This backs up my choice to self host all my companies Terraform.
Just run your Terraform in runners like Gitlab CI runners and use workload identity to provide the required authentication for the Terraform Runners and you will be ready to rock in no time.
As someone with senior experience in cloud engineering here is my input, naming things is hard.
And God forbid you decide down the line you need a sub domain the terror of having service-b.service-a.com give me the chills.
But yeah 100% naming thing is difficult so you end up naming it after the software and using the group as the parent domain