Releases: akamai/terraform-provider-akamai
Releases · akamai/terraform-provider-akamai
v6.6.1
v6.6.0
RELEASE NOTES
6.6.0 (Nov 21, 2024)
FEATURES/ENHANCEMENTS:
-
Appsec
- Fixed a problem with the missing
security_policy_id
during update if a resource was imported previously. - Added the
akamai_appsec_aap_selected_hostnames
resource and data source. - Modified the
enable_botman_siem
field fromRequired
to theOptional
parameter in theakamai_appsec_siem_settings
resource.
- Fixed a problem with the missing
-
Cloud Access
- Added functionality to import the
akamai_cloudaccess_key
resource for specified group and contract IDs. - Marked the
cloud_secret_access_key
field as a sensitive value in theakamai_cloudaccess_key
resource (I#580).
- Added functionality to import the
-
CPS
- Refreshed a list of warnings returned by the
akamai_cps_warnings
data source.
- Refreshed a list of warnings returned by the
-
DNS
- Added the new
outbound_zone_transfer
field to theakamai_dns_zone
resource.
- Added the new
-
Edgeworkers
- Stopped sending an EdgeKV initialization request in the
akamai_edgekv
resource when EdgeKV is already initialized. (I#589)
- Stopped sending an EdgeKV initialization request in the
-
PAPI
- Added support for the new rule format
v2024-10-21
.
- Added support for the new rule format
BUG FIXES:
-
Appsec
- Fixed a plug-in crash if the
exceptions
block is passed as empty in theakamai_appsec_siem_settings
resource.
- Fixed a plug-in crash if the
-
Cloud Access
- Resolved issues with drift detection after deleting a key version in the
akamai_cloudaccess_key
resource (I#579). - Fixed cases where ProcessingType = "FAILED" was received in a response from the
akamai_cloudaccess_key
resource. This was causing unnecessary pooling until the timeout.
- Resolved issues with drift detection after deleting a key version in the
-
GTM
- Added checks to verify the existence of specific objects on the server when creating these resources:
akamai_gtm_asmap
akamai_gtm_cidrmap
akamai_gtm_domain
akamai_gtm_geomap
akamai_gtm_property
akamai_gtm_resource
- Added checks to verify the existence of specific objects on the server when creating these resources:
-
PAPI
- Fixed an idempotency issue in property activation when
rule_errors
is empty. - Fixed an issue when timeout in the
akamai_property_activation
resource would terminate with theProvider produced inconsistent result after apply
error.- Changed a timeout message from a warning to an error in the
akamai_property_activation
andakamai_property_include_activation
resources.
- Changed a timeout message from a warning to an error in the
- Fixed an import of the
akamai_property_include
resource to properly populate the include'sproduct_id
field (I#575).
- Fixed an idempotency issue in property activation when
DEPRECATIONS
- Appsec
- Deprecated the
akamai_appsec_wap_selected_hostnames
data source and resource. Use theakamai_appsec_aap_selected_hostnames
data source and resource instead.
- Deprecated the
v6.5.0
RELEASE NOTES
6.5.0 (Oct 10, 2024)
FEATURES/ENHANCEMENTS:
-
Global
- Migrated Terraform to version 1.9.5.
- Updated SDK v2 and framework libraries.
-
Appsec
- Added the
exceptions
block to theakamai_appsec_siem_settings
resource with these nested fields:api_request_constraints
apr_protection
bot_management
client_rep
custom_rules
ip_geo
malware_protection
rate
url_protection
slow_post
waf
- Added the
-
GTM
- Added the retry logic to the
akamai_gtm_property
resource to handle errors caused by the prolonged creation time, leading to Property Validation Failure with the "no datacenter is assigned to map target (all others)" error from the API.
