-
Notifications
You must be signed in to change notification settings - Fork 110
Providers
Denominator providers represent backends that are typically, but not necessarily DNS cloud services. Denominator bundles in a mock provider that is in-memory, as well includes providers for dynect, route53, and ultradns cloud services.
The following chart compares known features relevant to Denominator by several cloud providers, not all of which are currently supported.
| Category | AWS Route53 | Neustar UltraDNS | DynECT | EasyDNS | DNSMadeEasy | Rackspace Cloud DNS |
|---|---|---|---|---|---|---|
| Api Type | REST | SOAP | REST | REST | REST | REST |
| Api Endpoints | global | global | global | global | global | US UK |
| POPs | 33 | unpublished | 17 | 25 | 20 | 5 |
| Anycast | Yes | Yes | Yes | Yes | Yes | Yes |
| IPv6 | AAAA PTR | AAAA, PTR | Yes | Yes | NS Address, AAAA | AAAA PTR |
| Pricing | Fee | Fee | Fee | Fee | Fee | Free |
| Zone scope | account | global | global | global |
The Route 53 api is a REST api, where most variables are encoded as path or query parameters.
Standard authentication involves a secure hash (signature) of the timestamp of the request (string to sign). This signature is encoded with the amazon access key in the X-Amzn-Authorization header. As the string to sign includes no unique parameters besides date, any leak of this header can allow arbitrary commands to be executed within the 5-minute skew of the Route53 service.
Version of Route53 commands are specified via a date, currently 2012-02-29. The date of the version is a required parameter in the http request. Amazon maintains release notes as well version specific documentation at http://docs.aws.amazon.com/Route53/VERSION/APIReference (latest can be substituted VERSION).
The DynECT api is an RPC api where kwargs can be represented in XML, json, yaml, and html.
Authentication of 3-part user credentials results in a session, which must be deleted after use. These three parts are sent in a POST payload, and include customer_name, user_name, and password. The response includes the Auth-Token, which is sent in a header for all future requests. Loss of the Auth-Token header will allow arbitrary commands to be executed until the session object is deleted.
DynECT maintain semantic versions of their API, currently at 3.3.8. They suggest locking in via the optional API-Version header, as otherwise calls default to latest. DynECT does not publish a change log.
UltraDNS has a SOAP API defined in documentation and WSDL. Neustar publishes CXF bindings to their SOAP api on github. They are also considering a REST API for launch in Q3 2013.
UltraDNS authentication is via wsse user/password parameters passed in the SOAP header. Note that accounts that use the api need at least Technical permission level in order to use the SOAP api. For example, Reporting access is not enough.
There is only a single WSDL file marked as version 1. That said, change log implies API updates occur.