It is used in example code within the Azure-Terraform module codebase.
- This repository can be used as a template to create a private repository which would contain proprietary data within the custom.json file reflective of the organization in which it was to be used.
This repository contains a list of variables and standards for naming resources in Microsoft Azure. It serves these primary purposes:
- A central location for development teams to research and collaborate on allowed values and naming conventions.
- A single source of truth for data values used in policy enforcement, billing, and naming.
- A RESTful data source for application requiring information on approved values, variables and names.
This repository has four primary areas and their methods of use are described by the following:
- README.md - The readme is the human readable documentation on the naming conventions, approved values, and variable names that developers will reference when creating inputs for modules and code.
- custom.json - Data in json format to be RESTful sourced by applications. Contains a list of custom variable names, conventions, scope and approved values. The readme is generated automatically from this data.
- entity.json - Data in json format to be sourced by applications. Contains an up-to-date list of Azure resources, conventions, scope and approved naming conventions. The readme is generated automatically from this data.
- bin/run.py - A python script that scrapes the latest data from Microsoft merges with the existing json and adds new resources. It also generates this README doc from the custom and entity json.
This information is meant to be a living source of truth for applications and policy and as such is expected to be versioned and updated. If you wish to add allowed values for any of the variables or need a naming convention that is not provided in this data, open an issue request agains this repo. Upon review the information will be updated and the policy engines will reflect the changes immediately.
Custom entities are variables and allowed values that describe our business and purpose at the company and are the only approved values to be used in names and tags. This assures consistency and data integrity across all resources being named and tagged in Azure. If you would like to add additional allowed values, simply open an issue request against this repo and upon review the value will be added.
Full Text | Scope | Rule | Value |
---|---|---|---|
Contoso | global | az[12] | contoso |
Kubernetes | global | az[12] | k8s |
Secure Shell | global | az[12] | ssh |
Docker | global | az[12] | docker |
Full Text | Scope | Rule | Value |
---|---|---|---|
East Asia | global | az[20] | eastasia |
Southeast Asia | global | az[20] | southeastasia |
Central US | global | az[20] | centralus |
East US | global | az[20] | eastus |
East US 2 | global | az[20] | eastus2 |
West US | global | az[20] | westus |
North Central US | global | az[20] | northcentralus |
South Central US | global | az[20] | southcentralus |
North Europe | global | az[20] | northeurope |
West Europe | global | az[20] | westeurope |
Japan West | global | az[20] | japanwest |
Japan East | global | az[20] | japaneast |
Brazil South | global | az[20] | brazilsouth |
Australia East | global | az[20] | australiaeast |
Australia Southeast | global | az[20] | australiasoutheast |
South India | global | az[20] | southindia |
Central India | global | az[20] | centralindia |
West India | global | az[20] | westindia |
Canada Central | global | az[20] | canadacentral |
Canada East | global | az[20] | canadaeast |
UK South | global | az[20] | uksouth |
UK West | global | az[20] | ukwest |
West Central US | global | az[20] | westcentralus |
West US 2 | global | az[20] | westus2 |
Korea Central | global | az[20] | koreacentral |
Korea South | global | az[20] | koreasouth |
France Central | global | az[20] | francecentral |
France South | global | az[20] | francesouth |
Australia Central | global | az[20] | australiacentral |
Australia Central 2 | global | az[20] | australiacentral2 |
UAE Central | global | az[20] | uaecentral |
UAE North | global | az[20] | uaenorth |
South Africa North | global | az[20] | southafricanorth |
South Africa West | global | az[20] | southafricawest |
Switzerland North | global | az[20] | switzerlandnorth |
Switzerland West | global | az[20] | switzerlandwest |
Germany North | global | az[20] | germanynorth |
Germany West Central | global | az[20] | germanywestcentral |
Norway West | global | az[20] | norwaywest |
Norway East | global | az[20] | norwayeast |
Brazil Southeast | global | az[20] | brazilsoutheast |
US Gov Virginia | global | az[20] | usgovvirginia |
US Gov Iowa | global | az[20] | usgoviowa |
US DoD East | global | az[20] | usdodeast |
US DoD Central | global | az[20] | usdodcentral |
US Gov Texas | global | az[20] | usgovtexas |
US Gov Arizona | global | az[20] | usgovarizona |
Full Text | Scope | Rule | Value |
---|---|---|---|
Back Office | global | az[12] | backoffice |
Commercial | global | az[12] | commercial |
Government | global | az[12] | government |
Human Resources | global | az[12] | hr |
Infrastructure | global | az[12] | infra |
Security | global | az[12] | security |
Full Text | Scope | Rule | Value |
---|---|---|---|
Sandbox | global | az[7] | sandbox |
Development | global | az[7] | dev |
Quality Assurance | global | az[7] | qa |
User Acceptance Testing | global | az[7] | uat |
Production | global | az[7] | prod |
Full Text | Scope | Rule | Value |
---|---|---|---|
United States | global | az[2] | us |
United Kingdom | global | az[2] | uk |
India | global | az[2] | in |
Brazil | global | az[2] | br |
China | global | az[2] | cn |
Full Text | Scope | Rule | Value |
---|---|---|---|
Denver, CO | global | az[16] | denver |
New York, NY | global | az[16] | nyc |
Seattle, WA | global | az[16] | seattle |
Full Text | Scope | Rule | Value |
---|---|---|---|
Contoso | global | az[12] | contoso |
Information Security | global | az[12] | infosec |
Core Networking | global | az[12] | networks |
Full Text | Scope | Rule | Value |
---|---|---|---|
Contoso Web | global | az[16] | contosoweb |
Contoso API | global | az[16] | contosoapi |
Full Text | Scope | Rule | Value |
---|---|---|---|
Shared Services | global | az[12] | shared |
Application | global | az[12] | app |
Full Text | Scope | Rule | Value |
---|---|---|---|
Apache Webserver | global | az[12] | apache |
Cassandra | global | az[12] | cassandra |
Elasticsearch | global | az[12] | es |
Monolith | global | az[12] | mono |
Oracle | global | az[12] | oracle |
Full Text | Scope | Rule | Value |
---|---|---|---|
Application Gateway | global | A-Z[24] | azure-appgateway |
VPN Gateway | global | A-Z[24] | azure-vpngateway |
Azure Firewall | global | A-Z[24] | AzureFirewallSubnet |
Redis Cache | global | A-Z[24] | azure-rediscache |
Azure SQL Database | global | A-Z[24] | azure-sqldatabase |
Azure Container Instance | global | A-Z[24] | azure-containers |
API Management | global | A-Z[24] | azure-apimanagement |
App Service Environment | global | A-Z[24] | azure-appservice |
Azure Logic Apps | global | A-Z[24] | azure-logicapps |
Azure Dedicated HSM | global | A-Z[24] | azure-dedicatedhsm |
Azure Netapp Files | global | A-Z[24] | azure-netappfiles |
IaaS Public | global | A-Z[24] | iaas-public |
IaaS Outbound | global | A-Z[24] | iaas-outbound |
IaaS Private | global | A-Z[24] | iaas-private |
Azure Bastion Service | global | A-Z[24] | AzureBastionSubnet |
Full Text | Scope | Rule | Value |
---|---|---|---|
Development | global | az[12] | dev |
Non-Production | global | az[12] | nonprod |
Production | global | az[12] | production |
Full Text | Scope | Rule | Value |
---|---|---|---|
Express Route Connection | global | az[12] | expressroute |
Virtual Private Network | global | az[12] | vpn |
Azure entities are entities as maintained by Microsoft Azure and should contain all possible resources that can be built along with Microsoft's rules for record length, scope, and allowed characters. Naming convention is specific to the company and takes into account the scope, length, and purpose to assure the name retains readability and conveys the most pertinent information about the resource to the reader. Examples are provided.
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
servers | resource group | a9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
service | global | a9[50] | ||
api-version-sets | service | a-9[256] | ||
apis | service | a-9[256] | ||
issues | api | a-9[256] | ||
attachments | issue | a-9[256] | ||
comments | issue | a-9[256] | ||
operations | api | a-9[256] | ||
tags | operation | a-9[256] | ||
releases | api | a-9[80] | ||
schemas | api | a-9[256] | ||
tagDescriptions | api | a-9[256] | ||
tags | api | a-9[256] | ||
authorizationServers | service | a-9[256] | ||
backends | service | a-9[256] | ||
certificates | service | a-9[256] | ||
diagnostics | service | a-9[256] | ||
groups | service | a-9[256] | ||
users | group | a-9[256] | ||
identityProviders | service | a-9[256] | ||
loggers | service | a-9[256] | ||
notifications | service | a-9[256] | ||
recipientEmails | notification | a-9[256] | ||
openidConnectProviders | service | a-9[256] | ||
policies | service | a-9[256] | ||
products | service | a-9[256] | ||
apis | product | a-9[256] | ||
groups | product | a-9[256] | ||
tags | product | a-9[256] | ||
properties | service | a-9[256] | ||
subscriptions | service | a-9[256] | ||
tags | service | a-9[256] | ||
templates | service | a-9[256] | ||
users | service | a-9[256] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
containerApps | resource group | a-9[32] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
configurationStores | resource group | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
spring | resource group | a-9[32] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
locks | scope of assignment | a-9[90] | ||
policyAssignments | scope of assignment | a-9[64] | ||
policyDefinitions | scope of definition | a-9[64] | ||
policySetDefinitions | scope of definition | a-9[255] | ||
policyassignments | scope of assignment | a-9[255] | ||
policydefinitions | scope of definition | a-9[255] | ||
roleAssignments | tenant | must be a globally unique identifier (guid).[36] | ||
roleDefinitions | tenant | must be a globally unique identifier (guid).[36] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
automationAccounts | resource group | a-9[50] | ||
certificates | automation account | a-9[128] | ||
connections | automation account | a-9[128] | ||
credentials | automation account | a-9[128] | ||
runbooks | automation account | a-9[63] | ||
schedules | automation account | a-9[128] | ||
variables | automation account | a-9[128] | ||
watchers | automation account | a-9[63] | ||
webhooks | automation account | a-9[128] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
batchAccounts | Region | a9[24] | ||
applications | batch account | a-9[64] | ||
certificates | batch account | a-9[45] | ||
pools | batch account | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
blockchainMembers | global | a9[20] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
blueprint | Management groups, Subscriptions, Resource groups | a-9[90] | ||
blueprintAssignments | Management groups, Subscriptions, Resource groups | a-9[90] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
botServices | global | a-9[64] | ||
Connections | bot service | a-9[64] | ||
channels | bot service | a-9[64] | ||
enterpriseChannels | resource group | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
Redis | global | a-9[63] | ||
firewallRules | Redis | a9[256] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
profiles | resource group | a-9[260] | ||
endpoints | global | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
certificateOrders | resource group | a9[30] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
accounts | resource group | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
communicationServices | global | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
availabilitySets | resource group | a-9[80] | ||
cloudservices | resource group | a-9[15 See note below.] |
||
diskEncryptionSets | resource group | a9[80] | ||
disks | resource group | a9[80] | ||
galleries | resource group | a9[80] | ||
applications | gallery | a-9[80] | ||
versions | application | 0.9[64] | ||
images | gallery | a-9[80] | ||
versions | image | 0.9[64] | ||
images | resource group | a-9[80] | ||
snapshots | resource group | a-9[80] | ||
virtualMachineScaleSets | resource group | a-9[64] | ||
virtualMachines | resource group | a-9[64] | <custom.productName[16]>-<custom.serviceName[12]>-<custom.applicationName[12]>## | contosoweb-mono-docker01 |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
ledgers | Resource group | a-9[32] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
budgets | subscription or resource group | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
containerGroups | resource group | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
registries | global | a9[50] | ||
buildTasks | registry | a9[50] | ||
steps | build task | a9[50] | ||
replications | registry | a9[50] | ||
scopeMaps | registry | a-9[50] | ||
tasks | registry | a-9[50] | ||
tokens | registry | a-9[50] | ||
webhooks | registry | a9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
managedClusters | resource group | a-9[63] | aks-<custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.environment[7]>-<custom.azureRegion[20]> | aks-app-contosoweb-dev-eastus2 |
openShiftManagedClusters | resource group | a9[30] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
associations | resource group | a-9[180] | ||
resourceProviders | resource group | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
hubs | resource group | a9[64] | ||
authorizationPolicies | hub | a9[50] | ||
connectors | hub | a9[128] | ||
mappings | connector | a9[128] | ||
interactions | hub | a9[128] | ||
kpi | hub | a9[512] | ||
links | hub | a9[512] | ||
predictions | hub | a9[512] | ||
profiles | hub | a9[128] | ||
relationshipLinks | hub | a9[512] | ||
relationships | hub | a9[512] | ||
roleAssignments | hub | a9[128] | ||
views | hub | a9[512] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
servers | global | a-9[63] | <custom.productName[16]>-<custom.environment[7]>-mariadb## | contosoweb-prod-mariadb01 |
databases | servers | a-9[63] | ||
firewallRules | servers | a-9[128] | ||
virtualNetworkRules | servers | a-9[128] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
servers | global | a-9[63] | <custom.productName[16]>-<custom.environment[7]>-mysql## | contosoweb-prod-mysql01 |
databases | servers | a-9[63] | ||
firewallRules | servers | a-9[128] | ||
virtualNetworkRules | servers | a-9[128] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
servers | global | a-9[63] | <custom.productName[16]>-<custom.environment[7]>## | contosoweb-prod01 |
databases | servers | a-9[63] | ||
firewallRules | servers | a-9[128] | ||
virtualNetworkRules | servers | a-9[128] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
jobs | resource group | a-9[24] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
factories | global | a-9[63] | ||
dataflows | factory | a-9[260] | ||
datasets | factory | a-9[260] | ||
integrationRuntimes | factory | a-9[63] | ||
linkedservices | factory | a-9[260] | ||
pipelines | factory | a-9[260] | ||
triggers | factory | a-9[260] | ||
rerunTriggers | trigger | a-9[260] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
accounts | global | a9[24] | ||
computePolicies | account | a-9[60] | ||
dataLakeStoreAccounts | account | a9[24] | ||
firewallRules | account | a-9[50] | ||
storageAccounts | account | a-9[60] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
accounts | global | a9[24] | ||
firewallRules | account | a-9[50] | ||
virtualNetworkRules | account | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
services | resource group | a-9[62] | ||
projects | service | a-9[57] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
workspaces | resource group | a-9[30] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
labs | resource group | a-9[50] | ||
customimages | lab | a-9[80] | ||
formulas | lab | a-9[80] | ||
virtualmachines | lab | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
IotHubs | global | a-9[50] | ||
certificates | IoT hub | a-9[64] | ||
ConsumerGroups | eventHubEndpoints | a-9[50] | ||
provisioningServices | resource group | a-9[64] | ||
certificates | provisioningServices | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
databaseAccounts | global | a-9[31] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
domains | resource group | a-9[50] | ||
topics | domain | a-9[50] | ||
eventSubscriptions | resource group | a-9[64] | ||
topics | resource group | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
clusters | resource group | a-9[50] | ||
namespaces | global | a-9[50] | ||
AuthorizationRules | namespace | a-9[50] | ||
disasterRecoveryConfigs | namespace | a-9[50] | ||
eventhubs | namespace | a-9[50] | ||
authorizationRules | event hub | a-9[50] | ||
consumergroups | event hub | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
clusters | global | a-9[59] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
jobs | resource group | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
actionGroups | resource group | a-9[260] | ||
activityLogAlerts | resource group | a-9[260] | ||
components | resource group | a-9[260] | ||
metricAlerts | resource group | a-9[260] | ||
scheduledQueryRules | resource group | a-9[260] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
IoTApps | global | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
vaults | global | a-9[24] | <custom.productGroup[12]><custom.subscriptionType[12]> | contosoproduction |
secrets | Vault | a-9[127] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
databases | cluster | a-9[260] | ||
dataConnections | database | a-9[40] | ||
eventhubconnections | database | a-9[40] | ||
clusters | global | a9[22] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
labplans | resource group | a-9[100] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
loadtests | global | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
integrationAccounts | resource group | a-9[80] | ||
assemblies | integration account | a-9[80] | ||
batchConfigurations | integration account | a9[20] | ||
certificates | integration account | a-9[80] | ||
maps | integration account | a-9[80] | ||
partners | integration account | a-9[80] | ||
rosettanetprocessconfigurations | integration account | a-9[80] | ||
schemas | integration account | a-9[80] | ||
sessions | integration account | a-9[80] | ||
integrationServiceEnvironments | resource group | a-9[80] | ||
