Terraform does not destroy Edge Hostnames

[fkieling]

Hi there,

Terraform Version

Terraform v1.5.7
on darwin_arm64

• provider registry.terraform.io/akamai/akamai v5.4.0

Affected Resource(s)

• akamai_edge_hostname

Terraform Configuration Files

resource "akamai_edge_hostname" "akamaitest-edgekey-net" {
  product_id    = "prd_Fresca"
  contract_id   = data.akamai_contract.contract.id
  group_id      = data.akamai_group.group.id
  ip_behavior   = "IPV4"
  edge_hostname = local.edge_hostname
  certificate   = local.certificate_id
}

Problem

Terraform doesn't destroy the Edge Hostname when running 'terraform destroy'.

Expected Behavior

When I run terraform destroy it will destroy the local terraform resource and the Edge Hostname in Akamai.

Actual Behavior

If I run 'terraform destroy' it will destroy the local terraform resource but not the Akamai Edge Hostname.

Steps to Reproduce

1. Create a akamai_edge_hostname with the code above (terraform apply).
2. Check the Edge Hostnames in the Akamai Control Center (Edge Hostname was created successfully).
3. Run terraform destroy

data.akamai_group.group: Reading...
data.akamai_group.group: Read complete after 2s [id=grp_XXXX]
data.akamai_contract.contract: Reading...
data.akamai_contract.contract: Read complete after 0s [id=ctr_XXXX]
akamai_edge_hostname.akamaitest-edgekey-net: Refreshing state... [id=ehn_XXXX]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  - destroy

Terraform will perform the following actions:

  # akamai_edge_hostname.akamaitest-edgekey-net will be destroyed
  - resource "akamai_edge_hostname" "akamaitest-edgekey-net" {
      - certificate   = XXXX -> null
      - contract_id   = "ctr_XXXX" -> null
      - edge_hostname = "XXXX.edgekey.net" -> null
      - group_id      = "grp_XXXX" -> null
      - id            = "ehn_XXXX" -> null
      - ip_behavior   = "IPV4" -> null
      - product_id    = "prd_Fresca" -> null
    }

Plan: 0 to add, 0 to change, 1 to destroy.

Do you really want to destroy all resources?
  Terraform will destroy all your managed infrastructure, as shown above.
  There is no undo. Only 'yes' will be accepted to confirm.

  Enter a value: yes

akamai_edge_hostname.akamaitest-edgekey-net: Destroying... [id=ehn_akamaitest]
akamai_edge_hostname.akamaitest-edgekey-net: Destruction complete after 0s

Destroy complete! Resources: 1 destroyed.

4. Check the Edge Hostnames in the Akamai Control Center (Edge Hostname still exists!).

[lkowalsk-akamai-com]

Thank you for letting us know you've got interest in this functionality. We've looked into this in the past, but because of the risk potential, we erred on the side of safety. However, your request does resurface its need, so we'll revisit its potential and get back to you when we know more.

[david-raine]

In enhanced TLS, the edgehostname "certificate" field must point to a certificate enrollment id. Is that a dependency for deletion?