Testing with mocks: despite overriding resource, returned value is still random?

I defined an AWS API Gateway domain name resource in my Terraform code and I want to test that it’s properly configured when deployed. To do so, I use mock_provider aws{} and I then override the attribute coming from another resource:

# main.tf excerpt

resource "aws_api_gateway_domain_name" "api_domain_name" {
  domain_name = var.domain

  regional_certificate_arn = data.aws_acm_certificate.main_cert.arn
  security_policy          = "TLS_1_2"

  mutual_tls_authentication {
    truststore_uri = aws_s3_object.truststore_file.id
  }
  endpoint_configuration {
    types = ["REGIONAL"]
  }
}

And here are my tests:

# main.tftest.hcl excerpt
mock_provider aws {}

run "test_api_gateway_domain_name" {
    override_data {
        target = data.aws_acm_certificate.main_cert
        values = {
            arn = "arn:aws:acm:::certificate/blblbl"
        }
    }
    override_resource {
        target = aws_s3_object.truststore_file
        values = {
            id = "s3://blblbl"
        }
    }
    variables {
        domain = "domain"
    }

    assert {
        condition = aws_api_gateway_domain_name.api_domain_name.mutual_tls_authentication[0].truststore_uri == "s3://blblbl"
        error_message = "Invalid truststore URI"
    }
}

When I run it (terraform test) it tells me that the truststore_uri attribute has been randomly generated:

# Console output excerpt

│ Error: Test assertion failed
│ 
│   on tests/main.tftest.hcl line 137, in run "test_api_gateway_domain_name":
│  137:         condition = aws_api_gateway_domain_name.api_domain_name.mutual_tls_authentication[0].truststore_uri == "s3://blblbl"
│     ├────────────────
│     │ aws_api_gateway_domain_name.api_domain_name.mutual_tls_authentication[0].truststore_uri is "ucgosl81"
│ 
│ Invalid truststore URI

I know from the docs that this value is generated by the mocking framework but I don’t get why, since I am overriding this value.

What am I doing wrong here?

terraform version:

Terraform v1.7.1
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v5.34.0