OpenMCF logoOpenMCF

Loading...

Azure DNS Record

Deploys an individual DNS record (A, AAAA, CNAME, MX, TXT, SRV, NS, PTR, or CAA) within an existing Azure DNS Zone. The component supports all standard record types with configurable TTL, multiple record values for round-robin behavior, and MX priority for mail exchange records.

What Gets Created

When you deploy an AzureDnsRecord resource, OpenMCF provisions:

  • DNS Record -- one of the following Pulumi Azure DNS resources based on the specified type: dns.ARecord, dns.AaaaRecord, dns.CNameRecord, dns.MxRecord, dns.TxtRecord, dns.SrvRecord, dns.NsRecord, dns.PtrRecord, or dns.CaaRecord
  • Azure Tags -- resource metadata tags applied to the record for tracking and governance, including resource name, kind, organization, and environment

Prerequisites

  • Azure credentials configured via environment variables or OpenMCF provider config
  • An Azure Resource Group containing the DNS Zone (can reference an AzureResourceGroup resource)
  • An Azure DNS Zone where the record will be created (can reference an AzureDnsZone resource)

Quick Start

Create a file dns-record.yaml:

apiVersion: azure.openmcf.org/v1
kind: AzureDnsRecord
metadata:
  name: my-a-record
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: dev.AzureDnsRecord.my-a-record
spec:
  resourceGroup: my-rg
  zoneName: example.com
  type: A
  name: www
  values:
    - "192.0.2.1"

Deploy:

openmcf apply -f dns-record.yaml

This creates an A record for www.example.com pointing to 192.0.2.1 with a default TTL of 300 seconds (5 minutes).

Configuration Reference

Required Fields

FieldTypeDescriptionValidation
resourceGroupStringValueOrRefAzure Resource Group containing the DNS Zone. Can reference an AzureResourceGroup resource via valueFrom.Required
zoneNameStringValueOrRefName of the DNS Zone where the record will be created (e.g., example.com). Can reference an AzureDnsZone resource via valueFrom.Required
typeenumDNS record type. Values: A, AAAA, CNAME, MX, TXT, SRV, NS, PTR, CAA.Required, must be a defined enum value
namestringRecord name relative to the zone. Use @ for zone apex, * for wildcard, or a valid DNS label (e.g., www, api.v1).Required, must match @, *, or lowercase alphanumeric with hyphens and dots
valuesstring[]Record values. Format depends on type: IPv4 for A, IPv6 for AAAA, hostname for CNAME, mail server for MX, text for TXT, priority weight port target for SRV, flags tag value for CAA.Minimum 1 item

Optional Fields

FieldTypeDefaultDescription
ttlSecondsint32300Time to live in seconds. Determines how long resolvers cache this record. Range: 1--2147483647. Common values: 60 (1 min), 300 (5 min), 3600 (1 hour), 86400 (1 day).
mxPriorityint3210Priority value for MX records. Lower values indicate higher priority. Only applicable when type is MX. Range: 0--65535.

Examples

A Record for a Subdomain

Point a subdomain to one or more IPv4 addresses with round-robin behavior:

apiVersion: azure.openmcf.org/v1
kind: AzureDnsRecord
metadata:
  name: web-a-record
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.AzureDnsRecord.web-a-record
spec:
  resourceGroup: prod-rg
  zoneName: example.com
  type: A
  name: www
  values:
    - "192.0.2.1"
    - "192.0.2.2"
  ttlSeconds: 3600

CNAME Record for an Alias

Create an alias from one hostname to another:

apiVersion: azure.openmcf.org/v1
kind: AzureDnsRecord
metadata:
  name: app-cname
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.AzureDnsRecord.app-cname
spec:
  resourceGroup: prod-rg
  zoneName: example.com
  type: CNAME
  name: app
  values:
    - "myapp.azurewebsites.net"
  ttlSeconds: 300

MX Records for Email Routing

Configure mail exchange records with priority for primary and secondary mail servers:

apiVersion: azure.openmcf.org/v1
kind: AzureDnsRecord
metadata:
  name: mail-mx-record
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.AzureDnsRecord.mail-mx-record
spec:
  resourceGroup: prod-rg
  zoneName: example.com
  type: MX
  name: "@"
  values:
    - "mail1.example.com"
    - "mail2.example.com"
  ttlSeconds: 3600
  mxPriority: 10

TXT Record for Domain Verification

Add SPF or domain-verification TXT records at the zone apex:

apiVersion: azure.openmcf.org/v1
kind: AzureDnsRecord
metadata:
  name: spf-txt-record
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.AzureDnsRecord.spf-txt-record
spec:
  resourceGroup: prod-rg
  zoneName: example.com
  type: TXT
  name: "@"
  values:
    - "v=spf1 include:_spf.google.com ~all"
  ttlSeconds: 3600

Using Foreign Key References

Reference OpenMCF-managed resources instead of hardcoding the resource group and zone name. The resourceGroup field defaults to kind AzureResourceGroup with field path status.outputs.resource_group_name. The zoneName field defaults to kind AzureDnsZone with field path status.outputs.zone_name.

apiVersion: azure.openmcf.org/v1
kind: AzureDnsRecord
metadata:
  name: ref-a-record
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.AzureDnsRecord.ref-a-record
spec:
  resourceGroup:
    valueFrom:
      name: my-rg
  zoneName:
    valueFrom:
      name: my-azure-zone
  type: A
  name: api
  values:
    - "10.0.1.50"

Stack Outputs

After deployment, the following outputs are available in status.outputs:

OutputTypeDescription
record_idstringAzure Resource Manager ID of the DNS record (format: /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Network/dnsZones/{zone}/{type}/{name})
fqdnstringFully qualified domain name for this record (e.g., www.example.com)

Related Components

  • AzureResourceGroup -- provides the resource group containing the DNS Zone
  • AzureDnsZone -- provides the DNS Zone where records are created
  • AzurePublicIp -- public IP addresses that A records can point to
  • AzureLoadBalancer -- load balancer frontend IPs that DNS records can target

Next article

Azure DNS Zone

Azure DNS Zone Deploys an Azure DNS Zone with an optional set of pre-populated DNS records. The component creates the zone in a specified resource group and supports A, AAAA, CNAME, MX, TXT, NS, CAA, SRV, and PTR record types, each with configurable TTL. What Gets Created When you deploy an AzureDnsZone resource, OpenMCF provisions: DNS Zone -- a dns.Zone resource in the specified resource group, representing the authoritative zone for the given domain name DNS Records -- one Azure DNS record...
Read next article
Presets
2 ready-to-deploy configurationsView presets →