smom-dbis-138/docs/configuration/AZURE_NAMING_CONVENTION_2CHAR.md

# Azure Naming Convention (2-3 Character Region Codes)

**Last Updated**: 2025-01-27  
**Status**: Active - Legacy/Alternative Convention  
**Purpose**: Azure resource naming with 2-3 character region codes

## Overview

This document defines the standardized naming convention for all Azure resources in the DeFi Oracle Meta Mainnet (ChainID 138) deployment using **2-3 character region codes**. The convention ensures uniformity, clarity, and compliance with Azure naming restrictions.

> **Note**: This document uses 2-3 character region codes (e.g., `we`, `ne`, `fc`).  
> **Alternative**: See [Azure Naming Convention (3 Character Region Codes)](AZURE_NAMING_CONVENTION_3CHAR.md) for the 3-character standard.

> **Related Documentation**:
> - [Azure Naming Convention (3 Character)](AZURE_NAMING_CONVENTION_3CHAR.md) - Standard 3-character region code convention

## Table of Contents

- [Overview](#overview)
- [Naming Pattern](#naming-pattern)
  - [Pattern Components](#pattern-components)
- [Region Codes](#region-codes)
- [Resource Type Abbreviations](#resource-type-abbreviations)
  - [Core Infrastructure](#core-infrastructure)
  - [Compute](#compute)
  - [Storage](#storage)
  - [Security & Identity](#security--identity)
  - [Monitoring & Logging](#monitoring--logging)
  - [Database](#database)
  - [Networking](#networking)
- [Naming Examples](#naming-examples)
  - [Resource Groups](#resource-groups)
  - [AKS Resources](#aks-resources)
  - [Networking](#networking-1)
  - [Storage](#storage-1)
  - [Security](#security)
  - [Monitoring](#monitoring)
- [Special Cases](#special-cases)
  - [Terraform Backend](#terraform-backend)
  - [Multi-Region](#multi-region)
  - [Node Pools](#node-pools)
- [Azure Naming Restrictions](#azure-naming-restrictions)
  - [General Rules](#general-rules)
  - [Resource-Specific Limits](#resource-specific-limits)
- [Implementation](#implementation)
  - [Terraform Variables](#terraform-variables)
  - [Naming Locals](#naming-locals)
- [Validation](#validation)
  - [Naming Validation Script](#naming-validation-script)
  - [Manual Validation Checklist](#manual-validation-checklist)
- [Migration Guide](#migration-guide)
  - [Updating Existing Resources](#updating-existing-resources)
  - [Example Migration](#example-migration)
- [Best Practices](#best-practices)
- [References](#references)

## Naming Pattern

```
{cloud}-{env}-{region}-{resource}-{instance}
```

### Pattern Components

| Component | Abbreviation | Length | Description | Examples |
|-----------|-------------|--------|-------------|----------|
| **Cloud** | `az` | 2 | Cloud provider identifier | `az` (Azure) |
| **Environment** | `p`, `d`, `t`, `s` | 1 | Environment code | `p` (prod), `d` (dev), `t` (test), `s` (staging) |
| **Region** | `we`, `ne`, `fc` | 2-3 | Azure region code | `we` (westeurope), `ne` (northeurope), `fc` (francecentral) |
| **Resource** | `rg`, `aks`, `kv` | 2-6 | Resource type abbreviation | See resource abbreviations below |
| **Instance** | `001`, `main`, `sys` | 2-4 | Instance identifier | Sequential number or descriptive name |

## Region Codes

| Full Name | Code | Full Name | Code |
|-----------|------|-----------|------|
| westeurope | `we` | northeurope | `ne` |
| francecentral | `fc` | francesouth | `fs` |
| germanywestcentral | `gw` | germanynorth | `gn` |
| uksouth | `uk` | ukwest | `uw` |
| swedencentral | `sc` | norwayeast | `ne` |
| switzerlandnorth | `sn` | polandcentral | `pc` |
| italynorth | `in` | spaincentral | `sp` |

## Resource Type Abbreviations

### Core Infrastructure

| Resource Type | Abbreviation | Example |
|--------------|--------------|---------|
| Resource Group | `rg` | `az-p-we-rg-net-001` |
| Virtual Network | `vnet` | `az-p-we-vnet-main` |
| Subnet | `snet` | `az-p-we-snet-aks` |
| Network Security Group | `nsg` | `az-p-we-nsg-valid` |
| Public IP | `pip` | `az-p-we-pip-gw` |
| Load Balancer | `lb` | `az-p-we-lb-main` |
| Application Gateway | `agw` | `az-p-we-agw-main` |

### Compute

| Resource Type | Abbreviation | Example |
|--------------|--------------|---------|
| AKS Cluster | `aks` | `az-p-we-aks-main` |
| VM | `vm` | `az-p-we-vm-valid-001` |
| VM Scale Set | `vmss` | `az-p-we-vmss-rpc` |
| Container Instance | `aci` | `az-p-we-aci-oracle` |

### Storage

| Resource Type | Abbreviation | Example |
|--------------|--------------|---------|
| Storage Account | `st` | `az-p-we-st-backup-001` |
| Storage Container | `cnt` | `az-p-we-cnt-chaindata` |
| Disk | `disk` | `az-p-we-disk-valid-001` |
| File Share | `share` | `az-p-we-share-config` |

### Security & Identity

| Resource Type | Abbreviation | Example |
|--------------|--------------|---------|
| Key Vault | `kv` | `az-p-we-kv-secrets-001` |
| Managed Identity | `id` | `az-p-we-id-aks` |
| Service Principal | `sp` | `az-p-we-sp-deploy` |

### Monitoring & Logging

| Resource Type | Abbreviation | Example |
|--------------|--------------|---------|
| Log Analytics Workspace | `law` | `az-p-we-law-main` |
| Application Insights | `appi` | `az-p-we-appi-main` |
| Action Group | `ag` | `az-p-we-ag-alerts` |
| Alert Rule | `alert` | `az-p-we-alert-cpu` |

### Database

| Resource Type | Abbreviation | Example |
|--------------|--------------|---------|
| SQL Database | `sql` | `az-p-we-sql-blockscout` |
| PostgreSQL | `psql` | `az-p-we-psql-main` |
| Cosmos DB | `cosmos` | `az-p-we-cosmos-main` |

### Networking

| Resource Type | Abbreviation | Example |
|--------------|--------------|---------|
| Route Table | `rt` | `az-p-we-rt-main` |
| NAT Gateway | `nat` | `az-p-we-nat-main` |
| VPN Gateway | `vpngw` | `az-p-we-vpngw-main` |
| ExpressRoute | `er` | `az-p-we-er-main` |

## Naming Examples

### Resource Groups

```
az-p-we-rg-net-001      # Network resource group (prod, westeurope)
az-p-we-rg-comp-001     # Compute resource group
az-p-we-rg-stor-001      # Storage resource group
az-p-we-rg-sec-001       # Security resource group
az-d-we-rg-net-001       # Development environment
```

### AKS Resources

```
az-p-we-aks-main         # Main AKS cluster
az-p-we-aks-node-sys     # System node pool
az-p-we-aks-node-valid   # Validator node pool
az-p-we-aks-node-sent   # Sentry node pool
az-p-we-aks-node-rpc    # RPC node pool
```

### Networking

```
az-p-we-vnet-main        # Main virtual network
az-p-we-snet-aks         # AKS subnet
az-p-we-snet-valid       # Validator subnet
az-p-we-snet-sent        # Sentry subnet
az-p-we-snet-rpc         # RPC subnet
az-p-we-snet-agw         # Application Gateway subnet
az-p-we-nsg-valid        # Validator NSG
az-p-we-pip-agw          # Application Gateway public IP
az-p-we-agw-main         # Application Gateway
```

### Storage

```
az-p-we-st-backup-001    # Backup storage account
az-p-we-st-shared-001    # Shared storage account
az-p-we-st-tfstate-001   # Terraform state storage
az-p-we-cnt-chaindata    # Chaindata container
az-p-we-cnt-config       # Configuration container
```

### Security

```
az-p-we-kv-secrets-001   # Key Vault for secrets
az-p-we-id-aks           # AKS managed identity
az-p-we-id-oracle        # Oracle service identity
```

### Monitoring

```
az-p-we-law-main         # Log Analytics workspace
az-p-we-appi-main        # Application Insights
az-p-we-ag-alerts        # Alert action group
```

## Special Cases

### Terraform Backend

```
az-p-we-st-tfstate-001   # Terraform state storage account
az-p-we-rg-tfstate-001  # Terraform state resource group
```

### Multi-Region

```
az-p-we-aks-main         # Primary region (westeurope)
az-p-ne-aks-main         # Secondary region (northeurope)
az-p-fc-aks-main         # Tertiary region (francecentral)
```

### Node Pools

```
az-p-we-aks-node-sys     # System node pool
az-p-we-aks-node-valid   # Validator node pool (4 nodes)
az-p-we-aks-node-sent   # Sentry node pool (3 nodes)
az-p-we-aks-node-rpc    # RPC node pool (3 nodes)
```

## Azure Naming Restrictions

### General Rules

- **Length**: Varies by resource (see table below)
- **Characters**: Alphanumeric, hyphens, underscores (varies by resource)
- **Case**: Lowercase only
- **Uniqueness**: Must be globally unique for some resources (storage accounts, Key Vaults)

### Resource-Specific Limits

| Resource | Min | Max | Allowed Characters | Notes |
|----------|-----|-----|-------------------|-------|
| Resource Group | 1 | 90 | Alphanumeric, hyphens, underscores, periods, parentheses | |
| Storage Account | 3 | 24 | Lowercase letters and numbers | Globally unique |
| Key Vault | 3 | 24 | Alphanumeric and hyphens | Globally unique |
| AKS Cluster | 1 | 63 | Alphanumeric, hyphens, underscores | |
| Virtual Network | 2 | 64 | Alphanumeric, hyphens, underscores, periods | |
| Subnet | 1 | 80 | Alphanumeric, hyphens, underscores, periods | |
| NSG | 1 | 80 | Alphanumeric, hyphens, underscores, periods | |
| Public IP | 1 | 80 | Alphanumeric, hyphens, underscores, periods | |

## Implementation

### Terraform Variables

```hcl
# Naming convention variables
variable "cloud_provider" {
  description = "Cloud provider code"
  type        = string
  default     = "az"
}

variable "environment" {
  description = "Environment code (p=prod, d=dev, t=test, s=staging)"
  type        = string
  default     = "p"
}

variable "region_code" {
  description = "Azure region code (we=westeurope, ne=northeurope)"
  type        = string
  default     = "we"
}

variable "project_code" {
  description = "Project code"
  type        = string
  default     = "dbis"  # DeFi Oracle Meta Mainnet
}
```

### Naming Locals

```hcl
locals {
  # Region mapping
  region_codes = {
    westeurope      = "we"
    northeurope     = "ne"
    francecentral   = "fc"
    uksouth         = "uk"
  }
  
  # Current region code
  region_code = local.region_codes[var.location]
  
  # Naming prefix
  name_prefix = "${var.cloud_provider}-${var.environment}-${local.region_code}"
  
  # Resource names
  rg_network  = "${local.name_prefix}-rg-net-001"
  rg_compute  = "${local.name_prefix}-rg-comp-001"
  rg_storage  = "${local.name_prefix}-rg-stor-001"
  rg_security = "${local.name_prefix}-rg-sec-001"
  
  aks_cluster = "${local.name_prefix}-aks-main"
  key_vault   = "${local.name_prefix}-kv-secrets-001"
  vnet_main   = "${local.name_prefix}-vnet-main"
}
```

## Validation

### Naming Validation Script

Use the provided script to validate naming:

```bash
./scripts/azure/validate-naming.sh <resource-name>
```

### Manual Validation Checklist

- [ ] Follows pattern: `{cloud}-{env}-{region}-{resource}-{instance}`
- [ ] All segments are lowercase
- [ ] Uses hyphens as separators
- [ ] Within Azure length limits
- [ ] Globally unique if required (storage, Key Vault)
- [ ] No special characters except hyphens
- [ ] Region code matches actual region

## Migration Guide

### Updating Existing Resources

1. **Review current names**: Identify resources using old naming
2. **Plan migration**: Create new names following convention
3. **Update Terraform**: Modify resource names in code
4. **Apply changes**: Use Terraform to rename (may require destroy/create)
5. **Update references**: Update all scripts and documentation

### Example Migration

**Old Name**: `defi-oracle-mainnet-rg`
**New Name**: `az-p-we-rg-comp-001`

## Best Practices

1. **Consistency**: Always use the same pattern across all resources
2. **Short Segments**: Keep abbreviations concise but clear
3. **Environment Prefix**: Always include environment code
4. **Region Code**: Include region for multi-region deployments
5. **Sequential Numbers**: Use `001`, `002` for multiple instances
6. **Documentation**: Document any custom abbreviations
7. **Validation**: Validate names before deployment
8. **Tags**: Use tags for additional metadata (don't rely on names alone)

## References

- [Azure Naming Conventions](https://docs.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)
- [Azure Resource Naming Rules](https://docs.microsoft.com/azure/azure-resource-manager/management/resource-name-rules)