1111 mlz add ons update component order in naming convention (#1118)

* issue 1111 * naming convention and prefix count * GitHub Action: Build Bicep to JSON * Fixed max length in regex * Alphabetized params * GitHub Action: Build Bicep to JSON * Alphabetized params & var value * GitHub Action: Build Bicep to JSON * Alphabetized param, Removed empty line * GitHub Action: Build Bicep to JSON --------- Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Jason Masten <jamasten@microsoft.com>
2024-10-29 18:57:31 -04:00 · 2024-10-29 18:57:31 -04:00 · cb012dfd09
--- a/src/bicep/form/mlz.portal.json
+++ b/src/bicep/form/mlz.portal.json
@ -229,13 +229,13 @@
                  "label": "Resource Naming Prefix",
                  "type": "Microsoft.Common.TextBox",
                  "defaultValue": "",
-                  "toolTip": "Specify a prefix (min 3 and max 6 lowercase characters and numbers) to prepend to all resources.",
+                  "toolTip": "Specify a prefix (min 1 and max 6 lowercase characters and numbers) to prepend to all resources.",
                  "constraints": {
                    "required": true,
                    "validations": [
                      {
-                        "regex": "^[a-z][a-z0-9]{1,5}$",
+                        "regex": "^[a-z0-9]{1,6}$",
-                        "message": "The prefix must contain alphanumeric characters, begin with a letter, letters must be lowercase, and the length must be between 3 to 6 characters."
+                        "message": "The prefix must contain alphanumeric characters, letters must be lowercase, and the length must be between 1 to 6 characters."
                      }
                    ]
                  }
--- a/src/bicep/mlz.bicep
+++ b/src/bicep/mlz.bicep
@ -7,9 +7,9 @@ targetScope = 'subscription'
 // REQUIRED PARAMETERS
-@minLength(3)
+@minLength(1)
@maxLength(6)
-@description('A prefix, 3-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces')
+@description('A prefix, 1-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces')
 param resourcePrefix string
@allowed([
@ -725,10 +725,12 @@ module storage 'modules/storage.bicep' = {
    blobsPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.blob
    //deployIdentity: deployIdentity
    deploymentNameSuffix: deploymentNameSuffix
    filesPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.file
    keyVaultUri: customerManagedKeys.outputs.keyVaultUri
    location: location
    logStorageSkuName: logStorageSkuName
    mlzTags: logic.outputs.mlzTags
    queuesPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.queue
    resourceGroupNames: resourceGroups.outputs.names
    serviceToken: logic.outputs.tokens.service
    storageEncryptionKeyName: customerManagedKeys.outputs.storageKeyName
--- a/src/bicep/mlz.json
+++ b/src/bicep/mlz.json
@ -5,16 +5,16 @@
    "_generator": {
      "name": "bicep",
      "version": "0.30.23.60470",
-      "templateHash": "12938630250141528569"
+      "templateHash": "16541325671879840467"
    }
  },
  "parameters": {
    "resourcePrefix": {
      "type": "string",
-      "minLength": 3,
+      "minLength": 1,
      "maxLength": 6,
      "metadata": {
-        "description": "A prefix, 3-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces"
+        "description": "A prefix, 1-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces"
      }
    },
    "environmentAbbreviation": {
@ -888,7 +888,7 @@
            "_generator": {
              "name": "bicep",
              "version": "0.30.23.60470",
-              "templateHash": "11424932506966599764"
+              "templateHash": "16220429751656280628"
            }
          },
          "parameters": {
@ -968,7 +968,7 @@
                    "_generator": {
                      "name": "bicep",
                      "version": "0.30.23.60470",
-                      "templateHash": "7616623366375139473"
+                      "templateHash": "3270228280505109788"
                    }
                  },
                  "parameters": {
@ -994,6 +994,7 @@
                    "tokens": {
                      "type": "object",
                      "defaultValue": {
                        "purpose": "purpose_token",
                        "resource": "resource_token",
                        "service": "service_token"
                      }
@ -1429,8 +1430,8 @@
                    "locations": "[variables('$fxv#0')[environment().name]]",
                    "locationAbbreviation": "[variables('locations')[parameters('location')].abbreviation]",
                    "resourceAbbreviations": "[variables('$fxv#1')]",
-                    "namingConvention": "[format('{0}-{1}{2}-{3}-{4}-{5}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('networkName'), parameters('environmentAbbreviation'), variables('locationAbbreviation'))]",
+                    "namingConvention": "[format('{0}-{1}{2}-{3}-{4}-{5}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('networkName'), variables('locationAbbreviation'), parameters('environmentAbbreviation'))]",
-                    "namingConvention_Service": "[format('{0}-{1}{2}-{3}-{4}-{5}-{6}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('tokens').service, parameters('networkName'), parameters('environmentAbbreviation'), variables('locationAbbreviation'))]",
+                    "namingConvention_Service": "[format('{0}-{1}{2}-{3}-{4}-{5}-{6}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('networkName'), parameters('tokens').service, variables('locationAbbreviation'), parameters('environmentAbbreviation'))]",
                    "names": {
                      "actionGroup": "[replace(variables('namingConvention'), parameters('tokens').resource, variables('resourceAbbreviations').actionGroups)]",
                      "applicationGroup": "[replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').applicationGroups)]",
@ -1489,8 +1490,14 @@
                      "routeTable": "[replace(variables('namingConvention'), parameters('tokens').resource, variables('resourceAbbreviations').routeTables)]",
                      "storageAccount": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').storageAccounts), parameters('networkName'), parameters('networkShortName'))]",
                      "storageAccountDiagnosticSetting": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').diagnosticSettings), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, variables('resourceAbbreviations').storageAccounts))]",
-                      "storageAccountNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, variables('resourceAbbreviations').storageAccounts))]",
+                      "storageAccountBlobNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-blob', variables('resourceAbbreviations').storageAccounts))]",
-                      "storageAccountPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, variables('resourceAbbreviations').storageAccounts))]",
+                      "storageAccountFileNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-file', variables('resourceAbbreviations').storageAccounts))]",
                      "storageAccountQueueNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-queue', variables('resourceAbbreviations').storageAccounts))]",
                      "storageAccountTableNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-table', variables('resourceAbbreviations').storageAccounts))]",
                      "storageAccountBlobPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-blob', variables('resourceAbbreviations').storageAccounts))]",
                      "storageAccountFilePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-file', variables('resourceAbbreviations').storageAccounts))]",
                      "storageAccountQueuePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-queue', variables('resourceAbbreviations').storageAccounts))]",
                      "storageAccountTablePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-table', variables('resourceAbbreviations').storageAccounts))]",
                      "subnet": "[replace(variables('namingConvention'), parameters('tokens').resource, variables('resourceAbbreviations').subnets)]",
                      "userAssignedIdentity": "[replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').userAssignedIdentities)]",
                      "virtualMachine": "[replace(replace(replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').virtualMachines), parameters('environmentAbbreviation'), first(parameters('environmentAbbreviation'))), parameters('networkName'), ''), '-', '')]",
@ -5703,7 +5710,7 @@
            "_generator": {
              "name": "bicep",
              "version": "0.30.23.60470",
-              "templateHash": "5548269850951921678"
+              "templateHash": "3503875367735395147"
            }
          },
          "parameters": {
@ -6040,7 +6047,7 @@
                    "_generator": {
                      "name": "bicep",
                      "version": "0.30.23.60470",
-                      "templateHash": "15035921308988452197"
+                      "templateHash": "5686981733462823694"
                    }
                  },
                  "parameters": {
@ -6195,7 +6202,7 @@
                    },
                    {
                      "type": "Microsoft.Compute/virtualMachines/extensions",
-                      "apiVersion": "2021-03-01",
+                      "apiVersion": "2024-03-01",
                      "name": "[format('{0}/{1}', parameters('name'), 'GuestAttestation')]",
                      "location": "[parameters('location')]",
                      "tags": "[union(if(contains(parameters('tags'), 'Microsoft.Compute/virtualMachines'), parameters('tags')['Microsoft.Compute/virtualMachines'], createObject()), parameters('mlzTags'))]",
@ -6204,7 +6211,6 @@
                        "type": "GuestAttestation",
                        "typeHandlerVersion": "1.0",
                        "autoUpgradeMinorVersion": true,
                        "enableAutomaticUpgrade": true,
                        "settings": {
                          "AttestationConfig": {
                            "MaaSettings": {
@ -6903,6 +6909,9 @@
          "deploymentNameSuffix": {
            "value": "[parameters('deploymentNameSuffix')]"
          },
          "filesPrivateDnsZoneResourceId": {
            "value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.privateDnsZoneResourceIds.value.file]"
          },
          "keyVaultUri": {
            "value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-cmk-hub-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultUri.value]"
          },
@ -6915,6 +6924,9 @@
          "mlzTags": {
            "value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.mlzTags.value]"
          },
          "queuesPrivateDnsZoneResourceId": {
            "value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.privateDnsZoneResourceIds.value.queue]"
          },
          "resourceGroupNames": {
            "value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-resource-groups-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.names.value]"
          },
@ -6944,7 +6956,7 @@
            "_generator": {
              "name": "bicep",
              "version": "0.30.23.60470",
