67 Ideas
Vote
Microsoft
4 years ago
Allow Azure Batch to access a locked down Storage Account
Currently when using a storage account for persisting job output this storage account can not be locked down by using the Firewall and/or Private Endpoint/VNET service endpoint. Therefore the security of the data depends solely on the secrecy of the access keys.If Azure Batch would have VNET integration or similar capability we would be able to add an additional layer of security. An alternative would be if Azure Batch is a 'trusted service' for the storage account. (https://docs.microsoft.com/en-in/azure/storage/common/storage-network-security#trusted-microsoft-services)
All Ideas
Vote
Microsoft
9 years ago
Deploy certificate from Azure Key Vault to compute node
Rather than having to associate a certificate with a pool, being able to associate a certificate in a Key Vault that's been created with the -EnabledForDeployment flag would help centralize management of certificates being deployed to both VM's and Batch nodes.
Planned
All IdeasPlanned
Microsoft
Company Response
2021-02-17 Update: VM extensions on Batch pools is now available. KeyVaultExtension sill require Managed Identity support which is available as public preview in select regions. Please see https://docs.microsoft.com/azure/batch/create-pool-extensions.Prior update: KeyVault support will be coming as part of a larger feature on pools alongside Managed Identity.