Domains

akamai_property_domainownership_domains

📘
Beta
Hello. Just a note to let you know the underlying API on which this resource is built is in a beta state, so it's not vetted yet.
Because this functionality is also new to our Terraform provider, we've given it beta label to get your feedback to make sure it works like you need and expect.
For more details on domain validation enforcement, see the Validate domains guide.

Add or remove claims of ownership over a set of domains.

You can track up to 1,000 domains in that resource at once. However, for optimal performance and a smoother user experience, keep the number of domains well below this limit.

If you try to remove a domain with the VALIDATED status from the resource, Terraform first invalidates that domain.

resource "akamai_property_domainownership_domains" "my-domains" {
  domains = [
    {
      domain_name      = "example.com"
      validation_scope = "HOST"
    },
    {
      domain_name      = "sub.example.com"
      validation_scope = "WILDCARD"
    }
  ]
}

my-domains = {
  domains = [
    {
      account_id                = "A-CCT1234"
      domain_name               = "example.com"
      domain_status             = "REQUEST_ACCEPTED"
      validation_challenge      = {
        cname_record    = {
          name   = "_acme-challenge.example.com"
          target = "ac.1ab23c45def678gh9ij01klm23n4op.example.com.validate-akdv.net"
        }
        expiration_date = "2025-11-08T11:39:14Z"
        http_file       = {
          content      = "abcDeFghi12JK-LmNopQr3ST-uVwX4Y_zAbCDEfgijkLmnoPqRstuV5-wXy678Z"
          content_type = "text/plain"
          path         = "https://example.com/.well-known/akamai/akamai-challenge/abc1dEf3gh-ij3hlmoPr"
        }
        http_redirect   = {
          from = "https://example.com/.well-known/akamai/akamai-challenge/abc1dEf3gh-ij3hlmoPr"
          to   = "https://validation.akamai.com/.well-known/akamai/akamai-challenge/abcDeFghi12JK-LmNopQr3ST-uVwX4Y_zAbCDEfgijkLmnoPqRstuV5-wXy678Z"
        }
        txt_record      = {
          name  = "_akamai-host-challenge.example.com"
          value = "abcDeFghi12JK-LmNopQr3ST-uVwX4Y_zAbCDEfgijkLmnoPqRstuV5-wXy678Z"
        }
      }
      validation_completed_date = null
      validation_method         = "DNS_TXT"
      validation_requested_by   = "jsmith"
      validation_requested_date = "2025-11-05T11:39:14Z"
      validation_scope          = "HOST"
    },
    {
      account_id                = "A-CCT1234"
      domain_name               = "sub.example.com"
      domain_status             = "REQUEST_ACCEPTED"
      validation_challenge      = {
        cname_record    = {
          name   = "_acme-challenge.sub.example.com"
          target = "ac.z9yx87wv654utsrq32ponm10lk987j.sub.example.com.validate-akdv.net"
        }
        expiration_date = "2025-11-08T11:39:14Z"
        http_file       = null
        http_redirect   = null
        txt_record      = {
          name  = "_akamai-wildcard-challenge.sub.example.com"
          value = "zyXwyUT98Sr-qPonmLkJi7Hg-FeDC6b_AzywVusTrQpONmlkJ5iHGf-eDc43b"
        }
      }
      validation_completed_date = null
      validation_method         = "DNS_TXT"
      validation_requested_by   = "jsmith"
      validation_requested_date = "2025-11-05T11:39:14Z"
      validation_scope          = "WILDCARD"
    },
  ]
}

Arguments

Send a list of domains to add claims of ownership.

Argument	Required	Description
`domains`	✔	A list of domains. Each domain record includes: `domain_name`. Required. Your domain's name. `validation_scope`. Required. Your domain's validation scope. Possible values are: `HOST`. The scope is only the exactly specified domain. `WILDCARD`. The scope covers any hostname within one subdomain level. `DOMAIN`. The scope covers any hostnames under the domain, regardless of the level of subdomains.

Attributes

There's no standard output for this resource as changes are reflected in your state file and based on what you passed in the resource block body.

Attribute Description

Attribute	Description
`domains`	A list of domains. Each domain record includes: `account_id`. Your account's ID. `domain_status`. The domain's validation status. Possible values are: `REQUEST_ACCEPTED`. When you successfully submit the domain for validation. `VALIDATION_IN_PROGRESS`. When DOM has initiated domain validation, either via background jobs or an API request, but the validation hasn't succeeded. This status remains until the domain challenges are correctly configured and successfully verified. `VALIDATED`. When the validation is completed successfully. Akamai recognizes you as the domain owner. `TOKEN_EXPIRED`. When you haven't completed the validation in the requested time frame and the challenge token is not valid anymore. You need to generate new validation challenges for the domain. `INVALIDATED`. When the domain was invalidated and Akamai doesn't recognize you as its owner. `validation_method`. The method used to validate the domain. Possible values are: `DNS_CNAME`. For this method, Akamai generates a `cname_record` that you copy as the `target` to a `CNAME` record of your DNS configuration. The record's name needs to be in the `_acme-challenge.domain-name` format. `DNS_TXT`. For this method, Akamai generates a `txt_record` with a token `value` that you copy as the `target` to a `TXT` record of your DNS configuration. The record's name needs to be in the `_akamai-{host\|wildcard\|domain}-challenge.domainName` format based on the validation scope. `HTTP`. Applies only to domains with the `HOST` validation scope. For this method, you create the file containing a token and place it on your HTTP server in the location specified by the `domains[0].validation_challenge.http_file.path` or use a redirect to the `domains[0].validation_challenge.http_redirect.to` with the token. `SYSTEM`. This method refers to domains that were automatically validated before Domain Validation Manager (DOM) was introduced. `MANUAL`. For this method, the DOM team manually performed the validation. `validation_requested_by` The name of the user who requested the domain validation. `validation_requested_date`. The timestamp indicating when the domain validation was requested. `validation_completed_date`. The timestamp indicating when the domain validation was completed. `validation_challenge`. The domain's validation challenge details. Includes: `cname_record`. The details of the `CNAME` record you copy to your DNS configuration to prove you own the domain. You should use the `DNS_CNAME` method in most cases. Includes: `name`. The `CNAME` record for your domain that you add to the DNS configuration. `target`. The `target` value you set in the `CNAME` record that validates the domain ownership. `txt_record`. The details of the `TXT` record with the challenge token that you copy to your DNS configuration to prove you own the domain. Includes: `name`. The hostname where you should add the `TXT` record to validate the domain ownership. `value`. The token you need to copy to the DNS `TXT` record that validates the domain ownership. `http_file`. Available only for the `HOST` validation scope. The details for the HTTP validation method in which you create a file containing a token and save it on your HTTP server at the provided URL. Alternatively, you can use the `http_redirect` method. Includes: `path`. The URL where you should place the file containing the challenge token. `content`. The content of the file that you should place at the specified URL. `content_type`. The content type of the file containing the token. `http_redirect`. Available only for the `HOST` validation scope. The details for the HTTP validation method in which you use a redirect URL with the token. Alternatively, you can use the `http_file` method. Includes: `from`. The location on your HTTP server where you set up the redirect. `to`. The redirect URL with the token that you place on your HTTP server. `expiration_date`. The timestamp indicating when the challenge data expires.

domains

A list of domains. Each domain record includes:

account_id. Your account's ID.
domain_status. The domain's validation status. Possible values are:
- REQUEST_ACCEPTED. When you successfully submit the domain for validation.
- VALIDATION_IN_PROGRESS. When DOM has initiated domain validation, either via background jobs or an API request, but the validation hasn't succeeded. This status remains until the domain challenges are correctly configured and successfully verified.
- VALIDATED. When the validation is completed successfully. Akamai recognizes you as the domain owner.
- TOKEN_EXPIRED. When you haven't completed the validation in the requested time frame and the challenge token is not valid anymore. You need to generate new validation challenges for the domain.
- INVALIDATED. When the domain was invalidated and Akamai doesn't recognize you as its owner.
validation_method. The method used to validate the domain. Possible values are:
- DNS_CNAME. For this method, Akamai generates a cname_record that you copy as the target to a CNAME record of your DNS configuration. The record's name needs to be in the _acme-challenge.domain-name format.
- DNS_TXT. For this method, Akamai generates a txt_record with a token value that you copy as the target to a TXT record of your DNS configuration. The record's name needs to be in the _akamai-{host|wildcard|domain}-challenge.domainName format based on the validation scope.
- HTTP. Applies only to domains with the HOST validation scope. For this method, you create the file containing a token and place it on your HTTP server in the location specified by the domains[0].validation_challenge.http_file.path or use a redirect to the domains[0].validation_challenge.http_redirect.to with the token.
- SYSTEM. This method refers to domains that were automatically validated before Domain Validation Manager (DOM) was introduced.
- MANUAL. For this method, the DOM team manually performed the validation.
validation_requested_by The name of the user who requested the domain validation.
validation_requested_date. The timestamp indicating when the domain validation was requested.
validation_completed_date. The timestamp indicating when the domain validation was completed.
validation_challenge. The domain's validation challenge details. Includes:
- cname_record. The details of the CNAME record you copy to your DNS configuration to prove you own the domain. You should use the DNS_CNAME method in most cases. Includes:
  - name. The CNAME record for your domain that you add to the DNS configuration.
  - target. The target value you set in the CNAME record that validates the domain ownership.
- txt_record. The details of the TXT record with the challenge token that you copy to your DNS configuration to prove you own the domain. Includes:
  - name. The hostname where you should add the TXT record to validate the domain ownership.
  - value. The token you need to copy to the DNS TXT record that validates the domain ownership.
- http_file. Available only for the HOST validation scope. The details for the HTTP validation method in which you create a file containing a token and save it on your HTTP server at the provided URL. Alternatively, you can use the http_redirect method. Includes:
  - path. The URL where you should place the file containing the challenge token.
  - content. The content of the file that you should place at the specified URL.
  - content_type. The content type of the file containing the token.
- http_redirect. Available only for the HOST validation scope. The details for the HTTP validation method in which you use a redirect URL with the token. Alternatively, you can use the http_file method. Includes:
  - from. The location on your HTTP server where you set up the redirect.
  - to. The redirect URL with the token that you place on your HTTP server.
- expiration_date. The timestamp indicating when the challenge data expires.

Updated about 15 hours ago

📘Beta

Arguments

Attributes

📘
Beta