Acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: No TXT record found

I am trying to generate an acme_certificate for the wildcard domain. I have written a terraform script to generate certs for all records under DNS zones but getting error DNS problem: NXDOMAIN looking up TXT. Is there any way to automatically validate DNS challenge in acme_certificate terraform logic?

provider "acme" {
  server_url = "https://acme-v02.api.letsencrypt.org/directory"
}

resource "tls_private_key" "private_key" {
  algorithm = "RSA"
}

resource "acme_registration" "registration" {
  account_key_pem = tls_private_key.private_key.private_key_pem
  email_address   = "myemail@gmail.com" # TODO put your own email in here!
}


resource "acme_certificate" "certs" {
  for_each        = var.certs
  account_key_pem = acme_registration.registration.account_key_pem
  # allow overriding the common name if set
  common_name               = lookup(each.value, "common_name", null) != null ? each.value.common_name : each.key
  subject_alternative_names = [for s in each.value.subject_alternative_names_prefixes : "${s}.${each.key}"]
  disable_complete_propagation = true
  min_days_remaining           = 45


  dns_challenge {
    provider = "oraclecloud"
    config = {
      OCI_COMPARTMENT_OCID   = "${var.compartment_ocid}"
      OCI_TENANCY_OCID       = "${var.tenancy_ocid}"
      OCI_USER_OCID          = "${var.user_ocid}"
      OCI_REGION             = "${var.region}"
      OCI_PUBKEY_FINGERPRINT = "${var.fingerprint}"
      OCI_PRIVKEY_FILE       = "${var.private_key_path}"
    }
  }
  depends_on = [module.hosted_zones]
}

module "hosted_zones" {
  source = "./hosted_zones"
  for_each = var.hosted_zones
  zone = each.key
  records = each.value
  compartment_ocid = "${var.compartment_ocid}"
}



below is the config.vars

certs = {
  "devtest-oci.mydomain.com" = {
    subject_alternative_names_prefixes = [
      "*",
      "*.apps",
      "*.sys",
      "test"
    ]
  }
}

hosted_zones = {
  "devtest-oci.mydomain.com" = {
    "*.apps." = {
      records = ["1.2.3.4"]
    }
    "*.sys." = {
      records = ["1.2.3.6"]
    }
    "test" = {
      records = ["1.2.3.7"]
    }
  }

}