我有一个云形成模板,可以创建一个新的VPC。与子网一起,安全组IGW和具有关联的路由表。
一切正常!除了。我要求CF创建4个子网(A,B,C,D)。相反,它只创建3(A,B,C)。它不会产生任何错误。它只是创建了VPC以及除子网D之外的所有内容并且说“祝你有个美好的一天”。
这是我的CF模板。
---
AWSTemplateFormatVersion: 2010-09-09
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 172.16.64.0/16
EnableDnsSupport: true
EnableDnsHostnames: true
InstanceTenancy: default
Tags:
- Key: Name
Value: JF-Staging-VPC
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: JF-Staging-IGW
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
SubnetA:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: us-east-1a
VpcId: !Ref VPC
CidrBlock: 172.16.16.0/24
MapPublicIpOnLaunch: False
Tags:
- Key: Name
Value: JF-Staging-Web-Subnet-A
SubnetB:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: us-east-1b
VpcId: !Ref VPC
CidrBlock: 172.16.24.0/24
MapPublicIpOnLaunch: False
Tags:
- Key: Name
Value: JF-Staging-Web-Subnet-B
SubnetC:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: us-east-1c
VpcId: !Ref VPC
CidrBlock: 172.16.32.0/24
MapPublicIpOnLaunch: False
Tags:
- Key: Name
Value: JF-Staging-RDS-Subnet-C
SubnetD:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: us-east-1d
VpcId: !Ref VPC
CidrBlock: 172.16.40.0/24
MapPublicIpOnLaunch: False
Tags:
- Key: Name
Value: JF-Staging-RDS-Subnet-D
RouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: JF-Staging-Default-Route-Table
DHCPOpts:
Type: "AWS::EC2::DHCPOptions"
Properties:
DomainName: stg.jokefire.com
Tags:
- Key: Name
Value: JF-Staging-Default-DHCPOpts
InternetRoute:
Type: AWS::EC2::Route
DependsOn: InternetGateway
Properties:
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
RouteTableId: !Ref RouteTable
SubnetARouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref RouteTable
SubnetId: !Ref SubnetA
SubnetBRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref RouteTable
SubnetId: !Ref SubnetB
SecurityGroupSSH:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: "SSH Group"
GroupDescription: "SSH traffic in, all traffic out."
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: -1
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: SSH-Access
SecurityGroupWeb:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: "Web Group"
GroupDescription: "Web traffic in, all traffic out."
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '80'
ToPort: '80'
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: -1
CidrIp: 0.0.0.0/0
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '443'
ToPort: '443'
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: -1
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: Web-Server-Access
SecurityGroupDB:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: "DB Group"
GroupDescription: "DB traffic in from web group, out to web group."
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '3306'
ToPort: '3306'
SourceSecurityGroupId:
Ref: SecurityGroupWeb
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: '3306'
ToPort: '3306'
SourceSecurityGroupId:
Ref: SecurityGroupWeb
Tags:
- Key: Name
Value: DB-Server-Access
出了什么问题,如何更正?