Local gateway route tables - AWS Outposts
Direct VPC routingCustomer-owned IP addressesWork with local gateway route tables

Local gateway route tables

Outpost subnet route tables on a rack can include a route to your on-premises network. The local gateway routes this traffic for low latency routing to the on-premises network.

By default, Outposts uses the private IP address of the instances on the Outpost to communicate with your on-premises network. This is known as direct VPC routing for AWS Outposts (or direct VPC routing). However, you can provide an address range, known as a customer-owned IP address pool (CoIP), and have instances on your network use those addresses to communicate with your on-premises network. Direct VPC routing and CoIP are mutually exclusive options and routing works differently based on your choice.

Direct VPC routing

Direct VPC routing uses the private IP address of the instances in your VPC to facilitate communication with your on-premises network. These addresses are advertised to your on-premises network with BGP. Advertisement to BGP is only for the private IP addresses that belong to the subnets on your Outpost rack. This type of routing is the default mode for Outposts. In this mode, the local gateway does not perform NAT for instances, and you do not need to assign Elastic IP addresses to your EC2 instances. You have the option to use your own address space instead of direct VPC routing mode. For more information, see Customer-owned IP addresses.

Direct VPC routing is supported only for instance network interfaces. With network interfaces that AWS creates on your behalf (known as requester-managed network interfaces), their private IP addresses are not reachable from your on-premises network. For example, VPC endpoints are not directly reachable from your on-premises network.

The following examples illustrate direct VPC routing.

Example: Internet connectivity through the VPC

Instances in an Outpost subnet can access the internet through the internet gateway attached to the VPC.

Consider the following configuration:

  • The parent VPC spans two Availability Zones and has a subnet in each Availability Zone.

  • The Outpost has one subnet.

  • Each subnet has an EC2 instance.

  • The local gateway uses BGP advertisement to advertise the private IP addresses of the Outpost subnet to the on-premises network.

    Note

    BGP advertisement is supported only for subnets on an Outpost that have a route with the local gateway as the destination. Any other subnets are not advertised through BGP.

In the following diagram, traffic from the instance in the Outpost subnet can use the internet gateway for the VPC to access the internet.

Routing overview

To achieve internet connectivity through the parent Region, the route table for the Outpost subnet must have the following routes.

Destination Target Comments
VPC CIDR Local Provides connectivity between the subnets in the VPC.
0.0.0.0 internet-gateway-id Sends traffic destined for the internet to the internet gateway.
on-premises network CIDR local-gateway-id Sends traffic destined for the on-premises network to the local gateway.

Example: Internet connectivity through the on-premises network

Instances in an Outpost subnet can access the internet through the on-premises network. Instances in the Outpost subnet do not need a public IP address or Elastic IP address.

Consider the following configuration:

  • The Outpost subnet has an EC2 instance.

  • The router in the on-premises network performs network address translation (NAT).

  • The local gateway uses BGP advertisement to advertise the private IP addresses of the Outpost subnet to the on-premises network.

    Note

    BGP advertisement is supported only for subnets on an Outpost that have a route with the local gateway as the destination. Any other subnets are not advertised through BGP.

In the following diagram, traffic from the instance in the Outpost subnet can use the local gateway to access the internet or the on-premises network. Traffic from the on-premises network uses the local gateway to access the instance in the Outpost subnet.

Local gateway access to on-premises

To achieve internet connectivity through the on-premises network, the route table for the Outpost subnet must have the following routes.

Destination Target Comments
VPC CIDR Local Provides connectivity between the subnets in the VPC.
0.0.0.0/0 local-gateway-id Sends traffic destined for the internet to the local gateway.
Outbound access to the internet

Traffic initiated from the instance in the Outpost subnet with a destination of the internet uses the route for 0.0.0.0/0 to route traffic to the local gateway. The local gateway sends the traffic to the router. The router uses NAT to translate the private IP address to a public IP address on the router, and then sends the traffic to the destination.

Outbound access to the on-premises network

Traffic initiated from the instance in the Outpost subnet with a destination of the on-premises network uses the route for 0.0.0.0/0 to route traffic to the local gateway. The local gateway sends the traffic to the destination in the on-premises network.

Inbound access from the on-premises network

Traffic from the on-premises network with a destination of the instance in the Outpost subnet uses the private IP address of the instance. When the traffic reaches the local gateway, the local gateway sends the traffic to the destination in the VPC.

Customer-owned IP addresses

By default, the local gateway uses the private IP addresses of instances in your VPC to facilitate communication with your on-premises network. However, you can provide an address range, known as a customer-owned IP address pool (CoIP), which supports overlapping CIDR ranges and other network topologies.

