I'm trying to use Amazon CloudFormation to build a VPC and subnets, but I keep running into issues trying to use the !Cidr function to specify the CidrBlock of the subnets.
Minimal example, I'm using a CF template sourced directly from Amazon documentation for the !Cidr function. I save it to a file, create a new stack, choose to load in that file, then View in Designer. I get this error:
Cannot render the template because of an error.: YAMLException: unknown tag !<!Cidr> at line 18, column 75: ... Att ExampleVpc.CidrBlock, 1, 8 ]] ^
Here is the template I'm using:
AWSTemplateFormatVersion: "2010-09-09"
Description: "Try to create VPC and Subnet using Cidr function"
Resources:
ExampleVpc:
Type: AWS::EC2::VPC
Properties:
CidrBlock: "10.0.0.0/16"
IPv6CidrBlock:
Type: AWS::EC2::VPCCidrBlock
Properties:
AmazonProvidedIpv6CidrBlock: true
VpcId: !Ref ExampleVpc
ExampleSubnet:
Type: AWS::EC2::Subnet
DependsOn: IPv6CidrBlock
Properties:
AssignIpv6AddressOnCreation: true
CidrBlock: !Select [ 0, !Cidr [ !GetAtt ExampleVpc.CidrBlock, 1, 8 ]]
Ipv6CidrBlock: !Select [ 0, !Cidr [ !Select [ 0, !GetAtt ExampleVpc.Ipv6CidrBlocks], 1, 64 ]]
VpcId: !Ref ExampleVpc
Is there something wrong with my template, or is the CloudFormation Template Designer buggy?
You have to re-organize the template a bit. Designer syntax parser must have some bugs. This should work:
AWSTemplateFormatVersion: "2010-09-09"
Description: "Try to create VPC and Subnet using Cidr function"
Resources:
ExampleVpc:
Type: AWS::EC2::VPC
Properties:
CidrBlock: "10.0.0.0/16"
IPv6CidrBlock:
Type: AWS::EC2::VPCCidrBlock
Properties:
AmazonProvidedIpv6CidrBlock: true
VpcId: !Ref ExampleVpc
ExampleSubnet:
Type: AWS::EC2::Subnet
DependsOn: IPv6CidrBlock
Properties:
AssignIpv6AddressOnCreation: true
CidrBlock:
!Select
- 0
- Fn::Cidr: [ !GetAtt ExampleVpc.CidrBlock, 1, 8 ]
Ipv6CidrBlock:
!Select
- 0
- Fn::Cidr: [ !Select [ 0, !GetAtt ExampleVpc.Ipv6CidrBlocks], 1, 64 ]
VpcId: !Ref ExampleVpc