AWS Route53 recordset delete Error - values provided do not match the current values

Question

I am trying to delete a failover alias recordset with the following command:

aws route53 change-resource-record-sets \
    --hosted-zone-id <my-zone-id> \
    --change-batch file://file.json

Contents of json:

{
  "Comment": "test-rdc",
  "Changes": [
  {
    "Action": "DELETE",
    "ResourceRecordSet": {
      "Name": "abc.aws-ab-xyz.abcd.com",
      "Type": "A",
      "SetIdentifier": "abc-Secondary",
      "Failover": "SECONDARY" ,
      "AliasTarget": {
        "HostedZoneId": "jashkhakh",
        "DNSName": "hhhkjhkh",
        "EvaluateTargetHealth": false 
      },
      "HealthCheckId": "hhjhkh" 
    }
  }]
}

Error: Tried to delete resource record set [name='abc.aws-ab-xyz.abcd.com.', type='A', set-identifier='abc-Secondary', health check='hhjhkh'] but the values provided do not match the current values

I have verified the entries are correct in my json file.

Answer 1

Also getting this error today while trying to update the route 53 via CloudFormation in our CICD pipeline. Turns out it is becuase we modified the record manually during some test and did NOT change back. Cloudformation requires not only the record type/name/TTL be the same, but also the value to be the identical as is during last stack update/create.

Therefor the fix is to switch the value back to the original url, CFT/stack works again.

Answer 2

I was able to figure this one out myself. I was missing dualstack prefix form the ELB name in my json file. Looks like it expects the ELB name to be exactly same as what is there in the R53 console. Change from :

"DNSName": "hhhkjhkh"

to

"DNSName": "dualstack.hhhkjhkh"

Answer 3

Specify also the TTL.

I had the same problem in a Cloudformation change, and the problem was difference between TTLs.

https://github.com/ansible/ansible-modules-core/issues/551#issuecomment-70481068