GuideReference
Guide

Hostnames

akamai_property_hostnames

Get a given property's hostnames and certificate statuses.

🚧

To view Enhanced TLS hostnames, you need at least Secure Site Delivery CNAMEs - View only access.

Use the roles data source to determine your access level.

data "akamai_property_hostnames" "my-property-hostnames" {
  group_id    = "12345"
  contract_id = "C-0N7RAC7"
  property_id = "12345"
  version     = 1
}

output "my-property-hostnames" {
  value = data.akamai_property_hostnames.my-property-hostnames
}

my-property-hostnames = {
  contract_id = "C-0N7RAC7"
  group_id    = "12345"
  hostname_bucket = null
  hostnames   = [
    {
      ccm_cert_status               = []
      ccm_certificates              = []
      cert_provisioning_type        = "DEFAULT"
      cert_status                   = [
        {
          hostname          = "_acme-challenge.example.com"
          production_status = "ACTIVE"
          staging_status    = "ACTIVE"
          target            = "ac.123456a1234abc1abcdefg12345a1234.exammple.com.validate-akdv.net"
        },
      ]
      cname_from                    = "example.com"
      cname_to                      = "example.com.edgesuite.net"
      cname_type                    = "EDGE_HOSTNAME"
      domain_ownership_verification = [
        {
          challenge_token_expiry_date = "2026-02-06T11:56:55Z"
          status                      = "VALIDATION_IN_PROGRESS"
          validation_cname            = [
            {
              hostname = "_acme-challenge.example.com"
              target   = "ac.1ab23c45def678gh9ij01klm23n4op.example.com.validate-akdv.net"
            },
          ]
          validation_http             = [
            {
              file_content_method = [
                {
                  body = "abcDeFghi12JK-LmNopQr3ST-uVwX4Y_zAbCDEfgijkLmnoPqRstuV5-wXy678Z"
                  url  = "https://example.com/.well-known/akamai/akamai-challenge/abc1dEf3gh-ij3hlmoPr"
                },
              ]
              redirect_method     = [
                {
                  http_redirect_from = "https://example.com/.well-known/akamai/akamai-challenge/abc1dEf3gh-ij3hlmoPr"
                  http_redirect_to   = "https://validation.akamai.com/.well-known/akamai/akamai-challenge/abcDeFghi12JK-LmNopQr3ST-uVwX4Y_zAbCDEfgijkLmnoPqRstuV5-wXy678Z"
                },
              ]
            },
          ]
          validation_txt              = [
            {
              challenge_token = "abcDeFghi12JK-LmNopQr3ST-uVwX4Y_zAbCDEfgijkLmnoPqRstuV5-wXy678Z"
              hostname        = "_akamai-host-challenge.example.com"
            },
          ]
        },
      ]
      edge_hostname_id              = "ehn_12345"
      mtls                          = []
      tls_configuration             = []
    },
    {
      ccm_cert_status               = [
        {
          ecdsa_production_status = "NOT_FOUND"
          ecdsa_staging_status    = "DEPLOYED_NONE"
          rsa_production_status   = "NEEDS_ACTIVATION"
          rsa_staging_status      = "DEPLOYED"
        },
      ]
      ccm_certificates              = [
        {
          ecdsa_cert_id = ""
          rsa_cert_id   = "12345"
        },
      ]
      cert_provisioning_type        = "CCM"
      cert_status                   = [
        {
          hostname          = ""
          production_status = ""
          staging_status    = ""
          target            = ""
        },
      ]
      cname_from                    = "example-other.com"
      cname_to                      = "example-other.com.edgekey.net"
      cname_type                    = "EDGE_HOSTNAME"
      domain_ownership_verification = []
      edge_hostname_id              = "ehn_98765"
      mtls                          = [
        {
          ca_set_id          = "12345"
          check_client_ocsp  = false
          send_ca_set_client = false
        },
      ]
      tls_configuration             = [
        {
          cipher_profile              = "ak-akamai-2020q1"
          disallowed_tls_versions     = [
            "TLSv1",
            "TLSv1_1",
          ]
          fips_mode                   = false
          staple_server_ocsp_response = true
        },
      ]
    },
  ]
  id          = "prp_123451"
  property_id = "prp_12345"
  version     = 1
}

