Feature Request: Separate Domain Verification Resource/Action #2235
Description
Feature Request: Separate Domain Verification Resource/Action
Current Behavior
Domain verification currently requires updating the oneuptime_domain resource's is_verified attribute:
- Create domain with
is_verified = false→ generatesdomain_verification_text - Create DNS TXT record with verification text
- Update domain with
is_verified = true→ triggers verification
This requires a two-step Terraform apply process and feels unnatural in infrastructure-as-code workflows.
Proposed Solution
Add one of the following approaches:
Option 1: Separate verification resource
resource "oneuptime_domain" "example" {
project_id = "..."
domain = "status.example.com"
}
resource "oneuptime_domain_verification" "example" {
domain_id = oneuptime_domain.example.id
depends_on = [aws_route53_record.verification_txt]
}Option 2: Verification action via provider function
resource "oneuptime_domain" "example" {
project_id = "..."
domain = "status.example.com"
}
resource "terraform_data" "verify_domain" {
input = oneuptime_domain.example.domain_verification_text
provisioner "local-exec" {
command = "oneuptime domain verify ${oneuptime_domain.example.id}"
}
depends_on = [aws_route53_record.verification_txt]
}Option 3: Auto-verify on refresh
Make verification happen automatically when the provider detects DNS TXT record exists during refresh, eliminating the need for manual trigger.
Benefits
- More intuitive Terraform workflow
- Single apply after DNS record creation
- Clearer separation of concerns (creation vs verification)
- Better aligns with Terraform best practices
Current Workaround
Users must toggle is_verified from false to true in a second apply after DNS propagation.