我的CFN模板遇到问题。我在参数中定义了一个CIDR块,并希望将其用作安全组资源中的CidrIp。
然而,当我运行我的堆栈时,我收到Value of property CidrIp must be of type String错误,堆栈正在回滚。
这是我最小的失败模板。我想使用VPCCidrBlock来定义CidrIp。
有趣的是,AWS样本模板LAMP_Multi_AZ完全相同。
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "A cloud VPC",
"Metadata": {
},
"Resources": {
"myvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {
"Ref": "VPCCidrBlock"
}
}
},
"SipserverSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Enable VPC access",
"VpcId": {
"Ref": "myvpc"
},
"SecurityGroupIngress": [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref": "VPCCidrBlock" } },
{ "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": { "Ref:": "VPCCidrBlock" } }
]
}
}
},
"Parameters": {
"VPCCidrBlock": {
"Description": "Main CIDR block for the whole VPC",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.13.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
}
}
答案 0 :(得分:1)
奇怪的问题。和你的例子一起玩了一下。
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "A cloud VPC",
"Metadata": {
},
"Resources": {
"myvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {
"Ref": "VPCCidrBlock"
}
}
},
"SipserverSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Enable VPC access",
"VpcId": {
"Ref": "myvpc"
},
"SecurityGroupIngress": [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": {"Ref": "VPCCidrBlock"}},
{ "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": {"Ref": "VPCCidrBlock"}}
]
}
}
},
"Parameters": {
"VPCCidrBlock": {
"Description": "Main CIDR block for the whole VPC",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.13.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
}
}
适合我。某些特殊字符/编码是否存在问题?
答案 1 :(得分:1)
我也遇到了类似的问题,我可以指出这个问题。我使用“ref”而不是“Ref”来引用参数。
答案 2 :(得分:0)
我有另一个YAML文件,出现了同样的问题“属性CidrIp的值必须为String类型。”事实证明,下面的双引号需要更改为单引号。
HTTPTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: !Sub "${Foo}-${Bar}-TargetGroup" # -> Error
Name: !Sub '${Foo}-${Bar}-TargetGroup' # -> Good
答案 3 :(得分:0)
在YAML配置的情况下,我们可以轻易忽略的一件事是数据类型定义。在我的Yaml cloudformation模板中,我犯了同样的错误。在ECS ElasticLoadBalancingV2资源配置中指定VpcId之前,我输入了破折号。这使得VpcId属性在实际上应为字符串时看起来像是值列表。反过来,我收到cloudformation错误,提示“ VpcId应该是字符串。”
定义不正确:(第5行开头的破折号)
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId:
- Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]
正确的定义:
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]