v6.6.0

RELEASE NOTES

6.6.0 (Nov 21, 2024)

FEATURES/ENHANCEMENTS:

• Appsec

  • Fixed a problem with the missing security_policy_id during update if a resource was imported previously.
  • Added the akamai_appsec_aap_selected_hostnames resource and data source.
  • Modified the enable_botman_siem field from Required to the Optional parameter in the akamai_appsec_siem_settings resource.

• Cloud Access

  • Added functionality to import the akamai_cloudaccess_key resource for specified group and contract IDs.
  • Marked the cloud_secret_access_key field as a sensitive value in the akamai_cloudaccess_key resource (I#580).

• CPS

  • Refreshed a list of warnings returned by the akamai_cps_warnings data source.

• DNS

  • Added the new outbound_zone_transfer field to the akamai_dns_zone resource.

• Edgeworkers

  • Stopped sending an EdgeKV initialization request in the akamai_edgekv resource when EdgeKV is already initialized. (I#589)

• PAPI

  • Added support for the new rule format v2024-10-21.

BUG FIXES:

• Appsec

  • Fixed a plug-in crash if the exceptions block is passed as empty in the akamai_appsec_siem_settings resource.

• Cloud Access

  • Resolved issues with drift detection after deleting a key version in the akamai_cloudaccess_key resource (I#579).
  • Fixed cases where ProcessingType = "FAILED" was received in a response from the akamai_cloudaccess_key resource. This was causing unnecessary pooling until the timeout.

• GTM

  • Added checks to verify the existence of specific objects on the server when creating these resources:
    • akamai_gtm_asmap
    • akamai_gtm_cidrmap
    • akamai_gtm_domain
    • akamai_gtm_geomap
    • akamai_gtm_property
    • akamai_gtm_resource

• PAPI

  • Fixed an idempotency issue in property activation when rule_errors is empty.
  • Fixed an issue when timeout in the akamai_property_activation resource would terminate with the Provider produced inconsistent result after apply error.
    • Changed a timeout message from a warning to an error in the akamai_property_activation and akamai_property_include_activation resources.
  • Fixed an import of the akamai_property_include resource to properly populate the include's product_id field (I#575).

DEPRECATIONS

• Appsec
  • Deprecated the akamai_appsec_wap_selected_hostnames data source and resource. Use the akamai_appsec_aap_selected_hostnames data source and resource instead.

v6.5.0

RELEASE NOTES

6.5.0 (Oct 10, 2024)

FEATURES/ENHANCEMENTS:

• Global

  • Migrated Terraform to version 1.9.5.
  • Updated SDK v2 and framework libraries.

• Appsec

  • Added the exceptions block to the akamai_appsec_siem_settings resource with these nested fields:
    • api_request_constraints
    • apr_protection
    • bot_management
    • client_rep
    • custom_rules
    • ip_geo
    • malware_protection
    • rate
    • url_protection
    • slow_post
    • waf

• GTM

  • Added the retry logic to the akamai_gtm_property resource to handle errors caused by the prolonged creation time, leading to Property Validation Failure with the "no datacenter is assigned to map target (all others)" error from the API.

• IAM

  • Added new data sources:
    • akamai_iam_accessible_groups - reads the groups and subgroups accessible for a given user.
    • akamai_iam_account_switch_keys - reads the account switch keys.
    • akamai_iam_allowed_apis - reads the list of APIs available to a given user.
    • akamai_iam_authorized_users - reads the list of authorized API client users.
    • akamai_iam_blocked_properties - reads blocked properties for a certain user in a group.
    • akamai_iam_cidr_block - reads details of a specified CIDR block.
    • akamai_iam_cidr_blocks - lists all CIDR blocks available to you on your allowlist.
    • akamai_iam_group - reads details about a given group and any of its subgroups.
    • akamai_iam_password_policy - reads the password policy parameters.
    • akamai_iam_property_users - lists users for a given property or include.
    • akamai_iam_role - reads details of a specified role.
    • akamai_iam_user - reads details of a specific user account.
    • akamai_iam_users - lists all users with access to your account.
    • akamai_iam_users_affected_by_moving_group - lists the users affected by moving a group.
  • Added new resources:
    • akamai_iam_cidr_block - manages CIDR block assigned to the allowlist.
    • akamai_iam_ip_allowlist - enables or disable your account's allowlist.
  • Added new attributes to the resource_akamai_iam_user resource.
    • user_notifications to support user notifications.
    • enable_mfa to support authentication of type "MFA".
    • password to allow users to set a password when creating and updating a user.
  • Made the enable_tfa attribute optional in the resource_akamai_iam_user resource.
  • Added the asset_id schema field (an IAM identifier of a property or include) to:
    • The akamai_property resource and data source,
    • The akamai_property_include resource and data source.
  • Improved date handling to use time.Time instead of string.

• PAPI

  • Added a new optional param to the import id of the akamai_edge_hostname resource.
    It allows to specify the product ID of the imported hostname and save it in the state.

BUG FIXES:

• PAPI
  • Added support for status code 429 Too Many Requests containing X-RateLimit-Next header.
    When X-RateLimit-Next is present, the wait time before retry is calculated as the time
    difference between this header and the Date header.
  • Fixed an issue with the akamai_property_activation resource where updating it with an active or previously active property version for a configuration without a state file didn’t trigger a new property activation.

DEPRECATIONS:

• PAPI
  • Deprecated fields product_id and rule_format from akamai_properties datasource. Please use akamai_property to fetch this data.

v6.4.0

RELEASE NOTES

6.4.0 (Sep 04, 2024)

FEATURES/ENHANCEMENTS:

• Global

  • Updated SDKv2 and framework libraries as result of updating terraform-plugin-testing

• Appsec

  • Added request_body_inspection_limit_override field to akamai_appsec_advanced_settings_request_body resource

• CPS

  • Added acknowledge_post_verification_warnings to the akamai_cps_dv_validation resource to allow for acknowledgement of post-verification warnings

• PAPI

  • Added support for new rule format v2024-08-13

BUG FIXES:

• Appsec

  • Fixed import of akamai_appsec_match_target for newly created security configuration or any security configuration not synced in the terraform state (I#546)
  • Fixed issue where activation was not triggered after network list change in resource_akamai_networklist_activations resource (I#518)
  • Fixed akamai_appsec_configuration data source to return a single security configuration in the output_text instead of the entire list of security configurations

• Cloudlets

  • Corrected format of the retry time when logging in akamai_cloudlets_application_load_balancer_activation and akamai_cloudlets_policy_activation resources

• PAPI

  • Fixed issue with provider producing an inconsistent final plan with Cloudlet policy (I#567).
    It happened in cases when content of the rule depends on some other resource

v6.3.0

RELEASE NOTES

6.3.0 (July 16, 2024)

FEATURES/ENHANCEMENTS:

• Migrated Go version to 1.21.12 for builds.

• Appsec

  • Added field host_names to the akamai_appsec_configuration data source

• BOTMAN

  • Added new resource:
    • akamai_botman_content_protection_javascript_injection_rule - read and update
    • akamai_botman_content_protection_rule - read and update
    • akamai_botman_content_protection_rule_sequence - read and update
  • Added new data source:
    • akamai_botman_content_protection_javascript_injection_rule - read
    • akamai_botman_content_protection_rule - read
    • akamai_botman_content_protection_rule_sequence - read

• Client Lists

  • Extended list of fields for which akamai_clientlist_activation diff is suppressed with notification_recipients and siebel_ticket_id. Diff suppressed when activation is not required.

• Cloud Access (I#247)

  • Added datasource:
    • akamai_cloudaccess_key - read details for key by name
    • akamai_cloudaccess_keys - read list of access key for current user account
    • akamai_cloudaccess_key_versions - read details for key versions by key name
    • akamai_cloudaccess_key_properties - read list of active properties for given access key
  • Added resource:
    • akamai_cloudaccess_key - create, read, update, delete, import

• DNS

  • Added data source:
    • akamai_zone_dnssec_status - reads the DNSSEC status of a single zone in Edge DNS (I#509)

• GTM

  • Added more details for gtm_property resource in case of error being returned from the API

• PAPI

  • Added support for new rule format v2024-05-31
  • Added new optional field ttl to akamai_edge_hostname resource.
    When it is used, creation or update takes longer as resource has to synchronize its state with HAPI.

