diff --git a/internal/services/cdn/cdn_frontdoor_custom_domain_data_source.go b/internal/services/cdn/cdn_frontdoor_custom_domain_data_source.go
new file mode 100644
index 000000000000..112d61bae60e
--- /dev/null
+++ b/internal/services/cdn/cdn_frontdoor_custom_domain_data_source.go
@@ -0,0 +1,141 @@
+package cdn
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/services/cdn/parse"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/services/cdn/validate"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
+	"github.com/hashicorp/terraform-provider-azurerm/utils"
+)
+
+func dataSourceCdnFrontDoorCustomDomain() *pluginsdk.Resource {
+	return &pluginsdk.Resource{
+		Read: dataSourceCdnFrontDoorCustomDomainRead,
+
+		Timeouts: &pluginsdk.ResourceTimeout{
+			Read: pluginsdk.DefaultTimeout(5 * time.Minute),
+		},
+
+		Schema: map[string]*pluginsdk.Schema{
+			"name": {
+				Type:         pluginsdk.TypeString,
+				Required:     true,
+				ValidateFunc: validate.FrontDoorCustomDomainName,
+			},
+
+			"profile_name": {
+				Type:         pluginsdk.TypeString,
+				Required:     true,
+				ValidateFunc: validate.FrontDoorName,
+			},
+
+			"resource_group_name": commonschema.ResourceGroupNameForDataSource(),
+
+			"cdn_frontdoor_profile_id": {
+				Type:     pluginsdk.TypeString,
+				Computed: true,
+			},
+
+			"dns_zone_id": {
+				Type:     pluginsdk.TypeString,
+				Computed: true,
+			},
+
+			"host_name": {
+				Type:     pluginsdk.TypeString,
+				Computed: true,
+			},
+
+			"tls": {
+				Type:     pluginsdk.TypeList,
+				Computed: true,
+
+				Elem: &pluginsdk.Resource{
+					Schema: map[string]*pluginsdk.Schema{
+
+						"certificate_type": {
+							Type:     pluginsdk.TypeString,
+							Computed: true,
+						},
+
+						"minimum_tls_version": {
+							Type:     pluginsdk.TypeString,
+							Computed: true,
+						},
+
+						"cdn_frontdoor_secret_id": {
+							Type:     pluginsdk.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+
+			"expiration_date": {
+				Type:     pluginsdk.TypeString,
+				Computed: true,
+			},
+
+			"validation_token": {
+				Type:     pluginsdk.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceCdnFrontDoorCustomDomainRead(d *pluginsdk.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Cdn.FrontDoorCustomDomainsClient
+	subscriptionId := meta.(*clients.Client).Account.SubscriptionId
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id := parse.NewFrontDoorCustomDomainID(subscriptionId, d.Get("resource_group_name").(string), d.Get("profile_name").(string), d.Get("name").(string))
+	resp, err := client.Get(ctx, id.ResourceGroup, id.ProfileName, id.CustomDomainName)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			return fmt.Errorf("%s was not found", id)
+		}
+		return fmt.Errorf("retrieving %s: %+v", id, err)
+	}
+
+	d.SetId(id.ID())
+	d.Set("name", id.CustomDomainName)
+	d.Set("resource_group_name", id.ResourceGroup)
+	d.Set("profile_name", id.ProfileName)
+	d.Set("cdn_frontdoor_profile_id", parse.NewFrontDoorProfileID(id.SubscriptionId, id.ResourceGroup, id.ProfileName).ID())
+
+	if props := resp.AFDDomainProperties; props != nil {
+		d.Set("host_name", props.HostName)
+
+		dnsZoneId, err := flattenDNSZoneResourceReference(props.AzureDNSZone)
+		if err != nil {
+			return fmt.Errorf("flattening `dns_zone_id`: %+v", err)
+		}
+
+		if err := d.Set("dns_zone_id", dnsZoneId); err != nil {
+			return fmt.Errorf("setting `dns_zone_id`: %+v", err)
+		}
+
+		tls, err := flattenCustomDomainAFDDomainHttpsParameters(props.TLSSettings)
+		if err != nil {
+			return fmt.Errorf("flattening `tls`: %+v", err)
+		}
+
+		if err := d.Set("tls", tls); err != nil {
+			return fmt.Errorf("setting `tls`: %+v", err)
+		}
+
+		if validationProps := props.ValidationProperties; validationProps != nil {
+			d.Set("expiration_date", validationProps.ExpirationDate)
+			d.Set("validation_token", validationProps.ValidationToken)
+		}
+	}
+
+	return nil
+}
diff --git a/internal/services/cdn/cdn_frontdoor_custom_domain_data_source_test.go b/internal/services/cdn/cdn_frontdoor_custom_domain_data_source_test.go
new file mode 100644
index 000000000000..383edbf0db87
--- /dev/null
+++ b/internal/services/cdn/cdn_frontdoor_custom_domain_data_source_test.go
@@ -0,0 +1,44 @@
+package cdn_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check"
