Allow more than 24 characters for key vault name length
Please allow more than 24 characters for key vault name length. Using a standard naming convention across Azure resources that includes the resource type, region, and landscape doesn't leave many characters for the key vault name. Web Apps also utilize globally unique DNS names and support up to 60 characters. Supporting up to 60 character names would make it easier for us to use our standardized naming convention.
Mike Webber
shared this idea
11 comments
-
Hichem BOUSSETTA
commented
+1 for this feature request. 24 characters max length is just inappropriate
-
Lutz Willek
commented
# Parameter 'vault_name' must conform to the following pattern: '^[a-zA-Z0-9-]{3,24}$'
keyvaultname="$(echo ${keyvaultname}| tr -cd '[:alnum:]-' | awk '{print substr($0,0,23)}')"I suggest changing the current restriction, allowing up to 63 characters.
See RFC 1034, Section 3.1 "Name space specifications and terminology" -
David Darlington
commented
I can only have 8 characters to denote application for my terraform modules...
locals {
# If the app name has spaces between words, replace those with Dashes
app_name_dashed = replace(data.azurerm_resource_group.rg.tags.Application, " ", "-")# The next line makes sure the app name isnt too long and doesnt end with a -
# Name need to be betweek 3-24 characters
# 12345678-centralus-prod # That string is longest I can think of as a possiblity
kv_name_predicate = replace(substr(local.app_name_dashed, 0, 8), "/-$/", "")
}resource "azurerm_key_vault" "kv" {
name = "${local.kv_name_predicate}-${data.azurerm_resource_group.rg.tags.environment_tier}-${data.azurerm_resource_group.rg.location}"
location = data.azurerm_resource_group.rg.location
resource_group_name = data.azurerm_resource_group.rg.name
enabled_for_disk_encryption = true
tenant_id = data.azurerm_client_config.current.tenant_id
sku_name = "standard"
} -
Matt Byrne
commented
It's ridiculous that this is still an issue without MS comment. This makes any decent naming convention impossible.
-
Paul
commented
Not allowing more than 24 characters is making it REALLY hard to have IaC. I can't use template parameters as I'd like and it's hard to know if something will fail because the name isn't unique until we try to run it. We can't use our own naming convention because of this limit and it's making our current KV names look like a mess.
-
Traber
commented
+1 to all the comments below. What legitimate reason is there for imposing this limit?
-
Coppa, Daniel
commented
What POSSIBLE justification is there for limiting this?
If you follow MS's own naming conventions, you're left with *nine* usable characters.
-
Jannik Buschke (extern)
commented
Need this too. 24 characters is way to less.
-
Steve Culshaw
commented
Names are hard at the best of times, and the 24 character restriction makes it extremely difficult to come up with anything at least semi-human readable.
At this rate, we'll end up using a guid and having to have a look-up table to work out what each key vault is actually for.
-
Luke
commented
24 characters is extremely restrictive... This issue is making it very difficult to consistently name related resources.
-
Kyle
commented
Increase in Character Limit for Key Vault names NEEDS to happen. When you have a large instnace where naming conventions matter because of too many people are working in the same space..... Globally unique Key Vault names with only 24 characters limits my naming convention to approximately 10-12 characters that are "user defined"...