- DNS
- Refactored MX Bind processing and target suppress to fix failing import
- [IMPORTANT] Added Cloudlets API support
- Added resources allowing management of policy and policy activations:
akamai_cloudlets_policy
- create, read, update, delete and import policyakamai_cloudlets_policy_activation
- create, read, update and delete policy activations
- Added resources allowing management of application load balancer configuration and application load balancer activations:
akamai_cloudlets_application_load_balancer
- create, read, update, delete and import application load balancer configurationakamai_cloudlets_application_load_balancer_activation
- create, read, update and delete application load balancer activations
- Added data sources:
akamai_cloudlets_policy
- lists information about policyakamai_cloudlets_application_load_balancer
- lists information about application load balancer configurationakamai_cloudlets_application_load_balancer_match_rule
- lists information about application load balancer match rulesakamai_cloudlets_edge_redirector_match_rule
- lists information about edge redirector match rules
- Added resources allowing management of policy and policy activations:
- APPSEC
- Add group/contract ID support to network list resource (#243)
- Add tuning recommendations data source
- Add support for advanced exceptions in ASE rules
- Update WAP bypass network lists for multi-policy WAP
- Deprecate WAP-only datasource & resources
- PAPI
- Updated documentation for data source akamai_property_rules
- Allowed user to select a rule format in
resource akamai_property
- Added optional
use_cases
attribute forakamai_edge_hostname
resource
- Fixed example usage for provider import (#212)
- PAPI
- CPS
- Attribute
dns_challenges
should not be empty on initial apply forakamai_cps_dv_enrollment
resource (#253)
- Attribute
- DATASTREAM
- Attribute
dataset_fields_ids
should not be sorted numerically inakamai_datastream
resource (#263)
- Attribute
- GTM
- Attribute
datacenter_id
should be required inakamai_gtm_geomap
resource (#259)
- Attribute
- [IMPORTANT] DATASTREAM - Added DataStream configuration support
- New DataStream module. This module provides scalable, low latency streaming of property data in raw form
- New resource:
- akamai_datastream - create, read and update log streams
- New data sources:
- akamai_datastream_activation_history - list detailed information about the activation status changes for all versions of a stream
- akamai_datastream_dataset_fields - list groups of data set fields available in the template
- PAPI
- New akamai_property_rules_template data source, which lets you use JSON template files to configure a rule tree
- PAPI
- Handling
note
field during property deactivation
- Handling
- APPSEC
- Major documentation updates and clean up
- PAPI
- GRPC limit increased to 64MB (#220)
-
Terraform Plugin SDK updated to v2.7.0
-
Provider tested and now supports Terraform 1.0.4
-
APPSEC
- Add wap_selected_hostnames data source and resource
- Remove import templates for deprecated features
- Display policy IDs for siem settings in separate table
- Get an evaluation attack group's or risk score group's action
-
NETWORK LISTS
- Support contract_id and group_id for network list create/update
-
PAPI
- Possibility to set
note
field in property_activation resource - Additional checks and validations in
terraform plan
(#245)
- Possibility to set
- APPSEC
- Configuration drift on reputation_profile create/apply
- Fix incorrect comments/URL references in inline documentation
- Data source akamai_appsec_security_policy returning incorrect policy ID
- DNS
- Trim contract (ctr_) and group (grp_) prefixes when comparing configuration and TF state values (#242)
- GTM
- Trim contract (ctr_) and group (grp_) prefixes when comparing configuration and TF state values
- DNS
- Fixed contract id not being set in zone import and made group optional (#242)
- GTM
- Fixed documentation mismatch with optional/required fields on nested objects for
akamai_gmt_property
resource (#240)
- Fixed documentation mismatch with optional/required fields on nested objects for
- PAPI
- CPS
- Added
sans
field onakamai_cps_dv_validation
to enable resending acknowledgement on after SANS are updated
- Added
- CPS
akamai_cps_dv_enrollment
now acceptscontract_id
withctr_
prefix
- APPSEC
- Configuration version numbers are no longer supported for most data sources and resources, as described below.
- The following data sources are no longer supported:
- akamai_appsec_attack_group_actions
- akamai_appsec_attack_group_condition_exception
- akamai_appsec_eval_rule_actions
- akamai_appsec_eval_rule_condition_exception
- akamai_appsec_rule_actions
- akamai_appsec_rule_condition_exception
- The following resources are no longer supported:
- akamai_appsec_attack_group_action
- akamai_appsec_attack_group_condition_exception
- akamai_appsec_configuration_clone
- akamai_appsec_configuration_version_clone
- akamai_appsec_eval_rule_action
- akamai_appsec_eval_rule_condition_exception
- akamai_appsec_rule_action
- akamai_appsec_rule_condition_exception
- akamai_appsec_security_policy_clone
- akamai_appsec_security_policy_protections
- PAPI
- Fixed issue causing edgehostnames not being set properly in state intermittently
-
[IMPORTANT] CPS - Added Certificate Provisioning API support
- Added resources allowing management of DV enrollments:
- akamai_cps_dv_enrollment - create, read, update and delete DV enrollments
- akamai_cps_dv_validation - inform CPS of finished validation, track change status
- Added resources allowing management of DV enrollments:
-
APPSEC
- The provider now determines automatically the version number to use for data source and resource operations.
The most recent version of the specified configuration will be used if it is not currently active in either
staging or production. If the most recent version is currently active, that version will be cloned and the
newly cloned version will be used. The version attribute has been removed from all resource and data definitions,
with the exception of the following data sources:
- akamai_appsec_configuration_version
- akamai_appsec_export_configuration
- The export output templates supported by the akamai_appsec_export_configuration data source have been updated to remove version attributes.
- The functionality for cloning and renaming configurations and security policies has been integrated into
the respective resources. The separate resources for cloning and renaming have been removed. The affected
elements are listed in the
BREAKING CHANGES
section above. - The action and condition_exception functionality for rule, eval-rule and attack-group resources have been
consolidated into the respective data sources. The individual data sources and resources have been removed,
and the remaining ones have been renamed. The affected elements are listed in the
BREAKING CHANGES
section above. - The akamai_appsec_activation resource's ForceNew attribute is no longer supported.
- Resource updates that include modifications to the config_id or security_policy_id attributes are forbidden.
- The akamai_appsec_siem_setting resource's output_text attribute is no longer supported.
- The tabular output from the export_configuration data source has been improved.
- The sample configuration file in the source repository has been updated to standardize names and remove version attributes.
- Policy protections are now set individually. The separate resources for setting individual policy_protections resources has been removed.
- The Getting Started guide for Appsec has been updated to include more information on importing resources, including a list of the supported output templates.
- The following data sources have been added:
- akamai_appsec_advanced_settings_pragma_header
- akamai_appsec_attack_groups
- akamai_appsec_eval_rules
- akamai_appsec_rules
- The following resources have been added:
- akamai_appsec_advanced_settings_pragma_header
- akamai_appsec_api_constraints_protection
- akamai_appsec_attack_group
- akamai_appsec_eval_rule
- akamai_appsec_ip_geo_protection
- akamai_appsec_rule
- The provider now determines automatically the version number to use for data source and resource operations.
The most recent version of the specified configuration will be used if it is not currently active in either
staging or production. If the most recent version is currently active, that version will be cloned and the
newly cloned version will be used. The version attribute has been removed from all resource and data definitions,
with the exception of the following data sources:
-
PAPI
- New optional parameter, which allows to import a specific property version. Additional information in Property resource
-
APPSEC
- Suppress 'null' text on output of empty/false values
- Prevent configuration drift when reapplying configuration after importing or creating resources
- Update configuration version in local state file when modified in config.tf
- Use uppercase when managing GEO network list elements
- Display both API & website match targets in text_output
- Remove unused output_text from code and documentation
- Set network_list_id on network list import
- Add comments to simplify importing resources using "terraform import"
-
PAPI
- Fixed issue causing inconsistent state when activation has rule errors (#219)
- Fixed issue with
resource_akamai_property
not setting product_id during import (#224) - Rule warnings are not set in state anymore in
resource_akamai_property
andresource_akamai_property_activation
to address size concerns of state file. Users will still be able to see them in logs as warnings
-
DNS - Fix panic when zone already exists on create
-
GTM - Deprecate and ignore Property field static_ttl. Add warning if present in property resource config
- PAPI -
resource_akamai_property_activation
now allows new optional argumentauto_acknowledge_rule_warnings
. Refer to Property Activation Resource
- PAPI -
resource_akamai_property:
Changed hostnames field to a block type syntax to support additional user inputs. Refer to Property Resource for new syntax.
Important Note
Existing terraform users with hostnames defined in older syntax need to manually fix their hostnames configuration and existing state if needed. Additional info in Property Resource
- PAPI
- Fixed issue with version attributes not being set properly (#208)
- Fixed issue with
data_akamai_property_rules_template
not interpolating#include
files properly - Fixed issue with
data_akamai_property_rules_template
not merging nested files properly
- PAPI
- New Hostnames Datasource to query hostnames and poll certificate status
- Improved error handling and error messages in
property
andproperty_activation
resources
These are the operations supported in the Network Lists API v2:
- Create a network list
- Update an existing network list
- Get the existing network lists, optionally filtering by name or type
- Subscribe to a network list
- Activate a network list
- PAPI - Fixed issue with rules causing advanced locked behaviors to fail
- PAPI
data_akamai_property_rules_template:
snippets files should now be placed underproperty-snippets
directory and should have.json
extension
- APPSEC
- Custom Deny
- SIEM Setting
- Advanced Options Settings
- API Match Target
- API Request Constraint
- Create/Delete/Rename Security Policy
- Host Coverage / Edit Version Notes
- All WAP Features / WAP Hostname Evaluation
- Create Security Configuration
- Rename Security Configuration Version
- Delete Security Configuration Version
- Clone Security Configuration
- Import tool for adding existing resources to Terraform state (#207)
- DNS
- Create SOA and NS Records on zone read if don't exist.
- Add HTTPS, SVCB record support
- GTM
- Add validation for property type and traffic targets combination
- PAPI
- Fixed issue causing hostnames to be appended instead of being replaced
- Fixed issue causing version and rule comments being dropped (#55)
- Fixed client side validation to allow certain PAPI errors to passthrough
- Fixed issue causing incorrect property version being stored in state for certain scenarios
- DNS
- Suppress NS Record target diff if old and new equal without trailing 'period' (#189)
- Fail on attempted Zone deletion. Not supported.
- PAPI -- Fixed crash caused by passing computed cpCode as a variable in rules to akamai_property
- PAPI -- Deprecated "product" attribute in akamai_cp_code resource and changed it "product_id"
These are the operations supported in the Identity Management: User Administration API v2:
- Create a new user
- Update a user’s profile
- Update a user’s role assignments
- Delete a user
- APPSEC - Documentation formatting fixes
- DDoS Protection -- Rate Policy & Action
- DDoS Protection -- Slowpost setting & Action
- Application Layer Protection -- Rule Action, Exceptions & Conditions
- Application Layer Protection -- Rule Evaluation Action, Exceptions & Conditions
- Application Layer Protection -- Attack Group Action, Exceptions & Conditions
- Application Layer Protection -- Rule Upgrade & Change Mode for Rule Eval
- Reputation Profile & Action
- Network Layer Control -- IP & GEO setting
- provider: configuring via an inline provider block (
property
,dns
, orgtm
) has been replaced with a more generalconfig
block that works the same way. - There are several breaking changes in the 1.0 release. You should consult the Migration guide for details.
