Sign up

Providers

Azure DNS Integration Coming Q2 2025

Connect your Azure DNS to DNS Check and monitor your DNS records.

Prerequisites

  • An Azure subscription with Azure DNS zones
  • Service Principal with the following permissions:
    • Microsoft.Network/dnszones/read
    • Microsoft.Network/dnszones/recordsets/read

Creating a Service Principal

  1. Log in to Azure Portal

    Visit the Azure Portal and log in to your account.

  2. Create a Service Principal

    Using Azure CLI or Azure Portal, create a new service principal: 

    # Using Azure CLI
az ad sp create-for-rbac --name "DNSCheckIntegration" --role "Reader" --scope "/subscriptions/{subscription-id}"
    Creating a new Service Principal
  3. Assign Required Permissions

    Assign the following custom role to your service principal: 

    {
    "Name": "DNS Check Reader",
    "Description": "Can read DNS zones and records",
    "Actions": [
        "Microsoft.Network/dnszones/read",
        "Microsoft.Network/dnszones/recordsets/read"
    ],
    "NotActions": [],
    "AssignableScopes": [
        "/subscriptions/{subscription-id}"
    ]
}
    Assigning permissions
  4. Save Credentials

    After creating the service principal, you'll receive:

    • Client ID (appId)
    • Client Secret
    • Tenant ID

    Make sure to save these somewhere safe - you won't be able to see the Client Secret again!

Connecting to DNS Check

  1. Add Azure DNS integration

    In DNS Check, go to Settings > Integrations and click "Add Azure DNS".

  2. Enter Azure credentials

    Enter your Client ID, Client Secret, and Tenant ID.

  3. Select DNS zones

    Choose which DNS zones you want to monitor. DNS Check will automatically detect all available zones in your subscription.

Monitoring DNS Records

Once connected, DNS Check will:

  • Automatically detect all DNS records in your selected zones
  • Monitor for any changes to these records
  • Alert you when changes are detected
  • Keep a history of all changes for future reference

Security Note

DNS Check only requires read permissions and cannot make any changes to your DNS records. We recommend creating a dedicated service principal with minimal permissions for security best practices.

Troubleshooting

Common Issues

  • "Unable to list DNS zones"

    This usually means the service principal doesn't have the correct DNS zone read permissions. Review the role assignments.

  • "Unable to fetch DNS records"

    Verify that the service principal has record set read permissions for the zones you're trying to monitor.

  • "Authentication failed"

    Double-check that you've entered the correct Client ID, Client Secret, and Tenant ID.

Need help?

Our support team is here to help you get set up. Contact us if you have any questions.