Skip to content

Azure-Terraform/example-naming-template

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Custom Naming Conventions for Azure

DO NOT USE THIS REPOSITORY IN PRODUCTION

It is used in example code within the Azure-Terraform module codebase.

  • This repository can be used as a template to create a private repository which would contain proprietary data within the custom.json file reflective of the organization in which it was to be used.

Overview

This repository contains a list of variables and standards for naming resources in Microsoft Azure. It serves these primary purposes:

  • A central location for development teams to research and collaborate on allowed values and naming conventions.
  • A single source of truth for data values used in policy enforcement, billing, and naming.
  • A RESTful data source for application requiring information on approved values, variables and names.

How to Use

This repository has four primary areas and their methods of use are described by the following:

  • README.md - The readme is the human readable documentation on the naming conventions, approved values, and variable names that developers will reference when creating inputs for modules and code.
  • custom.json - Data in json format to be RESTful sourced by applications. Contains a list of custom variable names, conventions, scope and approved values. The readme is generated automatically from this data.
  • entity.json - Data in json format to be sourced by applications. Contains an up-to-date list of Azure resources, conventions, scope and approved naming conventions. The readme is generated automatically from this data.
  • bin/run.py - A python script that scrapes the latest data from Microsoft merges with the existing json and adds new resources. It also generates this README doc from the custom and entity json.

How to Update

This information is meant to be a living source of truth for applications and policy and as such is expected to be versioned and updated. If you wish to add allowed values for any of the variables or need a naming convention that is not provided in this data, open an issue request agains this repo. Upon review the information will be updated and the policy engines will reflect the changes immediately.

Custom Entities

Custom entities are variables and allowed values that describe our business and purpose at the company and are the only approved values to be used in names and tags. This assures consistency and data integrity across all resources being named and tagged in Azure. If you would like to add additional allowed values, simply open an issue request against this repo and upon review the value will be added.

custom.applicationName

Full Text Scope Rule Value
Contoso global az[12] contoso
Kubernetes global az[12] k8s
Secure Shell global az[12] ssh
Docker global az[12] docker

custom.azureRegion

Full Text Scope Rule Value
East Asia global az[20] eastasia
Southeast Asia global az[20] southeastasia
Central US global az[20] centralus
East US global az[20] eastus
East US 2 global az[20] eastus2
West US global az[20] westus
North Central US global az[20] northcentralus
South Central US global az[20] southcentralus
North Europe global az[20] northeurope
West Europe global az[20] westeurope
Japan West global az[20] japanwest
Japan East global az[20] japaneast
Brazil South global az[20] brazilsouth
Australia East global az[20] australiaeast
Australia Southeast global az[20] australiasoutheast
South India global az[20] southindia
Central India global az[20] centralindia
West India global az[20] westindia
Canada Central global az[20] canadacentral
Canada East global az[20] canadaeast
UK South global az[20] uksouth
UK West global az[20] ukwest
West Central US global az[20] westcentralus
West US 2 global az[20] westus2
Korea Central global az[20] koreacentral
Korea South global az[20] koreasouth
France Central global az[20] francecentral
France South global az[20] francesouth
Australia Central global az[20] australiacentral
Australia Central 2 global az[20] australiacentral2
UAE Central global az[20] uaecentral
UAE North global az[20] uaenorth
South Africa North global az[20] southafricanorth
South Africa West global az[20] southafricawest
Switzerland North global az[20] switzerlandnorth
Switzerland West global az[20] switzerlandwest
Germany North global az[20] germanynorth
Germany West Central global az[20] germanywestcentral
Norway West global az[20] norwaywest
Norway East global az[20] norwayeast
Brazil Southeast global az[20] brazilsoutheast
US Gov Virginia global az[20] usgovvirginia
US Gov Iowa global az[20] usgoviowa
US DoD East global az[20] usdodeast
US DoD Central global az[20] usdodcentral
US Gov Texas global az[20] usgovtexas
US Gov Arizona global az[20] usgovarizona

custom.businessUnit

Full Text Scope Rule Value
Back Office global az[12] backoffice
Commercial global az[12] commercial
Government global az[12] government
Human Resources global az[12] hr
Infrastructure global az[12] infra
Security global az[12] security

custom.environment

Full Text Scope Rule Value
Sandbox global az[7] sandbox
Development global az[7] dev
Quality Assurance global az[7] qa
User Acceptance Testing global az[7] uat
Production global az[7] prod

custom.market

Full Text Scope Rule Value
United States global az[2] us
United Kingdom global az[2] uk
India global az[2] in
Brazil global az[2] br
China global az[2] cn

custom.onPrem

Full Text Scope Rule Value
Denver, CO global az[16] denver
New York, NY global az[16] nyc
Seattle, WA global az[16] seattle

custom.productGroup

Full Text Scope Rule Value
Contoso global az[12] contoso
Information Security global az[12] infosec
Core Networking global az[12] networks

custom.productName

Full Text Scope Rule Value
Contoso Web global az[16] contosoweb
Contoso API global az[16] contosoapi

custom.resourceGroupType

Full Text Scope Rule Value
Shared Services global az[12] shared
Application global az[12] app

custom.serviceName

Full Text Scope Rule Value
Apache Webserver global az[12] apache
Cassandra global az[12] cassandra
Elasticsearch global az[12] es
Monolith global az[12] mono
Oracle global az[12] oracle

custom.subnetType

Full Text Scope Rule Value
Application Gateway global A-Z[24] azure-appgateway
VPN Gateway global A-Z[24] azure-vpngateway
Azure Firewall global A-Z[24] AzureFirewallSubnet
Redis Cache global A-Z[24] azure-rediscache
Azure SQL Database global A-Z[24] azure-sqldatabase
Azure Container Instance global A-Z[24] azure-containers
API Management global A-Z[24] azure-apimanagement
App Service Environment global A-Z[24] azure-appservice
Azure Logic Apps global A-Z[24] azure-logicapps
Azure Dedicated HSM global A-Z[24] azure-dedicatedhsm
Azure Netapp Files global A-Z[24] azure-netappfiles
IaaS Public global A-Z[24] iaas-public
IaaS Outbound global A-Z[24] iaas-outbound
IaaS Private global A-Z[24] iaas-private
Azure Bastion Service global A-Z[24] AzureBastionSubnet

custom.subscriptionType

Full Text Scope Rule Value
Development global az[12] dev
Non-Production global az[12] nonprod
Production global az[12] production

custom.virtualNetGwType

Full Text Scope Rule Value
Express Route Connection global az[12] expressroute
Virtual Private Network global az[12] vpn

Azure Entities

Azure entities are entities as maintained by Microsoft Azure and should contain all possible resources that can be built along with Microsoft's rules for record length, scope, and allowed characters. Naming convention is specific to the company and takes into account the scope, length, and purpose to assure the name retains readability and conveys the most pertinent information about the resource to the reader. Examples are provided.

azure.AnalysisServices

Entity Scope Rule Convention Example
servers resource group a9[63]

azure.ApiManagement

Entity Scope Rule Convention Example
service global a9[50]
api-version-sets service a-9[256]
apis service a-9[256]
issues api a-9[256]
attachments issue a-9[256]
comments issue a-9[256]
operations api a-9[256]
tags operation a-9[256]
releases api a-9[80]
schemas api a-9[256]
tagDescriptions api a-9[256]
tags api a-9[256]
authorizationServers service a-9[256]
backends service a-9[256]
certificates service a-9[256]
diagnostics service a-9[256]
groups service a-9[256]
users group a-9[256]
identityProviders service a-9[256]
loggers service a-9[256]
notifications service a-9[256]
recipientEmails notification a-9[256]
openidConnectProviders service a-9[256]
policies service a-9[256]
products service a-9[256]
apis product a-9[256]
groups product a-9[256]
tags product a-9[256]
properties service a-9[256]
subscriptions service a-9[256]
tags service a-9[256]
templates service a-9[256]
users service a-9[256]

azure.App

Entity Scope Rule Convention Example
containerApps resource group a-9[32]

azure.AppConfiguration

Entity Scope Rule Convention Example
configurationStores resource group a-9[50]

azure.AppPlatform

Entity Scope Rule Convention Example
spring resource group a-9[32]

azure.Authorization

Entity Scope Rule Convention Example
locks scope of assignment a-9[90]
policyAssignments scope of assignment a-9[64]
policyDefinitions scope of definition a-9[64]
policySetDefinitions scope of definition a-9[255]
policyassignments scope of assignment a-9[255]
policydefinitions scope of definition a-9[255]
roleAssignments tenant must be a globally unique identifier (guid).[36]
roleDefinitions tenant must be a globally unique identifier (guid).[36]

azure.Automation

Entity Scope Rule Convention Example
automationAccounts resource group a-9[50]
certificates automation account a-9[128]
connections automation account a-9[128]
credentials automation account a-9[128]
runbooks automation account a-9[63]
schedules automation account a-9[128]
variables automation account a-9[128]
watchers automation account a-9[63]
webhooks automation account a-9[128]

azure.Batch

Entity Scope Rule Convention Example
batchAccounts Region a9[24]
applications batch account a-9[64]
certificates batch account a-9[45]
pools batch account a-9[64]

azure.Blockchain

Entity Scope Rule Convention Example
blockchainMembers global a9[20]

azure.Blueprint

Entity Scope Rule Convention Example
blueprint Management groups, Subscriptions, Resource groups a-9[90]
blueprintAssignments Management groups, Subscriptions, Resource groups a-9[90]

azure.BotService

Entity Scope Rule Convention Example
botServices global a-9[64]
Connections bot service a-9[64]
channels bot service a-9[64]
enterpriseChannels resource group a-9[64]

azure.Cache

Entity Scope Rule Convention Example
Redis global a-9[63]
firewallRules Redis a9[256]

azure.Cdn

Entity Scope Rule Convention Example
profiles resource group a-9[260]
endpoints global a-9[50]

azure.CertificateRegistration

Entity Scope Rule Convention Example
certificateOrders resource group a9[30]

azure.CognitiveServices

Entity Scope Rule Convention Example
accounts resource group a-9[64]

azure.Communication

Entity Scope Rule Convention Example
communicationServices global a-9[63]

azure.Compute

Entity Scope Rule Convention Example
availabilitySets resource group a-9[80]
cloudservices resource group a-9[15

See note below.]
diskEncryptionSets resource group a9[80]
disks resource group a9[80]
galleries resource group a9[80]
applications gallery a-9[80]
versions application 0.9[64]
images gallery a-9[80]
versions image 0.9[64]
images resource group a-9[80]
snapshots resource group a-9[80]
virtualMachineScaleSets resource group a-9[64]
virtualMachines resource group a-9[64] <custom.productName[16]>-<custom.serviceName[12]>-<custom.applicationName[12]>## contosoweb-mono-docker01

azure.ConfidentialLedger

Entity Scope Rule Convention Example
ledgers Resource group a-9[32]

azure.Consumption

Entity Scope Rule Convention Example
budgets subscription or resource group a-9[63]

azure.ContainerInstance

Entity Scope Rule Convention Example
containerGroups resource group a-9[63]

azure.ContainerRegistry

Entity Scope Rule Convention Example
registries global a9[50]
buildTasks registry a9[50]
steps build task a9[50]
replications registry a9[50]
scopeMaps registry a-9[50]
tasks registry a-9[50]
tokens registry a-9[50]
webhooks registry a9[50]

azure.ContainerService

Entity Scope Rule Convention Example
managedClusters resource group a-9[63] aks-<custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.environment[7]>-<custom.azureRegion[20]> aks-app-contosoweb-dev-eastus2
openShiftManagedClusters resource group a9[30]

azure.CustomProviders

Entity Scope Rule Convention Example
associations resource group a-9[180]
resourceProviders resource group a-9[64]

azure.CustomerInsights

Entity Scope Rule Convention Example
hubs resource group a9[64]
authorizationPolicies hub a9[50]
connectors hub a9[128]
mappings connector a9[128]
interactions hub a9[128]
kpi hub a9[512]
links hub a9[512]
predictions hub a9[512]
profiles hub a9[128]
relationshipLinks hub a9[512]
relationships hub a9[512]
roleAssignments hub a9[128]
views hub a9[512]

azure.DBforMariaDB

Entity Scope Rule Convention Example
servers global a-9[63] <custom.productName[16]>-<custom.environment[7]>-mariadb## contosoweb-prod-mariadb01
databases servers a-9[63]
firewallRules servers a-9[128]
virtualNetworkRules servers a-9[128]

azure.DBforMySQL

Entity Scope Rule Convention Example
servers global a-9[63] <custom.productName[16]>-<custom.environment[7]>-mysql## contosoweb-prod-mysql01
databases servers a-9[63]
firewallRules servers a-9[128]
virtualNetworkRules servers a-9[128]

azure.DBforPostgreSQL

Entity Scope Rule Convention Example
servers global a-9[63] <custom.productName[16]>-<custom.environment[7]>## contosoweb-prod01
databases servers a-9[63]
firewallRules servers a-9[128]
virtualNetworkRules servers a-9[128]

azure.DataBox

Entity Scope Rule Convention Example
jobs resource group a-9[24]

