Delegate DNS Zone to Azure
Links​
| Link | Description |
|---|---|
| Host your domain in Azure DNS | You can use Azure DNS to host your DNS domain and manage your DNS records. By hosting your domains in Azure, you can manage your DNS records using the same credentials, APIs, tools, and billing as your other Azure services. |
| Delegation of DNS zones with Azure DNS | Azure DNS allows you to host a DNS domain and manage the DNS zone records. To host your domain in Azure, the zone must be created in Azure and delegated to Azure's authoritative DNS servers with a domain registrar. Azure DNS isn't the domain registrar. This article explains how domain delegation works and how to delegate domains to Azure DNS. |
Overview​
To host your domain in Azure:
- Create the DNS zone.
- Create resource records in the DNS zone.
- Retrieve the list of Azure nameservers for your DNS zone.
- Delegate the domain to Azure's nameservers at your registrar.
Pre-requisites​
- An Azure account with an active subscription.
- A domain name that you can host in Azure DNS. You must have full control of this domain. Full control includes the ability to set the name server (NS) records for the domain.
Create the DNS Zone​
Create a DNS zone using the Portal or Infrastructure as Code.
param resourceGroupName string = 'rg-dnszone-test'
param location string = deployment().location
param dnsZoneName string = 'digital-reflections.com'
module resourceGroup 'br/public:avm/res/resources/resource-group:0.4.0' = {
name: '${uniqueString(deployment().name, location)}-resourceGroup'
params: {
name: resourceGroupName
}
}
module dnsZone 'br/public:avm/res/network/dns-zone:0.5.0' = {
scope: az.resourceGroup(resourceGroupName)
name: '${uniqueString(deployment().name, location)}-dnsZone'
params: {
name: dnsZoneObject.name
}
dependsOn: [
resourceGroup
]
}
output dnsNameServerArray array = dnsZone.outputs.nameServers
To deploy: -
New-AzDeployment `
-TemplateFile ~\deploy.bicep `
-Location australiaeast `
-Verbose
Retrieve Name Servers​
The output from the bicep file will show you the name servers. You can also retrieve this information from the portal or with a powershell command.
Grab the name server details and update your registrar with the details.
Verify the delegation​
After you complete the delegation, you can verify that it's working by using a tool such as nslookup to query the Start of Authority (SOA) record for your zone.
nslookup -type=SOA digital-reflections.com
If you are planning to use CloudFlare as DNS Registrar and then delegate the top level domain to Azure, you won't be able to do that as they don't allow that. You can transfer the domain to Azure but they don't allow that until 60 days after it was created. You will need to create a sub-domain and then delegate that to Azure. Eg. docs.digital-reflections.com.