| title | Manage DNS zones in Azure DNS - Azure CLI | Microsoft Docs |
|---|---|
| description | You can manage DNS zones using Azure CLI. This article shows how to update, delete, and create DNS zones on Azure DNS. |
| services | dns |
| author | asudbring |
| ms.service | azure-dns |
| ms.devlang | azurecli |
| ms.topic | how-to |
| ms.date | 11/30/2023 |
| ms.author | allensu |
| ms.custom | devx-track-azurecli |
[!div class="op_single_selector"]
This article shows you how to manage your DNS zones by using the cross-platform Azure CLI. Azure CLI is available for Windows, Mac, and Linux. You can also manage your DNS zones using Azure PowerShell or the Azure portal.
This guide specifically deals with Public DNS zones. For information on using Azure CLI to manage Private Zones in Azure DNS, see Get started with Azure DNS Private Zones using Azure CLI.
[!INCLUDE dns-create-zone-about]
Verify that you have the following items before beginning your configuration.
-
An Azure subscription. If you don't already have an Azure subscription, you can activate your MSDN subscriber benefits or sign up for a free account.
-
Install the latest version of the Azure CLI, available for Windows, Linux, or MAC. More information is available at Install the Azure CLI.
Open a console window and authenticate with your credentials. For more information, see Sign in to Azure from the Azure CLI
az login
Check the subscriptions for the account.
az account list
Choose which of your Azure subscriptions to use.
az account set --subscription "subscription name"
The Azure DNS Private Zone feature is available via an extension to the Azure CLI. Install the “dns” Azure CLI extension
az extension add --name dns
Azure Resource Manager requires resource groups to have a specified location. This location is used as the default location for all resources in that resource group. Since all DNS resources are global, the choice of resource group location has no effect on Azure DNS.
You can skip this step if you're using an existing resource group.
az group create --name myresourcegroup --location "West US"
All Azure CLI commands relating to Azure DNS start with az network dns. Help is available for each command using the --help option (short form -h). For example:
az network dns --help
az network dns zone --help
az network dns zone create --help
A DNS zone is created using the az network dns zone create command. For help, see az network dns zone create -h.
The following example creates a DNS zone called contoso.com in the resource group called MyResourceGroup:
az network dns zone create --resource-group MyResourceGroup --name contoso.com
The following example shows how to create a DNS zone with two Azure Resource Manager tags, project = demo and env = test, by using the --tags parameter (short form -t):
az network dns zone create --resource-group MyResourceGroup --name contoso.com --tags "project=demo" "env=test"
To retrieve a DNS zone, use az network dns zone show. For help, see az network dns zone show --help.
The following example returns the DNS zone contoso.com and its associated data from resource group MyResourceGroup.
az network dns zone show --resource-group myresourcegroup --name contoso.com
The following example is the response.
{
"etag": "00000002-0000-0000-3d4d-64aa3689d201",
"id": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/myresourcegroup/providers/Microsoft.Network/dnszones/contoso.com",
"location": "global",
"maxNumberOfRecordSets": 5000,
"name": "contoso.com",
"nameServers": [
"ns1-04.azure-dns.com.",
"ns2-04.azure-dns.net.",
"ns3-04.azure-dns.org.",
"ns4-04.azure-dns.info."
],
"numberOfRecordSets": 4,
"resourceGroup": "myresourcegroup",
"tags": {},
"type": "Microsoft.Network/dnszones"
}To list DNS records, use az network dns record-set list.
To enumerate DNS zones, use az network dns zone list. For help, see az network dns zone list --help.
Specifying the resource group lists only those zones within the resource group:
az network dns zone list --resource-group MyResourceGroup
Omitting the resource group lists all zones in the subscription:
az network dns zone list
Changes to a DNS zone resource can be made using az network dns zone update. For help, see az network dns zone update --help.
This command doesn't update any of the DNS record sets within the zone (see How to Manage DNS records). It's only used to update properties of the zone resource itself. These properties are currently limited to the Azure Resource Manager 'tags' for the zone resource.
The following example shows how to update the tags on a DNS zone. The existing tags are replaced by the value specified.
az network dns zone update --resource-group myresourcegroup --name contoso.com --set tags.team=support
DNS zones can be deleted using az network dns zone delete. For help, see az network dns zone delete --help.
Note
Deleting a DNS zone also deletes all DNS records within the zone. This operation cannot be undone. If the DNS zone is in use, services using the zone will fail when the zone is deleted.
To protect against accidental zone deletion, see How to protect DNS zones and records.
This command prompts for confirmation. The optional --yes switch suppresses this prompt.
The following example shows how to delete the zone contoso.com from resource group MyResourceGroup.
az network dns zone delete --resource-group myresourcegroup --name contoso.com
Learn how to manage record sets and records in your DNS zone.
Learn how to delegate your domain to Azure DNS.