azure.DataFactory

Entity Scope Rule Convention Example
factories global a-9[63]
dataflows factory a-9[260]
datasets factory a-9[260]
integrationRuntimes factory a-9[63]
linkedservices factory a-9[260]
pipelines factory a-9[260]
triggers factory a-9[260]
rerunTriggers trigger a-9[260]

azure.DataLakeAnalytics

Entity Scope Rule Convention Example
accounts global a9[24]
computePolicies account a-9[60]
dataLakeStoreAccounts account a9[24]
firewallRules account a-9[50]
storageAccounts account a-9[60]

azure.DataLakeStore

Entity Scope Rule Convention Example
accounts global a9[24]
firewallRules account a-9[50]
virtualNetworkRules account a-9[50]

azure.DataMigration

Entity Scope Rule Convention Example
services resource group a-9[62]
projects service a-9[57]

azure.Databricks

Entity Scope Rule Convention Example
workspaces resource group a-9[30]

azure.DevTestLab

Entity Scope Rule Convention Example
labs resource group a-9[50]
customimages lab a-9[80]
formulas lab a-9[80]
virtualmachines lab a-9[64]

azure.Devices

Entity Scope Rule Convention Example
IotHubs global a-9[50]
certificates IoT hub a-9[64]
ConsumerGroups eventHubEndpoints a-9[50]
provisioningServices resource group a-9[64]
certificates provisioningServices a-9[64]

azure.DocumentDB

Entity Scope Rule Convention Example
databaseAccounts global a-9[31]

azure.EventGrid

Entity Scope Rule Convention Example
domains resource group a-9[50]
topics domain a-9[50]
eventSubscriptions resource group a-9[64]
topics resource group a-9[50]

azure.EventHub

Entity Scope Rule Convention Example
clusters resource group a-9[50]
namespaces global a-9[50]
AuthorizationRules namespace a-9[50]
disasterRecoveryConfigs namespace a-9[50]
eventhubs namespace a-9[50]
authorizationRules event hub a-9[50]
consumergroups event hub a-9[50]

azure.HDInsight

Entity Scope Rule Convention Example
clusters global a-9[59]

azure.ImportExport

Entity Scope Rule Convention Example
jobs resource group a-9[64]

azure.Insights

Entity Scope Rule Convention Example
actionGroups resource group a-9[260]
activityLogAlerts resource group a-9[260]
components resource group a-9[260]
metricAlerts resource group a-9[260]
scheduledQueryRules resource group a-9[260]

azure.IoTCentral

Entity Scope Rule Convention Example
IoTApps global a-9[63]

azure.KeyVault

Entity Scope Rule Convention Example
vaults global a-9[24] <custom.productGroup[12]><custom.subscriptionType[12]> contosoproduction
secrets Vault a-9[127]

azure.Kusto

Entity Scope Rule Convention Example
databases cluster a-9[260]
dataConnections database a-9[40]
eventhubconnections database a-9[40]
clusters global a9[22]

azure.LabServices

Entity Scope Rule Convention Example
labplans resource group a-9[100]

azure.LoadTestService

Entity Scope Rule Convention Example
loadtests global a-9[64]

azure.Logic

Entity Scope Rule Convention Example
integrationAccounts resource group a-9[80]
assemblies integration account a-9[80]
batchConfigurations integration account a9[20]
certificates integration account a-9[80]
maps integration account a-9[80]
partners integration account a-9[80]
rosettanetprocessconfigurations integration account a-9[80]
schemas integration account a-9[80]
sessions integration account a-9[80]
integrationServiceEnvironments resource group a-9[80]
managedApis integration service environment a-9[80]
workflows resource group a-9[80]

azure.MachineLearning

Entity Scope Rule Convention Example
commitmentPlans resource group a-9[260]
webServices resource group a-9[260]
workspaces resource group a-9[260]

azure.MachineLearningServices

Entity Scope Rule Convention Example
workspaces resource group a-9[33]
computes workspace a-9[16]

azure.ManagedIdentity

Entity Scope Rule Convention Example
userAssignedIdentities resource group a-9[128]

azure.Maps

Entity Scope Rule Convention Example
accounts resource group a-9[98]

azure.Media

Entity Scope Rule Convention Example
mediaservices resource group a9[24]
liveEvents Media service a-9[32]
liveOutputs Live event a-9[256]
streamingEndpoints Media service a-9[24]

