When you are using Azure Private DNS and if you try to use a virtual network (VNet) that contains resources in it, you get this following error message: Set-AzDNSZone: Virtual networks that are non-empty (have Virtual Machines or other resources) are not allowed during association with a private zone.
The issue is easy to be reproduced by running these following cmdlets:
$VNet = Get-AzVirtualNetwork -Name <VirtualNetworkName> -ResourceGroupName <ResourceGroupName> Set-AzDnsZone -Name <zonename.local> -ResourceGroupName <ResourceGroupName> -ResolutionVirtualNetworkID <NetworkID>
So what is this all about? There are a lot of comments around this Azure Private DNS issue on the Internet, and it is well-known in the public preview release. The Microsoft team is working on this problem toward the GA (General Availability) of the feature. More information can be found here.
The only workaround is to make sure that you configure the Azure Private DNS before adding servers to your virtual network. If you see a VNet with any entry on the connected devices, you will get the following error message.
Featured image: Shutterstock