How to create an Azure Private DNS Zone
I recently published an article on how to connect VNets using VNet peering; today, I want to show you how to create Azure private DNS zones. These DNS zones can be shared between virtual networks and simplify cross-network and service-discovery scenarios, such as VNet peering.
Prerequisites #
- This tutorial assumes that you already have a Microsoft Azure account configured.
- You already have a virtual network created and properly configured. If you want to know how to create a virtual network in Azure, see this link.
Azure PowerShell Workaround #
If you want to know how to install the PowerShell Azure module on your machine, check out this link. The simplest way to get started is to sign in interactively at the command line.
Connect-AzAccount
This cmdlet will bring up a dialog box prompting you for your email address and password associated with your Azure account. If you have more than one subscription associated with your mail account, you can choose the default subscription. To perform this task, we will use the following commands:
Get-AzSubscription
Select-AzSubscription -Subscription "My Subscription"
Once you set your default subscription, you’re ready to start.
Set the variables #
Here, we define the characteristics of our environment and the resource’s properties, such as the new name of our private DNS zone.
$resourceGroupName = "RG-DEMO-NE"
$priveZoneName = "private.jorgebernhardt.local"
Create an Azure private DNS zone #
To create a new private Domain Name System (DNS) in the specified resource group, use the New-AzPrivateDnsZone cmdlet with the following syntax.
New-AzPrivateDnsZone `
-Name $priveZoneName `
-ResourceGroupName $resourceGroupName
Link the DNS zone to the virtual network #
With the following commands, search and store the virtual network in the $vNet variable that we want to link to the DNS zone.
Get-AzVirtualNetwork `
| select-object Name
$vNet = Get-AzVirtualNetwork `
-Name DEMO-VNET `
-ResourceGroupName $resourceGroupName
Use the New-AzPrivateDnsVirtualNetworkLink with the following syntax to link the private DNS zone to the Azure virtual network. You must specify a unique link name for the -Name parameter.
New-AzPrivateDnsVirtualNetworkLink `
-Name 'DNSLink' `
-zoneName $priveZoneName `
-ResourceGroupName $resourceGroupName `
-virtualnetworkid $vNet.Id `
-enableregistration
Use the -enableregistration parameter if you want to enable the automatic hostname registration. To verify that the link has been established correctly, use the Get-AzPrivateDnsVirtualNetworkLink with the following syntax.
Get-AzPrivateDnsVirtualNetworkLink `
-ResourceGroupName $resourceGroupName `
-ZoneName $priveZoneName
Azure CLI Workaround #
In this case, we will use Azure Cloud Shell, a browser-based shell built into Azure Portal. This allows us to use the Azure command-line tools (Azure CLI and Azure PowerShell) directly from a browser. If you want to know more about Azure Cloud Shell, check out this link. First, declare the variables of the resource group and define the name of your private DNS zone that will be created in the following steps.
resourceGroupName="RG-DEMO-NE"
priveZoneName="private.jorgebernhardt.local"
Create an Azure private DNS zone #
To create a new private Domain Name System (DNS) in the specified resource group, use the following command.
az network private-dns zone create \
-n $privateZoneName \
-g $resourceGroupName
Link the DNS zone to the virtual network #
With the following commands, search and store in the vNet variable the virtual network that we want to link to the DNS zone.
az network vnet list \
-o table
vNet=$(az network vnet list --query [0].name -o tsv)
Use the following command to link the private DNS zone to the Azure virtual network. You must specify a unique link name for the -n parameter.
az network private-dns link vnet create \
-n DNSLink \
-g $resourceGroupName \
-z $privateZoneName \
-v $vnet \
-e true
Use the -e parameter if you want to enable the automatic hostname registration. To verify that the link has been established correctly, use the following command.
az network private-dns zone list
In the next post, I will explain how to create and manage DNS records in your Azure private DNS zone. You can learn more about Azure Private DNS zone here: https://docs.microsoft.com/en-us/azure/dns/private-dns-overview