Configure Custom DNS Zone for Private Domain

In this IT Pro Challenges virtual lab, learners gain hands-on experience creating a private Domain Name System (DNS) zone and a record set in the Azure cloud environment. Knowledge about network protocols, using the Azure Cloud Shell, is critical for System Administrator and Network Engineering career paths and benefits many other IT professions.

45 minutes
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »


In this challenge, you will use the Azure PowerShell to create a private Domain Name System (DNS) zone in Azure as a domain and add a recordset for each workload. You will verify a successful DNS zone set up through the PowerShell and Azure's portal. You will also make an Azure storage account to access PowerShell through the Azure Cloud Shell interface.

Beginning learners who have a rough understanding of how DNS works and some experience using PowerShell will find this background helpful in completing this guided virtual lab. It would be advisable to set aside a full thirty to forty-five-minute block, as learners cannot stop lab activities midway. However, participants can take the virtual lab more than once. The lab provides a resource group and a virtual network to set up and maintain the DNS zone.

Knowing how to configure a DNS zone using Azure PowerShell and how to check this set-up underlies essential skills in hosting a web site, a mail server, or another location on the internet. These proficiencies will impact learners' advancement towards Cyber Defense Analyst, Enterprise Architect, Information Systems Security Developer, Information Systems Security Manager, Network Operations Manager, Network Operations Specialist, Software Developer, Systems Administrator, Systems Developer, and System Requirements Planner careers.

Also, through the lab activities, participants will create a storage account to use Azure Cloud Shell. Learners wishing to attain Cyber Defense Forensics Analyst, Cyber Instructor, Law Enforcement/Counterintelligence, Forensics Analyst, Security, and Control Assessor work roles, benefit from this knowledge.

Understanding the Scenario:

You are a system administrator for a company that is creating a test domain in Azure. The test domain is "TestDomain". You use a DNS Zone in Azure for the domain, while a virtual network named TestVnet maintains your DNS zone. You complete the steps using the Azure cloud shell utilizing PowerShell.

Create a DNS Zone:

In this lab section, you set up your environment to use Azure Cloud Shell and then configure a DNS Zone. After you log into the Azure portal, you create a storage account for the Azure Cloud Shell. Then you use the 'New-AzDNSZone' cmdlet, in PowerShell, to implement a new DNS zone.

Check Your Work:

You check that the DNS zone exists by using the 'Get-AzDNSZone' cmdlet and by viewing the network resources in the Azure Portal. While you do not have to own a domain name to create the DNS zone, you need to hold the parent domain so that Azure can manage it. In this lab, the resource group provided, with that parent domain name servers, so you can use Azure to create and delegate the DNS zones.

Create a DNS Record Set for Your TestDomain:

This lab exercise has you create a DNS record set in your DNS zone. You use the 'New-AzDns RecordSet' PowerShell cmdlet. When you have multiple hosts with data on different internet protocol (IP) addresses, then configuring a DNS record set provides access to these resources.


By the end of this lab, you will have learned how to customize DNS Zones for a private domain. You will have learned how to:

  • Provision a DNS Zone.
  • Create a record set in the DNS zone.

You will become more familiar with applying PowerShell cmdlets in Azure's Cloud Shell and setting up a storage account in Azure's cloud, helpful knowledge for many IT careers.