How can we improve Azure Web Apps?

FTP accounts tied to subscription, not user. Not enough auditing

In the current model, FTP credentials are tied to a user's azure login. Thus, we have no visibility into credentials that are set, as we cannot see other people's FTP credentials they've set. Furthermore, when an FTP account is created or deleted, nothing is logged. This makes it difficult to audit who has access. With the logins being tied to the user, when the user leaves, there is no way for us to reclaim that username unless they delete their ftp credentials first. This doesn't always work, as a user may depart abruptly or not on good terms. Although the credential is disabled as soon as we remove access to the subscription, we still cannot claim it.

3 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Raphael LimingRaphael Liming shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Ahmed SabbourAhmed Sabbour commented  ·   ·  Flag as inappropriate

        The deployment credential username is not tied to the subscription, but rather to the Microsoft Account. I can have access to multiple subscriptions and my deployment credentials would be the same across all of them, hence it is required to be unique across Azure.

      Feedback and Knowledge Base