Subnet problem in VPC creation via cloudformation

Refresh

February 2019

Views

0 time

1

I am a noob in networking. I am creating a VPC via Cloudformation. In that, I have to create 4 subnets. When I run the included template, I see this error: Template error: Fn::Select cannot select nonexistent value at index 3

But, when I create it with 3 subnets, it is fine.

My Template sample:

Parameters:

  VpcBlock:
    Type: String
    Default: 192.168.0.0/16
    Description: The CIDR range for the VPC. This should be a valid private (RFC 1918) CIDR range.

  Subnet01Block:
    Type: String
    Default: 192.168.0.0/14
    Description: CidrBlock for subnet 01 within the VPC

  Subnet02Block:
    Type: String
    Default: 192.168.64.0/14
    Description: CidrBlock for subnet 02 within the VPC

  Subnet03Block:
    Type: String
    Default: 192.168.128.0/14
    Description: CidrBlock for subnet 03 within the VPC

  Subnet04Block:
    Type: String
    Default: 192.168.192.0/14
    Description: CidrBlock for subnet 04 within the VPC

Resources:
  Subnet01:
    Type: AWS::EC2::Subnet
    Metadata:
      Comment: Subnet 01
    Properties:
      AvailabilityZone:
        Fn::Select:
        - '0'
        - Fn::GetAZs:
            Ref: AWS::Region
      CidrBlock:
        Ref: Subnet01Block
      VpcId:
        Ref: VPC
      Tags:
      - Key: Name
        Value: !Sub "${AWS::StackName}-Services-Subnet01"

  Subnet02:
    Type: AWS::EC2::Subnet
    Metadata:
      Comment: Subnet 02
    Properties:
      AvailabilityZone:
        Fn::Select:
        - '1'
        - Fn::GetAZs:
            Ref: AWS::Region
      CidrBlock:
        Ref: Subnet02Block
      VpcId:
        Ref: VPC
      Tags:
      - Key: Name
        Value: !Sub "${AWS::StackName}-Services-Subnet02"

  Subnet03:
    Type: AWS::EC2::Subnet
    Metadata:
      Comment: Subnet 03
    Properties:
      AvailabilityZone:
        Fn::Select:
        - '2'
        - Fn::GetAZs:
            Ref: AWS::Region
      CidrBlock:
        Ref: Subnet03Block
      VpcId:
        Ref: VPC
      Tags:
      - Key: Name
        Value: !Sub "${AWS::StackName}-Services-Subnet03"

  Subnet04:
    Type: AWS::EC2::Subnet
    Metadata:
      Comment: Subnet 04
    Properties:
      AvailabilityZone:
        Fn::Select:
        - '3'
        - Fn::GetAZs:
            Ref: AWS::Region
      CidrBlock:
        Ref: Subnet04Block
      VpcId:
        Ref: VPC
      Tags:
      - Key: Name
        Value: !Sub "${AWS::StackName}-Services-Subnet04"

I am deploying this template in us-west-2 region. Am I doing anything wrong here?

1 answers

1

Your problem is that the different Regions in AWS have different numbers of Availability Zones (AZs) (docs).

Since you are in the region us-west-2, you have only 3 AZs. Other regions, like us-east-1, have more. The AZs for your region can be found using:

▶ aws ec2 describe-availability-zones --region us-west-2 --query 'AvailabilityZones[].ZoneName' 
[
    "us-west-2a", 
    "us-west-2b", 
    "us-west-2c"
]

Meanwhile, the intrinsic function Fn::GetAZs returns the AZs to you as an array. You referred to element 3 of that array (i.e. the 4th) and it doesn't exist, and that's why you see that error message.

You probably need to choose between moving to a different region, having a different number of subnets, or having one AZ with 2 subnets and the rest with 1.