Storage

How can we improve Azure Storage?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Email Notifications of Storage/Capacity

    have email notifications of storage limit or service capacities. Recently ran out of space w/ no warning...

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add x-ms- request headers in Shared Access Signatures URI

    As SAS is defined as a URI that grants restricted access rights to Azure Storage resources. I think it will be helpful to add custom headers to the URI. For example, the request for Put Blob could be https://...&...&x-ms-blob-type=BlockBlob. In this way, we can set what we need in the URI and just focus on it.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  3. Store storage account key last generated date

    It would be helpful if Azure tracked the last time a storage account's keys were regenerated. This would allow us to enforce policies around key lifetimes.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  4. SAS with secret httpost authentication

    I want to prevent different clients, who sit behind the same public IP, from sharing SAS based URI's among each other.

    If we can enable HTTP Post requests to a URI with the SAS attached, we can include authentication "secrets" as hidden fields in the request which can then be validated against the relevant SAS policy.

    The process for authentication will be as follows:
    1. Web server requests a new SAS and submits a "secret", which is stored with the Fileshare policy.
    2. A SAS-token is generated (which does not contain the secret) and returned to the webserver.
    3. The…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow sas with spesific content-type

    I would like to have sas which only able to read only file with .jpg,.js,.css for example

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  6. 6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow SASKey generation without revealing storage keys

    I would like to be able to allow authorized users to generate SAS keys but not see (list) the storage account primary (master) keys. If someone is in possession of a master key, you cannot stop data exfiltration (until you become aware and change the keys). As least with an SAS key, the act of creating it can be detected (e.g., if they create an SAS token without a proper IP address restriction, etc.). Furthermore, the act of creating an SAS key is logged in the Azure Activity log.

    So I would like to suggest defining a new RBAC action…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  8. Remove custom domain from storage account

    Classic storage accounts enable a custom domain to be associated. But it does not allow removal?

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  9. Automate domain replacement in Azure Storage Explorer link generator

    Azure Storage Explorer comes with a default URL generator for all files - http(s)://<storage account>.blob.core.windows.net/<container>/<file name>.

    The application also allows you to bind a custom URL to the service that takes the place of the "<storage account>.blob.core.windows.net/" section of the URL, making it http(s)://<custom domain>/<container>/<file name>.

    It would be super helpful to be able to be able to update the settings to indicate a custom domain is being used so that the "Copy URL" function replaced the root domain for you.

    Currently the advice received from MS is to manually replace the indicated URL segment manually, every time Storage Explorer…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  10. Firewall rule that can accept connections from VNET on the other AAD tenant

    Currently Storage firewall have a limitation, that source VNET must be in the same AAD tenant.
    https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security?toc=%2fazure%2fvirtual-network%2ftoc.json#required-permissions

    It would be nice if cross tenant connection is enabled. It is quite useful to protect storage data by VNET basis and at the same time can accept connection from other partner companies who want to work on the specific storage account.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  11. Improving the indexed partitioning criteria for handling storage accounts with same naming conventions

    As described in detail here: https://azure.microsoft.com/en-us/documentation/articles/storage-performance-checklist/#subheading47 , Azure handles indexed partitioning with an index with aphabetical criteria, so storage accounts starting with A-H will go into one partition, H’-R will go into a different partition and last R’-Z will go into another different partition too.
    We discovered that this could affect High Availability of VMs if you take care of putting them into Availability Set and use different storage accounts for their virtual disks, but same naming convention for accounts. In this case, if a fail happens on a given partition for example during an internal maintenance task or storage…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  12. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  13. Increase storage account create calls per subscription limit

    “RDFE throttles the storage account creation; the default throttling limit is 20 per subscription per hour "

    Most of our automation creates storage account on the fly and they fails with following reasons

    "The maximum number storage account creations calls allowed for a subscription in an hour has been exceeded. Please try again after some time."

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  14. Storage Account Firewall - Add Option for Trusting Dynamics 365

    When using Azure Blob Storage to store attachments from Dynamics 365, we need the ability to restrict access to the storage account from only the D365 environment. Now that D365 (v9+) is hosted in azure, it is not practical to enter every IP range for all of Azure, nor is it secure because IP ranges are shared with other Azure customers. D365 accesses the storage account using a long-term SAS token, so additional IP restrictions are needed to further secure this.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  15. Market Share

    Either charge for Data Transactions or total storage usage.... you're already charging for Active Time, this might deter Larger companies.
    People might start thinking that they are double charged and it gets out of hand.

    Microsoft might want to make money but i think it should focus more on the market share first.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  16. Forecast or Show Approximate Storage Size for Selected Items for Azure Backup before the actual/scheduled Backup

    Hi Azure Microsoft Team

    Highly appreciate if you can calculate or forecast the selected items to Backup in the Schedule Backup Wizard for Azure Backup so that we can determine the file size storage are being backup rather than after the backup job success.

    It will be another awesome feature to be added.

    Thank you

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  17. API / CLI Request for max allowed size of storage account

    We have to know for an automation purpose the maximum size of storage accounts in all azure regions. There is currently know way to identify via API / CLI the max possible account size per region,

    Based on that, we have to create alerts rules for the storage accounts to monitor the used capacity / threshold.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support share level NTFS permissions for Azure NetApp Files SMB Shares

    Currently, the default NTFS security for Azure NetApp Files SMB shares is that the "Everyone" Active Directory group has full control.

    This is a poor security practice.
    It would be helpful to allow administrators to define share level NTFS permissions that inherit down to subfolders and files.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add Alerts for Storage Account Usage

    Add alerts for storage account usage, user should be able to set an alert for say 500GB usage.

    Thanks

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to set Proxy Server

    Allow the ability to set the proxy server for requests on windows azure storage

    I will say yes you can set the global but this isn't always ideal in all environments.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base