If you choose CoIP, you must create an address pool, assign it to the local gateway route table, and advertise these addresses back to your customer network through BGP. Any customer-owned IP Addresses associated with your local gateway route table show in the route table as propagated routes.

Customer-owned IP addresses provide local or external connectivity to resources in your on-premises network. You can assign these IP addresses to resources on your Outpost, such as EC2 instances, by allocating a new Elastic IP address from the customer-owned IP pool, and then assigning it to your resource. For more information, see 3f: (Optional) Assign a customer-owned IP address to the instance.

The following requirements apply to the customer-owned IP address pool:

  • You must be able to route the address in your network

  • The CIDR block must be a minimum of /26

When you allocate an Elastic IP address from your customer-owned IP address pool, you continue to own the IP addresses in your customer-owned IP address pool. You are responsible for advertising them as needed on your internal networks or WAN.

You can optionally share your customer-owned pool with multiple AWS accounts in your organization using AWS Resource Access Manager. After you share the pool, participants can allocate an Elastic IP address from the customer owned IP address pool, and then assign it to an EC2 instance on the Outpost. For more information, see Sharing your AWS resources in the AWS RAM User Guide.

Example: Internet connectivity through the VPC

Instances in an Outpost subnet can access the internet through the internet gateway attached to the VPC.

Consider the following configuration:

  • The parent VPC spans two Availability Zones and has a subnet in each Availability Zone.

  • The Outpost has one subnet.

  • Each subnet has an EC2 instance.

  • There is a customer-owned IP address pool.

  • The instance in the Outpost subnet has an Elastic IP address from the customer-owned IP address pool.

  • The local gateway uses BGP advertisement to advertise the customer-owned IP address pool to the on-premises network.

Routing overview

To achieve internet connectivity through the Region, the route table for the Outpost subnet must have the following routes.

Destination Target Comments
VPC CIDR Local Provides connectivity between the subnets in the VPC.
0.0.0.0 internet-gateway-id Sends traffic destined for the public internet to the internet gateway.
On-premises network CIDR local-gateway-id Sends traffic destined for the on-premises network to the local gateway.

Example: Internet connectivity through the on-premises network

Instances in an Outpost subnet can access the internet through the on-premises network.

Consider the following configuration:

  • The Outpost subnet has an EC2 instance.

  • There is a customer-owned IP address pool.

  • The local gateway uses BGP advertisement to advertise the customer-owned IP address pool to the on-premises network.

  • An Elastic IP address association that maps 10.0.3.112 to 10.1.0.2.

  • The router in the customer on-premises network performs NAT.

Local gateway access to on-premises

To achieve internet connectivity through the local gateway, the route table for the Outpost subnet must have the following routes.

Destination Target Comments
VPC CIDR Local Provides connectivity between the subnets in the VPC.
0.0.0.0/0 local-gateway-id Sends traffic destined for the internet to the local gateway.
Outbound access to the internet

Traffic initiated from the EC2 instance in the Outpost subnet with a destination of the internet uses the route for 0.0.0.0/0 to route traffic to the local gateway. The local gateway maps the private IP address of the instance to the customer-owned IP address, and then sends the traffic to the router. The router uses NAT to translate the customer-owned IP address to a public IP address on the router, and then sends the traffic to the destination.

Outbound access to the on-premises network

Traffic initiated from the EC2 instance in the Outpost subnet with a destination of the on-premises network uses the route for 0.0.0.0/0 to route traffic to the local gateway. The local gateway translates the IP address of the EC2 instance to the customer-owned IP address (Elastic IP address), and then sends the traffic to the destination.

Inbound access from the on-premises network

Traffic from the on-premises network with a destination of the instance in the Outpost subnet uses the customer-owned IP address (Elastic IP address) of the instance. When the traffic reaches the local gateway, the local gateway maps the customer-owned IP address (Elastic IP address) to the instance IP address, and then sends the traffic to the destination in the VPC. In addition, the local gateway route table evaluates any routes that target elastic network interfaces. If the destination address matches any static route's destination CIDR, traffic is sent to that elastic network interface. When traffic follows a static route to an elastic network interface, the destination address is preserved and is not translated to the private IP address of the network interface.

Work with local gateway route tables

As part of the rack installation, AWS creates the local gateway, configures VIFs and a VIF group. You create the local gateway route table. A local gateway route table must have an association to VIF group and a VPC. You create and manage the association of the VIF group and the VPC. Consider the following information about local gateway route tables:

  • VIF groups and local gateway route tables must have a one-to-one relationship.

