Before registering the Azure DNS service in your system, you need to prepare an Azure account with the following specifications:
-
The account has a tenant with a subscription.
-
A resource group is created for that tenant's subscription.
-
An application with a client secret is created for that tenant.
-
A role assignment is created and includes the application, the resource group, and the DNS Zone Contributor role.
To create a resource group for the subscription, use the instructions in this article. When creating this resource group, you must perform the following actions:
-
Specify the subscription in the Subscription field.
-
Write down the subscription ID and the name of the resource group.
To create an application with a client secret for the tenant, use the instructions in this article. When creating this application, you must perform the following actions:
-
Set the Who can use this application or access this API? option to Accounts in this organizational directory only (... - Single tenant).
-
Write down the tenant ID, the application ID, and the value of the client secret.
To create a role assignment for the application and the resource group, use the instructions in this article. When creating this role assignment, perform these actions:
-
Specify the DNS Zone Contributor role in the Role field.
-
Specify User, group, or service principal in the Assign access to field.
-
Specify the name of the application in the Select field.