GraafG/Azure DNS CAA.ps1

## Azure DNS CAA.ps1
#More info: https://geertdegraaf.nl/adding-caa-records-to-azure-dns
#login with Azure Account
Login-AzureRmAccount

#select subscription with Azure DNS
Get-AzureRmSubscription
Set-AzureRmContext -SubscriptionId "xxxx-xxxx-xxxx-xxxx"

#List all ResourceGroups in Subscription
Get-AzureRmResourceGroup

#List all DNS zones in ResourceGroup
Get-AzureRmDnsZone -ResourceGroupName %ResourceGroupName%

#List all CAA records for DNS zone (replace DNSExample and example.com)
Get-AzureRmDnsRecordSet -ResourceGroupName DNSExample -ZoneName example.com -RecordType CAA

#Preparing
records
$caaRecords = @()
$caaRecords += New-AzureRmDnsRecordConfig -CaaFlag "0" -CaaTag "iodef" -CaaValue "mailto:admin@example.com"
$caaRecords += New-AzureRmDnsRecordConfig -CaaFlag "0" -CaaTag "issue" -CaaValue "letsencrypt.org"

#for wildcard uncomment next line
#$caaRecords += New-AzureRmDnsRecordConfig -CaaFlag "0" -CaaTag "issuewild" -CaaValue "letsencrypt.org"

#Adding CAA records
New-AzureRmDnsRecordSet -Name "@" -RecordType CAA -ZoneName "example.com" -ResourceGroupName DNSExample -Ttl 3600 -DnsRecords $caaRecords

#Verify CAA records are added in the DNS zone  (replace DNSExample and example.com)
Get-AzureRmDnsRecordSet -ResourceGroupName DNSExample -ZoneName example.com -RecordType CAA
	#More info: https://geertdegraaf.nl/adding-caa-records-to-azure-dns
	#login with Azure Account
	Login-AzureRmAccount

	#select subscription with Azure DNS
	Get-AzureRmSubscription
	Set-AzureRmContext -SubscriptionId "xxxx-xxxx-xxxx-xxxx"

	#List all ResourceGroups in Subscription
	Get-AzureRmResourceGroup

	#List all DNS zones in ResourceGroup
	Get-AzureRmDnsZone -ResourceGroupName %ResourceGroupName%

	#List all CAA records for DNS zone (replace DNSExample and example.com)
	Get-AzureRmDnsRecordSet -ResourceGroupName DNSExample -ZoneName example.com -RecordType CAA

	#Preparing
	records
	$caaRecords = @()
	$caaRecords += New-AzureRmDnsRecordConfig -CaaFlag "0" -CaaTag "iodef" -CaaValue "mailto:admin@example.com"
	$caaRecords += New-AzureRmDnsRecordConfig -CaaFlag "0" -CaaTag "issue" -CaaValue "letsencrypt.org"

	#for wildcard uncomment next line
	#$caaRecords += New-AzureRmDnsRecordConfig -CaaFlag "0" -CaaTag "issuewild" -CaaValue "letsencrypt.org"

	#Adding CAA records
	New-AzureRmDnsRecordSet -Name "@" -RecordType CAA -ZoneName "example.com" -ResourceGroupName DNSExample -Ttl 3600 -DnsRecords $caaRecords

	#Verify CAA records are added in the DNS zone (replace DNSExample and example.com)
	Get-AzureRmDnsRecordSet -ResourceGroupName DNSExample -ZoneName example.com -RecordType CAA