diff --git a/Gopkg.lock b/Gopkg.lock
index fda2380b1dc..8ade119c8da 100644
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -18,7 +18,7 @@
   version = "v0.4.11"
 
 [[projects]]
-  digest = "1:935d0d8d2e432e3ab8a86d095ac5cd9fb2795170c472c1ebdd4a525f13c123c1"
+  digest = "1:0e1b77a659461596e0b6ab8187c0672082452135e7d842cab03c89fe35a5b3d9"
   name = "github.com/Azure/azure-sdk-for-go"
   packages = [
     "profiles/latest/dns/mgmt/dns",
@@ -27,6 +27,7 @@
     "services/dns/mgmt/2017-10-01/dns",
     "services/graphrbac/1.6/graphrbac",
     "services/preview/dns/mgmt/2018-03-01-preview/dns",
+    "services/privatedns/mgmt/2018-09-01/privatedns",
     "services/resources/mgmt/2018-05-01/resources",
     "services/resources/mgmt/2018-06-01/subscriptions",
     "version",
@@ -1287,6 +1288,7 @@
     "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-10-01/compute",
     "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac",
     "github.com/Azure/azure-sdk-for-go/services/preview/dns/mgmt/2018-03-01-preview/dns",
+    "github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns",
     "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/resources",
     "github.com/Azure/go-autorest/autorest",
     "github.com/Azure/go-autorest/autorest/azure",
diff --git a/data/data/azure/bootstrap/variables.tf b/data/data/azure/bootstrap/variables.tf
index 1c076440596..b4eaa9d6e3f 100644
--- a/data/data/azure/bootstrap/variables.tf
+++ b/data/data/azure/bootstrap/variables.tf
@@ -59,11 +59,6 @@ variable "tags" {
   description = "tags to be applied to created resources."
 }
 
-variable "private_dns_zone_id" {
-  type        = string
-  description = "This is to create explicit dependency on private zone to exist before VMs are created in the vnet. https://github.com/MicrosoftDocs/azure-docs/issues/13728"
-}
-
 variable "nsg_name" {
   type        = string
   description = "The network security group for the subnet."
diff --git a/data/data/azure/dns/dns.tf b/data/data/azure/dns/dns.tf
index 4062bf04c12..a9e21266ff4 100644
--- a/data/data/azure/dns/dns.tf
+++ b/data/data/azure/dns/dns.tf
@@ -3,17 +3,29 @@ locals {
   api_external_name = "api.${replace(var.cluster_domain, ".${var.base_domain}", "")}"
 }
 
-resource "azurerm_dns_a_record" "apiint_internal" {
+resource "azureprivatedns_zone" "private" {
+  name                = var.cluster_domain
+  resource_group_name = var.resource_group_name
+}
+
+resource "azureprivatedns_zone_virtual_network_link" "network" {
+  name                  = "${var.cluster_id}-network-link"
+  resource_group_name   = var.resource_group_name
+  private_dns_zone_name = azureprivatedns_zone.private.name
+  virtual_network_id    = var.virtual_network
+}
+
+resource "azureprivatedns_a_record" "apiint_internal" {
   name                = "api-int"
-  zone_name           = var.private_dns_zone_name
+  zone_name           = azureprivatedns_zone.private.name
   resource_group_name = var.resource_group_name
   ttl                 = 300
   records             = [var.internal_lb_ipaddress]
 }
 
-resource "azurerm_dns_a_record" "api_internal" {
+resource "azureprivatedns_a_record" "api_internal" {
   name                = "api"
-  zone_name           = var.private_dns_zone_name
+  zone_name           = azureprivatedns_zone.private.name
   resource_group_name = var.resource_group_name
   ttl                 = 300
   records             = [var.internal_lb_ipaddress]
@@ -27,26 +39,26 @@ resource "azurerm_dns_cname_record" "api_external" {
   record              = var.external_lb_fqdn
 }
 
-resource "azurerm_dns_a_record" "etcd_a_nodes" {
+resource "azureprivatedns_a_record" "etcd_a_nodes" {
   count               = var.etcd_count
   name                = "etcd-${count.index}"
-  zone_name           = var.private_dns_zone_name
+  zone_name           = azureprivatedns_zone.private.name
   resource_group_name = var.resource_group_name
   ttl                 = 60
   records             = [var.etcd_ip_addresses[count.index]]
 }
 
-resource "azurerm_dns_srv_record" "etcd_cluster" {
+resource "azureprivatedns_srv_record" "etcd_cluster" {
   name                = "_etcd-server-ssl._tcp"
-  zone_name           = var.private_dns_zone_name
+  zone_name           = azureprivatedns_zone.private.name
   resource_group_name = var.resource_group_name
   ttl                 = 60
 
   dynamic "record" {
-    for_each = azurerm_dns_a_record.etcd_a_nodes.*.name
+    for_each = azureprivatedns_a_record.etcd_a_nodes.*.name
     iterator = name
     content {
-      target   = "${name.value}.${var.private_dns_zone_name}"
+      target   = "${name.value}.${azureprivatedns_zone.private.name}"
       priority = 10
       weight   = 10
       port     = 2380
diff --git a/data/data/azure/dns/variables.tf b/data/data/azure/dns/variables.tf
index c63057bbfe7..d9111ca38c3 100644
--- a/data/data/azure/dns/variables.tf
+++ b/data/data/azure/dns/variables.tf
@@ -4,6 +4,11 @@ variable "tags" {
   description = "tags to be applied to created resources."
 }
 
+variable "cluster_id" {
+  description = "The identifier for the cluster."
+  type        = string
+}
+
 variable "cluster_domain" {
   description = "The domain for the cluster that all DNS records must belong"
   type        = string
@@ -29,8 +34,8 @@ variable "internal_lb_ipaddress" {
   type        = string
 }
 
-variable "private_dns_zone_name" {
-  description = "private DNS zone name that should be used for records"
+variable "virtual_network" {
+  description = "The ID for Virtual Network that will be linked to the Private DNS zone."
   type        = string
 }
 
diff --git a/data/data/azure/main.tf b/data/data/azure/main.tf
index 4faaede12e7..c2d62ca9147 100644
--- a/data/data/azure/main.tf
+++ b/data/data/azure/main.tf
@@ -5,9 +5,6 @@ locals {
     },
     var.azure_extra_tags,
   )
-
-  master_subnet_cidr = cidrsubnet(var.machine_cidr, 3, 0) #master subnet is a smaller subnet within the vnet. i.e from /21 to /24
-  node_subnet_cidr   = cidrsubnet(var.machine_cidr, 3, 1) #node subnet is a smaller subnet within the vnet. i.e from /21 to /24
 }
 
 provider "azurerm" {
@@ -17,6 +14,13 @@ provider "azurerm" {
   tenant_id       = var.azure_tenant_id
 }
 
+provider "azureprivatedns" {
+  subscription_id = var.azure_subscription_id
+  client_id       = var.azure_client_id
+  client_secret   = var.azure_client_secret
+  tenant_id       = var.azure_tenant_id
+}
+
 module "bootstrap" {
   source              = "./bootstrap"
   resource_group_name = azurerm_resource_group.main.name
@@ -32,24 +36,15 @@ module "bootstrap" {
   tags                = local.tags
   storage_account     = azurerm_storage_account.cluster
   nsg_name            = module.vnet.master_nsg_name
-
-  # This is to create explicit dependency on private zone to exist before VMs are created in the vnet. https://github.com/MicrosoftDocs/azure-docs/issues/13728
-  private_dns_zone_id = azurerm_dns_zone.private.id
 }
 
 module "vnet" {
   source              = "./vnet"
-  vnet_name           = azurerm_virtual_network.cluster_vnet.name
   resource_group_name = azurerm_resource_group.main.name
   vnet_cidr           = var.machine_cidr
-  master_subnet_cidr  = local.master_subnet_cidr
-  node_subnet_cidr    = local.node_subnet_cidr
   cluster_id          = var.cluster_id
   region              = var.azure_region
   dns_label           = var.cluster_id
-
-  # This is to create explicit dependency on private zone to exist before VMs are created in the vnet. https://github.com/MicrosoftDocs/azure-docs/issues/13728
-  private_dns_zone_id = azurerm_dns_zone.private.id
 }
 
 module "master" {
@@ -69,20 +64,18 @@ module "master" {
   instance_count      = var.master_count
   storage_account     = azurerm_storage_account.cluster
   os_volume_size      = var.azure_master_root_volume_size
-
-  # This is to create explicit dependency on private zone to exist before VMs are created in the vnet. https://github.com/MicrosoftDocs/azure-docs/issues/13728
-  private_dns_zone_id = azurerm_dns_zone.private.id
 }
 
 module "dns" {
   source                          = "./dns"
   cluster_domain                  = var.cluster_domain
+  cluster_id                      = var.cluster_id
   base_domain                     = var.base_domain
+  virtual_network                 = module.vnet.network_id
   external_lb_fqdn                = module.vnet.public_lb_pip_fqdn
   internal_lb_ipaddress           = module.vnet.internal_lb_ip_address
   resource_group_name             = azurerm_resource_group.main.name
   base_domain_resource_group_name = var.azure_base_domain_resource_group_name
-  private_dns_zone_name           = azurerm_dns_zone.private.name
   etcd_count                      = var.master_count
   etcd_ip_addresses               = module.master.ip_addresses
 }
@@ -120,21 +113,6 @@ resource "azurerm_role_assignment" "main" {
   principal_id         = azurerm_user_assigned_identity.main.principal_id
 }
 
-# https://github.com/MicrosoftDocs/azure-docs/issues/13728
-resource "azurerm_dns_zone" "private" {
-  name                           = var.cluster_domain
-  resource_group_name            = azurerm_resource_group.main.name
-  zone_type                      = "Private"
-  resolution_virtual_network_ids = [azurerm_virtual_network.cluster_vnet.id]
-}
-
-resource "azurerm_virtual_network" "cluster_vnet" {
-  name                = "${var.cluster_id}-vnet"
-  resource_group_name = azurerm_resource_group.main.name
-  location            = var.azure_region
-  address_space       = [var.machine_cidr]
-}
-
 # copy over the vhd to cluster resource group and create an image using that
 resource "azurerm_storage_container" "vhd" {
   name                 = "vhd"
diff --git a/data/data/azure/master/variables.tf b/data/data/azure/master/variables.tf
index 98a4a63567c..b5199ac38b8 100644
--- a/data/data/azure/master/variables.tf
+++ b/data/data/azure/master/variables.tf
@@ -78,11 +78,6 @@ variable "ignition" {
   type = string
 }
 
-variable "private_dns_zone_id" {
-  type        = string
-  description = "This is to create explicit dependency on private zone to exist before VMs are created in the vnet. https://github.com/MicrosoftDocs/azure-docs/issues/13728"
-}
-
 variable "availability_zones" {
   type        = list(string)
   description = "List of the availability zones in which to create the masters. The length of this list must match instance_count."
diff --git a/data/data/azure/vnet/common.tf b/data/data/azure/vnet/common.tf
index 227f9f12fdf..1ac4c4967a8 100644
--- a/data/data/azure/vnet/common.tf
+++ b/data/data/azure/vnet/common.tf
@@ -3,15 +3,11 @@
 
 // Only reference data sources which are guaranteed to exist at any time (above) in this locals{} block
 locals {
-  subnet_ids = azurerm_subnet.master_subnet.id
-
-  lb_fqdn = azurerm_lb.public.id
-
-  elb_backend_pool_id = azurerm_lb_backend_address_pool.master_public_lb_pool.id
-
-  internal_lb_controlplane_pool_id = azurerm_lb_backend_address_pool.internal_lb_controlplane_pool.id
-
-  public_lb_id   = azurerm_lb.public.id
-  internal_lb_id = azurerm_lb.internal.id
+  master_subnet_cidr = cidrsubnet(var.vnet_cidr, 3, 0) #master subnet is a smaller subnet within the vnet. i.e from /21 to /24
+  node_subnet_cidr   = cidrsubnet(var.vnet_cidr, 3, 1) #node subnet is a smaller subnet within the vnet. i.e from /21 to /24
 }
 
+data "azurerm_virtual_network" "cluster_vnet" {
+  name                = azurerm_virtual_network.cluster_vnet.name
+  resource_group_name = var.resource_group_name
+}
diff --git a/data/data/azure/vnet/outputs.tf b/data/data/azure/vnet/outputs.tf
index 49720e252e5..dc46a8f381a 100644
--- a/data/data/azure/vnet/outputs.tf
+++ b/data/data/azure/vnet/outputs.tf
@@ -2,8 +2,12 @@ output "cluster-pip" {
   value = azurerm_public_ip.cluster_public_ip.ip_address
 }
 
+output "network_id" {
+  value = data.azurerm_virtual_network.cluster_vnet.id
+}
+
 output "public_subnet_id" {
-  value = local.subnet_ids
+  value = azurerm_subnet.master_subnet.id
 }
 
 output "public_lb_backend_pool_id" {
@@ -11,11 +15,11 @@ output "public_lb_backend_pool_id" {
 }
 
 output "internal_lb_backend_pool_id" {
-  value = local.internal_lb_controlplane_pool_id
+  value = azurerm_lb_backend_address_pool.internal_lb_controlplane_pool.id
 }
 
 output "public_lb_id" {
-  value = local.public_lb_id
+  value = azurerm_lb.public.id
 }
 
 output "public_lb_pip_fqdn" {
diff --git a/data/data/azure/vnet/variables.tf b/data/data/azure/vnet/variables.tf
index 607f2cc10c4..a7538a697ce 100644
--- a/data/data/azure/vnet/variables.tf
+++ b/data/data/azure/vnet/variables.tf
@@ -1,21 +1,7 @@
-variable "vnet_name" {
-  type = string
-}
-
 variable "vnet_cidr" {
   type = string
 }
 
-variable "master_subnet_cidr" {
-  type        = string
-  description = "The subnet for the masters"
-}
-
-variable "node_subnet_cidr" {
-  type        = string
-  description = "The subnet for the workers"
-}
-
 variable "resource_group_name" {
   type        = string
   description = "Resource group for the deployment"
@@ -50,8 +36,3 @@ variable "dns_label" {
   type        = string
   description = "The label used to build the dns name. i.e. <label>.<region>.cloudapp.azure.com"
 }
-
-variable "private_dns_zone_id" {
-  type        = string
-  description = "This is to create explicit dependency on private zone to exist before VMs are created in the vnet. https://github.com/MicrosoftDocs/azure-docs/issues/13728"
-}
diff --git a/data/data/azure/vnet/vnet.tf b/data/data/azure/vnet/vnet.tf
index a3652a1f9e7..bd5cf38be8c 100644
--- a/data/data/azure/vnet/vnet.tf
+++ b/data/data/azure/vnet/vnet.tf
@@ -1,3 +1,10 @@
+resource "azurerm_virtual_network" "cluster_vnet" {
+  name                = "${var.cluster_id}-vnet"
+  resource_group_name = var.resource_group_name
+  location            = var.region
+  address_space       = [var.vnet_cidr]
+}
+
 resource "azurerm_route_table" "route_table" {
   name                = "${var.cluster_id}-node-routetable"
   location            = var.region
@@ -6,15 +13,15 @@ resource "azurerm_route_table" "route_table" {
 
 resource "azurerm_subnet" "master_subnet" {
   resource_group_name  = var.resource_group_name
-  address_prefix       = var.master_subnet_cidr
-  virtual_network_name = var.vnet_name
+  address_prefix       = local.master_subnet_cidr
+  virtual_network_name = data.azurerm_virtual_network.cluster_vnet.name
   name                 = "${var.cluster_id}-master-subnet"
 }
 
 resource "azurerm_subnet" "node_subnet" {
   resource_group_name  = var.resource_group_name
-  address_prefix       = var.node_subnet_cidr
-  virtual_network_name = var.vnet_name
+  address_prefix       = local.node_subnet_cidr
+  virtual_network_name = data.azurerm_virtual_network.cluster_vnet.name
   name                 = "${var.cluster_id}-worker-subnet"
 }
 
diff --git a/pkg/asset/installconfig/azure/dns.go b/pkg/asset/installconfig/azure/dns.go
index c1a970d3822..50552d6e6a8 100644
--- a/pkg/asset/installconfig/azure/dns.go
+++ b/pkg/asset/installconfig/azure/dns.go
@@ -62,6 +62,16 @@ func (config DNSConfig) GetDNSZoneID(rgName string, zoneName string) string {
 		zoneName)
 }
 
+//GetPrivateDNSZoneID returns the Azure Private DNS zone resourceID
+//by interpolating the subscriptionID, the resource group and the zone name
+func (config DNSConfig) GetPrivateDNSZoneID(rgName string, zoneName string) string {
+	return fmt.Sprintf(
+		"/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/privateDnsZones/%s",
+		config.Session.Credentials.SubscriptionID,
+		rgName,
+		zoneName)
+}
+
 //GetDNSZone returns a DNS zone selected by survey
 func (config DNSConfig) GetDNSZone() (*Zone, error) {
 	//call azure api using the session to retrieve available base domain
diff --git a/pkg/asset/manifests/dns.go b/pkg/asset/manifests/dns.go
index 94b6bfd01ce..1f1d1df62df 100644
--- a/pkg/asset/manifests/dns.go
+++ b/pkg/asset/manifests/dns.go
@@ -98,7 +98,7 @@ func (d *DNS) Generate(dependencies asset.Parents) error {
 			ID: dnsConfig.GetDNSZoneID(installConfig.Config.Azure.BaseDomainResourceGroupName, installConfig.Config.BaseDomain),
 		}
 		config.Spec.PrivateZone = &configv1.DNSZone{
-			ID: dnsConfig.GetDNSZoneID(clusterID.InfraID+"-rg", installConfig.Config.ClusterDomain()),
+			ID: dnsConfig.GetPrivateDNSZoneID(clusterID.InfraID+"-rg", installConfig.Config.ClusterDomain()),
 		}
 	case gcptypes.Name:
 		zone, err := icgcp.GetPublicZone(context.TODO(), installConfig.Config.Platform.GCP.ProjectID, installConfig.Config.BaseDomain)
diff --git a/pkg/destroy/azure/azure.go b/pkg/destroy/azure/azure.go
index fe021352455..8cf08eb72c4 100644
--- a/pkg/destroy/azure/azure.go
+++ b/pkg/destroy/azure/azure.go
@@ -10,6 +10,7 @@ import (
 
 	"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
 	"github.com/Azure/azure-sdk-for-go/services/preview/dns/mgmt/2018-03-01-preview/dns"
+	"github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
 	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/resources"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/Azure/go-autorest/autorest/to"
@@ -37,6 +38,8 @@ type ClusterUninstaller struct {
 	resourceGroupsClient    resources.GroupsGroupClient
 	zonesClient             dns.ZonesClient
 	recordsClient           dns.RecordSetsClient
+	privateRecordSetsClient privatedns.RecordSetsClient
+	privateZonesClient      privatedns.PrivateZonesClient
 	serviceprincipalsClient graphrbac.ServicePrincipalsClient
 	applicationsClient      graphrbac.ApplicationsClient
 }
@@ -51,6 +54,12 @@ func (o *ClusterUninstaller) configureClients() {
 	o.recordsClient = dns.NewRecordSetsClient(o.SubscriptionID)
 	o.recordsClient.Authorizer = o.Authorizer
 
+	o.privateZonesClient = privatedns.NewPrivateZonesClient(o.SubscriptionID)
+	o.privateZonesClient.Authorizer = o.Authorizer
+
+	o.privateRecordSetsClient = privatedns.NewRecordSetsClient(o.SubscriptionID)
+	o.privateRecordSetsClient.Authorizer = o.Authorizer
+
 	o.serviceprincipalsClient = graphrbac.NewServicePrincipalsClient(o.TenantID)
 	o.serviceprincipalsClient.Authorizer = o.GraphAuthorizer
 
@@ -80,7 +89,7 @@ func (o *ClusterUninstaller) Run() error {
 	o.configureClients()
 	group := o.InfraID + "-rg"
 	o.Logger.Debug("deleting public records")
-	if err := deletePublicRecords(context.TODO(), o.zonesClient, o.recordsClient, o.Logger, group); err != nil {
+	if err := deletePublicRecords(context.TODO(), o.zonesClient, o.recordsClient, o.privateZonesClient, o.privateRecordSetsClient, o.Logger, group); err != nil {
 		o.Logger.Debug(err)
 		return errors.Wrap(err, "failed to delete public DNS records")
 	}
@@ -98,7 +107,7 @@ func (o *ClusterUninstaller) Run() error {
 	return nil
 }
 
-func deletePublicRecords(ctx context.Context, dnsClient dns.ZonesClient, recordsClient dns.RecordSetsClient, logger logrus.FieldLogger, rgName string) error {
+func deletePublicRecords(ctx context.Context, dnsClient dns.ZonesClient, recordsClient dns.RecordSetsClient, privateDNSClient privatedns.PrivateZonesClient, privateRecordsClient privatedns.RecordSetsClient, logger logrus.FieldLogger, rgName string) error {
 	ctx, cancel := context.WithTimeout(ctx, 10*time.Minute)
 	defer cancel()
 
@@ -106,7 +115,7 @@ func deletePublicRecords(ctx context.Context, dnsClient dns.ZonesClient, records
 	var errs []error
 	for zonesPage, err := dnsClient.ListByResourceGroup(ctx, rgName, to.Int32Ptr(100)); zonesPage.NotDone(); err = zonesPage.NextWithContext(ctx) {
 		if err != nil {
-			errs = append(errs, errors.Wrap(err, "failed to list private zone"))
+			errs = append(errs, errors.Wrap(err, "failed to list dns zone"))
 			continue
 		}
 		for _, zone := range zonesPage.Values() {
@@ -118,6 +127,18 @@ func deletePublicRecords(ctx context.Context, dnsClient dns.ZonesClient, records
 			}
 		}
 	}
+	for zonesPage, err := privateDNSClient.ListByResourceGroup(ctx, rgName, to.Int32Ptr(100)); zonesPage.NotDone(); err = zonesPage.NextWithContext(ctx) {
+		if err != nil {
+			errs = append(errs, errors.Wrap(err, "failed to list private dns zone"))
+			continue
+		}
+		for _, zone := range zonesPage.Values() {
+			if err := deletePublicRecordsForPrivateZone(ctx, privateRecordsClient, dnsClient, recordsClient, logger, rgName, to.String(zone.Name)); err != nil {
+				errs = append(errs, errors.Wrapf(err, "failed to delete public records for %s", to.String(zone.Name)))
+				continue
+			}
+		}
+	}
 	return utilerrors.NewAggregate(errs)
 }
 
@@ -136,6 +157,28 @@ func deletePublicRecordsForZone(ctx context.Context, dnsClient dns.ZonesClient,
 		}
 	}
 
+	return deletePublicRecordsMatchingZoneName(ctx, dnsClient, recordsClient, logger, allPrivateRecords, zoneName)
+}
+
+func deletePublicRecordsForPrivateZone(ctx context.Context, privateRecordsClient privatedns.RecordSetsClient, dnsClient dns.ZonesClient, recordsClient dns.RecordSetsClient, logger logrus.FieldLogger, zoneGroup, zoneName string) error {
+	// collect all the records from the zoneName
+	allPrivateRecords := sets.NewString()
+	for recordPages, err := privateRecordsClient.List(ctx, zoneGroup, zoneName, to.Int32Ptr(100), ""); recordPages.NotDone(); err = recordPages.NextWithContext(ctx) {
+		if err != nil {
+			return err
+		}
+		for _, record := range recordPages.Values() {
+			if t := toRecordType(to.String(record.Type)); t == dns.SOA || t == dns.NS {
+				continue
+			}
+			allPrivateRecords.Insert(fmt.Sprintf("%s.%s", to.String(record.Name), zoneName))
+		}
+	}
+
+	return deletePublicRecordsMatchingZoneName(ctx, dnsClient, recordsClient, logger, allPrivateRecords, zoneName)
+}
+
+func deletePublicRecordsMatchingZoneName(ctx context.Context, dnsClient dns.ZonesClient, recordsClient dns.RecordSetsClient, logger logrus.FieldLogger, privateRecords sets.String, zoneName string) error {
 	sharedZones, err := getSharedDNSZones(ctx, dnsClient, zoneName)
 	if err != nil {
 		return errors.Wrapf(err, "failed to find shared zone for %s", zoneName)
@@ -147,7 +190,7 @@ func deletePublicRecordsForZone(ctx context.Context, dnsClient dns.ZonesClient,
 				return err
 			}
 			for _, record := range recordPages.Values() {
-				if allPrivateRecords.Has(fmt.Sprintf("%s.%s", to.String(record.Name), sharedZone.Name)) {
+				if privateRecords.Has(fmt.Sprintf("%s.%s", to.String(record.Name), sharedZone.Name)) {
 					resp, err := recordsClient.Delete(ctx, sharedZone.Group, sharedZone.Name, to.String(record.Name), toRecordType(to.String(record.Type)), "")
 					if err != nil {
 						if wasNotFound(resp.Response) {
diff --git a/pkg/terraform/exec/plugins/Gopkg.lock b/pkg/terraform/exec/plugins/Gopkg.lock
index 55e67d8b910..c5c5e2e3e98 100644
--- a/pkg/terraform/exec/plugins/Gopkg.lock
+++ b/pkg/terraform/exec/plugins/Gopkg.lock
@@ -28,7 +28,7 @@
   version = "v0.4.12"
 
 [[projects]]
-  digest = "1:74ca8b7e8f86402cf38e1c5f1fdf5c85a83298abf9afa2cbbed116a6109d6947"
+  digest = "1:8021e3abefedd67a86d9653d9d0c8a3233f3f8877557b893f0a7a78dbdc6f02a"
   name = "github.com/Azure/azure-sdk-for-go"
   packages = [
     "profiles/2017-03-09/resources/mgmt/resources",
@@ -75,6 +75,7 @@
     "services/preview/signalr/mgmt/2018-03-01-preview/signalr",
     "services/preview/sql/mgmt/2015-05-01-preview/sql",
     "services/preview/sql/mgmt/2017-10-01-preview/sql",
+    "services/privatedns/mgmt/2018-09-01/privatedns",
     "services/recoveryservices/mgmt/2016-06-01/recoveryservices",
     "services/recoveryservices/mgmt/2017-07-01/backup",
     "services/redis/mgmt/2018-03-01/redis",
@@ -1184,10 +1185,22 @@
   analyzer-name = "dep"
   analyzer-version = 1
   input-imports = [
+    "github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns",
+    "github.com/Azure/go-autorest/autorest",
+    "github.com/Azure/go-autorest/autorest/adal",
+    "github.com/Azure/go-autorest/autorest/azure",
     "github.com/dmacvicar/terraform-provider-libvirt/libvirt",
+    "github.com/hashicorp/go-azure-helpers/authentication",
     "github.com/openshift-metal3/terraform-provider-ironic/ironic",
     "github.com/terraform-providers/terraform-provider-aws/aws",
     "github.com/terraform-providers/terraform-provider-azurerm/azurerm",
+    "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure",
+    "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/response",
+    "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/suppress",
+    "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf",
+    "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate",
+    "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils",
+    "github.com/terraform-providers/terraform-provider-azurerm/version",
     "github.com/terraform-providers/terraform-provider-google/google",
     "github.com/terraform-providers/terraform-provider-ignition/ignition",
     "github.com/terraform-providers/terraform-provider-local/local",
diff --git a/pkg/terraform/exec/plugins/azureprivatedns.go b/pkg/terraform/exec/plugins/azureprivatedns.go
new file mode 100644
index 00000000000..1bbc2f9f44d
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns.go
@@ -0,0 +1,15 @@
+package plugins
+
+import (
+	"github.com/hashicorp/terraform/plugin"
+	"github.com/openshift/installer/pkg/terraform/exec/plugins/azureprivatedns"
+)
+
+func init() {
+	azurePrivateDNSProvider := func() {
+		plugin.Serve(&plugin.ServeOpts{
+			ProviderFunc: azureprivatedns.Provider,
+		})
+	}
+	KnownPlugins["terraform-provider-azureprivatedns"] = azurePrivateDNSProvider
+}
diff --git a/pkg/terraform/exec/plugins/azureprivatedns/client.go b/pkg/terraform/exec/plugins/azureprivatedns/client.go
new file mode 100644
index 00000000000..6b6c650b19b
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns/client.go
@@ -0,0 +1,114 @@
+package azureprivatedns
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/adal"
+	az "github.com/Azure/go-autorest/autorest/azure"
+	"github.com/hashicorp/go-azure-helpers/authentication"
+	"github.com/hashicorp/terraform/httpclient"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/version"
+)
+
+// ArmClient contains the handles to all the specific Azure Resource Manager
+// resource classes' respective clients.
+type ArmClient struct {
+	clientID              string
+	tenantID              string
+	subscriptionID        string
+	usingServicePrincipal bool
+	environment           az.Environment
+
+	StopContext context.Context
+
+	recordSetsClient          *privatedns.RecordSetsClient
+	privateZonesClient        *privatedns.PrivateZonesClient
+	virtualNetworkLinksClient *privatedns.VirtualNetworkLinksClient
+}
+
+func (c *ArmClient) configureClient(client *autorest.Client, auth autorest.Authorizer) {
+	setUserAgent(client)
+	client.Authorizer = auth
+	client.Sender = azure.BuildSender()
+	client.SkipResourceProviderRegistration = true
+	client.PollingDuration = 60 * time.Minute
+}
+
+func setUserAgent(client *autorest.Client) {
+	// TODO: This is the SDK version not the CLI version, once we are on 0.12, should revisit
+	tfUserAgent := httpclient.UserAgentString()
+
+	pv := version.ProviderVersion
+	providerUserAgent := fmt.Sprintf("%s terraform-provider-azurerm/%s", tfUserAgent, pv)
+	client.UserAgent = strings.TrimSpace(fmt.Sprintf("%s %s", client.UserAgent, providerUserAgent))
+
+	// append the CloudShell version to the user agent if it exists
+	if azureAgent := os.Getenv("AZURE_HTTP_USER_AGENT"); azureAgent != "" {
+		client.UserAgent = fmt.Sprintf("%s %s", client.UserAgent, azureAgent)
+	}
+
+	log.Printf("[DEBUG] AzureRM Client User Agent: %s\n", client.UserAgent)
+}
+
+// getArmClient is a helper method which returns a fully instantiated
+// *ArmClient based on the Config's current settings.
+func getArmClient(c *authentication.Config) (*ArmClient, error) {
+	env, err := authentication.DetermineEnvironment(c.Environment)
+	if err != nil {
+		return nil, err
+	}
+
+	// client declarations:
+	client := ArmClient{
+		clientID:              c.ClientID,
+		tenantID:              c.TenantID,
+		subscriptionID:        c.SubscriptionID,
+		environment:           *env,
+		usingServicePrincipal: c.AuthenticatedAsAServicePrincipal,
+	}
+
+	oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, c.TenantID)
+	if err != nil {
+		return nil, err
+	}
+
+	// OAuthConfigForTenant returns a pointer, which can be nil.
+	if oauthConfig == nil {
+		return nil, fmt.Errorf("unable to configure OAuthConfig for tenant %s", c.TenantID)
+	}
+
+	sender := azure.BuildSender()
+
+	// Resource Manager endpoints
+	endpoint := env.ResourceManagerEndpoint
+	auth, err := c.GetAuthorizationToken(sender, oauthConfig, env.TokenAudience)
+	if err != nil {
+		return nil, err
+	}
+
+	client.registerPrivateDNSClients(endpoint, c.SubscriptionID, auth)
+
+	return &client, nil
+}
+
+func (c *ArmClient) registerPrivateDNSClients(endpoint, subscriptionID string, auth autorest.Authorizer) {
+	rs := privatedns.NewRecordSetsClientWithBaseURI(endpoint, subscriptionID)
+	c.configureClient(&rs.Client, auth)
+	c.recordSetsClient = &rs
+
+	zo := privatedns.NewPrivateZonesClientWithBaseURI(endpoint, subscriptionID)
+	c.configureClient(&zo.Client, auth)
+	c.privateZonesClient = &zo
+
+	vnl := privatedns.NewVirtualNetworkLinksClientWithBaseURI(endpoint, subscriptionID)
+	c.configureClient(&vnl.Client, auth)
+	c.virtualNetworkLinksClient = &vnl
+}
diff --git a/pkg/terraform/exec/plugins/azureprivatedns/provider.go b/pkg/terraform/exec/plugins/azureprivatedns/provider.go
new file mode 100644
index 00000000000..5108042180c
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns/provider.go
@@ -0,0 +1,157 @@
+package azureprivatedns
+
+import (
+	"crypto/sha1"
+	"encoding/base64"
+	"encoding/hex"
+	"fmt"
+	"strings"
+
+	"github.com/hashicorp/go-azure-helpers/authentication"
+	"github.com/hashicorp/terraform/helper/mutexkv"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/terraform"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/suppress"
+)
+
+// Provider returns a terraform.ResourceProvider.
+func Provider() terraform.ResourceProvider {
+	p := &schema.Provider{
+		Schema: map[string]*schema.Schema{
+			"subscription_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""),
+			},
+
+			"client_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_ID", ""),
+			},
+
+			"tenant_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""),
+			},
+
+			"environment": {
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARM_ENVIRONMENT", "public"),
+			},
+
+			// Client Secret specific fields
+			"client_secret": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_SECRET", ""),
+			},
+		},
+
+		DataSourcesMap: map[string]*schema.Resource{},
+
+		ResourcesMap: map[string]*schema.Resource{
+			"azureprivatedns_zone":                      resourceArmPrivateDNSZone(),
+			"azureprivatedns_a_record":                  resourceArmPrivateDNSARecord(),
+			"azureprivatedns_srv_record":                resourceArmPrivateDNSSrvRecord(),
+			"azureprivatedns_zone_virtual_network_link": resourceArmPrivateDNSZoneVirtualNetworkLink(),
+		},
+	}
+
+	p.ConfigureFunc = providerConfigure(p)
+
+	return p
+}
+
+func providerConfigure(p *schema.Provider) schema.ConfigureFunc {
+	return func(d *schema.ResourceData) (interface{}, error) {
+		builder := &authentication.Builder{
+			SubscriptionID: d.Get("subscription_id").(string),
+			ClientID:       d.Get("client_id").(string),
+			ClientSecret:   d.Get("client_secret").(string),
+			TenantID:       d.Get("tenant_id").(string),
+			Environment:    d.Get("environment").(string),
+
+			// Feature Toggles
+			SupportsClientSecretAuth: true,
+		}
+
+		config, err := builder.Build()
+		if err != nil {
+			return nil, fmt.Errorf("error building AzureRM Client: %s", err)
+		}
+
+		client, err := getArmClient(config)
+
+		if err != nil {
+			return nil, err
+		}
+
+		client.StopContext = p.StopContext()
+
+		// replaces the context between tests
+		p.MetaReset = func() error {
+			client.StopContext = p.StopContext()
+			return nil
+		}
+
+		return client, nil
+	}
+}
+
+// armMutexKV is the instance of MutexKV for ARM resources
+var armMutexKV = mutexkv.NewMutexKV()
+
+// Deprecated: use `suppress.CaseDifference` instead
+func ignoreCaseDiffSuppressFunc(k, old, new string, d *schema.ResourceData) bool {
+	return suppress.CaseDifference(k, old, new, d)
+}
+
+// ignoreCaseStateFunc is a StateFunc from helper/schema that converts the
+// supplied value to lower before saving to state for consistency.
+func ignoreCaseStateFunc(val interface{}) string {
+	return strings.ToLower(val.(string))
+}
+
+func userDataDiffSuppressFunc(_, old, new string, _ *schema.ResourceData) bool {
+	return userDataStateFunc(old) == new
+}
+
+func userDataStateFunc(v interface{}) string {
+	switch s := v.(type) {
+	case string:
+		s = base64Encode(s)
+		hash := sha1.Sum([]byte(s))
+		return hex.EncodeToString(hash[:])
+	default:
+		return ""
+	}
+}
+
+func base64EncodedStateFunc(v interface{}) string {
+	switch s := v.(type) {
+	case string:
+		return base64Encode(s)
+	default:
+		return ""
+	}
+}
+
+// base64Encode encodes data if the input isn't already encoded using
+// base64.StdEncoding.EncodeToString. If the input is already base64 encoded,
+// return the original input unchanged.
+func base64Encode(data string) string {
+	// Check whether the data is already Base64 encoded; don't double-encode
+	if isBase64Encoded(data) {
+		return data
+	}
+	// data has not been encoded encode and return
+	return base64.StdEncoding.EncodeToString([]byte(data))
+}
+
+func isBase64Encoded(data string) bool {
+	_, err := base64.StdEncoding.DecodeString(data)
+	return err == nil
+}
diff --git a/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_a_record.go b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_a_record.go
new file mode 100644
index 00000000000..c478a320f78
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_a_record.go
@@ -0,0 +1,179 @@
+package azureprivatedns
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmPrivateDNSARecord() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmPrivateDNSARecordCreateUpdate,
+		Read:   resourceArmPrivateDNSARecordRead,
+		Update: resourceArmPrivateDNSARecordCreateUpdate,
+		Delete: resourceArmPrivateDNSARecordDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupNameDiffSuppress(),
+
+			"zone_name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"records": {
+				Type:     schema.TypeSet,
+				Required: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Set:      schema.HashString,
+			},
+
+			"ttl": {
+				Type:     schema.TypeInt,
+				Required: true,
+			},
+
+			"tags": tagsSchema(),
+		},
+	}
+}
+
+func resourceArmPrivateDNSARecordCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).recordSetsClient
+	ctx := meta.(*ArmClient).StopContext
+
+	name := d.Get("name").(string)
+	resGroup := d.Get("resource_group_name").(string)
+	zoneName := d.Get("zone_name").(string)
+
+	ttl := int64(d.Get("ttl").(int))
+	t := d.Get("tags").(map[string]interface{})
+
+	parameters := privatedns.RecordSet{
+		Name: &name,
+		RecordSetProperties: &privatedns.RecordSetProperties{
+			Metadata: expandTags(t),
+			TTL:      &ttl,
+			ARecords: expandAzureRmPrivateDNSARecords(d),
+		},
+	}
+
+	eTag := ""
+	ifNoneMatch := "" // set to empty to allow updates to records after creation
+	if _, err := client.CreateOrUpdate(ctx, resGroup, zoneName, privatedns.A, name, parameters, eTag, ifNoneMatch); err != nil {
+		return fmt.Errorf("error creating/updating Private DNS A Record %q (Zone %q / Resource Group %q): %s", name, zoneName, resGroup, err)
+	}
+
+	resp, err := client.Get(ctx, resGroup, zoneName, privatedns.A, name)
+	if err != nil {
+		return fmt.Errorf("error retrieving Private DNS A Record %q (Zone %q / Resource Group %q): %s", name, zoneName, resGroup, err)
+	}
+
+	if resp.ID == nil {
+		return fmt.Errorf("cannot read Private DNS A Record %s (resource group %s) ID", name, resGroup)
+	}
+
+	d.SetId(*resp.ID)
+
+	return resourceArmPrivateDNSARecordRead(d, meta)
+}
+
+func resourceArmPrivateDNSARecordRead(d *schema.ResourceData, meta interface{}) error {
+	dnsClient := meta.(*ArmClient).recordSetsClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	name := id.Path["A"]
+	zoneName := id.Path["privateDnsZones"]
+
+	resp, err := dnsClient.Get(ctx, resGroup, zoneName, privatedns.A, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			d.SetId("")
+			return nil
+		}
+		return fmt.Errorf("error reading Private DNS A record %s: %+v", name, err)
+	}
+
+	d.Set("name", name)
+	d.Set("resource_group_name", resGroup)
+	d.Set("zone_name", zoneName)
+	d.Set("ttl", resp.TTL)
+
+	if err := d.Set("records", flattenAzureRmPrivateDNSARecords(resp.ARecords)); err != nil {
+		return err
+	}
+	flattenAndSetTags(d, resp.Metadata)
+
+	return nil
+}
+
+func resourceArmPrivateDNSARecordDelete(d *schema.ResourceData, meta interface{}) error {
+	dnsClient := meta.(*ArmClient).recordSetsClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	name := id.Path["A"]
+	zoneName := id.Path["privateDnsZones"]
+
+	resp, err := dnsClient.Delete(ctx, resGroup, zoneName, privatedns.A, name, "")
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("error deleting Private DNS A Record %s: %+v", name, err)
+	}
+
+	return nil
+}
+
+func flattenAzureRmPrivateDNSARecords(records *[]privatedns.ARecord) []string {
+	results := make([]string, 0)
+	if records == nil {
+		return results
+	}
+
+	for _, record := range *records {
+		if record.Ipv4Address == nil {
+			continue
+		}
+
+		results = append(results, *record.Ipv4Address)
+	}
+
+	return results
+}
+
+func expandAzureRmPrivateDNSARecords(d *schema.ResourceData) *[]privatedns.ARecord {
+	recordStrings := d.Get("records").(*schema.Set).List()
+	records := make([]privatedns.ARecord, len(recordStrings))
+
+	for i, v := range recordStrings {
+		ipv4 := v.(string)
+		records[i] = privatedns.ARecord{
+			Ipv4Address: &ipv4,
+		}
+	}
+
+	return &records
+}
diff --git a/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_srv_record.go b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_srv_record.go
new file mode 100644
index 00000000000..c1cc49a44ac
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_srv_record.go
@@ -0,0 +1,226 @@
+package azureprivatedns
+
+import (
+	"bytes"
+	"fmt"
+	"net/http"
+
+	"github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
+	"github.com/hashicorp/terraform/helper/hashcode"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmPrivateDNSSrvRecord() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmPrivateDNSSrvRecordCreateUpdate,
+		Read:   resourceArmPrivateDNSSrvRecordRead,
+		Update: resourceArmPrivateDNSSrvRecordCreateUpdate,
+		Delete: resourceArmPrivateDNSArvRecordDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupNameDiffSuppress(),
+
+			"zone_name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"record": {
+				Type:     schema.TypeSet,
+				Required: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"priority": {
+							Type:     schema.TypeInt,
+							Required: true,
+						},
+
+						"weight": {
+							Type:     schema.TypeInt,
+							Required: true,
+						},
+
+						"port": {
+							Type:     schema.TypeInt,
+							Required: true,
+						},
+
+						"target": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+					},
+				},
+				Set: resourceArmPrivateDNSSrvRecordHash,
+			},
+
+			"ttl": {
+				Type:     schema.TypeInt,
+				Required: true,
+			},
+
+			"tags": tagsSchema(),
+		},
+	}
+}
+
+func resourceArmPrivateDNSSrvRecordCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).recordSetsClient
+	ctx := meta.(*ArmClient).StopContext
+
+	name := d.Get("name").(string)
+	resGroup := d.Get("resource_group_name").(string)
+	zoneName := d.Get("zone_name").(string)
+
+	ttl := int64(d.Get("ttl").(int))
+	t := d.Get("tags").(map[string]interface{})
+
+	parameters := privatedns.RecordSet{
+		Name: &name,
+		RecordSetProperties: &privatedns.RecordSetProperties{
+			Metadata:   expandTags(t),
+			TTL:        &ttl,
+			SrvRecords: expandAzureRmPrivateDNSSrvRecords(d),
+		},
+	}
+
+	eTag := ""
+	ifNoneMatch := "" // set to empty to allow updates to records after creation
+	if _, err := client.CreateOrUpdate(ctx, resGroup, zoneName, privatedns.SRV, name, parameters, eTag, ifNoneMatch); err != nil {
+		return fmt.Errorf("error creating/updating Private DNS SRV Record %q (Zone %q / Resource Group %q): %s", name, zoneName, resGroup, err)
+	}
+
+	resp, err := client.Get(ctx, resGroup, zoneName, privatedns.SRV, name)
+	if err != nil {
+		return fmt.Errorf("error retrieving Private DNS SRV Record %q (Zone %q / Resource Group %q): %s", name, zoneName, resGroup, err)
+	}
+
+	if resp.ID == nil {
+		return fmt.Errorf("cannot read Private DNS SRV Record %s (resource group %s) ID", name, resGroup)
+	}
+
+	d.SetId(*resp.ID)
+
+	return resourceArmPrivateDNSSrvRecordRead(d, meta)
+}
+
+func resourceArmPrivateDNSSrvRecordRead(d *schema.ResourceData, meta interface{}) error {
+	dnsClient := meta.(*ArmClient).recordSetsClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	name := id.Path["SRV"]
+	zoneName := id.Path["privateDnsZones"]
+
+	resp, err := dnsClient.Get(ctx, resGroup, zoneName, privatedns.SRV, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			d.SetId("")
+			return nil
+		}
+		return fmt.Errorf("error reading Private DNS SRV record %s: %+v", name, err)
+	}
+
+	d.Set("name", name)
+	d.Set("resource_group_name", resGroup)
+	d.Set("zone_name", zoneName)
+	d.Set("ttl", resp.TTL)
+
+	if err := d.Set("record", flattenAzureRmPrivateDNSSrvRecords(resp.SrvRecords)); err != nil {
+		return err
+	}
+	flattenAndSetTags(d, resp.Metadata)
+
+	return nil
+}
+
+func resourceArmPrivateDNSArvRecordDelete(d *schema.ResourceData, meta interface{}) error {
+	dnsClient := meta.(*ArmClient).recordSetsClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	name := id.Path["A"]
+	zoneName := id.Path["privateDnsZones"]
+
+	resp, err := dnsClient.Delete(ctx, resGroup, zoneName, privatedns.SRV, name, "")
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("error deleting Private DNS A Record %s: %+v", name, err)
+	}
+
+	return nil
+}
+
+func flattenAzureRmPrivateDNSSrvRecords(records *[]privatedns.SrvRecord) []map[string]interface{} {
+	results := make([]map[string]interface{}, 0, len(*records))
+
+	if records != nil {
+		for _, record := range *records {
+			results = append(results, map[string]interface{}{
+				"priority": *record.Priority,
+				"weight":   *record.Weight,
+				"port":     *record.Port,
+				"target":   *record.Target,
+			})
+		}
+	}
+
+	return results
+}
+
+func expandAzureRmPrivateDNSSrvRecords(d *schema.ResourceData) *[]privatedns.SrvRecord {
+	recordStrings := d.Get("record").(*schema.Set).List()
+	records := make([]privatedns.SrvRecord, len(recordStrings))
+
+	for i, v := range recordStrings {
+		record := v.(map[string]interface{})
+		priority := int32(record["priority"].(int))
+		weight := int32(record["weight"].(int))
+		port := int32(record["port"].(int))
+		target := record["target"].(string)
+
+		srvRecord := privatedns.SrvRecord{
+			Priority: &priority,
+			Weight:   &weight,
+			Port:     &port,
+			Target:   &target,
+		}
+
+		records[i] = srvRecord
+	}
+
+	return &records
+}
+
+func resourceArmPrivateDNSSrvRecordHash(v interface{}) int {
+	var buf bytes.Buffer
+
+	if m, ok := v.(map[string]interface{}); ok {
+		buf.WriteString(fmt.Sprintf("%d-", m["priority"].(int)))
+		buf.WriteString(fmt.Sprintf("%d-", m["weight"].(int)))
+		buf.WriteString(fmt.Sprintf("%d-", m["port"].(int)))
+		buf.WriteString(fmt.Sprintf("%s-", m["target"].(string)))
+	}
+
+	return hashcode.String(buf.String())
+}
diff --git a/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_zone.go b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_zone.go
new file mode 100644
index 00000000000..eac29713b7d
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_zone.go
@@ -0,0 +1,162 @@
+package azureprivatedns
+
+import (
+	"fmt"
+
+	"github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/response"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmPrivateDNSZone() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmPrivateDNSZoneCreateUpdate,
+		Read:   resourceArmPrivateDNSZoneRead,
+		Update: resourceArmPrivateDNSZoneCreateUpdate,
+		Delete: resourceArmPrivateDNSZoneDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"number_of_record_sets": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
+
+			"max_number_of_record_sets": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
+
+			"max_number_of_virtual_network_links": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
+
+			"max_number_of_virtual_network_links_with_registration": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupNameDiffSuppress(),
+
+			"tags": tagsSchema(),
+		},
+	}
+}
+
+func resourceArmPrivateDNSZoneCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).privateZonesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	name := d.Get("name").(string)
+	resGroup := d.Get("resource_group_name").(string)
+
+	location := "global"
+	t := d.Get("tags").(map[string]interface{})
+
+	parameters := privatedns.PrivateZone{
+		Location: &location,
+		Tags:     expandTags(t),
+	}
+
+	etag := ""
+	ifNoneMatch := "" // set to empty to allow updates to records after creation
+	future, err := client.CreateOrUpdate(ctx, resGroup, name, parameters, etag, ifNoneMatch)
+	if err != nil {
+		return fmt.Errorf("error creating/updating Private DNS Zone %q (Resource Group %q): %s", name, resGroup, err)
+	}
+
+	if err := future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("error waiting for Private DNS Zone %q to become available: %+v", name, err)
+	}
+
+	resp, err := client.Get(ctx, resGroup, name)
+	if err != nil {
+		return fmt.Errorf("error retrieving Private DNS Zone %q (Resource Group %q): %s", name, resGroup, err)
+	}
+
+	if resp.ID == nil {
+		return fmt.Errorf("cannot read Private DNS Zone %q (Resource Group %q) ID", name, resGroup)
+	}
+
+	d.SetId(*resp.ID)
+
+	return resourceArmPrivateDNSZoneRead(d, meta)
+}
+
+func resourceArmPrivateDNSZoneRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).privateZonesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	name := id.Path["privateDnsZones"]
+
+	resp, err := client.Get(ctx, resGroup, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			d.SetId("")
+			return nil
+		}
+		return fmt.Errorf("error reading Private DNS Zone %q (Resource Group %q): %+v", name, resGroup, err)
+	}
+
+	d.Set("name", name)
+	d.Set("resource_group_name", resGroup)
+
+	if props := resp.PrivateZoneProperties; props != nil {
+		d.Set("number_of_record_sets", props.NumberOfRecordSets)
+		d.Set("max_number_of_record_sets", props.MaxNumberOfRecordSets)
+		d.Set("max_number_of_virtual_network_links", props.MaxNumberOfVirtualNetworkLinks)
+		d.Set("max_number_of_virtual_network_links_with_registration", props.MaxNumberOfVirtualNetworkLinksWithRegistration)
+	}
+
+	flattenAndSetTags(d, resp.Tags)
+
+	return nil
+}
+
+func resourceArmPrivateDNSZoneDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).privateZonesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	name := id.Path["privateDnsZones"]
+
+	etag := ""
+	future, err := client.Delete(ctx, resGroup, name, etag)
+	if err != nil {