  • The local gateway is owned by the AWS account associated with the Outpost and only the owner can modify the local gateway route table.

  • You can share the local gateway route table with other AWS accounts or organizational units using AWS Resource Access Manager. For more information, see Working with shared AWS Outposts resources.

  • Local gateway route tables have a mode that determines whether to use the private IP address of instances to communicate with your on-premises network (direct VPC routing) or a customer-owned IP address pool (CoIP). Direct VPC routing and CoIP are mutually exclusive options and routing works differently based on your choice. For more information, see Local gateway route tables.

  • Direct VPC routing mode does not support overlapping CIDR ranges.

View local gateway route table details

You can view the details of your local gateway route tables using the console or the AWS CLI.

AWS Outposts console
To view the local gateway route table details

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route table.

  4. Select the local gateway route table, and then choose Actions, View details.

AWS CLI
To view the local gateway route table details

Use the describe-local-gateway-route-tables AWS CLI command.

Example

aws ec2 describe-local-gateway-route-tables --region us-west-2

Output

{
    "LocalGatewayRouteTables": [
        {
            "LocalGatewayRouteTableId": "lgw-rtb-059615ef7deEXAMPLE",
            "LocalGatewayId": "lgw-09b493aa7cEXAMPLE",
            "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-0dc11b66edEXAMPLE",
            "State": "available",
            "Tags": []
        }
    ]
}
Note

If the default local gateway route table that you are viewing is using CoIP mode, then the local gateway route table is configured with a default route to each of the VIFs, and a propagated route to each associated customer-owned IP address in the pool CoIP pool.

Create custom local gateway route tables

You can create a custom route table for your local gateway using the AWS Outposts console.

To create a custom local gateway route table using the console

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route table.

  4. Choose Create local gateway route table.

  5. (Optional) For Name, enter a name for your local gateway route table.

  6. For Local gateway, choose your local gateway.

  7. (Optional) Choose Associate VIF group and choose your VIF group.

  8. For Mode, choose a mode for communication with your on-premises network.

    • Choose Direct VPC routing to use the private IP address of an instance.

    • Choose CoIP to use the customer-owned IP address.

      • (Optional) Add or remove CoIP pools and additional CIDR blocks

        [Add a CoIP pool] Choose Add new pool and do the following:

        • For Name, enter a name for your CoIP pool.

        • For CIDR, enter a CIDR block of customer-owned IP addresses.

      • [Add CIDR blocks] Choose Add new CIDR and enter a range of customer-owned IP addresses.

      • [Remove a CoIP pool or an additional CIDR block] Choose Remove to the right of a CIDR block or below the CoIP pool.

        You can specify up to 10 CoIP pools and 100 CIDR blocks.

  9. (Optional) Add or remove a tag.

    [Add a tag] Choose Add new tag and do the following:

    • For Key, enter the key name.

    • For Value, enter the key value.

    [Remove a tag] Choose Remove to the right of the tag’s key and value.

  10. Choose Create local gateway route table.

Manage local gateway route table routes

You can create local gateway route tables and inbound routes to elastic network interfaces on your Outpost. You can also modify an existing local gateway inbound route to change the target elastic network interface.

A route is in active status only when its target elastic network interface is attached to a running instance. If the instance is stopped or the interface is detached, the route goes from active to blackhole status.

The following requirements and limitations apply to a local gateway:

  • The target elastic network interface must belong to a subnet on your Outpost and must be attached to an instance in that Outpost. A local gateway route cannot target an Amazon EC2 instance on a different Outpost or in the parent AWS Region.

  • The subnet must belong to a VPC that is associated to the local gateway route table.

  • You must not exceed more than 100 elastic network interface routes in the same route table.

  • AWS prioritizes the most specific route, and if the routes match, we prioritize static routes over propagated routes.

  • Interface VPC endpoints are not supported.

  • BGP advertisement is only for subnets on an Outpost that have a route in the route table that targets the local gateway. If subnets do not have a route in the route table that targets the local gateway, then those subnets are not advertised with BGP.

  • Only ENIs that are attached to Outpost instances can communicate through the local gateway for that Outpost. ENIs that belong to the Outpost subnet but attached to an instance in the Region cannot communicate through the local gateway for that Outpost.

  • Managed interfaces such as VPCE endpoints or interfaces cannot be reached from on-premise through the local gateway. They can be reached only from instances that are within the Outpost.

The following NAT considerations apply.

  • The local gateway does not perform NAT on traffic that matches an elastic network interface route. Instead, the destination IP address is preserved.

  • Turn off source/destination checking for the target elastic network interface. For more information, see Network interface basics in the Amazon EC2 User Guide.

  • Configure the operating system to allow traffic from the destination CIDR to be accepted on the network interface.

AWS Outposts console
To edit a local gateway route table route

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route table.

  4. Select the local gateway route table, and then choose Actions, Edit routes.

  5. To add a route, choose Add route. For Destination, enter the destination CIDR block, a single IP address, or the ID of a prefix list.

  6. To modify an existing route, for Destination, replace the destination CIDR block or single IP address. For Target, choose a target.

  7. Choose Save routes.

AWS CLI
To create a local gateway route table route

Example

aws ec2 create-local-gateway-route \
    --local-gateway-route-table-id lgw-rtb-059615ef7dEXAMPLE \
    --network-interface-id eni-03e612f0a1EXAMPLE \
    --destination-cidr-block 192.0.2.0/24

Output

{
    "Route": {
        "DestinationCidrBlock": "192.0.2.0/24",
        "NetworkInterfaceId": "eni-03e612f0a1EXAMPLE",
        "Type": "static",
        "State": "active",
        "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE",
        "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-059615ef7dEXAMPLE",
        "OwnerId": "111122223333"
    }
}
To modify a local gateway route table route

You can modify the elastic network interface targeted by an existing route. To use the modify operation, the route table must already have a route with the specified destination CIDR block.

Example

aws ec2 modify-local-gateway-route \
    --local-gateway-route-table-id lgw-rtb-059615ef7dEXAMPLE \
    --network-interface-id eni-12a345b6c7EXAMPLE \
    --destination-cidr-block 192.0.2.0/24

Output

{
    "Route": {
        "DestinationCidrBlock": "192.0.2.0/24",
        "NetworkInterfaceId": "eni-12a345b6c7EXAMPLE",
        "Type": "static",
        "State": "active",
        "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE",
        "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-059615ef7dEXAMPLE",
        "OwnerId": "111122223333"
    }
}

Manage local gateway route table tags

You can tag your local gateway route tables to help you identify them or categorize them according to your organization's needs.

To manage the local gateway route table tags

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Select the local gateway route table, and then choose Actions, Manage tags.

  5. Add or remove a tag.

    To add a tag, choose Add new tag and do the following:

    • For Key, enter the key name.

    • For Value, enter the key value.

    To remove a tag, choose Remove to the right of the tag’s key and value.

  6. Choose Save changes.

Switch local gateway route table modes or delete a local gateway route table

You must delete and recreate the local gateway route table to switch modes. Deleting the local gateway route table causes network traffic interruption.

To switch modes or delete a local gateway route table

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. Verify that you are in the correct AWS Region.

    To change the Region, use the Region selector in the top-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Verify if the local gateway route table is associated with a VIF group. If it is associated, you must remove the association between the local gateway route table and the VIF group.

    1. Choose the ID of the local gateway route table.

    2. Choose the VIF group association tab.

    3. If one or more VIF groups are associated with the local gateway route table, choose Edit VIF group association.

    4. Clear the Associate VIF group checkbox.

    5. Choose Save changes.

  5. Choose Delete local gateway route table.

  6. In the confirmation dialog box, type delete and then choose Delete.

  7. (Optional) Create a local gateway route table with a new mode.

    1. On the navigation pane, choose Local gateway route tables.

    2. Choose Create local gateway route table.

    3. Configure the local gateway route table using the new mode. For more information, see Create custom local gateway route tables.

Manage CoIP pools

You can provide IP address ranges to facilitate communication between your on-premises network and instances in your VPC. For more information, see Customer-owned IP addresses.

Customer-owned IP pools are available for local gateway route tables in CoIP mode. To switch between local gateway route table modes, see Switch local gateway route table modes.

Use the following procedure to create a CoIP pool.

To create a CoIP pool

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Choose the route table.

  5. Choose the CoIP pools tab in the details pane, and then choose Create CoIP pool.

  6. (Optional) For Name, enter a name for your CoIP pool.

  7. Choose Add new CIDR and enter a range of customer-owned IP addresses.

  8. (Optional) Add or remove CIDR blocks

    [Add CIDR block] Choose Add new CIDR and enter a range of customer-owned IP addresses.

    [Remove CIDR block] Choose Remove to the right of a CIDR block.

  9. Choose Create CoIP pool.

Use the following procedure to edit a CoIP pool.

To edit a CoIP pool

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Choose the route table.

  5. Choose the CoIP pools tab in the details pane, and then choose a CoIP pool.

  6. Choose Actions, Edit CoIP pool.

  7. Choose Add new CIDR and enter a range of customer-owned IP addresses.

  8. (Optional) Add or remove CIDR blocks

    [Add CIDR block] Choose Add new CIDR and enter a range of customer-owned IP addresses.

    [Remove CIDR block] Choose Remove to the right of a CIDR block.

  9. Choose Save changes.

Use the following procedure to manage tags or add a name tag to a CoIP pool.

To manage tags on a CoIP pool

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Choose the route table.

  5. Choose the CoIP pools tab in the details pane, and then choose a CoIP pool.

  6. Choose Actions, Manage tags.

  7. Add or remove a tag.

    To add a tag, choose Add new tag and do the following:

    • For Key, enter the key name.

    • For Value, enter the key value.

    To remove a tag, choose Remove to the right of the tag’s key and value.

  8. Choose Save changes.

Use the following procedure to delete a CoIP pool.

To delete a CoIP pool

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Choose the route table.

  5. Choose the CoIP pools tab in the details pane, and then choose a CoIP pool.

  6. Choose Actions, Delete CoIP pool.

  7. In the confirmation dialog box, type delete and then choose Delete.

VIF group associations

VIF groups are logical groupings of virtual interfaces (VIFs). You can change the local gateway route table the VIF group is associated with. When you disassociate a VIF group from a local gateway route table, you delete all routes from the route table and interrupt network traffic.

To change the association of a VIF group

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Choose the route table.

  5. Choose the VIF group association tab in the details pane, and then choose Edit VIF group association.

  6. For VIF group settings, take one of the following actions:

    • To associate the VIF group with the local gateway route table, select Associate VIF group, and choose a VIF group.

    • To disassociate the VIF group from the local gateway route table, clear Associate VIF group.

      Important

      Disassociating a VIF group from the local gateway route table automatically deletes all routes and interrupts network traffic.

  7. Choose Save changes.

VPC associations

You must associate the VPCs with your local gateway route table. They are not associated by default.

Create a VPC association

Use the following procedure to associate a VPC with a local gateway route table.

You can optionally tag your association to help you identify it or categorize it according to your organization's needs.

AWS Outposts console
To associate a VPC

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Select the route table, and then choose Actions, Associate VPC.

  5. For VPC ID, select the VPC to associate with the local gateway route table.

  6. (Optional) Add or remove a tag.

    To add a tag, choose Add new tag and do the following:

    • For Key, enter the key name.

    • For Value, enter the key value.

    To remove a tag, choose Remove to the right of the tag’s key and value.

  7. Choose Associate VPC.

AWS CLI
To associate a VPC

Use the create-local-gateway-route-table-vpc-association command.

Example

aws ec2 create-local-gateway-route-table-vpc-association \
    --local-gateway-route-table-id lgw-rtb-059615ef7dEXAMPLE \
    --vpc-id vpc-07ef66ac71EXAMPLE

Output

{
    "LocalGatewayRouteTableVpcAssociation": {
        "LocalGatewayRouteTableVpcAssociationId": "lgw-vpc-assoc-0ee765bcc8EXAMPLE",
        "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE",
        "LocalGatewayId": "lgw-09b493aa7cEXAMPLE",
        "VpcId": "vpc-07ef66ac71EXAMPLE",
        "State": "associated"
    }
}

Delete a VPC association

Use the following procedure to disassociate a VPC from a local gateway route table.

AWS Outposts console
To disassociate a VPC

  1. Open the AWS Outposts console at https://console.aws.amazon.com/outposts/.

  2. To change the AWS Region, use the Region selector in the upper-right corner of the page.

  3. On the navigation pane, choose Local gateway route tables.

  4. Select the route table, and then choose Actions, View details.

  5. In VPC associations, select the VPC to dissociate, and then choose Disassociate.

  6. Choose Disassociate.

AWS CLI
To disassociate a VPC

Use the delete-local-gateway-route-table-vpc-association command.

Example

aws ec2 delete-local-gateway-route-table-vpc-association \
    --local-gateway-route-table-id lgw-rtb-059615ef7dEXAMPLE \
    --vpc-id vpc-07ef66ac71EXAMPLE

Output

{
    "LocalGatewayRouteTableVpcAssociation": {
        "LocalGatewayRouteTableVpcAssociationId": "lgw-vpc-assoc-0ee765bcc8EXAMPLE",
        "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE",
        "LocalGatewayId": "lgw-09b493aa7cEXAMPLE",
        "VpcId": "vpc-07ef66ac71EXAMPLE",
        "State": "associated"
    }
}