Updated the naming convention for consistency across resources and resource groups (#850)

* Updated resource names for alignment * More naming updates * Compiled bicep changes * More naming changes * More naming updates * More naming updates * More naming changes
2024-02-09 10:00:16 -05:00 · 2024-02-09 10:00:16 -05:00 · 9790b65eb8
--- a/src/bicep/add-ons/azureVirtualDesktop/artifacts/Get-Validations.ps1
+++ b/src/bicep/add-ons/azureVirtualDesktop/artifacts/Get-Validations.ps1
@ -62,7 +62,7 @@ Param(

    [parameter(Mandatory)]
    [string]
-    $WorkspaceNamePrefix,
+    $WorkspaceFeedName,

    [parameter(Mandatory)]
    [string]
@ -237,7 +237,7 @@ try
    ##############################################################
    # AVD Workspace Validation
    ##############################################################
-    $Workspace = Get-AzResource -ResourceGroupName $WorkspaceResourceGroupName -ResourceName $($WorkspaceNamePrefix + '-feed')
+    $Workspace = Get-AzResource -ResourceGroupName $WorkspaceResourceGroupName -ResourceName $WorkspaceFeedName
    Write-Log -Message "Existing Workspace Validation Succeeded" -Type 'INFO'

    Disconnect-AzAccount | Out-Null
--- a/src/bicep/add-ons/azureVirtualDesktop/data/locations.json
+++ b/src/bicep/add-ons/azureVirtualDesktop/data/locations.json
@ -1,396 +0,0 @@
-{
-    "AzureChina": {
-        "chinaeast": {
-            "abbreviation": "cne",
-            "recoveryServicesGeo": "sha",
-            "timeDifference": "+8:00",
-            "timeZone": "China Standard Time"
-        },
-        "chinaeast2": {
-            "abbreviation": "cne2",
-            "recoveryServicesGeo": "sha2",
-            "timeDifference": "+8:00",
-            "timeZone": "China Standard Time"
-        },
-        "chinanorth": {
-            "abbreviation": "cnn",
-            "recoveryServicesGeo": "bjb",
-            "timeDifference": "+8:00",
-            "timeZone": "China Standard Time"
-        },
-        "chinanorth2": {
-            "abbreviation": "cnn2",
-            "recoveryServicesGeo": "bjb2",
-            "timeDifference": "+8:00",
-            "timeZone": "China Standard Time"
-        },
-        "chinanorth3": {
-            "abbreviation": "cnn3",
-            "recoveryServicesGeo": "",
-            "timeDifference": "+8:00",
-            "timeZone": "China Standard Time"
-        }
-    },
-    "AzureCloud": {
-        "australiacentral": {
-            "abbreviation": "auc",
-            "recoveryServicesGeo": "acl",
-            "timeDifference": "+10:00",
-            "timeZone": "AUS Eastern Standard Time"
-        },
-        "australiacentral2": {
-            "abbreviation": "auc2",
-            "recoveryServicesGeo": "acl2",
-            "timeDifference": "+10:00",
-            "timeZone": "AUS Eastern Standard Time"
-        },
-        "australiaeast": {
-            "abbreviation": "aue",
-            "recoveryServicesGeo": "ae",
-            "timeDifference": "+10:00",
-            "timeZone": "AUS Eastern Standard Time"
-        },
-        "australiasoutheast": {
-            "abbreviation": "ause",
-            "recoveryServicesGeo": "ase",
-            "timeDifference": "+10:00",
-            "timeZone": "AUS Eastern Standard Time"
-        },
-        "brazilsouth": {
-            "abbreviation": "brs",
-            "recoveryServicesGeo": "brs",
-            "timeDifference": "-3:00",
-            "timeZone": "E. South America Standard Time"
-        },
-        "brazilsoutheast": {
-            "abbreviation": "brse",
-            "recoveryServicesGeo": "bse",
-            "timeDifference": "-3:00",
-            "timeZone": "E. South America Standard Time"
-        },
-        "canadacentral": {
-            "abbreviation": "cac",
-            "recoveryServicesGeo": "cnc",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        },
-        "canadaeast": {
-            "abbreviation": "cae",
-            "recoveryServicesGeo": "cne",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        },
-        "centralindia": {
-            "abbreviation": "inc",
-            "recoveryServicesGeo": "inc",
-            "timeDifference": "+5:30",
-            "timeZone": "India Standard Time"
-        },
-        "centralus": {
-            "abbreviation": "usc",
-            "recoveryServicesGeo": "cus",
-            "timeDifference": "-6:00",
-            "timeZone": "Central Standard Time"
-        },
-        "eastasia": {
-            "abbreviation": "ase",
-            "recoveryServicesGeo": "ea",
-            "timeDifference": "+8:00",
-            "timeZone": "China Standard Time"
-        },
-        "eastus": {
-            "abbreviation": "use",
-            "recoveryServicesGeo": "eus",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        },
-        "eastus2": {
-            "abbreviation": "use2",
-            "recoveryServicesGeo": "eus2",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        },
-        "francecentral": {
-            "abbreviation": "frc",
-            "recoveryServicesGeo": "frc",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "francesouth": {
-            "abbreviation": "frs",
-            "recoveryServicesGeo": "frs",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "germanynorth": {
-            "abbreviation": "den",
-            "recoveryServicesGeo": "gn",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "germanywestcentral": {
-            "abbreviation": "dewc",
-            "recoveryServicesGeo": "gwc",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "israelcentral": {
-            "abbreviation": "ilc",
-            "recoveryServicesGeo": "ilc",
-            "timeDifference": "+2:00",
-            "timeZone": "Israel Standard Time"
-        },
-        "italynorth": {
-            "abbreviation": "itn",
-            "recoveryServicesGeo": "itn",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "japaneast": {
-            "abbreviation": "jpe",
-            "recoveryServicesGeo": "jpe",
-            "timeDifference": "+9:00",
-            "timeZone": "Tokyo Standard Time"
-        },
-        "japanwest": {
-            "abbreviation": "jpw",
-            "recoveryServicesGeo": "jpw",
-            "timeDifference": "+9:00",
-            "timeZone": "Tokyo Standard Time"
-        },
-        "jioindiacentral": {
-            "abbreviation": "injc",
-            "recoveryServicesGeo": "jic",
-            "timeDifference": "+5:30",
-            "timeZone": "India Standard Time"
-        },
-        "jioindiawest": {
-            "abbreviation": "injw",
-            "recoveryServicesGeo": "jiw",
-            "timeDifference": "+5:30",
-            "timeZone": "India Standard Time"
-        },
-        "koreacentral": {
-            "abbreviation": "krc",
-            "recoveryServicesGeo": "krc",
-            "timeDifference": "+9:00",
-            "timeZone": "Korea Standard Time"
-        },
-        "koreasouth": {
-            "abbreviation": "krs",
-            "recoveryServicesGeo": "krs",
-            "timeDifference": "+9:00",
-            "timeZone": "Korea Standard Time"
-        },
-        "newzealandnorth": {
-            "abbreviation": "nzn",
-            "recoveryServicesGeo": "",
-            "timeDifference": "+13:00",
-            "timeZone": "New Zealand Standard Time"
-        },
-        "northcentralus": {
-            "abbreviation": "usnc",
-            "recoveryServicesGeo": "ncus",
-            "timeDifference": "-6:00",
-            "timeZone": "Central Standard Time"
-        },
-        "northeurope": {
-            "abbreviation": "eun",
-            "recoveryServicesGeo": "ne",
-            "timeDifference": "0:00",
-            "timeZone": "GMT Standard Time"
-        },
-        "norwayeast": {
-            "abbreviation": "noe",
-            "recoveryServicesGeo": "nwe",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "norwaywest": {
-            "abbreviation": "now",
-            "recoveryServicesGeo": "nww",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "polandcentral": {
-            "abbreviation": "plc",
-            "recoveryServicesGeo": "plc",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "qatarcentral": {
-            "abbreviation": "qac",
-            "recoveryServicesGeo": "qac",
-            "timeDifference": "+3:00",
-            "timeZone": "Arabian Standard Time"
-        },
-        "southafricanorth": {
-            "abbreviation": "zan",
-            "recoveryServicesGeo": "san",
-            "timeDifference": "+2:00",
-            "timeZone": "South Africa Standard Time"
-        },
-        "southafricawest": {
-            "abbreviation": "zaw",
-            "recoveryServicesGeo": "saw",
-            "timeDifference": "+2:00",
-            "timeZone": "South Africa Standard Time"
-        },
-        "southcentralus": {
-            "abbreviation": "ussc",
-            "recoveryServicesGeo": "scus",
-            "timeDifference": "-6:00",
-            "timeZone": "Central Standard Time"
-        },
-        "southeastasia": {
-            "abbreviation": "asse",
-            "recoveryServicesGeo": "sea",
-            "timeDifference": "+8:00",
-            "timeZone": "Singapore Standard Time"
-        },
-        "southindia": {
-            "abbreviation": "ins",
-            "recoveryServicesGeo": "ins",
-            "timeDifference": "+5:30",
-            "timeZone": "India Standard Time"
-        },
-        "swedencentral": {
-            "abbreviation": "sec",
-            "recoveryServicesGeo": "sdc",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "switzerlandnorth": {
-            "abbreviation": "chn",
-            "recoveryServicesGeo": "szn",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "switzerlandwest": {
-            "abbreviation": "chw",
-            "recoveryServicesGeo": "szw",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "uaecentral": {
-            "abbreviation": "aec",
-            "recoveryServicesGeo": "uac",
-            "timeDifference": "+3:00",
-            "timeZone": "Arabian Standard Time"
-        },
-        "uaenorth": {
-            "abbreviation": "aen",
-            "recoveryServicesGeo": "uan",
-            "timeDifference": "+3:00",
-            "timeZone": "Arabian Standard Time"
-        },
-        "uksouth": {
-            "abbreviation": "uks",
-            "recoveryServicesGeo": "uks",
-            "timeDifference": "0:00",
-            "timeZone": "GMT Standard Time"
-        },
-        "ukwest": {
-            "abbreviation": "ukw",
-            "recoveryServicesGeo": "ukw",
-            "timeDifference": "0:00",
-            "timeZone": "GMT Standard Time"
-        },
-        "westcentralus": {
-            "abbreviation": "uswc",
-            "recoveryServicesGeo": "wcus",
-            "timeDifference": "-7:00",
-            "timeZone": "Mountain Standard Time"
-        },
-        "westeurope": {
-            "abbreviation": "euw",
-            "recoveryServicesGeo": "we",
-            "timeDifference": "+1:00",
-            "timeZone": "Central Europe Standard Time"
-        },
-        "westindia": {
-            "abbreviation": "inw",
-            "recoveryServicesGeo": "inw",
-            "timeDifference": "+5:30",
-            "timeZone": "India Standard Time"
-        },
-        "westus": {
-            "abbreviation": "usw",
-            "recoveryServicesGeo": "wus",
-            "timeDifference": "-8:00",
-            "timeZone": "Pacific Standard Time"
-        },
-        "westus2": {
-            "abbreviation": "usw2",
-            "recoveryServicesGeo": "wus2",
-            "timeDifference": "-8:00",
-            "timeZone": "Pacific Standard Time"
-        },
-        "westus3": {
-            "abbreviation": "usw3",
-            "recoveryServicesGeo": "wus3",
-            "timeDifference": "-7:00",
-            "timeZone": "Mountain Standard Time"
-        }
-    },
-    "AzureUSGovernment": {
-        "usdodcentral": {
-            "abbreviation": "dodc",
-            "recoveryServicesGeo": "udc",
-            "timeDifference": "-6:00",
-            "timeZone": "Central Standard Time"
-        },
-        "usdodeast": {
-            "abbreviation": "dode",
-            "recoveryServicesGeo": "ude",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        },
-        "usgovarizona": {
-            "abbreviation": "az",
-            "recoveryServicesGeo": "uga",
-            "timeDifference": "-7:00",
-            "timeZone": "Mountain Standard Time"
-        },
-        "usgovtexas": {
-            "abbreviation": "tx",
-            "recoveryServicesGeo": "ugt",
-            "timeDifference": "-6:00",
-            "timeZone": "Central Standard Time"
-        },
-        "usgovvirginia": {
-            "abbreviation": "va",
-            "recoveryServicesGeo": "ugv",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        }
-    },
-    "USNat": {
-        "usnateast": {
-            "abbreviation": "east",
-            "recoveryServicesGeo": "exe",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        },
-        "usnatwest": {
-            "abbreviation": "west",
-            "recoveryServicesGeo": "exw",
-            "timeDifference": "-8:00",
-            "timeZone": "Pacific Standard Time"
-        }
-    },
-    "USSec": {
-        "usseceast": {
-            "abbreviation": "east",
-            "recoveryServicesGeo": "rxe",
-            "timeDifference": "-5:00",
-            "timeZone": "Eastern Standard Time"
-        },
-        "ussecwest": {
-            "abbreviation": "west",
-            "recoveryServicesGeo": "rxw",
-            "timeDifference": "-8:00",
-            "timeZone": "Pacific Standard Time"
-        }
-    }
-}
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/controlPlane/controlPlane.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/controlPlane/controlPlane.bicep
@ -8,7 +8,10 @@ param deploymentUserAssignedIdentityClientId string
 param desktopApplicationGroupName string
 param desktopFriendlyName string
 param existingFeedWorkspace bool
+param hostPoolDiagnosticSettingName string
 param hostPoolName string
+param hostPoolNetworkInterfaceName string
+param hostPoolPrivateEndpointName string
 param hostPoolPublicNetworkAccess string
 param hostPoolType string
 param locationControlPlane string
@ -28,7 +31,10 @@ param timestamp string
 param validationEnvironment bool
 param vmTemplate string
 param workspaceFriendlyName string
-param workspaceNamePrefix string
+param workspaceFeedName string
+param workspaceFeedDiagnoticSettingName string
+param workspaceFeedNetworkInterfaceName string
+param workspaceFeedPrivateEndpointName string
 param workspacePublicNetworkAccess string

