Azure Resource Naming Validation¶

Version: 1.0 Last Updated: February 6, 2026

Overview¶

This document provides validation rules and examples for Azure resource naming conventions to ensure compliance with Azure's naming restrictions.

Key Vault Naming Rules¶

Key Vault Restrictions¶

Length: 3-24 characters
Characters: Alphanumeric and hyphens only
Start: Must begin with a letter
End: Must end with a letter or digit
Consecutive hyphens: Not allowed
Global uniqueness: Required

Examples¶

❌ Invalid Names:

dna-staging-pr-26-portfolio-westeurope-kv  # 43 chars - TOO LONG
kv-portfolio                                # Starts with non-letter
portfolio-kv-                               # Ends with hyphen
portfolio--kv                               # Consecutive hyphens

✅ Valid Names:

dnadevportfoliowekv-a1b2c3                 # 26 chars - but still too long!
dnadevportfoliokv-a1b2c3                   # 24 chars - PERFECT
dnastgprtkv-a1b2c3                         # 18 chars - shortened version

Implementation¶

Our Key Vault module uses this strategy:

// Shorten environment names
var env_short = environment == 'dev' ? 'dev'
              : environment == 'prod' ? 'prd'
              : environment == 'staging' ? 'stg'
              : take(replace(environment, '-', ''), 6)  // For PR environments

// Shorten location names
var location_short = location == 'westeurope' ? 'we'
                   : location == 'eastus' ? 'eu'
                   : take(location, 2)

// Build base name: dnadevportfoliowekv
var base_name = '${org}${env_short}${project}${location_short}kv'

// Add unique suffix: a1b2c3
var unique_suffix = take(uniqueString(resourceGroup().id), 6)

// Final name: dnadevportfoliowekv-a1b2c3 (max 24 chars)
var key_vault_name = length(base_name) > 18
                   ? '${take(base_name, 17)}-${unique_suffix}'
                   : '${base_name}-${unique_suffix}'

Result Examples:

dev: dnadevportfoliowekv-a1b2c3 (26 chars → truncated to 24)
staging: dnastgportfoliowekv-a1b2c3 (26 chars → truncated to 24)
staging-pr-26: dnastagprportfoliowekv-a1b2c3 (32 chars → truncated to 24)
prod: dnaprdportfoliowekv-a1b2c3 (26 chars → truncated to 24)

Container Registry Naming Rules¶

Container Registry Restrictions¶

Length: 5-50 characters
Characters: Alphanumeric only (no hyphens, no special characters)
Case: Lowercase only
Global uniqueness: Required

Examples¶

❌ Invalid Names:

dna-dev-portfolio-acr          # Contains hyphens
DnaDevPortfolioACR             # Contains uppercase
acr                            # Too short (< 5 chars)

✅ Valid Names:

dnadevportfoliowesteuropeacr   # 28 chars - VALID
dnastagingpr26portfolioacr     # 26 chars - VALID
dnaprdportfolioacr             # 18 chars - VALID

Implementation¶

// Remove all hyphens and convert to lowercase
var acr_name = '${org}${replace(environment, '-', '')}${project}${replace(location, '-', '')}acr'

Result Examples:

dev: dnadevportfoliowesteuropeacr (28 chars)
staging-pr-26: dnastagingpr26portfoliowesteuropeacr (37 chars)
prod: dnaprdportfoliowesteuropeacr (28 chars)

Storage Account Naming Rules¶

Storage Account Restrictions¶

Length: 3-24 characters
Characters: Lowercase letters and numbers only
No hyphens: Not allowed at all
Global uniqueness: Required

Examples¶

❌ Invalid Names:

dna-dev-portfolio-st           # Contains hyphens
DnaDevPortfolioSt              # Contains uppercase
st                             # Too short
dnadevportfoliowesteuropest    # 27 chars - TOO LONG

✅ Valid Names:

dnadevportfoliost              # 17 chars - VALID
dnastgportfoliost              # 17 chars - VALID
dnaprdportfoliost              # 17 chars - VALID

Implementation¶

// No hyphens, lowercase only, max 24 chars
var storage_name = '${org}${env_short}${project}st'

