diff --git a/iac/provider.aws.acm.tf b/iac/provider.aws.acm.tf
index 52220d7..2028f15 100644
--- a/iac/provider.aws.acm.tf
+++ b/iac/provider.aws.acm.tf
@@ -2,12 +2,33 @@ resource "aws_acm_certificate" "created" {
   domain_name               = var.domain_name
   validation_method         = "DNS"
   subject_alternative_names = []
-  validation_option {
-    domain_name       = var.domain_name
-    validation_domain = var.domain_name
-  }
 }
 
 resource "aws_acm_certificate_validation" "created" {
   certificate_arn = aws_acm_certificate.created.arn
+  depends_on      = [terraform_data.print_acm_validation_records]
+}
+
+
+# HACK: im sorry
+
+resource "terraform_data" "print_acm_validation_records" {
+  provisioner "local-exec" {
+    command = <<-EOT
+      echo -en '\n\n\n\n\n\n
+      add the following records to associated DNS server:\n\n
+      ${local.acm_validation_records_provisioner_string}
+      \n\n\n\n\n\n'
+    EOT
+  }
+}
+
+locals {
+  acm_validation_records_provisioner_string = join("\n", [
+    for map in aws_acm_certificate.created.domain_validation_options :
+    join("\n", [
+      join(" | ", keys(map)),
+      join(" | ", values(map))
+    ])
+  ])
 }
diff --git a/iac/terraform.outputs.tf b/iac/terraform.outputs.tf
index 9dab68e..b8b6ba1 100644
--- a/iac/terraform.outputs.tf
+++ b/iac/terraform.outputs.tf
@@ -18,11 +18,6 @@ output "acm_certificate_arn" {
   description = "ARN of the created ACM certificate."
 }
 
-output "acm_validation_options" {
-  value       = aws_acm_certificate.created.domain_validation_options
-  description = "ACM domain validation records."
-}
-
 output "iam_access_key_id" {
   value       = aws_iam_access_key.publisher.id
   description = "access key ID of the publisher IAM user."