Edit

Share via


Define your naming convention

A well-defined naming and tagging strategy forms the foundation of effective Azure cloud governance and security. These conventions enable you to maintain an inventory of Azure resources, track and allocate costs, and respond to incidents by quickly identifying affected resources. Define your naming and tagging strategy early to ensure consistency and clarity across your environment. This article provides recommendations for creating a naming convention. For tagging guidance, see Define a tagging strategy.

Why use a naming convention?

An Azure naming convention is a standardized format used to assign names to Azure resources. It ensures clarity, consistency, and adherence to Azure's naming rules, such as length requirements, valid characters, and scope uniqueness. A naming convention must be tailored to your specific needs, as no single naming convention meets the requirements of every environment.

Understand resource names in Azure

An Azure resource name is the identifier assigned to a specific instance of an Azure resource, such as a web app, database, or storage account. To establish a consistent naming convention, you need to understand how Azure works. Here's what you need to know:

  1. Understand name permanence. Azure resource names can't be changed after creation. Include only information that remains constant in the name. Use tags to capture other details.

  2. Understand Azure naming rules. There are naming rules for every Azure resource. Not all Azure resource names can follow the same patterns. Make sure you understand the limitations of the resource types you're working with. Azure names must follow three general principles:

    • Names need to be unique within the scope of the Azure resource (varies by resource).
    • Names need to meet length requirements (varies by resource).
    • Names can only contain valid characters (varies by resource).
  3. Understand Azure name scope. Azure resource names must be unique within their defined scope. Each resource type has a specific scope level that determines where the name must be unique. Understanding these scope levels ensures proper naming conventions and avoids conflicts.

    Scope Description Example
    Global Unique across all of Azure. This scope applies to PaaS resources with public IP endpoints, as their names serve as the initial default public DNS name. For example, a web app named app-navigator-prod-001.azurewebsites.net must be globally unique.
    Resource group Unique within the resource group. Resources in the same group can't share the same name, but identical names can exist in different resource groups. For example, a virtual network named vnet-prod-westus-001 can exist in multiple resource groups, but only once within a single resource group.
    Resource Unique within the parent resource. Resources nested within another resource must have unique names to avoid conflicts. For example, subnets within a virtual network must have unique names to prevent segment overlap.

Choose naming components

When you construct your naming convention, identify the key pieces of information that you want to capture in a resource name. Different information is relevant for different resource types, and not all established naming components can be used for each resource type. Establish a standard naming convention for your environment that is easy to follow, concise, and useful for recognizing information that's relevant to the deployed resource. The following list provides examples of naming components that are useful when you construct resource names:

Naming component Description
Organization Top-level name of the organization, normally utilized as the top management group or, in smaller organizations, part of the naming convention. Example: contoso
Business unit or department Top-level division of your company that owns the subscription or the workload that the resource belongs to. In smaller organizations, this component might represent a single corporate, top-level organizational element. Examples: fin, mktg, product, it, corp
Resource type An abbreviation that represents the type of Azure resource or asset. This component is often a prefix or suffix in the name. For more information, see Recommended abbreviations for Azure resource types. Examples: rg, vm
Workload, application, or project Name of a workload, application, or project that the resource is a part of. Examples: navigator, emissions, sharepoint, hadoop
Environment The stage of the development lifecycle for the workload that the resource supports. Examples: prod, dev, qa, stage, test
Region The region or cloud provider where the resource is deployed. Examples: westus, eastus2, westeu, usva, ustx
Instance The instance count for a specific resource, to differentiate it from other resources that have the same naming convention and naming components. Examples, 01, 001

Develop your naming convention

When you construct your naming convention, identify the key pieces of information that you want to reflect in a resource name. Different information is relevant for different resource types.

  1. Standardize component order. In addition to defining the naming components, you must also consider the order in which the naming components are listed.

  2. Choose to use a delimiter or not. To improve readability, use a hyphen - to separate naming components. However, not every resource in Azure allows you to use a delimiter. If you need absolute consistency across all your Azure resource names, don't use a hyphen. For many customers, the benefits of using a delimiter outweigh some inconsistency in the naming convention.

  3. Use abbreviations. Use Azure resource abbreviations to keep resource names within length limits.

  4. Use the Azure Naming Tool: The Azure Naming Tool is a tool that helps you generate names for Azure resources. You configure the tool to use your preferred naming convention, and it generates names for your Azure resources. For more information, see Azure Naming Tool.

  5. Consider naming consistency for VMs. If you're working with VMs in Azure, we recommend keeping names consistent even though VM names in Azure can be longer than the allowed NetBIOS name of the VM. For more information and for other restrictions, see Naming conventions in Active Directory for computers, domains, sites, and OUs - Computer names.

Example Azure resource names

Consider these examples when you define your naming convention. The examples are based on the naming components and considerations that are described in this article.

AI and machine learning

Asset type Scope Format and examples
Azure AI Search Global srch-<workload, application, or project>-<environment>

  • srch-navigator-prod
  • srch-emissions-dev
  • Azure OpenAI Service Resource group oai-<workload, application, or project>-<environment>

  • oai-navigator-prod
  • oai-emissions-dev
  • Azure Machine Learning workspace Resource group mlw-<workload, application, or project>-<environment>

  • mlw-navigator-prod
  • mlw-emissions-dev
  • Analytics and IoT

    Asset type Scope Format and examples
    Azure Analysis Services Global as<app name><environment>

  • asnavigatorprod
  • asemissionsdev
  • Azure Data Factory Global adf-<workload, application, or project>-<environment>

  • adf-navigator-prod
  • adf-emissions-dev
  • Azure Synapse Analytics workspaces Resource group synw-<workload, application, or project>-<environment>

  • synw-navigator-prod
  • synw-emissions-dev
  • Data Lake Storage account Global dls<workload, application, or project><environment>

  • dlsnavigatorprod
  • dlsemissionsdev
  • IoT hub Global iot-<workload, application, or project>-<environment>

  • iot-navigator-prod
  • iot-emissions-dev
  • Compute and web

    Asset type Scope Format and examples
    Virtual machine Resource group vm-<workload, application, or project>-<environment>-<###>

  • vm-sql-test-001
  • vm-hadoop-prod-001
  • vm-sharepoint-dev-001
  • Web app Global app-<workload, application, or project>-<environment>-<###>.azurewebsites.net

  • app-navigator-prod-001.azurewebsites.net
  • app-accountlookup-dev-001.azurewebsites.net
  • Function app Global func-<workload, application, or project>-<environment>-<###>.azurewebsites.net

  • func-navigator-prod-001.azurewebsites.net
  • func-accountlookup-dev-001.azurewebsites.net
  • Databases

    Asset type Scope Format and examples
    Azure SQL database Azure SQL Server sqldb-<workload, application, or project>-<environment>

  • sqldb-users-prod
  • sqldb-users-dev
  • Azure Cosmos DB database Global cosmos-<workload, application, or project>-<environment>

  • cosmos-navigator-prod
  • cosmos-emissions-dev
  • Azure Cache for Redis instance Global redis-<workload, application, or project>-<environment>

  • redis-navigator-prod
  • redis-emissions-dev
  • Integration

    Asset type Scope Format and Examples
    API management service instance Global apim-<app or service name>

    apim-navigator-prod
    Service Bus namespace Global sbns-<workload, application, or project>-<environment>.servicebus.windows.net

  • sbns-navigator-prod.servicebus.windows.net
  • sbns-emissions-dev.servicebus.windows.net
  • Service Bus queue Service Bus sbq-<workload, application, or project>

  • sbq-navigator
  • Service Bus topic Service Bus sbt-<workload, application, or project>

  • sbt-navigator
  • Management and governance

    Asset type Scope Format and examples
    Management group Business unit and/or
    environment
    mg-<business unit>[-<environment>]

  • mg-mktg
  • mg-hr
  • mg-corp-prod
  • mg-fin-client
  • Subscription Account / enterprise agreement <business unit>-<subscription purpose>-<###>

  • mktg-prod-001
  • corp-shared-001
  • fin-client-001
  • Resource group Subscription rg-<app or service name>-<subscription purpose>-<###>

  • rg-mktgsharepoint-prod-001
  • rg-acctlookupsvc-shared-001
  • rg-ad-dir-services-shared-001
  • Networking

    Asset type Scope Format and examples
    Virtual network Resource group vnet-<subscription purpose>-<region>-<###>

  • vnet-shared-eastus2-001
  • vnet-prod-westus-001
  • vnet-client-eastus2-001
  • Subnet Virtual network snet-<subscription purpose>-<region>-<###>

  • snet-shared-eastus2-001
  • snet-prod-westus-001
  • snet-client-eastus2-001
  • Network interface (NIC) Resource group nic-<##>-<vm name>-<subscription purpose>-<###>

  • nic-01-dc1-shared-001
  • nic-02-vmhadoop1-prod-001
  • nic-02-vmtest1-client-001
  • Public IP address Resource group pip-<vm name or app name>-<environment>-<region>-<###>

  • pip-dc1-shared-eastus2-001
  • pip-hadoop-prod-westus-001
  • Load balancer (external) Resource group lbe-<app name or role>-<environment>-<###>

  • lbe-navigator-prod-001
  • lbe-sharepoint-dev-001
  • Network security group (NSG) Subnet or NIC nsg-<policy name or app name>-<###>

  • nsg-weballow-001
  • nsg-rdpallow-001
  • nsg-sqlallow-001
  • nsg-dnsblocked-001
  • Local network gateway Virtual gateway lgw-<subscription purpose>-<region>-<###>

  • lgw-shared-eastus2-001
  • lgw-prod-westus-001
  • lgw-client-eastus2-001
  • Virtual network gateway Virtual network vgw-<subscription purpose>-<region>-<###>

  • vgw-shared-eastus2-001
  • vgw-prod-westus-001
  • vgw-client-eastus2-001
  • VPN connection Resource group vcn-<subscription1 purpose>>-<region1>-to-<subscription2 purpose>>-<region2>-

  • vcn-shared-eastus2-to-shared-westus
  • vcn-prod-eastus2-to-prod-westus
  • Route table Resource group rt-<route table name>

  • rt-navigator
  • rt-sharepoint
  • DNS label Global <DNS A record for VM>.<region>.cloudapp.azure.com

  • dc1.westus.cloudapp.azure.com
  • web1.eastus2.cloudapp.azure.com
  • Security

    Asset type Scope Format and examples
    Managed identity Resource group id-<app or service name>-<environment>-<region name>-<###>

  • id-appcn-keda-prod-eastus2-001
  • Storage

    Asset type Scope Format and examples
    Storage account (general use) Global st<workload, application, or project><###>

  • stnavigatordata001
  • stemissionsoutput001
  • Azure StorSimple Global ssimp<workload, application, or project><environment>

  • ssimpnavigatorprod
  • ssimpemissionsdev
  • Azure Container Registry Global cr<workload, application, or project><environment><###>

  • crnavigatorprod001
  • Next step

    A good next step is to define your tagging strategy.