- Added the retry logic to the
-
IAM
- Added new data sources:
akamai_iam_accessible_groups
- reads the groups and subgroups accessible for a given user.akamai_iam_account_switch_keys
- reads the account switch keys.akamai_iam_allowed_apis
- reads the list of APIs available to a given user.akamai_iam_authorized_users
- reads the list of authorized API client users.akamai_iam_blocked_properties
- reads blocked properties for a certain user in a group.akamai_iam_cidr_block
- reads details of a specified CIDR block.akamai_iam_cidr_blocks
- lists all CIDR blocks available to you on your allowlist.akamai_iam_group
- reads details about a given group and any of its subgroups.akamai_iam_password_policy
- reads the password policy parameters.akamai_iam_property_users
- lists users for a given property or include.akamai_iam_role
- reads details of a specified role.akamai_iam_user
- reads details of a specific user account.akamai_iam_users
- lists all users with access to your account.akamai_iam_users_affected_by_moving_group
- lists the users affected by moving a group.
- Added new resources:
akamai_iam_cidr_block
- manages CIDR block assigned to the allowlist.akamai_iam_ip_allowlist
- enables or disable your account's allowlist.
- Added new attributes to the
resource_akamai_iam_user
resource.user_notifications
to support user notifications.enable_mfa
to support authentication of type "MFA".password
to allow users to set a password when creating and updating a user.
- Made the
enable_tfa
attribute optional in theresource_akamai_iam_user
resource. - Added the
asset_id
schema field (an IAM identifier of a property or include) to:- The
akamai_property
resource and data source, - The
akamai_property_include
resource and data source.
- The
- Improved date handling to use
time.Time
instead ofstring
.
- Added new data sources:
-
PAPI
- Added a new optional param to the import id of the
akamai_edge_hostname
resource.
It allows to specify the product ID of the imported hostname and save it in the state.
- Added a new optional param to the import id of the
BUG FIXES:
- PAPI
- Added support for status code
429 Too Many Requests
containingX-RateLimit-Next
header.
WhenX-RateLimit-Next
is present, the wait time before retry is calculated as the time
difference between this header and theDate
header. - Fixed an issue with the
akamai_property_activation
resource where updating it with an active or previously active property version for a configuration without a state file didn’t trigger a new property activation.
- Added support for status code
DEPRECATIONS:
- PAPI
- Deprecated fields
product_id
andrule_format
fromakamai_properties
datasource. Please useakamai_property
to fetch this data.
- Deprecated fields
v6.4.0
RELEASE NOTES
6.4.0 (Sep 04, 2024)
FEATURES/ENHANCEMENTS:
-
Global
- Updated SDKv2 and framework libraries as result of updating
terraform-plugin-testing
- Updated SDKv2 and framework libraries as result of updating
-
Appsec
- Added
request_body_inspection_limit_override
field toakamai_appsec_advanced_settings_request_body
resource
- Added
-
CPS
- Added
acknowledge_post_verification_warnings
to theakamai_cps_dv_validation
resource to allow for acknowledgement of post-verification warnings
- Added
-
PAPI
- Added support for new rule format
v2024-08-13
- Added support for new rule format
BUG FIXES:
-
Appsec
- Fixed import of
akamai_appsec_match_target
for newly created security configuration or any security configuration not synced in the terraform state (I#546) - Fixed issue where activation was not triggered after network list change in
resource_akamai_networklist_activations
resource (I#518) - Fixed
akamai_appsec_configuration
data source to return a single security configuration in the output_text instead of the entire list of security configurations
- Fixed import of
-
Cloudlets
- Corrected format of the retry time when logging in
akamai_cloudlets_application_load_balancer_activation
andakamai_cloudlets_policy_activation
resources
- Corrected format of the retry time when logging in
-
PAPI
- Fixed issue with provider producing an inconsistent final plan with Cloudlet policy (I#567).
It happened in cases when content of the rule depends on some other resource
- Fixed issue with provider producing an inconsistent final plan with Cloudlet policy (I#567).
v6.3.0
RELEASE NOTES
6.3.0 (July 16, 2024)
FEATURES/ENHANCEMENTS:
-
Migrated Go version to
1.21.12
for builds. -
Appsec
- Added field
host_names
to theakamai_appsec_configuration
data source
- Added field
-
BOTMAN
- Added new resource:
akamai_botman_content_protection_javascript_injection_rule
- read and updateakamai_botman_content_protection_rule
- read and updateakamai_botman_content_protection_rule_sequence
- read and update
- Added new data source:
akamai_botman_content_protection_javascript_injection_rule
- readakamai_botman_content_protection_rule
- readakamai_botman_content_protection_rule_sequence
- read
- Added new resource:
-
Client Lists
- Extended list of fields for which
akamai_clientlist_activation
diff is suppressed withnotification_recipients
andsiebel_ticket_id
. Diff suppressed when activation is not required.
