Updated 03/11/2018 [A transfer-in of a .uk domain into Azure is not currently supported as the IPSTAG is required by Nominet on the existing provider side. I assume it would be GODADDY when transferring into Azure. The Azure portal will be updated soon to support UI based migrations]
What?
If you have some domain names registered with say 123-reg or another provider and want to migrate/transfer the ownership into Azure , you can do this with the supported top level domains: com , net , co.uk , org , nl , in , biz , org.uk , and co.in (as documented here: Buy a custom domain name for Azure Web Apps.
Why?
Some of the reasons you might want to do this:
- Take advantage of Microsoft Azure’s flat rate pricing, for all domains, that they have agreed with GoDaddy
- Single console to control domains, DNS, traffic manager, web sites (app service) etc. etc.
- Better automation/api functionality (in my opinion) than what some of the domain name hosting companies offer.
How?
There are a few blogs on the internet on how to achieve this with PowerShell using:
New-AzureRmResource -ResourceType Microsoft.DomainRegistration/domains
like on Jos Liebens site.
Issue
However, like others had commented, I also received this error back after running appropriate PoSh:
New-AzureRmResource : {"Code":"BadRequest","Message":"Parameter domain is null or empty.","Target":null,"Details":[{"Message":"Parameter domain is null or empty."},{"Code":"BadRequest"},{"ErrorEntity":{"ExtendedCode":"51011","MessageTemplate":"Parameter {0} is null or empty.","Parameters":["domain"],"Code":"BadRequest","Message":"Parameter domain is nullor empty."}}],"Innererror":null}
So seems there maybe a bug with this AzureRM cmdlet? I couldn’t see this domain property mentioned in the Microsoft.DomainRegistration/domains documentation.
Solution
The Microsoft Azure REST API.
There are probably other ways to initiate a domain name transfer into Azure using the REST API, but I found this way to be pretty simple.
-
Go to the Domains - Create Or Update page where you interact with the API from the Microsoft docs page.
-
Click on the ‘Try it’ button and login with your Azure AD credentials. ( I have global admin permissions in my tenant ).
-
Add the mandatory parameters:
resourceGroupName - where the App Service object will be created
domainName - the domain name you are migrating from another provider into Azure
api-version - I left this as default
-
For a domain transfer, I used the following body:
Note: some of the properties are mandatory/required
{
location: "Global",
properties: {
contactAdmin: "Jack Rudlin",
contactBilling: "Jack Rudlin",
contactRegistrant: "Jack Rudlin",
contactTech: "Jack Rudlin",
privacy: "True",
autoRenew: "True",
authCode: "q\\1u{b=wbY9bNT193iNS",
Consent: {
agreedAt: "2018-10-21T20:10:40",
agreedBy: "70.80.90.100",
agreementKeys: ["DNPA","DNTA"]
}
}
}
You should get a 202 response back if the post was successful
Note: Don’t forget to escape your JSON! Check the authCode. I had a backslash \ in mine so I had to escape it with an additional \
-
In the Azure Resource Group that you specified in the earlier parameters, the App Service should be listed with the domain name you are transferring:
-
A day or two later, the annual charge for the domain hosting service should be taken from your Azure funds:
-
Finally once the domain transfer has been successfully completed, you will get access to manage the domains DNS:
-
Post domain transfer you’ll probably want to migrate your DNS and then web services.
I quite liked using the REST API post method from the browser. In an enterprise environment, I can immediately see these benefits:
- Browser supports authenticated proxies natively - PowerShell has issues with this
- No need to download/install modules for PowerShell
- No local administrator rights required
- I guess the Azure cloud shell is similar, but that requires a storage account and has an additional cost association