How can we improve Azure Virtual Machines?

Allow VM console access when storage account has firewall enabled

It's pretty ridiculous that the Azure VM serial console won't work when the boot diagnostics storage account has a firewall enabled.

First, it should be possible to use a firewall for additional protection of boot diagnostics. I understand that the storage has to be written from the host server, not the VM, so it might not be on the correct vnet; but this should be considered a "trusted Azure service", or there should be another option to allow it.

Second, the Serial Console is not the same as boot logging. They are two separate things! I should be able to enable and disable the serial console independent of storing boot logs.

The implication is that relatively sensitive information (boot log) cannot be stored with vnet protection.

1 vote
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

John Crim shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

1 comment

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base