-              "templateHash": "15851262372533796124"
+              "templateHash": "11618493610681415173"
            }
          },
          "parameters": {
@ -6954,6 +6966,9 @@
            "deploymentNameSuffix": {
              "type": "string"
            },
            "filesPrivateDnsZoneResourceId": {
              "type": "string"
            },
            "keyVaultUri": {
              "type": "string"
            },
@ -6966,6 +6981,9 @@
            "mlzTags": {
              "type": "object"
            },
            "queuesPrivateDnsZoneResourceId": {
              "type": "string"
            },
            "resourceGroupNames": {
              "type": "array"
            },
@ -7008,6 +7026,9 @@
                  "blobsPrivateDnsZoneResourceId": {
                    "value": "[parameters('blobsPrivateDnsZoneResourceId')]"
                  },
                  "filesPrivateDnsZoneResourceId": {
                    "value": "[parameters('filesPrivateDnsZoneResourceId')]"
                  },
                  "keyVaultUri": {
                    "value": "[parameters('keyVaultUri')]"
                  },
@ -7017,6 +7038,9 @@
                  "mlzTags": {
                    "value": "[parameters('mlzTags')]"
                  },
                  "queuesPrivateDnsZoneResourceId": {
                    "value": "[parameters('queuesPrivateDnsZoneResourceId')]"
                  },
                  "serviceToken": {
                    "value": "[parameters('serviceToken')]"
                  },
@ -7049,13 +7073,16 @@
                    "_generator": {
                      "name": "bicep",
                      "version": "0.30.23.60470",
-                      "templateHash": "10231061264498799420"
+                      "templateHash": "13359240625570837130"
                    }
                  },
                  "parameters": {
                    "blobsPrivateDnsZoneResourceId": {
                      "type": "string"
                    },
                    "filesPrivateDnsZoneResourceId": {
                      "type": "string"
                    },
                    "keyVaultUri": {
                      "type": "string"
                    },
@ -7065,6 +7092,9 @@
                    "mlzTags": {
                      "type": "object"
                    },
                    "queuesPrivateDnsZoneResourceId": {
                      "type": "string"
                    },
                    "serviceToken": {
                      "type": "string"
                    },
@ -7091,9 +7121,27 @@
                    }
                  },
                  "variables": {
-                    "zones": [
+                    "subResources": [
-                      "[parameters('blobsPrivateDnsZoneResourceId')]",
+                      {
-                      "[parameters('tablesPrivateDnsZoneResourceId')]"
+                        "id": "[parameters('blobsPrivateDnsZoneResourceId')]",
                        "nic": "[parameters('tier').namingConvention.storageAccountBlobNetworkInterface]",
                        "pe": "[parameters('tier').namingConvention.storageAccountBlobPrivateEndpoint]"
                      },
                      {
                        "id": "[parameters('filesPrivateDnsZoneResourceId')]",
                        "nic": "[parameters('tier').namingConvention.storageAccountFileNetworkInterface]",
                        "pe": "[parameters('tier').namingConvention.storageAccountFilePrivateEndpoint]"
                      },
                      {
                        "id": "[parameters('queuesPrivateDnsZoneResourceId')]",
                        "nic": "[parameters('tier').namingConvention.storageAccountQueueNetworkInterface]",
                        "pe": "[parameters('tier').namingConvention.storageAccountQueuePrivateEndpoint]"
                      },
                      {
                        "id": "[parameters('tablesPrivateDnsZoneResourceId')]",
                        "nic": "[parameters('tier').namingConvention.storageAccountTableNetworkInterface]",
                        "pe": "[parameters('tier').namingConvention.storageAccountTablePrivateEndpoint]"
                      }
                    ]
                  },
                  "resources": [
@ -7164,22 +7212,22 @@
                    {
                      "copy": {
                        "name": "privateEndpoints",
-                        "count": "[length(variables('zones'))]"
+                        "count": "[length(variables('subResources'))]"
                      },
                      "type": "Microsoft.Network/privateEndpoints",
                      "apiVersion": "2023-04-01",
-                      "name": "[replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]))]",
+                      "name": "[variables('subResources')[copyIndex()].pe]",
                      "location": "[parameters('location')]",
                      "tags": "[union(if(contains(parameters('tags'), 'Microsoft.Network/privateEndpoints'), parameters('tags')['Microsoft.Network/privateEndpoints'], createObject()), parameters('mlzTags'))]",
                      "properties": {
-                        "customNetworkInterfaceName": "[replace(parameters('tier').namingConvention.storageAccountNetworkInterface, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]))]",
+                        "customNetworkInterfaceName": "[variables('subResources')[copyIndex()].nic]",
                        "privateLinkServiceConnections": [
                          {
-                            "name": "[replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]))]",
+                            "name": "[variables('subResources')[copyIndex()].pe]",
                            "properties": {
                              "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]",
                              "groupIds": [
-                                "[split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]]"
+                                "[split(split(variables('subResources')[copyIndex()].id, '/')[8], '.')[1]]"
                              ]
                            }
                          }
@ -7195,23 +7243,23 @@
                    {
                      "copy": {
                        "name": "privateDnsZoneGroups",
-                        "count": "[length(variables('zones'))]"
+                        "count": "[length(variables('subResources'))]"
                      },
                      "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
                      "apiVersion": "2021-08-01",
-                      "name": "[format('{0}/{1}', replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1])), uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]",
+                      "name": "[format('{0}/{1}', variables('subResources')[copyIndex()].pe, uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]",
                      "properties": {
                        "privateDnsZoneConfigs": [
                          {
                            "name": "ipconfig1",
                            "properties": {
-                              "privateDnsZoneId": "[variables('zones')[copyIndex()]]"
+                              "privateDnsZoneId": "[variables('subResources')[copyIndex()].id]"
                            }
                          }
                        ]
                      },
                      "dependsOn": [
-                        "[resourceId('Microsoft.Network/privateEndpoints', replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1])))]",
+                        "[resourceId('Microsoft.Network/privateEndpoints', variables('subResources')[copyIndex()].pe)]",
                        "[resourceId('Microsoft.Storage/storageAccounts', uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]"
                      ]
                    }
--- a/src/bicep/modules/linux-virtual-machine.bicep
+++ b/src/bicep/modules/linux-virtual-machine.bicep
@ -118,7 +118,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-04-01' = {
  }
 }
-resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions@2021-03-01' = {
+resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions@2024-03-01' = {
  parent: virtualMachine
  name: 'GuestAttestation'
  location: location
@ -128,7 +128,6 @@ resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions
    type: 'GuestAttestation'
    typeHandlerVersion: '1.0'
    autoUpgradeMinorVersion: true
    enableAutomaticUpgrade: true
    settings: {
      AttestationConfig: {
        MaaSettings: {
--- a/src/bicep/modules/naming-convention.bicep
+++ b/src/bicep/modules/naming-convention.bicep
@ -12,6 +12,7 @@ param networkShortName string
 param resourcePrefix string
 param stampIndex string = '' // Optional: Added to support AVD deployments
 param tokens object = {
  purpose:'purpose_token'
  resource: 'resource_token'
  service: 'service_token'
 }
@ -33,8 +34,8 @@ var resourceAbbreviations = loadJsonContent('../data/resourceAbbreviations.json'
 */
-var namingConvention = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
+var namingConvention = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${locationAbbreviation}-${environmentAbbreviation}'
-var namingConvention_Service = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${tokens.service}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
+var namingConvention_Service = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${tokens.service}-${locationAbbreviation}-${environmentAbbreviation}'
 /*
@ -106,8 +107,14 @@ var names = {
  routeTable: replace(namingConvention, tokens.resource, resourceAbbreviations.routeTables)
  storageAccount: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.storageAccounts), networkName, networkShortName)
  storageAccountDiagnosticSetting: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.diagnosticSettings), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
-  storageAccountNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
+  storageAccountBlobNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-blob')
-  storageAccountPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
+  storageAccountFileNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-file')
  storageAccountQueueNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-queue')
  storageAccountTableNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-table')
  storageAccountBlobPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-blob')
  storageAccountFilePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-file')
  storageAccountQueuePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-queue')
  storageAccountTablePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-table')
  subnet: replace(namingConvention, tokens.resource, resourceAbbreviations.subnets)
  userAssignedIdentity: replace(namingConvention_Service, tokens.resource, resourceAbbreviations.userAssignedIdentities)
  virtualMachine: replace(replace(replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.virtualMachines), environmentAbbreviation, first(environmentAbbreviation)), networkName, ''), '-', '')
--- a/src/bicep/modules/storage-account.bicep
+++ b/src/bicep/modules/storage-account.bicep
@ -4,9 +4,11 @@ Licensed under the MIT License.
