Microsoft has announced Azure DNS Private Zones are now available in public preview. For the first time, virtual networks get secure name resolution in Azure. The introduction of DNS Private Zones removes the reliance on custom DNS servers and several other important abilities.
Customers can integrate zones into a virtual network as applications are moved towards Azure in the cloud. Microsoft says users can customize domain names under the new DNS Private Zones. Name resolution can be achieved on a virtual network through private zones.
The company points out private zones are location expandable, working across regions and subscriptions.
Another new benefit brought by Azure DNS Private Zones is the ability to use a split-horizon view. With this feature, users can create private and public DNS zones for sharing under the same name.
“Now for clients in a virtual network attached to the zone, Azure will return the DNS response from the private zone, and for clients on the internet, Azure will return the DNS response from the public zone. Since name resolution is confined to configured virtual networks, you can prevent DNS exfiltration.”
With the release, Microsoft has debuted two different DNS zone concepts. The first is Registration Virtual Networks, which allows Azure register DNS A records in private for virtual machines when creating a private zone. The tool will track additions and removals from virtual machines when they are updated.
Resolution virtual networks allow 10 networks to be designated together. Private zone records will align with DNS queries.
Microsoft also introduced Familiar Zone and record management through the DNS update:
“Private zone and record management is done using the same Azure DNS REST APIs, SDKs, PowerShell and CLI as for regular (Public) DNS zones. Portal support will soon follow.
We can't wait for you to try out this capability! For more details please refer to our overview as well as some common scenarios that can be realized using this feature. You can also refer to our documentation on creating and managing private zones using PowerShell and Azure CLI.”