my-property-hostnames = {
  contract_id     = "C-0N7RAC7"
  filter_pending_default_certs = false
  group_id        = "12345"
  hostname_bucket = [
    {
      cert_status            = [
        {
          hostname          = "_acme-challenge.www.example.com"
          production_status = "PENDING"
          staging_status    = "PENDING"
          target            = "ac.123456a1234abc1abcdefg12345a1234.www.example.com.validate-akdv.net"
        },
      ]
      cname_from                  = "example.com"
      cname_type                  = "EDGE_HOSTNAME"
      production_cert_type        = "DEFAULT"
      production_cname_to         = "example.com.edgesuite.net"
      production_edge_hostname_id = "ehn_12345"
      staging_cert_type           = "CPS_MANAGED"
      staging_cname_to            = "other.example.com.edgesuite.net"
      staging_edge_hostname_id    = "ehn_98765"
    },
  ]
  hostnames       = null
  id              = "prp_12345"
  property_id     = "prp_12345"
  version         = 1
}

Arguments

Send your contract, group, and property IDs in the declaration to get hostname information.

Argument Required Description
contract_id Your contract's ID.
group_id Your group's ID.
property_id Your property's ID.
version Applies only to traditional properties. Your property's version number. If no value is passed, the information returned is for the latest version.

Note: The version value is ignored for hostname bucket properties if provided.
filter_pending_default_certs When set to true, the response includes the DEFAULT certificates whose activation status on the staging or production network is PENDING. Defaults to false if not set.

Attributes

Returned to you is a computed set with details of your property's hostnames.

