deblan-mirror/lego
1
0
Fork 0
mirror of https://github.com/go-acme/lego synced 2024-06-02 18:22:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
lego/dns/azuredns/index.html
github-actions[bot] f94583868b Deploy to GitHub pages
2024-05-07 18:56:44 +00:00

5828 lines
100 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en" class="js csstransforms3d">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="generator" content="Hugo 0.117.0">
<meta name="description" content="">
<meta name="author" content="Lego Team">
<link rel="icon" href="/lego/images/favicon.png" type="image/png">
<title>Azure DNS :: Lets Encrypt client and ACME library written in Go.</title>
<link href="/lego/css/nucleus.css?1715108203" rel="stylesheet">
<link href="/lego/css/fontawesome-all.min.css?1715108203" rel="stylesheet">
<link href="/lego/css/hybrid.css?1715108203" rel="stylesheet">
<link href="/lego/css/featherlight.min.css?1715108203" rel="stylesheet">
<link href="/lego/css/perfect-scrollbar.min.css?1715108203" rel="stylesheet">
<link href="/lego/css/auto-complete.css?1715108203" rel="stylesheet">
<link href="/lego/css/atom-one-dark-reasonable.css?1715108203" rel="stylesheet">
<link href="/lego/css/theme.css?1715108203" rel="stylesheet">
<link href="/lego/css/tabs.css?1715108203" rel="stylesheet">
<link href="/lego/css/hugo-theme.css?1715108203" rel="stylesheet">
<link href="/lego/css/theme-blue.css?1715108203" rel="stylesheet">
<link href="/lego/css/theme-custom.css?1715108203" rel="stylesheet">
<script src="/lego/js/jquery-3.3.1.min.js?1715108203"></script>
<style>
:root #header + #content > #left > #rlblock_left{
display:none !important;
}
</style>
</head>
<body class="" data-url="/lego/dns/azuredns/">
<nav id="sidebar" class="showVisitedLinks">
<div id="header-wrapper">
<div id="header">
<a id="logo" href="/lego"><img src="/lego/images/lego-logo-white.min.svg" alt="lego logo"></a>
</div>
<div class="searchbox">
<label for="search-by"><i class="fas fa-search"></i></label>
<input data-search-input id="search-by" type="search" placeholder="Search...">
<span data-search-clear=""><i class="fas fa-times"></i></span>
</div>
<script type="text/javascript" src="/lego/js/lunr.min.js?1715108203"></script>
<script type="text/javascript" src="/lego/js/auto-complete.js?1715108203"></script>
<script type="text/javascript">
var baseurl = "https:\/\/go-acme.github.io\/lego\/";
</script>
<script type="text/javascript" src="/lego/js/search.js?1715108203"></script>
</div>
<div class="highlightable">
<ul class="topics">
<li data-nav-id="/lego/installation/" title="Installation" class="dd-item
">
<a href="/lego/installation/">
Installation
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/usage/" title="Usage" class="dd-item
">
<a href="/lego/usage/">
Usage
<i class="fas fa-check read-icon"></i>
</a>
<ul>
<li data-nav-id="/lego/usage/cli/" title="CLI" class="dd-item
">
<a href="/lego/usage/cli/">
CLI
<i class="fas fa-check read-icon"></i>
</a>
<ul>
<li data-nav-id="/lego/usage/cli/general-instructions/" title="General Instructions" class="dd-item ">
<a href="/lego/usage/cli/general-instructions/">
General Instructions
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/usage/cli/obtain-a-certificate/" title="Obtain a Certificate" class="dd-item ">
<a href="/lego/usage/cli/obtain-a-certificate/">
Obtain a Certificate
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/usage/cli/renew-a-certificate/" title="Renew a Certificate" class="dd-item ">
<a href="/lego/usage/cli/renew-a-certificate/">
Renew a Certificate
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/usage/cli/options/" title="Options" class="dd-item ">
<a href="/lego/usage/cli/options/">
Options
<i class="fas fa-check read-icon"></i>
</a>
</li>
</ul>
</li>
<li data-nav-id="/lego/usage/library/" title="Library" class="dd-item
">
<a href="/lego/usage/library/">
Library
<i class="fas fa-check read-icon"></i>
</a>
<ul>
<li data-nav-id="/lego/usage/library/writing-a-challenge-solver/" title="Writing a Challenge Solver" class="dd-item ">
<a href="/lego/usage/library/writing-a-challenge-solver/">
Writing a Challenge Solver
<i class="fas fa-check read-icon"></i>
</a>
</li>
</ul>
</li>
</ul>
</li>
<li data-nav-id="/lego/dns/" title="DNS Providers" class="dd-item
parent
">
<a href="/lego/dns/">
DNS Providers
<i class="fas fa-check read-icon"></i>
</a>
<ul>
<li data-nav-id="/lego/dns/edgedns/" title="Akamai EdgeDNS" class="dd-item ">
<a href="/lego/dns/edgedns/">
Akamai EdgeDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/alidns/" title="Alibaba Cloud DNS" class="dd-item ">
<a href="/lego/dns/alidns/">
Alibaba Cloud DNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/allinkl/" title="all-inkl" class="dd-item ">
<a href="/lego/dns/allinkl/">
all-inkl
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/lightsail/" title="Amazon Lightsail" class="dd-item ">
<a href="/lego/dns/lightsail/">
Amazon Lightsail
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/route53/" title="Amazon Route 53" class="dd-item ">
<a href="/lego/dns/route53/">
Amazon Route 53
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/arvancloud/" title="ArvanCloud" class="dd-item ">
<a href="/lego/dns/arvancloud/">
ArvanCloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/auroradns/" title="Aurora DNS" class="dd-item ">
<a href="/lego/dns/auroradns/">
Aurora DNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/autodns/" title="Autodns" class="dd-item ">
<a href="/lego/dns/autodns/">
Autodns
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/azure/" title="Azure (deprecated)" class="dd-item ">
<a href="/lego/dns/azure/">
Azure (deprecated)
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/azuredns/" title="Azure DNS" class="dd-item active">
<a href="/lego/dns/azuredns/">
