How do I troubleshoot errors that I receive when I use the AWS CLI to create Route 53 resource record sets?

Resolution

Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

To resolve your issue, use the following troubleshooting steps for the error message that you receive.

Invalid input error

"An error occurred (InvalidInput) when calling the ChangeResourceRecordSets operation: Invalid XML ; cvc-enumeration-valid: Value 'Delete' is not facet-valid with respect to enumeration '[CREATE, DELETE, UPSERT]'. It must be a value from the enumeration"

You receive the preceding error message because the CREATE, DELETE, or UPSERT value isn't uppercase in your configuration file.

To resolve this issue, change the value to uppercase in the configuration file.

Example:

"Action": "CREATE",

Invalid change batch error

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: RRSet of type CNAME with DNS name domain.com. is not permitted at apex in zone domain.com"

You receive the preceding error message because you can't create a CNAME record at the top node of a DNS namespace, such as example.com. The DNS namespace is also known as the zone apex.

To resolve this issue, use an alias record instead of a CNAME when you create a record for the zone apex domain to point to AWS resources.

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: RRSet of type MX with DNS name b.domain.com. is not permitted because a conflicting RRSet of type CNAME with the same DNS name already exists in zone domain.com"

You receive the preceding error message when you have a CNAME resource record set for a subdomain name that includes MX, A, or TXT records.

To resolve this issue, create your MX, A, or TXT record in a different record set in the same hosted zone.

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: [RRSet of type A with DNS name b.domain.com. is not permitted because a conflicting RRSet of type CNAME with the same DNS name already exists in zone b.domain.com.]"

You receive the preceding error message when you use UPSERT to update a CNAME record to any other record. You also receive the error message when you try to change a record that exists to a CNAME record.

The UPSERT operation is successful only when you already have a CNAME record and you use the operation on another CNAME record.

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to create resource record set [name='b.domain.com.', type='CNAME'] but it already exists"

You receive the preceding error message when you create a CNAME resource record set that already exists for the domain.

To resolve this issue, check whether a CNAME record set for the domain already exists.

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to delete resource record set [name='a.domain.com.', type='A'] but the values provided do not match the current values"

You receive the preceding error message when you use a JSON file to delete a resource record set. However, the file's content doesn't match the record set values.

To resolve this issue, update the values for Name, Type, and TTL in your JSON file to match the record set values. Then, delete the resource record set.

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to delete resource record set [name='a.domain.com.', type='A'] but the rdata provided is invalid"

You receive the preceding error message when you delete a resource record set, but the ResourceRecord value doesn't match the resource record set value.

To resolve this issue, update the ResourceRecord values in your configuration file to match the resource record set values. Then, delete the resource record set.

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to delete resource record set [name='a.domain.com.', type='A'] but it was not found."

You receive the preceding error message when you use an incorrect hosted zone ID for your domain name.

To resolve this issue, run the change-resource-record-sets command again with the correct ID, and use the following format:

aws route53 change-resource-record-sets --hosted-zone-id Z############ --change-batch file://sample.json

"An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to create an alias that targets applicationenv.us-west-2.elasticbeanstalk.com., type A in zone Z1H1FL5HABSF5, but the alias target name does not lie within the target zone"

You receive the preceding error message when you use an incorrect HostedZoneId value for your AWS resource in the configuration file. The value for the HostedZoneId key is the unique ID for the AWS resource in each AWS Region. The value for the HostedZoneId isn't the hosted zone ID for your domain name.

To resolve this issue, update the HostedZoneId value to your AWS resource's hosted zone ID. For more information, see How do I use the AWS CLI to create alias resource record sets in Route 53?

Related information

How do I create a simple resource record set in Amazon Route 53 using the AWS CLI?

Common errors