[英]VPC endpoint in Cloudformation - Endpoint type (Gateway) does not match available service types ([Interface])
我正在嘗試在 Cloudformation 中為 API 網關創建 VPC 端點,但出現此錯誤:
Endpoint type (Gateway) does not match available service types ([Interface]).
下面的模板放置在資源部分中:
executeApiEndpoint:
Type: AWS::EC2::VPCEndpoint
Properties:
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal: "*"
Action:
- "execute-api:Invoke"
- "execute-api:ManageConnections"
Resource:
- "arn:aws:execute-api:*:*:*"
RouteTableIds:
- !Ref privateRouteTable
ServiceName: !Sub com.amazonaws.${AWS::Region}.execute-api
VpcId: !Ref pubPrivateVPC
這個也不起作用:
executeApiEndpoint:
Type: AWS::EC2::VPCEndpoint
Properties:
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal: "*"
Action:
- "execute-api:*"
Resource:
- "*"
RouteTableIds:
- !Ref privateRouteTable
ServiceName: !Sub com.amazonaws.${AWS::Region}.execute-api
VpcId: !Ref pubPrivateVPC
但是,這個塊(來自模板)能夠在沒有任何錯誤的情況下執行:
s3Endpoint:
Type: AWS::EC2::VPCEndpoint
Properties:
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal: "*"
Action:
- "s3:*"
Resource:
- "*"
RouteTableIds:
- !Ref privateRouteTable
ServiceName: !Sub com.amazonaws.${AWS::Region}.s3
VpcId: !Ref pubPrivateVPC
這里出了什么問題?
您還必須將AWS::EC2::VPCEndpoint資源上的VpcEndpointType 屬性指定為Interface以使接口類型的 VPC 終端節點正常工作。 默認值為“網關”,僅適用於 S3 和 DynamoDB VPC 終端節點。
您的解決方案使用 S3 作為端點的原因是因為VpcEndpointType屬性具有“網關”作為默認值(適用於 S3)。
在cloudformation中將對API Gateway端點的訪問限制為VPC
[英]Restrict acces to API Gateway endpoint to VPC in cloudformation
AWS CDK:使用 VPC 接口端點創建 API 網關時出現異常
[英]AWS CDK : Exception while creating API Gateway with VPC Interface Endpoint
在Terraform中創建接口類型VPC端點時出錯(AWS提供程序)
[英]Error while creating interface type vpc endpoint in terraform (aws provider)
CloudFormation:在運行 lambda 的 VPC 中創建 VPC Endpoint
[英]CloudFormation : Create VPC Endpoint in the VPC in which a lambda is running
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.