- resources/akamai_property_activation no longer supports the following fields : activate. version has gone from being optional to being a required field.
- data-sources/akamai_property_rules removed in favor of using template JSON object to better work with other Akamai tools and documentation that is all JSON based.
- resources/akamai_property_variables removed in favor of directly managing the variable segment as part of ruletree object.
- resources/akamai_cp_code no longer auto-imports on create. If a conflict is detected will error out and to ignore simply import the resource.
- resources/akamai_edge_hostname no longer supports the following fields : ipv4, ipv6. The revised resource allows setting ip_behavior directly.
- resources/akamai_property no longer supports the following fields : cp_code, origin, variables, is_secure, contact. The revised resource simplifies the object structure and removes the ability to set the same value more than one way.
- provider/papi: changed attribute names in Provisioning to distinguish objects and names from id attributes. In prior releases, "group" could represent a name, an id, or sometimes both. This release distinguishes them with distinct attribute names "group_name", "group_id" instead of "group"."
- resources/akamai_property removing hostnames attribute can result in repeated noop update calls because in this case removal means the hostname relationships are un-managed leaving the attribute as empty is a better way to express this change.
- data-sources/akamai_properties added to list properties accessible to the user.
- data-sources/akamai_property_contracts added to list contracts accessible to the user.
- data-sources/akamai_property_groups added to list groups accessible to the user.
- data-sources/akamai_property_products added to list products associated with a given contract.
- data-sources/akamai_property_rule_formats added to list rule_formats.
- data-sources/akamai_property_rules changed to output the structure of a particular rule version on the server. NOTE: this is NOT the same as the deprecated datasource used for rule formatting.
- data-sources/akamai_rules_template added to handle file based JSON templating for rules tree data management
- resources/akamai_property_activation aliased property to property_id. Returns these additional attributes : target_version, warnings, errors, activation_id, and status
- provider: provider configuration validation requires an edgerc file configured and present even when environment variable-based configuration was used.
- provider: provider inline configuration support was re-introduced as a new config field.
- resources/akamai_property_activation activating and destroying activation for the same property multiple times in a row would fail on second destroy attempt and subsequent destroy attempts with "resource not found error" message.
- resources/akamai_property_activation wrong activation id read for property versions that had been activated and deactivated multiple time.
- resources/akamai_property aliased property to property_id. contract to contract_id, and product to product_id and account to account_id. Renamed version to latest_version.
- data-sources/akamai_contract aliased group to group_id and/or group_name.
- data-sources/akamai_cp_code aliased group to group_id and contract to contract_id.
- data-sources/akamai_group aliased name to group_name and contract to contract_id.
- provider: Added support for application security API
- provider: Updated edgegrid library to version 2.0.2. Ths should include the following fixes:
- Re-enabled global account switch key support in edgerc files for reseller accounts.
- PAPI - edgehostname updated returns - The System could not find cnameTo value
- PAPI - property update return error - You provided an Etag that does not represent the last edit. Another edit has occurred, so check your request again before retrying.
- Documentation formatting
- provider: provider configuration validation requires an edgerc file configured and present even when environment variable-based configuration was used.
- provider: support for configuring the provider via an inline provider block (
property
,dns
, orgtm
) no longer works. Users should use edgerc file or Terraform environment args to configure instead.
- provider: The backing edgegrid library was entirely rewritten. Provider behavior should be preserved but there is chance of incidental changes due to the project size.
- resources/akamai_edge_hostname: edge_hostname field should be provided with an ending of edgesuite.net, edgekey.net, or akamaized.net. If a required suffix is not provided then edgesuite.net is appended as default.
- provider: provider configuration validation requires an edgerc file configured and present even when one should not be needed.
- provider: support for configuring the provider via an inline provider block (
property
,dns
, orgtm
) no longer works. Users should use edgerc file or Terraform environment args to configure instead.
- provider: improved error handling and improved message consistency
- provider: release notes categorize updates according to Terraform best practices guide.
