= Terraform Module for a Private DNS Zone vNet Link =

**Summary**: This is a terraform module that I use to deploy a link between a Private DNS zone and a virtual network in Azure. \\
**Date**: 8 February 2025 \\
{{tag>terraform azure}}

Read the post to learn more about private dns zone links and:

* How to deploy a private dns zone vnet link using a terraform module

== About Private DNS Zone vNet Links ==

Private DNS zone vNet links are a way to connect a private DNS zone to a virtual network in Azure. Without that links, resources within the virtual network cannot resolve resources within the private DNS zone.

== Terraform Module for a Private DNS Zone vNet Link ==

The module for the Private DNS Zone vNet Link is defined over three files:

* main.tf: Contains the resources to create the private DNS Zone vNet link
* outputs.tf: Contains the output of the private DNS Zone vNet link
* variables.tf: Contains the input variables for the private DNS Zone vNet link

=== main.tf ===

Notice the following:

* The DNS zone is a data source, not a resource. The DNS private zone already exists and is created outside of this module.
* Changes on tags are ignored to prevent unnecessary updates.

<code bash main.tf>
data "azurerm_private_dns_zone" "private_dns_zone" {
  resource_group_name = var.resource_group_name
  name                = var.private_dns_zone_name
}

resource "azurerm_private_dns_zone_virtual_network_link" "link" {
  name                  = var.name
  resource_group_name   = var.resource_group_name
  private_dns_zone_name = data.azurerm_private_dns_zone.private_dns_zone.name
  virtual_network_id    = var.virtual_network_id

  lifecycle {
    ignore_changes = [
      tags
    ]
  }
}
</code>

=== outputs.tf ===

<code bash outputs.tf>
output "private_dns_zone_id" {
  description = "Specifies the resource id of the private dns zone"
  value       = data.azurerm_private_dns_zone.private_dns_zone.id
}
</code>

=== variables.tf ===

> Note that most of the descriptions are copied from the terraform registry.

<code bash variables.tf>
variable "name" {
  description = "(Required) The name of the Private DNS Zone Virtual Network Link. Changing this forces a new resource to be created."
  type        = string
}

variable "private_dns_zone_name" {
  description = "(Required) The name of the Private DNS zone (without a terminating dot). Changing this forces a new resource to be created."
  type        = string
}

variable "resource_group_name" {
  description = "(Required) Specifies the resource group name of the private dns zone"
  type        = string
}

variable "virtual_network_id" {
  description = "(Required) The ID of the Virtual Network that should be linked to the DNS Zone. Changing this forces a new resource to be created."
  type        = string
}
</code>