diff --git a/README.md b/README.md
index ba0245a..f7d3c83 100644
--- a/README.md
+++ b/README.md
@@ -101,15 +101,15 @@ Notice that:
 
   Workaround: Need to restore the identity pool/provider and then import them into terraform with
  ```bash
-# re-activate 
+# re-activate
 $ gcloud iam workload-identity-pools undelete sysdigcloud  --location=global
 
 # import to terraform state
 $ terraform import module.secure-for-cloud_example_single-project.module.cloud_bench.google_iam_workload_identity_pool.pool sysdigcloud
 $ terraform import module.secure-for-cloud_example_single-project.module.cloud_bench.google_iam_workload_identity_pool_provider.pool_provider sysdigcloud/sysdigcloud
  ```
-  
-  
+
+
 
 <br/><br/>
 ## Authors
diff --git a/examples/organization/README.md b/examples/organization/README.md
index b686988..6c09a5b 100644
--- a/examples/organization/README.md
+++ b/examples/organization/README.md
@@ -87,7 +87,7 @@ module "secure-for-cloud_example_organization" {
 | <a name="input_create_gcr_topic"></a> [create\_gcr\_topic](#input\_create\_gcr\_topic) | Deploys a PubSub topic called `gcr` as part of this stack, which is needed for GCR scanning. Set to `true` only if it doesn't exist yet. If this is not deployed, and no existing `gcr` topic is found, the GCR scanning is ommited and won't be deployed. For more info see [GCR PubSub topic](https://cloud.google.com/container-registry/docs/configuring-notifications#create_a_topic). | `bool` | `true` | no |
 | <a name="input_location"></a> [location](#input\_location) | Zone where the stack will be deployed | `string` | `"us-central1"` | no |
 | <a name="input_max_instances"></a> [max\_instances](#input\_max\_instances) | Max number of instances for the workloads | `number` | `1` | no |
-| <a name="input_naming_prefix"></a> [naming\_prefix](#input\_naming\_prefix) | Naming prefix for all the resources created | `string` | `"secure-for-cloud"` | no |
+| <a name="input_naming_prefix"></a> [naming\_prefix](#input\_naming\_prefix) | Naming prefix for all the resources created | `string` | `"sfc"` | no |
 | <a name="input_sysdig_secure_endpoint"></a> [sysdig\_secure\_endpoint](#input\_sysdig\_secure\_endpoint) | Sysdig Secure API endpoint | `string` | `"https://secure.sysdig.com"` | no |
 
 ## Outputs
diff --git a/examples/organization/main.tf b/examples/organization/main.tf
index c47f83d..2ce7f91 100644
--- a/examples/organization/main.tf
+++ b/examples/organization/main.tf
@@ -132,5 +132,6 @@ module "cloud_bench" {
   for_each = toset(local.benchmark_projects_ids)
   source   = "../../modules/services/cloud-bench"
 
-  project_id = each.key
+  naming_prefix = var.naming_prefix
+  project_id    = each.key
 }
diff --git a/examples/organization/variables.tf b/examples/organization/variables.tf
index e5b5f1c..b4750b8 100644
--- a/examples/organization/variables.tf
+++ b/examples/organization/variables.tf
@@ -14,7 +14,9 @@ variable "project_id" {
   description = "organizational member project ID where the secure-for-cloud workload is going to be deployed"
 }
 
-# Vars with defaults
+# --------------------------
+# optionals, with defaults
+# --------------------------
 variable "location" {
   type        = string
   default     = "us-central1"
@@ -31,6 +33,11 @@ variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
   default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
 }
 
 variable "max_instances" {
diff --git a/examples/single-project/variables.tf b/examples/single-project/variables.tf
index d4ef490..308dba2 100644
--- a/examples/single-project/variables.tf
+++ b/examples/single-project/variables.tf
@@ -9,7 +9,9 @@ variable "project_id" {
   description = "Project ID"
 }
 
-# Vars with defaults
+# --------------------------
+# optionals, with defaults
+# --------------------------
 variable "location" {
   type        = string
   default     = "us-central1"
@@ -26,6 +28,11 @@ variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
   default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
 }
 
 variable "create_gcr_topic" {
diff --git a/modules/infrastructure/organization_sink/variables.tf b/modules/infrastructure/organization_sink/variables.tf
index e5c52f7..e8398b1 100644
--- a/modules/infrastructure/organization_sink/variables.tf
+++ b/modules/infrastructure/organization_sink/variables.tf
@@ -9,9 +9,16 @@ variable "organization_id" {
   description = "Numeric ID of the organization to be exported to the sink"
 }
 
-# Vars with defaults
+# --------------------------
+# optionals, with defaults
+# --------------------------
 variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
   default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
 }
diff --git a/modules/infrastructure/project_sink/variables.tf b/modules/infrastructure/project_sink/variables.tf
index 028f78b..5c6b4cb 100644
--- a/modules/infrastructure/project_sink/variables.tf
+++ b/modules/infrastructure/project_sink/variables.tf
@@ -4,9 +4,16 @@ variable "filter" {
   description = "Filter for project sink"
 }
 