BUG FIXES:

• Appsec

  • A new config version will be created if the latest config version is active in either Staging or Production, and protected and/or evaluated hostnames are updated using akamai_appsec_wap_selected_hostnames (#I540)
  • Fixed issue where terraform provider plugin crashes due to empty string input for list geo_network_lists, ip_network_lists, exception_ip_network_lists and asn_network_lists in akamai_appsec_ip_geo resource

• DNS

  • Improved validation of IPv6 addresses in akamai_dns_record resource for records of type AAAA (I#550)
  • Fixed issue in akamai_dns_record resource that could cause incorrect targets planned to be modified or reordering targets send to server for TXT record type (I#499, I#541, I#559)
  • Fixed issue in akamai_dns_recordset datasource that for TXT record type, returned targets were needlessly reordered (I#559)

• PAPI

  • Removed caching from akamai_contracts data source
  • Fixed issue in akamai_edge_hostname resource when update is performed straight after create
  • Fixed issue in data_akamai_property_rules_template that having root template in the same directory as .terraform dir would cause error.
    Now, datasource will not search for templates inside .terraform directory (I#557)
  • Fixed an issue that caused the compliance_record in imported akamai_property_activation and akamai_property_include_activation to be empty and could not be updated.
    • Added the ability to update compliance_record in akamai_property_activation and akamai_property_include_activation via terraform apply (the update will not trigger new activation if version/network/property was not changed)
  • Fixed issue that having akamai_property and akamai_property_activation (or akamai_property_include and akamai_property_include_activation) resources linked using staging_version or production_version
    and modifying rules and note could sometimes result in Provider produced inconsistent final plan error (I#549).

v6.2.0

RELEASE NOTES

6.2.0 (May 28, 2024)

FEATURES/ENHANCEMENTS:

• Global

  • Added validation for retryable logic values.
    • retry_max or AKAMAI_RETRY_MAX - Cannot be higher than 50
    • retry_wait_min or AKAMAI_RETRY_WAIT_MIN - Cannot be longer than 24h
    • retry_wait_max or AKAMAI_RETRY_WAIT_MAX - Cannot be longer than 24h
  • Migrated Terraform to version 1.7.5
  • Updated SDKv2 and framework libraries

• Appsec

  • Suppressed rate policy diff when counterType field absence is the only change for akamai_appsec_rate_policy resource
  • Suppressed activations diff when notification_emails field is the only change for akamai_appsec_activations resource

• BOTMAN

  • Added resource:
    • akamai_botman_custom_bot_category_item_sequence - read and update

• Cloudlets

  • Added import for akamai_cloudlets_application_load_balancer_activation resource

• GTM

  • Added data sources:
    • akamai_gtm_geomap - reads information for a specific GTM Geographic map
    • akamai_gtm_geomaps - reads information for GTM Geographic maps under a given domain

• IAM

• Fixed issue of generating an incorrect large difference in granted_roles update (I#525)

• Network Lists

  • Suppressed activations diff when notification_emails field is the only change for akamai_networklist_activations resource

• PAPI

  • Added retry logic for akamai_property_include_activation
  • Added import of the certificate for akamai_edge_hostname resource (I#338)
  • NOTE: Certificate modification is not allowed.

BUG FIXES:

• Appsec

  • Resolved a drift issue with the akamai_appsec_advanced_settings_attack_payload_logging resource
  • Fixed an issue where resource akamai_appsec_activations continues in a loop after API throws an error. (#I528)

• CPS

  • Fixed issue where modifications to SAN list in akamai_cps_third_party_enrollment of the akamai_cps_upload_certificate resource results in to inconsistency terraform plan error.

