API: route53:GetHostedZone User: arn:xxxxx is not authorized to access this resource

Hi,

I’m trying to configure a A record on Route53 from my servless.yml but get the following response:

  Serverless Error ---------------------------------------

     An error occurred while provisioning your stack: APIDomainName
     - API: route53:GetHostedZone User: arn:aws:iam::108211808302:user/gero
     is not authorized to access this resource.

However, when I log into the console as user ‘gero’ and go to Route53 and do the same configuration manually through the console webpages it works without problems.

I’m using the following in the serverless.yml to configure the A record:
APIDomainName:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneId: Z2FDTNDATAQYW2
RecordSets:
- Name: api.whereis-everybody.com.
Type: A
AliasTarget:
HostedZoneId: Z2FDTNDATAQYW2
DNSName:
Fn::GetAtt:
- WebAppCloudFrontDistribution
- DomainName

And the ~/.aws/credentials file contains the credentials for the user identified by the arn.

Because I am able to configure the A record by using the web console I am assuming that all permissions are set correct for this user. Otherwise it would also not be possible to create the A record via the console.

Any ideas what could be the problem?

Solved the issue, had HostedZoneId instead of HostedZoneName under APIDomainName/Properties.

APIDomainName:
  Type: AWS::Route53::RecordSetGroup
  Properties:
    **HostedZoneName: whereis-everybody.com.**
    RecordSets:
    - Name: api.whereis-everybody.com.
      Type: A
      AliasTarget:
        HostedZoneId: Z2FDTNDATAQYW2
        DNSName:
          Fn::GetAtt:
            - WebAppCloudFrontDistribution
            - DomainName

Regards,
Gero