Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Error when create a stack on CloudFormation using a yaml file : Resource handler returned message: "If the target type is ALB, the target must have at least one listener that matches the target group

0

Hi team, I'm trying to use a yaml file to create resources on my aws instance. When creating stack using attached yaml file, i receive this error : Resource handler returned message: "If the target type is ALB, the target must have at least one listener that matches the target group port or any specified port overrides (Service: ElasticLoadBalancingV2, Status Code: 400, Request ID: 503838d2-e0c0-4a46-9174-da5e2565890f)" (RequestToken: ec35aaf5-3986-da2a-1e66-c3d71310c68b, HandlerErrorCode: GeneralServiceException)

Logical ID= SFPrvConnectNLBTgtGrp

yaml file:

*AWSTemplateFormatVersion: 2010-09-09

Parameters:

vpc ID

CustomerVPCId: Type: String Description: 'Enter the VPC Id to create resources in.'

Private subnets to host resources

PrivateSubnetId1: Type: String Description: 'Enter the first private subnet Id' PrivateSubnetId2: Type: String Description: 'Enter the second private subnet Id'

SF IAM Prinicpal ARN

SFSrcArn: Type: String Description: Enter the Salesforce IAM ARN.

Resources:

#VPC endpoint service permissions SFPrvConnectVPCEPerms: Type: AWS::EC2::VPCEndpointServicePermissions Properties: AllowedPrincipals: - !Ref SFSrcArn ServiceId: !Ref SFPrvConnectVPCE DependsOn: SFPrvConnectVPCE

#SecurityGroup-ingress rules SFPrvConnectALBSecGrpIngressRules: Type: AWS::EC2::SecurityGroupIngress Properties: GroupId: !Ref SFPrvConnectALBSecGrp CidrIp: '0.0.0.0/0' Description: 'Allow inbound http traffic from IP any' FromPort: 80 IpProtocol: 'tcp' ToPort: 80 DependsOn: SFPrvConnectALBSecGrp

#SecurityGroup-egress rules SFPrvConnectALBSecGrpEgressRules: Type: AWS::EC2::SecurityGroupEgress Properties: GroupId: !Ref SFPrvConnectALBSecGrp CidrIp: '0.0.0.0/0' Description: 'Allows all outbound traffic' FromPort: 1 IpProtocol: '-1' ToPort: 65535 DependsOn: SFPrvConnectALBSecGrp

#SecurityGroup-for ALB SFPrvConnectALBSecGrp: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: 'SG attached to private connect ALB. allows http traffic.' GroupName: 'prvConnect-alb-sg' VpcId: !Ref CustomerVPCId

#ALB listener on port 80 forwarding to ALB target grp SFPrvConnectALBListener: Type: AWS::ElasticLoadBalancingV2::Listener Properties: DefaultActions: - TargetGroupArn: !Ref SFPrvConnectALBTgtGrp Type: 'forward' LoadBalancerArn: !Ref SFPrvConnectEC2ALB Port: 80 Protocol: 'HTTP' DependsOn: SFPrvConnectALBTgtGrp

#NLB listener on port 80 forwarding to NLB target grp SFPrvConnectNLBListener: Type: AWS::ElasticLoadBalancingV2::Listener Properties: DefaultActions: - TargetGroupArn: !Ref SFPrvConnectNLBTgtGrp Type: 'forward' LoadBalancerArn: !Ref SFPrvConnectNLB Port: 80 Protocol: 'TCP' DependsOn: SFPrvConnectNLBTgtGrp

#ALB-TargetGroup - routes traffic to EC2 SFPrvConnectALBTgtGrp: Type: AWS::ElasticLoadBalancingV2::TargetGroup Properties: HealthCheckEnabled: 'true' IpAddressType: 'ipv4' Name: 'SFPrvConnectALBTgtGrp' Port: 80 Protocol: 'HTTP' TargetType: 'ip' VpcId: !Ref CustomerVPCId DependsOn: SFPrvConnectEC2ALB

#NLB-TargetGroup - routes traffic to an ALB SFPrvConnectNLBTgtGrp: Type: AWS::ElasticLoadBalancingV2::TargetGroup Properties: IpAddressType: 'ipv4' Name: 'SFPrvConnectNLBTgtGrp' Port: 80 Protocol: 'TCP' Targets: - Id: !Ref SFPrvConnectEC2ALB Port: 80 TargetType: 'alb' VpcId: !Ref CustomerVPCId DependsOn: SFPrvConnectNLB

#NLB SFPrvConnectNLB: Type: AWS::ElasticLoadBalancingV2::LoadBalancer Properties: IpAddressType: 'ipv4' LoadBalancerAttributes: - Key: load_balancing.cross_zone.enabled Value: 'true' Name: 'SFPrivateConnect-demo-nlb' Scheme: 'internal' Subnets: - !Ref PrivateSubnetId1 - !Ref PrivateSubnetId2 Type: 'network'

#ALB-EC2 SFPrvConnectEC2ALB: Type: AWS::ElasticLoadBalancingV2::LoadBalancer Properties: IpAddressType: 'ipv4' SecurityGroups: - Fn::GetAtt: SFPrvConnectALBSecGrp.GroupId Name: 'SFPrivateConnect-demo-alb' Scheme: 'internal' Subnets: - !Ref PrivateSubnetId1 - !Ref PrivateSubnetId2 Type: 'application' DependsOn: SFPrvConnectALBSecGrp

#VPC-Endpoint SFPrvConnectVPCE: Type: AWS::EC2::VPCEndpointService Properties: AcceptanceRequired: 'false' NetworkLoadBalancerArns: - !Ref SFPrvConnectNLB DependsOn: SFPrvConnectNLB

Outputs:

SFVPCEndpointID: Description: "The privateLink VPC endpoint service ID" Value: !Ref SFPrvConnectVPCE

SFNLBDNSName: Description: 'URL for the Network Load Balancer assigned to the VPC endpoint.' Value: !GetAtt SFPrvConnectNLB.DNSName*

  • Andrii S EXPERTO
    hace 7 meses

    Hello. Could you please clarify what you are trying to do if I understand you are trying to connect nlb with alb?

Temas
Gestión y gobierno
Etiquetas
AWS CloudFormation
Idioma
English
Salva
preguntada hace 7 meses387 visualizaciones
3 Respuestas
0
Respuesta aceptada

That's great ! Thanks, it is the solution.

Salva
respondido hace 7 meses
0

yes this is want I want to do

Salva
respondido hace 7 meses
0

The error might be since the NLB Target Group(SFPrvConnectNLBTgtGrp) is getting created before ALB Listener (SFPrvConnectALBListener) gets created on the stack. When this happens NLB Target Group creation fails, since there is no ALB Listener available yet.

To avoid this add a DependsOn on the SFPrvConnectNLBTgtGrp Resource, so that it waits for SFPrvConnectALBListener to get created successfully and only then starts creation of SFPrvConnectNLBTgtGrp.

Adding the DependsOn would look like this:

  # NLB-TargetGroup - routes traffic to an ALB
  SFPrvConnectNLBTgtGrp:
    DependsOn: 
     - SFPrvConnectALBListener
     - SFPrvConnectNLB
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      IpAddressType: 'ipv4'
      Name: 'SFPrvConnectNLBTgtGrp'
......
......

Hope this helps.

AWS
INGENIERO DE SOPORTE
Ruchir_S
respondido hace 7 meses
profile picture
EXPERTO
Sedat Salman
revisado hace 7 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante