Do you have an idea or a suggestion for Azure Key Vault based on your experience?

← Azure Key Vault

Allow more than 24 characters for key vault name length

Please allow more than 24 characters for key vault name length. Using a standard naming convention across Azure resources that includes the resource type, region, and landscape doesn't leave many characters for the key vault name. Web Apps also utilize globally unique DNS names and support up to 60 characters. Supporting up to 60 character names would make it easier for us to use our standardized naming convention.

257 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Webber,Michael T. shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

16 comments

Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    Hello folks. More broadly, legitimate naming schemes of all Azure resources should be more consistent. It feels like every resource has its own set of arbitrary naming limitations, making difficult to leverage to achieve some level of self-documenting naming. Thanks.

  • Bill Sandman commented  ·   ·  Flag as inappropriate

    We really need more than 24 characters, considering they need to be globally unique and then unique within our own environments.

  • Lutz Willek commented  ·   ·  Flag as inappropriate

    # Parameter 'vault_name' must conform to the following pattern: '^[a-zA-Z0-9-]{3,24}$'
    keyvaultname="$(echo ${keyvaultname}| tr -cd '[:alnum:]-' | awk '{print substr($0,0,23)}')"

    I suggest changing the current restriction, allowing up to 63 characters.
    See RFC 1034, Section 3.1 "Name space specifications and terminology"

  • David Darlington commented  ·   ·  Flag as inappropriate

    I can only have 8 characters to denote application for my terraform modules...

    locals {

    # If the app name has spaces between words, replace those with Dashes
    app_name_dashed = replace(data.azurerm_resource_group.rg.tags.Application, " ", "-")

    # The next line makes sure the app name isnt too long and doesnt end with a -
    # Name need to be betweek 3-24 characters
    # 12345678-centralus-prod # That string is longest I can think of as a possiblity
    kv_name_predicate = replace(substr(local.app_name_dashed, 0, 8), "/-$/", "")
    }

    resource "azurerm_key_vault" "kv" {
    name = "${local.kv_name_predicate}-${data.azurerm_resource_group.rg.tags.environment_tier}-${data.azurerm_resource_group.rg.location}"
    location = data.azurerm_resource_group.rg.location
    resource_group_name = data.azurerm_resource_group.rg.name
    enabled_for_disk_encryption = true
    tenant_id = data.azurerm_client_config.current.tenant_id
    sku_name = "standard"
    }

  • Matt Byrne commented  ·   ·  Flag as inappropriate

    It's ridiculous that this is still an issue without MS comment. This makes any decent naming convention impossible.

  • Paul commented  ·   ·  Flag as inappropriate

    Not allowing more than 24 characters is making it REALLY hard to have IaC. I can't use template parameters as I'd like and it's hard to know if something will fail because the name isn't unique until we try to run it. We can't use our own naming convention because of this limit and it's making our current KV names look like a mess.

  • Coppa, Daniel commented  ·   ·  Flag as inappropriate

    What POSSIBLE justification is there for limiting this?

    If you follow MS's own naming conventions, you're left with *nine* usable characters.

  • Steve Culshaw commented  ·   ·  Flag as inappropriate

    Names are hard at the best of times, and the 24 character restriction makes it extremely difficult to come up with anything at least semi-human readable.

    At this rate, we'll end up using a guid and having to have a look-up table to work out what each key vault is actually for.

  • Luke commented  ·   ·  Flag as inappropriate

    24 characters is extremely restrictive... This issue is making it very difficult to consistently name related resources.

  • Kyle commented  ·   ·  Flag as inappropriate

    Increase in Character Limit for Key Vault names NEEDS to happen. When you have a large instnace where naming conventions matter because of too many people are working in the same space..... Globally unique Key Vault names with only 24 characters limits my naming convention to approximately 10-12 characters that are "user defined"...

Azure Key Vault: Other

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice