Highlights from MCAPS Start for Partners 2025
August 8, 2025
Best Practice for Configuring Privileged Identity Management in Microsoft Entra
August 8, 2025
Problem
You can create a custom domain name in Azure using the `App Service Domain` service, either through the Azure Portal or the Azure CLI. However, this capability is not yet supported in the Azure Terraform provider.
For most enterprises, managing domain names through Infrastructure as Code (IaC) tools like `Terraform` may not be a priority. Domains are typically purchased manually, as it’s a one-time task that doesn’t benefit much from automation.
That said, for labs, workshops, and demos, being able to automate domain creation can add a layer of realism and completeness to the environment. In those contexts, having this feature available would be quite valuable.
Solution
In this implementation, we demonstrate how to create a custom domain name in Azure using Terraform, leveraging the Azure App Service Domain via the AzApi provider.
Since this capability is not yet available in the official Azure Terraform provider, we use the AzApi provider to interact directly with the Azure REST API. You can find more details about the azapi_resource here: AzApi resource documentation.
The AzApi provider allows to send a REST API call along with a JSON payload containing the required attributes. For reference, here is the REST API used to create or update an App Service Domain: App Service Domain REST API.
In addition to the domain creation, we also provision:
1) An Azure DNS Zone to manage and configure the domain.
2) An A record named test to validate the DNS setup and ensure everything is working as expected.
The complete Terraform configuration is available in this Github repository and is published to Terraform official registry.
Video tutorial
Here is a Youtube video explaining how this works: youtube.com/watch?v=ptdAcsG2ROI
How to use it
You just need to have a resource group, a public DNS Zone and then you can add the App Service Domain. To create these resources in terraform, you can use the following template.
# Creating resource group
resource “azurerm_resource_group” “rg” {
name = “rg-${var.custom_domain_name}”
location = “westeurope”
}
# DNS Zone to configure the domain name
resource “azurerm_dns_zone” “dns_zone” {
name = var.custom_domain_name
resource_group_name = azurerm_resource_group.rg.name
}
# Creating App Service domain
module “appservice_domain” {
source = “HoussemDellai/appservice-domain/azapi” # if calling module from Terraform Registry
custom_domain_name = var.custom_domain_name
resource_group_id = azurerm_resource_group.rg.id
dns_zone_id = azurerm_dns_zone.dns_zone.id
}
Deploy the resources using Terraform
Choose the custom domain name you want to purchase in the file `terraform.tfvars`.
Then run the following Terraform commands from within the current folder.
terraform init
terraform plan -out tfplan
terraform apply tfplan
Test the deployment
Verify you have two resources created within the resource group.
Now let’s verify that custom domain name works. You should see the IP address we used in A record which is 1.2.3.4.
nslookup test. # replace with domain name
# Non-authoritative answer:
# Name: test.houssem13.com
# Address: 1.2.3.4
You can achieve the same using Azure CLI or portal
In this lab we used Terraform to create the domain name. But still you can just use Azure portal or command line.
Make sure you fill the contact_info.json file. It is required to create domain name. More details here: learn.microsoft.com/en-us/cli/azure/appservice/domain?view=azure-cli-latest#az-appservice-domain-create
az group create -n rg-dns-domain -l swedencentral
az appservice domain create `
–resource-group rg-dns-domain `
–hostname “houssem.com” `
–contact-info=@’contact_info.json’ `
–accept-terms
Important notes
You should use a Pay-As-You-Go azure subscription to be able to create Azure App Service Domain. MSDN/VisualStudio and Free Azure subscriptions doesn’t work.
Within the terraform config file, you can change the contact info for the contactAdmin, contactRegistrant, contactBilling and contactTech.
App Service Domain costs $11.99 per year. And if you delete the resource within 5 days, you won’t be charged.
Disclaimer
The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.