Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update storage account naming convention to use subscription IDs as a unique string seed #571

Merged
merged 1 commit into from
Dec 13, 2021
Merged

Update storage account naming convention to use subscription IDs as a unique string seed #571

merged 1 commit into from
Dec 13, 2021
+32 −11

Conversation

glennmusa
Copy link
Contributor

@glennmusa glennmusa commented Dec 10, 2021
edited
Loading

Description

This change adds to the implementation from #558 to use the relative subscription ID as a uniqueString() seed to reduce likelihood of storage account collisions.

While not a full proof solution to unqiueness, since Subscription IDs are GUIDs this should generate a hash unique to the deployment subscriptions and prevent naming collisions with deployments to other subscriptions while preserving a redeployment into the same subscription + resourcePrefix and resourceSuffix pair.

It's likely that multiple users deploying into the same subscriptions will collaborate.

It's unlikely that if I pull MissionLZ from the wild I'll have any idea of what other users around the world have named their resourcePrefix and resourceSuffix.

Today

Today, in the event someone picks a "unique" resourcePrefix and "unique" resourceSuffix pair that's already been used, when the storage account name is calculated they'll get a storage account name collision:

missionlz/src/bicep/mlz.bicep

Line 477 in d2441cb

var storageAccountNamingConvention = toLower('${resourcePrefix}st${nameToken}${uniqueString(resourcePrefix, resourceSuffix)}') // we use uniqueString() here to generate uniqueness

Proposed changes

This change proposes passing the relative subscription ID for the hub/spoke that the storage account is being created within as another seed for determining the uniqueString() hash:

First, it creates the token for replacement unique_storage_token:

missionlz/src/bicep/mlz.bicep

Line 482 in e5fbc84

var storageAccountNamingConvention = toLower('${resourcePrefix}st${nameToken}unique_storage_token')

Then, each hub/spoke generates the name with token replacement:

missionlz/src/bicep/mlz.bicep

Lines 492 to 494 in e5fbc84

var hubLogStorageAccountShortName = replace(storageAccountNamingConvention, nameToken, hubShortName)
var hubLogStorageAccountUniqueName = replace(hubLogStorageAccountShortName, 'unique_storage_token', uniqueString(resourcePrefix, resourceSuffix, hubSubscriptionId))
var hubLogStorageAccountName = take(hubLogStorageAccountUniqueName, 23)

Issue reference

The issue this PR will close: #556

Checklist

Please make sure you've completed the relevant tasks for this PR out of the following list:

  • All acceptance criteria in the backlog item are met
  • The documentation is updated to cover any new or changed features
  • Manual tests have passed
  • Relevant issues are linked to this PR

@glennmusa glennmusa added this to the Resource Naming milestone Dec 10, 2021
@glennmusa glennmusa requested a review from a team December 10, 2021 15:15
@glennmusa glennmusa enabled auto-merge (squash) December 10, 2021 15:25
brooke-hamilton
brooke-hamilton approved these changes Dec 13, 2021
View reviewed changes
Copy link
Contributor

@brooke-hamilton brooke-hamilton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 🌮 💯

@glennmusa glennmusa merged commit 50d7c1e into main Dec 13, 2021
@glennmusa glennmusa deleted the glenn/reduceStorageNameCollisions branch December 13, 2021 22:46
jwaltireland pushed a commit to ARPA-H/AzureMissionLZ that referenced this pull request Nov 14, 2024
@glennmusa
use subscription ID in storage account names to reduce likelihood of …
c86dd11 
…collisions (Azure#571)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brooke-hamilton brooke-hamilton brooke-hamilton approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Resource Naming
Development

Successfully merging this pull request may close these issues.

Create naming conventions for resources
2 participants
@glennmusa @brooke-hamilton