• DNS

  • Fixed issue in akamai_dns_record that modifying priority and/or priority_increment for MX record type was causing an error

• GTM

  • Fixed issue with order of liveness_test in akamai_gtm_property (PR#404)

DEPRECATIONS:

• CPS
  • Deprecated field unacknowledged_warnings of akamai_cps_upload_certificate resource.

v6.1.0

RELEASE NOTES

6.1.0 (Apr 23, 2024)

FEATURES/ENHANCEMENTS:

• DNS

  • Added second mode to akamai_dns_record resource where it is possible to provide individual values for priority, weight and port to every SRV target.
    In such case it is not allowed to provide values for resource level fields priority, weight and port.
    It is not allowed to mix targets with and without those fields.
    (I#370)

• Image and Video Manager

  • Added support for SmartCrop transformation in akamai_imaging_policy_image datasource

BUG FIXES:

• CPS
  • Fixed issue with terraform producing inconsistent final plan for akamai_cps_upload_certificate resource on SAN list modification in akamai_cps_third_party_enrollment resource.

v6.0.0

RELEASE NOTES

6.0.0 (Mar 26, 2024)

BREAKING CHANGES:

• General

  • Migrated to terraform protocol version 6, hence minimal required terraform version is 1.0

• PAPI

  • Added validation to raise an error if the creation of the akamai_edge_hostname resource is attempted with an existing edge hostname.
  • Added validation to raise an error during the update of akamai_edge_hostname resource for the immutable fields: 'product_id' and 'certificate'.

FEATURES/ENHANCEMENTS:

• Global

  • Requests limit value is configurable via field request_limit or environment variable AKAMAI_REQUEST_LIMIT
  • Added retryable logic for all GET requests to the API.
    This behavior can be disabled using retry_disabled field from akamai provider configuration or via environment variable AKAMAI_RETRY_DISABLED.
    It can be fine-tuned using following fields or environment variables:
    • retry_max or AKAMAI_RETRY_MAX - The maximum number retires of API requests, default is 10
    • retry_wait_min or AKAMAI_RETRY_WAIT_MIN - The minimum wait time in seconds between API requests retries, default is 1 sec
    • retry_wait_max or AKAMAI_RETRY_WAIT_MAX - The maximum wait time in minutes between API requests retries, default is 30 sec
  • Migrated to go 1.21
  • Bumped various dependencies

• Appsec

  • Added resource:
    • akamai_appsec_penalty_box_conditions - read and update
    • akamai_appsec_eval_penalty_box_conditions - read and update
  • Added new data source:
    • akamai_appsec_penalty_box_conditions - read
    • akamai_appsec_eval_penalty_box_conditions - read

• CPS

  • Added fields: org_id, assigned_slots, staging_slots and production_slots to data_akamai_cps_enrollment and data_akamai_cps_enrollments data sources

• Edgeworkers

  • Improved error handling in akamai_edgeworkers_activation and resource_akamai_edgeworker resources
  • Improved error handling in akamai_edgeworker_activation datasource

• GTM

  • Added fields:
    • precedence inside traffic_target in akamai_gtm_property resource and akamai_gtm_domain data source
    • sign_and_serve and sign_and_serve_algorithm in akamai_gtm_domain data source and resource
    • http_method, http_request_body, alternate_ca_certificates and pre_2023_security_posture inside liveness_test in akamai_gtm_property resource and akamai_gtm_domain data source
  • Added support for ranked-failover properties in akamai_gtm_property resource
  • Enhanced error handling in akamai_gtm_asmap, akamai_gtm_domain, akamai_gtm_geomap, akamai_gtm_property and akamai_gtm_resource resources

• IMAGING

  • In the event of an API failure during a policy update, reverting to the previous state (I#491, I#493)
  • When performing the read operation, if activate_on_production is true, fetch the policy state from the production network; otherwise, obtain it from the staging environment.

