I recently purchased the domain 'net-t-rex.com' and wanted Microsoft Azure to host my Domain Name System (DNS) domains. I also joined the Microsoft Partner Program and got an O365 tenant to deal with contacts threw outlook, teams... I wanted to automate the whole creation process (Azure DNS Zone creation and O365 DNS records) using Pulumi in case I need to do it for another domain. If you don't know Pulumi, I wrote an introduction to it here.
O365 records information
Microsoft wrote a nice article to help you Gather the information you need to create Office 365 DNS records.
The Pulumi code will require your domain name (example:contoso.com) and the domain name used as prefix of the MX record in '<mxDomain>.mail.protection.outlook.com'.
Pulumi code
First, you need to create a pulumi project using C# with the command :
Pulumi newThen, set the two configuration values 'domain' and 'mxDomain' with the commands :
Pulumi config set domain <your_domain>
Pulumi config set mxDomain <your_mx_domain>
Replace the code of the 'Program.cs' file with the following :
using System.Collections.Generic;
using System.Threading.Tasks;
using Pulumi;
using Pulumi.Azure.Core;
using Pulumi.Azure.Dns;
using Pulumi.Azure.Dns.Inputs;
class Program
{
static Task<int> Main()
{
return Deployment.RunAsync(() => {
//Get config values
var config = new Config();
//Require domain name
var domain = config.Require("domain");
//Require MX domain value
var mxDomain = config.Require("mxDomain");
// Create an Azure Resource Group
var resourceGroup = new ResourceGroup("DNS_RG", new ResourceGroupArgs()
{
Name = "DNS"
});
// Create the DNS Zone
var dnsZone = new Zone("DNS", new ZoneArgs()
{
Name = domain,
ResourceGroupName = resourceGroup.Name
});
// -------------------------------------------
// ---------------- O365 ---------------------
// -------------------------------------------
//CNAME record needed for autodiscover endpoint for making it easier to configure Outlook
var CNAMEAD = new CNameRecord("autodiscover", new CNameRecordArgs()
{
Name = "autodiscover",
Record = "autodiscover.outlook.com",
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
//CNAME record needed for Mobile Device Management (MDM) with Office 365
var CNAMEEE = new CNameRecord("enterpriseenrollment", new CNameRecordArgs()
{
Name = "enterpriseenrollment",
Record = "enterpriseenrollment.manage.microsoft.com",
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
var CNAMEER = new CNameRecord("enterpriseregistration", new CNameRecordArgs()
{
Name = "enterpriseregistration",
Record = "enterpriseregistration.windows.net",
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
//CNAME record needed for autodiscover endpoint for making it easier to configure Skype for Business
var CNAMELD = new CNameRecord("lyncdiscover", new CNameRecordArgs()
{
Name = "lyncdiscover",
Record = "webdir.online.lync.com",
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
var CNAMESIP = new CNameRecord("sip", new CNameRecordArgs()
{
Name = "sip",
Record = "sipdir.online.lync.com",
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
//MX record for mails
var MX = new MxRecord("MX", new MxRecordArgs()
{
Name = "@",
Records = new InputList<MxRecordRecordsArgs>() { new MxRecordRecordsArgs() { Exchange = mxDomain + ".mail.protection.outlook.com", Preference = "0" } },
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
//TXT record for Sender policy framework (SPF) records, which are used to prevent spam
var TXT = new TxtRecord("TXT", new TxtRecordArgs()
{
Name = "@",
Records = new InputList<TxtRecordRecordsArgs>() { new TxtRecordRecordsArgs() { Value = "v=spf1 include:spf.protection.outlook.com -all" } },
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
//SRV record to specify sip location for Skype for Business
var SRVSIPDIR = new SrvRecord("_sip._tls", new SrvRecordArgs()
{
Name = "_sip._tls",
Records = new InputList<SrvRecordRecordsArgs>() { new SrvRecordRecordsArgs() { Port = 443, Priority = 100, Target = "sipdir.online.lync.com", Weight = 1 } },
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
//SRV record to specify sip federation location for Skype for Business
var SRVSIPFED = new SrvRecord("_sipfederationtls._tcp", new SrvRecordArgs()
{
Name = "_sipfederationtls._tcp",
Records = new InputList<SrvRecordRecordsArgs>() { new SrvRecordRecordsArgs() { Port = 5061, Priority = 100, Target = "sipfed.online.lync.com", Weight = 1 } },
Ttl = 3600,
ResourceGroupName = resourceGroup.Name,
ZoneName = dnsZone.Name
});
// Export the DNS Server names
return new Dictionary<string, object>
{
{ "DNS Server Names", dnsZone.NameServers },
};
});
}
}
Now deploy your DNS Zone with the command :
Pulumi upCopy the output called 'DNS Server Names' and replace the name server records in your domain name registrar with the Azure DNS name servers. That's it ! Your DNS is now managed in Microsoft Azure and you configured it to work with your O365 tenant.