This DNS provider allows you to create and manage DNS entries in private zones of Azure Private DNS. For public DNS zones, please see use the provider type azure-dns.
Follow the steps as described in the Azure documentation to create a service principal account and grant the service principal account 'Private DNS Zone Contributor' permissions to the resource group.
See also How to protect private DNS zones and records
Create a Secret resource with the data fields AZURE_SUBSCRIPTION_ID, AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET.
The values need to be base64 encoded.
apiVersion: v1
kind: Secret
metadata:
name: azure-credentials
namespace: default
type: Opaque
data:
# replace '...' with values encoded as base64
# see https://docs.microsoft.com/en-us/azure/dns/dns-sdk#create-a-service-principal-account
AZURE_SUBSCRIPTION_ID: ...
AZURE_TENANT_ID: ...
AZURE_CLIENT_ID: ...
AZURE_CLIENT_SECRET: ...
# Alternatively use Gardener cloud provider credentials convention
#tenantID: ...
#subscriptionID: ...
#clientID: ...
#clientSecret: ...