Azure DNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/bindman/" title="Bindman" class="dd-item ">
<a href="/lego/dns/bindman/">
Bindman
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/bluecat/" title="Bluecat" class="dd-item ">
<a href="/lego/dns/bluecat/">
Bluecat
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/brandit/" title="Brandit" class="dd-item ">
<a href="/lego/dns/brandit/">
Brandit
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/bunny/" title="Bunny" class="dd-item ">
<a href="/lego/dns/bunny/">
Bunny
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/checkdomain/" title="Checkdomain" class="dd-item ">
<a href="/lego/dns/checkdomain/">
Checkdomain
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/civo/" title="Civo" class="dd-item ">
<a href="/lego/dns/civo/">
Civo
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/cloudru/" title="Cloud.ru" class="dd-item ">
<a href="/lego/dns/cloudru/">
Cloud.ru
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/clouddns/" title="CloudDNS" class="dd-item ">
<a href="/lego/dns/clouddns/">
CloudDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/cloudflare/" title="Cloudflare" class="dd-item ">
<a href="/lego/dns/cloudflare/">
Cloudflare
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/cloudns/" title="ClouDNS" class="dd-item ">
<a href="/lego/dns/cloudns/">
ClouDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/cloudxns/" title="CloudXNS" class="dd-item ">
<a href="/lego/dns/cloudxns/">
CloudXNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/conoha/" title="ConoHa" class="dd-item ">
<a href="/lego/dns/conoha/">
ConoHa
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/constellix/" title="Constellix" class="dd-item ">
<a href="/lego/dns/constellix/">
Constellix
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/cpanel/" title="CPanel/WHM" class="dd-item ">
<a href="/lego/dns/cpanel/">
CPanel/WHM
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/derak/" title="Derak Cloud" class="dd-item ">
<a href="/lego/dns/derak/">
Derak Cloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/desec/" title="deSEC.io" class="dd-item ">
<a href="/lego/dns/desec/">
deSEC.io
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/designate/" title="Designate DNSaaS for Openstack" class="dd-item ">
<a href="/lego/dns/designate/">
Designate DNSaaS for Openstack
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/digitalocean/" title="Digital Ocean" class="dd-item ">
<a href="/lego/dns/digitalocean/">
Digital Ocean
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dnsmadeeasy/" title="DNS Made Easy" class="dd-item ">
<a href="/lego/dns/dnsmadeeasy/">
DNS Made Easy
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dnshomede/" title="dnsHome.de" class="dd-item ">
<a href="/lego/dns/dnshomede/">
dnsHome.de
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dnsimple/" title="DNSimple" class="dd-item ">
<a href="/lego/dns/dnsimple/">
DNSimple
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dnspod/" title="DNSPod (deprecated)" class="dd-item ">
<a href="/lego/dns/dnspod/">
DNSPod (deprecated)
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dode/" title="Domain Offensive (do.de)" class="dd-item ">
<a href="/lego/dns/dode/">
Domain Offensive (do.de)
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/domeneshop/" title="Domeneshop" class="dd-item ">
<a href="/lego/dns/domeneshop/">
Domeneshop
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dreamhost/" title="DreamHost" class="dd-item ">
<a href="/lego/dns/dreamhost/">
DreamHost
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/duckdns/" title="Duck DNS" class="dd-item ">
<a href="/lego/dns/duckdns/">
Duck DNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dyn/" title="Dyn" class="dd-item ">
<a href="/lego/dns/dyn/">
Dyn
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/dynu/" title="Dynu" class="dd-item ">
<a href="/lego/dns/dynu/">
Dynu
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/easydns/" title="EasyDNS" class="dd-item ">
<a href="/lego/dns/easydns/">
EasyDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/efficientip/" title="Efficient IP" class="dd-item ">
<a href="/lego/dns/efficientip/">
Efficient IP
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/epik/" title="Epik" class="dd-item ">
<a href="/lego/dns/epik/">
Epik
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/exoscale/" title="Exoscale" class="dd-item ">
<a href="/lego/dns/exoscale/">
Exoscale
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/exec/" title="External program" class="dd-item ">
<a href="/lego/dns/exec/">
External program
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/freemyip/" title="freemyip.com" class="dd-item ">
<a href="/lego/dns/freemyip/">
freemyip.com
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/gcore/" title="G-Core" class="dd-item ">
<a href="/lego/dns/gcore/">
G-Core
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/gandi/" title="Gandi" class="dd-item ">
<a href="/lego/dns/gandi/">
Gandi
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/gandiv5/" title="Gandi Live DNS (v5)" class="dd-item ">
<a href="/lego/dns/gandiv5/">
Gandi Live DNS (v5)
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/glesys/" title="Glesys" class="dd-item ">
<a href="/lego/dns/glesys/">
Glesys
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/godaddy/" title="Go Daddy" class="dd-item ">
<a href="/lego/dns/godaddy/">
Go Daddy
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/gcloud/" title="Google Cloud" class="dd-item ">
<a href="/lego/dns/gcloud/">
Google Cloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/googledomains/" title="Google Domains" class="dd-item ">
<a href="/lego/dns/googledomains/">
