Azure Migrate: tries to deploy multiple Private DNS zones

I am using a centralised Private DNS Zone model - as recommended in the CAF.

I am deploying Azure Migrate with Private endpoints.

I have a siterecovery.windowsazure.com Private DNS zone in my central DNS resource group. This zone has Virtual Network Links to the network Azure Migrate will use and to the network my DNS servers are on that on premises DNS points to.

I have a policy in place that denies the creation of DNS zones anywhere other than in the central DNS resource group.

When I tell the Azure Migrate project, in the migrate resource group, to deploy resources to support migration it looks to deploy a site recovery instance with private endpoints and it tries to deploy a new siterecovery.windowsazure.com Private DNS zone in the migrate resource group. It does NOT recognise that there is already a Private DNS zone for this namespace AND it is linked to the network Azure Migrate will use.

Can Microsoft update the template used to deploy migration resources to check for existing instances of the Private DNS zones required by Azure Migrate, for example siterecovery.windowsazure.com, and if found to use them? Deployment of Discovery resources does seem to check if zones already exist and uses those.

Otherwise I have to add the migrate resource group as an exception to the deny policy that controls DNS zone placement. Then once the migration resources have been created review any DNS zones created and manually copy the entries to the centralised DNS zones. This means that if the Azure Migrate project is deleted the manually copied A records are not automatically purged but must be done by hand. :-( All very unsatisfactory.