[英]Cloudformation: VPC Routing table with No Route for Internet Gateway
我正在使用CloudFormation創建整個堆棧。 我注意到即使我有一個0.0.0.0/0的路由規則來訪問我的雲形成模板中的Internet網關,它也沒有被創建。
VPC:
"vpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "172.31.0.0/16",
"InstanceTenancy": "default",
"EnableDnsSupport": "true",
"EnableDnsHostnames": "true",
"Tags": [
{
"Key": "Environment",
"Value": {
"Ref": "Env"
}
}
]
}
路由表:
"rtb": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "vpc"
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "65297cdc-8bcd-482d-af40-b0fef849b8c2"
}
}
}
VPCGatewayAttachment:
"gw1": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "vpc"
},
"InternetGatewayId": {
"Ref": "ig"
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "aa69d6c0-3b11-43be-a8c1-7e79176f8c89"
}
}
}
路線:
"route1": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"RouteTableId": {
"Ref": "rtb"
},
"GatewayId": {
"Ref": "ig"
}
},
"DependsOn": "gw1",
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "a68dd12e-3c14-4fa9-ba36-e0046374a0e9"
}
}
}
互聯網網關:
"ig": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "9f9b4ce3-b994-43ff-9155-04aeb7ab2edf"
}
}
}
除了VPC的IG路由規則之外,正在創建所有項目。 cloudformation堆棧創建中沒有錯誤。
路由表:
Destination: 172.31.0.0/16
Target: local
預期的路由表:
Destination: 172.31.0.0/16
Target: local
Destination: 0.0.0.0/0
Target: igw-********
請注意,我可以在創建cloudformation堆棧后直接添加規則。
有什么我想念的嗎?
在聯系AWS支持后,結果發現每個VPC都會自動創建一個路由表,默認情況下會為其所有子網設置。 解決方案是使用SubnetRouteTableAssociation將我的新路由表與每個子網相關聯。
"subnet0RTA": {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"RouteTableId" : {"Ref" : "rtb"},
"SubnetId" : {"Ref" : "subnet0"}
}
},
"subnet1RTA": {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"RouteTableId" : {"Ref" : "rtb"},
"SubnetId" : {"Ref" : "subnet1"}
}
},
CloudFormation - Tansit 網關的路由表路由傳播
[英]CloudFormation - Route Table route Propagation for Tansit Gateway
AWS VPC - 添加到附加到 Internet 網關的公共路由表的私有子網
[英]AWS VPC - Private subnet added to the public route table attached to internet gateway
如果我不想訪問互聯網,是否需要 VPC 中的 NAT 網關和路由表?
[英]Do I need NAT gateway and route table in a VPC if I don't want internet access?
Cloudformation - 路由表與網關有沖突的關聯
[英]Cloudformation - Route table has a conflicting association with the gateway
AWS CloudFormation:如何在cloudformation模板中引用默認/主路由表(在創建VPC時創建)?
[英]AWS CloudFormation: how do I refer to the default/main route table (that is created when a VPC is created) in a cloudformation template?
AWS 和 CloudFormation:如何將虛擬私有網關附加到路由表?
[英]AWS and CloudFormation: How to attach a Virtual Private Gateway to a Routing Table?
在cloudformation中將對API Gateway端點的訪問限制為VPC
[英]Restrict acces to API Gateway endpoint to VPC in cloudformation
我們如何使用 AWS CloudFormation 中的 Get::Attr 獲取 VPC 的默認路由表 ID?
[英]How can we get a VPC's default route table ID using Get::Attr in AWS CloudFormation?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.