 module hostPool 'hostPool.bicep' = {
@ -38,7 +44,10 @@ module hostPool 'hostPool.bicep' = {
    activeDirectorySolution: activeDirectorySolution
    avdPrivateDnsZoneResourceId: avdPrivateDnsZoneResourceId
    customRdpProperty: customRdpProperty
+    hostPoolDiagnosticSettingName: hostPoolDiagnosticSettingName
    hostPoolName: hostPoolName
+    hostPoolNetworkInterfaceName: hostPoolNetworkInterfaceName
+    hostPoolPrivateEndpointName: hostPoolPrivateEndpointName
    hostPoolPublicNetworkAccess: hostPoolPublicNetworkAccess
    hostPoolType: hostPoolType
    location: locationControlPlane
@ -92,7 +101,10 @@ module workspace 'workspace.bicep' = {
    tags: tags
    timestamp: timestamp
    virtualMachineName: managementVirtualMachineName
-    workspaceNamePrefix: workspaceNamePrefix
+    workspaceFeedDiagnoticSettingName: workspaceFeedDiagnoticSettingName
+    workspaceFeedName: workspaceFeedName
+    workspaceFeedNetworkInterfaceName: workspaceFeedNetworkInterfaceName
+    workspaceFeedPrivateEndpointName: workspaceFeedPrivateEndpointName
    workspacePublicNetworkAccess: workspacePublicNetworkAccess
  }
 }
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/controlPlane/hostPool.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/controlPlane/hostPool.bicep
@ -1,7 +1,10 @@
 param activeDirectorySolution string
 param avdPrivateDnsZoneResourceId string
 param customRdpProperty string
+param hostPoolDiagnosticSettingName string
 param hostPoolName string
+param hostPoolNetworkInterfaceName string
+param hostPoolPrivateEndpointName string
 param hostPoolPublicNetworkAccess string
 param hostPoolType string
 param location string
@ -41,7 +44,6 @@ var hostPoolLogs = [
    enabled: true
  }
 ]
-var privateEndpointName = 'pe-${hostPoolName}'

 resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2023-09-05' = {
  name: hostPoolName
@ -69,16 +71,16 @@ resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2023-09-05' = {
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
-  name: privateEndpointName
+  name: hostPoolPrivateEndpointName
  location: location
  tags: union({
    'cm-resource-parent': '${subscription().id}}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DesktopVirtualization/hostpools/${hostPoolName}'
  }, contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {})
  properties: {
-    customNetworkInterfaceName: 'nic-${hostPoolName}'
+    customNetworkInterfaceName: hostPoolNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: privateEndpointName
+        name: hostPoolPrivateEndpointName
        properties: {
          privateLinkServiceId: hostPool.id
          groupIds: [
@ -108,8 +110,8 @@ resource privateDnsZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneG
  }
 }

-resource hostPoolDiagnostics 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (monitoring) {
-  name: 'diag-${hostPoolName}'
+resource diagnosticSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (monitoring) {
+  name: hostPoolDiagnosticSettingName
  scope: hostPool
  properties: {
    logs: hostPoolLogs
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/controlPlane/workspace.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/controlPlane/workspace.bicep
@ -14,12 +14,12 @@ param subnetResourceId string
 param tags object
 param timestamp string
 param virtualMachineName string
-param workspaceNamePrefix string
+param workspaceFeedDiagnoticSettingName string
+param workspaceFeedName string
+param workspaceFeedNetworkInterfaceName string
+param workspaceFeedPrivateEndpointName string
 param workspacePublicNetworkAccess string

-var feedWorkspaceName = '${workspaceNamePrefix}-feed'
-var privateEndpointName = 'pe-${feedWorkspaceName}'
-
 module addApplicationGroups '../common/customScriptExtensions.bicep' = if (existing) {
  scope: resourceGroup(resourceGroupManagement)
  name: 'AddApplicationGroupReferences_${timestamp}'
@ -28,7 +28,7 @@ module addApplicationGroups '../common/customScriptExtensions.bicep' = if (exist
      '${artifactsUri}Update-AvdWorkspace.ps1'
    ]
    location: locationVirtualMachines
-    parameters: '-ApplicationGroupReferences "${applicationGroupReferences}" -Environment ${environment().name} -ResourceGroupName ${resourceGroup().name} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -UserAssignedIdentityClientId ${deploymentUserAssignedIdentityClientId} -WorkspaceName ${feedWorkspaceName}'
+    parameters: '-ApplicationGroupReferences "${applicationGroupReferences}" -Environment ${environment().name} -ResourceGroupName ${resourceGroup().name} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -UserAssignedIdentityClientId ${deploymentUserAssignedIdentityClientId} -WorkspaceName ${workspaceFeedName}'
    scriptFileName: 'Update-AvdWorkspace.ps1'
    tags: union({
      'cm-resource-parent': '${subscription().id}}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DesktopVirtualization/hostpools/${hostPoolName}'
@ -39,7 +39,7 @@ module addApplicationGroups '../common/customScriptExtensions.bicep' = if (exist
 }

 resource workspace 'Microsoft.DesktopVirtualization/workspaces@2023-09-05' = if (!existing) {
-  name: feedWorkspaceName
+  name: workspaceFeedName
  location: locationControlPlane
  tags: {}
  properties: {
@ -50,14 +50,14 @@ resource workspace 'Microsoft.DesktopVirtualization/workspaces@2023-09-05' = if
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = if (!existing) {
-  name: privateEndpointName
+  name: workspaceFeedPrivateEndpointName
  location: locationControlPlane
  tags: {}
  properties: {
-    customNetworkInterfaceName: 'nic-${feedWorkspaceName}'
+    customNetworkInterfaceName: workspaceFeedNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: privateEndpointName
+        name: workspaceFeedPrivateEndpointName
        properties: {
          privateLinkServiceId: workspace.id
          groupIds: [
@ -87,8 +87,8 @@ resource privateDnsZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneG
  }
 }

-resource workspaceDiagnostics 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (!existing && monitoring) {
-  name: 'diag-${feedWorkspaceName}'
+resource diagnosticSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (!existing && monitoring) {
+  name: workspaceFeedDiagnoticSettingName
  scope: workspace
  properties: {
    logs: [
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/fslogix/azureFiles/azureFiles.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/fslogix/azureFiles/azureFiles.bicep
@ -24,8 +24,11 @@ param resourceGroupManagement string
 param resourceGroupStorage string
 param securityPrincipalObjectIds array
 param securityPrincipalNames array
+param serviceName string
@minLength(3)
 param storageAccountNamePrefix string
+param storageAccountNetworkInterfaceNamePrefix string
+param storageAccountPrivateEndpointNamePrefix string
 param storageCount int
 param storageEncryptionKeyName string
 param storageIndex int
@ -166,14 +169,14 @@ module shares 'shares.bicep' = [for i in range(0, storageCount): {
 }]

 resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for i in range(0, storageCount): {
-  name: 'pe-${storageAccountNamePrefix}${padLeft(i + storageIndex, 2, '0')}-file'
+  name: '${replace(storageAccountPrivateEndpointNamePrefix, serviceName, 'file')}-${padLeft(i + storageIndex, 2, '0')}'
  location: location
  tags: tagsPrivateEndpoints
  properties: {
-    customNetworkInterfaceName: 'nic-${storageAccountNamePrefix}${padLeft(i + storageIndex, 2, '0')}-file'
+    customNetworkInterfaceName: '${replace(storageAccountNetworkInterfaceNamePrefix, serviceName, 'file')}-${padLeft(i + storageIndex, 2, '0')}'
    privateLinkServiceConnections: [
      {
-        name: 'pe-${storageAccounts[i].name}'
+        name: '${replace(storageAccountPrivateEndpointNamePrefix, serviceName, 'file')}-${padLeft(i + storageIndex, 2, '0')}'
        properties: {
          privateLinkServiceId: storageAccounts[i].id
          groupIds: [
@ -190,7 +193,7 @@ resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for

 resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2021-08-01' = [for i in range(0, storageCount): {
  parent: privateEndpoints[i]
-  name: '${storageAccountNamePrefix}${padLeft(i + storageIndex, 2, '0')}'
+  name: '${storageAccountNamePrefix}-${padLeft(i + storageIndex, 2, '0')}'
  properties: {
    privateDnsZoneConfigs: [
      {
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/fslogix/fslogix.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/fslogix/fslogix.bicep
@ -34,8 +34,11 @@ param resourceGroupManagement string
 param resourceGroupStorage string
 param securityPrincipalObjectIds array
 param securityPrincipalNames array
+param serviceName string
 param smbServerLocation string
 param storageAccountNamePrefix string
+param storageAccountNetworkInterfaceNamePrefix string
+param storageAccountPrivateEndpointNamePrefix string
 param storageCount int
 param storageEncryptionKeyName string
 param storageIndex int
@ -116,7 +119,10 @@ module azureFiles 'azureFiles/azureFiles.bicep' = if (storageService == 'AzureFi
    resourceGroupStorage: resourceGroupStorage
    securityPrincipalNames: securityPrincipalNames
    securityPrincipalObjectIds: securityPrincipalObjectIds
+    serviceName: serviceName
    storageAccountNamePrefix: storageAccountNamePrefix
+    storageAccountNetworkInterfaceNamePrefix: storageAccountNetworkInterfaceNamePrefix
+    storageAccountPrivateEndpointNamePrefix: storageAccountPrivateEndpointNamePrefix
    storageCount: storageCount
    storageEncryptionKeyName: storageEncryptionKeyName
    storageIndex: storageIndex
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/hub/hub.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/hub/hub.bicep
@ -5,7 +5,9 @@ param globalWorkspacePrivateDnsZoneResourceId string
 param hubSubnetResourceId string
 param resourceGroupName string
 param timestamp string
-param workspaceNamePrefix string
+param workspaceGlobalName string
+param workspaceGlobalNetworkInterfaceName string
+param workspaceGlobalPrivateEndpointName string

 module virtualNetwork 'virtualNetwork.bicep' = if (!existingWorkspace) {
  scope: resourceGroup(split(hubSubnetResourceId, '/')[4])
@ -33,7 +35,9 @@ module workspace 'workspace.bicep' = if (!existingWorkspace) {
    globalWorkspacePrivateDnsZoneResourceId: globalWorkspacePrivateDnsZoneResourceId
    location: !existingWorkspace ? virtualNetwork.outputs.location : ''
    subnetResourceId: hubSubnetResourceId
-    workspaceNamePrefix: workspaceNamePrefix
+    workspaceGlobalName: workspaceGlobalName
+    workspaceGlobalNetworkInterfaceName: workspaceGlobalNetworkInterfaceName
+    workspaceGlobalPrivateEndpointName: workspaceGlobalPrivateEndpointName
  }
  dependsOn: [
    rg_GlobalWorkspace
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/hub/workspace.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/hub/workspace.bicep
@ -1,27 +1,26 @@
 param globalWorkspacePrivateDnsZoneResourceId string
 param location string
 param subnetResourceId string
-param workspaceNamePrefix string
-
-var globalWorkspaceName = '${workspaceNamePrefix}-global'
-var privateEndpointName = 'pe-${globalWorkspaceName}'
+param workspaceGlobalName string
+param workspaceGlobalNetworkInterfaceName string
+param workspaceGlobalPrivateEndpointName string

 resource workspace 'Microsoft.DesktopVirtualization/workspaces@2023-09-05' = {
-  name: globalWorkspaceName
+  name: workspaceGlobalName
  location: location
  tags: {}
  properties: {}
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
-  name: privateEndpointName
+  name: workspaceGlobalPrivateEndpointName
  location: location
  tags: {}
  properties: {
-    customNetworkInterfaceName: 'nic-${globalWorkspaceName}'
+    customNetworkInterfaceName: workspaceGlobalNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: privateEndpointName
+        name: workspaceGlobalPrivateEndpointName
        properties: {
          privateLinkServiceId: workspace.id
          groupIds: [
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/management/artifacts.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/management/artifacts.bicep
@ -1,12 +1,13 @@
 param location string
 param resourceGroupManagement string
+param serviceName string
 param storageAccountName string
 param subscriptionId string
 param tags object
 param timestamp string
 param userAssignedIdentityNamePrefix string

-var name = '${userAssignedIdentityNamePrefix}-artifacts'
+var name = replace(userAssignedIdentityNamePrefix, serviceName, 'artifacts')
 var roleDefinitionId = '2a2b9908-6ea1-4ae2-8e65-a410df84e7d1' // Storage Blob Data Reader

 resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' existing = {
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/management/automationAccount.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/management/automationAccount.bicep
@ -1,5 +1,8 @@
+param automationAccountDiagnosticSettingName string
 param automationAccountName string
+param automationAccountNetworkInterfaceName string
 param automationAccountPrivateDnsZoneResourceId string
+param automationAccountPrivateEndpointName string
 param location string
 param logAnalyticsWorkspaceResourceId string
 param monitoring bool
@ -7,8 +10,6 @@ param subnetResourceId string
 param tags object
 param virtualMachineName string

-var privateEndpointName = 'pe-${automationAccountName}-DSCAndHybridWorker'
-
 resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-07-01' existing = {
  name: virtualMachineName
 }
@ -28,14 +29,14 @@ resource automationAccount 'Microsoft.Automation/automationAccounts@2021-06-22'
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
-  name: privateEndpointName
+  name: automationAccountPrivateEndpointName
  location: location
  tags: contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {}
  properties: {
-    customNetworkInterfaceName: 'nic-${automationAccountName}-DSCAndHybridWorker'
+    customNetworkInterfaceName: automationAccountNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: privateEndpointName
+        name: automationAccountPrivateEndpointName
        properties: {
          privateLinkServiceId: automationAccount.id
          groupIds: [
@ -96,9 +97,9 @@ resource extension_HybridWorker 'Microsoft.Compute/virtualMachines/extensions@20
 }

