aws-route53: CrossAccountZoneDelegationRecord fails deployment when parentHostedZoneName contains a trailing dot

[ryderben]

Describe the bug

Currently deployments of stacks fail if they contain a CrossAccountZoneDelegationRecord where the parent hosted zone name has a trailing dot (supplied in construct property parentHostedZoneName).

Expected Behavior

Deployment is expected to work transparently, regardless of whether or not there is a trailing dot. This is expected since:

• Route53 already treats these two names as synonymous - the trailing dot is stripped under Hosted zone name in the AWS console, but present elsewhere, e.g. aws route53 list-hosted-zones | jq '.HostedZones[].Name'. The ListHostedZonesByName action also appears to handle both.
• Zone names with the trailing dot is arguably the more correct representation, since this is what appears in the generated AWS::Route53::HostedZone CFN by default when using PublicHostedZone/PrivateHostedZone constructs, and is used by the Route53 API.

Current Behavior

CloudFormation deployment of the parent stack fails - in Events:

Status: CREATE_FAILED

Status reason: Received response status [FAILED] from custom resource. Message returned: Error: Expected one hosted zone to match the given name but found 0 at A (/var/task/index.js:1:1613) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async s (/var/task/index.js:1:1272) at async Runtime.handler (/var/task/__entrypoint__.js:1:932)

Reproduction Steps

1. Follow instructions to create setup for Cross Account Zone Delegation - https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_route53-readme.html#cross-account-zone-delegation
2. Modify parentHostedZoneName to contain a trailing dot.

Possible Solution

Change filter in custom resource handler to not append the trailing dot automatically:

aws-cdk/packages/@aws-cdk/custom-resource-handlers/lib/aws-route53/cross-account-zone-delegation-handler/index.ts

Lines 78 to 83 in 3656a4c

	const zones = await route53.listHostedZonesByName({ DNSName: name });
	const matchedZones = zones.HostedZones?.filter(zone => zone.Name === `${name}.`) ?? [];
	if (matchedZones && matchedZones.length !== 1) {
	throw Error(`Expected one hosted zone to match the given name but found ${matchedZones.length}`);
	}

The preceding ListHostedZonesByName call likely does not need to be changed (both formats should yield the same response), however this should be confirmed.

Additional Information/Context

No response

CDK CLI Version

2

Framework Version

No response

Node.js Version

18.18.2

OS

Amazon Linux 2

Language

TypeScript

Language Version

No response

Other information

No response

[pahud]

I am not sure if any breaking changes would incur but this sounds good to me. Any pull requests are welcome and appreciated.