Reputation: 2911
"Value of property CidrIp must be of type String" cloudformation
I encountered a problem with my CFN template. I define a CIDR block in Parameters and want to use it as a CidrIp in a Security Group resource.
However when I run my stack I get Value of property CidrIp must be of type String error and the stack is being rolled back.
Here is my minimal failing template. I want to use VPCCidrBlock to define the CidrIp.
What is funny, AWSs sample tamplate LAMP_Multi_AZ does exactly the same thing.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "A cloud VPC",
"Metadata": {
},
"Resources": {
"myvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {
"Ref": "VPCCidrBlock"
}
}
},
"SipserverSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Enable VPC access",
"VpcId": {
"Ref": "myvpc"
},
"SecurityGroupIngress": [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref": "VPCCidrBlock" } },
{ "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": { "Ref:": "VPCCidrBlock" } }
]
}
}
},
"Parameters": {
"VPCCidrBlock": {
"Description": "Main CIDR block for the whole VPC",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.13.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
}
}
Upvotes: 2
Views: 9137
Answers (4)
Reputation: 2173
One thing that we could easily overlook is datatype definition in the case of YAML configuration. In my yaml cloudformation template, I did the same mistake. I typed a dash before specifying a VpcId in my ECS ElasticLoadBalancingV2 resource configuration. That made the VpcId property look as a list of values when it should actually be a String. Inturn, I got cloudformation error that "VpcId should be a String."
Incorrect definition: (a dash at the beginning of line 5)
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId:
- Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]
Correct definition:
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: Fn::ImportValue: !Join ['-', ["somestring", !Ref Environment, 'someregion', 'VPC']]
Upvotes: 1
Reputation: 953
I had another YAML file got the same issue "Value of property CidrIp must be of type String”. It turns out that double quote below need to be changed to a single quote.
HTTPTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: !Sub "${Foo}-${Bar}-TargetGroup" # -> Error
Name: !Sub '${Foo}-${Bar}-TargetGroup' # -> Good
Upvotes: 0
Reputation: 54
I also faced similar issue I was able to point out the issue. I was using "ref" instead "Ref" to refer parameters.
Upvotes: 2
Reputation: 984
Strange problem. Played around with your example a little bit.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "A cloud VPC",
"Metadata": {
},
"Resources": {
"myvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {
"Ref": "VPCCidrBlock"
}
}
},
"SipserverSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Enable VPC access",
"VpcId": {
"Ref": "myvpc"
},
"SecurityGroupIngress": [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": {"Ref": "VPCCidrBlock"}},
{ "IpProtocol": "udp", "FromPort": "5060", "ToPort": "5060", "CidrIp": {"Ref": "VPCCidrBlock"}}
]
}
}
},
"Parameters": {
"VPCCidrBlock": {
"Description": "Main CIDR block for the whole VPC",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.13.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
}
}
Works for me. Is it possible that there is an issue with some special characters/encoding?
Upvotes: 1
Related Questions
- CloudFormation Parameter Template Error : Parameter is non alphanumeric
- Value of property IamInstanceProfile must be of type String
- AWS Parameter Must Have Values Error (value exists)
- AWS CDK parameter error: Value of property Parameters must be an object with String (or simple type) properties
- aws cloudformation - Encountered unsupported property RequestValidatorId
- Value (PrivateSubnet2CIDR) for parameter cidrBlock is invalid. This is not a valid CIDR block. This is the error that I am getting
- AWS Cloudformation Encountered unsupported property Type
- aws cloudformation -resource property error
- CloudFormation gives "Invalid template property or properties" error
- Invalid resource property cloudformation