azure.NetApp

Entity Scope Rule Convention Example
netAppAccounts resource group a-9[128]
backupPolicies NetApp account a-9[64]
backups NetApp account a-9[225]
capacityPools NetApp account a-9[64]
snapshotPolicies NetApp account a-9[64]
snapshots NetApp account a-9[255]
volumeGroups NetApp account a-9[64]
volumes NetApp account a-9[64]

azure.Network

Entity Scope Rule Convention Example
applicationGateways resource group a-9[80] <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-appgateway<##> contoso-production-useast2-appgateway01
applicationSecurityGroups resource group a-9[80] <custom.serviceName[12]>-app-security-group<##> apache-app-security-group01
azureFirewalls resource group a-9[80] <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-firewall<##> contoso-production-useast2-firewall01
bastionHosts resource group a-9[80] <custom.productGroup[12]>-<custom.subscriptionType[12]>-bastion<##> contoso-production-useast2-bastion01
connections resource group a-9[80] <custom.productGroup[12]>-<custom.subscriptionType[12]>-to-<custom.onPrem[16]>-connection contoso-production-to-nyc-connection
dnsZones resource group a-9[63] <custom.serviceName[12]>.<custom.productName[16]>.<custom.productGroup[12]>.<custom.subscriptionType[12]>.<custom.market[2]>. es01.contosoapi.contoso.prod.us.
expressRouteCircuits resource group a-9[80] <custom.productGroup[12]>-<custom.subscriptionType[12]>-expressroute-circuit<##> contoso-production-useast2-expressroute-circuit01
firewallPolicies resource group a-9[80] <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-waf-policy<##> contoso-production-useast2-waf-policy01
ruleGroups firewall policy a-9[80] <rule_group_purpose[64]>-rule-group permitwebservers-rule-group
frontDoors global a-9[64]
frontdoorWebApplicationFirewallPolicies resource group a9[128]
loadBalancers resource group a-9[80] <custom.serviceName[12]>-<custom.environment[7]>-loadbalancer<##> apache-prod-loadbalancer01
inboundNatRules load balancer a-9[80]
localNetworkGateways resource group a-9[80] <custom.onPrem[16]>-<custom.productGroup[12]>-<custom.subscriptionType[12]>-local-network-gateway nyc-contoso-nonprod-local-network-gateway
networkInterfaces resource group a-9[80] <custom.productName[16]>-<custom.serviceName[12]>-<custom.applicationName[12]>-<custom.environment[7]>##-<custom.subnetType[24]>-interface## contosoweb-mono-docker-prod01-iaas-public-interface01
networkSecurityGroups resource group a-9[80] <custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.subnetType[24]>-security-group app-contoso-private-security-group
securityRules network security group a-9[80]
networkWatchers resource group a-9[80]
privateDnsZones resource group a-9[63]
virtualNetworkLinks private DNS zone a-9[80]
publicIPAddresses resource group a-9[80] <custom.serviceName[12]>-<custom.environment[7]>-publicip<##> apache-prod-publicip01
publicIPPrefixes resource group a-9[80]
routeFilters resource group a-9[80]
routeFilterRules route filter a-9[80]
routeTables resource group a-9[80]
routes route table a-9[80]
serviceEndpointPolicies resource group a-9[80]
trafficmanagerprofiles global a-9[63]
virtualNetworkGateways resource group a-9[80]
virtualNetworks resource group a-9[64] <custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-vnet app-contoso-nonprod-useast2-vnet
virtualNetworkPeerings virtual network a-9[80]
virtualWans resource group a-9[80]
subnets virtual network a-9[80] <custom.subnetType[24]>-subnet<##> private-subnet01
vpnGateways resource group a-9[80] <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.virtualNetGwType[12]> contoso-nonprod-expressroute
vpnConnections VPN gateway a-9[80]
vpnSites resource group a-9[80]

azure.NotificationHubs

Entity Scope Rule Convention Example
namespaces global a-9[50]
AuthorizationRules namespace a-9[256]
notificationHubs namespace a-9[260]
AuthorizationRules notification hub a-9[256]

azure.OperationalInsights

Entity Scope Rule Convention Example
clusters resource group a-9[63]
workspaces resource group a-9[63]

azure.OperationsManagement

Entity Scope Rule Convention Example
solutions workspace for solutions authored by microsoft, the name must be in the pattern:
solutiontype(workspacename)

for solutions authored by third parties, the name must be in the pattern:
solutiontype[workspacename]

for example, a valid name is:
antimalware(contoso-it)

the solution type is case-sensitive.[N/A]

