diff --git a/src/pkg/clouds/azure/keyvault/keyvault.go b/src/pkg/clouds/azure/keyvault/keyvault.go
index d179b372f..de471493c 100644
--- a/src/pkg/clouds/azure/keyvault/keyvault.go
+++ b/src/pkg/clouds/azure/keyvault/keyvault.go
@@ -32,7 +32,7 @@ const keyVaultSecretsOfficerRoleID = "b86a8fe4-44ce-4948-aee5-eccb2c155cd7" // n
 func VaultName(resourceGroupName, subscriptionID string) string {
 	h := sha256.Sum256([]byte(subscriptionID + "|" + resourceGroupName))
 	suffix := hex.EncodeToString(h[:])[:vaultNameSuffixLen]
-	name := "defang-config-" + suffix
+	name := "config-" + suffix
 	return name
 }
 
diff --git a/src/pkg/clouds/azure/keyvault/keyvault_test.go b/src/pkg/clouds/azure/keyvault/keyvault_test.go
index 116d61656..4bfa0808d 100644
--- a/src/pkg/clouds/azure/keyvault/keyvault_test.go
+++ b/src/pkg/clouds/azure/keyvault/keyvault_test.go
@@ -38,8 +38,8 @@ func useFakeCred(t *testing.T, tok string, gerr error) {
 
 func TestVaultName(t *testing.T) {
 	name := VaultName("my-rg", "sub-id")
-	if !strings.HasPrefix(name, "defang-config-") {
-		t.Errorf("VaultName = %q, want defang-config- prefix", name)
+	if !strings.HasPrefix(name, "config-") {
+		t.Errorf("VaultName = %q, want config- prefix", name)
 	}
 	if len(name) > 24 {
 		t.Errorf("VaultName %q exceeds 24 chars", name)