How can I claim a CNAME for my Cloudfront distribution?

Hello.

The error cannot be resolved unless you unbind the domain from the CloudFront it's bound to.
Also, as stated in the following documentation, if CloudFront is hosted in an AWS account other than your own, you will need to contact AWS Support.
https://repost.aws/knowledge-center/resolve-cnamealreadyexists-error

If you don't have access to the account that contains the source distribution or you can't deactivate the source distribution, then contact AWS Support.

This is indeed a frustrating situation, but it's not necessarily an AWS bug. It's a security measure implemented by AWS to prevent potential conflicts or hijacking of domains across different AWS accounts.

To claim the CNAME for your CloudFront distribution when it's already associated with another distribution not owned by you, you have a few options:

1. Use the AWS CLI command: aws cloudfront list-conflicting-aliases --distribution-id <your-distribution-id> --alias <your-domain-name> This will provide more information about the conflicting resource, including a partial Account ID and Distribution ID.

2. Double-check that you've removed any previous CloudFront distributions or other AWS resources that might be using this domain, including in other AWS accounts you may have.

3. If you've recently acquired or transferred the domain, wait 24-48 hours as there can sometimes be a delay in propagation.

4. Verify that you don't have any AWS Amplify apps that might have created an internal CloudFront distribution using your domain.

5. Ensure that you have properly set up your DNS configuration to point to your new CloudFront distribution. You need to have permission to create CNAME records with your DNS service provider.

6. Make sure you have a valid SSL/TLS certificate for the domain, either through AWS Certificate Manager (ACM) or a third-party certificate authority.

If none of these steps resolve the issue, unfortunately, the standard solution is to contact AWS Support. While this typically requires at least a Developer Support plan, which does come with an additional cost, it's currently the most direct way to resolve conflicts that aren't visible or manageable through your account's console or CLI.

As a last resort, you could consider using a different subdomain that's not conflicting, though this isn't ideal if you need to use the specific domain or subdomain in question.

It's important to note that while this situation is inconvenient, it's not a bug but rather a security feature designed to protect domain owners. However, the process for resolving such conflicts without paid support could certainly be improved.
Sources
One or more of the CNAMEs you provided are already associated with a different resource. | AWS re:Post
Use custom URLs by adding alternate domain names (CNAMEs) - Amazon CloudFront
Configure alternate domain names and HTTPS - Amazon CloudFront