 */
 param blobsPrivateDnsZoneResourceId string
 param filesPrivateDnsZoneResourceId string
 param keyVaultUri string
 param location string
 param mlzTags object
 param queuesPrivateDnsZoneResourceId string
 param serviceToken string
 param skuName string
 param storageEncryptionKeyName string
@ -16,9 +18,27 @@ param tags object
 param tier object
 param userAssignedIdentityResourceId string
-var zones = [
+var  subResources = [
-  blobsPrivateDnsZoneResourceId
+  {
-  tablesPrivateDnsZoneResourceId
+    id: blobsPrivateDnsZoneResourceId
    nic: tier.namingConvention.storageAccountBlobNetworkInterface
    pe: tier.namingConvention.storageAccountBlobPrivateEndpoint
  }
  {
    id: filesPrivateDnsZoneResourceId
    nic: tier.namingConvention.storageAccountFileNetworkInterface
    pe: tier.namingConvention.storageAccountFilePrivateEndpoint
  }
  {
    id: queuesPrivateDnsZoneResourceId
    nic: tier.namingConvention.storageAccountQueueNetworkInterface
    pe: tier.namingConvention.storageAccountQueuePrivateEndpoint
  }
  {
    id: tablesPrivateDnsZoneResourceId
    nic: tier.namingConvention.storageAccountTableNetworkInterface
    pe: tier.namingConvention.storageAccountTablePrivateEndpoint
  }
 ]
 resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
@ -84,19 +104,19 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
  }
 }
-resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for (zone, i) in zones: {
+resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for (resource, i) in subResources: {
-  name: replace(tier.namingConvention.storageAccountPrivateEndpoint, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
+  name: resource.pe
  location: location
  tags: union(contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {}, mlzTags)
  properties: {
-    customNetworkInterfaceName: replace(tier.namingConvention.storageAccountNetworkInterface, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
+    customNetworkInterfaceName: resource.nic
    privateLinkServiceConnections: [
      {
-        name: replace(tier.namingConvention.storageAccountPrivateEndpoint, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
+        name: resource.pe
        properties: {
          privateLinkServiceId: storageAccount.id
          groupIds: [
-            split(split(zone, '/')[8], '.')[1]
+            split(split(resource.id, '/')[8], '.')[1]
          ]
        }
      }
@ -107,7 +127,7 @@ resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for
  }
 }]
-resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2021-08-01' = [for (zone, i) in zones: {
+resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2021-08-01' = [for (resource, i) in subResources: {
  parent: privateEndpoints[i]
  name: storageAccount.name
  properties: {
@ -116,7 +136,7 @@ resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZone
        name: 'ipconfig1'
        properties: {
          #disable-next-line use-resource-id-functions
-          privateDnsZoneId: zone
+          privateDnsZoneId: resource.id
        }
      }
    ]
--- a/src/bicep/modules/storage.bicep
+++ b/src/bicep/modules/storage.bicep
@ -8,10 +8,12 @@ targetScope = 'subscription'
 param blobsPrivateDnsZoneResourceId string
 //param deployIdentity bool
 param deploymentNameSuffix string
 param filesPrivateDnsZoneResourceId string
 param keyVaultUri string
 param location string
 param logStorageSkuName string
 param mlzTags object
 param queuesPrivateDnsZoneResourceId string
 param resourceGroupNames array
 param serviceToken string
 param storageEncryptionKeyName string
@ -25,9 +27,11 @@ module storageAccount 'storage-account.bicep' = [for (tier, i) in tiers: {
  scope: resourceGroup(tier.subscriptionId, resourceGroupNames[i])
  params: {
    blobsPrivateDnsZoneResourceId: blobsPrivateDnsZoneResourceId
    filesPrivateDnsZoneResourceId: filesPrivateDnsZoneResourceId
    keyVaultUri: keyVaultUri
    location: location
    mlzTags: mlzTags
    queuesPrivateDnsZoneResourceId: queuesPrivateDnsZoneResourceId
    serviceToken: serviceToken
    skuName: logStorageSkuName
    storageEncryptionKeyName: storageEncryptionKeyName
@ -40,5 +44,3 @@ module storageAccount 'storage-account.bicep' = [for (tier, i) in tiers: {
 }]
 output storageAccountResourceIds array = [for (tier, i) in tiers: storageAccount[i].outputs.id]