- resources/akamai_cp: support ids with and without prefixes
- resources/akamai_edge_hostnames: support ids with and without prefixes
- resources/akamai_property: support ids with and without prefixes
- resources/akamai_property_activation: support ids with and without prefixes
- resources/akamai_property: [AT-42] Fix criteria_match values handling
- provider: fixed documentation to properly present guides and categories on Hashicorp Terraform registry site
- resources/edge_hostname: added error when neither IPV4 nor IPV6 is selected
- resources/akamai_property: comparisons in rule tree now properly ignore equivalent values with attribute order differences.
- data-sources/akamai_property_rules: comparisons in rule tree now properly ignore equivalent values with attribute order differences.
- provider: updated all error messages to better identify issues and actions required by user
- provider: fixed crash due to unexpected data types from unexpected API responses
- provider: fixed crash due to unexpected data types in Terraform files
- provider: errors now get reported using Terraform diagnostics allowing much more detail to be passed to user when an error occurs.
- [IMPORTANT] Dropped support for TF clients <= 0.11. Provider now built using Terraform sdk v2 library. Terraform dropped 0.11 client support as part of this update. This change will make many new enhancements possible. (See: Terraform v2 sdk)
- resources/akamai_group: contract field (previously optional) now required to ensure contract and group agreement.
- [CHANGE] Individual edgerc file sections for different Akamai APIs (i.e.,
property_section
,dns_section
) has been deprecated in favor a commonconfig_section
used in conjuction with provider aliases (See: Multiple Provider Configurations)
- provider: provider configuration validation requires an edgerc file configured and present even when one should not be needed.
- provider: support for configuring the provider via an inline provider block (
property
,dns
, orgtm
) no longer works. Users should use edgerc file or Terraform environment args to configure instead.
- [FIX] datasource akamai_group will no longer panic when contract not provided
- [ADD] Project re-organized to prepare for additional APIs to be included
- Fixed build job to compile sub-modules. Code is identical to 0.9.0 release
- [IMPORTANT] This build did not compile all modules properly so use 0.9.1 above instead.
- Initial release via the Terraform Registry. Otherwise identical to 0.8.1 release
- [FIX] Activation is executed, even without changes #139 (
akamai-property-activation
) (#139) - [FIX] Cannot find group when there are groups with the same name under multiple contract. #168 (
akamai-property-group
) (#168)
- [FIX] Corrected Error 401 [Signature does not match] during new primary zone creation (
akamai-dns
) (#163) - [ADD] Updated Getting Started Primary Zone creation description. Added FAQ for Primary zone (
akamai-dns
) - [FIX] SRV record priority value of 0 not allowed (
akamai-dns
) (#165) - [ADD] Initial support for correlation ID in logging (
akamai-property
)
- [FIX] Corrected AAAA record handling of short and long IPv6 notation (
akamai-dns
)
- [FIX] Error after upgrading to 0.7.0 regarding MX records (
akamai-dns
) (#154) - [FIX]Error 422 on SOA Record Apply After Creating a Primary Zone (
akamai-dns
) (#155)
- [ADD] User Agent support for Terraform version and provider version and SDK update
- [FIX] Bugs in Zone Create and Exists (
akamai_dns
) (#151)
- [ADD] Support the creation of DNS records of type AKAMAICDN (
akamai_dns
) (#53) - [ADD] Support akamai_dns_record Import (
akamai_dns
) (#69) - [FIX] Cannot remove a backup_cname from GTM property (
akamai_gtm
) (#124) - [ADD] DNS Alias Zone Support (
akamai_dns
) (#125) - [ADD] DNS TSIG Key support (
akamai_dns
) (#126) - [ADD] DNS SOA, AKAMAITLC Record Support (
akamai_dns
) (#127) - [FIX] Inverted Parameters - DNS Record Type NAPTR (
akamai_dns
) (#130) - [FIX] Inverted Parameters - DNS Record Type NSEC3 (
akamai_dns
) (#131) - [FIX] Inverted Parameters - DNS Record Type NSEC3PARAM (
akamai_dns
) (#132) - [FIX] Inverted Parameters - DNS Record Type RRSIG (
akamai_dns
) (#133) - [FIX] Inverted Parameters - DNS Record Type DS (
akamai_dns
) (#134) - [ADD] DNS CAA, TLSA, CERT Record Support (
akamai_dns
) (#148)
- [FIX] Release edgehostnames and products caching edge library v0.9.10 (
akamai_property
)
- [FIX] Release contract group and cpcode caching edge library v0.9.9 (
akamai_property
)
- [FIX] Provider produced inconsistent final plan #88 add contract group and cpcode caching edge library v0.9.9 (
akamai_property
) (#88)
- [FIX] Bug - Origin values customhostheader #93 (
akamai_property
) (#93) - [FIX] akamai 0.1.5 - err: rpc error: code = Unavailable desc = transport is closing #87 (
akamai_property
) (#87) - [FIX] Errors in documentation: akamai_contract and akamai_cp_code #52 (
akamai_property
) (#52) - [FIX] Provider produced inconsistent final plan #88 (
akamai_property
) (#88) - [FIX] akamai_property_activation creation crashing with Error: rpc error: code = Unavailable desc = transport is closing #102 (
akamai_property
) (#102) - [ADD] Add Support for GTM domains and contained elements (domain, datacenter, property, resource, cidrmap, geographicmap, asmap)
- [FIX] Criteria is always end up using must satisfy "all" (
akamai_property
) (#81) - [FIX] Provider produced inconsistent final plan (
akamai_property_variables
) (#82) - [FIX] Cannot create multiple types of records with the same name (
akamai_dns_record
) (#11) - [FIX] akamai_property_activation resource - changing network field causes deactivation of version in staging (
akamai_property_activation
) (#51) - [FIX] Multiple MX records creation issue (
akamai_dns_record
) (#57)
- [FIX] Add support for update of rules state (
akamai_property
) (#66) - [FIX] Add support for masters being optional (
akamai_dns_zone
) (#61) - [FIX] Create edge hostname 400 error Bad Request Request parameter Slot Number (
akamai_property
) (#56) - [FIX] TXT record - State update failure due to sha verification issue (
akamai_dns_zone
) (#58)
- [FIX] Correct ordering of values for
SRV
records (akamai_dns_record
) (#17) - [FIX] IPV4-only hostnames no longer fail (
akamai_edge_hostname
) (#21) - [FIX] Don't try to deactive any version but the current one (
akamai_property_activation
) (#21) - [FIX] Fix crash in DNS record validation (#27)
- [FIX] SiteShield behavior translated correctly to JSON (#10] [#40)
- [FIX] Property rules correctly update (all rules now removed correctly) (#30)
- [FIX] Property Hostnames correctly update (all hostnames are now removed correctly) (#44)
- [FIX] Property activation was using the activation ID to fetch the property (#35)
- [FIX] Ensure property supports
is_secure
for Enhanced TLS (#42) - [FIX] Multiple fixes to provider configuration for auth configuration. (#46)
- [FIX] Ensure the latest version is activated when no
akamai_property_activation.version
is set (#45) - [FIX] Multiple records (e.g. using
count
) should now be created correctly (#11) - [CHANGE]
akamai_property_rules
has been changed to a data source to ensure dependant resources update correctly, the existing resource now emits an error in all operations (#47) - [ADD] Make zone type (primary or secondary) case-insensitive (#29)
- [FIX] Fixed handling of CPCode behavior in rules.json
- [FIX] Fixed hostname complexity, now a simple
{"public.host" = "edge.host"}
map - [FIX] Fixed accidental deactivations
- [ADD] Added explicit property and dns credential blocks to provider config
- [ADD] Added better validation to
akamai_dns_record
- [FIX] Bug fixes
- Initial release