The SNS@ISC Bulk API is a scriptable interface allowing customer to access their SNS@ISC information programmatically. Currently it is possible to manage the list of zones for an account, and to retrieve audit log records concerning an account's zones. Other features will be added based on customer requests.
The interface is designed to be as simple as possible, with all information sent in text format. There are no REST, no XML, and no cookies. HTTP Basic Authentication is used and SSL (HTTPS) is used for privacy. Based on the assumption that enterprises and ISC back-end DNS management utility will run CURL from script, the API was tested by examining whether the CURL command can access the API from a UNIX command line using UNIX format text files for input and output. For more information regarding testing, visit http://curl.haxx.se/
Given that HTTP Basic Authentication relies on a login and password being present in clear text on the initiating side, it is recommended that customers who use the SNS@ISC Bulk API request a separate login for scripting use, which can be disabled or its password changed according to a different security policy than that governing users.
curl -ksS -u login:password 'https://sns.isc.org/site/bulkapi/getzones.html?account=account'
This will produce a list of an account's zones, one per line, where an end-of-line indication is an ASCII NL (0x0A) (also known as
\n to C and Perl programmers). It uses an HTTPS GET command, HTTP Basic Authentication, and passes a URI parameter called
account whose value is the short name of the customer account whose list of zones you're asking to see. The MIME type will be
text/plain. All possible error conditions are signalled in the form of
HTTP Error 403. CURL will convert this to your local end-of-line indication if you use the example form shown above.
curl -ksS -u login:password 'https://sns.isc.org/site/bulkapi/putzones.html?account=account' -F file=@-
This accepts an input list of an account's zones, one per line, and produces as output a report of how many zones were added or deleted to install this list. The content should be URL-encoded and the end-of-line indicator is an ASCII NL (0x0A) (also known as
\n to C and Perl programmers). It uses an HTTPS POST command, HTTP Basic Authentitcation, and passes a URI parameter called
account whose value is the short name of the customer account whose list of zones you wish to replace. The POST command's payload is of the form
file=content. CURL does all the necessary encoding for you if you use the example command form shown.
The list you upload as the complete canonical list, replacing *all* the zones currently active on your SNS@ISC account.
curl -ksS -u login:password 'https://sns.isc.org/site/bulkapi/getlogs.html?account=account&days=days'
This returns the set of audit log records pertaining to any zone in the specified
account for a period of
days. The default period is 1 day, and fractional periods are allowed (0.1 days, for example, would be 2.4 hours). The output format is simply one log record per line, where an end-of-line indication is an ASCII NL (0x0A) which CURL will convert to your local end-of-line indicator if you use the example form shown above. It is expected that I.T. departments will schedule a GETLOGS operation via the UNIX cron utility to retrieve and analyze logs once per day.
For comments, please send an email to email@example.com