Amazon web services &引用;属性CidrIp的值必须为“字符串”类型;云层形成
我的CFN模板遇到问题。我在参数中定义了一个CIDR块,并希望将其用作安全组资源中的Amazon web services &引用;属性CidrIp的值必须为“字符串”类型;云层形成,amazon-web-services,amazon-cloudformation,Amazon Web Services,Amazon Cloudformation,我的CFN模板遇到问题。我在参数中定义了一个CIDR块,并希望将其用作安全组资源中的CidrIp 但是,当我运行堆栈时,我得到属性CidrIp的值必须是String类型的error,并且堆栈正在回滚 这是我的最小失败模板。我想使用VPCCidrBlock来定义CidrIp 有趣的是,AWSs样品夯实机LAMP\u Multi\u AZ做的事情完全相同 { "AWSTemplateFormatVersion": "2010-09-09", "Description": "A cloud V
CidrIp
但是,当我运行堆栈时,我得到属性CidrIp的值必须是String类型的error,并且堆栈正在回滚
这是我的最小失败模板。我想使用VPCCidrBlock
来定义CidrIp
有趣的是,AWSs样品夯实机LAMP\u Multi\u AZ
做的事情完全相同
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "A cloud VPC",
"Metadata": {
},
"Resources": {
"myvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {
"Ref": "VPCCidrBlock"
}
}
},
"SipserverSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Enable VPC access",
"VpcId": {
"Ref": "myvpc"
},
"SecurityGroupIngress": [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref": "VPCCidrBlock" } },
{ "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": { "Ref:": "VPCCidrBlock" } }
]
}
}
},
"Parameters": {
"VPCCidrBlock": {
"Description": "Main CIDR block for the whole VPC",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.13.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
}
}
奇怪的问题。稍微玩弄一下你的例子
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "A cloud VPC",
"Metadata": {
},
"Resources": {
"myvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {
"Ref": "VPCCidrBlock"
}
}
},
"SipserverSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Enable VPC access",
"VpcId": {
"Ref": "myvpc"
},
"SecurityGroupIngress": [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": {"Ref": "VPCCidrBlock"}},
{ "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": {"Ref": "VPCCidrBlock"}}
]
}
}
},
"Parameters": {
"VPCCidrBlock": {
"Description": "Main CIDR block for the whole VPC",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.13.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
}
}
对我有用。某些特殊字符/编码是否可能存在问题?我也面临类似问题,我能够指出这个问题。我用“ref”代替“ref”来引用参数 我有另一个YAML文件遇到了同样的问题“属性CidrIp的值必须是String类型”。结果是下面的双引号需要更改为单引号
HTTPTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: !Sub "${Foo}-${Bar}-TargetGroup" # -> Error
Name: !Sub '${Foo}-${Bar}-TargetGroup' # -> Good
我们很容易忽略的一点是YAML配置中的数据类型定义。在我的YAML cloudformation模板中,我犯了同样的错误。我在ECS ElasticLoadBalancingV2资源配置中指定VpcId之前键入了破折号。这使得VpcId属性看起来像一个值列表,而实际上它应该是一个字符串。实际上,我得到了一个云信息错误,“VpcId应该是一个字符串。”
定义不正确:(第5行开头的破折号)
正确的定义:
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]
问题在于存在“Ref:
而不是“Ref”
。有趣的是,它验证了ok。
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]