Fatal编程技术网
  • amazon-web-services/
  • Amazon web services &引用;属性CidrIp的值必须为“字符串”类型;云层形成

Amazon web services &引用;属性CidrIp的值必须为“字符串”类型;云层形成

amazon-web-services amazon-cloudformation

Amazon web services &引用;属性CidrIp的值必须为“字符串”类型;云层形成,amazon-web-services,amazon-cloudformation,Amazon Web Services,Amazon Cloudformation,我的CFN模板遇到问题。我在参数中定义了一个CIDR块,并希望将其用作安全组资源中的CidrIp 但是,当我运行堆栈时,我得到属性CidrIp的值必须是String类型的error,并且堆栈正在回滚 这是我的最小失败模板。我想使用VPCCidrBlock来定义CidrIp 有趣的是,AWSs样品夯实机LAMP\u Multi\u AZ做的事情完全相同 { "AWSTemplateFormatVersion": "2010-09-09", "Description": "A cloud V

我的CFN模板遇到问题。我在参数中定义了一个CIDR块,并希望将其用作安全组资源中的
CidrIp

但是,当我运行堆栈时,我得到属性CidrIp的
值必须是String类型的
error,并且堆栈正在回滚

这是我的最小失败模板。我想使用
VPCCidrBlock
来定义
CidrIp

有趣的是,AWSs样品夯实机
LAMP\u Multi\u AZ
做的事情完全相同


{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "A cloud VPC",
  "Metadata": {
  },
  "Resources": {
    "myvpc": {
      "Type": "AWS::EC2::VPC",
      "Properties": {
        "CidrBlock": {
          "Ref": "VPCCidrBlock"
        }
      }
    },
    "SipserverSecurityGroup": {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupDescription": "Enable VPC access",
        "VpcId": {
          "Ref": "myvpc"
        },
        "SecurityGroupIngress": [
          { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref": "VPCCidrBlock" } },
          { "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": { "Ref:": "VPCCidrBlock" } }
        ]
      }
    }
  },
  "Parameters": {
    "VPCCidrBlock": {
      "Description": "Main CIDR block for the whole VPC",
      "Type": "String",
      "MinLength": "9",
      "MaxLength": "18",
      "Default": "10.13.0.0/16",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
      "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
    }
  }
}



奇怪的问题。稍微玩弄一下你的例子


{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "A cloud VPC",
  "Metadata": {
  },
  "Resources": {
    "myvpc": {
      "Type": "AWS::EC2::VPC",
      "Properties": {
        "CidrBlock": {
          "Ref": "VPCCidrBlock"
        }
      }
    },
    "SipserverSecurityGroup": {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupDescription": "Enable VPC access",
        "VpcId": {
          "Ref": "myvpc"
        },
        "SecurityGroupIngress": [
          { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": {"Ref": "VPCCidrBlock"}},
          { "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": {"Ref": "VPCCidrBlock"}}
        ]
      }
    }
  },
  "Parameters": {
    "VPCCidrBlock": {
      "Description": "Main CIDR block for the whole VPC",
      "Type": "String",
      "MinLength": "9",
      "MaxLength": "18",
      "Default": "10.13.0.0/16",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
      "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
    }
  }
}



对我有用。某些特殊字符/编码是否可能存在问题?
我也面临类似问题,我能够指出这个问题。我用“ref”代替“ref”来引用参数
 我有另一个YAML文件遇到了同样的问题“属性CidrIp的值必须是String类型”。结果是下面的双引号需要更改为单引号


HTTPTargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      Name: !Sub "${Foo}-${Bar}-TargetGroup" # -> Error
      Name: !Sub '${Foo}-${Bar}-TargetGroup' # -> Good



我们很容易忽略的一点是YAML配置中的数据类型定义。在我的YAML cloudformation模板中,我犯了同样的错误。我在ECS ElasticLoadBalancingV2资源配置中指定VpcId之前键入了破折号。这使得VpcId属性看起来像一个值列表,而实际上它应该是一个字符串。实际上,我得到了一个云信息错误,“VpcId应该是一个字符串。”

定义不正确:(第5行开头的破折号)

正确的定义:


TargetGroup:
  Type: AWS::ElasticLoadBalancingV2::TargetGroup
  Properties:
    VpcId: Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]


问题在于存在
“Ref:
而不是
“Ref”
。有趣的是,它验证了ok。

TargetGroup:
  Type: AWS::ElasticLoadBalancingV2::TargetGroup
  Properties:
    VpcId: Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]