+)
+
+type CdnFrontDoorCustomDomainDataSource struct{}
+
+func TestAccCdnFrontDoorCustomDomainDataSource_basic(t *testing.T) {
+	data := acceptance.BuildTestData(t, "data.azurerm_cdn_frontdoor_custom_domain", "test")
+	d := CdnFrontDoorCustomDomainDataSource{}
+
+	data.DataSourceTest(t, []acceptance.TestStep{
+		{
+			Config: d.basic(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).Key("dns_zone_id").Exists(),
+				check.That(data.ResourceName).Key("host_name").Exists(),
+				check.That(data.ResourceName).Key("cdn_frontdoor_profile_id").Exists(),
+				check.That(data.ResourceName).Key("tls.0.cdn_frontdoor_secret_id").IsEmpty(),
+				check.That(data.ResourceName).Key("tls.0.certificate_type").Exists(),
+				check.That(data.ResourceName).Key("tls.0.minimum_tls_version").Exists(),
+				check.That(data.ResourceName).Key("expiration_date").Exists(),
+				check.That(data.ResourceName).Key("validation_token").Exists(),
+			),
+		},
+	})
+}
+
+func (CdnFrontDoorCustomDomainDataSource) basic(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+data "azurerm_cdn_frontdoor_custom_domain" "test" {
+  name                = azurerm_cdn_frontdoor_custom_domain.test.name
+  profile_name        = azurerm_cdn_frontdoor_profile.test.name
+  resource_group_name = azurerm_cdn_frontdoor_profile.test.resource_group_name
+}
+`, CdnFrontDoorCustomDomainResource{}.complete(data))
+}
diff --git a/internal/services/cdn/registration.go b/internal/services/cdn/registration.go
index c7dba37cb33f..1f5523c65625 100644
--- a/internal/services/cdn/registration.go
+++ b/internal/services/cdn/registration.go
@@ -32,6 +32,7 @@ func (r Registration) SupportedDataSources() map[string]*pluginsdk.Resource {
 		"azurerm_cdn_profile": dataSourceCdnProfile(),
 
 		// FrontDoor
+		"azurerm_cdn_frontdoor_custom_domain":   dataSourceCdnFrontDoorCustomDomain(),
 		"azurerm_cdn_frontdoor_endpoint":        dataSourceCdnFrontDoorEndpoint(),
 		"azurerm_cdn_frontdoor_firewall_policy": dataSourceCdnFrontDoorFirewallPolicy(),
 		"azurerm_cdn_frontdoor_origin_group":    dataSourceCdnFrontDoorOriginGroup(),
diff --git a/website/docs/d/cdn_frontdoor_custom_domain.html.markdown b/website/docs/d/cdn_frontdoor_custom_domain.html.markdown
new file mode 100644
index 000000000000..bc78b19da9eb
--- /dev/null
+++ b/website/docs/d/cdn_frontdoor_custom_domain.html.markdown
@@ -0,0 +1,65 @@
+---
+subcategory: "CDN"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_cdn_frontdoor_custom_domain"
+description: |-
+  Gets information about an existing Front Door (standard/premium) Custom Domain.
+---
+
+# Data Source: azurerm_cdn_frontdoor_custom_domain
+
+Use this data source to access information about an existing Front Door (standard/premium) Custom Domain.
+
+## Example Usage
+
+```hcl
+data "azurerm_cdn_frontdoor_custom_domain" "example" {
+  name                = azurerm_cdn_frontdoor_custom_domain.example.name
+  profile_name        = azurerm_cdn_frontdoor_profile.example.name
+  resource_group_name = azurerm_cdn_frontdoor_profile.example.resource_group_name
+}
+```
+
+## Arguments Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The name of the Front Door Custom Domain.
+
+* `profile_name` - (Required) The name of the Front Door Profile which the Front Door Custom Domain is bound to.
+
+* `resource_group_name` - (Required) The name of the Resource Group where the Front Door Profile exists.
+
+## Attributes Reference
+
+In addition to the Arguments listed above - the following Attributes are exported:
+
+* `id` - The ID of the Front Door Custom Domain.
+
+* `cdn_frontdoor_profile_id` - The ID of the Front Door Profile which the Front Door Custom Domain is bound to.
+
+* `expiration_date` - The date time that the token expires.
+
+* `host_name` - The host name of the domain.
+
+* `tls` - A `tls` block as defined below.
+
+* `validation_token` - The challenge used for DNS TXT record or file based validation.
+
+---
+
+A `tls` block exports the following:
+
+* `cdn_frontdoor_secret_id` - The Resource ID of the Front Door Secret.
+
+* `certificate_type` - The SSL certificate type.
+
+* `minimum_tls_version` - The TLS protocol version that will be used for Https connections.
+
+---
+
+## Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+* `read` - (Defaults to 5 minutes) Used when retrieving the Front Door Custom Domain.