AWS：CIDR '10.30.1.0/24' 與另一個子網沖突

Question

我只是在學習 AWS，超級新，所以請耐心等待。 我已經嘗試弄亂代碼一段時間了，但我不知道。 嘗試編寫一個簡單的 VPC Cloudformation 模板。

我不斷收到錯誤“CIDR '10.30.1.0/24' 與另一個子網沖突（服務：AmazonEC2；狀態代碼：400；錯誤代碼：InvalidSubnet.Conflict；請求 ID：ea17de71-6dc2-46d2-bda4-dda6ff9e0980；代理：空值）”

這是我的代碼：

Parameters:
  Environment:
    Description: Environment Name
    Type: String
  VpcName:
    Type: String
  VpcCIDR:
    Description: VPC CIDR
    Type: String
    Default: 10.30.0.0/16
  NumberOfSubnets:
    Description: Number of Subnets to be created
    Type: String
    Default: 4
  SubnetOffset:
    Description: Offest of Subnet from CIDR
    Type: String
    Default: 8

Outputs:
  VPC:
    Description: VPC
    Value: !Ref VPC
  VpcCIDR:
      Description: VPC CIDR
      Value: !Ref VpcCIDR
  PublicSubnets:
      Description: Public Subnets
      Value: !Join [ ",", [!Ref PublicSubnet1, !Ref PublicSubnet2]]
  PrivateSubnets:
      Description: Private Subenets
      Value: !Join [ ",", [!Ref PublicSubnet1, !Ref PublicSubnet2]]
  PublicSubnet1:
      Description: Public Subnet AZ1
      Value: !Ref PublicSubnet1
  PublicSubnet2:
      Description: Public Subnet AZ2
      Value: !Ref PublicSubnet2
  PrivateSubnet1:
      Description: Private Subnet AZ1
      Value: !Ref PrivateSubnet1
  PrivateSubnet2:
      Description: Private Subnet AZ2
      Value: !Ref PrivateSubnet2
  PublicRouteTable:
      Description: Public Route Table
      Value: !Ref PublicRouteTable
  PrivateRouteTable:
      Description: Private Route Table
      Value: !Ref PrivateRouteTable

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: !Ref VpcCIDR
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: Name
          Value: !Sub ${VpcName}-${Environment}

  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: Name
          Value: !Sub ${VpcName}-${Environment}

  InternetGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      InternetGatewayId: !Ref InternetGateway
      VpcId: !Ref VPC

  PublicSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 0, !GetAZs '' ]
      CidrBlock: !Select [0, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub ${VpcName}-${Environment}-public-1

  PublicSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 1, !GetAZs  '' ]
      CidrBlock: !Select [1, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub ${VpcName}-${Environment}-public-2

  PrivateSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 0, !GetAZs  '' ]
      CidrBlock: !Select [2, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
      MapPublicIpOnLaunch: false
      Tags:
        - Key: Name
          Value: !Sub ${VpcName}-${Environment}-private-1

  PrivateSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 1, !GetAZs  '' ]
      CidrBlock: !Select [1, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
      MapPublicIpOnLaunch: false
      Tags:
        - Key: Name
          Value: !Sub ${VpcName}-${Environment}-private-2
  NatGateway1EIP:
    Type: AWS::EC2::EIP
    DependsOn: InternetGatewayAttachment
    Properties:
      Domain: vpc

  NatGateway2EIP:
    Type: AWS::EC2::EIP
    DependsOn: InternetGatewayAttachment
    Properties:
      Domain: vpc

  NatGateway1:
    Type: AWS::EC2::NatGateway
    Properties:
      AllocationId: !GetAtt NatGateway1EIP.AllocationId
      SubnetId: !Ref PublicSubnet1

  NatGateway2:
    Type: AWS::EC2::NatGateway
    Properties:
      AllocationId: !GetAtt NatGateway2EIP.AllocationId
      SubnetId: !Ref PublicSubnet2

  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: !Sub ${Environment} Public Routes

  DefaultPublicRoute:
    Type: AWS::EC2::Route
    DependsOn: InternetGatewayAttachment
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway

  PublicSubnet1RouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref PublicRouteTable
      SubnetId: !Ref PublicSubnet1

  PublicSubnet2RouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref PublicRouteTable
      SubnetId: !Ref PublicSubnet2

  PrivateRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: !Sub ${Environment} Private Routes (AZ1)

  DefaultPrivateRoute1:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref PrivateRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId: !Ref NatGateway1

  PrivateSubnet1RouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref PrivateRouteTable
      SubnetId: !Ref PrivateSubnet1

Answer 1

是的。 那是因為您的 PublicSubnet2 和 PrivateSubnet2 獲得了相同的子網 CIDR 值。

如果您查看模板，您會發現兩個子網的值相同，即!Select [1, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]] 。

Answer 2

PrivateSubnet2應該是：

  PrivateSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 1, !GetAZs  '' ]
      CidrBlock: !Select [3, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
      MapPublicIpOnLaunch: false
      Tags:
        - Key: Name
          Value: !Sub ${VpcName}-${Environment}-private-2

最初， CidrBlock是來自PublicSubnet2 。