Log Analytics & App Insights Naming Rules¶

Log Analytics & App Insights Restrictions¶

Length: 4-63 characters
Characters: Alphanumeric, hyphens, and underscores
Start/End: Must begin and end with alphanumeric
Scope: Resource group level (not globally unique)

Examples¶

✅ Valid Names (more flexible):

dna-dev-portfolio-westeurope-log           # VALID
dna-staging-pr-26-portfolio-westeurope-log # VALID
dna-prod-portfolio-westeurope-appi         # VALID

Implementation¶

// Standard CAF naming works fine here
var log_analytics_name = '${org}-${environment}-${project}-${location}-log'
var app_insights_name = '${org}-${environment}-${project}-${location}-appi'

Container Apps Naming Rules¶

Container Apps Restrictions¶

Length: 2-32 characters
Characters: Lowercase letters, numbers, and hyphens
Start/End: Must begin and end with alphanumeric
Scope: Resource group level

Examples¶

✅ Valid Names:

dna-dev-portfolio-westeurope-cae           # VALID
dna-staging-pr-26-portfolio-we-ca-frontend # VALID (shortened location)
dna-prod-portfolio-we-ca-backend           # VALID

Implementation¶

// May need to shorten for PR environments
var container_app_env_name = '${org}-${environment}-${project}-${location}-cae'
var frontend_app_name = '${org}-${environment}-${project}-${location}-ca-frontend'

Resource Group Naming Rules¶

Resource Group Restrictions¶

Length: 1-90 characters
Characters: Alphanumeric, hyphens, underscores, periods, and parentheses
End: Cannot end with period
Scope: Subscription level

Examples¶

✅ Valid Names (very flexible):

dna-dev-portfolio-westeurope-rg
dna-staging-pr-26-portfolio-westeurope-rg
dna-prod-portfolio-westeurope-rg

Naming Strategy Summary¶

Resource Type	Max Length	Special Rules	Strategy
Key Vault	24	No consecutive hyphens	Aggressive shortening + hash
Container Registry	50	No hyphens, lowercase only	Remove hyphens, lowercase
Storage Account	24	No hyphens, lowercase only	Short names, no location
Log Analytics	63	Standard	Full CAF naming
App Insights	63	Standard	Full CAF naming
Container Apps	32	Lowercase, hyphens OK	May shorten location
Resource Group	90	Very flexible	Full CAF naming

Environment Name Shortening¶

For resources with strict length limits, we use these abbreviations:

Environment	Abbreviation	Example
dev	dev	`dnadevportfolio...`
staging	stg	`dnastgportfolio...`
prod	prd	`dnaprdportfolio...`
staging-pr-26	stagpr (6 chars)	`dnastagprportfolio...`

Location Shortening¶

Location	Abbreviation
westeurope	we
eastus	eu
northeurope	ne
westus2	w2

Validation Checklist¶

Before deploying, verify:

[ ] Key Vault name is ≤ 24 characters
[ ] Key Vault name has no consecutive hyphens
[ ] Container Registry name has no hyphens
[ ] Container Registry name is lowercase
[ ] Storage Account name is ≤ 24 characters
[ ] Storage Account name has no hyphens
[ ] All names start with a letter
[ ] All names end with alphanumeric character
[ ] Unique suffixes are used for globally unique resources

Testing Names¶

Use this Bicep snippet to test name generation:

output key_vault_name_length int = length(key_vault_name)
output key_vault_name_valid bool = length(key_vault_name) <= 24
output acr_name_length int = length(acr_name)
output acr_name_valid bool = length(acr_name) <= 50

Azure Resource Naming Validation¶

Overview¶

Key Vault Naming Rules¶

Key Vault Restrictions¶

Examples¶

Implementation¶

Container Registry Naming Rules¶

Container Registry Restrictions¶

Examples¶

Implementation¶

Storage Account Naming Rules¶

Storage Account Restrictions¶

Examples¶

Implementation¶

Log Analytics & App Insights Naming Rules¶

Log Analytics & App Insights Restrictions¶

Examples¶

Implementation¶

Container Apps Naming Rules¶

Container Apps Restrictions¶

Examples¶

Implementation¶

Resource Group Naming Rules¶

Resource Group Restrictions¶

Examples¶

Naming Strategy Summary¶

Environment Name Shortening¶

Location Shortening¶

Validation Checklist¶

Testing Names¶

Related Documents¶

References¶