Bird
Raised Fist0
AWScloud~10 mins

Route tables configuration in AWS - Step-by-Step Execution

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Process Flow - Route tables configuration
Create VPC
Create Subnets
Create Route Table
Add Routes to Route Table
Associate Route Table with Subnet
Traffic follows routes for subnet
This flow shows how to create a route table, add routes, and associate it with a subnet so traffic knows where to go.
Execution Sample
AWS
resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
}

resource "aws_subnet" "subnet1" {
  vpc_id = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
}

resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.main.id
}

resource "aws_route_table" "rt" {
  vpc_id = aws_vpc.main.id
}

resource "aws_route" "route1" {
  route_table_id = aws_route_table.rt.id
  destination_cidr_block = "0.0.0.0/0"
  gateway_id = aws_internet_gateway.igw.id
}

resource "aws_route_table_association" "a" {
  subnet_id = aws_subnet.subnet1.id
  route_table_id = aws_route_table.rt.id
}
This code creates a VPC, a route table, adds a route to the internet gateway, and associates the route table with a subnet.
Process Table
StepActionResource Created/ModifiedState ChangeResult
1Create VPCaws_vpc.mainVPC with CIDR 10.0.0.0/16 createdVPC ready for subnets
2Create Route Tableaws_route_table.rtRoute table linked to VPC createdRoute table ready for routes
3Add Routeaws_route.route1Route to 0.0.0.0/0 via IGW addedRoute table can send traffic to internet
4Associate Route Tableaws_route_table_association.aRoute table associated with subnet1Subnet1 uses this route table
5Traffic FlowN/ASubnet1 traffic follows route table routesSubnet1 can reach internet via IGW
6EndN/AAll resources created and linkedConfiguration complete
💡 All steps completed; route table configured and associated with subnet
Status Tracker
ResourceInitialAfter CreationAfter Route AddedAfter AssociationFinal
VPCNone10.0.0.0/16 createdNo changeNo change10.0.0.0/16 active
Route TableNoneCreated linked to VPCRoute to 0.0.0.0/0 addedAssociated with subnet1Active with routes and association
RouteNoneNoneRoute to internet gateway addedNo changeActive route to IGW
Subnet AssociationNoneNoneNoneRoute table associatedSubnet1 uses route table
Key Moments - 3 Insights
Why do we need to associate a route table with a subnet?
Because without association, the subnet does not know which routes to use. See execution_table step 4 where association links the route table to subnet1.
What happens if we add a route but do not associate the route table with any subnet?
The route exists but no subnet uses it, so traffic from subnets will not follow that route. This is shown by the absence of association in step 4.
Can a route table have multiple routes?
Yes, route tables can have many routes directing traffic to different destinations. Here we added one route in step 3, but more can be added similarly.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, at which step is the route to the internet gateway added?
AStep 2
BStep 3
CStep 4
DStep 5
💡 Hint
Check the 'Action' and 'Result' columns in execution_table row for step 3.
According to variable_tracker, what is the state of the route table after association?
ACreated but no routes
BAssociated with subnet but no routes
CHas routes and associated with subnet
DNo association or routes
💡 Hint
Look at the 'Route Table' row under 'After Association' in variable_tracker.
If we skip step 4 (association), what will be the result for subnet1 traffic?
ASubnet1 traffic will not use the route table routes
BSubnet1 traffic will follow the route table routes
CSubnet1 will have internet access anyway
DSubnet1 will be deleted
💡 Hint
Refer to key_moments question about association importance and execution_table step 4.
Concept Snapshot
Route tables control where subnet traffic goes.
Create a route table in your VPC.
Add routes to direct traffic (e.g., to internet gateway).
Associate the route table with subnets.
Subnets use associated route tables to send traffic.
Without association, routes are ignored.
Full Transcript
This visual execution shows how to configure route tables in AWS. First, a VPC is created with a CIDR block. Then a route table is created and linked to the VPC. Next, a route is added to the route table directing traffic to the internet gateway. After that, the route table is associated with a subnet so that subnet's traffic follows the routes. Finally, traffic from the subnet can reach the internet via the route table. Key points include the necessity of associating route tables with subnets and that routes only take effect when associated. The execution table and variable tracker show each step and resource state changes clearly.

Practice

(1/5)
1. What is the main purpose of a route table in AWS networking?
easy
A. To manage user permissions
B. To store user data securely
C. To direct network traffic between subnets and gateways
D. To monitor server health

Solution

  1. Step 1: Understand the role of route tables

    Route tables control how network traffic moves inside a cloud network by defining paths.

  2. Step 2: Identify what route tables connect

    They connect subnets to gateways or other networks, enabling communication.

