How do I troubleshoot errors that I received while creating Route 53 resource record sets using the AWS CLI?

Last updated: 2021-02-02

Why did I receive an error message when I tried to create a resource record set using the AWS Command Line Interface (AWS CLI)? How can I fix the error?

Resolution

Note: If you receive errors when running AWS CLI commands, make sure that you’re using the most recent AWS CLI version.

Refer to the following common error messages to determine the error's cause and how to troubleshoot it.

An error occurred (InvalidInput) when calling the ChangeResourceRecordSets operation: Invalid XML ; cvc-enumeration-valid: Value 'Delete' is not facet-valid with respect to enumeration '[CREATE, DELETE, UPSERT]'. It must be a value from the enumeration.

The JSON file format requires an uppercase CREATE, DELETE, or UPSERT value in your configuration file.

Change the value to uppercase in the configuration file. For example:

"Action": "CREATE",

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: RRSet of type CNAME with DNS name domain.com. is not permitted at apex in zone domain.com.

You can't create a CNAME record at the top node of a DNS namespace, also called the zone apex (such as example.com).

If you're creating a record for the apex domain to point to AWS resources, use an alias record instead of CNAME.

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: RRSet of type MX with DNS name b.domain.com. is not permitted because a conflicting RRSet of type CNAME with the same DNS name already exists in zone domain.com.

If you have a CNAME resource record set for a subdomain name (such as test.example.com), you can't have an MX record, an A record, or a TXT record for that subdomain.

Create your MX record in a different record set in the same hosted zone.

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: [RRSet of type A with DNS name b.domain.com. is not permitted because a conflicting RRSet of type CNAME with the same DNS name already exists in zone b.domain.com.]

If you're updating a CNAME record to any other record using "UPSERT", or you're trying to change an existing record to a CNAME record, you receive this error.

The UPSERT is successful only if you originally had a CNAME record and UPSERT to another CNAME record.

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to create resource record set [name='b.domain.com.', type='CNAME'] but it already exists.

You're performing the CREATE action for a CNAME resource record set that already exists for the domain.

Create the CNAME record set for a domain where one doesn't already exist.

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to delete resource record set [name='a.domain.com.', type='A'] but the values provided do not match the current values.

You're trying to delete a resource record set using a JSON file, but the content doesn't match the values of the existing record set.

Check and update the values for Name, Type, and TTL in your configuration file. Then, try to delete the resource record set again.

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to delete resource record set [name='a.domain.com.', type='A'] but the rdata provided is invalid.

You're performing the DELETE action for a resource record set, but the value for ResourceRecord doesn't match the value in the existing resource record set.

Check and update the ResourceRecord value in your configuration file. Then, try to delete the resource record set again.

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to delete resource record set [name='a.domain.com.', type='A'] but it was not found.

You're using an incorrect hosted zone ID for your domain name.

Run the change-resource-record-sets command again with the correct ID, using this format:

aws route53 change-resource-record-sets --hosted-zone-id ZXXXXXXXXXXXX --change-batch file://sample.json

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: Tried to create an alias that targets applicationenv.us-west-2.elasticbeanstalk.com., type A in zone Z1H1FL5HABSF5, but the alias target name does not lie within the target zone.

You're using an incorrect HostedZoneId value for your AWS resource in the configuration file. Note that the value for the HostedZoneId key is the unique ID for the AWS resource in each Region, not the hosted zone ID for your domain name.

Check and update the HostedZoneId value to your AWS resource's hosted zone ID. For more information, see How do I create alias resource record sets in Route 53 using the AWS CLI?