Create a static route for a VPC, VPN, or transit gateway peering attachment, or you can create a blackhole route that drops traffic that matches the route.
Static routes in a transit gateway route table that target a VPN attachment are not filtered by the Site-to-Site VPN. This might allow unintended outbound traffic flow when using a BGP-based VPN.
To create a static route using the console
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
On the navigation pane, choose Transit Gateway Route Tables.
-
Select the route table for which to create a route.
-
Choose Actions, Create static route.
-
On the Create static route page, enter the CIDR block for which to create the route, and then choose Active.
-
Choose the attachment for the route.
-
Choose Create static route.
To create a blackhole route using the console
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
On the navigation pane, choose Transit Gateway Route Tables.
-
Select the route table for which to create a route.
-
Choose Actions, Create static route.
-
On the Create static route page, enter the CIDR block for which to create the route, and then choose Blackhole.
-
Choose Create static route.
To create a static route or blackhole route using the AWS CLI
Use the create-transit-gateway-route
