Skip to main content

Public preview: Public IP Domain Name Label Scope

Published date: March 21, 2024

Announcing the public preview for a new capability in Azure public IP address that can prevent DNS subdomain takeover while still allowing for re-use of DNS names.

We are introducing a new parameter called Domain Name Label Scope that can be specified when creating a new public IP address with a DNS name, and defines what domain label and object with the same name will use for that scope (e.g. tenant, subscription, resource group). When this parameter is utilized, the public IP address’ DNS name will have an additional, hashed string in between the domainnamelabel and location fields.  This hashed string will remain constant within that scope, but if a malicious actor outside of this scope attempts to deploy a public IP address with the same template, the provided domain name label would be different even if the original public IP resource was removed.

For more information about Azure Public IP addresses, please see our documentation.

  • Azure DNS
  • Features

Related Products