ChangeResourceRecordSetsRecordTypes in IAM Permissions with ABAC example is missing TXT type

[netanel-innovid]

The example for IAM Permissions with ABAC here:

external-dns/docs/tutorials/aws.md

Line 63 in 07ae419

"route53:ChangeResourceRecordSetsRecordTypes": ["A", "AAAA", "MX"]

is missing TXT type, which leads to failure to create TXT records and errors such as (sanitized):

level=error msg="Failure in zone management.stage.inbake.com. when submitting change batch: operation error Route 53: ChangeResourceRecordSets, https response error StatusCode: 403, RequestID: a4d8-4055-9449-4421a5c67f48, api error AccessDenied: User: arn:aws:sts::123456789012:assumed-role/external-dns-role/external-d-49df7ce5-60ec-4942-944d is not authorized to perform: route53:ChangeResourceRecordSets on resource: arn:aws:route53:::hostedzone/XXXXYYYYZZZ because no identity-based policy allows the route53:ChangeResourceRecordSets action" profile=default zoneID=/hostedzone/XXXXYYYYZZZ zoneName=mydomain.com.

[TobyTheHutt]

I'll take a shot at this.