+		if response.WasNotFound(future.Response()) {
+			return nil
+		}
+		return fmt.Errorf("error deleting Private DNS Zone %s (resource group %s): %+v", name, resGroup, err)
+	}
+
+	if err = future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		if response.WasNotFound(future.Response()) {
+			return nil
+		}
+		return fmt.Errorf("error deleting Private DNS Zone %s (resource group %s): %+v", name, resGroup, err)
+	}
+
+	return nil
+}
diff --git a/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_zone_virtual_network_link.go b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_zone_virtual_network_link.go
new file mode 100644
index 00000000000..2df469e4fbf
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns/resource_private_dns_zone_virtual_network_link.go
@@ -0,0 +1,204 @@
+package azureprivatedns
+
+import (
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/response"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmPrivateDNSZoneVirtualNetworkLink() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmPrivateDNSZoneVirtualNetworkLinkCreateUpdate,
+		Read:   resourceArmPrivateDNSZoneVirtualNetworkLinkRead,
+		Update: resourceArmPrivateDNSZoneVirtualNetworkLinkCreateUpdate,
+		Delete: resourceArmPrivateDNSZoneVirtualNetworkLinkDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.NoEmptyStrings,
+			},
+
+			"private_dns_zone_name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.NoEmptyStrings,
+			},
+
+			"virtual_network_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: azure.ValidateResourceID,
+			},
+
+			"registration_enabled": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  false,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupNameDiffSuppress(),
+
+			"tags": tagsSchema(),
+		},
+	}
+}
+
+func resourceArmPrivateDNSZoneVirtualNetworkLinkCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).virtualNetworkLinksClient
+	ctx := meta.(*ArmClient).StopContext
+
+	name := d.Get("name").(string)
+	dnsZoneName := d.Get("private_dns_zone_name").(string)
+	vNetID := d.Get("virtual_network_id").(string)
+	registrationEnabled := d.Get("registration_enabled").(bool)
+	resGroup := d.Get("resource_group_name").(string)
+
+	location := "global"
+	tags := d.Get("tags").(map[string]interface{})
+
+	parameters := privatedns.VirtualNetworkLink{
+		Location: &location,
+		Tags:     expandTags(tags),
+		VirtualNetworkLinkProperties: &privatedns.VirtualNetworkLinkProperties{
+			VirtualNetwork: &privatedns.SubResource{
+				ID: &vNetID,
+			},
+			RegistrationEnabled: &registrationEnabled,
+		},
+	}
+
+	etag := ""
+	ifNoneMatch := "" // set to empty to allow updates to records after creation
+
+	future, err := client.CreateOrUpdate(ctx, resGroup, dnsZoneName, name, parameters, etag, ifNoneMatch)
+	if err != nil {
+		return fmt.Errorf("error creating/updating Private DNS Zone Virtual network link %q (Resource Group %q): %s", name, resGroup, err)
+	}
+
+	if err = future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("error waiting for Private DNS Zone Virtual network link %q to become available: %+v", name, err)
+	}
+
+	resp, err := client.Get(ctx, resGroup, dnsZoneName, name)
+	if err != nil {
+		return fmt.Errorf("error retrieving Private DNS Zone Virtual network link %q (Resource Group %q): %s", name, resGroup, err)
+	}
+
+	if resp.ID == nil {
+		return fmt.Errorf("cannot read Private DNS Zone Virtual network link %q (Resource Group %q) ID", name, resGroup)
+	}
+
+	d.SetId(*resp.ID)
+
+	return resourceArmPrivateDNSZoneVirtualNetworkLinkRead(d, meta)
+}
+
+func resourceArmPrivateDNSZoneVirtualNetworkLinkRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).virtualNetworkLinksClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	dnsZoneName := id.Path["privateDnsZones"]
+	name := id.Path["virtualNetworkLinks"]
+
+	resp, err := client.Get(ctx, resGroup, dnsZoneName, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			d.SetId("")
+			return nil
+		}
+		return fmt.Errorf("error reading Private DNS Zone Virtual network link %q (Resource Group %q): %+v", name, resGroup, err)
+	}
+
+	d.Set("name", name)
+	d.Set("resource_group_name", resGroup)
+	d.Set("private_dns_zone_name", dnsZoneName)
+
+	if props := resp.VirtualNetworkLinkProperties; props != nil {
+		d.Set("registration_enabled", props.RegistrationEnabled)
+
+		if network := props.VirtualNetwork; network != nil {
+			d.Set("virtual_network_id", network.ID)
+		}
+	}
+
+	flattenAndSetTags(d, resp.Tags)
+
+	return nil
+}
+
+func resourceArmPrivateDNSZoneVirtualNetworkLinkDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).virtualNetworkLinksClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resGroup := id.ResourceGroup
+	dnsZoneName := id.Path["privateDnsZones"]
+	name := id.Path["virtualNetworkLinks"]
+
+	etag := ""
+	if future, err := client.Delete(ctx, resGroup, dnsZoneName, name, etag); err != nil {
+		if response.WasNotFound(future.Response()) {
+			return nil
+		}
+		return fmt.Errorf("error deleting Virtual Network Link %q (Private DNS Zone %q / Resource Group %q): %+v", name, dnsZoneName, resGroup, err)
+	}
+
+	// whilst the Delete above returns a Future, the Azure API's broken such that even though it's marked as "gone"
+	// it's still kicking around - so we have to poll until this is actually gone
+	log.Printf("[DEBUG] Waiting for Virtual Network Link %q (Private DNS Zone %q / Resource Group %q) to be deleted", name, dnsZoneName, resGroup)
+	stateConf := &resource.StateChangeConf{
+		Pending: []string{"Available"},
+		Target:  []string{"NotFound"},
+		Refresh: func() (interface{}, string, error) {
+			log.Printf("[DEBUG] Checking to see if Virtual Network Link %q (Private DNS Zone %q / Resource Group %q) is available", name, dnsZoneName, resGroup)
+			resp, err := client.Get(ctx, resGroup, dnsZoneName, name)
+			if err != nil {
+				if utils.ResponseWasNotFound(resp.Response) {
+					log.Printf("[DEBUG] Virtual Network Link %q (Private DNS Zone %q / Resource Group %q) was not found", name, dnsZoneName, resGroup)
+					return "NotFound", "NotFound", nil
+				}
+
+				return "", "error", err
+			}
+
+			log.Printf("[DEBUG] Virtual Network Link %q (Private DNS Zone %q / Resource Group %q) still exists", name, dnsZoneName, resGroup)
+			return "Available", "Available", nil
+		},
+		Timeout:                   30 * time.Minute,
+		Delay:                     30 * time.Second,
+		PollInterval:              10 * time.Second,
+		ContinuousTargetOccurence: 10,
+	}
+
+	if _, err := stateConf.WaitForState(); err != nil {
+		return fmt.Errorf("error waiting for deletion of Virtual Network Link %q (Private DNS Zone %q / Resource Group %q): %+v", name, dnsZoneName, resGroup, err)
+	}
+
+	return nil
+}
diff --git a/pkg/terraform/exec/plugins/azureprivatedns/tags.go b/pkg/terraform/exec/plugins/azureprivatedns/tags.go
new file mode 100644
index 00000000000..2bfa8cf6258
--- /dev/null
+++ b/pkg/terraform/exec/plugins/azureprivatedns/tags.go
@@ -0,0 +1,116 @@
+package azureprivatedns
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/hashicorp/terraform/helper/schema"
+)
+
+func tagsSchema() *schema.Schema {
+	return &schema.Schema{
+		Type:         schema.TypeMap,
+		Optional:     true,
+		Computed:     true,
+		ValidateFunc: validateAzureRMTags,
+	}
+}
+
+func tagsForceNewSchema() *schema.Schema {
+	return &schema.Schema{
+		Type:         schema.TypeMap,
+		Optional:     true,
+		Computed:     true,
+		ForceNew:     true,
+		ValidateFunc: validateAzureRMTags,
+	}
+}
+
+func tagsForDataSourceSchema() *schema.Schema {
+	return &schema.Schema{
+		Type:     schema.TypeMap,
+		Computed: true,
+	}
+}
+
+func tagValueToString(v interface{}) (string, error) {
+	switch value := v.(type) {
+	case string:
+		return value, nil
+	case int:
+		return fmt.Sprintf("%d", value), nil
+	default:
+		return "", fmt.Errorf("unknown tag type %T in tag value", value)
+	}
+}
+
+func validateAzureRMTags(v interface{}, _ string) (warnings []string, errors []error) {
+	tagsMap := v.(map[string]interface{})
+
+	if len(tagsMap) > 15 {
+		errors = append(errors, fmt.Errorf("a maximum of 15 tags can be applied to each ARM resource"))
+	}
+
+	for k, v := range tagsMap {
+		if len(k) > 512 {
+			errors = append(errors, fmt.Errorf("the maximum length for a tag key is 512 characters: %q is %d characters", k, len(k)))
+		}
+
+		value, err := tagValueToString(v)
+		if err != nil {
+			errors = append(errors, err)
+		} else if len(value) > 256 {
+			errors = append(errors, fmt.Errorf("the maximum length for a tag value is 256 characters: the value for %q is %d characters", k, len(value)))
+		}
+	}
+
+	return warnings, errors
+}
+
+func expandTags(tagsMap map[string]interface{}) map[string]*string {
+	output := make(map[string]*string, len(tagsMap))
+
+	for i, v := range tagsMap {
+		//Validate should have ignored this error already
+		value, _ := tagValueToString(v)
+		output[i] = &value
+	}
+
+	return output
+}
+
+func filterTags(tagsMap map[string]*string, tagNames ...string) map[string]*string {
+	if len(tagNames) == 0 {
+		return tagsMap
+	}
+
+	// Build the filter dictionary from passed tag names.
+	filterDict := make(map[string]bool)
+	for _, name := range tagNames {
+		if len(name) > 0 {
+			filterDict[strings.ToLower(name)] = true
+		}
+	}
+
+	// Filter out tag if it exists(case insensitive) in the dictionary.
+	tagsRet := make(map[string]*string)
+	for k, v := range tagsMap {
+		if !filterDict[strings.ToLower(k)] {
+			tagsRet[k] = v
+		}
+	}
+
+	return tagsRet
+}
+
+func flattenAndSetTags(d *schema.ResourceData, tagMap map[string]*string) {
+
+	// If tagsMap is nil, len(tagsMap) will be 0.
+	output := make(map[string]interface{}, len(tagMap))
+
+	for i, v := range tagMap {
+		output[i] = *v
+	}
+
+	d.Set("tags", output)
+}
diff --git a/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/client.go b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/client.go
new file mode 100644
index 00000000000..3a72459cd34
--- /dev/null
+++ b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/client.go
@@ -0,0 +1,51 @@
+// Package privatedns implements the Azure ARM Privatedns service API version 2018-09-01.
+//
+// The Private DNS Management Client.
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+)
+
+const (
+	// DefaultBaseURI is the default URI used for the service Privatedns
+	DefaultBaseURI = "https://management.azure.com"
+)
+
+// BaseClient is the base client for Privatedns.
+type BaseClient struct {
+	autorest.Client
+	BaseURI        string
+	SubscriptionID string
+}
+
+// New creates an instance of the BaseClient client.
+func New(subscriptionID string) BaseClient {
+	return NewWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewWithBaseURI creates an instance of the BaseClient client.
+func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient {
+	return BaseClient{
+		Client:         autorest.NewClientWithUserAgent(UserAgent()),
+		BaseURI:        baseURI,
+		SubscriptionID: subscriptionID,
+	}
+}
diff --git a/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/models.go b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/models.go
new file mode 100644
index 00000000000..af70544f5bd
--- /dev/null
+++ b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/models.go
@@ -0,0 +1,1288 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"encoding/json"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/to"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// The package's fully qualified name.
+const fqdn = "github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
+
+// ProvisioningState enumerates the values for provisioning state.
+type ProvisioningState string
+
+const (
+	// Canceled ...
+	Canceled ProvisioningState = "Canceled"
+	// Creating ...
+	Creating ProvisioningState = "Creating"
+	// Deleting ...
+	Deleting ProvisioningState = "Deleting"
+	// Failed ...
+	Failed ProvisioningState = "Failed"
+	// Succeeded ...
+	Succeeded ProvisioningState = "Succeeded"
+	// Updating ...
+	Updating ProvisioningState = "Updating"
+)
+
+// PossibleProvisioningStateValues returns an array of possible values for the ProvisioningState const type.
+func PossibleProvisioningStateValues() []ProvisioningState {
+	return []ProvisioningState{Canceled, Creating, Deleting, Failed, Succeeded, Updating}
+}
+
+// RecordType enumerates the values for record type.
+type RecordType string
+
+const (
+	// A ...
+	A RecordType = "A"
+	// AAAA ...
+	AAAA RecordType = "AAAA"
+	// CNAME ...
+	CNAME RecordType = "CNAME"
+	// MX ...
+	MX RecordType = "MX"
+	// PTR ...
+	PTR RecordType = "PTR"
+	// SOA ...
+	SOA RecordType = "SOA"
+	// SRV ...
+	SRV RecordType = "SRV"
+	// TXT ...
+	TXT RecordType = "TXT"
+)
+
+// PossibleRecordTypeValues returns an array of possible values for the RecordType const type.
+func PossibleRecordTypeValues() []RecordType {
+	return []RecordType{A, AAAA, CNAME, MX, PTR, SOA, SRV, TXT}
+}
+
+// VirtualNetworkLinkState enumerates the values for virtual network link state.
+type VirtualNetworkLinkState string
+
+const (
+	// Completed ...
+	Completed VirtualNetworkLinkState = "Completed"
+	// InProgress ...
+	InProgress VirtualNetworkLinkState = "InProgress"
+)
+
+// PossibleVirtualNetworkLinkStateValues returns an array of possible values for the VirtualNetworkLinkState const type.
+func PossibleVirtualNetworkLinkStateValues() []VirtualNetworkLinkState {
+	return []VirtualNetworkLinkState{Completed, InProgress}
+}
+
+// AaaaRecord an AAAA record.
+type AaaaRecord struct {
+	// Ipv6Address - The IPv6 address of this AAAA record.
+	Ipv6Address *string `json:"ipv6Address,omitempty"`
+}
+
+// ARecord an A record.
+type ARecord struct {
+	// Ipv4Address - The IPv4 address of this A record.
+	Ipv4Address *string `json:"ipv4Address,omitempty"`
+}
+
+// CloudError an error message
+type CloudError struct {
+	// Error - The error message body
+	Error *CloudErrorBody `json:"error,omitempty"`
+}
+
+// CloudErrorBody the body of an error message
+type CloudErrorBody struct {
+	// Code - The error code
+	Code *string `json:"code,omitempty"`
+	// Message - A description of what caused the error
+	Message *string `json:"message,omitempty"`
+	// Target - The target resource of the error message
+	Target *string `json:"target,omitempty"`
+	// Details - Extra error information
+	Details *[]CloudErrorBody `json:"details,omitempty"`
+}
+
+// CnameRecord a CNAME record.
+type CnameRecord struct {
+	// Cname - The canonical name for this CNAME record.
+	Cname *string `json:"cname,omitempty"`
+}
+
+// MxRecord an MX record.
+type MxRecord struct {
+	// Preference - The preference value for this MX record.
+	Preference *int32 `json:"preference,omitempty"`
+	// Exchange - The domain name of the mail host for this MX record.
+	Exchange *string `json:"exchange,omitempty"`
+}
+
+// PrivateZone describes a Private DNS zone.
+type PrivateZone struct {
+	autorest.Response `json:"-"`
+	// Etag - The ETag of the zone.
+	Etag *string `json:"etag,omitempty"`
+	// PrivateZoneProperties - Properties of the Private DNS zone.
+	*PrivateZoneProperties `json:"properties,omitempty"`
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// Location - The Azure Region where the resource lives
+	Location *string `json:"location,omitempty"`
+	// ID - Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for PrivateZone.
+func (pz PrivateZone) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if pz.Etag != nil {
+		objectMap["etag"] = pz.Etag
+	}
+	if pz.PrivateZoneProperties != nil {
+		objectMap["properties"] = pz.PrivateZoneProperties
+	}
+	if pz.Tags != nil {
+		objectMap["tags"] = pz.Tags
+	}
+	if pz.Location != nil {
+		objectMap["location"] = pz.Location
+	}
+	if pz.ID != nil {
+		objectMap["id"] = pz.ID
+	}
+	if pz.Name != nil {
+		objectMap["name"] = pz.Name
+	}
+	if pz.Type != nil {
+		objectMap["type"] = pz.Type
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for PrivateZone struct.
+func (pz *PrivateZone) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				pz.Etag = &etag
+			}
+		case "properties":
+			if v != nil {
+				var privateZoneProperties PrivateZoneProperties
+				err = json.Unmarshal(*v, &privateZoneProperties)
+				if err != nil {
+					return err
+				}
+				pz.PrivateZoneProperties = &privateZoneProperties
+			}
+		case "tags":
+			if v != nil {
+				var tags map[string]*string
+				err = json.Unmarshal(*v, &tags)
+				if err != nil {
+					return err
+				}
+				pz.Tags = tags
+			}
+		case "location":
+			if v != nil {
+				var location string
+				err = json.Unmarshal(*v, &location)
+				if err != nil {
+					return err
+				}
+				pz.Location = &location
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				pz.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				pz.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				pz.Type = &typeVar
+			}
+		}
+	}
+
+	return nil
+}
+
+// PrivateZoneListResult the response to a Private DNS zone list operation.
+type PrivateZoneListResult struct {
+	autorest.Response `json:"-"`
+	// Value - Information about the Private DNS zones.
+	Value *[]PrivateZone `json:"value,omitempty"`
+	// NextLink - The continuation token for the next page of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// PrivateZoneListResultIterator provides access to a complete listing of PrivateZone values.
+type PrivateZoneListResultIterator struct {
+	i    int
+	page PrivateZoneListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *PrivateZoneListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZoneListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *PrivateZoneListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter PrivateZoneListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter PrivateZoneListResultIterator) Response() PrivateZoneListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter PrivateZoneListResultIterator) Value() PrivateZone {
+	if !iter.page.NotDone() {
+		return PrivateZone{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the PrivateZoneListResultIterator type.
+func NewPrivateZoneListResultIterator(page PrivateZoneListResultPage) PrivateZoneListResultIterator {
+	return PrivateZoneListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (pzlr PrivateZoneListResult) IsEmpty() bool {
+	return pzlr.Value == nil || len(*pzlr.Value) == 0
+}
+
+// privateZoneListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (pzlr PrivateZoneListResult) privateZoneListResultPreparer(ctx context.Context) (*http.Request, error) {
+	if pzlr.NextLink == nil || len(to.String(pzlr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(pzlr.NextLink)))
+}
+
+// PrivateZoneListResultPage contains a page of PrivateZone values.
+type PrivateZoneListResultPage struct {
+	fn   func(context.Context, PrivateZoneListResult) (PrivateZoneListResult, error)
+	pzlr PrivateZoneListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *PrivateZoneListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZoneListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	next, err := page.fn(ctx, page.pzlr)
+	if err != nil {
+		return err
+	}
+	page.pzlr = next
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *PrivateZoneListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page PrivateZoneListResultPage) NotDone() bool {
+	return !page.pzlr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page PrivateZoneListResultPage) Response() PrivateZoneListResult {
+	return page.pzlr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page PrivateZoneListResultPage) Values() []PrivateZone {
+	if page.pzlr.IsEmpty() {
+		return nil
+	}
+	return *page.pzlr.Value
+}
+
+// Creates a new instance of the PrivateZoneListResultPage type.
+func NewPrivateZoneListResultPage(getNextPage func(context.Context, PrivateZoneListResult) (PrivateZoneListResult, error)) PrivateZoneListResultPage {
+	return PrivateZoneListResultPage{fn: getNextPage}
+}
+
+// PrivateZoneProperties represents the properties of the Private DNS zone.
+type PrivateZoneProperties struct {
+	// MaxNumberOfRecordSets - The maximum number of record sets that can be created in this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	MaxNumberOfRecordSets *int64 `json:"maxNumberOfRecordSets,omitempty"`
+	// NumberOfRecordSets - The current number of record sets in this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	NumberOfRecordSets *int64 `json:"numberOfRecordSets,omitempty"`
+	// MaxNumberOfVirtualNetworkLinks - The maximum number of virtual networks that can be linked to this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	MaxNumberOfVirtualNetworkLinks *int64 `json:"maxNumberOfVirtualNetworkLinks,omitempty"`
+	// NumberOfVirtualNetworkLinks - The current number of virtual networks that are linked to this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	NumberOfVirtualNetworkLinks *int64 `json:"numberOfVirtualNetworkLinks,omitempty"`
+	// MaxNumberOfVirtualNetworkLinksWithRegistration - The maximum number of virtual networks that can be linked to this Private DNS zone with registration enabled. This is a read-only property and any attempt to set this value will be ignored.
+	MaxNumberOfVirtualNetworkLinksWithRegistration *int64 `json:"maxNumberOfVirtualNetworkLinksWithRegistration,omitempty"`
+	// NumberOfVirtualNetworkLinksWithRegistration - The current number of virtual networks that are linked to this Private DNS zone with registration enabled. This is a read-only property and any attempt to set this value will be ignored.
+	NumberOfVirtualNetworkLinksWithRegistration *int64 `json:"numberOfVirtualNetworkLinksWithRegistration,omitempty"`
+	// ProvisioningState - The provisioning state of the resource. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'Creating', 'Updating', 'Deleting', 'Succeeded', 'Failed', 'Canceled'
+	ProvisioningState ProvisioningState `json:"provisioningState,omitempty"`
+}
+
+// PrivateZonesCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type PrivateZonesCreateOrUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *PrivateZonesCreateOrUpdateFuture) Result(client PrivateZonesClient) (pz PrivateZone, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesCreateOrUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesCreateOrUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if pz.Response.Response, err = future.GetResult(sender); err == nil && pz.Response.Response.StatusCode != http.StatusNoContent {
+		pz, err = client.CreateOrUpdateResponder(pz.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesCreateOrUpdateFuture", "Result", pz.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
+
+// PrivateZonesDeleteFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type PrivateZonesDeleteFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *PrivateZonesDeleteFuture) Result(client PrivateZonesClient) (ar autorest.Response, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesDeleteFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesDeleteFuture")
+		return
+	}
+	ar.Response = future.Response()
+	return
+}
+
+// PrivateZonesUpdateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type PrivateZonesUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *PrivateZonesUpdateFuture) Result(client PrivateZonesClient) (pz PrivateZone, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if pz.Response.Response, err = future.GetResult(sender); err == nil && pz.Response.Response.StatusCode != http.StatusNoContent {
+		pz, err = client.UpdateResponder(pz.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesUpdateFuture", "Result", pz.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
+
+// ProxyResource the resource model definition for an ARM proxy resource.
+type ProxyResource struct {
+	// ID - Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// PtrRecord a PTR record.
+type PtrRecord struct {
+	// Ptrdname - The PTR target domain name for this PTR record.
+	Ptrdname *string `json:"ptrdname,omitempty"`
+}
+
+// RecordSet describes a DNS record set (a collection of DNS records with the same name and type) in a
+// Private DNS zone.
+type RecordSet struct {
+	autorest.Response `json:"-"`
+	// Etag - The ETag of the record set.
+	Etag *string `json:"etag,omitempty"`
+	// RecordSetProperties - The properties of the record set.
+	*RecordSetProperties `json:"properties,omitempty"`
+	// ID - Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for RecordSet.
+func (rs RecordSet) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if rs.Etag != nil {
+		objectMap["etag"] = rs.Etag
+	}
+	if rs.RecordSetProperties != nil {
+		objectMap["properties"] = rs.RecordSetProperties
+	}
+	if rs.ID != nil {
+		objectMap["id"] = rs.ID
+	}
+	if rs.Name != nil {
+		objectMap["name"] = rs.Name
+	}
+	if rs.Type != nil {
+		objectMap["type"] = rs.Type
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for RecordSet struct.
+func (rs *RecordSet) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				rs.Etag = &etag
+			}
+		case "properties":
+			if v != nil {
+				var recordSetProperties RecordSetProperties
+				err = json.Unmarshal(*v, &recordSetProperties)
+				if err != nil {
+					return err
+				}
+				rs.RecordSetProperties = &recordSetProperties
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				rs.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				rs.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				rs.Type = &typeVar
+			}
+		}
+	}
+
+	return nil
+}
+
+// RecordSetListResult the response to a record set list operation.
+type RecordSetListResult struct {
+	autorest.Response `json:"-"`
+	// Value - Information about the record sets in the response.
+	Value *[]RecordSet `json:"value,omitempty"`
+	// NextLink - The continuation token for the next page of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// RecordSetListResultIterator provides access to a complete listing of RecordSet values.
+type RecordSetListResultIterator struct {
+	i    int
+	page RecordSetListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *RecordSetListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *RecordSetListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter RecordSetListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter RecordSetListResultIterator) Response() RecordSetListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter RecordSetListResultIterator) Value() RecordSet {
+	if !iter.page.NotDone() {
+		return RecordSet{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the RecordSetListResultIterator type.
+func NewRecordSetListResultIterator(page RecordSetListResultPage) RecordSetListResultIterator {
+	return RecordSetListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (rslr RecordSetListResult) IsEmpty() bool {
+	return rslr.Value == nil || len(*rslr.Value) == 0
+}
+
+// recordSetListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (rslr RecordSetListResult) recordSetListResultPreparer(ctx context.Context) (*http.Request, error) {
+	if rslr.NextLink == nil || len(to.String(rslr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(rslr.NextLink)))
+}
+
+// RecordSetListResultPage contains a page of RecordSet values.
+type RecordSetListResultPage struct {
+	fn   func(context.Context, RecordSetListResult) (RecordSetListResult, error)
+	rslr RecordSetListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *RecordSetListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	next, err := page.fn(ctx, page.rslr)
+	if err != nil {
+		return err
+	}
+	page.rslr = next
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *RecordSetListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page RecordSetListResultPage) NotDone() bool {
+	return !page.rslr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page RecordSetListResultPage) Response() RecordSetListResult {
+	return page.rslr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page RecordSetListResultPage) Values() []RecordSet {
+	if page.rslr.IsEmpty() {
+		return nil
+	}
+	return *page.rslr.Value
+}
+
+// Creates a new instance of the RecordSetListResultPage type.
+func NewRecordSetListResultPage(getNextPage func(context.Context, RecordSetListResult) (RecordSetListResult, error)) RecordSetListResultPage {
+	return RecordSetListResultPage{fn: getNextPage}
+}
+
+// RecordSetProperties represents the properties of the records in the record set.
+type RecordSetProperties struct {
+	// Metadata - The metadata attached to the record set.
+	Metadata map[string]*string `json:"metadata"`
+	// TTL - The TTL (time-to-live) of the records in the record set.
+	TTL *int64 `json:"ttl,omitempty"`
+	// Fqdn - Fully qualified domain name of the record set.
+	Fqdn *string `json:"fqdn,omitempty"`
+	// IsAutoRegistered - Is the record set auto-registered in the Private DNS zone through a virtual network link?
+	IsAutoRegistered *bool `json:"isAutoRegistered,omitempty"`
+	// ARecords - The list of A records in the record set.
+	ARecords *[]ARecord `json:"aRecords,omitempty"`
+	// AaaaRecords - The list of AAAA records in the record set.
+	AaaaRecords *[]AaaaRecord `json:"aaaaRecords,omitempty"`
+	// CnameRecord - The CNAME record in the record set.
+	CnameRecord *CnameRecord `json:"cnameRecord,omitempty"`
+	// MxRecords - The list of MX records in the record set.
+	MxRecords *[]MxRecord `json:"mxRecords,omitempty"`
+	// PtrRecords - The list of PTR records in the record set.
+	PtrRecords *[]PtrRecord `json:"ptrRecords,omitempty"`
+	// SoaRecord - The SOA record in the record set.
+	SoaRecord *SoaRecord `json:"soaRecord,omitempty"`
+	// SrvRecords - The list of SRV records in the record set.
+	SrvRecords *[]SrvRecord `json:"srvRecords,omitempty"`
+	// TxtRecords - The list of TXT records in the record set.
+	TxtRecords *[]TxtRecord `json:"txtRecords,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for RecordSetProperties.
+func (rsp RecordSetProperties) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if rsp.Metadata != nil {
+		objectMap["metadata"] = rsp.Metadata
+	}
+	if rsp.TTL != nil {
+		objectMap["ttl"] = rsp.TTL
+	}
+	if rsp.Fqdn != nil {
+		objectMap["fqdn"] = rsp.Fqdn
+	}
+	if rsp.IsAutoRegistered != nil {
+		objectMap["isAutoRegistered"] = rsp.IsAutoRegistered
+	}
+	if rsp.ARecords != nil {
+		objectMap["aRecords"] = rsp.ARecords
+	}
+	if rsp.AaaaRecords != nil {
+		objectMap["aaaaRecords"] = rsp.AaaaRecords
+	}
+	if rsp.CnameRecord != nil {
+		objectMap["cnameRecord"] = rsp.CnameRecord
+	}
+	if rsp.MxRecords != nil {
+		objectMap["mxRecords"] = rsp.MxRecords
+	}
+	if rsp.PtrRecords != nil {
+		objectMap["ptrRecords"] = rsp.PtrRecords
+	}
+	if rsp.SoaRecord != nil {
+		objectMap["soaRecord"] = rsp.SoaRecord
+	}
+	if rsp.SrvRecords != nil {
+		objectMap["srvRecords"] = rsp.SrvRecords
+	}
+	if rsp.TxtRecords != nil {
+		objectMap["txtRecords"] = rsp.TxtRecords
+	}
+	return json.Marshal(objectMap)
+}
+
+// Resource the core properties of ARM resources
+type Resource struct {
+	// ID - Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// SoaRecord an SOA record.
+type SoaRecord struct {
+	// Host - The domain name of the authoritative name server for this SOA record.
+	Host *string `json:"host,omitempty"`
+	// Email - The email contact for this SOA record.
+	Email *string `json:"email,omitempty"`
+	// SerialNumber - The serial number for this SOA record.
+	SerialNumber *int64 `json:"serialNumber,omitempty"`
+	// RefreshTime - The refresh value for this SOA record.
+	RefreshTime *int64 `json:"refreshTime,omitempty"`
+	// RetryTime - The retry time for this SOA record.
+	RetryTime *int64 `json:"retryTime,omitempty"`
+	// ExpireTime - The expire time for this SOA record.
+	ExpireTime *int64 `json:"expireTime,omitempty"`
+	// MinimumTTL - The minimum value for this SOA record. By convention this is used to determine the negative caching duration.
+	MinimumTTL *int64 `json:"minimumTtl,omitempty"`
+}
+
+// SrvRecord an SRV record.
+type SrvRecord struct {
+	// Priority - The priority value for this SRV record.
+	Priority *int32 `json:"priority,omitempty"`
+	// Weight - The weight value for this SRV record.
+	Weight *int32 `json:"weight,omitempty"`
+	// Port - The port value for this SRV record.
+	Port *int32 `json:"port,omitempty"`
+	// Target - The target domain name for this SRV record.
+	Target *string `json:"target,omitempty"`
+}
+
+// SubResource reference to another subresource.
+type SubResource struct {
+	// ID - Resource ID.
+	ID *string `json:"id,omitempty"`
+}
+
+// TrackedResource the resource model definition for a ARM tracked top level resource
+type TrackedResource struct {
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// Location - The Azure Region where the resource lives
+	Location *string `json:"location,omitempty"`
+	// ID - Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for TrackedResource.
+func (tr TrackedResource) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if tr.Tags != nil {
+		objectMap["tags"] = tr.Tags
+	}
+	if tr.Location != nil {
+		objectMap["location"] = tr.Location
+	}
+	if tr.ID != nil {
+		objectMap["id"] = tr.ID
+	}
+	if tr.Name != nil {
+		objectMap["name"] = tr.Name
+	}
+	if tr.Type != nil {
+		objectMap["type"] = tr.Type
+	}
+	return json.Marshal(objectMap)
+}
+
+// TxtRecord a TXT record.
+type TxtRecord struct {
+	// Value - The text value of this TXT record.
+	Value *[]string `json:"value,omitempty"`
+}
+
+// VirtualNetworkLink describes a link to virtual network for a Private DNS zone.
+type VirtualNetworkLink struct {
+	autorest.Response `json:"-"`
+	// Etag - The ETag of the virtual network link.
+	Etag *string `json:"etag,omitempty"`
+	// VirtualNetworkLinkProperties - Properties of the virtual network link to the Private DNS zone.
+	*VirtualNetworkLinkProperties `json:"properties,omitempty"`
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// Location - The Azure Region where the resource lives
+	Location *string `json:"location,omitempty"`
+	// ID - Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for VirtualNetworkLink.
+func (vnl VirtualNetworkLink) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if vnl.Etag != nil {
+		objectMap["etag"] = vnl.Etag
+	}
+	if vnl.VirtualNetworkLinkProperties != nil {
+		objectMap["properties"] = vnl.VirtualNetworkLinkProperties
+	}
+	if vnl.Tags != nil {
+		objectMap["tags"] = vnl.Tags
+	}
+	if vnl.Location != nil {
+		objectMap["location"] = vnl.Location
+	}
+	if vnl.ID != nil {
+		objectMap["id"] = vnl.ID
+	}
+	if vnl.Name != nil {
+		objectMap["name"] = vnl.Name
+	}
+	if vnl.Type != nil {
+		objectMap["type"] = vnl.Type
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for VirtualNetworkLink struct.
+func (vnl *VirtualNetworkLink) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				vnl.Etag = &etag
+			}
+		case "properties":
+			if v != nil {
+				var virtualNetworkLinkProperties VirtualNetworkLinkProperties
+				err = json.Unmarshal(*v, &virtualNetworkLinkProperties)
+				if err != nil {
+					return err
+				}
+				vnl.VirtualNetworkLinkProperties = &virtualNetworkLinkProperties
+			}
+		case "tags":
+			if v != nil {
+				var tags map[string]*string
+				err = json.Unmarshal(*v, &tags)
+				if err != nil {
+					return err
+				}
+				vnl.Tags = tags
+			}
+		case "location":
+			if v != nil {
+				var location string
+				err = json.Unmarshal(*v, &location)
+				if err != nil {
+					return err
+				}
+				vnl.Location = &location
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				vnl.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				vnl.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				vnl.Type = &typeVar
+			}
+		}
+	}
+
+	return nil
+}
+
+// VirtualNetworkLinkListResult the response to a list virtual network link to Private DNS zone operation.
+type VirtualNetworkLinkListResult struct {
+	autorest.Response `json:"-"`
+	// Value - Information about the virtual network links to the Private DNS zones.
+	Value *[]VirtualNetworkLink `json:"value,omitempty"`
+	// NextLink - The continuation token for the next page of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualNetworkLinkListResultIterator provides access to a complete listing of VirtualNetworkLink values.
+type VirtualNetworkLinkListResultIterator struct {
+	i    int
+	page VirtualNetworkLinkListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualNetworkLinkListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinkListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *VirtualNetworkLinkListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualNetworkLinkListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualNetworkLinkListResultIterator) Response() VirtualNetworkLinkListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualNetworkLinkListResultIterator) Value() VirtualNetworkLink {
+	if !iter.page.NotDone() {
+		return VirtualNetworkLink{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the VirtualNetworkLinkListResultIterator type.
+func NewVirtualNetworkLinkListResultIterator(page VirtualNetworkLinkListResultPage) VirtualNetworkLinkListResultIterator {
+	return VirtualNetworkLinkListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vnllr VirtualNetworkLinkListResult) IsEmpty() bool {
+	return vnllr.Value == nil || len(*vnllr.Value) == 0
+}
+
+// virtualNetworkLinkListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vnllr VirtualNetworkLinkListResult) virtualNetworkLinkListResultPreparer(ctx context.Context) (*http.Request, error) {
+	if vnllr.NextLink == nil || len(to.String(vnllr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vnllr.NextLink)))
+}
+
+// VirtualNetworkLinkListResultPage contains a page of VirtualNetworkLink values.
+type VirtualNetworkLinkListResultPage struct {
+	fn    func(context.Context, VirtualNetworkLinkListResult) (VirtualNetworkLinkListResult, error)
+	vnllr VirtualNetworkLinkListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualNetworkLinkListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinkListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	next, err := page.fn(ctx, page.vnllr)
+	if err != nil {
+		return err
+	}
+	page.vnllr = next
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *VirtualNetworkLinkListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualNetworkLinkListResultPage) NotDone() bool {
+	return !page.vnllr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualNetworkLinkListResultPage) Response() VirtualNetworkLinkListResult {
+	return page.vnllr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualNetworkLinkListResultPage) Values() []VirtualNetworkLink {
+	if page.vnllr.IsEmpty() {
+		return nil
+	}
+	return *page.vnllr.Value
+}
+
+// Creates a new instance of the VirtualNetworkLinkListResultPage type.
+func NewVirtualNetworkLinkListResultPage(getNextPage func(context.Context, VirtualNetworkLinkListResult) (VirtualNetworkLinkListResult, error)) VirtualNetworkLinkListResultPage {
+	return VirtualNetworkLinkListResultPage{fn: getNextPage}
+}
+
+// VirtualNetworkLinkProperties represents the properties of the Private DNS zone.
+type VirtualNetworkLinkProperties struct {
+	// VirtualNetwork - The reference of the virtual network.
+	VirtualNetwork *SubResource `json:"virtualNetwork,omitempty"`
+	// RegistrationEnabled - Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?
+	RegistrationEnabled *bool `json:"registrationEnabled,omitempty"`
+	// VirtualNetworkLinkState - The status of the virtual network link to the Private DNS zone. Possible values are 'InProgress' and 'Done'. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'InProgress', 'Completed'
+	VirtualNetworkLinkState VirtualNetworkLinkState `json:"virtualNetworkLinkState,omitempty"`
+	// ProvisioningState - The provisioning state of the resource. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'Creating', 'Updating', 'Deleting', 'Succeeded', 'Failed', 'Canceled'
+	ProvisioningState ProvisioningState `json:"provisioningState,omitempty"`
+}
+
+// VirtualNetworkLinksCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualNetworkLinksCreateOrUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *VirtualNetworkLinksCreateOrUpdateFuture) Result(client VirtualNetworkLinksClient) (vnl VirtualNetworkLink, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksCreateOrUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksCreateOrUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if vnl.Response.Response, err = future.GetResult(sender); err == nil && vnl.Response.Response.StatusCode != http.StatusNoContent {
+		vnl, err = client.CreateOrUpdateResponder(vnl.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksCreateOrUpdateFuture", "Result", vnl.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
+
+// VirtualNetworkLinksDeleteFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualNetworkLinksDeleteFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *VirtualNetworkLinksDeleteFuture) Result(client VirtualNetworkLinksClient) (ar autorest.Response, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksDeleteFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksDeleteFuture")
+		return
+	}
+	ar.Response = future.Response()
+	return
+}
+
+// VirtualNetworkLinksUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualNetworkLinksUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *VirtualNetworkLinksUpdateFuture) Result(client VirtualNetworkLinksClient) (vnl VirtualNetworkLink, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if vnl.Response.Response, err = future.GetResult(sender); err == nil && vnl.Response.Response.StatusCode != http.StatusNoContent {
+		vnl, err = client.UpdateResponder(vnl.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksUpdateFuture", "Result", vnl.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
diff --git a/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/privatezones.go b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/privatezones.go
new file mode 100644
index 00000000000..ce1f087e49c
--- /dev/null
+++ b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/privatezones.go
@@ -0,0 +1,613 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// PrivateZonesClient is the the Private DNS Management Client.
+type PrivateZonesClient struct {
+	BaseClient
+}
+
+// NewPrivateZonesClient creates an instance of the PrivateZonesClient client.
+func NewPrivateZonesClient(subscriptionID string) PrivateZonesClient {
+	return NewPrivateZonesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewPrivateZonesClientWithBaseURI creates an instance of the PrivateZonesClient client.
+func NewPrivateZonesClientWithBaseURI(baseURI string, subscriptionID string) PrivateZonesClient {
+	return PrivateZonesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a Private DNS zone. Does not modify Links to virtual networks or DNS records
+// within the zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// parameters - parameters supplied to the CreateOrUpdate operation.
+// ifMatch - the ETag of the Private DNS zone. Omit this value to always overwrite the current zone. Specify
+// the last-seen ETag value to prevent accidentally overwriting any concurrent changes.
+// ifNoneMatch - set to '*' to allow a new Private DNS zone to be created, but to prevent updating an existing
+// zone. Other values will be ignored.
+func (client PrivateZonesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string, ifNoneMatch string) (result PrivateZonesCreateOrUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, parameters, ifMatch, ifNoneMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client PrivateZonesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string, ifNoneMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	if len(ifNoneMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) CreateOrUpdateSender(req *http.Request) (future PrivateZonesCreateOrUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) CreateOrUpdateResponder(resp *http.Response) (result PrivateZone, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a Private DNS zone. WARNING: All DNS records in the zone will also be deleted. This operation cannot
+// be undone. Private DNS zone cannot be deleted unless all virtual network links to it are removed.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// ifMatch - the ETag of the Private DNS zone. Omit this value to always delete the current zone. Specify the
+// last-seen ETag value to prevent accidentally deleting any concurrent changes.
+func (client PrivateZonesClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, ifMatch string) (result PrivateZonesDeleteFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Delete")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client PrivateZonesClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) DeleteSender(req *http.Request) (future PrivateZonesDeleteFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a Private DNS zone. Retrieves the zone properties, but not the virtual networks links or the record sets
+// within the zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+func (client PrivateZonesClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string) (result PrivateZone, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client PrivateZonesClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) GetResponder(resp *http.Response) (result PrivateZone, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists the Private DNS zones in all resource groups in a subscription.
+// Parameters:
+// top - the maximum number of Private DNS zones to return. If not specified, returns up to 100 zones.
+func (client PrivateZonesClient) List(ctx context.Context, top *int32) (result PrivateZoneListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.List")
+		defer func() {
+			sc := -1
+			if result.pzlr.Response.Response != nil {
+				sc = result.pzlr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, top)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.pzlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.pzlr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client PrivateZonesClient) ListPreparer(ctx context.Context, top *int32) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Network/privateDnsZones", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) ListResponder(resp *http.Response) (result PrivateZoneListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client PrivateZonesClient) listNextResults(ctx context.Context, lastResults PrivateZoneListResult) (result PrivateZoneListResult, err error) {
+	req, err := lastResults.privateZoneListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client PrivateZonesClient) ListComplete(ctx context.Context, top *int32) (result PrivateZoneListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.List")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.List(ctx, top)
+	return
+}
+
+// ListByResourceGroup lists the Private DNS zones within a resource group.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets.
+func (client PrivateZonesClient) ListByResourceGroup(ctx context.Context, resourceGroupName string, top *int32) (result PrivateZoneListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.ListByResourceGroup")
+		defer func() {
+			sc := -1
+			if result.pzlr.Response.Response != nil {
+				sc = result.pzlr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listByResourceGroupNextResults
+	req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName, top)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.pzlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.pzlr, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client PrivateZonesClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string, top *int32) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) ListByResourceGroupResponder(resp *http.Response) (result PrivateZoneListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByResourceGroupNextResults retrieves the next set of results, if any.
+func (client PrivateZonesClient) listByResourceGroupNextResults(ctx context.Context, lastResults PrivateZoneListResult) (result PrivateZoneListResult, err error) {
+	req, err := lastResults.privateZoneListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client PrivateZonesClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string, top *int32) (result PrivateZoneListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.ListByResourceGroup")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.ListByResourceGroup(ctx, resourceGroupName, top)
+	return
+}
+
+// Update updates a Private DNS zone. Does not modify virtual network links or DNS records within the zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// parameters - parameters supplied to the Update operation.
+// ifMatch - the ETag of the Private DNS zone. Omit this value to always overwrite the current zone. Specify
+// the last-seen ETag value to prevent accidentally overwriting any concurrent changes.