• PAPI

  • Added attributes to akamai_property datasource:
    • contract_id, group_id, latest_version, note, production_version, product_id, property_id, rule_format, staging_version
  • data_akamai_property_rules_builder is now supporting v2024-02-12 rule format

BUG FIXES:

• Appsec

  • Fixed ukraine_geo_control_action drift issue (I#484)

• Cloudlets

  • Allowed empty value for match rules json attribute for data sources:
    • akamai_cloudlets_api_prioritization_match_rule
    • akamai_cloudlets_application_load_balancer_match_rule
    • akamai_cloudlets_audience_segmentation_match_rule
    • akamai_cloudlets_edge_redirector_match_rule
    • akamai_cloudlets_forward_rewrite_match_rule
    • akamai_cloudlets_phased_release_match_rule
    • akamai_cloudlets_request_control_match_rule
    • akamai_cloudlets_visitor_prioritization_match_rule

• CPS

  • Changed below fields from required to optional in akamai_cps_dv_enrollment and akamai_cps_third_party_enrollment
    for admin_contact and tech_contact attributes:
    • organization
    • address_line_one
    • city
    • region
    • postal_code
    • country_code

• PAPI

  • Fixed case when origin_certs_to_honor field from origin behavior mandates presence of empty custom_certificate_authorities and/or custom_certificates options inside origin behavior for akamai_property_rules_builder datasource (I#515)

DEPRECATIONS

• Appsec
  • akamai_appsec_selected_hostnames data source and resource are deprecated with a scheduled end-of-life in v7.0.0 of our provider. Use the akamai_appsec_configuration instead.

v5.6.0

RELEASE NOTES

5.6.0 (Feb 19, 2024)

FEATURES/ENHANCEMENTS:

• Appsec

  • Added retries in akamai_appsec_activations and akamai_networklist_activations resources (I#471)
  • Added reactivation support for akamai_appsec_activations if the config was deactivated manually (I#441 and I#442)

• Cloudlets

  • Added support for Shared Cloudlets Policies. To use it, provide is_shared field in akamai_cloudlets_policy resource as true. (I#276)
  • Added validation to prevent changing immutable cloudlet_code field in akamai_cloudlets_policy resource
  • Added support for importing policies without any version
  • Added new data source:
    • akamai_cloudlets_policy_activation - read
    • akamai_cloudlets_shared_policy - read
  • Changes for akamai_cloudlets_policy_activation resource
    • Added support for shared (V3) policies
    • Added import for akamai_cloudlets_policy_activation
    • Field associated_properties was changed to optional but is still required for non-shared policies
    • Added is_shared computed field to indicate if processing policy is shared

• DNS

  • Enhanced handling of akamai_dns_zone resource when no group is provided:
    • When there is only one group present, the processing should continue with a descriptive warning
    • When there are more than one group present, the processing will fail with descriptive error asking to provide group in the configuration

• Edgeworkers

  • Added note attribute to resource_akamai_edgeworkers_activation resource

• GTM

  • Added data sources:
    • akamai_gtm_asmap - reads information for a specific GTM asmap
    • akamai_gtm_resources - reads information for a specific GTM resources under given domain
    • akamai_gtm_resource - reads information for a specific GTM resource
    • akamai_gtm_domain - reads information for a specific GTM domain
    • akamai_gtm_domains - reads list of GTM domains under a given contract
    • akamai_gtm_cidrmap - reads information for a specific GTM cidrmap

• IVM

  • Extended akamai_imaging_policy_image with new fields:
    • serve_stale_duration available under policy
    • allow_pristine_on_downsize and prefer_modern_formats available under policy.output

• PAPI

  • Added new resource:
    • akamai_property_bootstrap - create, read, update and delete property without specifying rules or edgehostnames. To be used with akamai_property resource and its new field property_id (I#466)
  • Added version_notes, rule_warnings and property_id attributes to akamai_property resource (I#494)
  • Added support for new rule format v2024-01-09 in data_akamai_property_rules_builder
  • Improved errors for akamai_contract and akamai_group datasources when there are multiple groups or contracts
  • Added name validation for akamai_property_include resource

• Updated various dependencies

BUG FIXES:

• Appsec

  • Fixed provider plugin crash in appsec_attack_group and appsec_eval_group after executing terraform plan (I#480)
  • Fixed drift for struct and list reordering in akamai_appsec_match_target

• Cloudlets

  • Fixed handling of version drift for cloudlets policies (I#478)

• CPS

  • Changed organizational_unit inside csr attribute for akamai_cps_third_party_enrollment and akamai_cps_dv_enrollment
    resources from required to optional. (PR#513)
  • Changed state inside csr attribute for akamai_cps_third_party_enrollment and akamai_cps_dv_enrollment resources from required to optional.

