Access a Cloudflare Tunnel internally because of local Active Directory DNS

Not sure if it’s possible to point a record from Microsoft AD DNS to a Cloudflare tunnel.

The tunnel works from all networks except the network where the server is hosted. Endpoints DNS point to Active Directory DNS, where the root domain is the same as AD (domain.com, so I can’t resolve subdomain.domain.com because that isn’t sent to external DNS). I can create a record for subdomain.domain.com in AD DNS, but not sure where I can point it to. Usually, you would point this at the IP of the web server, but I want it to use the Cloudflare tunnel.