The client is from KSA and had to purchase the .sa domain via sahara.net, since AWS does not support it. I want Route 53 to be the DNS service, for convenience and because I want to use the Alias records.
I've followed the steps at https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/migrate-dns-domain-in-use.html. I've changed the registrar's NS records to point to the Route 53 hosted zone's servers and, after waiting 24 hours, www.whatsmydns.net tells me the domain points to the correct ones.
But the Alias records I added in Route 53 for 2 subdomains pointing to 2 ElasticBeanstalk environments do no work (DNS_PROBE_FINISHED_NXDOMAIN) and I had to add the CNAME for the Amplify main application in the registrar's records before that got validated, even though Amplfy added those records to the hosted zone automatically.
It looks like the switch/porting of DNS authority isn't happening.
There are records in the registrar's DNS zone that I have yet to add in Route 53. Could those be the reason why it isn't porting over?
Can someone give me any advice or tell me what I'm doing wrong?
Edit: In case someone encounters this specific issue, I'll leave the resolution here. In the case of sahara.net, it is not enough to edit the NS records. You have to make a ticket with them so that they can edit the servers for your domain in a different part of the application.
Thank you for your reply! You are correct that there are a few places around the world that are still answering with the sahara servers instead of the aws ones. It's been more than 48 hours now since I did the changes, so I'm not sure why they haven't updated.
As you suggested, I cleared my DNS cache and then tried to access the subdomains I associated with my EB environments. I still got the same error in the browser and www.whatsmydns.net does no provide any results for them. As a note, I am using A records with Aliases to the environments, not CNAMEs.
It's possible that even after clearing your local DNS cache, an upstream source (like your router, or your ISP) is still using the cached record. A more definitive way to test DNS is to use the dig command, which is documented at https://linux.die.net/man/1/dig. An example query to confirm the DNS records hosted in Route53 would be "dig @your-aws-name-server your-domain any". You can substitute your-aws-name-server with any DNS server that you'd like to query and compare answers with.
Thanks again for replying! The dig command, when I use it with AWS name servers gives me the correct records from Route53. This also happens when I use the subdomains instead of the root domain. But if I use the old sahara name servers (which are still, sometimes, returned by whatsmydns.net), I get only the records from their hosted zone with their NS records pointing to the AWS name servers.