- Extended list of fields for which
-
Cloud Access (I#247)
- Added datasource:
akamai_cloudaccess_key
- read details for key by nameakamai_cloudaccess_keys
- read list of access key for current user accountakamai_cloudaccess_key_versions
- read details for key versions by key nameakamai_cloudaccess_key_properties
- read list of active properties for given access key
- Added resource:
akamai_cloudaccess_key
- create, read, update, delete, import
- Added datasource:
-
DNS
- Added data source:
akamai_zone_dnssec_status
- reads the DNSSEC status of a single zone in Edge DNS (I#509)
- Added data source:
-
GTM
- Added more details for
gtm_property
resource in case of error being returned from the API
- Added more details for
-
PAPI
- Added support for new rule format
v2024-05-31
- Added new optional field
ttl
toakamai_edge_hostname
resource.
When it is used, creation or update takes longer as resource has to synchronize its state with HAPI.
- Added support for new rule format
BUG FIXES:
-
Appsec
- A new config version will be created if the latest config version is active in either Staging or Production, and protected and/or evaluated hostnames are updated using
akamai_appsec_wap_selected_hostnames
(#I540) - Fixed issue where terraform provider plugin crashes due to empty string input for list
geo_network_lists
,ip_network_lists
,exception_ip_network_lists
andasn_network_lists
inakamai_appsec_ip_geo
resource
- A new config version will be created if the latest config version is active in either Staging or Production, and protected and/or evaluated hostnames are updated using
-
DNS
- Improved validation of IPv6 addresses in
akamai_dns_record
resource for records of typeAAAA
(I#550) - Fixed issue in
akamai_dns_record
resource that could cause incorrect targets planned to be modified or reordering targets send to server forTXT
record type (I#499, I#541, I#559) - Fixed issue in
akamai_dns_recordset
datasource that forTXT
record type, returned targets were needlessly reordered (I#559)
- Improved validation of IPv6 addresses in
-
PAPI
- Removed caching from
akamai_contracts
data source - Fixed issue in
akamai_edge_hostname
resource when update is performed straight after create - Fixed issue in data_akamai_property_rules_template that having root template in the same directory as .terraform dir would cause error.
Now, datasource will not search for templates inside .terraform directory (I#557) - Fixed an issue that caused the
compliance_record
in importedakamai_property_activation
andakamai_property_include_activation
to be empty and could not be updated.- Added the ability to update
compliance_record
inakamai_property_activation
andakamai_property_include_activation
via terraform apply (the update will not trigger new activation if version/network/property was not changed)
- Added the ability to update
- Fixed issue that having
akamai_property
andakamai_property_activation
(orakamai_property_include
andakamai_property_include_activation
) resources linked usingstaging_version
orproduction_version
and modifying rules and note could sometimes result inProvider produced inconsistent final plan
error (I#549).
- Removed caching from
v6.2.0
RELEASE NOTES
6.2.0 (May 28, 2024)
FEATURES/ENHANCEMENTS:
-
Global
- Added validation for retryable logic values.
retry_max
orAKAMAI_RETRY_MAX
- Cannot be higher than 50retry_wait_min
orAKAMAI_RETRY_WAIT_MIN
- Cannot be longer than 24hretry_wait_max
orAKAMAI_RETRY_WAIT_MAX
- Cannot be longer than 24h
- Migrated Terraform to version 1.7.5
- Updated SDKv2 and framework libraries
- Added validation for retryable logic values.
-
Appsec
- Suppressed rate policy diff when
counterType
field absence is the only change forakamai_appsec_rate_policy
resource - Suppressed activations diff when
notification_emails
field is the only change forakamai_appsec_activations
resource
- Suppressed rate policy diff when
-
BOTMAN
- Added resource:
akamai_botman_custom_bot_category_item_sequence
- read and update
- Added resource:
-
Cloudlets
- Added import for
akamai_cloudlets_application_load_balancer_activation
resource
- Added import for
-
GTM
- Added data sources:
akamai_gtm_geomap
- reads information for a specific GTM Geographic mapakamai_gtm_geomaps
- reads information for GTM Geographic maps under a given domain
- Added data sources:
-
IAM
-
Fixed issue of generating an incorrect large difference in
granted_roles
update (I#525) -
Network Lists
- Suppressed activations diff when
notification_emails
field is the only change forakamai_networklist_activations
resource
- Suppressed activations diff when
-
PAPI
- Added retry logic for
akamai_property_include_activation
- Added import of the
certificate
forakamai_edge_hostname
resource (I#338) - NOTE: Certificate modification is not allowed.
- Added retry logic for
BUG FIXES:
-
Appsec
- Resolved a drift issue with the
akamai_appsec_advanced_settings_attack_payload_logging
resource - Fixed an issue where resource
akamai_appsec_activations
continues in a loop after API throws an error. (#I528)
- Resolved a drift issue with the
-
CPS
- Fixed issue where modifications to SAN list in
akamai_cps_third_party_enrollment
of theakamai_cps_upload_certificate
resource results in to inconsistency terraform plan error.
- Fixed issue where modifications to SAN list in
-
DNS
- Fixed issue in
akamai_dns_record
that modifyingpriority
and/orpriority_increment
forMX
record type was causing an error
- Fixed issue in
-
GTM
- Fixed issue with order of
liveness_test
inakamai_gtm_property
(PR#404)
- Fixed issue with order of
DEPRECATIONS:
- CPS
- Deprecated field
unacknowledged_warnings
ofakamai_cps_upload_certificate
resource.
- Deprecated field
v6.1.0
RELEASE NOTES
6.1.0 (Apr 23, 2024)
FEATURES/ENHANCEMENTS:
-
DNS
- Added second mode to
akamai_dns_record
resource where it is possible to provide individual values for priority, weight and port to everySRV
target.
In such case it is not allowed to provide values for resource level fieldspriority
,weight
andport
.
It is not allowed to mix targets with and without those fields.
(I#370)
- Added second mode to
-
Image and Video Manager
- Added support for
SmartCrop
transformation inakamai_imaging_policy_image
datasource
- Added support for
BUG FIXES:
- CPS
- Fixed issue with terraform producing inconsistent final plan for
akamai_cps_upload_certificate
resource on SAN list modification inakamai_cps_third_party_enrollment
resource.
- Fixed issue with terraform producing inconsistent final plan for
v6.0.0
RELEASE NOTES
6.0.0 (Mar 26, 2024)
BREAKING CHANGES:
-
General
- Migrated to terraform protocol version 6, hence minimal required terraform version is 1.0
-
PAPI
- Added validation to raise an error if the creation of the
akamai_edge_hostname
resource is attempted with an existing edge hostname. - Added validation to raise an error during the update of
akamai_edge_hostname
resource for the immutable fields: 'product_id' and 'certificate'.
- Added validation to raise an error if the creation of the
FEATURES/ENHANCEMENTS:
-
Global
- Requests limit value is configurable via field
request_limit
or environment variableAKAMAI_REQUEST_LIMIT
- Added retryable logic for all GET requests to the API.
This behavior can be disabled usingretry_disabled
field fromakamai
provider configuration or via environment variableAKAMAI_RETRY_DISABLED
.
