Recently two companies have suffed problems due to compromised AWS credentials:
- Code Spaces
- The company has effectively folded. Thier AWS account was compromised, and all their data and backups were deleted.
- Within two minutes all their instances were terminated.
- This is still live - watch updates of the recovery process.
I'm just about to commit to using Amazon for hosting DNS for paying customers, so this is the kind of thing that makes me paranoid.
I'll be storing DNS-data in Git, and if the zones were nuked on the Amazon-side I could re-upload them, but users would be dead regardless - because they'd need to update the nameservers in whois before the re-uploaded data would be useful.
I suspect I need to upload to two DNS providers, to get more redundency.
Currently I have a working system which allows me to push DNS records to a Git repository, and that seamlessly triggers a DNS update (i.e. A webhook trigged by github/bitbucket/whatever).
Before I publish anything I need to write more code, more documentation, and agree on pricing details. Then I'll setup a landing-page at http://dns-api.com/.
I've been challenged to find paying customers before launching, and thus far have two, which is positive.
The DHCP.io site has now been freed. I'm no longer going to try to commercialize it, instead I will only offer the Git-based product as a commercial service. On that basis I upped the service so users could manage up to five names per account, more if you mail me privately and beg ;)
(ObRandom: Google does hosted DNS with an API. They're expensive. I'm surprised I'd not heard of them doing this.)