{"id":43379071,"url":"https://github.com/libdns/azure","last_synced_at":"2026-02-02T07:44:42.320Z","repository":{"id":53762965,"uuid":"333179567","full_name":"libdns/azure","owner":"libdns","description":"Azure provider implementation for libdns interfaces","archived":false,"fork":false,"pushed_at":"2025-04-23T15:05:20.000Z","size":32,"stargazers_count":1,"open_issues_count":0,"forks_count":5,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-01T22:24:07.256Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/libdns.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2021-01-26T18:33:59.000Z","updated_at":"2025-04-23T15:04:38.000Z","dependencies_parsed_at":"2024-03-13T13:48:01.991Z","dependency_job_id":"2bbe3556-ea2d-4b12-9d52-b0f23ff3a998","html_url":"https://github.com/libdns/azure","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/libdns/azure","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libdns%2Fazure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libdns%2Fazure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libdns%2Fazure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libdns%2Fazure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/libdns","download_url":"https://codeload.github.com/libdns/azure/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libdns%2Fazure/sbom","scorecard":{"id":587820,"data":{"date":"2025-08-11","repo":{"name":"github.com/libdns/azure","commit":"721fd048b7f6db58820e18321b59578170e3c7a8"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/6 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 7 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T21:03:11.330Z","repository_id":53762965,"created_at":"2025-08-20T21:03:11.330Z","updated_at":"2025-08-20T21:03:11.330Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29007316,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-02T06:37:10.400Z","status":"ssl_error","status_checked_at":"2026-02-02T06:37:09.383Z","response_time":58,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-02-02T07:44:40.433Z","updated_at":"2026-02-02T07:44:42.315Z","avatar_url":"https://github.com/libdns.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure DNS for `libdns`\n\nThis package implements the libdns interfaces for the [Azure DNS API](https://docs.microsoft.com/en-us/rest/api/dns/).\n\n## Authenticating\n\nThis package supports authentication using **a service principal with a secret** and **a managed identity** through [azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go).\n\n### Service Principal with a Secret\n\nTo attempt to authenticate using a service principal with a secret, pass `TenantId`, `ClientId`, and `ClientSecret` to the `Provider`. If any of these three values are not empty, this package will attempt to authenticate using a service principal with a secret.\n\nYou will need to create a service principal using [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli) or [Azure Portal](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal), and assign the **DNS Zone Contributor** role to the service principal for the DNS zones that you want to manage.\n\nThen keep the following information to pass to the `Provider` struct fields for authentication:\n\n- `SubscriptionId` (`json:\"subscription_id\"`)\n  - [DNS zones] \u003e Your Zone \u003e [Subscription ID]\n- `ResourceGroupName` (`json:\"resource_group_name\"`)\n  - [DNS zones] \u003e Your Zone \u003e [Resource group]\n- `TenantId` (`json:\"tenant_id\"`)\n  - [Microsoft Entra ID] \u003e [Overview] \u003e [Tenant ID]\n- `ClientId` (`json:\"client_id\"`)\n  - [Microsoft Entra ID] \u003e [Manage] \u003e [App registrations] \u003e Your Application \u003e [Application (client) ID]\n- `ClientSecret` (`json:\"client_secret\"`)\n  - [Microsoft Entra ID] \u003e [Manage] \u003e [App registrations] \u003e Your Application \u003e [Manage] \u003e [Certificates \u0026 secrets] \u003e [Client secrets] \u003e [Value]\n\n### Managed Identity\n\nTo attempt to authenticate using a managed identity, leave all of `TenantId`, `ClientId`, and `ClientSecret` unset or empty to the `Provider`. If all three values are unset or empty, this package will attempt to authenticate using a managed identity.\n\nYou will need to assign the **DNS Zone Contributor** role to the managed identity for the DNS zones that you want to manage.\n\nThen keep the following information to pass to the `Provider` struct fields for authentication:\n\n- `SubscriptionId` (`json:\"subscription_id\"`)\n  - [DNS zones] \u003e Your Zone \u003e [Subscription ID]\n- `ResourceGroupName` (`json:\"resource_group_name\"`)\n  - [DNS zones] \u003e Your Zone \u003e [Resource group]\n\n\u003e [!NOTE]\n\u003e If this package is running outside of an Azure VM like Azure Arc, ensure required environment variables to use a managed identity (`IDENTITY_ENDPOINT`, `IMDS_ENDPOINT`, etc.) are available on your resources. [azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) uses some environment variables to determine the endpoint for IMDS or HIMDS, and this package is also in the same manner. Refer to the Azure documentation for each services to use a managed identity.\n\n## Example\n\nHere's a minimal example of how to get all your DNS records using this `libdns` provider (see `_example/main.go`)\n\n```go\npackage main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\t\"os\"\n\t\"time\"\n\n\t\"github.com/libdns/azure\"\n\t\"github.com/libdns/libdns\"\n)\n\n// main shows how libdns works with Azure DNS.\n//\n// In this example, the information required for authentication is passed as environment variables.\nfunc main() {\n\n\t// Create new provider instance by authenticating using a service principal with a secret.\n\t// To authenticate using a managed identity, remove TenantId, ClientId, and ClientSecret.\n\tprovider := azure.Provider{\n\t\tSubscriptionId:    os.Getenv(\"AZURE_SUBSCRIPTION_ID\"),\n\t\tResourceGroupName: os.Getenv(\"AZURE_RESOURCE_GROUP_NAME\"),\n\t\tTenantId:          os.Getenv(\"AZURE_TENANT_ID\"),\n\t\tClientId:          os.Getenv(\"AZURE_CLIENT_ID\"),\n\t\tClientSecret:      os.Getenv(\"AZURE_CLIENT_SECRET\"),\n\t}\n\tzone := os.Getenv(\"AZURE_DNS_ZONE_FQDN\")\n\n\t// List existing records\n\tfmt.Printf(\"List existing records\\n\")\n\tcurrentRecords, err := provider.GetRecords(context.TODO(), zone)\n\tif err != nil {\n\t\tfmt.Printf(\"%v\\n\", err)\n\t\treturn\n\t}\n\tfor _, record := range currentRecords {\n\t\tfmt.Printf(\"Exists: %v\\n\", record)\n\t}\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flibdns%2Fazure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flibdns%2Fazure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flibdns%2Fazure/lists"}