app init multiple hosted zones for a domain

[CountryNerd]

If you have a have multiple hosted zones example one for public and one for private for the same domain name.
Then app init --domain example.com will error out.

In order to make this work you need todo

app init

Then do a change set on the CF template created

# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: MIT-0
AWSTemplateFormatVersion: 2010-09-09
Description: Configure the AWSCloudFormationStackSetAdministrationRole to enable use of AWS CloudFormation StackSets.
Metadata:
  TemplateVersion: 'v1.0.2'
Parameters:
  AdminRoleName:
    Type: String
  ExecutionRoleName:
    Type: String
  DNSDelegationRoleName:
    Type: String
    Default: ""
  AppDNSDelegatedAccounts:
    Type: CommaDelimitedList
    Default: ""
  AppDomainName:
    Type: String
    Default: ""
  AppDomainHostedZoneID:
    Type: String
    Default: ""
  AppName:
    Type: String
Conditions:
  DelegateDNS:
    !Not [!Equals [ !Ref AppDomainName, "" ]]

Resources:
  AdministrationRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: !Ref AdminRoleName
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              Service: cloudformation.amazonaws.com
            Action:
              - sts:AssumeRole
      Path: /
      Policies:
        - PolicyName: AssumeRole-AWSCloudFormationStackSetExecutionRole
          PolicyDocument:
            Version: 2012-10-17
            Statement:
              - Effect: Allow
                Action:
                  - sts:AssumeRole
                Resource:
                  - !Sub 'arn:${AWS::Partition}:iam::*:role/${AdminRoleName}'
  ExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: !Ref ExecutionRoleName
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              AWS: !GetAtt AdministrationRole.Arn
            Action:
              - sts:AssumeRole
      Path: /
      Policies:
      - PolicyName: ExecutionRolePolicy
        PolicyDocument:
          Version: "2012-10-17"
          Statement:
              - Sid: StackSetRequiredPermissions
                Effect: Allow
                Action:
                  - cloudformation:*
                  - s3:*
                  - sns:*
                Resource: "*"
              - Sid: ManageKMSKeys
                Effect: Allow
                Action:
                  - kms:*
                Resource: "*"
              - Sid: ManageECRRepos
                Effect: Allow
                Action:
                  - ecr:DescribeImageScanFindings
                  - ecr:GetLifecyclePolicyPreview
                  - ecr:CreateRepository
                  - ecr:GetDownloadUrlForLayer
                  - ecr:GetAuthorizationToken
                  - ecr:ListTagsForResource
                  - ecr:ListImages
                  - ecr:DeleteLifecyclePolicy
                  - ecr:DeleteRepository
                  - ecr:SetRepositoryPolicy
                  - ecr:BatchGetImage
                  - ecr:DescribeImages
                  - ecr:DescribeRepositories
                  - ecr:BatchCheckLayerAvailability
                  - ecr:GetRepositoryPolicy
                  - ecr:GetLifecyclePolicy
                  - ecr:TagResource
                Resource: "*"

  DNSDelegationRole:
    Type: AWS::IAM::Role
    Condition: DelegateDNS
    Properties:
      RoleName: !Ref DNSDelegationRoleName
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              AWS:  !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:root
            Action:
              - sts:AssumeRole
          - Effect: Allow
            Principal:
              AWS:
                - !Sub arn:${AWS::Partition}:iam::084093615772:root
            Action:
              - sts:AssumeRole
      Path: /
      Policies:
      - PolicyName: DNSDelegationPolicy
        PolicyDocument:
          Version: "2012-10-17"
          Statement:
              - Sid: HostedZoneReadRecords
                Effect: Allow
                Action:
                  - route53:Get*
                  - route53:List*
                Resource: "*"
              - Sid: HostedZoneUpdate
                Effect: Allow
                Action:
                  - route53:ChangeResourceRecordSets
                Resource:
                  - !Sub arn:${AWS::Partition}:route53:::hostedzone/${AppHostedZone}
                  - !Sub arn:${AWS::Partition}:route53:::hostedzone/${AppDomainHostedZoneID}

  AppHostedZone:
    Type: AWS::Route53::HostedZone
    Condition: DelegateDNS
    Properties:
      HostedZoneConfig:
        Comment: !Sub "Hosted zone for copilot application ${AppName}: ${AppName}.${AppDomainName}"
      Name: !Sub ${AppName}.${AppDomainName}

  AppDomainDelegationRecordSet:
    Type: AWS::Route53::RecordSet
    Condition: DelegateDNS
    Properties:
      HostedZoneId: !Sub ${AppDomainHostedZoneID}
      Comment: !Sub "Record for copilot domain delegation for application ${AppDomainName}"
      Name: !Sub ${AppName}.${AppDomainName}.
      Type: NS
      TTL: '900'
      ResourceRecords: !GetAtt AppHostedZone.NameServers

Outputs:
  ExecutionRoleARN:
    Description: ExecutionRole used by this application to set up ECR Repos, KMS Keys and S3 buckets
    Value: !GetAtt ExecutionRole.Arn
  AdministrationRoleARN:
    Description: AdministrationRole used by this application to manage this application's StackSet
    Value: !GetAtt AdministrationRole.Arn
  TemplateVersion:
    Description: Required output to force the stack to update if mutating version.
    Value: v1.0.2

[KollaAdithya]

Fix has been released in case of multiple hosted zones with one public and private hosted zone
#5315