AWS ACM public certificate with validation in terraform

certificate.tf

variable "ingress_domain_name" {
  type=string
}

data "aws_route53_zone" "ingress" {
  name         = "${var.ingress_domain_name}."
  private_zone = false
}

resource "aws_acm_certificate" "ingress" {
  domain_name       = data.aws_route53_zone.ingress.name
  validation_method = "DNS"
  tags = {
    "Name" = data.aws_route53_zone.ingress.name
  }
}

resource "aws_route53_record" "ingress_validation" {
  for_each = {
    for dvo in aws_acm_certificate.ingress.domain_validation_options : dvo.domain_name => {
      name   = dvo.resource_record_name
      type   = dvo.resource_record_type
      record = dvo.resource_record_value
    }
  }

  zone_id         = data.aws_route53_zone.ingress.zone_id
  allow_overwrite = true
  ttl             = 60
  name            = each.value.name
  type            = each.value.type
  records         = [each.value.record]
}

resource "aws_acm_certificate_validation" "ingress_validation" {
  certificate_arn         = aws_acm_certificate.ingress.arn
  validation_record_fqdns = [for record in aws_route53_record.ingress_validation : record.fqdn]
}