When working with AWS Route53, you might encounter this frustrating error when trying to add a second TXT record to the same domain:
Tried to create resource record set type='TXT' but it already exists
This occurs because Route53 treats TXT records differently from other record types due to their special formatting requirements.
Unlike other DNS record types where multiple records can coexist for the same name, Route53 requires TXT records to be consolidated into a single record set. This is because:
- TXT records are often used for verification purposes (SPF, DKIM, DMARC)
- Each TXT record can contain multiple strings
- The DNS protocol allows bundling multiple values in a single TXT record
Instead of creating multiple TXT records, combine them into one record set with multiple values:
{
"Name": "example.com",
"Type": "TXT",
"TTL": 300,
"ResourceRecords": [
"\"v=spf1 include:_spf.google.com ~all\"",
"\"google-site-verification=abc123\"",
"\"key=value\""
]
}
Here's how to create a multi-value TXT record using AWS CLI:
aws route53 change-resource-record-sets \
--hosted-zone-id Z1234567890ABC \
--change-batch '{
"Changes": [{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "example.com",
"Type": "TXT",
"TTL": 300,
"ResourceRecords": [
{"Value": "\"v=spf1 include:_spf.google.com ~all\""},
{"Value": "\"google-site-verification=abc123\""}
]
}
}]
}'
After creating the record, verify it using dig or nslookup:
dig TXT example.com +short
"v=spf1 include:_spf.google.com ~all"
"google-site-verification=abc123"
Here are scenarios where you might need multiple TXT values:
- Combining SPF with domain verification records
- Adding multiple email security records (DMARC, DKIM)
- Including various service verification strings (Google, Microsoft, etc.)
If you're still having issues:
- Check for existing TXT records in your hosted zone
- Ensure proper escaping of quotes in JSON (\"value\")
- Verify record propagation with Route53's health checks
- Remember the 400-character limit per string in TXT records
When working with AWS Route53, you might encounter this common error when trying to add multiple TXT records:
Tried to create resource record set type='TXT' but it already exists
In Route53, TXT records are organized into record sets. Each record set can contain multiple values, but you can't create multiple record sets with the same name and type. Here's how to properly structure your TXT records:
{
"Name": "example.com",
"Type": "TXT",
"TTL": 300,
"ResourceRecords": [
{"Value": "\"first verification code\""},
{"Value": "\"second verification code\""}
]
}
A common scenario is needing both SPF and DMARC records. Instead of creating separate TXT record sets, combine them:
aws route53 change-resource-record-sets \
--hosted-zone-id Z123456789 \
--change-batch '{
"Changes": [{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "example.com",
"Type": "TXT",
"TTL": 300,
"ResourceRecords": [
{"Value": "\"v=spf1 include:_spf.google.com ~all\""},
{"Value": "\"v=DMARC1; p=none; rua=mailto:dmarc@example.com\""}
]
}
}]
}'
If you truly need separate record sets (e.g., for different subdomains), structure them like this:
// For domain verification
{
"Name": "example.com",
"Type": "TXT",
"TTL": 300,
"ResourceRecords": [
{"Value": "\"google-site-verification=abc123\""}
]
}
// For _domainkey
{
"Name": "_domainkey.example.com",
"Type": "TXT",
"TTL": 300,
"ResourceRecords": [
{"Value": "\"k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC...\""}
]
}
If you're still seeing the error, check:
- Existing TXT records in the hosted zone
- Proper escaping of quotes in TXT values
- Correct record name formatting (trailing dots matter)