• GTM

  • Fixed 'Inconsistent Final Plan' error for akamai_gtm_property resource
  • The diff when reordering traffic_target in akamai_gtm_property resource at the same time as changing any attribute value inside traffic_target will be extensive (I#496)
  • Added ForceNew to the name attribute for akamai_gtm_property resource as it is not possible to rename it using API (I#520)

v5.5.0

RELEASE NOTES

5.5.0 (Dec 07, 2023)

FEATURES/ENHANCEMENTS:

• APSSEC

  • Updated resource:
    • akamai_appsec_ip_geo - added asn_network_lists attribute to support blocking by ASN client lists
  • Updated data source:
    • akamai_appsec_ip_geo - added asn_network_lists attribute to list ASN client lists

• BOTMAN

  • Added resource:
    • akamai_botman_custom_code - read and update
  • Added data source:
    • akamai_botman_custom_code - read
  • Cached api calls for akamai_botman_akamai_bot_category, akamai_botman_akamai_defined_bot and akamai_botman_bot_detection data sources to improve performance.

• Cloudlets

  • Added origin_description field to akamai_cloudlets_application_load_balancer resource

• PAPI

  • Behavior restrict_object_caching is public (I#314 and #277)
  • Added version support for akamai_property_hostnames data source (I#413)
  • data_akamai_property_rules_builder is now supporting v2023-10-30 rule format
  • Improved error handling and added retries in akamai_property_activation resource
  • Relaxed validation used for includes used in akamai_property_rules_template. Files cannot be empty but do not necessary have to be valid json files.

BUG FIXES:

• DNS

  • Fixed handling of txt records which are longer than 255 bytes (I#430)

• Image and Video Manager

  • Added suppression when providing ctr_ prefix in akamai_imaging_policy_set (I#491)

v5.4.0

RELEASE NOTES

5.4.0 (Oct 31, 2023)

FEATURES/ENHANCEMENTS:

• Appsec

  • Suppressed trigger of new activation for note field change in akamai_networklist_activations and akamai_appsec_activations resources.

• Client Lists

  • Added support for state import for akamai_clientlist_list and akamai_clientlist_activation resources

• Cloudlets

  • Added matches_alway field to akamai_cloudlets_edge_redirector_match_rule data source
  • Added configurable timeout for following resources as timeouts.default field
    • akamai_cloudlets_application_load_balancer_activation
    • akamai_cloudlets_policy_activation
    • akamai_cloudlets_policy

• CPS

  • Added configurable timeout for following resources as timeouts.default field (I#440)
    • akamai_cps_dv_enrollment
    • akamai_cps_dv_validation
    • akamai_cps_third_party_enrollment
    • akamai_cps_upload_certificate

• Edgeworkers

  • Added configurable timeout for following resources as timeouts.default field
    • akamai_edgekv_group_items
    • akamai_edgeworker
  • Added configurable timeout for akamai_edgeworkers_activation resource as timeouts.default and timeouts.delete fields

• IAM

  • Phone number is no longer required for IAM user in akamai_iam_user resource.

• PAPI

  • Added configurable timeout for following resources as timeouts.default field (I#440)
    • akamai_property_activation
    • akamai_property_include_activation
    • akamai_edge_hostname
  • Added configurable timeout for akamai_cp_code resource as timeouts.update field
  • Changed version field in akamai_property_activation data source to optional. Now when version is not provided,
    datasource automatically finds the active one for given network.
  • Allowed empty values for some fields
    in akamai_property_builder (I#481)
  • Added support for new rule format v2023-09-20

BUG FIXES:

• GTM

  • Fixed problem with wrong datacenters updated in akamai_gtm_property.

• IAM

  • Fixed Terraform proposing modifications to user settings when using international phone numbers in akamai_iam_user
    resource.
    • NOTE:
      • For international phone numbers there might be a diff during plan. Please apply suggested change to store the
        correct number.
      • Invalid phone numbers will block the plan.

• PAPI

  • Made status_update_email attribute optional in akamai_edge_hostname resource