It can be fine-tuned using following fields or environment variables:retry_max
orAKAMAI_RETRY_MAX
- The maximum number retires of API requests, default is 10retry_wait_min
orAKAMAI_RETRY_WAIT_MIN
- The minimum wait time in seconds between API requests retries, default is 1 secretry_wait_max
orAKAMAI_RETRY_WAIT_MAX
- The maximum wait time in minutes between API requests retries, default is 30 sec
- Migrated to go 1.21
- Bumped various dependencies
- Requests limit value is configurable via field
-
Appsec
- Added resource:
akamai_appsec_penalty_box_conditions
- read and updateakamai_appsec_eval_penalty_box_conditions
- read and update
- Added new data source:
akamai_appsec_penalty_box_conditions
- readakamai_appsec_eval_penalty_box_conditions
- read
- Added resource:
-
CPS
- Added fields:
org_id
,assigned_slots
,staging_slots
andproduction_slots
todata_akamai_cps_enrollment
anddata_akamai_cps_enrollments
data sources
- Added fields:
-
Edgeworkers
- Improved error handling in
akamai_edgeworkers_activation
andresource_akamai_edgeworker
resources - Improved error handling in
akamai_edgeworker_activation
datasource
- Improved error handling in
-
GTM
- Added fields:
precedence
insidetraffic_target
inakamai_gtm_property
resource andakamai_gtm_domain
data sourcesign_and_serve
andsign_and_serve_algorithm
inakamai_gtm_domain
data source and resourcehttp_method
,http_request_body
,alternate_ca_certificates
andpre_2023_security_posture
insideliveness_test
inakamai_gtm_property
resource andakamai_gtm_domain
data source
- Added support for
ranked-failover
properties inakamai_gtm_property
resource - Enhanced error handling in
akamai_gtm_asmap
,akamai_gtm_domain
,akamai_gtm_geomap
,akamai_gtm_property
andakamai_gtm_resource
resources
- Added fields:
-
IMAGING
-
PAPI
- Added attributes to akamai_property datasource:
contract_id
,group_id
,latest_version
,note
,production_version
,product_id
,property_id
,rule_format
,staging_version
data_akamai_property_rules_builder
is now supportingv2024-02-12
rule format
- Added attributes to akamai_property datasource:
BUG FIXES:
-
Appsec
- Fixed ukraine_geo_control_action drift issue (I#484)
-
Cloudlets
- Allowed empty value for match rules
json
attribute for data sources:akamai_cloudlets_api_prioritization_match_rule
akamai_cloudlets_application_load_balancer_match_rule
akamai_cloudlets_audience_segmentation_match_rule
akamai_cloudlets_edge_redirector_match_rule
akamai_cloudlets_forward_rewrite_match_rule
akamai_cloudlets_phased_release_match_rule
akamai_cloudlets_request_control_match_rule
akamai_cloudlets_visitor_prioritization_match_rule
- Allowed empty value for match rules
-
CPS
- Changed below fields from required to optional in
akamai_cps_dv_enrollment
andakamai_cps_third_party_enrollment
foradmin_contact
andtech_contact
attributes:organization
address_line_one
city
region
postal_code
country_code
- Changed below fields from required to optional in
-
PAPI
- Fixed case when
origin_certs_to_honor
field fromorigin
behavior mandates presence of emptycustom_certificate_authorities
and/orcustom_certificates
options insideorigin
behavior forakamai_property_rules_builder
datasource (I#515)
- Fixed case when
DEPRECATIONS
- Appsec
akamai_appsec_selected_hostnames
data source and resource are deprecated with a scheduled end-of-life in v7.0.0 of our provider. Use theakamai_appsec_configuration
instead.
v5.6.0
RELEASE NOTES
5.6.0 (Feb 19, 2024)
FEATURES/ENHANCEMENTS:
-
Appsec
-
Cloudlets
- Added support for Shared Cloudlets Policies. To use it, provide
is_shared
field inakamai_cloudlets_policy
resource astrue
. (I#276) - Added validation to prevent changing immutable
cloudlet_code
field inakamai_cloudlets_policy
resource - Added support for importing policies without any version
- Added new data source:
akamai_cloudlets_policy_activation
- readakamai_cloudlets_shared_policy
- read
- Changes for
akamai_cloudlets_policy_activation
resource- Added support for shared (V3) policies
- Added import for
akamai_cloudlets_policy_activation
- Field
associated_properties
was changed to optional but is still required for non-shared policies - Added
is_shared
computed field to indicate if processing policy is shared
- Added support for Shared Cloudlets Policies. To use it, provide
-
DNS
- Enhanced handling of
akamai_dns_zone
resource when nogroup
is provided:- When there is only one group present, the processing should continue with a descriptive warning
- When there are more than one group present, the processing will fail with descriptive error asking to provide group in the configuration
- Enhanced handling of
-
Edgeworkers
- Added
note
attribute toresource_akamai_edgeworkers_activation
resource
- Added
-
GTM
- Added data sources:
akamai_gtm_asmap
- reads information for a specific GTM asmapakamai_gtm_resources
- reads information for a specific GTM resources under given domainakamai_gtm_resource
- reads information for a specific GTM resourceakamai_gtm_domain
- reads information for a specific GTM domainakamai_gtm_domains
- reads list of GTM domains under a given contractakamai_gtm_cidrmap
- reads information for a specific GTM cidrmap
- Added data sources:
-
IVM
- Extended
akamai_imaging_policy_image
with new fields:serve_stale_duration
available underpolicy
allow_pristine_on_downsize
andprefer_modern_formats
available underpolicy.output
- Extended
-
PAPI
- Added new resource:
akamai_property_bootstrap
- create, read, update and delete property without specifying rules or edgehostnames. To be used withakamai_property
resource and its new fieldproperty_id
(I#466)
- Added
version_notes
,rule_warnings
andproperty_id
attributes toakamai_property
resource (I#494) - Added support for new rule format v2024-01-09 in
data_akamai_property_rules_builder
- Improved errors for
akamai_contract
andakamai_group
datasources when there are multiple groups or contracts - Added
name
validation forakamai_property_include
resource
- Added new resource:
-
Updated various dependencies
BUG FIXES:
-
Appsec
- Fixed provider plugin crash in
appsec_attack_group
andappsec_eval_group
after executing terraform plan (I#480) - Fixed drift for struct and list reordering in
akamai_appsec_match_target
- Fixed provider plugin crash in
-
Cloudlets
- Fixed handling of version drift for cloudlets policies (I#478)
-
CPS
- Changed
organizational_unit
insidecsr
attribute forakamai_cps_third_party_enrollment
andakamai_cps_dv_enrollment
resources from required to optional. (PR#513) - Changed
state
insidecsr
attribute forakamai_cps_third_party_enrollment
andakamai_cps_dv_enrollment
resources from required to optional.
- Changed
-
GTM
- Fixed 'Inconsistent Final Plan' error for
akamai_gtm_property
resource - The diff when reordering
traffic_target
inakamai_gtm_property
resource at the same time as changing any attribute value insidetraffic_target
will be extensive (I#496) - Added
ForceNew
to thename
attribute forakamai_gtm_property
resource as it is not possible to rename it using API (I#520)
- Fixed 'Inconsistent Final Plan' error for
v5.5.0
RELEASE NOTES
5.5.0 (Dec 07, 2023)
FEATURES/ENHANCEMENTS:
-
APSSEC
- Updated resource:
akamai_appsec_ip_geo
- addedasn_network_lists
attribute to support blocking by ASN client lists
- Updated data source:
akamai_appsec_ip_geo
- addedasn_network_lists
attribute to list ASN client lists
- Updated resource:
-
BOTMAN
- Added resource:
akamai_botman_custom_code
- read and update
- Added data source:
akamai_botman_custom_code
- read
- Cached api calls for
akamai_botman_akamai_bot_category
,akamai_botman_akamai_defined_bot
andakamai_botman_bot_detection
data sources to improve performance.
- Added resource:
-
Cloudlets
- Added
origin_description
field toakamai_cloudlets_application_load_balancer
resource
- Added
-
PAPI
- Behavior
restrict_object_caching
is public (I#314 and #277) - Added version support for
akamai_property_hostnames
data source (I#413) data_akamai_property_rules_builder
is now supportingv2023-10-30
rule format- Improved error handling and added retries in
akamai_property_activation
resource - Relaxed validation used for includes used in
akamai_property_rules_template
. Files cannot be empty but do not necessary have to be valid json files.
- Behavior