Modern hosts offer REST or similar APIs for creating servers, networks, and DNS. Combine with Terraform, Ansible, or scripts for repeatable deployments. API keys must be stored securely and rotated.
What provider APIs offer
- Servers: Create, resize, delete VMs or dedicated servers. Set metadata, SSH keys, and user data (cloud-init).
- Networking: Create VLANs, private networks, firewalls, and floating IPs. Attach volumes.
- DNS: Create and update zones and records. Useful for automation and failover.
- Other: Backups, snapshots, load balancers—depends on the provider. Check their API docs.
Infrastructure as code
- Terraform: Define resources (servers, networks, DNS) in HCL. Plan and apply changes. Good for multi-provider and stateful resource lifecycle.
- Ansible: Config management and orchestration. Good for post-provision config (packages, users, app deploy). Often used with Terraform (Terraform creates, Ansible configures).
- Scripts: Bash, Python, or other scripts calling the provider API for one-off or custom workflows. Less structure but flexible.
API key security
- Store securely: Use a secrets manager (Vault, cloud secret store) or env vars that are not committed to git. Never hardcode in source.
- Rotate: Rotate API keys periodically and when someone leaves or if exposure is suspected. Update automation and CI/CD to use new keys.
- Least privilege: Create API keys with minimal scope (e.g. only create servers, not delete). Use separate keys per environment if possible.
Summary
Use provider APIs for servers, network, and DNS. Combine with Terraform or Ansible for repeatable infra. Store and rotate API keys securely; use least privilege.
