Cloudformation错误:路由表X和网络网关Y属于不同的网络

时间:2018-02-19 11:59:54

标签: amazon-web-services amazon-cloudformation

我有以下网络ELB网络资源配置,以便通过单个弹性IP路由出站流量。

我收到以下错误:

" AWS :: EC2 :: Route PublicRoute CREATE_FAILED:路由表rtb-zzzeb和网络网关igw-xxx属于不同的网络"

这在我的以下配置中是什么意思?我的资源标有" PublicRoute"?

是否存在问题 
Resources:
  VPC:
      Type: AWS::EC2::VPC
      Properties:
        CidrBlock: "10.0.0.0/24"
  Public1aSBN:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: "10.0.0.128/27"
      AvailabilityZone: "eu-west-2a"
  Public1cSBN:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: "10.0.0.160/27"
      AvailabilityZone: "eu-west-2c"
  Public1bSBN:
      Type: AWS::EC2::Subnet
      Properties:
        VpcId: !Ref VPC
        CidrBlock: "10.0.0.192/27"
        AvailabilityZone: "eu-west-2b"
  InternetGateway:
    Type: "AWS::EC2::InternetGateway"
  AttachGateway:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref VPC
      InternetGatewayId: !Ref InternetGateway
  EIPNatGateway:
    Type: AWS::EC2::EIP
    Properties:
      Domain: vpc
  NAT:
    DependsOn: EIPNatGateway
    Type: AWS::EC2::NatGateway
    Properties:
      AllocationId:
        Fn::GetAtt:
        - EIPNatGateway
        - AllocationId
      SubnetId: !Ref Public1aSBN
  RouteTablePublic:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
  Public1aSubnetRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref Public1aSBN
      RouteTableId: !Ref RouteTablePublic
  Public1cSubnetRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref Public1cSBN
      RouteTableId: !Ref RouteTablePublic
  Public1bSubnetRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref Public1bSBN
      RouteTableId: !Ref RouteTablePublic
  PublicRoute:
    Type: AWS::EC2::Route
    DependsOn: InternetGateway
    Properties:
      RouteTableId: !Ref RouteTablePublic
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway
  TargetSG:
    Type: AWS::EC2::SecurityGroup
    Properties:
      VpcId: !Ref VPC
  InboundRule:
    Type: AWS::EC2::SecurityGroupIngress
    DependsOn: TargetSG
    Properties:
      IpProtocol: -1
      FromPort: '0'
      ToPort: '65535'
      CidrIp: "0.0.0.0/0"
      GroupId:
        Fn::GetAtt:
          - TargetSG
          - GroupId

2 个答案:

答案 0 :(得分:2)

根据docs

  

VPC中的某些资源需要网关(Internet或VPN网关)。如果您的AWS CloudFormation模板定义了VPC,网关和网关附件,则任何需要网关的资源都依赖于网关附件。

这意味着您必须将AttachGateway添加到DependsOn资源的PublicRoute属性中:

PublicRoute:
  Type: AWS::EC2::Route
  DependsOn: 
    - InternetGateway
    - AttachGateway
  Properties:
    RouteTableId: !Ref RouteTablePublic
    DestinationCidrBlock: 0.0.0.0/0
    GatewayId: !Ref InternetGateway

这可以确保您的资源按照正确的顺序构建,这样您的路线就不会被创建,直到网关连接到vpc

答案 1 :(得分:0)

如果路由表和Internet网关位于不同的VPC中,则会出现此错误。

相关问题
最新问题