NS1 is a leading provider of managed DNS services, helping organizations manage and optimize their domain infrastructure at scale. Integrating Chariot with NS1 provides valuable visibility into your DNS infrastructure, enabling you to maintain a comprehensive inventory of your domains, subdomains, and associated IP addresses.
Integration Process
Setting Up the NS1 API Key
Begin by accessing your NS1 dashboard at https://my.nsone.net/. Once logged in, navigate to the "Users & Teams" section in the top navigation bar.
Look for the "API Keys" option on the top banner.
Click "Add Key" to create a new API key.
In the configuration screen, enter "Chariot" as the application name. This helps identify the integration's purpose within your NS1 account.
For security best practices, you'll want to configure the API key with minimal necessary permissions. The integration only requires DNS-related permissions to function properly. Here's how to set up the permissions:
- Under the Access to DNS resources section, locate and enable:
- "View zones"
- "Allow by default"
- Disable all other permissions, including:
- Account admin permissions
- Monitoring permissions
- Data permissions
- Security permissions
- Redirect permissions
In the "Access to DNS Resources" section, you'll see options for managing zone access. The "Allow by default" setting grants access to all zones and records except those explicitly denied. You can optionally configure denied zones if you wish to restrict access to specific zones.
The IP allow list can remain empty unless your organization requires specific IP restrictions.
After configuring these settings, click "Save" to generate the API key. Make sure to copy the API key immediately, as you won't be able to access it again after leaving the page.
Configuring Chariot
With your NS1 API key ready, return to your Chariot dashboard. Navigate to the Integrations page and click the "Add Integration" button in the top right corner.
Look for the NS1 integration option in the list and click "Connect."
A window will appear with a single input field for the API key. Paste your previously copied NS1 API key into this field and submit the form.
How the Integration Works
Once configured, the integration will automatically begin pulling DNS information from your NS1 account. The integration specifically looks for:
- A and AAAA records, collecting IP addresses
- CNAME records, normalizing the domain names
The integration uses NS1's API to list all accessible zones and their associated records. This information is then processed and streamed into Chariot's asset inventory system.
If you find a topic that you would like discussed in detail, or need further assistance, please let us know at support@praetorian.com!