managedApis | integration service environment | a-9[80] | ||
workflows | resource group | a-9[80] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
commitmentPlans | resource group | a-9[260] | ||
webServices | resource group | a-9[260] | ||
workspaces | resource group | a-9[260] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
workspaces | resource group | a-9[33] | ||
computes | workspace | a-9[16] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
userAssignedIdentities | resource group | a-9[128] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
accounts | resource group | a-9[98] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
mediaservices | resource group | a9[24] | ||
liveEvents | Media service | a-9[32] | ||
liveOutputs | Live event | a-9[256] | ||
streamingEndpoints | Media service | a-9[24] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
netAppAccounts | resource group | a-9[128] | ||
backupPolicies | NetApp account | a-9[64] | ||
backups | NetApp account | a-9[225] | ||
capacityPools | NetApp account | a-9[64] | ||
snapshotPolicies | NetApp account | a-9[64] | ||
snapshots | NetApp account | a-9[255] | ||
volumeGroups | NetApp account | a-9[64] | ||
volumes | NetApp account | a-9[64] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
applicationGateways | resource group | a-9[80] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-appgateway<##> | contoso-production-useast2-appgateway01 |
applicationSecurityGroups | resource group | a-9[80] | <custom.serviceName[12]>-app-security-group<##> | apache-app-security-group01 |
azureFirewalls | resource group | a-9[80] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-firewall<##> | contoso-production-useast2-firewall01 |
bastionHosts | resource group | a-9[80] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-bastion<##> | contoso-production-useast2-bastion01 |
connections | resource group | a-9[80] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-to-<custom.onPrem[16]>-connection | contoso-production-to-nyc-connection |
dnsZones | resource group | a-9[63] | <custom.serviceName[12]>.<custom.productName[16]>.<custom.productGroup[12]>.<custom.subscriptionType[12]>.<custom.market[2]>. | es01.contosoapi.contoso.prod.us. |
expressRouteCircuits | resource group | a-9[80] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-expressroute-circuit<##> | contoso-production-useast2-expressroute-circuit01 |
firewallPolicies | resource group | a-9[80] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-waf-policy<##> | contoso-production-useast2-waf-policy01 |
ruleGroups | firewall policy | a-9[80] | <rule_group_purpose[64]>-rule-group | permitwebservers-rule-group |
frontDoors | global | a-9[64] | ||
frontdoorWebApplicationFirewallPolicies | resource group | a9[128] | ||
loadBalancers | resource group | a-9[80] | <custom.serviceName[12]>-<custom.environment[7]>-loadbalancer<##> | apache-prod-loadbalancer01 |
inboundNatRules | load balancer | a-9[80] | ||
localNetworkGateways | resource group | a-9[80] | <custom.onPrem[16]>-<custom.productGroup[12]>-<custom.subscriptionType[12]>-local-network-gateway | nyc-contoso-nonprod-local-network-gateway |
networkInterfaces | resource group | a-9[80] | <custom.productName[16]>-<custom.serviceName[12]>-<custom.applicationName[12]>-<custom.environment[7]>##-<custom.subnetType[24]>-interface## | contosoweb-mono-docker-prod01-iaas-public-interface01 |
networkSecurityGroups | resource group | a-9[80] | <custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.subnetType[24]>-security-group | app-contoso-private-security-group |
securityRules | network security group | a-9[80] | ||
networkWatchers | resource group | a-9[80] | ||
privateDnsZones | resource group | a-9[63] | ||
virtualNetworkLinks | private DNS zone | a-9[80] | ||
publicIPAddresses | resource group | a-9[80] | <custom.serviceName[12]>-<custom.environment[7]>-publicip<##> | apache-prod-publicip01 |
publicIPPrefixes | resource group | a-9[80] | ||
routeFilters | resource group | a-9[80] | ||
routeFilterRules | route filter | a-9[80] | ||
routeTables | resource group | a-9[80] | ||
routes | route table | a-9[80] | ||
serviceEndpointPolicies | resource group | a-9[80] | ||
trafficmanagerprofiles | global | a-9[63] | ||
virtualNetworkGateways | resource group | a-9[80] | ||
virtualNetworks | resource group | a-9[64] | <custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-vnet | app-contoso-nonprod-useast2-vnet |
virtualNetworkPeerings | virtual network | a-9[80] | ||
virtualWans | resource group | a-9[80] | ||
subnets | virtual network | a-9[80] | <custom.subnetType[24]>-subnet<##> | private-subnet01 |
vpnGateways | resource group | a-9[80] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.virtualNetGwType[12]> | contoso-nonprod-expressroute |
vpnConnections | VPN gateway | a-9[80] | ||
vpnSites | resource group | a-9[80] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
namespaces | global | a-9[50] | ||
AuthorizationRules | namespace | a-9[256] | ||
notificationHubs | namespace | a-9[260] | ||
AuthorizationRules | notification hub | a-9[256] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
clusters | resource group | a-9[63] | ||
workspaces | resource group | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