 // Enables logging in a log analytics workspace for alerting and dashboards
-resource diagnostics 'Microsoft.Insights/diagnosticsettings@2017-05-01-preview' = if (monitoring) {
+resource diagnosticSetting 'Microsoft.Insights/diagnosticsettings@2017-05-01-preview' = if (monitoring) {
  scope: automationAccount
-  name: 'diag-${automationAccountName}'
+  name: automationAccountDiagnosticSettingName
  properties: {
    logs: [
      {
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/management/customerManagedKeys.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/management/customerManagedKeys.bicep
@ -1,9 +1,11 @@
 param diskEncryptionKeyExpirationInDays int = 30
 param environment string
-param keyVaultAbbreviation string
 param keyVaultName string
+param keyVaultNetworkInterfaceName string
+param keyVaultPrivateEndpointName string
 param keyVaultPrivateDnsZoneResourceId string
 param location string
+param serviceName string
 param subnetResourceId string
 param tags object
 param timestamp string
@ -37,14 +39,14 @@ resource vault 'Microsoft.KeyVault/vaults@2022-07-01' = {
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
-  name: replace(keyVaultName, keyVaultAbbreviation, '${keyVaultAbbreviation}-pe')
+  name: keyVaultPrivateEndpointName
  location: location
  tags: contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {}
  properties: {
-    customNetworkInterfaceName: replace(keyVaultName, keyVaultAbbreviation, '${keyVaultAbbreviation}-nic')
+    customNetworkInterfaceName: keyVaultNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: replace(keyVaultName, keyVaultAbbreviation, '${keyVaultAbbreviation}-nic')
+        name: keyVaultPrivateEndpointName
        properties: {
          privateLinkServiceId: vault.id
          groupIds: [
@ -148,7 +150,7 @@ module userAssignedIdentity 'userAssignedIdentity.bicep' = {
  name: 'UAI_Encryption_${timestamp}'
  params: {
    location: location
-    name: '${userAssignedIdentityNamePrefix}-encryption'
+    name: replace(userAssignedIdentityNamePrefix, serviceName, 'encryption')
    tags: contains(tags, 'Microsoft.ManagedIdentity/userAssignedIdentities') ? tags['Microsoft.ManagedIdentity/userAssignedIdentities'] : {}
  }
 }
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/management/management.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/management/management.bicep
@ -3,8 +3,11 @@ targetScope = 'subscription'
 param activeDirectorySolution string
 param artifactsUri string
 param artifactsStorageAccountResourceId string
+param automationAccountDiagnosticSettingName string
 param automationAccountName string
+param automationAccountNetworkInterfaceName string
 param automationAccountPrivateDnsZoneResourceId string
+param automationAccountPrivateEndpointName string
 param availability string
 param avdObjectId string
 param azureBlobsPrivateDnsZoneResourceId string
@ -26,18 +29,22 @@ param fslogixStorageService string
 param hostPoolName string
 param hostPoolType string
 param imageDefinitionResourceId string
-param keyVaultAbbreviation string
 param keyVaultName string
+param keyVaultNetworkInterfaceName string
 param keyVaultPrivateDnsZoneResourceId string
+param keyVaultPrivateEndpointName string
 param locationVirtualMachines string
 param logAnalyticsWorkspaceName string
 param logAnalyticsWorkspaceRetention int
 param logAnalyticsWorkspaceSku string
 param networkInterfaceNamePrefix string
+param networkName string
 param organizationalUnitPath string
 param recoveryServices bool
 param recoveryServicesPrivateDnsZoneResourceId string
 param recoveryServicesVaultName string
+param recoveryServicesVaultNetworkInterfaceName string
+param recoveryServicesVaultPrivateEndpointName string
 param resourceGroupControlPlane string
 param resourceGroupFeedWorkspace string
 param resourceGroupHosts string
@ -46,6 +53,7 @@ param resourceGroupStorage string
 param roleDefinitions object
 param scalingTool bool
 param securityLogAnalyticsWorkspaceResourceId string
+param serviceName string
 param sessionHostCount int
 param storageService string
 param subnetResourceId string
@ -59,7 +67,7 @@ param virtualMachineNamePrefix string
 param virtualMachinePassword string
 param virtualMachineUsername string
 param virtualMachineSize string
-param workspaceNamePrefix string
+param workspaceFeedName string

 var CpuCountMax = contains(hostPoolType, 'Pooled') ? 32 : 128
 var CpuCountMin = contains(hostPoolType, 'Pooled') ? 4 : 2
@ -135,7 +143,7 @@ module deploymentUserAssignedIdentity 'userAssignedIdentity.bicep' = {
  name: 'UserAssignedIdentity_${timestamp}'
  params: {
    location: locationVirtualMachines
-    name: '${userAssignedIdentityNamePrefix}-deployment'
+    name: replace(userAssignedIdentityNamePrefix, serviceName, 'deployment')
    tags: contains(tags, 'Microsoft.ManagedIdentity/userAssignedIdentities') ? tags['Microsoft.ManagedIdentity/userAssignedIdentities'] : {}
  }
 }
@ -167,6 +175,7 @@ module artifacts 'artifacts.bicep' = {
  params: {
    location: locationVirtualMachines
    resourceGroupManagement: resourceGroupManagement
+    serviceName: serviceName
    storageAccountName: split(artifactsStorageAccountResourceId, '/')[8]
    subscriptionId: subscription().subscriptionId
    tags: tags
@ -181,10 +190,12 @@ module customerManagedKeys 'customerManagedKeys.bicep' = {
  scope: resourceGroup(resourceGroupManagement)
  params: {
    environment: environmentShortName
-    keyVaultAbbreviation: keyVaultAbbreviation
    keyVaultName: keyVaultName
+    keyVaultNetworkInterfaceName: keyVaultNetworkInterfaceName
    keyVaultPrivateDnsZoneResourceId: keyVaultPrivateDnsZoneResourceId
+    keyVaultPrivateEndpointName: keyVaultPrivateEndpointName
    location: locationVirtualMachines
+    serviceName: serviceName
    subnetResourceId: subnetResourceId
    tags: tags
    timestamp: timestamp
@ -223,8 +234,10 @@ module virtualMachine 'virtualMachine.bicep' = {
    domainName: domainName
    location: locationVirtualMachines
    networkInterfaceNamePrefix: networkInterfaceNamePrefix
+    networkName: networkName
    organizationalUnitPath: organizationalUnitPath
    securityLogAnalyticsWorkspaceResourceId: securityLogAnalyticsWorkspaceResourceId
+    serviceName: serviceName
    subnet: split(subnetResourceId, '/')[10]
    tagsNetworkInterfaces: contains(tags, 'Microsoft.Network/networkInterfaces') ? tags['Microsoft.Network/networkInterfaces'] : {}
    tagsVirtualMachines: contains(tags, 'Microsoft.Compute/virtualMachines') ? tags['Microsoft.Compute/virtualMachines'] : {}
@ -247,7 +260,7 @@ module validations '../common/customScriptExtensions.bicep' = {
      '${artifactsUri}Get-Validations.ps1'
    ]
    location: locationVirtualMachines
-    parameters: '-ActiveDirectorySolution ${activeDirectorySolution} -CpuCountMax ${CpuCountMax} -CpuCountMin ${CpuCountMin} -DomainName ${empty(domainName) ? 'NotApplicable' : domainName} -Environment ${environment().name} -ImageDefinitionResourceId ${empty(imageDefinitionResourceId) ? 'NotApplicable' : imageDefinitionResourceId} -Location ${locationVirtualMachines} -SessionHostCount ${sessionHostCount} -StorageService ${storageService} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -UserAssignedIdentityClientId ${deploymentUserAssignedIdentity.outputs.clientId} -VirtualMachineSize ${virtualMachineSize} -VirtualNetworkName ${VirtualNetworkName} -VirtualNetworkResourceGroupName ${VirtualNetworkResourceGroupName} -WorkspaceNamePrefix ${workspaceNamePrefix} -WorkspaceResourceGroupName ${resourceGroupFeedWorkspace}'
+    parameters: '-ActiveDirectorySolution ${activeDirectorySolution} -CpuCountMax ${CpuCountMax} -CpuCountMin ${CpuCountMin} -DomainName ${empty(domainName) ? 'NotApplicable' : domainName} -Environment ${environment().name} -ImageDefinitionResourceId ${empty(imageDefinitionResourceId) ? 'NotApplicable' : imageDefinitionResourceId} -Location ${locationVirtualMachines} -SessionHostCount ${sessionHostCount} -StorageService ${storageService} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -UserAssignedIdentityClientId ${deploymentUserAssignedIdentity.outputs.clientId} -VirtualMachineSize ${virtualMachineSize} -VirtualNetworkName ${VirtualNetworkName} -VirtualNetworkResourceGroupName ${VirtualNetworkResourceGroupName} -WorkspaceFeedName ${workspaceFeedName} -WorkspaceResourceGroupName ${resourceGroupFeedWorkspace}'
    scriptFileName: 'Get-Validations.ps1'
    tags: contains(tags, 'Microsoft.Compute/virtualMachines') ? tags['Microsoft.Compute/virtualMachines'] : {}
    userAssignedIdentityClientId: deploymentUserAssignedIdentity.outputs.clientId
@ -287,8 +300,11 @@ module automationAccount 'automationAccount.bicep' = if (scalingTool || fslogixS
  name: 'AutomationAccount_${timestamp}'
  scope: resourceGroup(resourceGroupManagement)
  params: {
+    automationAccountDiagnosticSettingName: automationAccountDiagnosticSettingName
    automationAccountName: automationAccountName
+    automationAccountNetworkInterfaceName: automationAccountNetworkInterfaceName
    automationAccountPrivateDnsZoneResourceId: automationAccountPrivateDnsZoneResourceId
+    automationAccountPrivateEndpointName: automationAccountPrivateEndpointName
    location: locationVirtualMachines
    logAnalyticsWorkspaceResourceId: enableMonitoring ? monitoring.outputs.logAnalyticsWorkspaceResourceId : ''
    monitoring: enableMonitoring
@ -308,6 +324,8 @@ module recoveryServicesVault 'recoveryServicesVault.bicep' = if (recoveryService
    azureQueueStoragePrivateDnsZoneResourceId: azureQueueStoragePrivateDnsZoneResourceId
    recoveryServicesPrivateDnsZoneResourceId: recoveryServicesPrivateDnsZoneResourceId
    recoveryServicesVaultName: recoveryServicesVaultName
+    recoveryServicesVaultNetworkInterfaceName: recoveryServicesVaultNetworkInterfaceName
+    recoveryServicesVaultPrivateEndpointName: recoveryServicesVaultPrivateEndpointName
    storageService: storageService
    subnetId: subnetResourceId
    tags: tags
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/management/recoveryServicesVault.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/management/recoveryServicesVault.bicep
@ -4,6 +4,8 @@ param fslogix bool
 param location string
 param recoveryServicesPrivateDnsZoneResourceId string
 param recoveryServicesVaultName string
+param recoveryServicesVaultNetworkInterfaceName string
+param recoveryServicesVaultPrivateEndpointName string
 param storageService string
 param subnetId string
 param tags object
@ -86,14 +88,14 @@ resource backupPolicy_Vm 'Microsoft.RecoveryServices/vaults/backupPolicies@2022-
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
-  name: 'pe-${recoveryServicesVaultName}'
+  name: recoveryServicesVaultPrivateEndpointName
  location: location
  tags: contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {}
  properties: {
-    customNetworkInterfaceName: 'nic-${recoveryServicesVaultName}'
+    customNetworkInterfaceName: recoveryServicesVaultNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: 'pe-${recoveryServicesVaultName}'
+        name: recoveryServicesVaultPrivateEndpointName
        properties: {
          privateLinkServiceId: vault.id
          groupIds: [
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/management/virtualMachine.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/management/virtualMachine.bicep
@ -11,8 +11,10 @@ param domainJoinUserPrincipalName string
 param domainName string
 param location string
 param networkInterfaceNamePrefix string
+param networkName string
 param organizationalUnitPath string
 param securityLogAnalyticsWorkspaceResourceId string
+param serviceName string
 param subnet string
 param tagsNetworkInterfaces object
 param tagsVirtualMachines object
@ -25,12 +27,12 @@ param virtualMachineNamePrefix string
 param virtualMachinePassword string
 param virtualMachineUsername string

-var networkInterfaceName = '${networkInterfaceNamePrefix}mgt'
+var networkInterfaceName = replace(networkInterfaceNamePrefix, serviceName, 'mgt-vm')
 var securitylogAnalyticsWorkspaceName = securityMonitoring ? split(securityLogAnalyticsWorkspaceResourceId, '/')[8] : ''
 var securityLogAnalyticsWorkspaceResourceGroupName = securityMonitoring ? split(securityLogAnalyticsWorkspaceResourceId, '/')[4] : resourceGroup().name
 var securityLogAnalyticsWorkspaceSubscriptionId = securityMonitoring ? split(securityLogAnalyticsWorkspaceResourceId, '/')[2] : subscription().subscriptionId
 var securityMonitoring = empty(securityLogAnalyticsWorkspaceResourceId) ? false : true
-var virtualMachineName = '${virtualMachineNamePrefix}mgt'
+var virtualMachineName = replace(replace(virtualMachineNamePrefix, serviceName, 'mgt'), networkName, '')

 resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' existing = if (securityMonitoring) {
  scope: resourceGroup(securityLogAnalyticsWorkspaceSubscriptionId, securityLogAnalyticsWorkspaceResourceGroupName)
@ -86,7 +88,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-11-01' = {
          }
          storageAccountType: diskSku
        }
-        name: '${diskNamePrefix}mgt'
+        name: replace(diskNamePrefix, serviceName, 'mgt-vm')
      }
      dataDisks: []
    }
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/resourceNames.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/resourceNames.bicep
@ -9,9 +9,13 @@ param stampIndex int
 // NAMING CONVENTIONS
 // All the resources are named using the following variables
 // Modify the components of the naming convention to suit your needs
-var namingConvention = '${identifier}-${stampIndex}-resourceType-${environmentShortName}-location'
-var namingConvention_Global = 'resourceType-${environmentShortName}-location'
-var namingConvention_Shared = '${identifier}-resourceType-${environmentShortName}-location'
+var resourceAbbreviation = 'resourceAbbreviation'
+var serviceName = 'serviceName'
+var networkName = 'avd'
+var locationAbbreviation = 'locationAbbreviation'
+var namingConvention = '${identifier}-${stampIndex}-${resourceAbbreviation}-${serviceName}-${networkName}-${environmentShortName}-${locationAbbreviation}'
+var namingConvention_Global = '${resourceAbbreviation}-${serviceName}-${networkName}-${environmentShortName}-${locationAbbreviation}'
+var namingConvention_Shared = '${identifier}-${resourceAbbreviation}-${serviceName}-${networkName}-${environmentShortName}-${locationAbbreviation}'

 // SUPPORTING DATA
 var cloudEndpointSuffix = replace(replace(environment().resourceManager, 'https://management.', ''), '/', '')
@ -31,25 +35,28 @@ var privateDnsZoneSuffixes_Monitor = {
  AzureCloud: 'azure.com'
  AzureUSGovernment: 'azure.us'
 }
-var locations = (loadJsonContent('../data/locations.json'))[environment().name]
-var resourceAbbreviations = loadJsonContent('../data/resourceAbbreviations.json')
+var locations = (loadJsonContent('../../../data/locations.json'))[environment().name]
+var resourceAbbreviations = loadJsonContent('../../../data/resourceAbbreviations.json')

 // RESOURCE NAMES AND PREFIXES

 var agentSvcPrivateDnsZoneName = 'privatelink.agentsvc.azure-automation.${privateDnsZoneSuffixes_AzureAutomation[environment().name] ?? cloudEndpointSuffix}'
-var automationAccountName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.automationAccounts), 'location', locations[locationVirtualMachines].abbreviation)
-var availabilitySetNamePrefix = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.availabilitySets), 'location', locations[locationVirtualMachines].abbreviation)}-'
+var automationAccountDiagnosticSettingName = replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diagnosticSettings), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var automationAccountName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.automationAccounts), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var automationAccountNetworkInterfaceName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, 'DSCAndHybridWorker-${resourceAbbreviations.automationAccounts}' ), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var automationAccountPrivateEndpointName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, 'DSCAndHybridWorker-${resourceAbbreviations.automationAccounts}' ), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var availabilitySetNamePrefix = '${replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.availabilitySets), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)}-'
 var avdGlobalPrivateDnsZoneName = 'privatelink-global.wvd.${privateDnsZoneSuffixes_AzureVirtualDesktop[environment().name] ?? cloudEndpointSuffix}'
 var avdPrivateDnsZoneName = 'privatelink.wvd.${privateDnsZoneSuffixes_AzureVirtualDesktop[environment().name] ?? cloudEndpointSuffix}'
 var azureAutomationPrivateDnsZoneName = 'privatelink.azure-automation.${privateDnsZoneSuffixes_AzureAutomation[environment().name] ?? cloudEndpointSuffix}'
 var backupPrivateDnsZoneName = 'privatelink.${locations[locationVirtualMachines].recoveryServicesGeo}.backup.${privateDnsZoneSuffixes_Backup[environment().name] ?? cloudEndpointSuffix}'
 var blobPrivateDnsZoneName = 'privatelink.blob.${environment().suffixes.storage}'
-var dataCollectionRuleAssociationName = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.dataCollectionRuleAssociations), 'location', locations[locationVirtualMachines].abbreviation)}-avdi'
+var dataCollectionRuleAssociationName = '${replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.dataCollectionRuleAssociations), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)}-avdi'
 var dataCollectionRuleName = 'microsoft-avdi-${locations[locationVirtualMachines].abbreviation}'
-var desktopApplicationGroupName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.desktopApplicationGroups), 'location', locations[locationControlPlane].abbreviation)
-var diskAccessName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.diskAccesses), 'location', locations[locationVirtualMachines].abbreviation)
-var diskEncryptionSetName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.diskEncryptionSets), 'location', locations[locationVirtualMachines].abbreviation)
-var diskNamePrefix = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.disks), 'location', locations[locationVirtualMachines].abbreviation)}-'
+var desktopApplicationGroupName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.desktopApplicationGroups), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var diskAccessName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diskAccesses), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var diskEncryptionSetName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diskEncryptionSets), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var diskNamePrefix = replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.disks), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 var filePrivateDnsZoneName = 'privatelink.file.${environment().suffixes.storage}'
 var fileShareNames = {
  CloudCacheProfileContainer: [
@ -67,48 +74,65 @@ var fileShareNames = {
    'profile-containers'
  ]
 }
-var hostPoolName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.hostPools), 'location', locations[locationControlPlane].abbreviation)
-var keyVaultName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.keyVaults), 'location', locations[locationVirtualMachines].abbreviation)
+var hostPoolDiagnosticSettingName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diagnosticSettings), serviceName, resourceAbbreviations.hostPools), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var hostPoolName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.hostPools), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var hostPoolNetworkInterfaceName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.hostPools), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var hostPoolPrivateEndpointName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.hostPools), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var keyVaultName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.keyVaults), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var keyVaultNetworkInterfaceName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.keyVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 var keyVaultPrivateDnsZoneName = replace('privatelink${environment().suffixes.keyvaultDns}', 'vault', 'vaultcore')
-var logAnalyticsWorkspaceName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.logAnalyticsWorkspaces), 'location', locations[locationVirtualMachines].abbreviation)
-var netAppAccountName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.netAppAccounts), 'location', locations[locationVirtualMachines].abbreviation)
-var netAppCapacityPoolName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.netAppCapacityPools), 'location', locations[locationVirtualMachines].abbreviation)
-var networkInterfaceNamePrefix = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.networkInterfaces), 'location', locations[locationVirtualMachines].abbreviation)}-'
+var keyVaultPrivateEndpointName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.keyVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var logAnalyticsWorkspaceName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.logAnalyticsWorkspaces), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var netAppAccountName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.netAppAccounts), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var netAppCapacityPoolName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.netAppCapacityPools), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var networkInterfaceNamePrefix = replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 var networkSecurityGroupNames = [
-  replace(replace(namingConvention, 'resourceType', resourceAbbreviations.networkSecurityGroups), 'location', locations[locationControlPlane].abbreviation)
-  replace(replace(namingConvention, 'resourceType', resourceAbbreviations.networkSecurityGroups), 'location', locations[locationVirtualMachines].abbreviation)
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkSecurityGroups), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkSecurityGroups), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 ]
 var monitorPrivateDnsZoneName = 'privatelink.monitor.${privateDnsZoneSuffixes_Monitor[environment().name] ?? cloudEndpointSuffix}'
 var odsOpinsightsPrivateDnsZoneName = 'privatelink.ods.opinsights.${privateDnsZoneSuffixes_Monitor[environment().name] ?? cloudEndpointSuffix}'
 var omsOpinsightsPrivateDnsZoneName = 'privatelink.oms.opinsights.${privateDnsZoneSuffixes_Monitor[environment().name] ?? cloudEndpointSuffix}'
 var queuePrivateDnsZoneName = 'privatelink.queue.${environment().suffixes.storage}'
-var recoveryServicesVaultName = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.recoveryServicesVaults), 'location', locations[locationVirtualMachines].abbreviation)
-var resourceGroupControlPlane = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationControlPlane].abbreviation)}-avd-controlPlane'
-var resourceGroupFeedWorkspace = '${replace(replace(namingConvention_Shared, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationControlPlane].abbreviation)}-avd-feedWorkspace'
-var resourceGroupGlobalWorkspace = '${replace(replace(namingConvention_Global, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationControlPlane].abbreviation)}-avd-globalWorkspace'
-var resourceGroupHosts = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationVirtualMachines].abbreviation)}-avd-sessionHosts'
-var resourceGroupManagement = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationVirtualMachines].abbreviation)}-avd-management'
+var recoveryServicesVaultName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.recoveryServicesVaults), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var recoveryServicesVaultNetworkInterfaceName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.recoveryServicesVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var recoveryServicesVaultPrivateEndpointName = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.recoveryServicesVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var resourceGroupControlPlane = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'controlPlane'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var resourceGroupFeedWorkspace = replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'feedWorkspace'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var resourceGroupGlobalWorkspace = replace(replace(replace(namingConvention_Global, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'globalWorkspace'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var resourceGroupHosts = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'sessionHosts'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var resourceGroupManagement = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'management'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 var resourceGroupsNetwork = [
-  '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationControlPlane].abbreviation)}-avd-network'
-  '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationVirtualMachines].abbreviation)}-avd-network'
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'network'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'network'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 ]
-var resourceGroupStorage = '${replace(replace(namingConvention, 'resourceType', resourceAbbreviations.resourceGroups), 'location', locations[locationVirtualMachines].abbreviation)}-avd-profileStorage'
+var resourceGroupStorage = replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'profileStorage'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 var routeTables = [
-  replace(replace(namingConvention, 'resourceType', resourceAbbreviations.routeTables), 'location', locations[locationControlPlane].abbreviation)
-  replace(replace(namingConvention, 'resourceType', resourceAbbreviations.routeTables), 'location', locations[locationVirtualMachines].abbreviation)
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.routeTables), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.routeTables), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 ]
-var storageAccountNamePrefix = replace(replace(replace(replace(namingConvention, 'resourceType', resourceAbbreviations.storageAccounts), 'location', locations[locationVirtualMachines].abbreviation), environmentShortName, first(environmentShortName)), '-', '')
-var userAssignedIdentityNamePrefix = replace(replace(namingConvention, 'resourceType', resourceAbbreviations.userAssignedIdentities), 'location', locations[locationVirtualMachines].abbreviation)
-var virtualMachineNamePrefix = replace(replace(replace(replace(namingConvention, 'resourceType', resourceAbbreviations.virtualMachines), 'location', locations[locationVirtualMachines].abbreviation), environmentShortName, first(environmentShortName)), '-', '')
+var storageAccountNamePrefix = replace(replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.storageAccounts), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentShortName, first(environmentShortName)), '-', '')
+var storageAccountNetworkInterfaceNamePrefix = replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.storageAccounts), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentShortName, first(environmentShortName))
+var storageAccountPrivateEndpointNamePrefix = replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.storageAccounts), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentShortName, first(environmentShortName))
+var userAssignedIdentityNamePrefix = replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.userAssignedIdentities), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
+var virtualMachineNamePrefix = replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.virtualMachines), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentShortName, first(environmentShortName)), '-', '')
 var virtualNetworkNames = [
-  replace(replace(namingConvention, 'resourceType', resourceAbbreviations.virtualNetworks), 'location', locations[locationControlPlane].abbreviation)
-  replace(replace(namingConvention, 'resourceType', resourceAbbreviations.virtualNetworks), 'location', locations[locationVirtualMachines].abbreviation)
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.virtualNetworks), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
+  replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.virtualNetworks), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
 ]
-var workspaceFeedNamePrefix = replace(replace(namingConvention_Shared, 'resourceType', resourceAbbreviations.workspaces), 'location', locations[locationControlPlane].abbreviation)
-var workspaceGlobalNamePrefix = replace(replace(namingConvention_Global, 'resourceType', resourceAbbreviations.workspaces), 'location', locations[locationControlPlane].abbreviation)
+var workspaceFeedDiagnosticSettingName = replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.diagnosticSettings), serviceName, 'feed-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var workspaceFeedName = replace(replace(replace(namingConvention_Shared, resourceAbbreviation, 'feed-${resourceAbbreviations.workspaces}'), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var workspaceFeedNetworkInterfaceName = replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, 'feed-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var workspaceFeedPrivateEndpointName = replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, 'feed-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var workspaceGlobalName = replace(replace(replace(namingConvention_Global, resourceAbbreviation, 'global-${resourceAbbreviations.workspaces}'), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var workspaceGlobalNetworkInterfaceName = replace(replace(replace(namingConvention_Global, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, 'global-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
+var workspaceGlobalPrivateEndpointName = replace(replace(replace(namingConvention_Global, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, 'global-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)

