如何通过 Cloudformation 将弹性 IP 附加到 Nat 网关

How to Attach Elastic IP to NatGateway via Cloud Formation

我正在尝试学习 Aws cloud Formation,我正在尝试创建如图所示的 VPC。它包含三个 public 子网、私有子网、natg​​ateway 和带有 public 的 Internetgateway 和私有路由 table.I 我试图通过云形成来实现它,但得到弹性 IP 的异常。 我已经创建了模板,但是当我尝试在云形成时创建堆栈时出现错误

"The elastic-ip ID 'xx.xxx.xx.xxx' is malformed (Service: AmazonEC2; Status Code: 400; Error Code: InvalidElasticIpID.Malformed; Request ID: 2e3a9f8c-5a7e-482e-869c-8a0e46a08f27; Proxy: null)"

。我正在尝试将 Elastic IP 附加到 NatGateway 并出现上述错误。请指导我该怎么做。


  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "ExampleEc2Instance": {
      "Type": "AWS::EC2::Instance",
      "Properties": {
        "InstanceType": "t2.micro",
        "ImageId" : "ami-047a51fa27710816e",
        "AvailabilityZone" : "us-east-1a",
        "SecurityGroupIds" : [{
        "SubnetId" : {
    },"ExampleEc2InstancePrivate": {
      "Type": "AWS::EC2::Instance",
      "Properties": {
        "InstanceType": "t2.micro",
        "ImageId" : "ami-047a51fa27710816e",
        "AvailabilityZone" : "us-east-1a",
        "SecurityGroupIds" : [{
        "SubnetId" : {
      "Type" : "AWS::EC2::Subnet",
       "AvailabilityZone" : "us-east-1a",
       "CidrBlock" : "",
       "Tags" : [{"Key" : "public2A", "Value" : "public2A"}],
       "VpcId" : {
      "Type" : "AWS::EC2::Subnet",
       "AvailabilityZone" : "us-east-1a",
       "CidrBlock" : "",
       "Tags" : [{"Key" : "public2B", "Value" : "public2B"}],
       "VpcId" : {
      "Type" : "AWS::EC2::Subnet",
       "AvailabilityZone" : "us-east-1a",
       "CidrBlock" : "",
       "Tags" : [{"Key" : "public2C", "Value" : "public2C"}],
       "VpcId" : {
      "Type" : "AWS::EC2::Subnet",
       "AvailabilityZone" : "us-east-1a",
       "CidrBlock" : "",
       "Tags" : [{"Key" : "private2A", "Value" : "private2A"}],
       "VpcId" : {
      "Type" : "AWS::EC2::Subnet",
       "AvailabilityZone" : "us-east-1a",
       "CidrBlock" : "",
       "Tags" : [{"Key" : "private2B", "Value" : "private2B"}],
       "VpcId" : {
      "Type" : "AWS::EC2::Subnet",
       "AvailabilityZone" : "us-east-1a",
       "CidrBlock" : "",
       "Tags" : [{"Key" : "private2C", "Value" : "private2C"}],
       "VpcId" : {
      "Type" : "AWS::EC2::RouteTable",
      "Properties" : {
          "Tags" : [{"Key" : "privateRT", "Value" : "privateRT"}],
          "VpcId" : {
      "Type" : "AWS::EC2::RouteTable",
      "Properties" : {
          "Tags" : [{"Key" : "publicRT", "Value" : "publicRT"}],
          "VpcId" : {
    "public2ARouteTableAssociation" : {
       "Type" : "AWS::EC2::SubnetRouteTableAssociation",
       "Properties" : {
          "SubnetId" : { "Ref" : "public2A" },
          "RouteTableId" : { "Ref" : "publicRT" }
    "public2BRouteTableAssociation" : {
       "Type" : "AWS::EC2::SubnetRouteTableAssociation",
       "Properties" : {
          "SubnetId" : { "Ref" : "public2B" },
          "RouteTableId" : { "Ref" : "publicRT" }
    "public2CRouteTableAssociation" : {
       "Type" : "AWS::EC2::SubnetRouteTableAssociation",
       "Properties" : {
          "SubnetId" : { "Ref" : "public2C" },
          "RouteTableId" : { "Ref" : "publicRT" }
    "private2ARouteTableAssociation" : {
       "Type" : "AWS::EC2::SubnetRouteTableAssociation",
       "Properties" : {
          "SubnetId" : { "Ref" : "private2A" },
          "RouteTableId" : { "Ref" : "privateRT" }
    "private2BRouteTableAssociation" : {
       "Type" : "AWS::EC2::SubnetRouteTableAssociation",
       "Properties" : {
          "SubnetId" : { "Ref" : "private2B" },
          "RouteTableId" : { "Ref" : "privateRT" }
    "private2CRouteTableAssociation" : {
       "Type" : "AWS::EC2::SubnetRouteTableAssociation",
       "Properties" : {
          "SubnetId" : { "Ref" : "private2C" },
          "RouteTableId" : { "Ref" : "privateRT" }
        "Type" : "AWS::EC2::InternetGateway",
        "Properties" : {
            "Tags" : [{"Key" : "myVpcInternetGateWay", "Value" : "myVpcInternetGateWay"}]
        "Type" : "AWS::EC2::Route",
            "Properties" : {
              "DestinationCidrBlock" : "",
              "GatewayId" : {"Ref":"myVpcInternetGateWay"},
              "RouteTableId" : {"Ref":"publicRT"}
        "Type" : "AWS::EC2::VPCGatewayAttachment",
        "Properties" : {
            "InternetGatewayId" : {"Ref":"myVpcInternetGateWay"},
            "VpcId" : {"Ref":"ExampleVpcId"}
        "Type" : "AWS::EC2::NatGateway",
        "Properties" : {
             "AllocationId" : {"Ref":"myElasticIP"},
             "SubnetId" :{"Ref":"public2A"},
             "Tags" : [{"Key" : "myNatGateWay", "Value" : "myNatGateWay"}]
        "Type" : "AWS::EC2::Route",
            "Properties" : {
              "DestinationCidrBlock" : "",
              "GatewayId" : {"Ref":"myNatGateWay"},
              "RouteTableId" : {"Ref":"privateRT"}
        "Type" : "AWS::EC2::EIP",
        "Properties" : {
              "Domain" : "VPC",
              "Tags" : [{"Key" : "myElasticIP", "Value" : "myElasticIP"}]
       "Properties" : {
          "GroupDescription" : "Allow http to client host",
          "GroupName" : "templateSecuritygrp",
          "Tags" : [ {"Key" : "securityGroup", "Value" : "cloudformationSecurityGroup"} ],
          "VpcId" :  {
    "ExampleSecurityGroupEgress" : {
    "ExampleSecurityGroupIngress" :{
       "Properties" : {
          "CidrBlock" : "",
          "EnableDnsSupport" : "false",
          "EnableDnsHostnames" : "false",
          "InstanceTenancy" : "default",
          "Tags" : [ {"Key" : "tmpltVPC", "Value" : "firstVpc"}]


在你的 myNatGateWay 中你应该使用 GetAtt 得到 AllocationId:

        "Type" : "AWS::EC2::NatGateway",
        "Properties" : {
             "AllocationId" : { "Fn::GetAtt" : ["myElasticIP", "AllocationId"]},
             "SubnetId" :{"Ref":"public2A"},
             "Tags" : [{"Key" : "myNatGateWay", "Value" : "myNatGateWay"}]


        "Type" : "AWS::EC2::EIP",
        "DependsOn":["myVpcInternetGateWayAttachement"] ,
        "Properties" : {
              "Domain" : "VPC",
              "Tags" : [{"Key" : "myElasticIP", "Value" : "myElasticIP"}]


        "Type" : "AWS::EC2::Route",
            "Properties" : {
              "DestinationCidrBlock" : "",
              "NatGatewayId" : {"Ref":"myNatGateWay"},
              "RouteTableId" : {"Ref":"privateRT"}