solutions | workspace | for solutions authored by microsoft, the name must be in the pattern:solutiontype(workspacename) for solutions authored by third parties, the name must be in the pattern: solutiontype[workspacename] for example, a valid name is: antimalware(contoso-it) the solution type is case-sensitive.[N/A] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
dashboards | resource group | a-9[160] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
workspaceCollections | region | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
capacities | region | a9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
vaults | resource group | a-9[50] | ||
backupPolicies | vault | a-9[150] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
namespaces | global | a-9[50] | ||
AuthorizationRules | namespace | a-9[50] | ||
HybridConnections | namespace | a-9[260] | ||
authorizationRules | hybrid connection | a-9[50] | ||
WcfRelays | namespace | a-9[260] | ||
authorizationRules | Wcf relay | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
deployments | resource group | a-9[64] | <custom.productGroup[12]>-<custom.subscriptionType[12]>-<custom.azureRegion[20]>-deployment<###> | contoso-nonprod-useast2-deployment001 |
resourcegroups | subscription | a-9[90] | <custom.resourceGroupType[12]>-<custom.productName[16]>-<custom.environment[7]>-<custom.azureRegion[20]> | app-contosoweb-dev-useast2 |
tagNames | resource | a-9[512] | <custom.tagName> | environment |
tagValues | tag name | a-9[256] | <custom.* value> | production |
templateSpecs | resource group | a-9[90] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
advancedThreatProtectionSettings | resource group | must be current [see value] |
||
alertsSuppressionRules | subscription | a-9[260] | ||
assessmentMetadata | assessment type | a-9[260] | ||
assessments | assessment type | a-9[260] | ||
autoProvisioningSettings | subscription | a-9[260] | ||
automations | resource group | a-9[260] | ||
connectors | subscription | a-9[260] | ||
deviceSecurityGroups | resource group | a-9[260] | ||
informationProtectionPolicies | resource group | use one of:custom effective [see values] |
||
ingestionSettings | subscription | a-9[260] | ||
iotSecuritySolutions | resource group | a-9[260] | ||
applicationWhitelistings | subscription | a-9[260] | ||
jitNetworkAccessPolicies | resource group | a-9[260] | ||
pricings | subscription | a-9[260] | ||
securityContacts | subscription | a-9[260] | ||
serverVulnerabilityAssessments | resource type | default[see value] | ||
settings | subscription | use one of:mcas sentinel wdatp wdatp_exclude_linux_public_preview [see values] |
||
baselineRules | Vulnerability assessment | a-9[260] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
namespaces | global | a-9[50] | ||
AuthorizationRules | namespace | a-9[50] | ||
disasterRecoveryConfigs | global | a-9[50] | ||
migrationConfigurations | namespace | default[63] | ||
queues | namespace | a-9[260] | ||
authorizationRules | queue | a-9[50] | ||
topics | namespace | a-9[260] | ||
authorizationRules | topic | a-9[50] | ||
subscriptions | topic | a-9[50] | ||
rules | subscription | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
clusters | region | a-9[23] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
signalR | global | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
managedInstances | global | a-9[63] | ||
servers | global | a-9[63] | ||
administrators | server | must be activedirectory .[63] |
||
databases | server | a-9[128] | ||
syncGroups | database | a-9[150] | ||
elasticPools | server | a-9[128] | ||
failoverGroups | global | a-9[63] | ||
firewallRules | server | a-9[128] | ||
keys | server | must be in format:vaultname_keyname_keyversion .[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
managers | resource group | a-9[50] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
blob | container | a-9[1024] | ||
queue | storage account | a-9[63] | ||
storageAccounts | global | a9[24] | ||
blobServices | storage account | default[63] | ||
containers | storage account | a-9[63] | ||
fileServices | storage account | default[63] | ||
shares | storage account | a-9[63] | ||
managementPolicies | storage account | default[63] | ||
table | storage account | a9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
storageSyncServices | resource group | a-9[260] | ||
syncGroups | storage sync service | a-9[260] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
streamingjobs | resource group | a-9[63] | ||
functions | streaming job | a-9[63] | ||
inputs | streaming job | a-9[63] | ||
outputs | streaming job | a-9[63] | ||
transformations | streaming job | a-9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
bigDataPools | workspace | a9[15] | ||
sqlPools | workspace | a-9[60] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
environments | resource group | a-9[90] | ||
accessPolicies | environment | a-9[90] | ||
eventSources | environment | a-9[90] | ||
referenceDataSets | environment | a9[63] |
Entity | Scope | Rule | Convention | Example |
---|---|---|---|---|
certificates | resource group | can't use:/ can't end with space or period.[260] |
||
serverfarms | resource group | a-9[40] | ||
sites | global | a-9[60] | ||
slots | site | a-9[59] |