 output agentSvcPrivateDnsZoneName string = agentSvcPrivateDnsZoneName
+output automationAccountDiagnosticSettingName string = automationAccountDiagnosticSettingName
 output automationAccountName string = automationAccountName
+output automationAccountNetworkInterfaceName string = automationAccountNetworkInterfaceName
+output automationAccountPrivateEndpointName string = automationAccountPrivateEndpointName
 output availabilitySetNamePrefix string = availabilitySetNamePrefix
 output avdGlobalPrivateDnsZoneName string = avdGlobalPrivateDnsZoneName
 output avdPrivateDnsZoneName string = avdPrivateDnsZoneName
@ -123,9 +147,14 @@ output diskEncryptionSetName string = diskEncryptionSetName
 output diskNamePrefix string = diskNamePrefix
 output filePrivateDnsZoneName string = filePrivateDnsZoneName
 output fileShareNames object = fileShareNames
+output hostPoolDiagnosticSettingName string = hostPoolDiagnosticSettingName
 output hostPoolName string = hostPoolName
+output hostPoolNetworkInterfaceName string = hostPoolNetworkInterfaceName
+output hostPoolPrivateEndpointName string = hostPoolPrivateEndpointName
 output keyVaultName string = keyVaultName
+output keyVaultNetworkInterfaceName string = keyVaultNetworkInterfaceName
 output keyVaultPrivateDnsZoneName string = keyVaultPrivateDnsZoneName
+output keyVaultPrivateEndpointName string = keyVaultPrivateEndpointName
 output locations object = locations
 output logAnalyticsWorkspaceName string = logAnalyticsWorkspaceName
 output monitorPrivateDnsZoneName string = monitorPrivateDnsZoneName
@ -134,9 +163,12 @@ output omsOpinsightsPrivateDnsZoneName string = omsOpinsightsPrivateDnsZoneName
 output netAppAccountName string = netAppAccountName
 output netAppCapacityPoolName string = netAppCapacityPoolName
 output networkInterfaceNamePrefix string = networkInterfaceNamePrefix
+output networkName string = networkName
 output networkSecurityGroupNames array = networkSecurityGroupNames
 output queuePrivateDnsZoneName string = queuePrivateDnsZoneName
 output recoveryServicesVaultName string = recoveryServicesVaultName
+output recoveryServicesVaultNetworkInterfaceName string = recoveryServicesVaultNetworkInterfaceName
+output recoveryServicesVaultPrivateEndpointName string = recoveryServicesVaultPrivateEndpointName
 output resourceAbbreviations object = resourceAbbreviations
 output resourceGroupControlPlane string = resourceGroupControlPlane
 output resourceGroupFeedWorkspace string = resourceGroupFeedWorkspace
@ -146,9 +178,17 @@ output resourceGroupManagement string = resourceGroupManagement
 output resourceGroupsNetwork array = resourceGroupsNetwork
 output resourceGroupStorage string = resourceGroupStorage
 output routeTables array = routeTables
+output serviceName string = serviceName
 output storageAccountNamePrefix string = storageAccountNamePrefix
+output storageAccountNetworkInterfaceNamePrefix string = storageAccountNetworkInterfaceNamePrefix
+output storageAccountPrivateEndpointNamePrefix string = storageAccountPrivateEndpointNamePrefix
 output userAssignedIdentityNamePrefix string = userAssignedIdentityNamePrefix
 output virtualMachineNamePrefix string = virtualMachineNamePrefix
 output virtulNetworkNames array = virtualNetworkNames
-output workspaceFeedNamePrefix string = workspaceFeedNamePrefix
-output workspaceGlobalNamePrefix string = workspaceGlobalNamePrefix
+output workspaceFeedDiagnosticSettingName string = workspaceFeedDiagnosticSettingName
+output workspaceFeedName string = workspaceFeedName
+output workspaceFeedNetworkInterfaceName string = workspaceFeedNetworkInterfaceName
+output workspaceFeedPrivateEndpointName string = workspaceFeedPrivateEndpointName
+output workspaceGlobalName string = workspaceGlobalName
+output workspaceGlobalNetworkInterfaceName string = workspaceGlobalNetworkInterfaceName
+output workspaceGlobalPrivateEndpointName string = workspaceGlobalPrivateEndpointName
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/sessionHosts/sessionHosts.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/sessionHosts/sessionHosts.bicep
@ -41,6 +41,7 @@ param maxResourcesPerTemplateDeployment int
 param monitoring bool
 param netAppFileShares array
 param networkInterfaceNamePrefix string
+param networkName string
 param organizationalUnitPath string
 param pooledHostPool bool
 param enableRecoveryServices bool
@ -57,6 +58,7 @@ param scalingMinimumNumberOfRdsh string
 param scalingSessionThresholdPerCPU string
 param securityPrincipalObjectIds array
 param securityLogAnalyticsWorkspaceResourceId string
+param serviceName string
 param sessionHostBatchCount int
 param sessionHostIndex int
 param storageAccountPrefix string
@ -148,10 +150,12 @@ module virtualMachines 'virtualMachines.bicep' = [for i in range(1, sessionHostB
    monitoring: monitoring
    netAppFileShares: netAppFileShares
    networkInterfaceNamePrefix: networkInterfaceNamePrefix
+    networkName: networkName
    organizationalUnitPath: organizationalUnitPath
    resourceGroupControlPlane: resourceGroupControlPlane
    resourceGroupManagement: resourceGroupManagement
    securityLogAnalyticsWorkspaceResourceId: securityLogAnalyticsWorkspaceResourceId
+    serviceName: serviceName
    sessionHostCount: i == sessionHostBatchCount && divisionRemainderValue > 0 ? divisionRemainderValue : maxResourcesPerTemplateDeployment
    sessionHostIndex: i == 1 ? sessionHostIndex : ((i - 1) * maxResourcesPerTemplateDeployment) + sessionHostIndex
    storageAccountPrefix: storageAccountPrefix
--- a/src/bicep/add-ons/azureVirtualDesktop/modules/sessionHosts/virtualMachines.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/modules/sessionHosts/virtualMachines.bicep
@ -34,10 +34,12 @@ param managementVirtualMachineName string
 param monitoring bool
 param netAppFileShares array
 param networkInterfaceNamePrefix string
+param networkName string
 param organizationalUnitPath string
 param resourceGroupControlPlane string
 param resourceGroupManagement string
 param securityLogAnalyticsWorkspaceResourceId string
+param serviceName string
 param sessionHostCount int
 param sessionHostIndex int
 param storageAccountPrefix string
@ -105,6 +107,7 @@ var securityLogAnalyticsWorkspaceResourceGroupName = securityMonitoring ? split(
 var securityLogAnalyticsWorkspaceSubscriptionId = securityMonitoring ? split(securityLogAnalyticsWorkspaceResourceId, '/')[2] : subscription().subscriptionId
 var securityMonitoring = empty(securityLogAnalyticsWorkspaceResourceId) ? false : true
 var securityWorkspaceKey = securityMonitoring ? listKeys(securityLogAnalyticsWorkspaceResourceId, '2021-06-01').primarySharedKey : 'NotApplicable'
+var sessionHostNamePrefix = replace(virtualMachineNamePrefix, '${serviceName}${networkName}', '')

 resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2021-06-01' existing = if (securityMonitoring) {
  name: securitylogAnalyticsWorkspaceName
@ -112,7 +115,7 @@ resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2021-06
 }

 resource networkInterface 'Microsoft.Network/networkInterfaces@2020-05-01' = [for i in range(0, sessionHostCount): {
-  name: '${networkInterfaceNamePrefix}${padLeft((i + sessionHostIndex), 4, '0')}'
+  name: '${replace(networkInterfaceNamePrefix, '-${serviceName}', '')}-${padLeft((i + sessionHostIndex), 4, '0')}'
  location: location
  tags: tagsNetworkInterfaces
  properties: {
@ -135,7 +138,7 @@ resource networkInterface 'Microsoft.Network/networkInterfaces@2020-05-01' = [fo
 }]

 resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-03-01' = [for i in range(0, sessionHostCount): {
-  name: '${virtualMachineNamePrefix}${padLeft((i + sessionHostIndex), 4, '0')}'
+  name: '${sessionHostNamePrefix}${padLeft((i + sessionHostIndex), 4, '0')}'
  location: location
  tags: tagsVirtualMachines
  zones: availability == 'AvailabilityZones' ? [
@ -157,7 +160,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-03-01' = [for i
    storageProfile: {
      imageReference: imageReference
      osDisk: {
-        name: '${diskNamePrefix}${padLeft((i + sessionHostIndex), 4, '0')}'
+        name: '${replace(diskNamePrefix, '-${serviceName}', '')}-${padLeft((i + sessionHostIndex), 4, '0')}'
        osType: 'Windows'
        createOption: 'FromImage'
        caching: 'ReadWrite'
@ -172,7 +175,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-03-01' = [for i
      dataDisks: []
    }
    osProfile: {
-      computerName: '${virtualMachineNamePrefix}${padLeft((i + sessionHostIndex), 4, '0')}'
+      computerName: '${sessionHostNamePrefix}${padLeft((i + sessionHostIndex), 4, '0')}'
      adminUsername: virtualMachineUsername
      adminPassword: virtualMachinePassword
      windowsConfiguration: {
@ -185,7 +188,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-03-01' = [for i
    networkProfile: {
      networkInterfaces: [
        {
-          id: resourceId('Microsoft.Network/networkInterfaces', '${networkInterfaceNamePrefix}${padLeft((i + sessionHostIndex), 4, '0')}')
+          id: networkInterface[i].id
          properties: {
            deleteOption: 'Delete'
          }
@ -353,7 +356,7 @@ module drainMode '../common/customScriptExtensions.bicep' = if (enableDrainMode)
      '${artifactsUri}Set-AvdDrainMode.ps1'
    ]
    location: location
-    parameters: '-Environment ${environment().name} -hostPoolName ${hostPoolName} -HostPoolResourceGroupName ${resourceGroupControlPlane} -sessionHostCount ${sessionHostCount} -sessionHostIndex ${sessionHostIndex} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -userAssignedidentityClientId ${deploymentUserAssignedidentityClientId} -virtualMachineNamePrefix ${virtualMachineNamePrefix}'
+    parameters: '-Environment ${environment().name} -hostPoolName ${hostPoolName} -HostPoolResourceGroupName ${resourceGroupControlPlane} -sessionHostCount ${sessionHostCount} -sessionHostIndex ${sessionHostIndex} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -userAssignedidentityClientId ${deploymentUserAssignedidentityClientId} -virtualMachineNamePrefix ${sessionHostNamePrefix}'
    scriptFileName: 'Set-AvdDrainMode.ps1'
    tags: tagsVirtualMachines
    userAssignedIdentityClientId: deploymentUserAssignedidentityClientId
--- a/src/bicep/add-ons/azureVirtualDesktop/solution.bicep
+++ b/src/bicep/add-ons/azureVirtualDesktop/solution.bicep
@ -378,18 +378,21 @@ module network_hosts 'modules/network/networking.bicep' = if (length(deploymentL
 module management 'modules/management/management.bicep' = {
  name: 'Management_${timestamp}'
  params: {
+    //diskAccessName: resourceNames.outputs.diskAccessName
    activeDirectorySolution: activeDirectorySolution
    artifactsStorageAccountResourceId: artifactsStorageAccountResourceId
    artifactsUri: artifactsUri
+    automationAccountDiagnosticSettingName: resourceNames.outputs.automationAccountDiagnosticSettingName
    automationAccountName: resourceNames.outputs.automationAccountName
+    automationAccountNetworkInterfaceName: resourceNames.outputs.automationAccountNetworkInterfaceName
    automationAccountPrivateDnsZoneResourceId: '${privateDnsZoneResourceIdPrefix}${resourceNames.outputs.azureAutomationPrivateDnsZoneName}'
+    automationAccountPrivateEndpointName: resourceNames.outputs.automationAccountPrivateEndpointName
    availability: availability
    avdObjectId: avdObjectId
    azureBlobsPrivateDnsZoneResourceId: '${privateDnsZoneResourceIdPrefix}${resourceNames.outputs.blobPrivateDnsZoneName}'
    azurePowerShellModuleMsiName: azurePowerShellModuleMsiName 
    azureQueueStoragePrivateDnsZoneResourceId: '${privateDnsZoneResourceIdPrefix}${resourceNames.outputs.queuePrivateDnsZoneName}'
    dataCollectionRuleName: resourceNames.outputs.dataCollectionRuleName
-    //diskAccessName: resourceNames.outputs.diskAccessName
    diskEncryptionSetName: resourceNames.outputs.diskEncryptionSetName
    diskNamePrefix: resourceNames.outputs.diskNamePrefix
    diskSku: diskSku
@ -403,18 +406,22 @@ module management 'modules/management/management.bicep' = {
    hostPoolName: resourceNames.outputs.hostPoolName
    hostPoolType: hostPoolType
    imageDefinitionResourceId: imageDefinitionResourceId
-    keyVaultAbbreviation: resourceNames.outputs.resourceAbbreviations.keyVaults
    keyVaultName: resourceNames.outputs.keyVaultName
+    keyVaultNetworkInterfaceName: resourceNames.outputs.keyVaultNetworkInterfaceName
    keyVaultPrivateDnsZoneResourceId: '${privateDnsZoneResourceIdPrefix}${resourceNames.outputs.keyVaultPrivateDnsZoneName}'
+    keyVaultPrivateEndpointName: resourceNames.outputs.keyVaultPrivateEndpointName
    locationVirtualMachines: locationVirtualMachines
    logAnalyticsWorkspaceName: resourceNames.outputs.logAnalyticsWorkspaceName
    logAnalyticsWorkspaceRetention: logAnalyticsWorkspaceRetention
    logAnalyticsWorkspaceSku: logAnalyticsWorkspaceSku
    networkInterfaceNamePrefix: resourceNames.outputs.networkInterfaceNamePrefix
+    networkName: resourceNames.outputs.networkName
    organizationalUnitPath: organizationalUnitPath
    recoveryServices: recoveryServices
    recoveryServicesPrivateDnsZoneResourceId: '${privateDnsZoneResourceIdPrefix}${resourceNames.outputs.backupPrivateDnsZoneName}'
    recoveryServicesVaultName: resourceNames.outputs.recoveryServicesVaultName
+    recoveryServicesVaultNetworkInterfaceName: resourceNames.outputs.recoveryServicesVaultNetworkInterfaceName
+    recoveryServicesVaultPrivateEndpointName: resourceNames.outputs.recoveryServicesVaultPrivateEndpointName
    resourceGroupControlPlane: resourceNames.outputs.resourceGroupControlPlane
    resourceGroupFeedWorkspace: resourceNames.outputs.resourceGroupFeedWorkspace
    resourceGroupHosts: resourceNames.outputs.resourceGroupHosts
@ -423,6 +430,7 @@ module management 'modules/management/management.bicep' = {
    roleDefinitions: logic.outputs.roleDefinitions
    scalingTool: scalingTool
    securityLogAnalyticsWorkspaceResourceId: securityLogAnalyticsWorkspaceResourceId
+    serviceName: resourceNames.outputs.serviceName
    sessionHostCount: sessionHostCount
    storageService: logic.outputs.storageService
    subnetResourceId: length(deploymentLocations) == 1 ? network_controlPlane.outputs.subnetResourceId : network_hosts.outputs.subnetResourceId
@ -435,7 +443,7 @@ module management 'modules/management/management.bicep' = {
    virtualMachinePassword: virtualMachinePassword
    virtualMachineSize: virtualMachineSize
    virtualMachineUsername: virtualMachineUsername
-    workspaceNamePrefix: resourceNames.outputs.workspaceFeedNamePrefix
+    workspaceFeedName: resourceNames.outputs.workspaceFeedName
  }
  dependsOn: [
    rgs
@ -453,7 +461,9 @@ module hub 'modules/hub/hub.bicep' = {
    hubSubnetResourceId: hubSubnetResourceId
    resourceGroupName: resourceNames.outputs.resourceGroupGlobalWorkspace
    timestamp: timestamp
-    workspaceNamePrefix: resourceNames.outputs.workspaceGlobalNamePrefix
+    workspaceGlobalName: resourceNames.outputs.workspaceGlobalName
+    workspaceGlobalNetworkInterfaceName: resourceNames.outputs.workspaceGlobalNetworkInterfaceName
+    workspaceGlobalPrivateEndpointName: resourceNames.outputs.workspaceGlobalPrivateEndpointName
  }
 }

