Name Reservation on App Service for Web Apps and App Service Environment (ASE)
Published Nov 14 2022 11:09 AM 6,581 Views
Microsoft

App Service will be rolling out a Name Reservation feature to protect customers from the threat of subdomain takeovers.  The rollout is starting now (November 14th) and is expected to run through approximately December 15th. This new built-in feature creates a name reservation for web application names and for App Service Environment (ASE) names during the creation of those resources. No additional changes or configuration are needed by the customer to establish a name reservation.  

 

The name reservation for a given resource name will exist from the moment the resource is created and for a lengthy time period after the resource has been deleted (a cooldown period). This means that during the cooldown period after resource deletion, other subscriptions outside of the original creating Azure AD tenant will not be able to create a web application or ASE using the same name. However, once the cooldown period has ended, the name reservation will be released, and any subscription will then be able to create a web application or ASE with that given name. 

 

How Does This Affect Me?

This change is not expected to affect most customers.  If you delete a web application or an ASE, you will still be able to recreate a new web application or ASE using the same name during the cooldown period as long as a subscription within the same Azure AD tenant is used.  This means customers who create --> delete --> recreate resources with the same name, in the same Azure AD tenant, as they go through testing and production stages will be unaffected. 

 

Name Reservation ensures that in between the time a customer deletes and then recreates a resource, another customer is not able to create a resource with the same name.

 

Additional Information

To learn more about Name Reservation on App Service: How App Service Prevents Subdomain Takeovers

 

To learn more about the different ways to avoid subdomain takeover on App Service: Mitigating subdomain takeover in Azure App Service

 

To learn more about the one-to-many relationship between an Azure AD tenant and an Azure subscription:  Azure subscriptions and Azure AD Tenants 

 

9 Comments
Version history
Last update:
‎Nov 14 2022 11:07 AM
Updated by: