Azure resource naming conventions in Terraform

Photo by Linh Pham on Unsplash

Here’s a familiar scenario: You’re finally done writing up your Azure infrastructure in Terraform, you run terraform apply and then wait a few minutes… until 💥! Error, one of the resources cannot be created because the name isn’t supported. Bummer.

Thankfully, Microsoft has documented resource naming recommendations and also rules and restrictions required by specific resource types. That’s nice! But it’s up to you to make sure they’re respected, at least, until now.

Rules, restrictions and recommendations 🤯

So now, you need to consider Azure’s naming rules, restrictions and recommendations. Chances are you also have naming conventions and policies dictated by your company. Don’t panic, we’ll get through this.

Let’s take the example of a resource group:

rules and restrictions:

• length: 1–90 characters
• casing: Insensitive
• valid characters: Can include alphanumeric, underscore, parentheses, hyphen, period (except at end), and Unicode characters that match the allowed characters. Regex pattern: ^[-\w\._\(\)]+$

recommendations:

• Prefix with rg- to denote resource type.
• Suffix with a unique string to avoid naming collisions (shout out to Pulumi which does this “out-of-the-box”)
• Include valuable information in the name such as organization, project and environment.

Considering the previously mentioned constraints, let’s use the following fictional example to see what it would give:

• Organization: Acme
• Project: Rockets
• Environment: staging
• Resource group name: main

Terraform magic :

Result:rg-acme-rockets-staging-main-01234

The magic mostly happens with a chain of functions used to build and validate the name:

regex("^[-\\w\\._\\(\\)]+$", substr("rg-${local.org}-${local.prj}-${local.env}-main-${local.suffix}", 90))

Yuck 🤢! What if we could abstract all this complexity into simple and reusable code? Luckily, Terraform has a few integration points that we can use to our advantage, such as modules.

Terraform modules to the rescue

Using modules is a good option for this kind of functionality since it offers a kind of inheritance which can be of use to “stack” the different rules and restrictions. It also provides us with a clear abstraction and allows us to adhere to the DRY principle which in turn, makes your code less error-prone and easier to maintain.

Let’s revisit the previous example, but now using the terraform-azurerm-naming module and the random_string Terraform resource to generate a unique suffix:

Result:rg-acme-rockets-staging-main-wpadte6jo8f4f

Much better 😌! Makes for a cleaner, more understandable and reusable piece of infrastructure code.

Modules are open-source; What are you waiting for?

An quick example of the modules which are available:

Generic resource

• prefixes
• suffixes
• automatic — separator
• length limit of 256

Resource group

• prefixes
• suffixes
• automatic — separator
• length limit of 90
• regex validation

Storage account

• prefixes
• suffixes
• automatic 0 separator
• ensures lowercasing
• length limit of 24
• regex validation

For more information and up-to-date modules, check out the github repository!

gsoft-inc/terraform-azurerm-naming