Cloudformation錯誤:路由表X和網關Y屬於不同的網絡
[英]Cloudformation error: route table X and network gateway Y belong to different networks
問題描述
我有以下網絡 ELB 網絡資源配置,以便通過單個彈性 ip 路由出站流量。
我收到以下錯誤:
“AWS::EC2::Route PublicRoute CREATE_FAILED:路由表 rtb-zzzeb 和網絡網關 igw-xxx 屬於不同的網絡”
在我的以下配置的上下文中,這究竟意味着什么? 我標記為“PublicRoute”的資源有問題嗎?
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: "10.0.0.0/24"
Public1aSBN:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: "10.0.0.128/27"
AvailabilityZone: "eu-west-2a"
Public1cSBN:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: "10.0.0.160/27"
AvailabilityZone: "eu-west-2c"
Public1bSBN:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: "10.0.0.192/27"
AvailabilityZone: "eu-west-2b"
InternetGateway:
Type: "AWS::EC2::InternetGateway"
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
EIPNatGateway:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
NAT:
DependsOn: EIPNatGateway
Type: AWS::EC2::NatGateway
Properties:
AllocationId:
Fn::GetAtt:
- EIPNatGateway
- AllocationId
SubnetId: !Ref Public1aSBN
RouteTablePublic:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Public1aSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref Public1aSBN
RouteTableId: !Ref RouteTablePublic
Public1cSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref Public1cSBN
RouteTableId: !Ref RouteTablePublic
Public1bSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref Public1bSBN
RouteTableId: !Ref RouteTablePublic
PublicRoute:
Type: AWS::EC2::Route
DependsOn: InternetGateway
Properties:
RouteTableId: !Ref RouteTablePublic
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
TargetSG:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref VPC
InboundRule:
Type: AWS::EC2::SecurityGroupIngress
DependsOn: TargetSG
Properties:
IpProtocol: -1
FromPort: '0'
ToPort: '65535'
CidrIp: "0.0.0.0/0"
GroupId:
Fn::GetAtt:
- TargetSG
- GroupId
2 個解決方案
解決方案1
13 2018-05-14 17:19:21
根據文檔,
VPC 中的某些資源需要網關(Internet 或 VPN 網關)。 如果您的 AWS CloudFormation 模板定義了 VPC、網關和網關附件,則需要網關的任何資源都依賴於網關附件。
這意味着您必須將您的AttachGateway添加到您的PublicRoute資源的DependsOn屬性:
PublicRoute:
Type: AWS::EC2::Route
DependsOn:
- InternetGateway
- AttachGateway
Properties:
RouteTableId: !Ref RouteTablePublic
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
這確保您的資源以正確的順序構建,因此在網關連接到 vpc 之前不會創建您的路由
解決方案2
1 2019-11-19 01:37:45
如果路由表和 Internet 網關在不同的 VPC 中,您將收到此錯誤。
CloudFormation - Tansit 網關的路由表路由傳播
[英]CloudFormation - Route Table route Propagation for Tansit Gateway
Cloudformation:沒有Internet路由的VPC路由表
[英]Cloudformation: VPC Routing table with No Route for Internet Gateway
Cloudformation - 路由表與網關有沖突的關聯
[英]Cloudformation - Route table has a conflicting association with the gateway
使用堡壘主機設置 Aurora 時,安全組和子網屬於不同的網絡錯誤
[英]Security group and subnet belong to different networks error when setting up Aurora with a Bastion Host
將 Route53 RecordSet 的 CloudFormation 更正為 API 網關
[英]Correct CloudFormation For Route53 RecordSet to API Gateway
AWS ENI(彈性網絡接口)和NAT網關在路由表配置中的區別
[英]Difference between AWS ENI (Elastic Network Interface) and NAT Gateway in Route Table Configuration
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
錯誤:路由表和網絡網關屬於不同的網絡
CloudFormation - Tansit 網關的路由表路由傳播
Cloudformation:沒有Internet路由的VPC路由表
Cloudformation - 路由表與網關有沖突的關聯
使用堡壘主機設置 Aurora 時,安全組和子網屬於不同的網絡錯誤
AWS CloudFormation:路由表未填充
網絡接口的 AWS CloudFormation 錯誤
將 Route53 RecordSet 的 CloudFormation 更正為 API 網關
AWS ENI(彈性網絡接口)和NAT網關在路由表配置中的區別
AWS Cloudformation 堆棧 - 路由表主
相關標簽