Associate private hosted zones between AWS accounts using Terraform

account_associating_domain.tf

variable "accounts_to_associate" {
  default = [
    {
      vpc: "vpc-12345"
      zone: "Z3P9TEBI3356I"
    }
  ]
}

data "aws_region" "current" {
  current = true
}

resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
}

resource "null_resource" "associate_with_remote_zone" {
  count = "${length(var.accounts_to_associate)}"
  triggers {
    vpc_id = "${aws_vpc.main.id}"
  }

  provisioner "local-exec" {
    command = "aws route53 associate-vpc-with-hosted-zone --hosted-zone-id ${element(var.accounts_to_associate.*.zone, count.index)} --vpc VPCRegion=${data.aws_region.current.name},VPCId=${aws_vpc.main.id}"
  }
}

account_with_zone.tf

variable "accounts_to_auth" {
  default = [
    "vpc-12345"
  ]
}

data "aws_region" "current" {
  current = true
}

resource "aws_route53_zone" "domain_example" {
  name = "example.com"
}
  
resource "null_resource" "create_remote_zone_auth" {
  count = "${length(accounts_to_auth)}"
  triggers {
    zone_id = "${aws_route53_zone.domain_example.zone_id}"
  }

  provisioner "local-exec" {
    command = "aws route53 create-vpc-association-authorization --hosted-zone-id ${aws_route53_zone.domain_example.zone_id} --vpc VPCRegion=${data.aws_region.current.name},VPCId=${element(var.accounts_to_auth, count.index}"
  }
}