Google Domains
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/hetzner/" title="Hetzner" class="dd-item ">
<a href="/lego/dns/hetzner/">
Hetzner
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/hostingde/" title="Hosting.de" class="dd-item ">
<a href="/lego/dns/hostingde/">
Hosting.de
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/hosttech/" title="Hosttech" class="dd-item ">
<a href="/lego/dns/hosttech/">
Hosttech
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/httpreq/" title="HTTP request" class="dd-item ">
<a href="/lego/dns/httpreq/">
HTTP request
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/httpnet/" title="http.net" class="dd-item ">
<a href="/lego/dns/httpnet/">
http.net
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/hurricane/" title="Hurricane Electric DNS" class="dd-item ">
<a href="/lego/dns/hurricane/">
Hurricane Electric DNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/hyperone/" title="HyperOne" class="dd-item ">
<a href="/lego/dns/hyperone/">
HyperOne
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/ibmcloud/" title="IBM Cloud (SoftLayer)" class="dd-item ">
<a href="/lego/dns/ibmcloud/">
IBM Cloud (SoftLayer)
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/iijdpf/" title="IIJ DNS Platform Service" class="dd-item ">
<a href="/lego/dns/iijdpf/">
IIJ DNS Platform Service
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/infoblox/" title="Infoblox" class="dd-item ">
<a href="/lego/dns/infoblox/">
Infoblox
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/infomaniak/" title="Infomaniak" class="dd-item ">
<a href="/lego/dns/infomaniak/">
Infomaniak
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/iij/" title="Internet Initiative Japan" class="dd-item ">
<a href="/lego/dns/iij/">
Internet Initiative Japan
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/internetbs/" title="Internet.bs" class="dd-item ">
<a href="/lego/dns/internetbs/">
Internet.bs
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/inwx/" title="INWX" class="dd-item ">
<a href="/lego/dns/inwx/">
INWX
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/ionos/" title="Ionos" class="dd-item ">
<a href="/lego/dns/ionos/">
Ionos
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/ipv64/" title="IPv64" class="dd-item ">
<a href="/lego/dns/ipv64/">
IPv64
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/iwantmyname/" title="iwantmyname" class="dd-item ">
<a href="/lego/dns/iwantmyname/">
iwantmyname
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/joker/" title="Joker" class="dd-item ">
<a href="/lego/dns/joker/">
Joker
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/acme-dns/" title="Joohoi&#39;s ACME-DNS" class="dd-item ">
<a href="/lego/dns/acme-dns/">
Joohoi&#39;s ACME-DNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/liara/" title="Liara" class="dd-item ">
<a href="/lego/dns/liara/">
Liara
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/linode/" title="Linode (v4)" class="dd-item ">
<a href="/lego/dns/linode/">
Linode (v4)
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/liquidweb/" title="Liquid Web" class="dd-item ">
<a href="/lego/dns/liquidweb/">
Liquid Web
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/loopia/" title="Loopia" class="dd-item ">
<a href="/lego/dns/loopia/">
Loopia
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/luadns/" title="LuaDNS" class="dd-item ">
<a href="/lego/dns/luadns/">
LuaDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/mailinabox/" title="Mail-in-a-Box" class="dd-item ">
<a href="/lego/dns/mailinabox/">
Mail-in-a-Box
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/manual/" title="Manual" class="dd-item ">
<a href="/lego/dns/manual/">
Manual
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/metaname/" title="Metaname" class="dd-item ">
<a href="/lego/dns/metaname/">
Metaname
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/mydnsjp/" title="MyDNS.jp" class="dd-item ">
<a href="/lego/dns/mydnsjp/">
MyDNS.jp
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/mythicbeasts/" title="MythicBeasts" class="dd-item ">
<a href="/lego/dns/mythicbeasts/">
MythicBeasts
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/namedotcom/" title="Name.com" class="dd-item ">
<a href="/lego/dns/namedotcom/">
Name.com
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/namecheap/" title="Namecheap" class="dd-item ">
<a href="/lego/dns/namecheap/">
Namecheap
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/namesilo/" title="Namesilo" class="dd-item ">
<a href="/lego/dns/namesilo/">
Namesilo
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/nearlyfreespeech/" title="NearlyFreeSpeech.NET" class="dd-item ">
<a href="/lego/dns/nearlyfreespeech/">
NearlyFreeSpeech.NET
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/netcup/" title="Netcup" class="dd-item ">
<a href="/lego/dns/netcup/">
Netcup
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/netlify/" title="Netlify" class="dd-item ">
<a href="/lego/dns/netlify/">
Netlify
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/nicmanager/" title="Nicmanager" class="dd-item ">
<a href="/lego/dns/nicmanager/">
Nicmanager
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/nifcloud/" title="NIFCloud" class="dd-item ">
<a href="/lego/dns/nifcloud/">
NIFCloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/njalla/" title="Njalla" class="dd-item ">
<a href="/lego/dns/njalla/">
Njalla
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/nodion/" title="Nodion" class="dd-item ">
<a href="/lego/dns/nodion/">
Nodion
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/ns1/" title="NS1" class="dd-item ">
<a href="/lego/dns/ns1/">
NS1
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/otc/" title="Open Telekom Cloud" class="dd-item ">
<a href="/lego/dns/otc/">
Open Telekom Cloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/oraclecloud/" title="Oracle Cloud" class="dd-item ">
<a href="/lego/dns/oraclecloud/">
Oracle Cloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/ovh/" title="OVH" class="dd-item ">
<a href="/lego/dns/ovh/">
OVH
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/plesk/" title="plesk.com" class="dd-item ">
<a href="/lego/dns/plesk/">
plesk.com
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/porkbun/" title="Porkbun" class="dd-item ">
<a href="/lego/dns/porkbun/">
Porkbun
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/pdns/" title="PowerDNS" class="dd-item ">
<a href="/lego/dns/pdns/">
PowerDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/rackspace/" title="Rackspace" class="dd-item ">
<a href="/lego/dns/rackspace/">
Rackspace
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/rcodezero/" title="RcodeZero" class="dd-item ">
<a href="/lego/dns/rcodezero/">
RcodeZero
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/regru/" title="reg.ru" class="dd-item ">
<a href="/lego/dns/regru/">
reg.ru
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/rfc2136/" title="RFC2136" class="dd-item ">
<a href="/lego/dns/rfc2136/">
RFC2136
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/rimuhosting/" title="RimuHosting" class="dd-item ">
<a href="/lego/dns/rimuhosting/">
RimuHosting
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/sakuracloud/" title="Sakura Cloud" class="dd-item ">
<a href="/lego/dns/sakuracloud/">
Sakura Cloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/scaleway/" title="Scaleway" class="dd-item ">
<a href="/lego/dns/scaleway/">
Scaleway
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/selectel/" title="Selectel" class="dd-item ">
<a href="/lego/dns/selectel/">
Selectel
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/selectelv2/" title="Selectel v2" class="dd-item ">
<a href="/lego/dns/selectelv2/">
Selectel v2
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/servercow/" title="Servercow" class="dd-item ">
<a href="/lego/dns/servercow/">
Servercow
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/shellrent/" title="Shellrent" class="dd-item ">
<a href="/lego/dns/shellrent/">
Shellrent
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/simply/" title="Simply.com" class="dd-item ">
<a href="/lego/dns/simply/">
Simply.com
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/sonic/" title="Sonic" class="dd-item ">
<a href="/lego/dns/sonic/">
Sonic
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/stackpath/" title="Stackpath" class="dd-item ">
<a href="/lego/dns/stackpath/">
Stackpath
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/tencentcloud/" title="Tencent Cloud DNS" class="dd-item ">
<a href="/lego/dns/tencentcloud/">
Tencent Cloud DNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/transip/" title="TransIP" class="dd-item ">
<a href="/lego/dns/transip/">
TransIP
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/safedns/" title="UKFast SafeDNS" class="dd-item ">
<a href="/lego/dns/safedns/">
UKFast SafeDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/ultradns/" title="Ultradns" class="dd-item ">
<a href="/lego/dns/ultradns/">
Ultradns
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/variomedia/" title="Variomedia" class="dd-item ">
<a href="/lego/dns/variomedia/">
Variomedia
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/vegadns/" title="VegaDNS" class="dd-item ">
<a href="/lego/dns/vegadns/">
VegaDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/vercel/" title="Vercel" class="dd-item ">
<a href="/lego/dns/vercel/">
Vercel
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/versio/" title="Versio.[nl|eu|uk]" class="dd-item ">
<a href="/lego/dns/versio/">
Versio.[nl|eu|uk]
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/vinyldns/" title="VinylDNS" class="dd-item ">
<a href="/lego/dns/vinyldns/">
VinylDNS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/vkcloud/" title="VK Cloud" class="dd-item ">
<a href="/lego/dns/vkcloud/">
VK Cloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/vscale/" title="Vscale" class="dd-item ">
<a href="/lego/dns/vscale/">
Vscale
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/vultr/" title="Vultr" class="dd-item ">
<a href="/lego/dns/vultr/">
Vultr
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/webnames/" title="Webnames" class="dd-item ">
<a href="/lego/dns/webnames/">
Webnames
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/websupport/" title="Websupport" class="dd-item ">
<a href="/lego/dns/websupport/">
Websupport
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/wedos/" title="WEDOS" class="dd-item ">
<a href="/lego/dns/wedos/">
WEDOS
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/yandex360/" title="Yandex 360" class="dd-item ">
<a href="/lego/dns/yandex360/">
Yandex 360
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/yandexcloud/" title="Yandex Cloud" class="dd-item ">
<a href="/lego/dns/yandexcloud/">
Yandex Cloud
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/yandex/" title="Yandex PDD" class="dd-item ">
<a href="/lego/dns/yandex/">
Yandex PDD
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/zoneee/" title="Zone.ee" class="dd-item ">
<a href="/lego/dns/zoneee/">
Zone.ee
<i class="fas fa-check read-icon"></i>
</a>
</li>
<li data-nav-id="/lego/dns/zonomi/" title="Zonomi" class="dd-item ">
<a href="/lego/dns/zonomi/">
Zonomi
<i class="fas fa-check read-icon"></i>
</a>
</li>
</ul>
</li>
</ul>
<section id="shortcuts">
<h3>More</h3>
<ul>
<li>
<a class="padding" href="https://github.com/go-acme/lego"><i class='fab fa-fw fa-github'></i> GitHub repo</a>
