Allow more than 24 characters for key vault name length
Please allow more than 24 characters for key vault name length. Using a standard naming convention across Azure resources that includes the resource type, region, and landscape doesn't leave many characters for the key vault name. Web Apps also utilize globally unique DNS names and support up to 60 characters. Supporting up to 60 character names would make it easier for us to use our standardized naming convention.

16 comments
-
Anonymous commented
Hello folks. More broadly, legitimate naming schemes of all Azure resources should be more consistent. It feels like every resource has its own set of arbitrary naming limitations, making difficult to leverage to achieve some level of self-documenting naming. Thanks.
-
Nils Henrik Hals commented
Very strange limitation. +1 to increasing this value.
-
Anonymous commented
+1
-
Bill Sandman commented
We really need more than 24 characters, considering they need to be globally unique and then unique within our own environments.
-
Matt Ruma commented
Any update on this?
-
Hichem BOUSSETTA commented
+1 for this feature request. 24 characters max length is just inappropriate
-
Lutz Willek commented
# Parameter 'vault_name' must conform to the following pattern: '^[a-zA-Z0-9-]{3,24}$'
keyvaultname="$(echo ${keyvaultname}| tr -cd '[:alnum:]-' | awk '{print substr($0,0,23)}')"I suggest changing the current restriction, allowing up to 63 characters.
See RFC 1034, Section 3.1 "Name space specifications and terminology" -
David Darlington commented
I can only have 8 characters to denote application for my terraform modules...
locals {
# If the app name has spaces between words, replace those with Dashes
app_name_dashed = replace(data.azurerm_resource_group.rg.tags.Application, " ", "-")# The next line makes sure the app name isnt too long and doesnt end with a -
# Name need to be betweek 3-24 characters
# 12345678-centralus-prod # That string is longest I can think of as a possiblity
kv_name_predicate = replace(substr(local.app_name_dashed, 0, 8), "/-$/", "")
}resource "azurerm_key_vault" "kv" {
name = "${local.kv_name_predicate}-${data.azurerm_resource_group.rg.tags.environment_tier}-${data.azurerm_resource_group.rg.location}"
location = data.azurerm_resource_group.rg.location
resource_group_name = data.azurerm_resource_group.rg.name
enabled_for_disk_encryption = true
tenant_id = data.azurerm_client_config.current.tenant_id
sku_name = "standard"
} -
Matt Byrne commented
It's ridiculous that this is still an issue without MS comment. This makes any decent naming convention impossible.
-
Paul commented
Not allowing more than 24 characters is making it REALLY hard to have IaC. I can't use template parameters as I'd like and it's hard to know if something will fail because the name isn't unique until we try to run it. We can't use our own naming convention because of this limit and it's making our current KV names look like a mess.
-
Traber Campbell commented
+1 to all the comments below. What legitimate reason is there for imposing this limit?
-
Coppa, Daniel commented
What POSSIBLE justification is there for limiting this?
If you follow MS's own naming conventions, you're left with *nine* usable characters.
-
Jannik Buschke (extern) commented
Need this too. 24 characters is way to less.
-
Steve Culshaw commented
Names are hard at the best of times, and the 24 character restriction makes it extremely difficult to come up with anything at least semi-human readable.
At this rate, we'll end up using a guid and having to have a look-up table to work out what each key vault is actually for.
-
Luke commented
24 characters is extremely restrictive... This issue is making it very difficult to consistently name related resources.
-
Kyle commented
Increase in Character Limit for Key Vault names NEEDS to happen. When you have a large instnace where naming conventions matter because of too many people are working in the same space..... Globally unique Key Vault names with only 24 characters limits my naming convention to approximately 10-12 characters that are "user defined"...