时间戳

首页 > 解决方案 > 从 cfnParameter.valueAsString 分配 ec2.Vpc.cidr 值时,cdk 合成器上出现“${Token[TOKEN.72]} 无效”错误

typescript - 从 cfnParameter.valueAsString 分配 ec2.Vpc.cidr 值时,cdk 合成器上出现“${Token[TOKEN.72]} 无效”错误

问题描述

尝试使用 AWS CDK CfnParameter 参数化 ec2.Vpc 的 cidr 值。目的是重新使用堆栈来创建 VPC,并将 VPC 的 CIDR 作为“可插入”值。

“${Token[TOKEN.72]} is not valid”错误是在为以下代码段合成堆栈($cdk synth)时生成的:

        // Parameter
        const vpcCidr = new cdk.CfnParameter(this, 'vpcCidr', {
            type: 'String',
            default: "10.0.0.0/16",
            minLength: 10,
            maxLength: 18,
            allowedPattern: '(\\d{1,3})\.(\\d{1,3})\.(\\d{1,3})\.(\\d{1,3})/(\\d{1,2})'
        });

        // VPC Congfiguration
        const vpc = new ec2.Vpc(this, "vpcName", {
            cidr: vpcCidr.valueAsString,
            maxAzs: 2,
            vpnGateway: true, // VPC can accept VPN connections
            subnetConfiguration: [
                {
                    cidrMask: 19,
                    name: "Private",
                    subnetType: SubnetType.PRIVATE,
                },
                {
                    cidrMask: 20,
                    name: "Public",
                    subnetType: SubnetType.PUBLIC,
                },
                {
                    cidrMask: 21,
                    name: "Protected",
                    subnetType: SubnetType.ISOLATED,
                },
            ],
        });

我尝试将 cidr 块作为静态字符串传递,它可以工作:

        // VPC Congfiguration
        const vpc = new ec2.Vpc(this, "vpcName", {
            cidr: "10.0.0.0/16",
            maxAzs: 2,
            vpnGateway: true, // VPC can accept VPN connections
            subnetConfiguration: [
                {
                    cidrMask: 19,
                    name: "Private",
                    subnetType: SubnetType.PRIVATE,
                },
                {
                    cidrMask: 20,
                    name: "Public",
                    subnetType: SubnetType.PUBLIC,
                },
                {
                    cidrMask: 21,
                    name: "Protected",
                    subnetType: SubnetType.ISOLATED,
                },
            ],
        });

预期:传递给 ec2.Vpc 构造的 cidr 属性的 vpcCidr.valueAsString 应与设置 cidr:“cidr ip/netmask”相同,如上例所示。

实际:${Token[TOKEN.72]} 无效。看起来 network-util.js 中的以下函数正在引发错误

    /**
     * Converts a string IPv4 to a number
     *
     * takes an IP Address (e.g. 174.66.173.168) and converts to a number
     * (e.g 2923605416); currently only supports IPv4
     *
     * Uses the formula:
     * (first octet * 256³) + (second octet * 256²) + (third octet * 256) +
     * (fourth octet)
     *
     * @param  {string} the IP address (e.g. 174.66.173.168)
     * @returns {number} the integer value of the IP address (e.g 2923605416)
     */
    static ipToNum(ipAddress) {
        if (!this.validIp(ipAddress)) {
            throw new Error(`${ipAddress} is not valid`);
        }
        return ipAddress
            .split('.')
            .reduce((p, c, i) => p + parseInt(c, 10) * 256 ** (3 - i), 0);
    }

环境:

  "dependencies": {
    "@aws-cdk/assert": "^1.2.0",
    "@aws-cdk/aws-ec2": "^1.2.0",
    "@aws-cdk/aws-ram": "^1.2.0",
    "@aws-cdk/core": "^1.2.0"
}

标签: typescriptamazon-cloudformationaws-cdk

解决方案

不幸的是,该函数似乎ipToNum需要对 CIDR 进行一些解析和数学运算才能将其转换为数字,所以它必须是一个静态(在synth时间上知道)值。对不起。

推荐阅读