</li>
<li>
<a class="padding" href="https://github.com/go-acme/lego/issues"><i class='fas fa-fw fa-bug'></i> Issues</a>
</li>
<li>
<a class="padding" href="https://github.com/go-acme/lego/discussions"><i class='fas fa-fw fa-comments'></i> Discussions</a>
</li>
</ul>
</section>
<section id="prefooter">
<hr/>
<ul>
<li><a class="padding" href="#" data-clear-history-toggle=""><i class="fas fa-history fa-fw"></i> Clear History</a></li>
</ul>
</section>
<section id="footer">
<p>Built with <a href="https://github.com/matcornic/hugo-theme-learn"><i class="fas fa-heart"></i></a> from <a href="https://getgrav.org">Grav</a> and <a href="https://gohugo.io/">Hugo</a></p>
</section>
</div>
</nav>
<section id="body">
<div id="overlay"></div>
<div class="padding highlightable">
<div>
<div id="top-bar">
<div id="breadcrumbs" itemscope="" itemtype="http://data-vocabulary.org/Breadcrumb">
<span id="sidebar-toggle-span">
<a href="#" id="sidebar-toggle" data-sidebar-toggle="">
<i class="fas fa-bars"></i>
</a>
</span>
<span id="toc-menu"><i class="fas fa-list-alt"></i></span>
<span class="links">
<a href='/lego/'>Welcome</a> > <a href='/lego/dns/'>DNS Providers</a> > Azure DNS
</span>
</div>
<div class="progress">
<div class="wrapper">
<nav id="TableOfContents">
<ul>
<li><a href="#credentials">Credentials</a></li>
<li><a href="#additional-configuration">Additional Configuration</a></li>
<li><a href="#description">Description</a>
<ul>
<li><a href="#default-azure-credentials-default-option">Default Azure Credentials (default option)</a></li>
<li><a href="#environment-variables">Environment variables</a></li>
<li><a href="#workload-identity">Workload identity</a></li>
<li><a href="#azure-managed-identity">Azure Managed Identity</a></li>
<li><a href="#azure-cli">Azure CLI</a></li>
<li><a href="#open-id-connect">Open ID Connect</a></li>
</ul>
</li>
<li><a href="#more-information">More information</a></li>
</ul>
</nav>
</div>
</div>
</div>
</div>
<div id="head-tags">
</div>
<div id="body-inner">
<h1>
Azure DNS
</h1>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p>Configuration for <a href="https://azure.microsoft.com/services/dns/">Azure DNS</a>.</p>
<ul>
<li>Code: <code>azuredns</code></li>
<li>Since: v4.13.0</li>
</ul>
<p>Here is an example bash command using the Azure DNS provider:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1">### Using client secret</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nv">AZURE_CLIENT_ID</span><span class="o">=</span>&lt;your service principal client ID&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span><span class="nv">AZURE_TENANT_ID</span><span class="o">=</span>&lt;your service principal tenant ID&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span><span class="nv">AZURE_CLIENT_SECRET</span><span class="o">=</span>&lt;your service principal client secret&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>lego --domains example.com --email your_example@email.com --dns azuredns run
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1">### Using client certificate</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nv">AZURE_CLIENT_ID</span><span class="o">=</span>&lt;your service principal client ID&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span><span class="nv">AZURE_TENANT_ID</span><span class="o">=</span>&lt;your service principal tenant ID&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span><span class="nv">AZURE_CLIENT_CERTIFICATE_PATH</span><span class="o">=</span>&lt;your service principal certificate path&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>lego --domains example.com --email your_example@email.com --dns azuredns run
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1">### Using Azure CLI</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">az login <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>lego --domains example.com --email your_example@email.com --dns azuredns run
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1">### Using Managed Identity (Azure VM)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nv">AZURE_TENANT_ID</span><span class="o">=</span>&lt;your service principal tenant ID&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span><span class="nv">AZURE_RESOURCE_GROUP</span><span class="o">=</span>&lt;your target zone resource group name&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>lego --domains example.com --email your_example@email.com --dns azuredns run
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1">### Using Managed Identity (Azure Arc)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nv">AZURE_TENANT_ID</span><span class="o">=</span>&lt;your service principal tenant ID&gt; <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span><span class="nv">IMDS_ENDPOINT</span><span class="o">=</span>http://localhost:40342 <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span><span class="nv">IDENTITY_ENDPOINT</span><span class="o">=</span>http://localhost:40342/metadata/identity/oauth2/token <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>lego --domains example.com --email your_example@email.com --dns azuredns run
</span></span></code></pre></div><h2 id="credentials">Credentials</h2>
<table>
<thead>
<tr>
<th>Environment Variable Name</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>AZURE_CLIENT_CERTIFICATE_PATH</code></td>
<td>Client certificate path</td>
</tr>
<tr>
<td><code>AZURE_CLIENT_ID</code></td>
<td>Client ID</td>
</tr>
<tr>
<td><code>AZURE_CLIENT_SECRET</code></td>
<td>Client secret</td>
</tr>
<tr>
<td><code>AZURE_TENANT_ID</code></td>
<td>Tenant ID</td>
</tr>
</tbody>
</table>
<p>The environment variable names can be suffixed by <code>_FILE</code> to reference a file instead of a value.