@ -470,7 +480,10 @@ module controlPlane 'modules/controlPlane/controlPlane.bicep' = {
    desktopApplicationGroupName: resourceNames.outputs.desktopApplicationGroupName
    desktopFriendlyName: desktopFriendlyName
    existingFeedWorkspace: management.outputs.existingFeedWorkspace
+    hostPoolDiagnosticSettingName: resourceNames.outputs.hostPoolDiagnosticSettingName
    hostPoolName: resourceNames.outputs.hostPoolName
+    hostPoolNetworkInterfaceName: resourceNames.outputs.hostPoolNetworkInterfaceName
+    hostPoolPrivateEndpointName: resourceNames.outputs.hostPoolPrivateEndpointName
    hostPoolPublicNetworkAccess: hostPoolPublicNetworkAccess
    hostPoolType: hostPoolType
    locationControlPlane: locationControlPlane
@ -489,8 +502,11 @@ module controlPlane 'modules/controlPlane/controlPlane.bicep' = {
    timestamp: timestamp
    validationEnvironment: validationEnvironment
    vmTemplate: logic.outputs.vmTemplate
+    workspaceFeedDiagnoticSettingName: resourceNames.outputs.workspaceFeedDiagnosticSettingName
+    workspaceFeedName: resourceNames.outputs.workspaceFeedName
+    workspaceFeedNetworkInterfaceName: resourceNames.outputs.workspaceFeedNetworkInterfaceName
+    workspaceFeedPrivateEndpointName: resourceNames.outputs.workspaceFeedPrivateEndpointName
    workspaceFriendlyName: workspaceFriendlyName
-    workspaceNamePrefix: resourceNames.outputs.workspaceFeedNamePrefix
    workspacePublicNetworkAccess: workspacePublicNetworkAccess
  }
  dependsOn: [
@ -534,8 +550,11 @@ module fslogix 'modules/fslogix/fslogix.bicep' = {
    resourceGroupStorage: resourceNames.outputs.resourceGroupStorage
    securityPrincipalNames: map(securityPrincipals, item => item.name)
    securityPrincipalObjectIds: map(securityPrincipals, item => item.objectId)
+    serviceName: resourceNames.outputs.serviceName
    smbServerLocation: logic.outputs.smbServerLocation
    storageAccountNamePrefix: resourceNames.outputs.storageAccountNamePrefix
+    storageAccountNetworkInterfaceNamePrefix: resourceNames.outputs.storageAccountNetworkInterfaceNamePrefix
+    storageAccountPrivateEndpointNamePrefix: resourceNames.outputs.storageAccountPrivateEndpointNamePrefix
    storageCount: storageCount
    storageEncryptionKeyName: management.outputs.storageEncryptionKeyName
    storageIndex: storageIndex
@ -601,6 +620,7 @@ module sessionHosts 'modules/sessionHosts/sessionHosts.bicep' = {
      'None'
    ]
    networkInterfaceNamePrefix: resourceNames.outputs.networkInterfaceNamePrefix
+    networkName: resourceNames.outputs.networkName
    organizationalUnitPath: organizationalUnitPath
    pooledHostPool: logic.outputs.pooledHostPool
    recoveryServicesVaultName: resourceNames.outputs.recoveryServicesVaultName
@ -615,6 +635,7 @@ module sessionHosts 'modules/sessionHosts/sessionHosts.bicep' = {
    scalingSessionThresholdPerCPU: scalingSessionThresholdPerCPU
    securityPrincipalObjectIds: map(securityPrincipals, item => item.objectId)
    securityLogAnalyticsWorkspaceResourceId: securityLogAnalyticsWorkspaceResourceId
+    serviceName: resourceNames.outputs.serviceName
    sessionHostBatchCount: logic.outputs.sessionHostBatchCount
    sessionHostIndex: sessionHostIndex
    storageAccountPrefix: resourceNames.outputs.storageAccountNamePrefix
--- a/src/bicep/add-ons/azureVirtualDesktop/solution.json
+++ b/src/bicep/add-ons/azureVirtualDesktop/solution.json
--- a/src/bicep/core/hub-customer-managed-keys.bicep
+++ b/src/bicep/core/hub-customer-managed-keys.bicep
@ -6,9 +6,10 @@ Licensed under the MIT License.
 param diskEncryptionSetName string
 param deploymentNameSuffix string
 param keyVaultName string
+param keyVaultNetworkInterfaceName string
 param keyVaultPrivateDnsZoneResourceId string
+param keyVaultPrivateEndpointName string
 param location string
-param resourcePrefix string
 param subnetResourceId string
 param tags object
 param userAssignedIdentityName string
@ -17,9 +18,10 @@ module keyVault '../modules/key-vault.bicep' = {
  name: 'deploy-key-vault-${deploymentNameSuffix}'
  params: {
    keyVaultName: keyVaultName
+    keyVaultNetworkInterfaceName: keyVaultNetworkInterfaceName
    keyVaultPrivateDnsZoneResourceId: keyVaultPrivateDnsZoneResourceId
+    keyVaultPrivateEndpointName: keyVaultPrivateEndpointName
    location: location
-    resourcePrefix: resourcePrefix
    subnetResourceId: subnetResourceId
    tags: tags
  }
--- a/src/bicep/core/hub-storage.bicep
+++ b/src/bicep/core/hub-storage.bicep
@ -7,8 +7,10 @@ param blobsPrivateDnsZoneResourceId string
 param keyVaultUri string
 param logStorageAccountName string
 param logStorageSkuName string
+param logStorageAccountNetworkInterfaceNamePrefix string
+param logStorageAccountPrivateEndpointNamePrefix string
 param location string
-param resourcePrefix string
+param serviceToken string
 param storageEncryptionKeyName string
 param subnetResourceId string
 param tablesPrivateDnsZoneResourceId string
@ -19,16 +21,18 @@ module storageAccount '../modules/storage-account.bicep' = {
  name: 'storage'
  params: {
    blobsPrivateDnsZoneResourceId: blobsPrivateDnsZoneResourceId
-    userAssignedIdentityResourceId: userAssignedIdentityResourceId
    keyVaultUri: keyVaultUri
    location: location
-    resourcePrefix: resourcePrefix
+    serviceToken: serviceToken
    skuName: logStorageSkuName
    storageAccountName: logStorageAccountName
+    storageAccountNetworkInterfaceNamePrefix: logStorageAccountNetworkInterfaceNamePrefix
+    storageAccountPrivateEndpointNamePrefix: logStorageAccountPrivateEndpointNamePrefix
    storageEncryptionKeyName: storageEncryptionKeyName
    subnetResourceId: subnetResourceId
    tablesPrivateDnsZoneResourceId: tablesPrivateDnsZoneResourceId
    tags: tags
+    userAssignedIdentityResourceId: userAssignedIdentityResourceId
  }
 }

--- a/src/bicep/core/spoke-storage.bicep
+++ b/src/bicep/core/spoke-storage.bicep
@ -7,8 +7,10 @@ param blobsPrivateDnsZoneResourceId string
 param keyVaultUri string
 param location string
 param logStorageAccountName string
+param logStorageAccountNetworkInterfaceNamePrefix string
+param logStorageAccountPrivateEndpointNamePrefix string
 param logStorageSkuName string
-param resourcePrefix string
+param serviceToken string
 param storageEncryptionKeyName string
 param subnetResourceId string
 param tablesPrivateDnsZoneResourceId string
@ -21,9 +23,11 @@ module storageAccount '../modules/storage-account.bicep' = {
    blobsPrivateDnsZoneResourceId: blobsPrivateDnsZoneResourceId
    keyVaultUri: keyVaultUri
    location: location
-    resourcePrefix: resourcePrefix
+    serviceToken: serviceToken
    skuName: logStorageSkuName
    storageAccountName: logStorageAccountName
+    storageAccountNetworkInterfaceNamePrefix: logStorageAccountNetworkInterfaceNamePrefix
+    storageAccountPrivateEndpointNamePrefix: logStorageAccountPrivateEndpointNamePrefix
    storageEncryptionKeyName: storageEncryptionKeyName
    subnetResourceId: subnetResourceId
    tablesPrivateDnsZoneResourceId: tablesPrivateDnsZoneResourceId
--- a/src/bicep/data/locations.json
+++ b/src/bicep/data/locations.json
@ -23,6 +23,12 @@
            "recoveryServicesGeo": "bjb2",
            "timeDifference": "+8:00",
            "timeZone": "China Standard Time"
+        },
+        "chinanorth3": {
+            "abbreviation": "cnn3",
+            "recoveryServicesGeo": "",
+            "timeDifference": "+8:00",
+            "timeZone": "China Standard Time"
        }
    },
    "AzureCloud": {
@ -176,6 +182,12 @@
            "timeDifference": "+9:00",
            "timeZone": "Korea Standard Time"
        },
+        "newzealandnorth": {
+            "abbreviation": "nzn",
+            "recoveryServicesGeo": "",
+            "timeDifference": "+13:00",
+            "timeZone": "New Zealand Standard Time"
+        },
        "northcentralus": {
            "abbreviation": "usnc",
            "recoveryServicesGeo": "ncus",
--- a/src/bicep/add-ons/azureVirtualDesktop/data/resourceAbbreviations.json
+++ b/src/bicep/add-ons/azureVirtualDesktop/data/resourceAbbreviations.json
@ -1,26 +1,28 @@
 {
    "automationAccounts": "aa",
-    "availabilitySets": "as",
+    "availabilitySets": "avail",
    "dataCollectionRuleAssociations": "dcra",
    "dataCollectionRules": "dcr",
-    "desktopApplicationGroups": "dag",
+    "desktopApplicationGroups": "vdag",
+    "diagnosticSettings": "diag",
    "diskAccesses": "da",
-    "remoteApplicationGroups": "rag",
-    "disks": "disk",
    "diskEncryptionSets": "des",
-    "hostPools": "hp",
+    "disks": "disk",
+    "hostPools": "vdpool",
    "keyVaults": "kv",
-    "logAnalyticsWorkspaces": "law",
+    "logAnalyticsWorkspaces": "log",
    "netAppAccounts": "naa",
    "netAppCapacityPools": "nacp",
    "networkInterfaces": "nic",
    "networkSecurityGroups": "nsg",
+    "privateEndpoints": "pe",
    "recoveryServicesVaults": "rsv",
+    "remoteApplicationGroups": "vdag",
    "resourceGroups": "rg",
    "routeTables": "rt",
-    "storageAccounts": "sa",
-    "userAssignedIdentities": "uai",
+    "storageAccounts": "st",
+    "userAssignedIdentities": "id",
    "virtualMachines": "vm",
    "virtualNetworks": "vnet",
-    "workspaces": "ws"
+    "workspaces": "vdws"
 }
--- a/src/bicep/form/mlz.portal.json
+++ b/src/bicep/form/mlz.portal.json
@ -234,11 +234,11 @@
                  }
                },
                {
-                  "name": "resourceSuffix",
-                  "label": "Resource Naming Suffix",
+                  "name": "environmentAbbreviation",
+                  "label": "Environment Abbreviation",
                  "type": "Microsoft.Common.DropDown",
                  "defaultValue": "dev",
-                  "toolTip": "Select a resource naming suffix to append to all resources.",
+                  "toolTip": "Select an abbreviation for the target environment. This value will be used as a component in the naming convention.",
                  "multiselect": false,
                  "selectAll": false,
                  "filter": true,
@ -248,17 +248,17 @@
                    "allowedValues": [
                      {
                        "label": "dev",
-                        "description": "Select if you want to append 'dev' to your resources.",
+                        "description": "Development",
                        "value": "dev"
                      },
                      {
                        "label": "test",
-                        "description": "Select if you want to append 'test' to your resources.",
+                        "description": "Test",
                        "value": "test"
                      },
                      {
                        "label": "prod",
-                        "description": "Select if you want to append 'prod' to your resources.",
+                        "description": "Production",
                        "value": "prod"
                      }
                    ],
@ -1063,7 +1063,7 @@
        "operationsVirtualNetworkAddressPrefix": "[steps('networking').operationsVirtualNetwork.virtualNetworkAddressCidrRange]",
        "policy": "[steps('compliance').policySection.policy]",
        "resourcePrefix": "[steps('basics').namingSection.resourcePrefix]",
-        "resourceSuffix": "[steps('basics').namingSection.resourceSuffix]",
+        "environmentAbbreviation": "[steps('basics').namingSection.environmentAbbreviation]",
        "sharedServicesSubnetAddressPrefix": "[steps('networking').sharedServicesVirtualNetwork.subnetAddressCidrRange]",
        "sharedServicesSubscriptionId": "[replace(steps('basics').sharedServicesSection.sharedServicesSubscriptionId, '/subscriptions/', '')]",
        "sharedServicesVirtualNetworkAddressPrefix": "[steps('networking').sharedServicesVirtualNetwork.virtualNetworkAddressCidrRange]",
--- a/src/bicep/mlz.bicep
+++ b/src/bicep/mlz.bicep
@ -22,10 +22,13 @@ targetScope = 'subscription'
@description('A prefix, 3-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces')
 param resourcePrefix string

-@minLength(3)
-@maxLength(6)
-@description('A suffix, 3 to 6 characters in length, to append to resource names (e.g. "dev", "test", "prod", "mlz"). It defaults to "mlz".')
-param resourceSuffix string = 'mlz'
+@allowed([
+  'dev'
+  'prod'
+  'test'
+])
+@description('The abbreviation for the environment.')
+param environmentAbbreviation string = 'dev'

@description('The subscription ID for the Hub Network and resources. It defaults to the deployment subscription.')
 param hubSubscriptionId string = subscription().subscriptionId
@ -513,7 +516,7 @@ param emailSecurityContact string = ''

  Here we define a naming conventions for resources.

-  First, we take `resourcePrefix` and `resourceSuffix` by params.
+  First, we take `resourcePrefix` and `environmentAbbreviation` by params.
  Then, using string interpolation "${}", we insert those values into a naming convention.

 */
@ -521,8 +524,9 @@ param emailSecurityContact string = ''
 var locations = (loadJsonContent('data/locations.json'))[environment().name]
 var locationAbbreviation = locations[location].abbreviation
 var resourceToken = 'resource_token'
-var nameToken = 'name_token'
-var namingConvention = '${toLower(resourcePrefix)}-${resourceToken}-${nameToken}-${toLower(resourceSuffix)}-${locationAbbreviation}'
+var serviceToken = 'service_token'
+var networkToken = 'network_token'
+var namingConvention = '${toLower(resourcePrefix)}-${resourceToken}-${serviceToken}-${networkToken}-${environmentAbbreviation}-${locationAbbreviation}'

 /*

@ -534,7 +538,7 @@ var namingConvention = '${toLower(resourcePrefix)}-${resourceToken}-${nameToken}
  `storageAccountNamingConvention` is a unique naming convention:
    
    In an effort to reduce the likelihood of naming collisions, 
-    we replace `unique_token` with a uniqueString() calculated by resourcePrefix, resourceSuffix, and the subscription ID
+    we replace `unique_token` with a uniqueString() calculated by resourcePrefix, environmentAbbreviation, and the subscription ID

 */

@ -545,18 +549,20 @@ var diskEncryptionSetNamingConvention = replace(namingConvention, resourceToken,
 var diskNamingConvention = replace(namingConvention, resourceToken, 'disk')
 var firewallNamingConvention = replace(namingConvention, resourceToken, 'afw')
 var firewallPolicyNamingConvention = replace(namingConvention, resourceToken, 'afwp')
-var keyVaultNamingConvention = '${replace(replace(namingConvention, resourceToken, 'kv'), '-', '')}unique_token'
 var ipConfigurationNamingConvention = replace(namingConvention, resourceToken, 'ipconf')
+var keyVaultNamingConvention = '${replace(replace(namingConvention, resourceToken, 'kv'), '-', '')}unique_token'
 var logAnalyticsWorkspaceNamingConvention = replace(namingConvention, resourceToken, 'log')
 var networkInterfaceNamingConvention = replace(namingConvention, resourceToken, 'nic')
 var networkSecurityGroupNamingConvention = replace(namingConvention, resourceToken, 'nsg')
 var networkWatcherNamingConvention = replace(namingConvention, resourceToken, 'nw')
+var privateEndpointNamingConvention = replace(namingConvention, resourceToken, 'pe')
+var privateLinkScopeName = replace(namingConvention, resourceToken, 'pls')
 var publicIpAddressNamingConvention = replace(namingConvention, resourceToken, 'pip')
 var resourceGroupNamingConvention = replace(namingConvention, resourceToken, 'rg')
 var routeTableNamingConvention = replace(namingConvention, resourceToken, 'rt')
 var storageAccountNamingConvention = toLower('${replace(replace(namingConvention, resourceToken, 'st'), '-', '')}unique_token')
 var subnetNamingConvention = replace(namingConvention, resourceToken, 'snet')
-var userAssignedIdentityNamingConvention = replace(namingConvention, resourceToken, 'uaid')
+var userAssignedIdentityNamingConvention = replace(namingConvention, resourceToken, 'id')
 var virtualMachineNamingConvention = replace(namingConvention, resourceToken, 'vm')
 var virtualNetworkNamingConvention = replace(namingConvention, resourceToken, 'vnet')

@ -564,73 +570,85 @@ var virtualNetworkNamingConvention = replace(namingConvention, resourceToken, 'v

 var hubName = 'hub'
 var hubShortName = 'hub'
-var hubDiskEncryptionSetName = replace(diskEncryptionSetNamingConvention, nameToken, hubName)
+var hubDiskEncryptionSetName = replace(replace(diskEncryptionSetNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
 var hubKeyVaultName = take(hubKeyVaultUniqueName, 24)
-var hubKeyVaultShortName = replace(keyVaultNamingConvention, nameToken, hubShortName)
-var hubKeyVaultUniqueName = replace(hubKeyVaultShortName, 'unique_token', uniqueString(resourcePrefix, resourceSuffix, hubSubscriptionId))
+var hubKeyVaultNetworkInterfaceName = replace(replace(networkInterfaceNamingConvention, serviceToken, 'kv'), networkToken, hubName)
+var hubKeyVaultPrivateEndpointName = replace(replace(privateEndpointNamingConvention, serviceToken, 'kv'), networkToken, hubName)
+var hubKeyVaultShortName = replace(replace(keyVaultNamingConvention, serviceToken, ''), networkToken, hubShortName)
+var hubKeyVaultUniqueName = replace(hubKeyVaultShortName, 'unique_token', uniqueString(resourcePrefix, environmentAbbreviation, hubSubscriptionId))
 var hubLogStorageAccountName = take(hubLogStorageAccountUniqueName, 24)
-var hubLogStorageAccountShortName = replace(storageAccountNamingConvention, nameToken, hubShortName)
-var hubLogStorageAccountUniqueName = replace(hubLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, resourceSuffix, hubSubscriptionId))
-var hubNetworkWatcherName = replace(networkWatcherNamingConvention, nameToken, hubName)
-var hubNetworkSecurityGroupName = replace(networkSecurityGroupNamingConvention, nameToken, hubName)
-var hubResourceGroupName = replace(resourceGroupNamingConvention, nameToken, hubName)
-var hubRouteTableName = replace(routeTableNamingConvention, nameToken, hubName)
-var hubSubnetName = replace(subnetNamingConvention, nameToken, hubName)
-var hubUserAssignedIdentityName = replace(userAssignedIdentityNamingConvention, nameToken, hubName)
-var hubVirtualNetworkName = replace(virtualNetworkNamingConvention, nameToken, hubName)
+var hubLogStorageAccountNetworkInterfaceNamePrefix = replace(replace(networkInterfaceNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, hubName)
+var hubLogStorageAccountPrivateEndpointNamePrefix = replace(replace(privateEndpointNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, hubName)
+var hubLogStorageAccountShortName = replace(replace(storageAccountNamingConvention, serviceToken, ''), networkToken, hubShortName)
+var hubLogStorageAccountUniqueName = replace(hubLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, environmentAbbreviation, hubSubscriptionId))
+var hubNetworkWatcherName = replace(replace(networkWatcherNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var hubNetworkSecurityGroupName = replace(replace(networkSecurityGroupNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var hubResourceGroupName = replace(replace(resourceGroupNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var hubRouteTableName = replace(replace(routeTableNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var hubSubnetName = replace(replace(subnetNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var hubUserAssignedIdentityName = replace(replace(userAssignedIdentityNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var hubVirtualNetworkName = replace(replace(virtualNetworkNamingConvention, '-${serviceToken}', ''), networkToken, hubName)

 // IDENTITY NAMES

 var identityName = 'identity'
 var identityShortName = 'id'
 var identityLogStorageAccountName = take(identityLogStorageAccountUniqueName, 24)
-var identityLogStorageAccountShortName = replace(storageAccountNamingConvention, nameToken, identityShortName)
-var identityLogStorageAccountUniqueName = replace(identityLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, resourceSuffix, identitySubscriptionId))
-var identityNetworkSecurityGroupName = replace(networkSecurityGroupNamingConvention, nameToken, identityName)
-var identityResourceGroupName = replace(resourceGroupNamingConvention, nameToken, identityName)
-var identityRouteTableName = replace(routeTableNamingConvention, nameToken, identityName)
-var identitySubnetName = replace(subnetNamingConvention, nameToken, identityName)
-var identityVirtualNetworkName = replace(virtualNetworkNamingConvention, nameToken, identityName)
+var identityLogStorageAccountNetworkInterfaceName = replace(replace(networkInterfaceNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, identityName)
+var identityLogStorageAccountPrivateEndpointName = replace(replace(privateEndpointNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, identityName)
+var identityLogStorageAccountShortName = replace(replace(storageAccountNamingConvention, serviceToken, ''), networkToken, identityShortName)
+var identityLogStorageAccountUniqueName = replace(identityLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, environmentAbbreviation, identitySubscriptionId))
+var identityNetworkSecurityGroupName = replace(replace(networkSecurityGroupNamingConvention, '-${serviceToken}', ''), networkToken, identityName)
+var identityResourceGroupName = replace(replace(resourceGroupNamingConvention, '-${serviceToken}', ''), networkToken, identityName)
+var identityRouteTableName = replace(replace(routeTableNamingConvention, '-${serviceToken}', ''), networkToken, identityName)
+var identitySubnetName = replace(replace(subnetNamingConvention, '-${serviceToken}', ''), networkToken, identityName)
+var identityVirtualNetworkName = replace(replace(virtualNetworkNamingConvention, '-${serviceToken}', ''), networkToken, identityName)

 // OPERATIONS NAMES

 var operationsName = 'operations'
 var operationsShortName = 'ops'
 var operationsLogStorageAccountName = take(operationsLogStorageAccountUniqueName, 24)
-var operationsLogStorageAccountShortName = replace(storageAccountNamingConvention, nameToken, operationsShortName)
-var operationsLogStorageAccountUniqueName = replace(operationsLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, resourceSuffix, operationsSubscriptionId))
-var operationsNetworkSecurityGroupName = replace(networkSecurityGroupNamingConvention, nameToken, operationsName)
-var operationsResourceGroupName = replace(resourceGroupNamingConvention, nameToken, operationsName)
-var operationsRouteTableName = replace(routeTableNamingConvention, nameToken, operationsName)
-var operationsSubnetName = replace(subnetNamingConvention, nameToken, operationsName)
-
-var operationsVirtualNetworkName = replace(virtualNetworkNamingConvention, nameToken, operationsName)
+var operationsLogStorageAccountNetworkInterfaceName = replace(replace(networkInterfaceNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, operationsName)
+var operationsLogStorageAccountPrivateEndpointName = replace(replace(privateEndpointNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, operationsName)
+var operationsLogStorageAccountShortName = replace(replace(storageAccountNamingConvention, serviceToken, ''), networkToken, operationsShortName)
+var operationsLogStorageAccountUniqueName = replace(operationsLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, environmentAbbreviation, operationsSubscriptionId))
+var operationsNetworkSecurityGroupName = replace(replace(networkSecurityGroupNamingConvention, '-${serviceToken}', ''), networkToken, operationsName)
+var operationsPrivateLinkScopeName = replace(replace(privateLinkScopeName, '-${serviceToken}', ''), networkToken, operationsName)
+var operationsPrivateLinkScopeNetworkInterfaceName = replace(replace(networkInterfaceNamingConvention, serviceToken, 'pls'), networkToken, operationsName)
+var operationsPrivateLinkScopePrivateEndpointName = replace(replace(privateEndpointNamingConvention, serviceToken, 'pls'), networkToken, operationsName)
+var operationsResourceGroupName = replace(replace(resourceGroupNamingConvention, '-${serviceToken}', ''), networkToken, operationsName)
+var operationsRouteTableName = replace(replace(routeTableNamingConvention, '-${serviceToken}', ''), networkToken, operationsName)
+var operationsSubnetName = replace(replace(subnetNamingConvention, '-${serviceToken}', ''), networkToken, operationsName)
+var operationsVirtualNetworkName = replace(replace(virtualNetworkNamingConvention, '-${serviceToken}', ''), networkToken, operationsName)

 // SHARED SERVICES NAMES

 var sharedServicesName = 'sharedServices'
 var sharedServicesShortName = 'svcs'
 var sharedServicesLogStorageAccountName = take(sharedServicesLogStorageAccountUniqueName, 24)
-var sharedServicesLogStorageAccountShortName = replace(storageAccountNamingConvention, nameToken, sharedServicesShortName)
-var sharedServicesLogStorageAccountUniqueName = replace(sharedServicesLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, resourceSuffix, sharedServicesSubscriptionId))
-var sharedServicesNetworkSecurityGroupName = replace(networkSecurityGroupNamingConvention, nameToken, sharedServicesName)
-var sharedServicesResourceGroupName = replace(resourceGroupNamingConvention, nameToken, sharedServicesName)
-var sharedServicesRouteTableName = replace(routeTableNamingConvention, nameToken, sharedServicesName)
-var sharedServicesSubnetName = replace(subnetNamingConvention, nameToken, sharedServicesName)
-var sharedServicesVirtualNetworkName = replace(virtualNetworkNamingConvention, nameToken, sharedServicesName)
+var sharedServicesLogStorageAccountPrivateEndpointName = replace(replace(privateEndpointNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, sharedServicesName)
+var sharedServicesLogStorageAccountNetworkInterfaceName = replace(replace(networkInterfaceNamingConvention, serviceToken, '${serviceToken}-st'), networkToken, sharedServicesName)
+var sharedServicesLogStorageAccountShortName = replace(replace(storageAccountNamingConvention, serviceToken, ''), networkToken, sharedServicesShortName)
+var sharedServicesLogStorageAccountUniqueName = replace(sharedServicesLogStorageAccountShortName, 'unique_token', uniqueString(resourcePrefix, environmentAbbreviation, sharedServicesSubscriptionId))
+var sharedServicesNetworkSecurityGroupName = replace(replace(networkSecurityGroupNamingConvention, '-${serviceToken}', ''), networkToken, sharedServicesName)
+var sharedServicesResourceGroupName = replace(replace(resourceGroupNamingConvention, '-${serviceToken}', ''), networkToken, sharedServicesName)
+var sharedServicesRouteTableName = replace(replace(routeTableNamingConvention, '-${serviceToken}', ''), networkToken, sharedServicesName)
+var sharedServicesSubnetName = replace(replace(subnetNamingConvention, '-${serviceToken}', ''), networkToken, sharedServicesName)
+var sharedServicesVirtualNetworkName = replace(replace(virtualNetworkNamingConvention, '-${serviceToken}', ''), networkToken, sharedServicesName)

 // LOG ANALYTICS NAMES

-var logAnalyticsWorkspaceName = replace(logAnalyticsWorkspaceNamingConvention, nameToken, operationsName)
+var logAnalyticsWorkspaceName = replace(replace(logAnalyticsWorkspaceNamingConvention, '-${serviceToken}', ''), networkToken, operationsName)

 // FIREWALL NAMES

-var firewallName = replace(firewallNamingConvention, nameToken, hubName)
-var firewallPolicyName = replace(firewallPolicyNamingConvention, nameToken, hubName)
-var firewallClientIpConfigurationName = replace(ipConfigurationNamingConvention, nameToken, 'afw-client')
-var firewallClientPublicIPAddressName = replace(publicIpAddressNamingConvention, nameToken, 'afw-client')
-var firewallManagementIpConfigurationName = replace(ipConfigurationNamingConvention, nameToken, 'afw-mgmt')
-var firewallManagementPublicIPAddressName = replace(publicIpAddressNamingConvention, nameToken, 'afw-mgmt')
+var firewallName = replace(replace(firewallNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var firewallPolicyName = replace(replace(firewallPolicyNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var firewallClientIpConfigurationName = replace(replace(ipConfigurationNamingConvention, serviceToken, 'client-afw'), networkToken, hubName)
+var firewallClientPublicIPAddressName = replace(replace(publicIpAddressNamingConvention, serviceToken, 'client-afw'), networkToken, hubName)
+var firewallManagementIpConfigurationName = replace(replace(ipConfigurationNamingConvention, serviceToken, 'mgmt-afw'), networkToken, hubName)
+var firewallManagementPublicIPAddressName = replace(replace(publicIpAddressNamingConvention, serviceToken, 'mgmt-afw'), networkToken, hubName)

 // FIREWALL VALUES

@ -641,17 +659,17 @@ var firewallPublicIpAddressAllocationMethod = 'Static'

