Create and configure Azure App Service
📘Microsoft Certified: Azure Administrator Associate (AZ-104)
When you create a web app in Azure App Service, it automatically gets a default domain name like:
yourwebapp.azurewebsites.net
While this works for testing, it is not suitable for production, because companies want to use their own domain such as:
www.companyname.com
api.companyname.com
portal.companyname.net
To use your own custom domain, you must map the domain to your App Service. This is called mapping custom DNS names.
Azure App Service supports three main scenarios:
- Root domain (example.com)
- Subdomain (www.example.com or app.example.com)
- Wildcard domains (*.example.com)
Why Custom DNS Mapping Is Important
In real IT environments:
- Organizations host customer-facing websites and applications.
- They want users to access the site using their company brand.
- They may migrate apps from on-premise servers to Azure but keep existing domain names.
- They run multiple environments like prod, dev, test, each with its own subdomain.
Mapping custom DNS names helps ensure seamless access for users without changing how they type URLs.
Requirements Before You Begin
Before you can map a DNS name to an App Service, you must have:
1. A custom domain purchased
You can buy a domain from any domain registrar (GoDaddy, Namecheap, Azure DNS, Google Domains, etc.).
2. App Service plan tier that supports custom domains
Custom domains are supported from the Basic tier and above.
Free and Shared tiers do not support custom domain mappings.
3. Access to your DNS zone
This is where you will add DNS records like:
- CNAME record
- A record
- TXT record
Key DNS Records Used for Mapping
| DNS Record Type | Purpose |
|---|---|
| CNAME | Maps a subdomain (like www) to your App Service URL. |
| A Record | Maps the root domain (example.com) to App Service’s IP address. |
| TXT record | Used to verify domain ownership in Azure. |
| ALIAS/ANAME | Some DNS providers use these instead of A records for root domains. |
Azure Domain Verification
Azure requires you to verify domain ownership to prevent someone from pointing your domain to their app.
Verification is done by adding a TXT record or a CNAME record provided by Azure.
Example TXT Record Azure may provide:
asuid.example.com → random-generated-value
How Mapping Works (Step-by-Step)
Azure App Service mapping has two main steps:
Step 1 – Add the Custom Domain in the App Service
In the Azure Portal:
- Open your App Service.
- Select Custom Domains.
- Click Add Custom Domain.
- Enter the DNS name you want to use (e.g., www.example.com).
- Azure shows required DNS records for verification.
Step 2 – Create DNS Records in Your DNS Zone
Depending on the type of domain you want to map, use the following:
Mapping a Subdomain (Recommended Way)
Example: www.example.com, app.example.com
Use a CNAME record
Sample DNS entry:
| Type | Name | Value |
|---|---|---|
| CNAME | www | yourwebapp.azurewebsites.net |
Why CNAME?
- It always follows Azure’s internal IP changes.
- It does not require hardcoding an IP address.
After DNS propagation, Azure will let you complete the domain assignment.
Mapping a Root Domain (example.com)
Root domains cannot use CNAME (DNS standard restriction).
So Azure offers two options:
Option 1 – Use an A Record
You will map:
- A record → the App Service’s static IP
- TXT record → verification
Example:
| Type | Name | Value |
|---|---|---|
| A | @ | 20.50.18.12 |
| TXT | @ | verification code |
Option 2 – Use ALIAS/ANAME (if supported by DNS provider)
Some DNS providers support ALIAS or ANAME records at the root.
They work like CNAME but for the root domain.
After DNS Records Are Added
Once your DNS provider finishes propagating (normally 5 minutes to 1 hour):
- Return to the App Service → Custom Domains
- Azure will verify the DNS records
- Click Add to confirm the custom domain
Your app will now respond to the new domain name.
Adding Multiple Domains
App Service can support multiple custom domains such as:
www.company.comapi.company.comdev.company.comcompany.com
Each domain must be added separately and verified.
Wildcard Domains
You can map a wildcard domain:
*.example.com
This is useful for:
- Multi-tenant SaaS applications
- Environments with many subdomains
- Apps generating dynamic subdomains
To enable wildcard domains, create:
| Type | Name | Value |
|---|---|---|
| CNAME | * | yourwebapp.azurewebsites.net |
Using Azure DNS Instead of External DNS Providers
If you host your DNS zone in Azure DNS, you get:
- Faster updates
- Better integration with Azure App Service
- Complete control in portal or Azure CLI
- Easier troubleshooting
AZ-104 exam-wise, know how to:
- Create a DNS zone
- Create DNS records
- Delegate domain from registrar to Azure DNS
Troubleshooting DNS Mapping Issues
1. DNS propagation delay
It can take time for DNS to update.
Use tools like:
- nslookup
- dig
- DNSChecker website
2. Incorrect DNS records
Most mapping failures happen due to wrong:
- Name field
- Record type
- Typo in values
3. Wrong App Service tier
Free/Shared tiers cannot map custom domains.
4. SSL not configured
Mapping a domain does NOT automatically provide HTTPS.
You must configure TLS/SSL certificates separately.
AZ-104 Exam Tips
☑ Know when to use CNAME vs A record
☑ Remember that root domains require A records or ALIAS
☑ Custom domains require Basic tier or higher
☑ Azure requires domain ownership verification (TXT or CNAME)
☑ You must add the custom domain both in DNS and in App Service
☑ Mapping custom domain ≠ enabling HTTPS (SSL setup is separate)
☑ Wildcard domain support is available using CNAME
Summary
Mapping a custom DNS name to Azure App Service lets you use your organization’s domain for your application. You must:
- Add your custom domain to App Service
- Create the required DNS records (TXT + CNAME or A record)
- Verify ownership
- Complete the domain assignment
This is an important AZ-104 skill because hosting production applications in Azure always requires custom domain mapping.