More information <a href="/lego/dns/#configuration-and-credentials">here</a>.</p>
<h2 id="additional-configuration">Additional Configuration</h2>
<table>
<thead>
<tr>
<th>Environment Variable Name</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>AZURE_AUTH_METHOD</code></td>
<td>Specify which authentication method to use</td>
</tr>
<tr>
<td><code>AZURE_AUTH_MSI_TIMEOUT</code></td>
<td>Managed Identity timeout duration</td>
</tr>
<tr>
<td><code>AZURE_ENVIRONMENT</code></td>
<td>Azure environment, one of: public, usgovernment, and china</td>
</tr>
<tr>
<td><code>AZURE_POLLING_INTERVAL</code></td>
<td>Time between DNS propagation check</td>
</tr>
<tr>
<td><code>AZURE_PRIVATE_ZONE</code></td>
<td>Set to true to use Azure Private DNS Zones and not public</td>
</tr>
<tr>
<td><code>AZURE_PROPAGATION_TIMEOUT</code></td>
<td>Maximum waiting time for DNS propagation</td>
</tr>
<tr>
<td><code>AZURE_RESOURCE_GROUP</code></td>
<td>DNS zone resource group</td>
</tr>
<tr>
<td><code>AZURE_SERVICEDISCOVERY_FILTER</code></td>
<td>Advanced ServiceDiscovery filter using Kusto query condition</td>
</tr>
<tr>
<td><code>AZURE_SUBSCRIPTION_ID</code></td>
<td>DNS zone subscription ID</td>
</tr>
<tr>
<td><code>AZURE_TTL</code></td>
<td>The TTL of the TXT record used for the DNS challenge</td>
</tr>
<tr>
<td><code>AZURE_ZONE_NAME</code></td>
<td>Zone name to use inside Azure DNS service to add the TXT record in</td>
</tr>
</tbody>
</table>
<p>The environment variable names can be suffixed by <code>_FILE</code> to reference a file instead of a value.
More information <a href="/lego/dns/#configuration-and-credentials">here</a>.</p>
<h2 id="description">Description</h2>
<p>Several authentication methods can be used to authenticate against Azure DNS API.</p>
<h3 id="default-azure-credentials-default-option">Default Azure Credentials (default option)</h3>
<p>Default Azure Credentials automatically detects in the following locations and prioritized in the following order:</p>
<ol>
<li>Environment variables for client secret: <code>AZURE_CLIENT_ID</code>, <code>AZURE_TENANT_ID</code>, <code>AZURE_CLIENT_SECRET</code></li>
<li>Environment variables for client certificate: <code>AZURE_CLIENT_ID</code>, <code>AZURE_TENANT_ID</code>, <code>AZURE_CLIENT_CERTIFICATE_PATH</code></li>
<li>Workload identity for resources hosted in Azure environment (see below)</li>
<li>Shared credentials (defaults to <code>~/.azure</code> folder), used by Azure CLI</li>
</ol>
<p>Link:</p>
<ul>
<li><a href="https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication">Azure Authentication</a></li>
</ul>
<h3 id="environment-variables">Environment variables</h3>
<h4 id="service-discovery">Service Discovery</h4>
<p>Lego automatically finds all visible Azure (private) DNS zones using <a href="https://learn.microsoft.com/en-us/azure/governance/resource-graph/">Azure ResourceGraph query</a>.
This can be limited by specifying environment variable <code>AZURE_SUBSCRIPTION_ID</code> and/or <code>AZURE_RESOURCE_GROUP</code> which limits the
DNS zones to only a subscription or to one resourceGroup.</p>
<p>Additionally environment variable <code>AZURE_SERVICEDISCOVERY_FILTER</code> can be used to filter DNS zones with an addition Kusto filter eg:</p>
<pre tabindex="0"><code>resources
| where type =~ &#34;microsoft.network/dnszones&#34;
| ${AZURE_SERVICEDISCOVERY_FILTER}
| project subscriptionId, resourceGroup, name
</code></pre><h4 id="client-secret">Client secret</h4>
<p>The Azure Credentials can be configured using the following environment variables:</p>
<ul>
<li>AZURE_CLIENT_ID = &ldquo;Client ID&rdquo;</li>
<li>AZURE_CLIENT_SECRET = &ldquo;Client secret&rdquo;</li>
<li>AZURE_TENANT_ID = &ldquo;Tenant ID&rdquo;</li>
</ul>
<p>This authentication method can be specifically used by setting the <code>AZURE_AUTH_METHOD</code> environment variable to <code>env</code>.</p>
<h4 id="client-certificate">Client certificate</h4>
<p>The Azure Credentials can be configured using the following environment variables:</p>
<ul>
<li>AZURE_CLIENT_ID = &ldquo;Client ID&rdquo;</li>
<li>AZURE_CLIENT_CERTIFICATE_PATH = &ldquo;Client certificate path&rdquo;</li>
<li>AZURE_TENANT_ID = &ldquo;Tenant ID&rdquo;</li>
</ul>
<p>This authentication method can be specifically used by setting the <code>AZURE_AUTH_METHOD</code> environment variable to <code>env</code>.</p>
<h3 id="workload-identity">Workload identity</h3>
<p>Workload identity allows workloads running Azure Kubernetes Services (AKS) clusters to authenticate as an Azure AD application identity using federated credentials.</p>
<p>This must be configured in kubernetes workload deployment in one hand and on the Azure AD application registration in the other hand.</p>
<p>Here is a summary of the steps to follow to use it :</p>
<ul>
<li>create a <code>ServiceAccount</code> resource, add following annotations to reference the targeted Azure AD application registration : <code>azure.workload.identity/client-id</code> and <code>azure.workload.identity/tenant-id</code>.</li>
<li>on the <code>Deployment</code> resource you must reference the previous <code>ServiceAccount</code> and add the following label : <code>azure.workload.identity/use: &quot;true&quot;</code>.</li>
<li>create a federated credentials of type <code>Kubernetes accessing Azure resources</code>, add the cluster issuer URL and add the namespace and name of your kubernetes service account.</li>
</ul>
<p>Link :</p>
<ul>
<li><a href="https://azure.github.io/azure-workload-identity/docs/topics/service-account-labels-and-annotations.html">Azure AD Workload identity</a></li>
</ul>
<p>This authentication method can be specifically used by setting the <code>AZURE_AUTH_METHOD</code> environment variable to <code>wli</code>.</p>
<h3 id="azure-managed-identity">Azure Managed Identity</h3>
<h4 id="azure-managed-identity-with-azure-workload">Azure Managed Identity (with Azure workload)</h4>
<p>The Azure Managed Identity service allows linking Azure AD identities to Azure resources, without needing to manually manage client IDs and secrets.</p>
<p>Workloads with a Managed Identity can manage their own certificates, with permissions on specific domain names set using IAM assignments.
For this to work, the Managed Identity requires the <strong>Reader</strong> role on the target DNS Zone,
and the <strong>DNS Zone Contributor</strong> on the relevant <code>_acme-challenge</code> TXT records.</p>
<p>For example, to allow a Managed Identity to create a certificate for &ldquo;fw01.lab.example.com&rdquo;, using Azure CLI:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">AZURE_SUBSCRIPTION_ID</span><span class="o">=</span><span class="s2">&#34;00000000-0000-0000-0000-000000000000&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">AZURE_RESOURCE_GROUP</span><span class="o">=</span><span class="s2">&#34;rg1&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">SERVICE_PRINCIPAL_ID</span><span class="o">=</span><span class="s2">&#34;00000000-0000-0000-0000-000000000000&#34;</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">AZURE_DNS_ZONE</span><span class="o">=</span><span class="s2">&#34;lab.example.com&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">AZ_HOSTNAME</span><span class="o">=</span><span class="s2">&#34;fw01&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">AZ_RECORD_SET</span><span class="o">=</span><span class="s2">&#34;_acme-challenge.</span><span class="si">${</span><span class="nv">AZ_HOSTNAME</span><span class="si">}</span><span class="s2">&#34;</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">az role assignment create <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>--assignee <span class="s2">&#34;</span><span class="si">${</span><span class="nv">SERVICE_PRINCIPAL_ID</span><span class="si">}</span><span class="s2">&#34;</span> <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>--role <span class="s2">&#34;Reader&#34;</span> <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>--scope <span class="s2">&#34;/subscriptions/</span><span class="si">${</span><span class="nv">AZURE_SUBSCRIPTION_ID</span><span class="si">}</span><span class="s2">/resourceGroups/</span><span class="si">${</span><span class="nv">AZURE_RESOURCE_GROUP</span><span class="si">}</span><span class="s2">/providers/Microsoft.Network/dnszones/</span><span class="si">${</span><span class="nv">AZURE_DNS_ZONE</span><span class="si">}</span><span class="s2">&#34;</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">az role assignment create <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>--assignee <span class="s2">&#34;</span><span class="si">${</span><span class="nv">SERVICE_PRINCIPAL_ID</span><span class="si">}</span><span class="s2">&#34;</span> <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>--role <span class="s2">&#34;DNS Zone Contributor&#34;</span> <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>--scope <span class="s2">&#34;/subscriptions/</span><span class="si">${</span><span class="nv">AZURE_SUBSCRIPTION_ID</span><span class="si">}</span><span class="s2">/resourceGroups/</span><span class="si">${</span><span class="nv">AZURE_RESOURCE_GROUP</span><span class="si">}</span><span class="s2">/providers/Microsoft.Network/dnszones/</span><span class="si">${</span><span class="nv">AZURE_DNS_ZONE</span><span class="si">}</span><span class="s2">/TXT/</span><span class="si">${</span><span class="nv">AZ_RECORD_SET</span><span class="si">}</span><span class="s2">&#34;</span>
</span></span></code></pre></div><p>A timeout wrapper is configured for this authentication method.
The duration can be configured by setting the <code>AZURE_AUTH_MSI_TIMEOUT</code>.
The default timeout is 2 seconds.
This authentication method can be specifically used by setting the <code>AZURE_AUTH_METHOD</code> environment variable to <code>msi</code>.</p>
<h4 id="azure-managed-identity-with-azure-arc">Azure Managed Identity (with Azure Arc)</h4>
<p>The Azure Arc agent provides the ability to use a Managed Identity on resources hosted outside of Azure
(such as on-prem virtual machines, or VMs in another cloud provider).</p>
<p>While the upstream <code>azidentity</code> SDK will try to automatically identify and use the Azure Arc metadata service,
if you get <code>azuredns: DefaultAzureCredential: failed to acquire a token.</code> error messages,
you may need to set the environment variables:</p>
<ul>
<li><code>IMDS_ENDPOINT=http://localhost:40342</code></li>
<li><code>IDENTITY_ENDPOINT=http://localhost:40342/metadata/identity/oauth2/token</code></li>
</ul>
<p>A timeout wrapper is configured for this authentication method.
The duration can be configured by setting the <code>AZURE_AUTH_MSI_TIMEOUT</code>.
The default timeout is 2 seconds.
This authentication method can be specifically used by setting the <code>AZURE_AUTH_METHOD</code> environment variable to <code>msi</code>.</p>
<h3 id="azure-cli">Azure CLI</h3>
<p>The Azure CLI is a command-line tool provided by Microsoft to interact with Azure resources.
It provides an easy way to authenticate by simply running <code>az login</code> command.
The generated token will be cached by default in the <code>~/.azure</code> folder.</p>
<p>This authentication method can be specifically used by setting the <code>AZURE_AUTH_METHOD</code> environment variable to <code>cli</code>.</p>
<h3 id="open-id-connect">Open ID Connect</h3>
<p>Open ID Connect is a mechanism that establish a trust relationship between a running environment and the Azure AD identity provider.
It can be enabled by setting the <code>AZURE_AUTH_METHOD</code> environment variable to <code>oidc</code>.</p>
<h2 id="more-information">More information</h2>
<ul>
<li><a href="https://docs.microsoft.com/en-us/go/azure/">API documentation</a></li>
<li><a href="https://github.com/Azure/azure-sdk-for-go">Go client</a></li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<footer class="footline">
</footer>
</div>
</div>
<div id="navigation">
<a class="nav nav-prev" href="/lego/dns/azure/" title="Azure (deprecated)"> <i class="fa fa-chevron-left"></i></a>
<a class="nav nav-next" href="/lego/dns/bindman/" title="Bindman" style="margin-right: 0px;"><i class="fa fa-chevron-right"></i></a>
</div>
</section>
<div style="left: -1000px; overflow: scroll; position: absolute; top: -1000px; border: none; box-sizing: content-box; height: 200px; margin: 0px; padding: 0px; width: 200px;">
<div style="border: none; box-sizing: content-box; height: 200px; margin: 0px; padding: 0px; width: 200px;"></div>
</div>
<script src="/lego/js/clipboard.min.js?1715108203"></script>
<script src="/lego/js/perfect-scrollbar.min.js?1715108203"></script>
<script src="/lego/js/perfect-scrollbar.jquery.min.js?1715108203"></script>
<script src="/lego/js/jquery.sticky.js?1715108203"></script>
<script src="/lego/js/featherlight.min.js?1715108203"></script>
<script src="/lego/js/highlight.pack.js?1715108203"></script>
<script>hljs.initHighlightingOnLoad();</script>
<script src="/lego/js/modernizr.custom-3.6.0.js?1715108203"></script>
<script src="/lego/js/learn.js?1715108203"></script>
<script src="/lego/js/hugo-learn.js?1715108203"></script>
<script src="/lego/mermaid/mermaid.js?1715108203"></script>
<script>
mermaid.initialize({ startOnLoad: true });
</script>
</body>
</html>
Reference in a new issue View git blame Copy permalink