Storage Account name must be valid

April 25, 2025 ยท View on GitHub

SYNOPSIS

Azure Resource Manager (ARM) has requirements for Storage Account names.

DESCRIPTION

When naming Azure resources, resource names must meet service requirements. The requirements for Storage Account names are:

  • Between 3 and 24 characters long.
  • Lowercase letters or numbers.
  • Storage Account names must be globally unique.

RECOMMENDATION

Consider using names that meet Storage Account naming requirements. Additionally consider naming resources with a standard naming convention.

EXAMPLES

Configure with Bicep

To deploy Storage Accounts that pass this rule:

  • Set the name property to a string that matches the naming requirements.
  • Optionally, consider constraining name parameters with minLength and maxLength attributes.

For example:

@minLength(3)
@maxLength(24)
@description('The name of the resource.')
param name string

@description('The location resources will be deployed.')
param location string = resourceGroup().location

resource storageAccount 'Microsoft.Storage/storageAccounts@2024-01-01' = {
  name: name
  location: location
  sku: {
    name: 'Standard_GRS'
  }
  kind: 'StorageV2'
  properties: {
    allowBlobPublicAccess: false
    supportsHttpsTrafficOnly: true
    minimumTlsVersion: 'TLS1_2'
    accessTier: 'Hot'
    allowSharedKeyAccess: false
    networkAcls: {
      defaultAction: 'Deny'
    }
  }
}

Configure with Azure template

To deploy Storage Accounts that pass this rule:

  • Set the name property to a string that matches the naming requirements.
  • Optionally, consider constraining name parameters with minLength and maxLength attributes.

For example:

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "metadata": {
    "_generator": {
      "name": "bicep",
      "version": "0.34.44.8038",
      "templateHash": "623188591179107280"
    }
  },
  "parameters": {
    "name": {
      "type": "string",
      "minLength": 3,
      "maxLength": 24,
      "metadata": {
        "description": "The name of the resource."
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "The location resources will be deployed."
      }
    }
  },
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2024-01-01",
      "name": "[parameters('name')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "Standard_GRS"
      },
      "kind": "StorageV2",
      "properties": {
        "allowBlobPublicAccess": false,
        "supportsHttpsTrafficOnly": true,
        "minimumTlsVersion": "TLS1_2",
        "accessTier": "Hot",
        "allowSharedKeyAccess": false,
        "networkAcls": {
          "defaultAction": "Deny"
        }
      }
    }
  ]
}

NOTES

This rule does not check if Storage Account names are unique.