Hey danimart1991, thanks for creating the issue.

I digged a bit in Azure's API documentation to update DNS records, particularly here. I just have a questions on some of the required parameters, can you please let me know for each if it's easy to get them and how:

1. relativeRecordSetName: The name of the record set, relative to the name of the zone
2. resourceGroupName: The name of the resource group.
3. subscriptionId: Specifies the Azure subscription ID, which uniquely identifies the Microsoft Azure subscription.
4. zoneName: The name of the DNS zone (without a terminating dot).

That would help to know if I should search through their API how to obtain these if it's not trivial to have them.

Also for authentication, it seems you only use subscriptionId right?

You can try with qmcgaw/ddns-updater:azure using this documentation if you know the 4 parameters mentioned above, to see if it works.

Also, does Azure support wildcard * host for A/AAAA records?

Thanks!

Hi @qdm12

Yes. Azure support wilcard *.

I create a first approach in Python + Container in case it works for you. Azure needs a lot of parameters and configuration. Steps to configure Azure to be able to external dynamic dns update:

• Create Domain
• Activate Azure DNS Zone for that domain
• In the Azure Console (inside the portal) run: $ az ad sp create-for-rbac -n "{AnyNameOrUrl}" --scopes /subscriptions/{SUBSCRIPTION_ID}/resourceGroups/{RESOURCE_GROUP}/providers/Microsoft.Network/dnszones/{DNS_ZONE_ID} (This parameters are easily obtainable in the Properties section of Azure DNS)
• This gives you the rest of the parameters:

Retrying role assignment creation: 1/36
{
  "appId": "{App_Id/Client_Id}",
  "displayName": "{NOTIMPORTANT}",
  "name": "{NOTIMPORTANT}",
  "password": "{APP_PASSWORD}",
  "tenant": "{TENANT_ID}"
}

I use this parameters here: https://github.com/danimart1991/azure-dns-updater/blob/main/azure-dns-updater.py#L21

Best regards and thank you for your work.

Sorry for the rather long delay, I worked on the implementation again today; I'm just lost on authentication. How do you specify the app_id and app_password? Or do you even need to? From what I've seen in their docs, a PATCH HTTP request like

https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/{recordType}/{relativeRecordSetName}?api-version=2018-05-01

Does it. Do you know if that's the case perhaps?

Hi @qdm12

As I need this DNS Updater, I make my own, but even better if DDNS Updater has Azure too. 🥰

I just update my repository with all the info to obtain the info needed to update a record/s. https://github.com/danimart1991/azure-dns-updater

The az ad sp... command creates a "user" and special authentication for this behavior. I don't know another way to obtain the info you need.

I use the Python lib DnsManagementClient directly, I just need to send the Update command and fill the needed vars. 🤔

@qdm12 did you try using Azure SDK? the SDK usually is especially useful for the authentication part https://github.com/Azure/azure-sdk-for-go/blob/f111fc2fa3861c5fdced76cae4c9c71821969577/arm/examples/dns/create.go

Oh they have a Go SDK! Thanks @fredericrous !! 🎉

Yeah I tried quite a bit, but would get lost in the over-complicated requirements from their API docs to be honest. I'll try that right now!

Any news with this? Can I help?

Hi @danimart1991, I don't think qdm12 has picked this up yet. I don't require a new domain at the moment and don't have one on Azure but feel free to open a PR, we'll review it. Implementing a provider is not that hard, I implemented 3 already and I'm not a Go developer.

Actually Azure has been quite tough. Implementing it dependency-free is a bit of a PITA.

For now I prefer to focus on improving the "vertical aspect" of ddns such as upgrading the UI or better support for ipv6 before doing "horizontal" such as adding more DNS providers.

Although if you can manage to do a PR for Azure without dependency, I'm more than happy to merge it!

Thanks for the answer @qdm12

Actually, I don't know Go to be able to add new DNS providers. So sorry.

Microsoft has got some documentation on the API here:
https://learn.microsoft.com/en-us/rest/api/dns/record-sets/create-or-update?tabs=HTTP

Hello everyone, I reworked the Azure branch to use the Azure SDK for the time being. Can you try the image qmcgaw/ddns-updater:pr-130 using the documentation at https://github.com/qdm12/ddns-updater/blob/azure/docs/azure.md

In the meantime, I'm working on having this without the Azure SDK (just plain local Go), and I'm really eyeing using a single token for authentication (for example https://mauridb.medium.com/calling-azure-rest-api-via-curl-eb10a06127) is this easy for you to use or would you rather keep using the many fields (client id, client secret, tenant id) to authenticate??

I updated qmcgaw/ddns-updater:pr-130 to use that token field and no Azure SDK, please let me know if it works when you get the time. Documentation:

Thanks @qdm12 for the work.

I'm trying the option to use client_id and client_secret (it's the option that I use actually with Traefik for reverse proxy), but then ddns-updater gives me the error "ERROR validating settings: token is not set".

Maybe the provider could accept both options? 🤔

Well, it could maybe, but the programming using the token authentication is really a lot easier. Is it complicated to get a token? If it's too hardcore (or doesn't work) I'll work my way to support only client id+ client secret+tenant id instead.

The problem is that the Token expires in 1 hour.

Indeed (and up to 1 day which doesn't work in this use case), my bad I didn't notice this.
I removed the last commit to go back to using the Azure SDK (documentation), can you try it (repull the image)? If it works, I'll go ahead and implement their authentication system (I think it's oauth2) and try to get rid of the azure sdk.

Indeed (and up to 1 day which doesn't work in this use case), my bad I didn't notice this. I removed the last commit to go back to using the Azure SDK (documentation), can you try it (repull the image)? If it works, I'll go ahead and implement their authentication system (I think it's oauth2) and try to get rid of the azure sdk.

With the Azure SDK, it works like a charm. 😇