6F72 with a managed prefix list destination of pl0570A1D2D725C16Be similarly:

$ terraform import aws_route.my_route rtb-656C65616E6F72_pl-0570a1d2d725c16be