azure.Portal

Entity Scope Rule Convention Example
dashboards resource group a-9[160]

azure.PowerBI

Entity Scope Rule Convention Example
workspaceCollections region a-9[63]

azure.PowerBIDedicated

Entity Scope Rule Convention Example
capacities region a9[63]

azure.RecoveryServices

Entity Scope Rule Convention Example
vaults resource group a-9[50]
backupPolicies vault a-9[150]

azure.Relay

Entity Scope Rule Convention Example
namespaces global a-9[50]
AuthorizationRules namespace a-9[50]
HybridConnections namespace a-9[260]
authorizationRules hybrid connection a-9[50]
WcfRelays namespace a-9[260]
authorizationRules Wcf relay a-9[50]

azure.Resources

Entity Scope Rule Convention Example
deployments resource group a-9[64] <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-deployment<###> contoso-nonprod-useast2-deployment001
resourcegroups subscription a-9[90] <custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.environment[7]>-<custom.azureRegion[20]> app-contosoweb-dev-useast2
tagNames resource a-9[512] <custom.tagName> environment
tagValues tag name a-9[256] <custom.* value> production
templateSpecs resource group a-9[90]

azure.Security

Entity Scope Rule Convention Example
advancedThreatProtectionSettings resource group must be current[see value]
alertsSuppressionRules subscription a-9[260]
assessmentMetadata assessment type a-9[260]
assessments assessment type a-9[260]
autoProvisioningSettings subscription a-9[260]
automations resource group a-9[260]
connectors subscription a-9[260]
deviceSecurityGroups resource group a-9[260]
informationProtectionPolicies resource group use one of:
custom
effective[see values]
ingestionSettings subscription a-9[260]
iotSecuritySolutions resource group a-9[260]
applicationWhitelistings subscription a-9[260]
jitNetworkAccessPolicies resource group a-9[260]
pricings subscription a-9[260]
securityContacts subscription a-9[260]
serverVulnerabilityAssessments resource type default[see value]
settings subscription use one of:
mcas
sentinel
wdatp
wdatp_exclude_linux_public_preview[see values]
baselineRules Vulnerability assessment a-9[260]

azure.ServiceBus

Entity Scope Rule Convention Example
namespaces global a-9[50]
AuthorizationRules namespace a-9[50]
disasterRecoveryConfigs global a-9[50]
migrationConfigurations namespace default[63]
queues namespace a-9[260]
authorizationRules queue a-9[50]
topics namespace a-9[260]
authorizationRules topic a-9[50]
subscriptions topic a-9[50]
rules subscription a-9[50]

azure.ServiceFabric

Entity Scope Rule Convention Example
clusters region a-9[23]

azure.SignalRService

Entity Scope Rule Convention Example
signalR global a-9[63]

azure.Sql

Entity Scope Rule Convention Example
managedInstances global a-9[63]
servers global a-9[63]
administrators server must be activedirectory.[63]
databases server a-9[128]
syncGroups database a-9[150]
elasticPools server a-9[128]
failoverGroups global a-9[63]
firewallRules server a-9[128]
keys server must be in format:
vaultname_keyname_keyversion.[63]

azure.StorSimple

Entity Scope Rule Convention Example
managers resource group a-9[50]

azure.Storage

Entity Scope Rule Convention Example
blob container a-9[1024]
queue storage account a-9[63]
storageAccounts global a9[24]
blobServices storage account default[63]
containers storage account a-9[63]
fileServices storage account default[63]
shares storage account a-9[63]
managementPolicies storage account default[63]
table storage account a9[63]

azure.StorageSync

Entity Scope Rule Convention Example
storageSyncServices resource group a-9[260]
syncGroups storage sync service a-9[260]

azure.StreamAnalytics

Entity Scope Rule Convention Example
streamingjobs resource group a-9[63]
functions streaming job a-9[63]
inputs streaming job a-9[63]
outputs streaming job a-9[63]
transformations streaming job a-9[63]

azure.Synapse

Entity Scope Rule Convention Example
bigDataPools workspace a9[15]
sqlPools workspace a-9[60]

azure.TimeSeriesInsights

Entity Scope Rule Convention Example
environments resource group a-9[90]
accessPolicies environment a-9[90]
eventSources environment a-9[90]
referenceDataSets environment a9[63]

azure.Web

Entity Scope Rule Convention Example
certificates resource group can't use:
/

can't end with space or period.[260]
serverfarms resource group a-9[40]
sites global a-9[60]
slots site a-9[59]