 // REMOTE ACCESS NAMES

-var bastionHostName = replace(bastionHostNamingConvention, nameToken, hubName)
-var bastionHostPublicIPAddressName = replace(publicIpAddressNamingConvention, nameToken, 'bas')
-var bastionHostIPConfigurationName = replace(ipConfigurationNamingConvention, nameToken, 'bas')
-var linuxDiskName = replace(diskNamingConvention, nameToken, 'bas-linux')
-var linuxNetworkInterfaceName = replace(networkInterfaceNamingConvention, nameToken, 'bas-linux')
-var linuxNetworkInterfaceIpConfigurationName = replace(ipConfigurationNamingConvention, nameToken, 'bas-linux')
-var linuxVmName = replace(virtualMachineNamingConvention, nameToken, 'bas-linux')
-var windowsDiskName = replace(diskNamingConvention, nameToken, 'bas-windows')
-var windowsNetworkInterfaceName = replace(networkInterfaceNamingConvention, nameToken, 'bas-windows')
-var windowsNetworkInterfaceIpConfigurationName = replace(ipConfigurationNamingConvention, nameToken, 'bas-windows')
-var windowsVmName = replace(virtualMachineNamingConvention, nameToken, 'bas-windows')
+var bastionHostName = replace(replace(bastionHostNamingConvention, '-${serviceToken}', ''), networkToken, hubName)
+var bastionHostPublicIPAddressName = replace(replace(publicIpAddressNamingConvention, serviceToken, 'bas'), networkToken, hubName)
+var bastionHostIPConfigurationName = replace(replace(ipConfigurationNamingConvention, serviceToken, 'bas'), networkToken, hubName)
+var linuxDiskName = replace(replace(diskNamingConvention, serviceToken, 'linux'), networkToken, hubName)
+var linuxNetworkInterfaceName = replace(replace(networkInterfaceNamingConvention, serviceToken, 'linux'), networkToken, hubName)
+var linuxNetworkInterfaceIpConfigurationName = replace(replace(ipConfigurationNamingConvention, serviceToken, 'linux'), networkToken, hubName)
+var linuxVmName = replace(replace(virtualMachineNamingConvention, serviceToken, 'linux'), networkToken, hubName)
+var windowsDiskName = replace(replace(diskNamingConvention, serviceToken, 'windows'), networkToken, hubName)
+var windowsNetworkInterfaceName = replace(replace(networkInterfaceNamingConvention, serviceToken, 'windows'), networkToken, hubName)
+var windowsNetworkInterfaceIpConfigurationName = replace(replace(ipConfigurationNamingConvention, serviceToken, 'windows'), networkToken, hubName)
+var windowsVmName = replace(replace(virtualMachineNamingConvention, serviceToken, 'windows'), networkToken, hubName)

 // BASTION VALUES

@ -667,6 +685,8 @@ var spokesCommon = [
    subscriptionId: operationsSubscriptionId
    resourceGroupName: operationsResourceGroupName
    logStorageAccountName: operationsLogStorageAccountName
+    logStorageAccountNetworkInterfaceNamePrefix: operationsLogStorageAccountNetworkInterfaceName
+    logStorageAccountPrivateEndpointNamePrefix: operationsLogStorageAccountPrivateEndpointName
    virtualNetworkName: operationsVirtualNetworkName
    virtualNetworkAddressPrefix: operationsVirtualNetworkAddressPrefix
    virtualNetworkDiagnosticsLogs: operationsVirtualNetworkDiagnosticsLogs
@ -686,6 +706,8 @@ var spokesCommon = [
    subscriptionId: sharedServicesSubscriptionId
    resourceGroupName: sharedServicesResourceGroupName
    logStorageAccountName: sharedServicesLogStorageAccountName
+    logStorageAccountNetworkInterfaceNamePrefix: sharedServicesLogStorageAccountNetworkInterfaceName
+    logStorageAccountPrivateEndpointNamePrefix: sharedServicesLogStorageAccountPrivateEndpointName
    virtualNetworkName: sharedServicesVirtualNetworkName
    virtualNetworkAddressPrefix: sharedServicesVirtualNetworkAddressPrefix
    virtualNetworkDiagnosticsLogs: sharedServicesVirtualNetworkDiagnosticsLogs
@ -707,6 +729,8 @@ var spokesIdentity = deployIdentity ? [
    subscriptionId: identitySubscriptionId
    resourceGroupName: identityResourceGroupName
    logStorageAccountName: identityLogStorageAccountName
+    logStorageAccountNetworkInterfaceNamePrefix: identityLogStorageAccountNetworkInterfaceName
+    logStorageAccountPrivateEndpointNamePrefix: identityLogStorageAccountPrivateEndpointName
    virtualNetworkName: identityVirtualNetworkName
    virtualNetworkAddressPrefix: identityVirtualNetworkAddressPrefix
    virtualNetworkDiagnosticsLogs: identityVirtualNetworkDiagnosticsLogs
@ -727,7 +751,7 @@ var spokesIdentity = deployIdentity ? [

 var defaultTags = {
  resourcePrefix: resourcePrefix
-  resourceSuffix: resourceSuffix
+  environmentAbbreviation: environmentAbbreviation
  DeploymentType: 'MissionLandingZoneARM'
 }

@ -914,9 +938,10 @@ module customerManagedKeys './core/hub-customer-managed-keys.bicep' = {
    deploymentNameSuffix: deploymentNameSuffix
    diskEncryptionSetName: hubDiskEncryptionSetName
    keyVaultName: hubKeyVaultName
+    keyVaultNetworkInterfaceName: hubKeyVaultNetworkInterfaceName
    keyVaultPrivateDnsZoneResourceId: privateDnsZones.outputs.keyvaultDnsPrivateDnsZoneId
+    keyVaultPrivateEndpointName: hubKeyVaultPrivateEndpointName
    location: location
-    resourcePrefix: resourcePrefix
    subnetResourceId: hubNetwork.outputs.subnetResourceId
    tags: calculatedTags
    userAssignedIdentityName: hubUserAssignedIdentityName
@ -929,16 +954,18 @@ module azureMonitor './modules/azure-monitor.bicep' = if (contains(supportedClou
  name: 'deploy-azure-monitor-${deploymentNameSuffix}'
  scope: resourceGroup(operationsSubscriptionId, operationsResourceGroupName)
  params: {
+    agentsvcPrivateDnsZoneId: privateDnsZones.outputs.agentsvcPrivateDnsZoneId
+    location: location
    logAnalyticsWorkspaceName: logAnalyticsWorkspace.outputs.name
    logAnalyticsWorkspaceResourceId: logAnalyticsWorkspace.outputs.id
    monitorPrivateDnsZoneId: privateDnsZones.outputs.monitorPrivateDnsZoneId
-    omsPrivateDnsZoneId: privateDnsZones.outputs.omsPrivateDnsZoneId
    odsPrivateDnsZoneId: privateDnsZones.outputs.odsPrivateDnsZoneId
-    agentsvcPrivateDnsZoneId: privateDnsZones.outputs.agentsvcPrivateDnsZoneId
-    location: location
-    tags: tags
-    resourcePrefix: resourcePrefix
+    omsPrivateDnsZoneId: privateDnsZones.outputs.omsPrivateDnsZoneId
+    privateLinkScopeName : operationsPrivateLinkScopeName
+    privateLinkScopeNetworkInterfaceName: operationsPrivateLinkScopeNetworkInterfaceName
+    privateLinkScopePrivateEndpointName : operationsPrivateLinkScopePrivateEndpointName
    subnetResourceId: spokeNetworks[0].outputs.subnetResourceId
+    tags: tags
  }
  dependsOn: [
    logAnalyticsWorkspace
@ -1012,8 +1039,10 @@ module hubStorage './core/hub-storage.bicep' = {
    keyVaultUri: customerManagedKeys.outputs.keyVaultUri
    location: location
    logStorageAccountName: hubLogStorageAccountName
+    logStorageAccountNetworkInterfaceNamePrefix: hubLogStorageAccountNetworkInterfaceNamePrefix
+    logStorageAccountPrivateEndpointNamePrefix: hubLogStorageAccountPrivateEndpointNamePrefix
    logStorageSkuName: logStorageSkuName
-    resourcePrefix: resourcePrefix
+    serviceToken: serviceToken
    storageEncryptionKeyName: customerManagedKeys.outputs.storageKeyName
    subnetResourceId: hubNetwork.outputs.subnetResourceId
    tablesPrivateDnsZoneResourceId: privateDnsZones.outputs.tablePrivateDnsZoneId
@ -1035,8 +1064,10 @@ module spokeStorage './core/spoke-storage.bicep' = [for (spoke, i) in spokes: {
    keyVaultUri: customerManagedKeys.outputs.keyVaultUri
    location: location
    logStorageAccountName: spoke.logStorageAccountName
+    logStorageAccountNetworkInterfaceNamePrefix: spoke.logStorageAccountNetworkInterfaceNamePrefix
+    logStorageAccountPrivateEndpointNamePrefix: spoke.logStorageAccountPrivateEndpointNamePrefix
    logStorageSkuName: logStorageSkuName
-    resourcePrefix: resourcePrefix
+    serviceToken: serviceToken
    storageEncryptionKeyName: customerManagedKeys.outputs.storageKeyName
    subnetResourceId: spokeNetworks[i].outputs.subnetResourceId
    tablesPrivateDnsZoneResourceId: privateDnsZones.outputs.tablePrivateDnsZoneId
--- a/src/bicep/mlz.json
+++ b/src/bicep/mlz.json
--- a/src/bicep/modules/azure-monitor.bicep
+++ b/src/bicep/modules/azure-monitor.bicep
@ -10,14 +10,12 @@ param logAnalyticsWorkspaceResourceId string
 param monitorPrivateDnsZoneId string
 param odsPrivateDnsZoneId string
 param omsPrivateDnsZoneId string
-param resourcePrefix string
+param privateLinkScopeName string
+param privateLinkScopeNetworkInterfaceName string
+param privateLinkScopePrivateEndpointName string
 param subnetResourceId string
 param tags object

-var privateEndpointName = replace(logAnalyticsWorkspaceName, resourcePrefix, '${resourcePrefix}-pe')
-var privateEndpointNetworkInterfaceName = replace(logAnalyticsWorkspaceName, resourcePrefix, '${resourcePrefix}-nic')
-var privateLinkScopeName = replace(logAnalyticsWorkspaceName, resourcePrefix, '${resourcePrefix}-pls')
-
 resource privateLinkScope 'microsoft.insights/privateLinkScopes@2021-09-01' = {
  name: privateLinkScopeName
  location: 'global'
@ -38,14 +36,14 @@ resource scopedResource 'Microsoft.Insights/privateLinkScopes/scopedResources@20
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
-  name: privateEndpointName
+  name: privateLinkScopePrivateEndpointName
  location: location
  tags: tags
  properties: {
-    customNetworkInterfaceName: privateEndpointNetworkInterfaceName
+    customNetworkInterfaceName: privateLinkScopeNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: privateEndpointNetworkInterfaceName
+        name: privateLinkScopePrivateEndpointName
        properties: {
          privateLinkServiceId: privateLinkScope.id
          groupIds: [
@ -64,7 +62,7 @@ resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
 }

 resource privateDnsZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2023-04-01' = {
-  name: privateEndpointName
+  name: privateLinkScopePrivateEndpointName
  parent: privateEndpoint
  properties: {
    privateDnsZoneConfigs: [
--- a/src/bicep/modules/key-vault.bicep
+++ b/src/bicep/modules/key-vault.bicep
@ -1,8 +1,9 @@
 param diskEncryptionKeyExpirationInDays int = 30
 param keyVaultName string
+param keyVaultNetworkInterfaceName string
 param keyVaultPrivateDnsZoneResourceId string
+param keyVaultPrivateEndpointName string
 param location string
-param resourcePrefix string
 param subnetResourceId string
 param tags object

@ -34,14 +35,14 @@ resource vault 'Microsoft.KeyVault/vaults@2022-07-01' = {
 }

 resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = {
-  name: replace(keyVaultName, resourcePrefix, '${resourcePrefix}-pe')
+  name: keyVaultPrivateEndpointName
  location: location
  tags: tags
  properties: {
-    customNetworkInterfaceName: replace(keyVaultName, resourcePrefix, '${resourcePrefix}-nic')
+    customNetworkInterfaceName: keyVaultNetworkInterfaceName
    privateLinkServiceConnections: [
      {
-        name: replace(keyVaultName, resourcePrefix, '${resourcePrefix}-nic')
+        name: keyVaultPrivateEndpointName
        properties: {
          privateLinkServiceId: vault.id
          groupIds: [
--- a/src/bicep/modules/storage-account.bicep
+++ b/src/bicep/modules/storage-account.bicep
@ -6,9 +6,11 @@ Licensed under the MIT License.
 param blobsPrivateDnsZoneResourceId string
 param keyVaultUri string
 param location string
-param resourcePrefix string
+param serviceToken string
 param skuName string
 param storageAccountName string
+param storageAccountNetworkInterfaceNamePrefix string
+param storageAccountPrivateEndpointNamePrefix string
 param storageEncryptionKeyName string
 param subnetResourceId string
 param tablesPrivateDnsZoneResourceId string
@ -84,14 +86,14 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
 }

 resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for (zone, i) in zones: {
-  name: '${replace(storageAccountName, resourcePrefix, '${resourcePrefix}-pe-')}-${split(split(zone, '/')[8], '.')[1]}'
+  name: replace(storageAccountPrivateEndpointNamePrefix, serviceToken, split(split(zone, '/')[8], '.')[1])
  location: location
  tags: tags
  properties: {
-    customNetworkInterfaceName: '${replace(storageAccountName, resourcePrefix, '${resourcePrefix}-nic-')}-${split(split(zone, '/')[8], '.')[1]}'
+    customNetworkInterfaceName: replace(storageAccountNetworkInterfaceNamePrefix, serviceToken, split(split(zone, '/')[8], '.')[1])
    privateLinkServiceConnections: [
      {
-        name: '${replace(storageAccountName, resourcePrefix, '${resourcePrefix}-nic-')}-${split(split(zone, '/')[8], '.')[1]}'
+        name: replace(storageAccountPrivateEndpointNamePrefix, serviceToken, split(split(zone, '/')[8], '.')[1])
        properties: {
          privateLinkServiceId: storageAccount.id
          groupIds: [