Azure Resource Graph Query Private DNS zones - get all DNS records

Question

Has anyone managed to use Azure Resource Graph Query (Search-AzGraph PowerShell) to retrieve ALL DNS Records of every Private DNS Zone?

I believe there must be a way of getting DNS records related to object: "microsoft.network/privatednszones"

Resource Graph Query is faster than the regular az cli/azure powershell modules, but I have struggled to find anything online to write this query. It must be possible!

Answer 1

We tested this in our local environment, Below statements are based on our analysis.

Using Search-AzGraph query, We can pull only the count of numberofRecordsSets under a particular Private DNS zone & respective DNS records are not populated in any of the columns as shown in the below image.

Here is the Search-AzGraph query we have used :

Search-AzGraph "project id, name, type,properties | where type =~ 'microsoft.network/privatednszones' "    

Alternatively, you can use the below REST API or PowerShell script to pull the DNS Record Sets of a particular private DNS Zone.

REST API:

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/ALL?api-version=2018-09-01

Here is the Powershell script:

$zonelist=Get-AzPrivateDnsZone
foreach ( $item in $zonelist)
{
    Get-AzPrivateDnsRecordSet -ResourceGroupName $item.ResourceGroupName -ZoneName $item.Name| select -property Name,RecordType,Records,ZoneName
}

Here is the sample output for reference: