Cloud Computing

Configure a DNS Zone Using Azure DNS


In today’s Ask the Admin, I’ll show you how to configure a DNS Zone using Azure DNS, and how to add records to the zone.

In Microsoft Azure: A First Look at Azure DNS on the Petri IT Knowledgebase, I introduced you to Microsoft’s new Azure DNS service, and how it gives you the ability to use Microsoft’s DNS infrastructure for name resolution of your domain’s zones. For example, you might have an application, such as, for which you need to set up and manage DNS records, so it can be reached internally or from the public Internet. Azure DNS doesn’t allow you to purchase domain names from Microsoft, but it does enable you to utilize their infrastructure for fast and reliable DNS.


Sponsored Content

What is “Inside Microsoft Teams”?

“Inside Microsoft Teams” is a webcast series, now in Season 4 for IT pros hosted by Microsoft Product Manager, Stephen Rose. Stephen & his guests comprised of customers, partners, and real-world experts share best practices of planning, deploying, adopting, managing, and securing Teams. You can watch any episode at your convenience, find resources, blogs, reviews of accessories certified for Teams, bonus clips, and information regarding upcoming live broadcasts. Our next episode, “Polaris Inc., and Microsoft Teams- Reinventing how we work and play” will be airing on Oct. 28th from 10-11am PST.


Set Up an Azure DNS Zone

Azure DNS can be configured using the management portal or PowerShell, but in this article, I’m going to use PowerShell because it also allows for testing. If you’ve never used PowerShell to configure Azure, you’ll need to download Microsoft Azure PowerShell using the Web Platform Installer.

  • Log in to Windows 10.
  • Open a PowerShell window by typing powershell in the search box on the taskbar and selecting Windows PowerShell from the list of results.
  • Log in to Azure using the Login-AzureRmAccount cmdlet, and enter your Azure tenant credentials when prompted. If you have more than one Azure subscription associated with your Microsoft account, you’ll need to select it using the Set-AzureSubscription cmdlet. In the example below, I used Get-AzureRmSubscription to list the available subscriptions, and then set Pay-As-You-Go as the subscription to use.


Subscription –SubscriptionName Pay-As-You-Go

Azure DNS zones must be associated with a Resource Group (RG). So, let’s create a new RG for the zone:
New-AzureRmResourceGroup -Name DNSZoneResourceGroup -Location 'West US'

Create a new Azure DNS zone (Image Credit: Russell Smith)
Create a new Azure DNS zone (Image Credit: Russell Smith)

RGs must be linked to a region, in the example above ‘West US’, but Azure DNS zones are global, so the location setting of the RG has no bearing on the resulting DNS zone. Before creating a zone, you must register the Microsoft.Network resource provider for your subscription. This is a one-time only operation and doesn’t need to be repeated when creating additional zones.

Register-AzureRmResourceProvider -ProviderNamespace Microsoft.Network

I’m going to create a zone called for internal Azure use only. There will be no name resolution from the public Internet because I don’t own the domain name. To create the new zone, use the New-AzureRmDnsZone, as shown below:
New-AzureRmDnsZone -Name -ResourceGroupName DNSZoneResourceGroup

To check that the zone was created properly and find out the host names of the Azure name servers, use the Get-AzureRmDnsRecordSet cmdlet:
Get-AzureRmDnsRecordSet -ZoneName -ResourceGroupName DNSZoneResourceGroup

Let’s try to resolve the new DNS zone name using the Resolve-DnsName cmdlet. You can use any of the name servers for the zone as returned in the output of the Get-AzureRmDnsRecordSet cmdlet above:
Resolve-DnsName -Name -Server

Finally, lets add an A record to the zone using the New-AzureRmDnsRecordSet, Add-AzureRmDnsRecordConfig, and Set-AzureRmDnsRecordSet cmdlets. I start by using the New-AzureRmDnsRecordSet cmdlet to create an A record called WWW, with a Time-to-Live (TTL) value of 60 seconds. Then I add two IP addresses with Add-AzureRmDnsRecordConfig, and finally commit the changes using Set-AzureRmDnsRecordSet.
$rs = New-AzureRmDnsRecordSet -Name www -RecordType A -ZoneName -ResourceGroupName DNSZoneResourceGroup -Ttl 60

Add-AzureRmDnsRecordConfig -RecordSet $rs -Ipv4Address 
Add-AzureRmDnsRecordConfig -RecordSet $rs -Ipv4Address

Set-AzureRmDnsRecordSet -RecordSet $rs

Let’s run Get-AzureRmDnsRecordSet again to check the changes have been committed:
Get-AzureRmDnsRecordSet -ZoneName -ResourceGroupName DNSZoneResourceGroup

List the DNS zone details using Get-AzureRmDnsRecordSet (Image Credit: Russell Smith)
List the DNS zone details using Get-AzureRmDnsRecordSet (Image Credit: Russell Smith)

In this article, I showed you how to set up a DNS zone in Azure DNS and add records.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: