Certificate Validation Not Recognized in Route 53

[redmed86]

When running the terraform in us-east-1, unable to get the scripts to find the proper DNS Validation entry in Route 53 hosted zone. Receive the below error:

 Error: 1 error occurred:
│   * missing amplifygenai-auth.<my_domain>.dev DNS validation record: _67af397fc553281a239e2416e2321000.amplifygenai-auth.<my_domain>.dev
│
│
│
│   with module.cognito_pool.aws_acm_certificate_validation.cognito_ssl_cert_validation,
│   on ../modules/cognito_pool/cognito_pool.tf line 63, in resource "aws_acm_certificate_validation" "cognito_ssl_cert_validation":
│   63: resource "aws_acm_certificate_validation" "cognito_ssl_cert_validation" {
│

Somewhere in the terraform it seems to double append the domain name so that when you check the console you see:

_67af397fc553281a239e2416e2321000.amplifygenai-auth.<my_domain>.dev.amplifygenai.<my_domain>.dev

In the terraform.tfvars file, if you remove only place amplifygenai-auth in the cognito_domain var then other functionality breaks when creating the certificate.

Line 63 of cognito_pool.tf consists of the following resource block:

resource "aws_acm_certificate_validation" "cognito_ssl_cert_validation" {
  certificate_arn         = aws_acm_certificate.cognito_ssl_cert.arn
  validation_record_fqdns = [for record in aws_route53_record.cognito_cert_validation : record.fqdn]
}

locals {
  cognito_cert_validation_records = {
    for dvo in aws_acm_certificate.cognito_ssl_cert.domain_validation_options : dvo.domain_name => {
      name   = dvo.resource_record_name
      type   = dvo.resource_record_type
      record = dvo.resource_record_value
    }
  }
}

[karnsab]

Can you share the cognito portion of your main.tf file?