today i ran into the problem, that phantom CloudFront distribution blocks me from creating Cognito Custom domain.
I use 2 different aws accounts one for dev and one for prod. So i first created a cognito pool and tested the custom domain feature. Let us use "auth.blabla.com" so this domain as custom domain for that pool.
When i was finished testing i deleted the cognito pool and with it the custom domain, went to the prod account and tried to use the new same domain "auth.blabla.com" as custom domain. And got an error saying
One or more of the CNAMEs you provided are already associated with a different resource. (Service: AmazonCloudFront; Status Code: 409; Error Code: CNAMEAlreadyExists; Request ID: *******-****-****-****-************; Proxy: null)
But i can't access the distribution cognito created on my behalf for the pool (neither over the web-ui nor over the cli). I thought aws would delete it too when i delete the cognito pool. Seems like it doesn't...
Does aws delete it over some time (3-6hours) or am I on a dead end with that domain?
The CloudFront distribution that AWS creates for the custom Cognito domain will be removed in a few hours after you delete the user pool (or delete the custom domain via the Cognito console / API). This seems to be completely hidden from the user (you).