Attribute Description
contract_id The contract's ID.
group_id The group's ID.
id The data source's ID, consisting of the property's ID and the property's version number. For properties of the HOSTNAME_BUCKET type, it consists only of the property's ID.
property_id The property's ID.
version The property's version number.
hostnames A set of your property's hostnames.
Notes:
  • When the DEFAULT certificate's production or staging status is PENDING, EXPIRING_SOON_NEEDS_VALIDATION, or EXPIRED_NEEDS_VALIDATION, perform domain validation to prove you control the domain. You can do this by adding a CNAME record to your DNS.
  • The CCM feature is currently a limited-availability service that helps you manage TLS/SSL certificates with your properties. To learn more or request access, talk to your account representative.
  • cert_provisioning_type. A certificate's provisioning type. Possible values are:
    • CPS_MANAGED for custom certificates you provision with Certificate Provisioning System.
    • CCM for custom certificates you provision with Cloud Certificate Manager.
    • DEFAULT for certificates provisioned automatically.
  • cert_status. A DEFAULT certificate's status details.
    • hostname. The hostname part of the CNAME record used to validate the certificate's domain.
    • production_status. The certificate's deployment status on the production network.
    • staging_status. The certificate's deployment status on the staging network.
    • target. The destination part of the CNAME record used to validate the certificate's domain.
  • cname_from. A hostname's origin.
  • cname_to. The edge hostname you point the property hostname to so that you can start serving traffic through Akamai servers.
  • cname_type. A hostname's CNAME type, either EDGE_HOSTNAME or CUSTOM.
  • edge_hostname_id. An edge hostname's ID, including the ehn_ prefix.
  • ccm_certificates. Details of certificates with the RSA or ECDSA key type created with Cloud Certificate Manager (CCM). Includes:
    • ecdsa_cert_id. The certificate's ID with the ECDSA key type.
    • rsa_cert_id. The certificate's ID with the RSA key type.
  • ccm_cert_status. The deployment status for CCM certificates with the RSA or ECDSA key type. Includes:
    • ecdsa_staging_status. The deployment status on the staging network for the CCM certificate with the ECDSA key type.
    • ecdsa_production_status. The deployment status on the production network for the CCM certificate with the ECDSA key type.
    • rsa_staging_status. The deployment status on the staging network for the CCM certificate with the RSA key type.
    • rsa_production_status. The deployment status on the production network for the CCM certificate with the RSA key type.
  • mtls. The mutual TLS configuration for the hostnames created with Cloud Certificate Manager (CCM). Includes:
    • ca_set_id. The certificate authority (CA) set's ID.
    • check_client_ocsp. When true, it checks the Online Certificate Status Protocol (OCSP) status for the client certificate.
    • send_ca_set_client. When true, the server sends the CA set to the client during the TLS handshake.
  • tls_configuration. The TLS configuration settings for the Cloud Certificate Manager (CCM) hostnames. Includes:
    • cipher_profile. The cipher profile's name.
    • disallowed_tls_versions. A list of TLS versions that aren't trusted.
    • fips_mode. When true, it enables Federal Information Processing Standard (FIPS) mode.
    • staple_server_ocsp_response. When true, it staples the OCSP response for the server certificate.
  • domain_ownership_verification. The details of the domain ownership validation for the hostname. Includes:
    • status. The domain's validation status. Possible values are:
      • NOT_VALIDATED. When the domain hasn't been validated yet.
      • REQUEST_ACCEPTED. When you submit the domain for validation.
      • PENDING. When the domain is waiting for the validation to start.
      • VALIDATION_IN_PROGRESS. When the validation starts.
      • VALIDATED. When the validation is completed successfully.
      • TOKEN_EXPIRED. When you haven't completed the validation in the requested time frame and you need to generate new validation challenges for the domain.
      • INVALIDATED. When you no longer want a domain to be owned within Akamai.
    • challenge_token_expiry_date. The timestamp indicating when the domain validation challenge token expires.
    • validation_cname. The CNAME record you copy to your DNS configuration to prove you own the domain. Includes:
      • hostname. The hostname part of the CNAME record that validates the domain ownership.
      • target. The destination part of the CNAME record that validates the domain ownership.
    • validation_txt. The TXT record with the challenge token that you copy to your DNS configuration to prove you own the domain. Includes:
      • hostname. The hostname where you should add the TXT record to validate the domain ownership.
      • challenge_token. The token you need to copy to the DNS TXT record that validates the domain ownership.
    • validation_http. Applies only to domains with the HOST validation scope. In the HTTP validation method, you create a file containing a token and save it on your HTTP server at the provided URL or use a redirect URL with the token. Includes:
      • redirect_method. The details for the HTTP redirect method of validation. Includes:
        • http_redirect_from. The location on your HTTP server where you set up the redirect.
        • http_redirect_to. The redirect URL with the token that you place on your HTTP server.
      • file_content_method. The details for the file content validation method. Includes:
        • url. The URL where you should place the file containing the challenge token.
        • body. The content of the file that you should place at the specified URL.
hostname_bucket A set of hostnames if your property is of the HOSTNAME_BUCKET type.
  • cert_status. A DEFAULT certificate's status details.
    • hostname. The hostname part of the CNAME record used to validate the certificate's domain.
    • production_status. The certificate's deployment status on the production network.
    • staging_status. The certificate's deployment status on the staging network.
    • target. The destination part of the CNAME record used to validate the certificate's domain.
  • cname_from. A hostname's origin.
  • cname_type. A hostname's CNAME type. Supports only the EDGE_HOSTNAME value.
  • production_cert_type. A certificate's provisioning type used on the production network. Possible values are:
    • CPS_MANAGED for custom certificates you provision with Certificate Provisioning System.
    • DEFAULT for certificates provisioned automatically.
  • production_cname_to. The edge hostname you point the property hostname to on the production network so that you can start serving traffic through Akamai servers.
  • production_edge_hostname_id. An edge hostname's ID used on the production network, including the ehn_ prefix.
  • staging_cert_type. A certificate's provisioning type used on the staging network. Possible values are:
    • CPS_MANAGED for custom certificates you provision with Certificate Provisioning System.
    • DEFAULT for certificates provisioned automatically.
  • staging_cname_to. The edge hostname you point the property hostname to on the staging network so that you can start serving traffic through Akamai servers.
  • staging_edge_hostname_id. An edge hostname's ID used on the staging network, including the ehn_ prefix.

Updated 12 days ago