  3. Final Answer:

    To direct network traffic between subnets and gateways -> Option C

  4. Quick Check:

    Route tables = traffic direction [OK]
Hint: Route tables guide traffic flow inside the cloud [OK]
Common Mistakes:
  • Confusing route tables with security groups
  • Thinking route tables store data
  • Mixing route tables with monitoring tools
2. Which of the following is the correct way to associate a route table with a subnet in AWS CLI?
easy
A. aws ec2 create-route-table --subnet-id subnet-12345 --route-table-id rtb-67890
B. aws ec2 associate-route-table --subnet-id subnet-12345 --route-table-id rtb-67890
C. aws ec2 attach-route-table --subnet subnet-12345 --table rtb-67890
D. aws ec2 link-route-table --subnet subnet-12345 --route-table rtb-67890

Solution

  1. Step 1: Identify the correct AWS CLI command for association

    The command to associate a route table with a subnet is 'associate-route-table'.

  2. Step 2: Check the correct syntax and parameters

    The correct syntax uses '--subnet-id' and '--route-table-id' flags with IDs.

  3. Final Answer:

    aws ec2 associate-route-table --subnet-id subnet-12345 --route-table-id rtb-67890 -> Option B

  4. Quick Check:

    Associate route table = associate-route-table command [OK]
Hint: Use 'associate-route-table' with subnet and route table IDs [OK]
Common Mistakes:
  • Using 'create-route-table' instead of 'associate-route-table'
  • Wrong parameter names like '--subnet' instead of '--subnet-id'
  • Using non-existent commands like 'attach-route-table'
3. Given a route table with the following routes:
Destination: 0.0.0.0/0, Target: igw-12345
Destination: 10.0.1.0/24, Target: local
What happens when an instance in subnet 10.0.1.0/24 tries to reach 8.8.8.8?
medium
A. Traffic is sent to the internet gateway (igw-12345)
B. Traffic is blocked because no route exists
C. Traffic is sent to the local subnet only
D. Traffic is sent to a NAT gateway automatically

Solution

  1. Step 1: Analyze the route for 0.0.0.0/0

    This route sends all traffic not matching other routes to the internet gateway (igw-12345).

  2. Step 2: Determine route for 8.8.8.8

    Since 8.8.8.8 is outside the local subnet, it matches the 0.0.0.0/0 route and goes to the internet gateway.

  3. Final Answer:

    Traffic is sent to the internet gateway (igw-12345) -> Option A

  4. Quick Check:

    Default route sends traffic to internet gateway [OK]
Hint: Default 0.0.0.0/0 route sends traffic outside subnet [OK]
Common Mistakes:
  • Assuming traffic is blocked without explicit deny
  • Confusing local route with internet access
  • Thinking NAT gateway is used without configuration
4. You created a route table and associated it with a subnet, but instances in that subnet cannot access the internet. What is the most likely mistake?
medium
A. The route table lacks a route to an internet gateway
B. The subnet is not associated with any route table
C. The route table has a route to a NAT gateway instead of an internet gateway
D. The instances have no security group attached

Solution

  1. Step 1: Check route table routes for internet access

    Internet access requires a route to an internet gateway (igw) for 0.0.0.0/0.

  2. Step 2: Identify missing or incorrect routes

    If the route to the internet gateway is missing, instances cannot reach the internet despite association.

  3. Final Answer:

    The route table lacks a route to an internet gateway -> Option A

  4. Quick Check:

    Internet needs 0.0.0.0/0 route to igw [OK]
Hint: Check for 0.0.0.0/0 route to internet gateway [OK]
Common Mistakes:
  • Assuming subnet association alone grants internet access
  • Confusing NAT gateway with internet gateway routes
  • Ignoring security group rules as cause
5. You have two subnets: Subnet A (10.0.1.0/24) and Subnet B (10.0.2.0/24). You want instances in Subnet A to access the internet via a NAT gateway in Subnet B, but Subnet B should not have direct internet access. How should you configure the route tables?
hard
A. Associate Subnet A's route table with 0.0.0.0/0 to the NAT gateway; Subnet B's route table with no route to internet gateway
B. Associate Subnet A's route table with 0.0.0.0/0 to the internet gateway; Subnet B's route table with 0.0.0.0/0 to the NAT gateway
C. Associate both subnets' route tables with 0.0.0.0/0 to the internet gateway
D. Associate Subnet A's route table with a route 0.0.0.0/0 to the NAT gateway; Subnet B's route table with 0.0.0.0/0 to the internet gateway

Solution

  1. Step 1: Understand NAT gateway purpose

    NAT gateway allows instances in private subnet (Subnet A) to access internet outbound.

  2. Step 2: Configure Subnet B's route table (NAT subnet)

    Subnet B must have 0.0.0.0/0 to internet gateway so NAT can reach internet. Direct access for instances in B can be restricted via security groups.

  3. Step 3: Configure Subnet A's route table

    Subnet A has 0.0.0.0/0 to NAT gateway.

  4. Final Answer:

    Associate Subnet A's route table with a route 0.0.0.0/0 to the NAT gateway; Subnet B's route table with 0.0.0.0/0 to the internet gateway -> Option D

  5. Quick Check:

    Private to NAT; NAT subnet to igw [OK]
Hint: Private subnet (A) routes to NAT; NAT subnet (B) routes to igw [OK]
Common Mistakes:
  • Omitting igw route in NAT subnet (B), breaking NAT functionality
  • Routing private subnet (A) directly to igw
  • Confusing NAT gateway and internet gateway roles