AzureFuncApp-DynDNS

Azure Function App Function to Mimic a DynDNS Server to update Azure Zone records.

If you are using Azure as your DNS Provider, you have had to create a sub-domain and delegate sub-domain to a DNS Provider that will support the Dynamic updates to support your clients with Dynamic IP Assignments. This is a PowerShell Script that is a Azure Functio App Function that your Dynamic DNS Client can connect to and submit DNS Changes to your Azure DNS Zone.

I am assiming some Azure Knowledge, that you already have your DNS Zone setup in Azure and you know how to configure your Dynamic DNS Client to talk to a DynDNS Server. I will Provide some sample configurations that I have used.

Creating and setting up the Function App Resouce

Create your Function App Resource

From your Function App Blade, Click +Create

Function App Basics

In theCreate Function App Blade Select your subscription Select a Resource Group from the list, or click Create new to Create a new one Enter a Function app name for your function. This needs to be unique name. Runtime stack select PowerShell Core Version Select 7.2 (or higher) Select the Region for your Function App Operating System select Windows Hosting Options and Plans select Consumption (serverless)

Function App Storage

Storage Account You can Select an Existing storage account from the list, or you can use the default (New) AzDynDNS storage account

Blob service diagnostic settings select Don't Configure diagnostic settings now

Function App Networking

Enable public access if using from outside a private connection, select on

Function App Monitoring

Enable Application Insights can be left at No If you would like to have debugging or application insights, you will need to select Yes

Function App Deployment

Basic authentication select Disable Continuous deployment select Disable

Function App Tags

Add any tags that you would like to associate with this Function App Resource

Function App Review + create

Review your settings and click Review + Create

Function App Configuration

Go to your newly created Function App resource, Click Configuration to open the Configuration blade

Function App Configuration | Application Settings

Select + New Application setting

Function App Configuration | Application Settings | Add/Edit applicatiomn setting

This is where we will define the user's password or APIKey that the DynDNS Client will use to Authenticate with the Function App Code For the Name enter: APIKey For the Value enter a string that you will use as your Password/APIKey

Save your Application Settings

Enable the Az PowerShell Module

Under the Functions section, select App files Under the files drop-down select requirements.psd1 Uncomment the line 'Az' = '11.*' Click Save

Enable the Function App Managed Identity

We need to enable the Function App's Managed Identity so we can assign it a DNS Contributor Role. From the Function App's blade, select Identity Under System assigned, Status select On Click Save to save the setting

Creating and setting up the Function App Function

Creating the Function App Function

From the Function App's blade, select Overview From the Functions Section, select Create Function From the Function App's blade, select Identity

Create Function

For this function we can use the Development environment of Develop in portal Under the Select a template use the HTTP trigger Template Under Template Details New Function: name the Function within the Function App Authorization level for added security select Function click Create

Function | Integfration

Function | Integfration | Edit Trigger

Function | Code + Test

Settig up the Security

to allow the Function App to have permissions to the DNS Records, we need to give it DNS Contribute Role for the Resource Group or the Zone.

Access Security - Resouce Group | IAM

Access Security - Zone | IAM

Add Role Assignment | Role

Add Role Assignment | Members

Add Role Assignment | Select Managed identities

Add Role Assignment | Review + assign