2021-06-22 22:24:49 +08:00
"Akamai Edge DNS Provider" configures Akamai's
2023-01-11 01:15:27 +08:00
[Edge DNS ](https://www.akamai.com/products/edge-dns ) service.
2021-06-22 22:24:49 +08:00
This provider interacts with Edge DNS via the
2023-01-11 01:15:27 +08:00
[Edge DNS Zone Management API ](https://techdocs.akamai.com/edge-dns/reference/edge-dns-api ).
2021-06-22 22:24:49 +08:00
Before you can use this provider, you need to create an "API Client" with authorization to use the
2023-01-11 01:15:27 +08:00
[Edge DNS Zone Management API ](https://techdocs.akamai.com/edge-dns/reference/edge-dns-api ).
2021-06-22 22:24:49 +08:00
2023-01-11 01:15:27 +08:00
See the "Get Started" section of [Edge DNS Zone Management API ](https://techdocs.akamai.com/edge-dns/reference/edge-dns-api ),
2021-06-22 22:24:49 +08:00
which says, "To enable this API, choose the API service named DNS—Zone Record Management, and set the access level to READ-WRITE."
2023-01-11 01:15:27 +08:00
Follow directions at [Authenticate With EdgeGrid ](https://www.akamai.com/developer ) to generate
2021-06-22 22:24:49 +08:00
the required credentials.
## Configuration
2022-05-09 02:41:33 +08:00
To use this provider, add an entry to `creds.json` with `TYPE` set to `AKAMAIEDGEDNS` along with the authentication fields.
Example:
2022-02-18 01:22:31 +08:00
2023-03-03 05:17:27 +08:00
{% code title="creds.json" %}
2022-02-18 01:22:31 +08:00
```json
2023-05-22 01:30:30 +08:00
{
"akamaiedgedns": {
2022-05-09 02:41:33 +08:00
"TYPE": "AKAMAIEDGEDNS",
2022-02-18 01:22:31 +08:00
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"host": "akaa-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxx.akamaiapis.net",
"access_token": "akaa-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"client_token": "akaa-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"contract_id": "X-XXXX",
"group_id": "NNNNNN"
2023-05-22 01:30:30 +08:00
}
2022-02-18 01:22:31 +08:00
}
```
2023-03-03 05:17:27 +08:00
{% endcode %}
2021-06-22 22:24:49 +08:00
## Usage
A new zone created by DNSControl:
2023-01-20 20:56:20 +08:00
```shell
2021-06-22 22:24:49 +08:00
dnscontrol create-domains
```
automatically creates SOA and authoritative NS records.
Akamai assigns a unique set of authoritative nameservers for each contract. These authorities should be
used as the NS records on all zones belonging to this contract.
The NS records for these authorities have a TTL of 86400.
Add:
2023-03-11 21:42:01 +08:00
{% code title="dnsconfig.js" %}
2023-01-20 20:56:20 +08:00
```javascript
2021-06-22 22:24:49 +08:00
NAMESERVER_TTL(86400)
```
2023-03-11 21:42:01 +08:00
{% endcode %}
2021-06-22 22:24:49 +08:00
modifier to the dnscontrol.js D() function so that DNSControl does not change the TTL of the authoritative NS records.
2022-05-09 02:41:33 +08:00
Example `dnsconfig.js` :
2022-02-18 01:22:31 +08:00
2023-03-11 21:42:01 +08:00
{% code title="dnsconfig.js" %}
2023-01-20 20:56:20 +08:00
```javascript
2022-05-09 02:41:33 +08:00
var REG_NONE = NewRegistrar("none");
var DSP_AKAMAIEDGEDNS = NewDnsProvider("akamaiedgedns");
2022-02-18 01:22:31 +08:00
2022-05-09 02:41:33 +08:00
D("example.com", REG_NONE, DnsProvider(DSP_AKAMAIEDGEDNS),
2022-02-18 01:22:31 +08:00
NAMESERVER_TTL(86400),
AUTODNSSEC_ON,
AKAMAICDN("@", "www.preconfigured.edgesuite.net", TTL(20)),
2022-05-09 02:41:33 +08:00
A("foo", "1.2.3.4")
2022-02-18 01:22:31 +08:00
);
```
2023-03-11 21:42:01 +08:00
{% endcode %}
2021-06-22 22:24:49 +08:00
2023-01-11 01:15:27 +08:00
AKAMAICDN is a proprietary record type that is used to configure [Zone Apex Mapping ](https://www.akamai.com/blog/security/edge-dns--zone-apex-mapping---dnssec ).
2021-06-22 22:24:49 +08:00
The AKAMAICDN target must be preconfigured in the Akamai network.