+func (client PrivateZonesClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string) (result PrivateZonesUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Update")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, parameters, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client PrivateZonesClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) UpdateSender(req *http.Request) (future PrivateZonesUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) UpdateResponder(resp *http.Response) (result PrivateZone, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/recordsets.go b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/recordsets.go
new file mode 100644
index 00000000000..1a2b1a82b9a
--- /dev/null
+++ b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/recordsets.go
@@ -0,0 +1,648 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// RecordSetsClient is the the Private DNS Management Client.
+type RecordSetsClient struct {
+	BaseClient
+}
+
+// NewRecordSetsClient creates an instance of the RecordSetsClient client.
+func NewRecordSetsClient(subscriptionID string) RecordSetsClient {
+	return NewRecordSetsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewRecordSetsClientWithBaseURI creates an instance of the RecordSetsClient client.
+func NewRecordSetsClientWithBaseURI(baseURI string, subscriptionID string) RecordSetsClient {
+	return RecordSetsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a record set within a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set. Record sets of type SOA can be updated but not
+// created (they are created when the Private DNS zone is created).
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+// parameters - parameters supplied to the CreateOrUpdate operation.
+// ifMatch - the ETag of the record set. Omit this value to always overwrite the current record set. Specify
+// the last-seen ETag value to prevent accidentally overwriting any concurrent changes.
+// ifNoneMatch - set to '*' to allow a new record set to be created, but to prevent updating an existing record
+// set. Other values will be ignored.
+func (client RecordSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string, ifNoneMatch string) (result RecordSet, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, parameters, ifMatch, ifNoneMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.CreateOrUpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client RecordSetsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string, ifNoneMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	if len(ifNoneMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) CreateOrUpdateResponder(resp *http.Response) (result RecordSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a record set from a Private DNS zone. This operation cannot be undone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set. Record sets of type SOA cannot be deleted (they are
+// deleted when the Private DNS zone is deleted).
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+// ifMatch - the ETag of the record set. Omit this value to always delete the current record set. Specify the
+// last-seen ETag value to prevent accidentally deleting any concurrent changes.
+func (client RecordSetsClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, ifMatch string) (result autorest.Response, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Delete")
+		defer func() {
+			sc := -1
+			if result.Response != nil {
+				sc = result.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.DeleteSender(req)
+	if err != nil {
+		result.Response = resp
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.DeleteResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client RecordSetsClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) DeleteSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a record set.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set.
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+func (client RecordSetsClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string) (result RecordSet, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client RecordSetsClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) GetResponder(resp *http.Response) (result RecordSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all record sets in a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets.
+// recordsetnamesuffix - the suffix label of the record set name to be used to filter the record set
+// enumeration. If this parameter is specified, the returned enumeration will only contain records that end
+// with ".<recordsetnamesuffix>".
+func (client RecordSetsClient) List(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.List")
+		defer func() {
+			sc := -1
+			if result.rslr.Response.Response != nil {
+				sc = result.rslr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName, privateZoneName, top, recordsetnamesuffix)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.rslr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.rslr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client RecordSetsClient) ListPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+	if len(recordsetnamesuffix) > 0 {
+		queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/ALL", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) ListResponder(resp *http.Response) (result RecordSetListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client RecordSetsClient) listNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) {
+	req, err := lastResults.recordSetListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client RecordSetsClient) ListComplete(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.List")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.List(ctx, resourceGroupName, privateZoneName, top, recordsetnamesuffix)
+	return
+}
+
+// ListByType lists the record sets of a specified type in a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of record sets to enumerate.
+// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets.
+// recordsetnamesuffix - the suffix label of the record set name to be used to filter the record set
+// enumeration. If this parameter is specified, the returned enumeration will only contain records that end
+// with ".<recordsetnamesuffix>".
+func (client RecordSetsClient) ListByType(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType")
+		defer func() {
+			sc := -1
+			if result.rslr.Response.Response != nil {
+				sc = result.rslr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listByTypeNextResults
+	req, err := client.ListByTypePreparer(ctx, resourceGroupName, privateZoneName, recordType, top, recordsetnamesuffix)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByTypeSender(req)
+	if err != nil {
+		result.rslr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", resp, "Failure sending request")
+		return
+	}
+
+	result.rslr, err = client.ListByTypeResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByTypePreparer prepares the ListByType request.
+func (client RecordSetsClient) ListByTypePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"recordType":        autorest.Encode("path", recordType),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+	if len(recordsetnamesuffix) > 0 {
+		queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByTypeSender sends the ListByType request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) ListByTypeSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByTypeResponder handles the response to the ListByType request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) ListByTypeResponder(resp *http.Response) (result RecordSetListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByTypeNextResults retrieves the next set of results, if any.
+func (client RecordSetsClient) listByTypeNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) {
+	req, err := lastResults.recordSetListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByTypeSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByTypeResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByTypeComplete enumerates all values, automatically crossing page boundaries as required.
+func (client RecordSetsClient) ListByTypeComplete(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.ListByType(ctx, resourceGroupName, privateZoneName, recordType, top, recordsetnamesuffix)
+	return
+}
+
+// Update updates a record set within a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set.
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+// parameters - parameters supplied to the Update operation.
+// ifMatch - the ETag of the record set. Omit this value to always overwrite the current record set. Specify
+// the last-seen ETag value to prevent accidentally overwriting concurrent changes.
+func (client RecordSetsClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string) (result RecordSet, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Update")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, parameters, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.UpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.UpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client RecordSetsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) UpdateSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) UpdateResponder(resp *http.Response) (result RecordSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/version.go b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/version.go
new file mode 100644
index 00000000000..379d00f9d04
--- /dev/null
+++ b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/version.go
@@ -0,0 +1,30 @@
+package privatedns
+
+import "github.com/Azure/azure-sdk-for-go/version"
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+// UserAgent returns the UserAgent string to use when sending http.Requests.
+func UserAgent() string {
+	return "Azure-SDK-For-Go/" + version.Number + " privatedns/2018-09-01"
+}
+
+// Version returns the semantic version (see http://semver.org) of the client.
+func Version() string {
+	return version.Number
+}
diff --git a/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/virtualnetworklinks.go b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/virtualnetworklinks.go
new file mode 100644
index 00000000000..d5f8897288f
--- /dev/null
+++ b/pkg/terraform/exec/plugins/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/virtualnetworklinks.go
@@ -0,0 +1,510 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// VirtualNetworkLinksClient is the the Private DNS Management Client.
+type VirtualNetworkLinksClient struct {
+	BaseClient
+}
+
+// NewVirtualNetworkLinksClient creates an instance of the VirtualNetworkLinksClient client.
+func NewVirtualNetworkLinksClient(subscriptionID string) VirtualNetworkLinksClient {
+	return NewVirtualNetworkLinksClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualNetworkLinksClientWithBaseURI creates an instance of the VirtualNetworkLinksClient client.
+func NewVirtualNetworkLinksClientWithBaseURI(baseURI string, subscriptionID string) VirtualNetworkLinksClient {
+	return VirtualNetworkLinksClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a virtual network link to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+// parameters - parameters supplied to the CreateOrUpdate operation.
+// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always overwrite
+// the current virtual network link. Specify the last-seen ETag value to prevent accidentally overwriting any
+// concurrent changes.
+// ifNoneMatch - set to '*' to allow a new virtual network link to the Private DNS zone to be created, but to
+// prevent updating an existing link. Other values will be ignored.
+func (client VirtualNetworkLinksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string, ifNoneMatch string) (result VirtualNetworkLinksCreateOrUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, parameters, ifMatch, ifNoneMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client VirtualNetworkLinksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string, ifNoneMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	if len(ifNoneMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) CreateOrUpdateSender(req *http.Request) (future VirtualNetworkLinksCreateOrUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) CreateOrUpdateResponder(resp *http.Response) (result VirtualNetworkLink, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a virtual network link to the specified Private DNS zone. WARNING: In case of a registration virtual
+// network, all auto-registered DNS records in the zone for the virtual network will also be deleted. This operation
+// cannot be undone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always delete the
+// current zone. Specify the last-seen ETag value to prevent accidentally deleting any concurrent changes.
+func (client VirtualNetworkLinksClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, ifMatch string) (result VirtualNetworkLinksDeleteFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Delete")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VirtualNetworkLinksClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) DeleteSender(req *http.Request) (future VirtualNetworkLinksDeleteFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a virtual network link to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+func (client VirtualNetworkLinksClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string) (result VirtualNetworkLink, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualNetworkLinksClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) GetResponder(resp *http.Response) (result VirtualNetworkLink, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists the virtual network links to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// top - the maximum number of virtual network links to return. If not specified, returns up to 100 virtual
+// network links.
+func (client VirtualNetworkLinksClient) List(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (result VirtualNetworkLinkListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.List")
+		defer func() {
+			sc := -1
+			if result.vnllr.Response.Response != nil {
+				sc = result.vnllr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName, privateZoneName, top)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.vnllr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.vnllr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualNetworkLinksClient) ListPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) ListResponder(resp *http.Response) (result VirtualNetworkLinkListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VirtualNetworkLinksClient) listNextResults(ctx context.Context, lastResults VirtualNetworkLinkListResult) (result VirtualNetworkLinkListResult, err error) {
+	req, err := lastResults.virtualNetworkLinkListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualNetworkLinksClient) ListComplete(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (result VirtualNetworkLinkListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.List")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.List(ctx, resourceGroupName, privateZoneName, top)
+	return
+}
+
+// Update updates a virtual network link to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+// parameters - parameters supplied to the Update operation.
+// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always overwrite
+// the current virtual network link. Specify the last-seen ETag value to prevent accidentally overwriting any
+// concurrent changes.
+func (client VirtualNetworkLinksClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string) (result VirtualNetworkLinksUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Update")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, parameters, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client VirtualNetworkLinksClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) UpdateSender(req *http.Request) (future VirtualNetworkLinksUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) UpdateResponder(resp *http.Response) (result VirtualNetworkLink, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/client.go
new file mode 100644
index 00000000000..3a72459cd34
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/client.go
@@ -0,0 +1,51 @@
+// Package privatedns implements the Azure ARM Privatedns service API version 2018-09-01.
+//
+// The Private DNS Management Client.
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+)
+
+const (
+	// DefaultBaseURI is the default URI used for the service Privatedns
+	DefaultBaseURI = "https://management.azure.com"
+)
+
+// BaseClient is the base client for Privatedns.
+type BaseClient struct {
+	autorest.Client
+	BaseURI        string
+	SubscriptionID string
+}
+
+// New creates an instance of the BaseClient client.
+func New(subscriptionID string) BaseClient {
+	return NewWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewWithBaseURI creates an instance of the BaseClient client.
+func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient {
+	return BaseClient{
+		Client:         autorest.NewClientWithUserAgent(UserAgent()),
+		BaseURI:        baseURI,
+		SubscriptionID: subscriptionID,
+	}
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/models.go
new file mode 100644
index 00000000000..af93b18015c
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/models.go
@@ -0,0 +1,1246 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"encoding/json"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/to"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// The package's fully qualified name.
+const fqdn = "github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns"
+
+// ProvisioningState enumerates the values for provisioning state.
+type ProvisioningState string
+
+const (
+	// Canceled ...
+	Canceled ProvisioningState = "Canceled"
+	// Creating ...
+	Creating ProvisioningState = "Creating"
+	// Deleting ...
+	Deleting ProvisioningState = "Deleting"
+	// Failed ...
+	Failed ProvisioningState = "Failed"
+	// Succeeded ...
+	Succeeded ProvisioningState = "Succeeded"
+	// Updating ...
+	Updating ProvisioningState = "Updating"
+)
+
+// PossibleProvisioningStateValues returns an array of possible values for the ProvisioningState const type.
+func PossibleProvisioningStateValues() []ProvisioningState {
+	return []ProvisioningState{Canceled, Creating, Deleting, Failed, Succeeded, Updating}
+}
+
+// RecordType enumerates the values for record type.
+type RecordType string
+
+const (
+	// A ...
+	A RecordType = "A"
+	// AAAA ...
+	AAAA RecordType = "AAAA"
+	// CNAME ...
+	CNAME RecordType = "CNAME"
+	// MX ...
+	MX RecordType = "MX"
+	// PTR ...
+	PTR RecordType = "PTR"
+	// SOA ...
+	SOA RecordType = "SOA"
+	// SRV ...
+	SRV RecordType = "SRV"
+	// TXT ...
+	TXT RecordType = "TXT"
+)
+
+// PossibleRecordTypeValues returns an array of possible values for the RecordType const type.
+func PossibleRecordTypeValues() []RecordType {
+	return []RecordType{A, AAAA, CNAME, MX, PTR, SOA, SRV, TXT}
+}
+
+// VirtualNetworkLinkState enumerates the values for virtual network link state.
+type VirtualNetworkLinkState string
+
+const (
+	// Completed ...
+	Completed VirtualNetworkLinkState = "Completed"
+	// InProgress ...
+	InProgress VirtualNetworkLinkState = "InProgress"
+)
+
+// PossibleVirtualNetworkLinkStateValues returns an array of possible values for the VirtualNetworkLinkState const type.
+func PossibleVirtualNetworkLinkStateValues() []VirtualNetworkLinkState {
+	return []VirtualNetworkLinkState{Completed, InProgress}
+}
+
+// AaaaRecord an AAAA record.
+type AaaaRecord struct {
+	// Ipv6Address - The IPv6 address of this AAAA record.
+	Ipv6Address *string `json:"ipv6Address,omitempty"`
+}
+
+// ARecord an A record.
+type ARecord struct {
+	// Ipv4Address - The IPv4 address of this A record.
+	Ipv4Address *string `json:"ipv4Address,omitempty"`
+}
+
+// CloudError an error message
+type CloudError struct {
+	// Error - The error message body
+	Error *CloudErrorBody `json:"error,omitempty"`
+}
+
+// CloudErrorBody the body of an error message
+type CloudErrorBody struct {
+	// Code - The error code
+	Code *string `json:"code,omitempty"`
+	// Message - A description of what caused the error
+	Message *string `json:"message,omitempty"`
+	// Target - The target resource of the error message
+	Target *string `json:"target,omitempty"`
+	// Details - Extra error information
+	Details *[]CloudErrorBody `json:"details,omitempty"`
+}
+
+// CnameRecord a CNAME record.
+type CnameRecord struct {
+	// Cname - The canonical name for this CNAME record.
+	Cname *string `json:"cname,omitempty"`
+}
+
+// MxRecord an MX record.
+type MxRecord struct {
+	// Preference - The preference value for this MX record.
+	Preference *int32 `json:"preference,omitempty"`
+	// Exchange - The domain name of the mail host for this MX record.
+	Exchange *string `json:"exchange,omitempty"`
+}
+
+// PrivateZone describes a Private DNS zone.
+type PrivateZone struct {
+	autorest.Response `json:"-"`
+	// Etag - The ETag of the zone.
+	Etag *string `json:"etag,omitempty"`
+	// PrivateZoneProperties - Properties of the Private DNS zone.
+	*PrivateZoneProperties `json:"properties,omitempty"`
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// Location - The Azure Region where the resource lives
+	Location *string `json:"location,omitempty"`
+	// ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for PrivateZone.
+func (pz PrivateZone) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if pz.Etag != nil {
+		objectMap["etag"] = pz.Etag
+	}
+	if pz.PrivateZoneProperties != nil {
+		objectMap["properties"] = pz.PrivateZoneProperties
+	}
+	if pz.Tags != nil {
+		objectMap["tags"] = pz.Tags
+	}
+	if pz.Location != nil {
+		objectMap["location"] = pz.Location
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for PrivateZone struct.
+func (pz *PrivateZone) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				pz.Etag = &etag
+			}
+		case "properties":
+			if v != nil {
+				var privateZoneProperties PrivateZoneProperties
+				err = json.Unmarshal(*v, &privateZoneProperties)
+				if err != nil {
+					return err
+				}
+				pz.PrivateZoneProperties = &privateZoneProperties
+			}
+		case "tags":
+			if v != nil {
+				var tags map[string]*string
+				err = json.Unmarshal(*v, &tags)
+				if err != nil {
+					return err
+				}
+				pz.Tags = tags
+			}
+		case "location":
+			if v != nil {
+				var location string
+				err = json.Unmarshal(*v, &location)
+				if err != nil {
+					return err
+				}
+				pz.Location = &location
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				pz.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				pz.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				pz.Type = &typeVar
+			}
+		}
+	}
+
+	return nil
+}
+
+// PrivateZoneListResult the response to a Private DNS zone list operation.
+type PrivateZoneListResult struct {
+	autorest.Response `json:"-"`
+	// Value - Information about the Private DNS zones.
+	Value *[]PrivateZone `json:"value,omitempty"`
+	// NextLink - READ-ONLY; The continuation token for the next page of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// PrivateZoneListResultIterator provides access to a complete listing of PrivateZone values.
+type PrivateZoneListResultIterator struct {
+	i    int
+	page PrivateZoneListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *PrivateZoneListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZoneListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *PrivateZoneListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter PrivateZoneListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter PrivateZoneListResultIterator) Response() PrivateZoneListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter PrivateZoneListResultIterator) Value() PrivateZone {
+	if !iter.page.NotDone() {
+		return PrivateZone{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the PrivateZoneListResultIterator type.
+func NewPrivateZoneListResultIterator(page PrivateZoneListResultPage) PrivateZoneListResultIterator {
+	return PrivateZoneListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (pzlr PrivateZoneListResult) IsEmpty() bool {
+	return pzlr.Value == nil || len(*pzlr.Value) == 0
+}
+
+// privateZoneListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (pzlr PrivateZoneListResult) privateZoneListResultPreparer(ctx context.Context) (*http.Request, error) {
+	if pzlr.NextLink == nil || len(to.String(pzlr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(pzlr.NextLink)))
+}
+
+// PrivateZoneListResultPage contains a page of PrivateZone values.
+type PrivateZoneListResultPage struct {
+	fn   func(context.Context, PrivateZoneListResult) (PrivateZoneListResult, error)
+	pzlr PrivateZoneListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *PrivateZoneListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZoneListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	next, err := page.fn(ctx, page.pzlr)
+	if err != nil {
+		return err
+	}
+	page.pzlr = next
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *PrivateZoneListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page PrivateZoneListResultPage) NotDone() bool {
+	return !page.pzlr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page PrivateZoneListResultPage) Response() PrivateZoneListResult {
+	return page.pzlr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page PrivateZoneListResultPage) Values() []PrivateZone {
+	if page.pzlr.IsEmpty() {
+		return nil
+	}
+	return *page.pzlr.Value
+}
+
+// Creates a new instance of the PrivateZoneListResultPage type.
+func NewPrivateZoneListResultPage(getNextPage func(context.Context, PrivateZoneListResult) (PrivateZoneListResult, error)) PrivateZoneListResultPage {
+	return PrivateZoneListResultPage{fn: getNextPage}
+}
+
+// PrivateZoneProperties represents the properties of the Private DNS zone.
+type PrivateZoneProperties struct {
+	// MaxNumberOfRecordSets - READ-ONLY; The maximum number of record sets that can be created in this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	MaxNumberOfRecordSets *int64 `json:"maxNumberOfRecordSets,omitempty"`
+	// NumberOfRecordSets - READ-ONLY; The current number of record sets in this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	NumberOfRecordSets *int64 `json:"numberOfRecordSets,omitempty"`
+	// MaxNumberOfVirtualNetworkLinks - READ-ONLY; The maximum number of virtual networks that can be linked to this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	MaxNumberOfVirtualNetworkLinks *int64 `json:"maxNumberOfVirtualNetworkLinks,omitempty"`
+	// NumberOfVirtualNetworkLinks - READ-ONLY; The current number of virtual networks that are linked to this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored.
+	NumberOfVirtualNetworkLinks *int64 `json:"numberOfVirtualNetworkLinks,omitempty"`
+	// MaxNumberOfVirtualNetworkLinksWithRegistration - READ-ONLY; The maximum number of virtual networks that can be linked to this Private DNS zone with registration enabled. This is a read-only property and any attempt to set this value will be ignored.
+	MaxNumberOfVirtualNetworkLinksWithRegistration *int64 `json:"maxNumberOfVirtualNetworkLinksWithRegistration,omitempty"`
+	// NumberOfVirtualNetworkLinksWithRegistration - READ-ONLY; The current number of virtual networks that are linked to this Private DNS zone with registration enabled. This is a read-only property and any attempt to set this value will be ignored.
+	NumberOfVirtualNetworkLinksWithRegistration *int64 `json:"numberOfVirtualNetworkLinksWithRegistration,omitempty"`
+	// ProvisioningState - READ-ONLY; The provisioning state of the resource. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'Creating', 'Updating', 'Deleting', 'Succeeded', 'Failed', 'Canceled'
+	ProvisioningState ProvisioningState `json:"provisioningState,omitempty"`
+}
+
+// PrivateZonesCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type PrivateZonesCreateOrUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *PrivateZonesCreateOrUpdateFuture) Result(client PrivateZonesClient) (pz PrivateZone, err error) {
+	var done bool
+	done, err = future.DoneWithContext(context.Background(), client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesCreateOrUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesCreateOrUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if pz.Response.Response, err = future.GetResult(sender); err == nil && pz.Response.Response.StatusCode != http.StatusNoContent {
+		pz, err = client.CreateOrUpdateResponder(pz.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesCreateOrUpdateFuture", "Result", pz.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
+
+// PrivateZonesDeleteFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type PrivateZonesDeleteFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *PrivateZonesDeleteFuture) Result(client PrivateZonesClient) (ar autorest.Response, err error) {
+	var done bool
+	done, err = future.DoneWithContext(context.Background(), client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesDeleteFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesDeleteFuture")
+		return
+	}
+	ar.Response = future.Response()
+	return
+}
+
+// PrivateZonesUpdateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type PrivateZonesUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *PrivateZonesUpdateFuture) Result(client PrivateZonesClient) (pz PrivateZone, err error) {
+	var done bool
+	done, err = future.DoneWithContext(context.Background(), client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if pz.Response.Response, err = future.GetResult(sender); err == nil && pz.Response.Response.StatusCode != http.StatusNoContent {
+		pz, err = client.UpdateResponder(pz.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesUpdateFuture", "Result", pz.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
+
+// ProxyResource the resource model definition for an ARM proxy resource.
+type ProxyResource struct {
+	// ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// PtrRecord a PTR record.
+type PtrRecord struct {
+	// Ptrdname - The PTR target domain name for this PTR record.
+	Ptrdname *string `json:"ptrdname,omitempty"`
+}
+
+// RecordSet describes a DNS record set (a collection of DNS records with the same name and type) in a
+// Private DNS zone.
+type RecordSet struct {
+	autorest.Response `json:"-"`
+	// Etag - The ETag of the record set.
+	Etag *string `json:"etag,omitempty"`
+	// RecordSetProperties - The properties of the record set.
+	*RecordSetProperties `json:"properties,omitempty"`
+	// ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for RecordSet.
+func (rs RecordSet) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if rs.Etag != nil {
+		objectMap["etag"] = rs.Etag
+	}
+	if rs.RecordSetProperties != nil {
+		objectMap["properties"] = rs.RecordSetProperties
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for RecordSet struct.
+func (rs *RecordSet) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				rs.Etag = &etag
+			}
+		case "properties":
+			if v != nil {
+				var recordSetProperties RecordSetProperties
+				err = json.Unmarshal(*v, &recordSetProperties)
+				if err != nil {
+					return err
+				}
+				rs.RecordSetProperties = &recordSetProperties
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				rs.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				rs.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				rs.Type = &typeVar
+			}
+		}
+	}
+
+	return nil
+}
+
+// RecordSetListResult the response to a record set list operation.
+type RecordSetListResult struct {
+	autorest.Response `json:"-"`
+	// Value - Information about the record sets in the response.
+	Value *[]RecordSet `json:"value,omitempty"`
+	// NextLink - READ-ONLY; The continuation token for the next page of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// RecordSetListResultIterator provides access to a complete listing of RecordSet values.
+type RecordSetListResultIterator struct {
+	i    int
+	page RecordSetListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *RecordSetListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *RecordSetListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter RecordSetListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter RecordSetListResultIterator) Response() RecordSetListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter RecordSetListResultIterator) Value() RecordSet {
+	if !iter.page.NotDone() {
+		return RecordSet{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the RecordSetListResultIterator type.
+func NewRecordSetListResultIterator(page RecordSetListResultPage) RecordSetListResultIterator {
+	return RecordSetListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (rslr RecordSetListResult) IsEmpty() bool {
+	return rslr.Value == nil || len(*rslr.Value) == 0
+}
+
+// recordSetListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (rslr RecordSetListResult) recordSetListResultPreparer(ctx context.Context) (*http.Request, error) {
+	if rslr.NextLink == nil || len(to.String(rslr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(rslr.NextLink)))
+}
+
+// RecordSetListResultPage contains a page of RecordSet values.
+type RecordSetListResultPage struct {
+	fn   func(context.Context, RecordSetListResult) (RecordSetListResult, error)
+	rslr RecordSetListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *RecordSetListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	next, err := page.fn(ctx, page.rslr)
+	if err != nil {
+		return err
+	}
+	page.rslr = next
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *RecordSetListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page RecordSetListResultPage) NotDone() bool {
+	return !page.rslr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page RecordSetListResultPage) Response() RecordSetListResult {
+	return page.rslr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page RecordSetListResultPage) Values() []RecordSet {
+	if page.rslr.IsEmpty() {
+		return nil
+	}
+	return *page.rslr.Value
+}
+
+// Creates a new instance of the RecordSetListResultPage type.
+func NewRecordSetListResultPage(getNextPage func(context.Context, RecordSetListResult) (RecordSetListResult, error)) RecordSetListResultPage {
+	return RecordSetListResultPage{fn: getNextPage}
+}
+
+// RecordSetProperties represents the properties of the records in the record set.
+type RecordSetProperties struct {
+	// Metadata - The metadata attached to the record set.
+	Metadata map[string]*string `json:"metadata"`
+	// TTL - The TTL (time-to-live) of the records in the record set.
+	TTL *int64 `json:"ttl,omitempty"`
+	// Fqdn - READ-ONLY; Fully qualified domain name of the record set.
+	Fqdn *string `json:"fqdn,omitempty"`
+	// IsAutoRegistered - READ-ONLY; Is the record set auto-registered in the Private DNS zone through a virtual network link?
+	IsAutoRegistered *bool `json:"isAutoRegistered,omitempty"`
+	// ARecords - The list of A records in the record set.
+	ARecords *[]ARecord `json:"aRecords,omitempty"`
+	// AaaaRecords - The list of AAAA records in the record set.
+	AaaaRecords *[]AaaaRecord `json:"aaaaRecords,omitempty"`
+	// CnameRecord - The CNAME record in the record set.
+	CnameRecord *CnameRecord `json:"cnameRecord,omitempty"`
+	// MxRecords - The list of MX records in the record set.
+	MxRecords *[]MxRecord `json:"mxRecords,omitempty"`
+	// PtrRecords - The list of PTR records in the record set.
+	PtrRecords *[]PtrRecord `json:"ptrRecords,omitempty"`
+	// SoaRecord - The SOA record in the record set.
+	SoaRecord *SoaRecord `json:"soaRecord,omitempty"`
+	// SrvRecords - The list of SRV records in the record set.
+	SrvRecords *[]SrvRecord `json:"srvRecords,omitempty"`
+	// TxtRecords - The list of TXT records in the record set.
+	TxtRecords *[]TxtRecord `json:"txtRecords,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for RecordSetProperties.
+func (rsp RecordSetProperties) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if rsp.Metadata != nil {
+		objectMap["metadata"] = rsp.Metadata
+	}
+	if rsp.TTL != nil {
+		objectMap["ttl"] = rsp.TTL
+	}
+	if rsp.ARecords != nil {
+		objectMap["aRecords"] = rsp.ARecords
+	}
+	if rsp.AaaaRecords != nil {
+		objectMap["aaaaRecords"] = rsp.AaaaRecords
+	}
+	if rsp.CnameRecord != nil {
+		objectMap["cnameRecord"] = rsp.CnameRecord
+	}
+	if rsp.MxRecords != nil {
+		objectMap["mxRecords"] = rsp.MxRecords
+	}
+	if rsp.PtrRecords != nil {
+		objectMap["ptrRecords"] = rsp.PtrRecords
+	}
+	if rsp.SoaRecord != nil {
+		objectMap["soaRecord"] = rsp.SoaRecord
+	}
+	if rsp.SrvRecords != nil {
+		objectMap["srvRecords"] = rsp.SrvRecords
+	}
+	if rsp.TxtRecords != nil {
+		objectMap["txtRecords"] = rsp.TxtRecords
+	}
+	return json.Marshal(objectMap)
+}
+
+// Resource the core properties of ARM resources
+type Resource struct {
+	// ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// SoaRecord an SOA record.
+type SoaRecord struct {
+	// Host - The domain name of the authoritative name server for this SOA record.
+	Host *string `json:"host,omitempty"`
+	// Email - The email contact for this SOA record.
+	Email *string `json:"email,omitempty"`
+	// SerialNumber - The serial number for this SOA record.
+	SerialNumber *int64 `json:"serialNumber,omitempty"`
+	// RefreshTime - The refresh value for this SOA record.
+	RefreshTime *int64 `json:"refreshTime,omitempty"`
+	// RetryTime - The retry time for this SOA record.
+	RetryTime *int64 `json:"retryTime,omitempty"`
+	// ExpireTime - The expire time for this SOA record.
+	ExpireTime *int64 `json:"expireTime,omitempty"`
+	// MinimumTTL - The minimum value for this SOA record. By convention this is used to determine the negative caching duration.
+	MinimumTTL *int64 `json:"minimumTtl,omitempty"`
+}
+
+// SrvRecord an SRV record.
+type SrvRecord struct {
+	// Priority - The priority value for this SRV record.
+	Priority *int32 `json:"priority,omitempty"`
+	// Weight - The weight value for this SRV record.
+	Weight *int32 `json:"weight,omitempty"`
+	// Port - The port value for this SRV record.
+	Port *int32 `json:"port,omitempty"`
+	// Target - The target domain name for this SRV record.
+	Target *string `json:"target,omitempty"`
+}
+
+// SubResource reference to another subresource.
+type SubResource struct {
+	// ID - Resource ID.
+	ID *string `json:"id,omitempty"`
+}
+
+// TrackedResource the resource model definition for a ARM tracked top level resource
+type TrackedResource struct {
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// Location - The Azure Region where the resource lives
+	Location *string `json:"location,omitempty"`
+	// ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for TrackedResource.
+func (tr TrackedResource) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if tr.Tags != nil {
+		objectMap["tags"] = tr.Tags
+	}
+	if tr.Location != nil {
+		objectMap["location"] = tr.Location
+	}
+	return json.Marshal(objectMap)
+}
+
+// TxtRecord a TXT record.
+type TxtRecord struct {
+	// Value - The text value of this TXT record.
+	Value *[]string `json:"value,omitempty"`
+}
+
+// VirtualNetworkLink describes a link to virtual network for a Private DNS zone.
+type VirtualNetworkLink struct {
+	autorest.Response `json:"-"`
+	// Etag - The ETag of the virtual network link.
+	Etag *string `json:"etag,omitempty"`
+	// VirtualNetworkLinkProperties - Properties of the virtual network link to the Private DNS zone.
+	*VirtualNetworkLinkProperties `json:"properties,omitempty"`
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// Location - The Azure Region where the resource lives
+	Location *string `json:"location,omitempty"`
+	// ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; The name of the resource
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'.
+	Type *string `json:"type,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for VirtualNetworkLink.
+func (vnl VirtualNetworkLink) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if vnl.Etag != nil {
+		objectMap["etag"] = vnl.Etag
+	}
+	if vnl.VirtualNetworkLinkProperties != nil {
+		objectMap["properties"] = vnl.VirtualNetworkLinkProperties
+	}
+	if vnl.Tags != nil {
+		objectMap["tags"] = vnl.Tags
+	}
+	if vnl.Location != nil {
+		objectMap["location"] = vnl.Location
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for VirtualNetworkLink struct.
+func (vnl *VirtualNetworkLink) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				vnl.Etag = &etag
+			}
+		case "properties":
+			if v != nil {
+				var virtualNetworkLinkProperties VirtualNetworkLinkProperties
+				err = json.Unmarshal(*v, &virtualNetworkLinkProperties)
+				if err != nil {
+					return err
+				}
+				vnl.VirtualNetworkLinkProperties = &virtualNetworkLinkProperties
+			}
+		case "tags":
+			if v != nil {
+				var tags map[string]*string
+				err = json.Unmarshal(*v, &tags)
+				if err != nil {
+					return err
+				}
+				vnl.Tags = tags
+			}
+		case "location":
+			if v != nil {
+				var location string
+				err = json.Unmarshal(*v, &location)
+				if err != nil {
+					return err
+				}
+				vnl.Location = &location
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				vnl.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				vnl.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				vnl.Type = &typeVar
+			}
+		}
+	}
+
+	return nil
+}
+
+// VirtualNetworkLinkListResult the response to a list virtual network link to Private DNS zone operation.
+type VirtualNetworkLinkListResult struct {
+	autorest.Response `json:"-"`
+	// Value - Information about the virtual network links to the Private DNS zones.
+	Value *[]VirtualNetworkLink `json:"value,omitempty"`
+	// NextLink - READ-ONLY; The continuation token for the next page of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualNetworkLinkListResultIterator provides access to a complete listing of VirtualNetworkLink values.
+type VirtualNetworkLinkListResultIterator struct {
+	i    int
+	page VirtualNetworkLinkListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualNetworkLinkListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinkListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *VirtualNetworkLinkListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualNetworkLinkListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualNetworkLinkListResultIterator) Response() VirtualNetworkLinkListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualNetworkLinkListResultIterator) Value() VirtualNetworkLink {
+	if !iter.page.NotDone() {
+		return VirtualNetworkLink{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the VirtualNetworkLinkListResultIterator type.
+func NewVirtualNetworkLinkListResultIterator(page VirtualNetworkLinkListResultPage) VirtualNetworkLinkListResultIterator {
+	return VirtualNetworkLinkListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vnllr VirtualNetworkLinkListResult) IsEmpty() bool {
+	return vnllr.Value == nil || len(*vnllr.Value) == 0
+}
+
+// virtualNetworkLinkListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vnllr VirtualNetworkLinkListResult) virtualNetworkLinkListResultPreparer(ctx context.Context) (*http.Request, error) {
+	if vnllr.NextLink == nil || len(to.String(vnllr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vnllr.NextLink)))
+}
+
+// VirtualNetworkLinkListResultPage contains a page of VirtualNetworkLink values.
+type VirtualNetworkLinkListResultPage struct {
+	fn    func(context.Context, VirtualNetworkLinkListResult) (VirtualNetworkLinkListResult, error)
+	vnllr VirtualNetworkLinkListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualNetworkLinkListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinkListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	next, err := page.fn(ctx, page.vnllr)
+	if err != nil {
+		return err
+	}
+	page.vnllr = next
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *VirtualNetworkLinkListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualNetworkLinkListResultPage) NotDone() bool {
+	return !page.vnllr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualNetworkLinkListResultPage) Response() VirtualNetworkLinkListResult {
+	return page.vnllr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualNetworkLinkListResultPage) Values() []VirtualNetworkLink {
+	if page.vnllr.IsEmpty() {
+		return nil
+	}
+	return *page.vnllr.Value
+}
+
+// Creates a new instance of the VirtualNetworkLinkListResultPage type.
+func NewVirtualNetworkLinkListResultPage(getNextPage func(context.Context, VirtualNetworkLinkListResult) (VirtualNetworkLinkListResult, error)) VirtualNetworkLinkListResultPage {
+	return VirtualNetworkLinkListResultPage{fn: getNextPage}
+}
+
+// VirtualNetworkLinkProperties represents the properties of the Private DNS zone.
+type VirtualNetworkLinkProperties struct {
+	// VirtualNetwork - The reference of the virtual network.
+	VirtualNetwork *SubResource `json:"virtualNetwork,omitempty"`
+	// RegistrationEnabled - Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?
+	RegistrationEnabled *bool `json:"registrationEnabled,omitempty"`
+	// VirtualNetworkLinkState - READ-ONLY; The status of the virtual network link to the Private DNS zone. Possible values are 'InProgress' and 'Done'. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'InProgress', 'Completed'
+	VirtualNetworkLinkState VirtualNetworkLinkState `json:"virtualNetworkLinkState,omitempty"`
+	// ProvisioningState - READ-ONLY; The provisioning state of the resource. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'Creating', 'Updating', 'Deleting', 'Succeeded', 'Failed', 'Canceled'
+	ProvisioningState ProvisioningState `json:"provisioningState,omitempty"`
+}
+
+// VirtualNetworkLinksCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualNetworkLinksCreateOrUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *VirtualNetworkLinksCreateOrUpdateFuture) Result(client VirtualNetworkLinksClient) (vnl VirtualNetworkLink, err error) {
+	var done bool
+	done, err = future.DoneWithContext(context.Background(), client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksCreateOrUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksCreateOrUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if vnl.Response.Response, err = future.GetResult(sender); err == nil && vnl.Response.Response.StatusCode != http.StatusNoContent {
+		vnl, err = client.CreateOrUpdateResponder(vnl.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksCreateOrUpdateFuture", "Result", vnl.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
+
+// VirtualNetworkLinksDeleteFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualNetworkLinksDeleteFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *VirtualNetworkLinksDeleteFuture) Result(client VirtualNetworkLinksClient) (ar autorest.Response, err error) {
+	var done bool
+	done, err = future.DoneWithContext(context.Background(), client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksDeleteFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksDeleteFuture")
+		return
+	}
+	ar.Response = future.Response()
+	return
+}
+
+// VirtualNetworkLinksUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualNetworkLinksUpdateFuture struct {
+	azure.Future
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future *VirtualNetworkLinksUpdateFuture) Result(client VirtualNetworkLinksClient) (vnl VirtualNetworkLink, err error) {
+	var done bool
+	done, err = future.DoneWithContext(context.Background(), client)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksUpdateFuture", "Result", future.Response(), "Polling failure")
+		return
+	}
+	if !done {
+		err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksUpdateFuture")
+		return
+	}
+	sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if vnl.Response.Response, err = future.GetResult(sender); err == nil && vnl.Response.Response.StatusCode != http.StatusNoContent {
+		vnl, err = client.UpdateResponder(vnl.Response.Response)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksUpdateFuture", "Result", vnl.Response.Response, "Failure responding to request")
+		}
+	}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/privatezones.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/privatezones.go
new file mode 100644
index 00000000000..ce1f087e49c
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/privatezones.go
@@ -0,0 +1,613 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// PrivateZonesClient is the the Private DNS Management Client.
+type PrivateZonesClient struct {
+	BaseClient
+}
+
+// NewPrivateZonesClient creates an instance of the PrivateZonesClient client.
+func NewPrivateZonesClient(subscriptionID string) PrivateZonesClient {
+	return NewPrivateZonesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewPrivateZonesClientWithBaseURI creates an instance of the PrivateZonesClient client.
+func NewPrivateZonesClientWithBaseURI(baseURI string, subscriptionID string) PrivateZonesClient {
+	return PrivateZonesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a Private DNS zone. Does not modify Links to virtual networks or DNS records
+// within the zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// parameters - parameters supplied to the CreateOrUpdate operation.
+// ifMatch - the ETag of the Private DNS zone. Omit this value to always overwrite the current zone. Specify
+// the last-seen ETag value to prevent accidentally overwriting any concurrent changes.
+// ifNoneMatch - set to '*' to allow a new Private DNS zone to be created, but to prevent updating an existing
+// zone. Other values will be ignored.
+func (client PrivateZonesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string, ifNoneMatch string) (result PrivateZonesCreateOrUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, parameters, ifMatch, ifNoneMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client PrivateZonesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string, ifNoneMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	if len(ifNoneMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) CreateOrUpdateSender(req *http.Request) (future PrivateZonesCreateOrUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) CreateOrUpdateResponder(resp *http.Response) (result PrivateZone, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a Private DNS zone. WARNING: All DNS records in the zone will also be deleted. This operation cannot
+// be undone. Private DNS zone cannot be deleted unless all virtual network links to it are removed.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// ifMatch - the ETag of the Private DNS zone. Omit this value to always delete the current zone. Specify the
+// last-seen ETag value to prevent accidentally deleting any concurrent changes.
+func (client PrivateZonesClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, ifMatch string) (result PrivateZonesDeleteFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Delete")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client PrivateZonesClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) DeleteSender(req *http.Request) (future PrivateZonesDeleteFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a Private DNS zone. Retrieves the zone properties, but not the virtual networks links or the record sets
+// within the zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+func (client PrivateZonesClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string) (result PrivateZone, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client PrivateZonesClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) GetResponder(resp *http.Response) (result PrivateZone, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists the Private DNS zones in all resource groups in a subscription.
+// Parameters:
+// top - the maximum number of Private DNS zones to return. If not specified, returns up to 100 zones.
+func (client PrivateZonesClient) List(ctx context.Context, top *int32) (result PrivateZoneListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.List")
+		defer func() {
+			sc := -1
+			if result.pzlr.Response.Response != nil {
+				sc = result.pzlr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, top)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.pzlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.pzlr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client PrivateZonesClient) ListPreparer(ctx context.Context, top *int32) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Network/privateDnsZones", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) ListResponder(resp *http.Response) (result PrivateZoneListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client PrivateZonesClient) listNextResults(ctx context.Context, lastResults PrivateZoneListResult) (result PrivateZoneListResult, err error) {
+	req, err := lastResults.privateZoneListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client PrivateZonesClient) ListComplete(ctx context.Context, top *int32) (result PrivateZoneListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.List")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.List(ctx, top)
+	return
+}
+
+// ListByResourceGroup lists the Private DNS zones within a resource group.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets.
+func (client PrivateZonesClient) ListByResourceGroup(ctx context.Context, resourceGroupName string, top *int32) (result PrivateZoneListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.ListByResourceGroup")
+		defer func() {
+			sc := -1
+			if result.pzlr.Response.Response != nil {
+				sc = result.pzlr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listByResourceGroupNextResults
+	req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName, top)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.pzlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.pzlr, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client PrivateZonesClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string, top *int32) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) ListByResourceGroupResponder(resp *http.Response) (result PrivateZoneListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByResourceGroupNextResults retrieves the next set of results, if any.
+func (client PrivateZonesClient) listByResourceGroupNextResults(ctx context.Context, lastResults PrivateZoneListResult) (result PrivateZoneListResult, err error) {
+	req, err := lastResults.privateZoneListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client PrivateZonesClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string, top *int32) (result PrivateZoneListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.ListByResourceGroup")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.ListByResourceGroup(ctx, resourceGroupName, top)
+	return
+}
+
+// Update updates a Private DNS zone. Does not modify virtual network links or DNS records within the zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// parameters - parameters supplied to the Update operation.
+// ifMatch - the ETag of the Private DNS zone. Omit this value to always overwrite the current zone. Specify
+// the last-seen ETag value to prevent accidentally overwriting any concurrent changes.
+func (client PrivateZonesClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string) (result PrivateZonesUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Update")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, parameters, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client PrivateZonesClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client PrivateZonesClient) UpdateSender(req *http.Request) (future PrivateZonesUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client PrivateZonesClient) UpdateResponder(resp *http.Response) (result PrivateZone, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/recordsets.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/recordsets.go
new file mode 100644
index 00000000000..1a2b1a82b9a
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/recordsets.go
@@ -0,0 +1,648 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// RecordSetsClient is the the Private DNS Management Client.
+type RecordSetsClient struct {
+	BaseClient
+}
+
+// NewRecordSetsClient creates an instance of the RecordSetsClient client.
+func NewRecordSetsClient(subscriptionID string) RecordSetsClient {
+	return NewRecordSetsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewRecordSetsClientWithBaseURI creates an instance of the RecordSetsClient client.
+func NewRecordSetsClientWithBaseURI(baseURI string, subscriptionID string) RecordSetsClient {
+	return RecordSetsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a record set within a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set. Record sets of type SOA can be updated but not
+// created (they are created when the Private DNS zone is created).
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+// parameters - parameters supplied to the CreateOrUpdate operation.
+// ifMatch - the ETag of the record set. Omit this value to always overwrite the current record set. Specify
+// the last-seen ETag value to prevent accidentally overwriting any concurrent changes.
+// ifNoneMatch - set to '*' to allow a new record set to be created, but to prevent updating an existing record
+// set. Other values will be ignored.
+func (client RecordSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string, ifNoneMatch string) (result RecordSet, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, parameters, ifMatch, ifNoneMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.CreateOrUpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client RecordSetsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string, ifNoneMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	if len(ifNoneMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) CreateOrUpdateResponder(resp *http.Response) (result RecordSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a record set from a Private DNS zone. This operation cannot be undone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set. Record sets of type SOA cannot be deleted (they are
+// deleted when the Private DNS zone is deleted).
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+// ifMatch - the ETag of the record set. Omit this value to always delete the current record set. Specify the
+// last-seen ETag value to prevent accidentally deleting any concurrent changes.
+func (client RecordSetsClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, ifMatch string) (result autorest.Response, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Delete")
+		defer func() {
+			sc := -1
+			if result.Response != nil {
+				sc = result.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.DeleteSender(req)
+	if err != nil {
+		result.Response = resp
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.DeleteResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client RecordSetsClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) DeleteSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a record set.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set.
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+func (client RecordSetsClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string) (result RecordSet, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client RecordSetsClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) GetResponder(resp *http.Response) (result RecordSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all record sets in a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets.
+// recordsetnamesuffix - the suffix label of the record set name to be used to filter the record set
+// enumeration. If this parameter is specified, the returned enumeration will only contain records that end
+// with ".<recordsetnamesuffix>".
+func (client RecordSetsClient) List(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.List")
+		defer func() {
+			sc := -1
+			if result.rslr.Response.Response != nil {
+				sc = result.rslr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName, privateZoneName, top, recordsetnamesuffix)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.rslr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.rslr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client RecordSetsClient) ListPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+	if len(recordsetnamesuffix) > 0 {
+		queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/ALL", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) ListResponder(resp *http.Response) (result RecordSetListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client RecordSetsClient) listNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) {
+	req, err := lastResults.recordSetListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client RecordSetsClient) ListComplete(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.List")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.List(ctx, resourceGroupName, privateZoneName, top, recordsetnamesuffix)
+	return
+}
+
+// ListByType lists the record sets of a specified type in a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of record sets to enumerate.
+// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets.
+// recordsetnamesuffix - the suffix label of the record set name to be used to filter the record set
+// enumeration. If this parameter is specified, the returned enumeration will only contain records that end
+// with ".<recordsetnamesuffix>".
+func (client RecordSetsClient) ListByType(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType")
+		defer func() {
+			sc := -1
+			if result.rslr.Response.Response != nil {
+				sc = result.rslr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listByTypeNextResults
+	req, err := client.ListByTypePreparer(ctx, resourceGroupName, privateZoneName, recordType, top, recordsetnamesuffix)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByTypeSender(req)
+	if err != nil {
+		result.rslr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", resp, "Failure sending request")
+		return
+	}
+
+	result.rslr, err = client.ListByTypeResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByTypePreparer prepares the ListByType request.
+func (client RecordSetsClient) ListByTypePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"recordType":        autorest.Encode("path", recordType),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+	if len(recordsetnamesuffix) > 0 {
+		queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByTypeSender sends the ListByType request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) ListByTypeSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByTypeResponder handles the response to the ListByType request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) ListByTypeResponder(resp *http.Response) (result RecordSetListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByTypeNextResults retrieves the next set of results, if any.
+func (client RecordSetsClient) listByTypeNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) {
+	req, err := lastResults.recordSetListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByTypeSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByTypeResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByTypeComplete enumerates all values, automatically crossing page boundaries as required.
+func (client RecordSetsClient) ListByTypeComplete(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.ListByType(ctx, resourceGroupName, privateZoneName, recordType, top, recordsetnamesuffix)
+	return
+}
+
+// Update updates a record set within a Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// recordType - the type of DNS record in this record set.
+// relativeRecordSetName - the name of the record set, relative to the name of the zone.
+// parameters - parameters supplied to the Update operation.
+// ifMatch - the ETag of the record set. Omit this value to always overwrite the current record set. Specify
+// the last-seen ETag value to prevent accidentally overwriting concurrent changes.
+func (client RecordSetsClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string) (result RecordSet, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Update")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, parameters, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.UpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.UpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client RecordSetsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":       autorest.Encode("path", privateZoneName),
+		"recordType":            autorest.Encode("path", recordType),
+		"relativeRecordSetName": relativeRecordSetName,
+		"resourceGroupName":     autorest.Encode("path", resourceGroupName),
+		"subscriptionId":        autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client RecordSetsClient) UpdateSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client RecordSetsClient) UpdateResponder(resp *http.Response) (result RecordSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/version.go
new file mode 100644
index 00000000000..379d00f9d04
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/version.go
@@ -0,0 +1,30 @@
+package privatedns
+
+import "github.com/Azure/azure-sdk-for-go/version"
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+// UserAgent returns the UserAgent string to use when sending http.Requests.
+func UserAgent() string {
+	return "Azure-SDK-For-Go/" + version.Number + " privatedns/2018-09-01"
+}
+
+// Version returns the semantic version (see http://semver.org) of the client.
+func Version() string {
+	return version.Number
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/virtualnetworklinks.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/virtualnetworklinks.go
new file mode 100644
index 00000000000..d5f8897288f
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2018-09-01/privatedns/virtualnetworklinks.go
@@ -0,0 +1,510 @@
+package privatedns
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// VirtualNetworkLinksClient is the the Private DNS Management Client.
+type VirtualNetworkLinksClient struct {
+	BaseClient
+}
+
+// NewVirtualNetworkLinksClient creates an instance of the VirtualNetworkLinksClient client.
+func NewVirtualNetworkLinksClient(subscriptionID string) VirtualNetworkLinksClient {
+	return NewVirtualNetworkLinksClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualNetworkLinksClientWithBaseURI creates an instance of the VirtualNetworkLinksClient client.
+func NewVirtualNetworkLinksClientWithBaseURI(baseURI string, subscriptionID string) VirtualNetworkLinksClient {
+	return VirtualNetworkLinksClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a virtual network link to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+// parameters - parameters supplied to the CreateOrUpdate operation.
+// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always overwrite
+// the current virtual network link. Specify the last-seen ETag value to prevent accidentally overwriting any
+// concurrent changes.
+// ifNoneMatch - set to '*' to allow a new virtual network link to the Private DNS zone to be created, but to
+// prevent updating an existing link. Other values will be ignored.
+func (client VirtualNetworkLinksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string, ifNoneMatch string) (result VirtualNetworkLinksCreateOrUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, parameters, ifMatch, ifNoneMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client VirtualNetworkLinksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string, ifNoneMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	if len(ifNoneMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) CreateOrUpdateSender(req *http.Request) (future VirtualNetworkLinksCreateOrUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) CreateOrUpdateResponder(resp *http.Response) (result VirtualNetworkLink, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a virtual network link to the specified Private DNS zone. WARNING: In case of a registration virtual
+// network, all auto-registered DNS records in the zone for the virtual network will also be deleted. This operation
+// cannot be undone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always delete the
+// current zone. Specify the last-seen ETag value to prevent accidentally deleting any concurrent changes.
+func (client VirtualNetworkLinksClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, ifMatch string) (result VirtualNetworkLinksDeleteFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Delete")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VirtualNetworkLinksClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) DeleteSender(req *http.Request) (future VirtualNetworkLinksDeleteFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a virtual network link to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+func (client VirtualNetworkLinksClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string) (result VirtualNetworkLink, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualNetworkLinksClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) GetResponder(resp *http.Response) (result VirtualNetworkLink, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists the virtual network links to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// top - the maximum number of virtual network links to return. If not specified, returns up to 100 virtual
+// network links.
+func (client VirtualNetworkLinksClient) List(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (result VirtualNetworkLinkListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.List")
+		defer func() {
+			sc := -1
+			if result.vnllr.Response.Response != nil {
+				sc = result.vnllr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName, privateZoneName, top)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.vnllr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.vnllr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualNetworkLinksClient) ListPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":   autorest.Encode("path", privateZoneName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) ListResponder(resp *http.Response) (result VirtualNetworkLinkListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VirtualNetworkLinksClient) listNextResults(ctx context.Context, lastResults VirtualNetworkLinkListResult) (result VirtualNetworkLinkListResult, err error) {
+	req, err := lastResults.virtualNetworkLinkListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualNetworkLinksClient) ListComplete(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (result VirtualNetworkLinkListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.List")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.List(ctx, resourceGroupName, privateZoneName, top)
+	return
+}
+
+// Update updates a virtual network link to the specified Private DNS zone.
+// Parameters:
+// resourceGroupName - the name of the resource group.
+// privateZoneName - the name of the Private DNS zone (without a terminating dot).
+// virtualNetworkLinkName - the name of the virtual network link.
+// parameters - parameters supplied to the Update operation.
+// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always overwrite
+// the current virtual network link. Specify the last-seen ETag value to prevent accidentally overwriting any
+// concurrent changes.
+func (client VirtualNetworkLinksClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string) (result VirtualNetworkLinksUpdateFuture, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Update")
+		defer func() {
+			sc := -1
+			if result.Response() != nil {
+				sc = result.Response().StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, parameters, ifMatch)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client VirtualNetworkLinksClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"privateZoneName":        autorest.Encode("path", privateZoneName),
+		"resourceGroupName":      autorest.Encode("path", resourceGroupName),
+		"subscriptionId":         autorest.Encode("path", client.SubscriptionID),
+		"virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName),
+	}
+
+	const APIVersion = "2018-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	if len(ifMatch) > 0 {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithHeader("If-Match", autorest.String(ifMatch)))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualNetworkLinksClient) UpdateSender(req *http.Request) (future VirtualNetworkLinksUpdateFuture, err error) {
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+	if err != nil {
+		return
+	}
+	future.Future, err = azure.NewFutureFromResponse(resp)
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client VirtualNetworkLinksClient) UpdateResponder(resp *http.Response) (result VirtualNetworkLink, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}