---
title: Route53 record undefined
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > Code Security > Infrastructure as Code (IaC)
  Security > IaC Security Rules > Route53 record undefined
---

# Route53 record undefined

{% callout %}
# Important note for users on the following Datadog sites: app.ddog-gov.com, us2.ddog-gov.com

{% alert level="danger" %}
This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ({% placeholder "user-datadog-site-name" /%}).
{% /alert %}

{% /callout %}

## Metadata{% #metadata %}

**Id:** `terraform-aws-route53-record-undefined` 

**Provider:** AWS

**Platform:** Terraform

**Severity:** High

**Category:** Networking and Firewall

#### Learn More{% #learn-more %}

- [Provider Reference](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record)

### Description{% #description %}

This check verifies that Route53 record resources have defined values in the `records` array. Empty `record` arrays in Route53 configurations may result in DNS resolution failures, causing service disruptions and potentially breaking application functionality that depends on proper name resolution.

A properly configured Route53 record should include appropriate values in the `records` array, as shown in the secure example below:

```terraform
records = [
  aws_route53_zone.example.name_servers[0],
  aws_route53_zone.example.name_servers[1],
  aws_route53_zone.example.name_servers[2],
  aws_route53_zone.example.name_servers[3],
]
```

Insecure configurations leave the records array empty:

```terraform
records = [
  
]
```

## Compliant Code Examples{% #compliant-code-examples %}

```terraform
resource "aws_route53_record" "example" {
  allow_overwrite = true
  name            = "test.example.com"
  ttl             = 30
  type            = "NS"
  zone_id         = aws_route53_zone.example.zone_id

  records = [
    aws_route53_zone.example.name_servers[0],
    aws_route53_zone.example.name_servers[1],
    aws_route53_zone.example.name_servers[2],
    aws_route53_zone.example.name_servers[3],
  ]
}
```

## Non-Compliant Code Examples{% #non-compliant-code-examples %}

```terraform
resource "aws_route53_record" "example" {
  allow_overwrite = true
  name            = "test.example.com"
  ttl             = 30
  type            = "NS"
  zone_id         = aws_route53_zone.example.zone_id

  records = [
    
  ]
}
```