I was hoping to use this filter in combination with "Name=vpc-id,Values=$VPC_ID" to get all route table while discarding the VPC's main route table, but this also filters out route tables with "Associations": [], where it should not.
Here is a example to illustrate the problem
$ aws ec2 describe-route-tables --filters "Name=vpc-id,Values=$VPC_ID"
{
"RouteTables": [
{
"RouteTableId": "rtb-186a857c",
"PropagatingVgws": [],
"Tags": [
{
"Value": "dev-vpc-default-gw-routing-table",
"Key": "Name"
}
],
"Associations": [],
"Routes": [
{
"State": "active",
"DestinationCidrBlock": "10.0.0.0/16",
"GatewayId": "local",
"Origin": "CreateRouteTable"
},
{
"State": "blackhole",
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": "igw-35fa8b50",
"Origin": "CreateRoute"
}
],
"VpcId": "vpc-09be846c"
},
{
"RouteTableId": "rtb-096a856d",
"PropagatingVgws": [],
"Tags": [],
"Associations": [
{
"RouteTableId": "rtb-096a856d",
"RouteTableAssociationId": "rtbassoc-6469c600",
"Main": true
}
],
"Routes": [
{
"State": "active",
"DestinationCidrBlock": "10.0.0.0/16",
"GatewayId": "local",
"Origin": "CreateRouteTable"
}
],
"VpcId": "vpc-09be846c"
}
]
}
$ aws ec2 describe-route-tables --filters "Name=vpc-id,Values=$VPC_ID" "Name=association.main,Values=false"
{
"RouteTables": []
}
Looks like we're sending the request properly to EC2. Given this is a server side filter, this is a change that would need to be made on EC2's end.
The best solution you have now is to use the --filters
server side filter along with --query
, a client side filter to accomplish what you want:
aws ec2 describe-route-tables --filters "Name=vpc-id,Values=$VPC_ID" --query 'RouteTables[?Associations[0].Main != `true`]'
Does that work for you?
Thanks I wasn't looking for a workaround, I just meant to signal that the observed behavior is not what could be expected. I'll see to file a bug report in AWS forum (PS : do they have a better tool ? or is it still forum)
Ah ok, thanks for the feedback. The AWS forums are the best place to give feedback to service teams.
Sounds like there's nothing actionable right now from the CLI side. I'm going to go ahead and close out this issue. Let me know if I've missed something.