We use Bicep to manage our DNS records.
I have recently set up an Azure Front Door profile with custom domains, which is working fine. One of the custom domains is an apex domain, so the Azure portal creates a DNS A record which points to the Azure resource: i.e. the Front Door profile/endpoint.
The portal provides a nice UI to manage this. Because we manage our DNS using Bicep, we need to add this A record definition to our Bicep file to avoid accidentally reverting it in future deployments.
I can find no documentation on how to do this. I have tried something like this:
resource aliasRecord 'Microsoft.Network/dnsZones/A@2018-05-01' = {
parent: dnsZone
name: '@'
properties: {
TTL: 3600
targetResource: {
id: '/subscriptions/{guid}/resourcegroups/{rgName}/providers/Microsoft.Network/frontdoors/{profileName}/frontendendpoints/{endpointName}'
}
}
}
I get a "Reference records are not supported for resource" error. I can't find any guidance on how to reference the Front Door endpoint here.
After a day, I asked this same question on MS Q&A. The helpful answer was to:
copy the json template for the DNS zone
decompile it into Bicep and see how the alias A record is created
I did this and it revealed the errors in my target resource id, which should have been:
'/subscriptions/{guid}/resourceGroups/{rgName}/providers/Microsoft.Cdn/profiles/{frontDoorName}/afdendpoints/{endpointName}'
Once I tried it with this syntax it worked fine.
A useful approach when you can't find any documentation! See also: