Why can’t I create a CNAME record in Route 53?

3 minute read

I'm getting errors when trying to create a CNAME record in Amazon Route 53.

Resolution

Error: InvalidChangeBatch 400: RRSet of type CNAME with DNS name example.com. is not permitted at apex in zone example.com

The preceding error occurs when creating a CNAME record for an apex domain, such as example.com.

DNS protocol doesn't allow creation of a CNAME record for the top node of a DNS namespace (the zone apex). For example, if you register the DNS name example.com, then the zone apex is example.com. You can't create a CNAME record for example.com. But, you can create CNAME records for www.example.com, newproduct.example.com, and so on.

To avoid this error, create an alias record for your apex domain. The record can point to your resources, such as your Amazon CloudFront distribution, load balancer, another record in the same hosted zone, and so on.

Note: Alias records that have the same name as the hosted zone (the zone apex) can't route traffic to a CNAME record.

For more information, see How do I create alias records for services hosted in AWS?

Error: InvalidChangeBatch 400: RRSet of type CNAME with DNS name test.example.com. is not permitted as it conflicts with other records with the same DNS name in zone

A CNAME record can't coexist with any other data. A CNAME record set for a subdomain name can't have an MX record, an A record, or a TXT record for that subdomain. Conversely, if there's an MX record for a subdomain, then you can't have a CNAME record for that subdomain.

To avoid this restriction, delete the conflicting DNS record, if it's not in use. Or, create an A-alias record pointing the subdomain to your resource, such as a CloudFront distribution, and so on. An example of a subdomain is test.example.com.

Error: Bad request. (InvalidChangeBatch 400: DomainLabelTooLong (Domain label is too long) encountered with 'org/services-and-resources/resources/classes-events/trauma-nurse'', Unparseable CNAME encountered)

Domain names consist of a series of labels separated by dots. Each label can be up to 63 bytes long. The total length of a domain name can't exceed 255 bytes, including the dots. Route 53 supports any valid domain name.

Error: Can't create a CNAME record that has different values for the same CNAME record

To avoid the preceding error, keep the following parameters in mind when creating CNAME records:

CNAME records must contain only one value.
CNAME records must point to another domain name and never to an IP address.

Topics

Networking & Content Delivery

Relevant content

Connect Route53 to CNAME outside of AWS
Luca
asked 10 months ago
DS record with DNS name ex.com not permitted in zone ex.com. Why?
thr333one
asked 3 years ago
Creating ALIAS Record for Zone Apex in Route 53
Accepted Answer
AWS-User-9370163
asked 4 years ago
Route 53 domain cname record without hosted zone
Accepted Answer
ChapterSevenSeeds
asked 3 years ago
AWS Route 53 A record shows up as CNAME in public DNS lookups
rePost-User-4725359
asked 2 years ago
How can I troubleshoot Route 53 private hosted zone DNS resolution issues?
AWS OFFICIALUpdated a year ago
How do I troubleshoot errors that I received while creating Route 53 resource record sets using the AWS CLI?
AWS OFFICIALUpdated 2 years ago
How do I import DNS zone files to Route 53 and troubleshoot errors received while importing them?
AWS OFFICIALUpdated 2 years ago
Why is the CNAME record not resolving for my ACM issued certificate and the DNS validation status is still pending validation?
AWS OFFICIALUpdated a year ago
Workaround for CNAME to external web sites at the zone apex
EXPERT
slope roll
published 2 months ago