由於子網無效導致無法在AWS中創建VPC

Question

我正在使用雲陣列來創建VPC。它在創建子網時失敗。我查了一下，我相信這些子網是有效的。雖然我的網絡知識有點欠缺。

這是錯誤我得到：

00:46:49 UTC-0400 CREATE_FAILED AWS::EC2::Subnet SubnetA The CIDR '172.16.64.0/16' is invalid. 

0時46分49秒UTC-0400 CREATE_IN_PROGRESS AWS EC2 :: :: RouteTable RouteTable資源創建啓動 0時46分49秒UTC-0400 CREATE_FAILED AWS： ：EC2 :: Subnet SubnetB CIDR'197.16.128.0/16'無效。

這是我想要使用的模板：

--- 
AWSTemplateFormatVersion: 2010-09-09 
Resources: 
    VPC: 
    Type: AWS::EC2::VPC 
    Properties: 
     CidrBlock: 172.16.0.0/18 
     EnableDnsSupport: true 
     EnableDnsHostnames: true 
     InstanceTenancy: default 
     Tags: 
     - Key: Name 
     Value: JF-Staging-VPC 
    InternetGateway: 
    Type: AWS::EC2::InternetGateway 
    VPCGatewayAttachment: 
    Type: AWS::EC2::VPCGatewayAttachment 
    Properties: 
     VpcId: !Ref VPC 
     InternetGatewayId: !Ref InternetGateway 
    SubnetA: 
    Type: AWS::EC2::Subnet 
    Properties: 
     AvailabilityZone: us-east-1a 
     VpcId: !Ref VPC 
     CidrBlock: 172.16.64.0/16 
     MapPublicIpOnLaunch: False 
    SubnetB: 
     Type: AWS::EC2::Subnet 
     Properties: 
     AvailabilityZone: us-east-1b 
     VpcId: !Ref VPC 
     CidrBlock: 197.16.128.0/16 
     MapPublicIpOnLaunch: False 
    RouteTable: 
    Type: AWS::EC2::RouteTable 
    Properties: 
     VpcId: !Ref VPC 
    InternetRoute: 
    Type: AWS::EC2::Route 
    DependsOn: InternetGateway 
    Properties: 
     DestinationCidrBlock: 0.0.0.0/0 
     GatewayId: !Ref InternetGateway 
     RouteTableId: !Ref RouteTable 
    SubnetARouteTableAssociation: 
    Type: AWS::EC2::SubnetRouteTableAssociation 
    Properties: 
     RouteTableId: !Ref RouteTable 
     SubnetId: !Ref SubnetA 
    SubnetBRouteTableAssociation: 
    Type: AWS::EC2::SubnetRouteTableAssociation 
    Properties: 
     RouteTableId: !Ref RouteTable 
     SubnetId: !Ref SubnetB 
    SecurityGroupSSH: 
    Type: AWS::EC2::SecurityGroup 
    Properties: 
     GroupName: "SSH Group" 
     GroupDescription: "SSH traffic in, all traffic out." 
     VpcId: !Ref VPC 
     SecurityGroupIngress: 
     - IpProtocol: tcp 
      FromPort: '22' 
      ToPort: '22' 
      CidrIp: 0.0.0.0/0 
     SecurityGroupEgress: 
     - IpProtocol: -1 
      CidrIp: 0.0.0.0/0 
    SecurityGroupWeb: 
    Type: AWS::EC2::SecurityGroup 
    Properties: 
     GroupName: "Web Group" 
     GroupDescription: "Web traffic in, all traffic out." 
     VpcId: !Ref VPC 
     SecurityGroupIngress: 
     - IpProtocol: tcp 
      FromPort: '80' 
      ToPort: '80' 
      CidrIp: 0.0.0.0/0 
     SecurityGroupEgress: 
     - IpProtocol: -1 
      CidrIp: 0.0.0.0/0 
     SecurityGroupIngress: 
     - IpProtocol: tcp 
      FromPort: '443' 
      ToPort: '443' 
      CidrIp: 0.0.0.0/0 
     SecurityGroupEgress: 
     - IpProtocol: -1 
      CidrIp: 0.0.0.0/0 
Metadata: 
    VPC: 
    Description: "Creating the JF Staging VPC" 
    InternetGateway: 
    Description: "Creating an Internet Gateway" 

有人可以讓我知道我要去哪裏錯了，如何糾正呢？

Answer 1

問題出在197.16.128.0/16這是一個公共IP地址，不能分配給VPC或子網。

我覺得你真的打算使用地址：

172.16.128.0/16

[編輯]

更改您的VPC 172.16.0.0/16 然後每個子網改變使用/ 16的一部分，例如/ 24 例子：

172.16.0.0/24

172.16.1.0/24

172.16.2.0/24

等

與目前執行的問題是，您的VPC是/ 18，比您嘗試創建的子網/ 16小。你需要反過來，/ VPC和/ 24或者小於/ 16的子網。