Posted On: Aug 31, 2021
You can now configure routes in your subnet route tables to forward traffic between two subnets in a VPC, via virtual appliances such as network firewalls, intrusion detection and protection systems, etc.
Today, customers deploy a virtual appliance between two instances by modifying the default gateway of the instances to point to the appliance. With this enhancement, you no longer have to modify the instance’s default gateway. You can launch these instances in separate subnets and configure routes in subnet route tables that forward traffic destined for the other subnet through an appliance or a chain of appliances. You can configure your own appliance on an EC2 instance or choose a third-party virtual network appliance from the AWS Marketplace or use AWS Network Firewall. You can also use AWS Gateway Load Balancer to deploy these virtual appliances to improve scalability and availability. With this enhancement, you can also redirect traffic entering and leaving your VPC from Transit Gateway through these virtual appliances.
This enhancement is available in all AWS commercial and AWS GovCloud (US) Regions at no additional charge. For more information on this enhancement, please read about subnet route tables in our documentation and the blog post.