AWS 和 CloudFormation:如何将虚拟私有网关附加到路由表?
[英]AWS and CloudFormation: How to attach a Virtual Private Gateway to a Routing Table?
问题描述
I'm trying to attach a Virtual Private Gateway to a Routing Table with CloudFormation
我正在尝试使用 CloudFormation 将虚拟专用网关附加到路由表
The following is the Route table JSON I have...以下是路由表 JSON 我有...
"PrivateRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [{
"Key": "Name",
"Value": "Private_RouteTable-AZ-A"
}]
}
},
"DefaultPrivateRoute": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "PrivateRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "NatGateway"
}
}
},
"PrivateSubnetRouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "PrivateRouteTable"
},
"SubnetId": {
"Ref": "PrivateSN"
}
}
}
And this is the Virtual Private Gateway JSON I have..这是我拥有的虚拟专用网关 JSON..
"VirtualPrivateGateway": {
"Type": "AWS::EC2::VPNGateway",
"Properties": {
"Type": "ipsec.1",
"Tags": [{
"Key": "Name",
"Value": "Virtual Private Gateway"
}]
}
},
"AttachmentVPNGateway": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"VpnGatewayId": {
"Ref": "VirtualPrivateGateway"
}
}
},
"VPNConnection": {
"Type": "AWS::EC2::VPNConnection",
"Properties": {
"Type": "ipsec.1",
"CustomerGatewayId": {
"Ref": "CustomerGateway"
},
"StaticRoutesOnly": true,
"Tags": [{
"Key": "Name",
"Value": "VPN_Connection"
}],
"VpnGatewayId": {
"Ref": "VirtualPrivateGateway"
}
}
}
There's more as well that creates the VPC, Subnet, etc, but I've left it out for simplicity sake.还有更多可以创建 VPC、子网等,但为了简单起见,我将其省略了。 The error happens if I try attach the VPG to the Route table with the following JSON...如果我尝试使用以下 JSON 将 VPG 附加到路由表,则会发生错误...
"VPGPrivateRoute": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "PrivateRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VirtualPrivateGateway"
}
}
}
The error I receive from CloudFormation...我从 CloudFormation 收到的错误...
The gateway ID 'vgw-xxxxxxxxxxx' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidGatewayID.NotFound; Request ID: e29700b2-2d76-4e19-9d13-b6f84e22b01c)
The documentation does say that I should be use "GatewayId" to associate a VPG to a route table.文档确实说我应该使用“GatewayId”将 VPG 关联到路由表。
1 个解决方案
解决方案1
1 已采纳 2020-05-29 11:04:25
I think there should be DependsOn on the route table:我认为路由表上应该有DependsOn :
A VPN gateway route propagation depends on a VPC-gateway attachment when you have a VPN gateway.
Maybe the following will help:也许以下内容会有所帮助:
"VPGPrivateRoute": {
"Type": "AWS::EC2::Route",
"DependsOn" : "AttachmentVPNGateway",
"Properties": {
"RouteTableId": {
"Ref": "PrivateRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VirtualPrivateGateway"
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.