AWS DNS MX record setup for gsuite - undocumented pitfall

I am starting work on a new project, and wanted to set up a "work" email account for a domain of mine, conferacity.com (there is nothing at that address at time of writing, but maybe check back in a few weeks!). 

I bought the domain a few years ago, through AWS Route 53. I set up a basic account at gsuite, and then tried to follow their instructions for AWS Route 53. Seemed straightforward, but couldn't seem to get it working.

Took me a day to figure it out, but the problem seems to be that Route 53 gives you a different set of nameservers on your domain page from that on your hosted zone for the same domain!

When you have a domain in Route 53, you are automatically set up with a set of four nameservers, you can see them listed in the Route 53 Dashboard if you click on domains and then the specific domain you are interested in, conferacity.com in my case. 

In order to set up your MX records, you need to create a hosted zone from the Route 53 Dashboard. When a hosted zone is first created, it will have only two types of records, NS which is a list of nameservers, and SOA which means "Start of Authority". 

The important thing to note is that the nameservers that AWS sets up for you in NS in the hosted zone for your domain are NOT THE SAME as the ones listed in the domains part of the Route 53 Dashboard - and they need to be the same in order to work correctly.

I suspect it would work either way, but I think it's probably best to copy the nameservers listed on the domains page to the NS record in the hosted zones page. 

Once I did that and waited five minutes, gsuite was able to validate my domain.