Azure DNS DCV Provisioner

Prerequisites

  • You need an Azure subscription containing the DNS zones to manage.

  • You need either:

    • A service principal (application) with the DNS Zone Contributor role on the target resource group or DNS zones, or

    • A managed identity assigned to the Horizon host with the same permissions (no credentials required in that case).

  • You need to retrieve the Tenant ID, Subscription ID, and Resource Group name from the Azure portal.

How to configure a DCV Provisioner

1. Log in to Horizon Administration Interface.

2. Access DCV Provisioners from the drawer or card: DCV  Provisioners.

3. Click on Add Provisioner.

4. Fill in the mandatory fields.

General

  • Name* (string input):
    Enter a meaningful provisioner name. It must be unique for each DCV provisioner. Horizon uses the name to identify the provisioner.

  • Type* (select):
    Select the DNS provider type. Additional configuration fields are displayed depending on the selected type.

Connection

  • Timeout* (finite duration):
    Maximum time Horizon waits for a response from the DNS provider.

  • TTL* (finite duration):
    TTL applied to the DNS TXT record created for the validation challenge.

  • Proxy (select):
    The HTTP/HTTPS proxy to use to reach the DNS provider, if any.

Azure DNS Configuration

  • Tenant ID* (string input):
    Enter the Azure Active Directory tenant ID.

  • Subscription ID* (string input):
    Enter the Azure subscription ID containing the DNS zones.

  • Resource Group Name* (string input):
    Enter the name of the Azure resource group containing the DNS zones.

  • Credentials (select):
    Select Login credentials containing the service principal client ID and secret. If omitted, Horizon uses the value configured via environment variable at startup.

  • Endpoint (string input):
    Azure DNS API endpoint. If omitted, Horizon uses the value configured via environment variable at startup.

  • Authority Host (string input):
    Azure authority host URL. If omitted, Horizon uses the value configured via environment variable at startup.

Zone ID Mappings

See DCV Provisioners for a full explanation of zone ID mappings.

Click on Add Zone ID Mapping.

  • Zone ID* (string input):
    Azure DNS zone name (e.g. `example.com`).

  • Domain pattern* (regex):
    Regex matching domain names that belong to this zone.

You can delete Delete mapping a mapping.

Delegation Zone

See DCV Provisioners for a full explanation of delegation zones.

  • Delegation zone (string input):
    Optional DNS subdomain delegated to dedicated nameservers for DCV. When set, challenge records are published here instead of the domain’s authoritative zone.

5. Click on the save button.

You can edit Edit Provisioner or delete Delete Provisioner the Azure DNS DCV Provisioner.

You cannot delete a DCV Provisioner that is referenced by an existing DCV Policy.