如何通过 Cloudformation 将弹性 IP 附加到 Nat 网关
How to Attach Elastic IP to NatGateway via Cloud Formation
我正在尝试学习 Aws cloud Formation,我正在尝试创建如图所示的 VPC。它包含三个 public 子网、私有子网、natgateway 和带有 public 的 Internetgateway 和私有路由 table.I 我试图通过云形成来实现它,但得到弹性 IP 的异常。
我已经创建了模板,但是当我尝试在云形成时创建堆栈时出现错误
"The elastic-ip ID 'xx.xxx.xx.xxx' is malformed (Service: AmazonEC2; Status Code: 400; Error Code: InvalidElasticIpID.Malformed; Request ID: 2e3a9f8c-5a7e-482e-869c-8a0e46a08f27; Proxy: null)"
。我正在尝试将 Elastic IP 附加到 NatGateway 并出现上述错误。请指导我该怎么做。
{
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"ExampleEc2Instance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"InstanceType": "t2.micro",
"ImageId" : "ami-047a51fa27710816e",
"AvailabilityZone" : "us-east-1a",
"SecurityGroupIds" : [{
"Ref":"ExampleSecurityGroup"
}],
"SubnetId" : {
"Ref":"public2A"
}
}
},"ExampleEc2InstancePrivate": {
"Type": "AWS::EC2::Instance",
"Properties": {
"InstanceType": "t2.micro",
"ImageId" : "ami-047a51fa27710816e",
"AvailabilityZone" : "us-east-1a",
"SecurityGroupIds" : [{
"Ref":"ExampleSecurityGroup"
}],
"SubnetId" : {
"Ref":"private2A"
}
}
},
"public2A":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.2.0/24",
"Tags" : [{"Key" : "public2A", "Value" : "public2A"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},"public2B":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.3.0/24",
"Tags" : [{"Key" : "public2B", "Value" : "public2B"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"public2C":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.1.0/24",
"Tags" : [{"Key" : "public2C", "Value" : "public2C"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},"private2A":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.5.0/24",
"Tags" : [{"Key" : "private2A", "Value" : "private2A"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},"private2B":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.6.0/24",
"Tags" : [{"Key" : "private2B", "Value" : "private2B"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"private2C":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.7.0/24",
"Tags" : [{"Key" : "private2C", "Value" : "private2C"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"privateRT":{
"Type" : "AWS::EC2::RouteTable",
"Properties" : {
"Tags" : [{"Key" : "privateRT", "Value" : "privateRT"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"publicRT":{
"Type" : "AWS::EC2::RouteTable",
"Properties" : {
"Tags" : [{"Key" : "publicRT", "Value" : "publicRT"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"public2ARouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "public2A" },
"RouteTableId" : { "Ref" : "publicRT" }
}
},
"public2BRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "public2B" },
"RouteTableId" : { "Ref" : "publicRT" }
}
},
"public2CRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "public2C" },
"RouteTableId" : { "Ref" : "publicRT" }
}
},
"private2ARouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "private2A" },
"RouteTableId" : { "Ref" : "privateRT" }
}
},
"private2BRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "private2B" },
"RouteTableId" : { "Ref" : "privateRT" }
}
},
"private2CRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "private2C" },
"RouteTableId" : { "Ref" : "privateRT" }
}
},
"myVpcInternetGateWay":{
"Type" : "AWS::EC2::InternetGateway",
"Properties" : {
"Tags" : [{"Key" : "myVpcInternetGateWay", "Value" : "myVpcInternetGateWay"}]
}
},
"myVpcInternetGateWayRoute":{
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock" : "0.0.0.0/0",
"GatewayId" : {"Ref":"myVpcInternetGateWay"},
"RouteTableId" : {"Ref":"publicRT"}
}
},
"myVpcInternetGateWayAttachement":{
"Type" : "AWS::EC2::VPCGatewayAttachment",
"Properties" : {
"InternetGatewayId" : {"Ref":"myVpcInternetGateWay"},
"VpcId" : {"Ref":"ExampleVpcId"}
}
},
"myNatGateWay":{
"Type" : "AWS::EC2::NatGateway",
"Properties" : {
"AllocationId" : {"Ref":"myElasticIP"},
"SubnetId" :{"Ref":"public2A"},
"Tags" : [{"Key" : "myNatGateWay", "Value" : "myNatGateWay"}]
}
},"myVpcNatGatWayRoute":{
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock" : "0.0.0.0/0",
"GatewayId" : {"Ref":"myNatGateWay"},
"RouteTableId" : {"Ref":"privateRT"}
}
},
"myElasticIP":{
"Type" : "AWS::EC2::EIP",
"Properties" : {
"Domain" : "VPC",
"Tags" : [{"Key" : "myElasticIP", "Value" : "myElasticIP"}]
}
},
"ExampleSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Allow http to client host",
"GroupName" : "templateSecuritygrp",
"Tags" : [ {"Key" : "securityGroup", "Value" : "cloudformationSecurityGroup"} ],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"ExampleSecurityGroupEgress" : {
"Type":"AWS::EC2::SecurityGroupEgress",
"Properties":{
"IpProtocol":"-1",
"FromPort":"-1",
"ToPort":"-1",
"DestinationSecurityGroupId":{
"Ref":"ExampleSecurityGroup"
},
"GroupId":{
"Ref":"ExampleSecurityGroup"
}
}
},
"ExampleSecurityGroupIngress" :{
"Type":"AWS::EC2::SecurityGroupIngress",
"Properties":{
"IpProtocol":"-1",
"FromPort":"-1",
"ToPort":"-1",
"SourceSecurityGroupId":{
"Ref":"ExampleSecurityGroup"
},
"GroupId":{
"Ref":"ExampleSecurityGroup"
}
}
},
"ExampleVpcId":{
"Type":"AWS::EC2::VPC",
"Properties" : {
"CidrBlock" : "10.0.0.0/16",
"EnableDnsSupport" : "false",
"EnableDnsHostnames" : "false",
"InstanceTenancy" : "default",
"Tags" : [ {"Key" : "tmpltVPC", "Value" : "firstVpc"}]
}
}
}
}
}
在你的 myNatGateWay
中你应该使用 GetAtt
得到 AllocationId
:
"myNatGateWay":{
"Type" : "AWS::EC2::NatGateway",
"Properties" : {
"AllocationId" : { "Fn::GetAtt" : ["myElasticIP", "AllocationId"]},
"SubnetId" :{"Ref":"public2A"},
"Tags" : [{"Key" : "myNatGateWay", "Value" : "myNatGateWay"}]
}
}
另外EIP中还需要DependsOn:
"myElasticIP":{
"Type" : "AWS::EC2::EIP",
"DependsOn":["myVpcInternetGateWayAttachement"] ,
"Properties" : {
"Domain" : "VPC",
"Tags" : [{"Key" : "myElasticIP", "Value" : "myElasticIP"}]
}
}
最后myVpcNatGatWayRoute
应该是:
"myVpcNatGatWayRoute":{
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock" : "0.0.0.0/0",
"NatGatewayId" : {"Ref":"myNatGateWay"},
"RouteTableId" : {"Ref":"privateRT"}
}
}
我正在尝试学习 Aws cloud Formation,我正在尝试创建如图所示的 VPC。它包含三个 public 子网、私有子网、natgateway 和带有 public 的 Internetgateway 和私有路由 table.I 我试图通过云形成来实现它,但得到弹性 IP 的异常。
"The elastic-ip ID 'xx.xxx.xx.xxx' is malformed (Service: AmazonEC2; Status Code: 400; Error Code: InvalidElasticIpID.Malformed; Request ID: 2e3a9f8c-5a7e-482e-869c-8a0e46a08f27; Proxy: null)"
。我正在尝试将 Elastic IP 附加到 NatGateway 并出现上述错误。请指导我该怎么做。
{
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"ExampleEc2Instance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"InstanceType": "t2.micro",
"ImageId" : "ami-047a51fa27710816e",
"AvailabilityZone" : "us-east-1a",
"SecurityGroupIds" : [{
"Ref":"ExampleSecurityGroup"
}],
"SubnetId" : {
"Ref":"public2A"
}
}
},"ExampleEc2InstancePrivate": {
"Type": "AWS::EC2::Instance",
"Properties": {
"InstanceType": "t2.micro",
"ImageId" : "ami-047a51fa27710816e",
"AvailabilityZone" : "us-east-1a",
"SecurityGroupIds" : [{
"Ref":"ExampleSecurityGroup"
}],
"SubnetId" : {
"Ref":"private2A"
}
}
},
"public2A":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.2.0/24",
"Tags" : [{"Key" : "public2A", "Value" : "public2A"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},"public2B":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.3.0/24",
"Tags" : [{"Key" : "public2B", "Value" : "public2B"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"public2C":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.1.0/24",
"Tags" : [{"Key" : "public2C", "Value" : "public2C"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},"private2A":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.5.0/24",
"Tags" : [{"Key" : "private2A", "Value" : "private2A"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},"private2B":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.6.0/24",
"Tags" : [{"Key" : "private2B", "Value" : "private2B"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"private2C":{
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone" : "us-east-1a",
"CidrBlock" : "10.0.7.0/24",
"Tags" : [{"Key" : "private2C", "Value" : "private2C"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"privateRT":{
"Type" : "AWS::EC2::RouteTable",
"Properties" : {
"Tags" : [{"Key" : "privateRT", "Value" : "privateRT"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"publicRT":{
"Type" : "AWS::EC2::RouteTable",
"Properties" : {
"Tags" : [{"Key" : "publicRT", "Value" : "publicRT"}],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"public2ARouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "public2A" },
"RouteTableId" : { "Ref" : "publicRT" }
}
},
"public2BRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "public2B" },
"RouteTableId" : { "Ref" : "publicRT" }
}
},
"public2CRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "public2C" },
"RouteTableId" : { "Ref" : "publicRT" }
}
},
"private2ARouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "private2A" },
"RouteTableId" : { "Ref" : "privateRT" }
}
},
"private2BRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "private2B" },
"RouteTableId" : { "Ref" : "privateRT" }
}
},
"private2CRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "private2C" },
"RouteTableId" : { "Ref" : "privateRT" }
}
},
"myVpcInternetGateWay":{
"Type" : "AWS::EC2::InternetGateway",
"Properties" : {
"Tags" : [{"Key" : "myVpcInternetGateWay", "Value" : "myVpcInternetGateWay"}]
}
},
"myVpcInternetGateWayRoute":{
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock" : "0.0.0.0/0",
"GatewayId" : {"Ref":"myVpcInternetGateWay"},
"RouteTableId" : {"Ref":"publicRT"}
}
},
"myVpcInternetGateWayAttachement":{
"Type" : "AWS::EC2::VPCGatewayAttachment",
"Properties" : {
"InternetGatewayId" : {"Ref":"myVpcInternetGateWay"},
"VpcId" : {"Ref":"ExampleVpcId"}
}
},
"myNatGateWay":{
"Type" : "AWS::EC2::NatGateway",
"Properties" : {
"AllocationId" : {"Ref":"myElasticIP"},
"SubnetId" :{"Ref":"public2A"},
"Tags" : [{"Key" : "myNatGateWay", "Value" : "myNatGateWay"}]
}
},"myVpcNatGatWayRoute":{
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock" : "0.0.0.0/0",
"GatewayId" : {"Ref":"myNatGateWay"},
"RouteTableId" : {"Ref":"privateRT"}
}
},
"myElasticIP":{
"Type" : "AWS::EC2::EIP",
"Properties" : {
"Domain" : "VPC",
"Tags" : [{"Key" : "myElasticIP", "Value" : "myElasticIP"}]
}
},
"ExampleSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Allow http to client host",
"GroupName" : "templateSecuritygrp",
"Tags" : [ {"Key" : "securityGroup", "Value" : "cloudformationSecurityGroup"} ],
"VpcId" : {
"Ref":"ExampleVpcId"
}
}
},
"ExampleSecurityGroupEgress" : {
"Type":"AWS::EC2::SecurityGroupEgress",
"Properties":{
"IpProtocol":"-1",
"FromPort":"-1",
"ToPort":"-1",
"DestinationSecurityGroupId":{
"Ref":"ExampleSecurityGroup"
},
"GroupId":{
"Ref":"ExampleSecurityGroup"
}
}
},
"ExampleSecurityGroupIngress" :{
"Type":"AWS::EC2::SecurityGroupIngress",
"Properties":{
"IpProtocol":"-1",
"FromPort":"-1",
"ToPort":"-1",
"SourceSecurityGroupId":{
"Ref":"ExampleSecurityGroup"
},
"GroupId":{
"Ref":"ExampleSecurityGroup"
}
}
},
"ExampleVpcId":{
"Type":"AWS::EC2::VPC",
"Properties" : {
"CidrBlock" : "10.0.0.0/16",
"EnableDnsSupport" : "false",
"EnableDnsHostnames" : "false",
"InstanceTenancy" : "default",
"Tags" : [ {"Key" : "tmpltVPC", "Value" : "firstVpc"}]
}
}
}
}
}
在你的 myNatGateWay
中你应该使用 GetAtt
得到 AllocationId
:
"myNatGateWay":{
"Type" : "AWS::EC2::NatGateway",
"Properties" : {
"AllocationId" : { "Fn::GetAtt" : ["myElasticIP", "AllocationId"]},
"SubnetId" :{"Ref":"public2A"},
"Tags" : [{"Key" : "myNatGateWay", "Value" : "myNatGateWay"}]
}
}
另外EIP中还需要DependsOn:
"myElasticIP":{
"Type" : "AWS::EC2::EIP",
"DependsOn":["myVpcInternetGateWayAttachement"] ,
"Properties" : {
"Domain" : "VPC",
"Tags" : [{"Key" : "myElasticIP", "Value" : "myElasticIP"}]
}
}
最后myVpcNatGatWayRoute
应该是:
"myVpcNatGatWayRoute":{
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock" : "0.0.0.0/0",
"NatGatewayId" : {"Ref":"myNatGateWay"},
"RouteTableId" : {"Ref":"privateRT"}
}
}