0

When trying to create an IPv6-only VPC Subnet, using AWS CloudFormation, stack creation fails with the following message:

CREATE_FAILED

Resource handler returned message: "Invalid request provided: Property CidrBlock or Ipv4IpamPoolId cannot be empty."

Here's the relevant part of my CloudFormation template:

  SubnetIpv6Only:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref CustomVPC
      AvailabilityZone: !Select [0, !GetAZs '']
      # ipv6-only
      AssignIpv6AddressOnCreation: true
      Ipv6CidrBlock: !Select [ 0, Fn::Cidr: [ !Select [ 0, !GetAtt CustomVPC.Ipv6CidrBlocks ], 4, 64 ] ]

The CloudFormation docs for VPC Subnets state

... If the VPC has an IPv6 CIDR block, you can create an IPv6 only subnet or [...]. For an IPv6 only subnet, specify an IPv6 CIDR block. ...

This appears to suggest that specifying an Ipv6CidrBlock without a CidrBlock (ipv4) should be sufficient to make a subnet "IPv6-only".

What am I doing wrong?

Improve this question

1 Answer 1

Reset to default
0

Although it may seem redundant, it appears that Ipv6Native: true needs to be specified explicitly in the subnet properties:

Ipv6Native: Indicates whether this is an IPv6 only subnet. ...

So the template would look like:

  SubnetIpv6Only:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref CustomVPC
      AvailabilityZone: !Select [0, !GetAZs '']
      # ipv6-only
      AssignIpv6AddressOnCreation: true
      Ipv6CidrBlock: !Select [ 0, Fn::Cidr: [ !Select [ 0, !GetAtt CustomVPC.Ipv6CidrBlocks ], 4, 64 ] ]
      Ipv6Native: true  # <-- new
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .