AWS::EC2::VPNConnectionRoute - Parameter route=X.X.X.67/31 fails its validation function

767 views Asked by At

I have one specific IP which I need to route through the VPN. I tried to providing that IP using a mask that provides the smallest possible subnet.

    vpcConnection:
        Type: 'AWS::EC2::VPNConnectionRoute'
        Properties:
            DestinationCidrBlock: X.X.X.67/31
            VpnConnectionId:
                Ref: vpnRef

Once applied, the cloud formation responds with:

Parameter route=X.X.X.67/31 fails its validation function 
1

There are 1 answers

0
Leonard Saers On BEST ANSWER

route=X.X.X.67/31 will point to the broadcast address of the specified subnet.

In order to validate, the DestinationCidrBlock CidrBlock needs to point to the network address which in this case would be:

    vpcConnection:
        Type: 'AWS::EC2::VPNConnectionRoute'
        Properties:
            DestinationCidrBlock: X.X.X.66/31
            VpnConnectionId:
                Ref: vpnRef