We currently use a mixture of AWS and other services for both domain name registration and SSL. We should consolidate these services into AWS so everything can be managed in one place.
This probably looks like:
- Add ALBs in front of the notify tier and terminate SSL there.
- Switch all SSL to AWS.
- Transfer registration to AWS.
Doing the SSL bit first makes sure we don't possibly get into a tricky spot where we need to get an external SSL certificate for an AWS domain. Although this should be something we can reasonably do (i.e., should just require we click a link in an email) it's possible we might not be able to do it as quickly as we'd like ("fax a notarized document on company letterhead") and we avoid this risk by doing SSL first.
These are Phabricator-related domains which we own but which are not currently registered through AWS:
- aphront.com
- javelinjs.com
- phabricator.com
- phabricator.info
- phabricator.net
- phabricator.org
- phacility.com
- phacility.net
- phcdn.net
- phurl.io
- phutil.com
A handful of these (although none of the important ones: aphront.com, javelinjs.com, phutil.com) may also be on third-party DNS.
Transferring phurl.io may be some sort of weird mess since AWS doesn't appear to support .io registration, but maybe there's no issue.
Once this is all done, it would be nice to put a small "parking" tier into production and send all of the unused domains there, then have them redirect web traffic to appropriate destinations.