How to restrict Private DNS updates to named zones?

Stephan Austermühle 21 Reputation points

How can I restrict a Managed Service Identity (or any other) so that it can update named private DNS zones only? The role Private DNS Zone Contributor seems allowing access to all private DNS zones.

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,682 questions
Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
417 questions
No comments
{count} votes

Accepted answer
  1. Vidya Narasimhan 2,186 Reputation points Microsoft Employee

    @Stephan Austermühle You can define Azure RBAC for a MSI at Private Zone Level or even at Record Set level. Please go through this link

0 additional answers

Sort by: Most helpful