Monitoring your Microsoft Azure DNS records automatically is made easy with ZoneWatcher. After you've added your account credentials, we will automatically import all of your domains and begin monitoring them for changes.
To get started adding your Azure account, you'll first need to create an App Registration in Azure Active Directory (now called Microsoft Entra ID). This will provide you with the credentials needed to access the Azure DNS API.
Navigate to the Azure portal App registrations page and click "New registration".
Give your application a descriptive name like "ZoneWatcher DNS Monitor" and select "Accounts in this organizational directory only". You can leave the redirect URI blank for this use case.
After creating your App Registration, you'll need to collect several pieces of information:
This can be found on the Overview page of your App Registration. Copy the "Application (client) ID" value.
Also found on the Overview page, copy the "Directory (tenant) ID" value.
Navigate to "Certificates & secrets" in the left menu, then click "New client secret". Give it a descriptive name and select an appropriate expiration period. Copy the secret value immediately after creation - you won't be able to see it again.
Navigate to the Subscriptions page in the Azure portal and copy the Subscription ID that contains your DNS zones.
Your App Registration needs permission to read DNS zones and records. Navigate to your subscription's "Access control (IAM)" page and add a role assignment.
Assign the DNS Zone Contributor role to your App Registration. For read-only access, you can use the Reader role instead, though DNS Zone Contributor provides the most comprehensive access for monitoring purposes.
Select "User, group, or service principal" as the assignee type and search for your App Registration by name.
Once you've gathered all the required information, you can create your new Azure DNS provider on ZoneWatcher.
Give your provider a descriptive name and fill in the four required fields:
After you've created your Azure DNS provider, we will sync all the DNS zones associated with your subscription and their associated DNS records. You'll be able to view them from either the Provider's page or the Zone Dashboard.