-# Vars with defaults
+# --------------------------
+# optionals, with defaults
+# --------------------------
 variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
   default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
 }
diff --git a/modules/infrastructure/secrets/variables.tf b/modules/infrastructure/secrets/variables.tf
index 0f00ee7..1623a4f 100644
--- a/modules/infrastructure/secrets/variables.tf
+++ b/modules/infrastructure/secrets/variables.tf
@@ -10,10 +10,16 @@ variable "sysdig_secure_api_token" {
   sensitive   = true
 }
 
-# Default vars
-
+# --------------------------
+# optionals, with defaults
+# --------------------------
 variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
   default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
 }
diff --git a/modules/services/cloud-bench/README.md b/modules/services/cloud-bench/README.md
index bc980fa..a928832 100644
--- a/modules/services/cloud-bench/README.md
+++ b/modules/services/cloud-bench/README.md
@@ -53,6 +53,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_naming_prefix"></a> [naming\_prefix](#input\_naming\_prefix) | Naming prefix for all the resources created | `string` | `"sfc"` | no |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | ID of project to run the benchmark on | `string` | `""` | no |
 | <a name="input_regions"></a> [regions](#input\_regions) | List of regions in which to run the benchmark. If empty, the task will contain all regions by default. | `list(string)` | `[]` | no |
 | <a name="input_role_name"></a> [role\_name](#input\_role\_name) | The name of the Service Account that will be created. | `string` | `"sysdigcloudbench"` | no |
diff --git a/modules/services/cloud-bench/main.tf b/modules/services/cloud-bench/main.tf
index ff1792d..54a5001 100644
--- a/modules/services/cloud-bench/main.tf
+++ b/modules/services/cloud-bench/main.tf
@@ -98,7 +98,8 @@ resource "google_iam_workload_identity_pool" "pool" {
   project = var.project_id
 
   provider                  = google-beta
-  workload_identity_pool_id = "sysdigcloud"
+  workload_identity_pool_id = "${var.naming_prefix}-sysdigcloud"
+  display_name              = "sysdigcloud"
 }
 
 resource "google_iam_workload_identity_pool_provider" "pool_provider" {
@@ -106,7 +107,7 @@ resource "google_iam_workload_identity_pool_provider" "pool_provider" {
 
   provider                           = google-beta
   workload_identity_pool_id          = google_iam_workload_identity_pool.pool.workload_identity_pool_id
-  workload_identity_pool_provider_id = "sysdigcloud"
+  workload_identity_pool_provider_id = "${var.naming_prefix}-sysdigcloud"
   display_name                       = "Sysdigcloud"
   description                        = "Sysdig Secure for Cloud"
   disabled                           = false
diff --git a/modules/services/cloud-bench/variables.tf b/modules/services/cloud-bench/variables.tf
index 8fe9f05..ecd6f2e 100644
--- a/modules/services/cloud-bench/variables.tf
+++ b/modules/services/cloud-bench/variables.tf
@@ -15,3 +15,18 @@ variable "role_name" {
   description = "The name of the Service Account that will be created."
   default     = "sysdigcloudbench"
 }
+
+
+# --------------------------
+# optionals, with defaults
+# --------------------------
+variable "naming_prefix" {
+  type        = string
+  description = "Naming prefix for all the resources created"
+  default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
+}
diff --git a/modules/services/cloud-connector/variables.tf b/modules/services/cloud-connector/variables.tf
index d88170c..5479e0f 100644
--- a/modules/services/cloud-connector/variables.tf
+++ b/modules/services/cloud-connector/variables.tf
@@ -25,7 +25,9 @@ variable "project_id" {
   description = "organizational member project ID where the secure-for-cloud workload is going to be deployed"
 }
 
-# Vars with defaults
+# --------------------------
+# optionals, with defaults
+# --------------------------
 
 variable "verify_ssl" {
   type        = bool
@@ -55,6 +57,11 @@ variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
   default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
 }
 
 variable "max_instances" {
diff --git a/modules/services/cloud-scanning/variables.tf b/modules/services/cloud-scanning/variables.tf
index 22dc36c..205bd0b 100644
--- a/modules/services/cloud-scanning/variables.tf
+++ b/modules/services/cloud-scanning/variables.tf
@@ -35,7 +35,10 @@ variable "project_id" {
   description = "organizational member project ID where the secure-for-cloud workload is going to be deployed"
 }
 
-# vars with defaults
+
+# --------------------------
+# optionals, with defaults
+# --------------------------
 
 variable "verify_ssl" {
   type        = bool
@@ -65,6 +68,11 @@ variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
   default     = "sfc"
+
+  validation {
+    condition     = can(regex("^[a-z0-9_]+$", var.naming_prefix))
+    error_message = "ERROR: Invalid naming_prefix. must contain only lowercase letters (a-z) and numbers (0-9)."
+  }
 }
 
 variable "max_instances" {