cloudformation 无法创建子网

cloudformation failed to create subnets

我正在尝试 运行 一个代码,但我遇到了这个错误,但无法确定问题所在。我收到错误消息 The CIDR '10.0.1.0/24' conflicts with another subnet (Service: AmazonEC2; Status Code: 400; Error Code: InvalidSubnet.Conflict; Request ID: e0de23a8-d921-475f-aadd-84dac3109664;代理:空)

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "This is a network with one Vpc, 4 Subnet; 2 private, 2 public",
  "Metadata": {},
  "Parameters": {
    "MyVpcCidr": {
      "Description": "This is the cidr for appVpc",
      "Type": "String",
      "Default": "10.0.0.0/16"
    },
    "AZ1": {
      "Description": "AZ 1 for my network",
      "Type": "AWS::EC2::AvailabilityZone::Name"
    },
    "Priv1Cidr": {
      "Description": "This is the cidr for my appPriv1Subnet",
      "Type": "String",
      "Default": "10.0.1.0/24"
    },
    "Priv2Cidr": {
      "Description": "This is the cidr for my appPriv2Subnet",
      "Type": "String",
      "Default": "10.0.3.0/24"
    },
    "AZ2": {
      "Description": "AZ 2 for my network",
      "Type": "AWS::EC2::AvailabilityZone::Name"
    },
    "Pub1Cidr": {
      "Description": "Cidr for my appPubSN1",
      "Type": "String",
      "Default": "10.0.2.0/24"
    },
    "Pub2Cidr": {
      "Description": "Cidr for appPubSN2",
      "Type": "String",
      "Default": "10.0.4.0/16"
    }
  },
  "Mappings": {},
  "Conditions": {},
  "Resources": {
    "appVpc": {
      "Type": "AWS::EC2::VPC",
      "Properties": {
        "CidrBlock": {
          "Ref": "MyVpcCidr"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppVpc"
          }
        ]
      }
    },
    "appPriv1Subnet": {
      "Type": "AWS::EC2::Subnet",
      "Properties": {
        "AvailabilityZone": {
          "Ref": "AZ1"
        },
        "VpcId": {
          "Ref": "appVpc"
        },
        "CidrBlock": {
          "Ref": "Priv1Cidr"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "Apppriv1subnet"
          }
        ]
      }
    },
    "appPriv2Subnet": {
      "Type": "AWS::EC2::Subnet",
      "Properties": {
        "AvailabilityZone": {
          "Ref": "AZ2"
        },
        "VpcId": {
          "Ref": "appVpc"
        },
        "CidrBlock": {
          "Ref": "Priv2Cidr"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppPriv2Subnet"
          }
        ]
      }
    },
    "appPubSN1": {
      "Type": "AWS::EC2::Subnet",
      "Properties": {
        "AvailabilityZone": {
          "Ref": "AZ1"
        },
        "VpcId": {
          "Ref": "appVpc"
        },
        "CidrBlock": {
          "Ref": "Pub1Cidr"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppPubsn1"
          }
        ]
      }
    },
    "appPubSN2": {
      "Type": "AWS::EC2::Subnet",
      "Properties": {
        "AvailabilityZone": {
          "Ref": "AZ2"
        },
        "VpcId": {
          "Ref": "appVpc"
        },
        "CidrBlock": {
          "Ref": "Pub2Cidr"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppPubsn2"
          }
        ]
      }
    },
    "appIG": {
      "Type": "AWS::EC2::InternetGateway",
      "Properties": {
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppIG"
          }
        ]
      }
    },
    "AttachGateway": {
      "Type": "AWS::EC2::VPCGatewayAttachment",
      "Properties": {
        "VpcId": {
          "Ref": "appVpc"
        },
        "InternetGatewayId": {
          "Ref": "appIG"
        }
      }
    },
    "appPrivRT": {
      "Type": "AWS::EC2::RouteTable",
      "Properties": {
        "VpcId": {
          "Ref": "appVpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppPrivRt"
          }
        ]
      }
    },
    "PrivRTA1": {
      "Type": "AWS::EC2::SubnetRouteTableAssociation",
      "Properties": {
        "SubnetId": {
          "Ref": "appPriv1Subnet"
        },
        "RouteTableId": {
          "Ref": "appPrivRT"
        }
      }
    },
    "PrivRTA2": {
      "Type": "AWS::EC2::SubnetRouteTableAssociation",
      "Properties": {
        "SubnetId": {
          "Ref": "appPriv2Subnet"
        },
        "RouteTableId": {
          "Ref": "appPrivRT"
        }
      }
    },
    "appEIP": {
      "Type": "AWS::EC2::EIP",
      "Properties": {
        "Domain": "vpc"
      }
    },
    "appNatgw": {
      "Type": "AWS::EC2::NatGateway",
      "Properties": {
        "AllocationId": {
          "Fn::GetAtt": [
            "appEIP",
            "AllocationId"
          ]
        },
        "SubnetId": {
          "Ref": "appPubSN1"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "Appnatgw"
          }
        ]
      }
    },
    "appPrivRoute": {
      "Type": "AWS::EC2::Route",
      "Properties": {
        "RouteTableId": {
          "Ref": "appPrivRT"
        },
        "DestinationCidrBlock": "0.0.0.0/0",
        "NatGatewayId": {
          "Ref": "appNatgw"
        }
      }
    },
    "appPubRT": {
      "Type": "AWS::EC2::RouteTable",
      "Properties": {
        "VpcId": {
          "Ref": "appVpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppPubRT"
          }
        ]
      }
    },
    "PubRTA1": {
      "Type": "AWS::EC2::SubnetRouteTableAssociation",
      "Properties": {
        "SubnetId": {
          "Ref": "appPubSN1"
        },
        "RouteTableId": {
          "Ref": "appPubRT"
        }
      }
    },
    "PubRTA2": {
      "Type": "AWS::EC2::SubnetRouteTableAssociation",
      "Properties": {
        "SubnetId": {
          "Ref": "appPubSN2"
        },
        "RouteTableId": {
          "Ref": "appPubRT"
        }
      }
    },
    "appPubRoute": {
      "Type": "AWS::EC2::Route",
      "Properties": {
        "RouteTableId": {
          "Ref": "appPubRT"
        },
        "DestinationCidrBlock": "0.0.0.0/0",
        "GatewayId": {
          "Ref": "appIG"
        }
      }
    },
    "appSG": {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupDescription": "Allow ssh port 22 and port 80",
        "SecurityGroupIngress": [
          {
            "IpProtocol": "tcp",
            "FromPort": "22",
            "ToPort": "22",
            "CidrIp": "0.0.0.0/0"
          },
          {
            "IpProtocol": "tcp",
            "FromPort": "80",
            "ToPort": "80",
            "CidrIp": "0.0.0.0/0"
          }
        ],
        "VpcId": {
          "Ref": "appVpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "AppSG"
          }
        ]
      }
    },
    "internalSG": {
      "DependsOn": "appSG",
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupDescription": "Allow traffic from appSG",
        "SecurityGroupIngress": [
          {
            "IpProtocol": "-1",
            "SourceSecurityGroupId": {
              "Ref": "appSG"
            }
          }
        ],
        "VpcId": {
          "Ref": "appVpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "appinternalSG"
          }
        ]
      }
    }
  },
  "Outputs": {
    "appVpcId": {
      "Description": "Id for my vpc ",
      "Value": {
        "Ref": "appVpc"
      },
      "Export": {
        "Name": "appVpcid"
      }
    },
    "appPrivSN1Id": {
      "Description": "Id for my private SN1",
      "Value": {
        "Ref": "appPriv1Subnet"
      },
      "Export": {
        "Name": "appPrivSNID1"
      }
    },
    "appPrivSN2Id": {
      "Description": "Id for my subnet 2 private",
      "Value": {
        "Ref": "appPriv2Subnet"
      },
      "Export": {
        "Name": "appPrivSNID2"
      }
    },
    "appPubSN1Id": {
      "Description": "Id for Public subnet 1",
      "Value": {
        "Ref": "appPubSN1"
      },
      "Export": {
        "Name": "appPubSNID1"
      }
    },
    "appPubSN2Id": {
      "Description": "Id for Public subnet 2",
      "Value": {
        "Ref": "appPubSN2"
      },
      "Export": {
        "Name": "appPubSNID2"
      }
    },
    "externalSgid": {
      "Description": "Id for external security group",
      "Value": {
        "Ref": "appSG"
      },
      "Export": {
        "Name": "appSGID"
      }
    },
    "internalSGId": {
      "Description": "Id for internal security group",
      "Value": {
        "Ref": "internalSG"
      },
      "Export": {
        "Name": "internalSGID"
      }
    }
  }
}

我怀疑 10.0.4.0/16 是一个错字,本来应该是 10.0.4.0/24

原因是您为Pub2Cidr设置的cidr 10.0.4.0/16从10.0.0.0开始到10.0.255.255结束,与10.0.1.0/24开始重叠10.0.1.0 到 10.0.1.255 结束。