Atomia DNS is a control plane for DNS operations. Harden both the web/API layer and backend authoritative systems.
¶ API and UI Access Controls
- Restrict admin UI/API to management networks.
- Enforce SSO and MFA for privileged users.
- Apply least-privilege RBAC for zone operations.
- Secure zone transfer/update channels with TSIG.
- Separate control plane from authoritative serving nodes.
- Audit write actions to zones and templates.
¶ Database and Secret Protection
- Protect DB credentials in secret management.
- Restrict DB access to application nodes only.
- Enable TLS on database connections where available.