amazon-web-servicesaws-cloudformationaws-vpn

AWS::EC2::VPNConnectionRoute - Parameter route=X.X.X.67/31 fails its validation function


I have one specific IP which I need to route through the VPN. I tried to providing that IP using a mask that provides the smallest possible subnet.

    vpcConnection:
        Type: 'AWS::EC2::VPNConnectionRoute'
        Properties:
            DestinationCidrBlock: X.X.X.67/31
            VpnConnectionId:
                Ref: vpnRef

Once applied, the cloud formation responds with:

Parameter route=X.X.X.67/31 fails its validation function 

Solution

  • route=X.X.X.67/31 will point to the broadcast address of the specified subnet.

    In order to validate, the DestinationCidrBlock CidrBlock needs to point to the network address which in this case would be:

        vpcConnection:
            Type: 'AWS::EC2::VPNConnectionRoute'
            Properties:
                DestinationCidrBlock: X.X.X.66/31
                VpnConnectionId:
                    Ref: vpnRef