Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

One or more of the CNAMEs you provided are already associated with a different resource

0

Hello,

I'm trying to associate a custom domain with a new Amazon Cognito user pool. However, I’m receiving the error: code: InvalidParameterException message: One or more of the CNAMEs you provided are already associated with a different resource. (Service: AmazonCloudFront; Status Code: 409; Error Code: CNAMEAlreadyExists; ...

I previously used this domain for a different Cognito user pool, which has already been deleted. I've also removed the relevant DNS records in Route 53.

It seems the hidden CloudFront distribution created by Cognito still holds the CNAME. Could you please support me on releasing the old association so I can re-use this domain?

Thank you!

Topics
Security, Identity, & ComplianceNetworking & Content Delivery
Tags
Amazon CloudFrontAmazon Route 53Amazon CognitoDomain Name System (DNS)
Language
English
asked 10 months ago199 views
1 Answer
0
Accepted Answer

This is a common issue when trying to reuse a custom domain with Cognito after deleting a previous user pool. Even though you've deleted the user pool and removed DNS records, the association between your domain and the CloudFront distribution might still exist in AWS's systems.

Here are some steps to resolve this issue:

  1. Wait for propagation: When you replace or set up a new certificate for your Cognito custom domain, it can take up to 1 hour for Amazon Cognito to fully distribute and apply the changes. Sometimes these issues resolve themselves after 24-48 hours as AWS systems update.

  2. Check for conflicting CloudFront distributions: You can use the AWS CLI to check for conflicting aliases with this command:

aws cloudfront list-conflicting-aliases --distribution-id <your-new-distribution-id> --alias <your-custom-domain>

This will show if there's a conflicting distribution and in which account it exists.

  1. Verify your DNS settings: Make sure you've completely removed all previous CNAME records related to the old user pool before adding new ones.

  2. Try disabling and re-enabling: Try disabling and then re-enabling the custom domain in your Cognito settings.

  3. Check your CNAME record: Ensure you're using the correct Alias Target URI provided when you create a Custom Domain in Cognito, not the Cognito Domain URI.

  4. Contact AWS Support: If none of the above works after waiting for at least 6 hours, you might need to contact AWS Support to help clear any hidden associations with your domain name. You can do this through the "Account and billing" support channel, which is free.

Each custom domain name must be unique across all CloudFront distributions globally, not just within your account. This is why you can encounter this issue even when you don't see any distributions in your own CloudFront console.
Sources
ACM Cert Not Being Honored By Custom Domain in Cognito | AWS re:Post
Can't Activate AWS Amplify Custom Domain | AWS re:Post
One or more domains requested are already associated with another Amplify | AWS re:Post

answered 10 months ago
AWS
EXPERT
reviewed 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content