【发布时间】:2020-09-09 12:56:40
【问题描述】:
我正在尝试构建一个 AWS CloudFormation 模板来创建一个 VPC、公共子网,然后在该子网中启动一个 EC2 实例。当我尝试将 EC2 实例启动到新创建的子网时,我能够创建 VPC 和子网资源,但出现错误:
The requested configuration is currently not supported. Please check the documentation for supported configurations. (Service: AmazonEC2; Status Code: 400; Error Code: Unsupported; Request ID: 953bf578-375e-4d4a-bc27-b7193543ea94)
如果我在 EC2 创建块中注释掉对子网的引用,脚本可以工作,但实例会启动到默认子网,而不是脚本之前创建的子网(这不是我想要的)。
脚本:
Resources:
VPC:
Type: 'AWS::EC2::VPC'
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsSupport: 'false'
EnableDnsHostnames: 'false'
InstanceTenancy: dedicated
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.0.0/24
AvailabilityZone: !Select [ 0, !GetAZs ]
InternetGateway:
Type: 'AWS::EC2::InternetGateway'
DependsOn: VPC
AttachGateway:
Type: 'AWS::EC2::VPCGatewayAttachment'
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
PublicRoute:
Type: 'AWS::EC2::Route'
DependsOn: 'AttachGateway'
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PublicSubnet
RouteTableId: !Ref PublicRouteTable
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow http to client host
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
Ec2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId: ami-0323c3dd2da7fb37d
SubnetId: !Ref PublicSubnet # The offending line (?)
KeyName: MyEC2KeyPair
【问题讨论】:
-
您的意思是为实例分配安全组吗?
-
嗨,你能在不同的地区试一试吗?
标签: amazon-web-services amazon-cloudformation