Pre-Deployment Validation
VALIDATE BEFORE DEPLOYING - Catch naming errors, quota limits, and Bicep issues BEFORE they fail mid-deployment.
Azure Resource Naming Constraints
CRITICAL: Many Azure resources have strict naming rules. Validate names BEFORE generating any code or running any commands.
Common Naming Limits
| Resource | Min | Max | Allowed Characters | Global Unique |
|---|---|---|---|---|
| Storage Account | 3 | 24 | lowercase letters, numbers only | Yes |
| Container Registry | 5 | 50 | lowercase letters, numbers only | Yes |
| Key Vault | 3 | 24 | alphanumerics, hyphens | Yes |
| Container App | 2 | 32 | lowercase letters, numbers, hyphens | No |
| App Service | 2 | 60 | alphanumerics, hyphens | Yes (for *.azurewebsites.net) |
| Function App | 2 | 60 | alphanumerics, hyphens | Yes |
| Resource Group | 1 | 90 | alphanumerics, hyphens, underscores, periods | No |
| Cosmos DB Account | 3 | 44 | lowercase letters, numbers, hyphens | Yes |
The 24-Character Problem
Storage Accounts and Key Vaults are limited to 24 characters. This is the most common naming failure.
Bad examples:
- •
mycompanyproductionstore(25 chars) - FAILS - •
dev-my-application-storage(26 chars) - FAILS - •
my-key-vault-production(23 chars but has hyphens) - FAILS for storage
Good examples:
- •
mycompprodstore(15 chars) - OK - •
devmyappstor(12 chars) - OK - •
prodkeyvault01(14 chars) - OK
Naming Validation Checklist
Before generating resource names:
- •Count characters - Storage/KeyVault must be <=24 chars
- •Check allowed characters:
- •Storage: lowercase + numbers ONLY (no hyphens!)
- •KeyVault: lowercase + numbers + hyphens
- •ACR: alphanumerics only (no hyphens!)
- •Check global uniqueness - Storage, ACR, KeyVault names must be globally unique
- •Use abbreviations for long names:
- •
prodnotproduction - •
stornotstorage - •
kvnotkeyvault - •
acrnotcontainerregistry
- •
Use MCP Tools for Validation
Before creating Bicep/Terraform, get the schema to understand constraints:
Tool: azure__bicepschema Parameters: resource-type: "Microsoft.Storage/storageAccounts"
This returns the full schema including naming constraints.
Bicep Validation
ALWAYS use the Azure MCP deployment tools to validate Bicep before deploying.
Get IaC Rules Before Writing Bicep
Tool: azure__deploy Command: deploy_iac_rules_get Parameters: deployment-tool: "AZD" iac-type: "bicep" resource-types: "containerapp,storage"
This returns best practices and rules for writing correct Bicep.
Get Schema for Specific Resources
Tool: azure__bicepschema Parameters: resource-type: "Microsoft.App/containerApps"
This returns the complete Bicep schema so you know all required/optional properties.
Generate a Deployment Plan
Before writing any infrastructure code, generate a plan:
Tool: azure__deploy Command: deploy_plan_get Parameters: workspace-folder: "/path/to/project" project-name: "myapp" target-app-service: "ContainerApp" provisioning-tool: "AZD" azd-iac-options: "bicep"
This generates a complete deployment plan with recommended services.
Subscription & Resource Filtering
CRITICAL: Never dump entire subscription or resource lists into context - this can overflow (140K+ characters).
Filtering Subscriptions
# GOOD - Clean, limited output
az account list --query "[].{Name:name, ID:id}" -o table
# BAD - Can produce massive output
az account list # Full JSON with all metadata
Filtering Resources
# GOOD - Filter and limit
az resource list --resource-group RG --query "[].{Name:name, Type:type}" -o table
# GOOD - Filter by type
az containerapp list -g RG --query "[].{Name:name, FQDN:properties.configuration.ingress.fqdn}" -o table
# BAD - Everything
az resource list # Can be 100K+ chars
MCP Tool Best Practices
When using MCP tools that list resources:
- •Always specify resource group when possible
- •Use query parameters to filter results
- •Paginate if the tool supports it
- •Summarize results instead of showing raw output
Common Filters
# Only show names and essential info
--query "[].{Name:name, Location:location, Status:properties.provisioningState}"
# Limit results
--query "[:10]" # First 10 only
# Filter by condition
--query "[?properties.provisioningState=='Succeeded']"
Pre-flight Command
Run /azure:preflight before any deployment to check:
- •Tools installed (az, azd, docker)
- •Authentication valid
- •Quota availability
- •Docker running
Quick Validation Flow
- •Name check - Validate all resource names against limits above
- •Get IaC rules -
azure__deploywith commanddeploy_iac_rules_getfor best practices - •Get schemas -
azure__bicepschemafor specific resources - •Generate plan -
azure__deploywith commanddeploy_plan_getfor full deployment plan - •Run preflight -
/azure:preflightfor tool/auth checks - •Deploy -
azd up