---
title: Route 53 record undefined
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > Code Security > Infrastructure as Code (IaC)
  Security > IaC Security Rules > Route 53 record undefined
---

# Route 53 record undefined

{% callout %}
# Important note for users on the following Datadog sites: app.ddog-gov.com, us2.ddog-gov.com

{% alert level="danger" %}
This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ({% placeholder "user-datadog-site-name" /%}).
{% /alert %}

{% /callout %}

## Metadata{% #metadata %}

**Id:** `ansible-aws-route53-record-undefined` 

**Provider:** AWS

**Platform:** Ansible

**Severity:** High

**Category:** Networking and Firewall

#### Learn More{% #learn-more %}

- [Provider Reference](https://docs.ansible.com/ansible/latest/collections/amazon/aws/route53_module.html#parameter-value)

### Description{% #description %}

Route 53 record resources must include one or more record values so DNS entries are created and resolve correctly. Missing values can lead to service disruption, broken name resolution, or unintended traffic routing. For Ansible tasks using the `amazon.aws.route53` or `route53` modules, the `value` parameter must be present and non-null, typically as a list of one or more string values. Tasks missing the `value` parameter, with `value: null`, or with an empty list are flagged.

Secure example Ansible task:

```yaml
- name: Create A record for app.example.com
  amazon.aws.route53:
    zone: example.com
    record: app
    type: A
    ttl: 300
    value:
      - "203.0.113.10"
```

## Compliant Code Examples{% #compliant-code-examples %}

```yaml
- name: Use a routing policy to distribute traffic
  amazon.aws.route53:
    state: present
    zone: foo.com
    record: www.foo.com
    type: CNAME
    value: host1.foo.com
    ttl: 30
    identifier: host1@www
    weight: 100
    health_check: d994b780-3150-49fd-9205-356abdd42e75
```

## Non-Compliant Code Examples{% #non-compliant-code-examples %}

```yaml
---
- name: Use a routing policy to distribute traffic02
  amazon.aws.route53:
    state: present
    zone: foo.com
    record: www.foo.com
    type: CNAME
    value:
    ttl: 30
    identifier: "host1@www"
    weight: 100
    health_check: "d994b780-3150-49fd-9205-356abdd42e75"
- name: Use a routing policy to distribute traffic03
  amazon.aws.route53:
    state: present
    zone: foo.com
    record: www.foo.com
    type: CNAME
    ttl: 30
    identifier: "host1@www"
    weight: 100
    health_check: "d994b780-3150-49fd-9205-356abdd42e75"
```