我正在使用CloudFormation创建整个堆栈 . 我注意到即使我有一个0.0.0.0/0的路由规则来访问我的 Cloud 形成模板中的Internet网关,它也没有被创建 .
VPC:
"vpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "172.31.0.0/16",
"InstanceTenancy": "default",
"EnableDnsSupport": "true",
"EnableDnsHostnames": "true",
"Tags": [
{
"Key": "Environment",
"Value": {
"Ref": "Env"
}
}
]
}
路由表:
"rtb": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "vpc"
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "65297cdc-8bcd-482d-af40-b0fef849b8c2"
}
}
}
VPCGatewayAttachment:
"gw1": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "vpc"
},
"InternetGatewayId": {
"Ref": "ig"
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "aa69d6c0-3b11-43be-a8c1-7e79176f8c89"
}
}
}
路线:
"route1": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"RouteTableId": {
"Ref": "rtb"
},
"GatewayId": {
"Ref": "ig"
}
},
"DependsOn": "gw1",
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "a68dd12e-3c14-4fa9-ba36-e0046374a0e9"
}
}
}
互联网网关:
"ig": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "9f9b4ce3-b994-43ff-9155-04aeb7ab2edf"
}
}
}
除了VPC的IG路由规则之外,正在创建所有项目 . cloudformation堆栈创建中没有错误 .
路由表:
Destination: 172.31.0.0/16
Target: local
预期的路由表:
Destination: 172.31.0.0/16
Target: local
Destination: 0.0.0.0/0
Target: igw-********
请注意,我可以在创建cloudformation堆栈后直接添加规则 .
有什么我想念的吗?
1 回答
在联系AWS支持后,结果发现每个VPC都会自动创建一个路由表,默认情况下会为其所有子网设置 . 解决方案是使用
SubnetRouteTableAssociation将我的新路由表与每个子网相关联 .