Simple REST API for nsupdate-alike operations
Brief description:
Updating data in DNS zones in an efficient, "standard" developer-friendly way, would be to provide a REST API that provides the basic nsupdate functions (add/change/delete RRs in the DNS zones) over HTTPS with API-Keys for authn/authz on zone basis.
Rationale:
Most quantities of DNS "operations" are simple adds/changes/deletes on zone data. There is little gain in forcing web/app-developers to learn how DNS / nsupdate / DNS libraries for updating zonefiles works. The simplest way forward would be to offer a simple REST API for updating zone data for their projects.
There are REST APIs for DNS ops/zone RR data manipulation available:
- PowerDNS has a fully fledged REST API
- RESTKnot (3rd party project) provide something similar.
On the downside the PowerDNS API lacks Authz (workaround is to put operasoftware/dns-ui in front of PowerDNS), and while RESTknot is small, it has dependencies that are bigger (like kafka), so it becomes overly complex to manage for smaller shops.
So a simpler knot-native REST API would be very nice to have!
In the long run...
If a REST API is created it would be natural to have it do (almost) all the things, not just zone RR updates. So anyone could develop a (new) web-app or integrate existing software for managing the knot DNS services...