Cloud Formation拒绝创建子网

时间:2017-11-04 22:35:18

标签: amazon-cloudformation

我有一个云形成模板,可以创建一个新的VPC。与子网一起,安全组IGW和具有关联的路由表。

一切正常!除了。我要求CF创建4个子网(A,B,C,D)。相反,它只创建3(A,B,C)。它不会产生任何错误。它只是创建了VPC以及除子网D之外的所有内容并且说“祝你有个美好的一天”。

这是我的CF模板。

---
AWSTemplateFormatVersion: 2010-09-09
Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 172.16.64.0/16
      EnableDnsSupport: true
      EnableDnsHostnames: true
      InstanceTenancy: default
      Tags:
      - Key: Name
        Value: JF-Staging-VPC
  InternetGateway:
     Type: AWS::EC2::InternetGateway
     Properties:
       Tags:
       - Key: Name
         Value: JF-Staging-IGW
  VPCGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref VPC
      InternetGatewayId: !Ref InternetGateway
  SubnetA:
     Type: AWS::EC2::Subnet
     Properties:
       AvailabilityZone: us-east-1a
       VpcId: !Ref VPC
       CidrBlock: 172.16.16.0/24
       MapPublicIpOnLaunch: False
       Tags:
       - Key: Name
         Value: JF-Staging-Web-Subnet-A
  SubnetB:
      Type: AWS::EC2::Subnet
      Properties:
        AvailabilityZone: us-east-1b
        VpcId: !Ref VPC
        CidrBlock: 172.16.24.0/24
        MapPublicIpOnLaunch: False
        Tags:
        - Key: Name
          Value: JF-Staging-Web-Subnet-B
  SubnetC:
      Type: AWS::EC2::Subnet
      Properties:
        AvailabilityZone: us-east-1c
        VpcId: !Ref VPC
        CidrBlock: 172.16.32.0/24
        MapPublicIpOnLaunch: False
        Tags:
        - Key: Name
          Value: JF-Staging-RDS-Subnet-C
  SubnetD:
      Type: AWS::EC2::Subnet
      Properties:
        AvailabilityZone: us-east-1d
        VpcId: !Ref VPC
        CidrBlock: 172.16.40.0/24
        MapPublicIpOnLaunch: False
        Tags:
        - Key: Name
          Value: JF-Staging-RDS-Subnet-D

  RouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
      - Key: Name
        Value: JF-Staging-Default-Route-Table
  DHCPOpts:
    Type: "AWS::EC2::DHCPOptions"
    Properties:
      DomainName: stg.jokefire.com
      Tags:
      - Key: Name
        Value: JF-Staging-Default-DHCPOpts
  InternetRoute:
    Type: AWS::EC2::Route
    DependsOn: InternetGateway
    Properties:
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway
      RouteTableId: !Ref RouteTable
  SubnetARouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref RouteTable
      SubnetId: !Ref SubnetA
  SubnetBRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref RouteTable
      SubnetId: !Ref SubnetB
  SecurityGroupSSH:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: "SSH Group"
      GroupDescription: "SSH traffic in, all traffic out."
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: '22'
          ToPort: '22'
          CidrIp: 0.0.0.0/0
      SecurityGroupEgress:
        - IpProtocol: -1
          CidrIp: 0.0.0.0/0
      Tags:
      - Key: Name
        Value: SSH-Access
  SecurityGroupWeb:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: "Web Group"
      GroupDescription: "Web traffic in, all traffic out."
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: '80'
          ToPort: '80'
          CidrIp: 0.0.0.0/0
      SecurityGroupEgress:
        - IpProtocol: -1
          CidrIp: 0.0.0.0/0
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: '443'
          ToPort: '443'
          CidrIp: 0.0.0.0/0
      SecurityGroupEgress:
        - IpProtocol: -1
          CidrIp: 0.0.0.0/0
      Tags:
      - Key: Name
        Value: Web-Server-Access
  SecurityGroupDB:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: "DB Group"
      GroupDescription: "DB traffic in from web group, out to web group."
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: '3306'
          ToPort: '3306'
          SourceSecurityGroupId:
            Ref: SecurityGroupWeb
      SecurityGroupEgress:
        - IpProtocol: tcp
          FromPort: '3306'
          ToPort: '3306'
          SourceSecurityGroupId:
            Ref: SecurityGroupWeb
      Tags:
      - Key: Name
        Value: DB-Server-Access

出了什么问题,如何更正?

0 个答案:

没有答案