Storage
-
SFTP (and FTPS) protocol support for Azure Files
Exposing the SFTP protocol would facilitate a bunch of scenarios where today 2 VMs (with all the management overhead that implies) are required.
3,229 votesThanks for the feedback! We are interested in collecting feedback on this request – please vote for it if this is something you like to see.
We’re also interested in learning more what people want to use the SFTP/FTPS for and which protocol they prefer. Please feel free to leave us a comment letting us know more detail!
Thanks,
Will Gries
Program Manager, Azure Files -
Memory-Optimized off-row storage issue
I have a problem because of data row-size of some tables greater than 8060bytes, so there was some off-row storage in internal xtp DMVs and those tables allocated a memory about 120GB.
I alter that tables and reduce row-size to less than 8060bytes, the memory allocated to those tables reduce and the allocated memory to object_id=0 is being grow in sys.dm_db_xtp_table_memory_stats. I think The garbage collector thread cant find this orphaned object , thus it cant deallocate memory.
another issue is 'Memory Allocated To Memory Optimized Objects' is 25GB where 'Memory Used By Memory Optimized Objects' is 62GB,I offline…
114 votes -
Enable immediate sync after changes on the Azure file share for Azure File Sync
When I make a change on my server endpoint (Windows File Server), Azure File Sync initiates a sync session very quickly after file save, however for changes on the cloud endpoint (Azure file share), I have to wait at least 24 hours to have changes get synced down to my server endpoints.
Please invest in features to initiate a sync session immediately after changes are made cloud-side, or at least increase the interval of sync from the Azure file share.
901 votesThanks for your feedback! As you mentioned, we initiate a change detection job once every 24 hours to enumerate the Azure file share and scan for changes. This is required for the Azure file share because Azure Files currently lacks a change notification mechanism like Windows Server has (we watching the USN journal on Windows Server to automatically initiate sync sessions on the server after changes are made).
Long term, we would like to build a change notification mechanism directly into Azure Files. Shorter term, we could use your feedback to understand how painful the once every 24 hours change detection is for you. Please vote and/or leave comments on this item to let us know we should invest in work to make the change detection job run more frequently/faster.
Thanks,
Will Gries
Program Manager, Azure Files -
Make Blob access policies Azure Resource Manager managed
In order to apply Azure Policies the item you want to control has to be ARM managed. Apparently Blob Access Policies are not ARM managed (i.e. resource that can be managed by calling https://management.azure.com/[ResourceId]). Because of this the Azure Policies product group can't make a policy alias to audit/deny the use of public containers/blobs, see: https://github.com/Azure/azure-policy/issues/131.
This is a big issue because the use of anonymous access to storage containing enterprise data is a huge risk.
44 votes -
Custom Domain with HTTPS for Static website hosting in Azure Storage
Currently it is necessary to use a CDN when using custom domains + HTTPS for static websites hosted in Azure Storage.
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-static-website#custom-domain-namesIt would be more convenient in a lot of situations if this could be done right within the storage account without the cdn.
As with the CDN right now, it would be great to have a one-click certificate deployment process, maybe even using LetsEncrypt? ;-)97 votes -
Available Disk Space monitoring and alerts are not sufficient
The current available tools for visualizing and alerting on available Disk Space for Azure Virtual Machines should be expanded. In the Dashboards module, there is no Live Tile that would allow you to see a Virtual Machine's disks and available space. You can get some data through custom queries, but these queries are manual-refresh only and are not truly suited to a live Dashboard environment.
Similarly, there is no way to create an Alert for low disk space in the current Alerts module. In Alerts (Classic) there was a % Free Disk Space - this is not sufficient because it…
122 votes -
Allow premium disk resizing without deallocating the VM
Title is explanatory, I should be able to scale up a premium disk without restarting the virtual machine. VMware can do it, you can too! I believe in you!
26 votes -
Global File Locking for Azure File Sync
For Azure File Sync on multiple geographically diverse servers, lock files across the enterprise to eliminate conflicts.
For example, a user in Chicago opens a spreadsheet on a local server, and that server is running Azure File Sync to a share that is also mounted by a server in Atlanta also running Azure File Sync. The file lock for the spreadsheet should be global, preventing write access in Atlanta when opened in Chicago.
See Panzura.com for reference.
624 votesHi folks,
This is something we are actively investigating, and would appreciate your feedback on the need to do this, and especially how to ranks compared to other items we could pickup for Azure Files and Azure File Sync.
We’d like to hear from you on this item. Please send us an email at AzureFiles@microsoft.com, and of course vote for this item if you would like to see it.
Thanks,
Will Gries
Program Manager, Azure Files -
Azure File Sync Cloud tiering allow recall on demand
When adding a new server endpoint, instead of downloading all files until the volume free space criteria is met, can the AFS client instead download files on demand? Similar to how the new OneDrive client works. This would allow for more efficient hot/cold mapping.
61 votes -
Azure Policy For Preventing Public Blob Containers
There are no ARM REST API properties for Blob containers which means we can't create an Azure Policy for not allowing people to ever create public blob containers.
This is how every AWS breach has occurred due to accidentally setting storage to public.
106 votes -
Enable Authorization to the Azure Static Websites using Azure Active Directory
Right now, there is development done to use Blob storage for a static website (known as Azure Static Websites). The feature is in preview.
However, the downside of this is that the website is public. There is no built-in to restrict the access to the website.
In my use case, I would have used Azure Static Websites to store the static documentation produced by DocFx (https://dotnet.github.io/docfx/). This documentation includes the classes as well including technical documentation and wikis.
I would be great if I could use my Azure Active Directory to control who can actually see the pages…
9 votes -
Allow adding headers to static website hosting in blob storage
The static website hosting is fantastic, to make this feature even more awesome please allow adding of custom headers like CSP, HSTS etc secure the static website.
60 votes -
When Azure Storage Explorer could add AAD application for ADLSv2
Currently we need to use the REST API of Update to add permissions. The following link is an introduction to the API:
https://docs.microsoft.com/zh-cn/rest/api/storageservices/datalakestoragegen2/path/updateFinally tested, you can add AAD's APP to the folder.
1. Create a SAS Token.
2. Save the Application ID.
3. Use a Postman or other tool to send a Path request.
Method: PATCH
Url: http://{accountName}.{dfs.core.windows.net }/{filesystem}/{path}?action={action}&position={position}&retainUncommittedData={retainUncommittedData}&timeout={timeout}&{SAS Token}
Header: x-ms-acl: user::rwx,group::r-x,mask::rwx,other::---,user:87867a54-2d32-4d28-9444-ca42fd022abd:rwx
x-ms-version: 2018-11-09
Sample Url: https://mscssadlsv2.dfs.core.windows.net/123//?action=setAccessControl&sv=2018-03-28&ss=bfqt&srt=sco&sp=rwdlacup&st=2019-01-16T23%3A37%3A00Z&se=2019-01-23T23%3A37%3A00Z&sig=lV8gu%2FgLeqsIhh2UDRxCSX0U7rPNgKpIQ7adxSMbe7g%3D
Is there any KB / road map / feature request for when AAD applications will be supported under storage explorer?
Can we add the feature to the ASE?
12 votes -
Create Microsoft Service for firewall enabled boot diagnostic storage account
We want to use a firewall enabled storage account for our boot diagnostics, because the logs / screenshots are reachable from the internet as per default.
Could you please create microsoft service or a workaround for that?
Because we receive the following error message if we want to reach the serial console of a VM."A "Forbidden" response was encountered when accessing this VM's boot diagnostic storage account."
reference link for the error:
https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/serial-console-windows#errors12 votes -
Enable Storage Account Firewall to access from App Service without ASE
Currently it is not possible to configure storage account firewall to accept requests from App Services event whitelist outbound IP addresses of Appservices.
It is great if above is possible70 votes -
Customer Managed Keys for SSE using ARM or Azure Policy
A common requirement we have is to re-configure Storage Accounts to use Customer Managed Keys for Storage Service Encryption (SSE). Currently, this can only be achieved manually through the Azure Portal, or through a sequence of PowerShell commands.
To improve manageability and compliance with corporate governance policies, we would like the ability to configure Storage Service Encryption (SSE) as it's own Resource Type using ARM Templates. This would be similar to how "SQL Transparent Data Encrytpion" can be configured... https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2014-04-01/servers/databases/transparentdataencryption
This would allow us to:
a) Create new Storage Accounts with Customer Managed Keys configured by default
b) Use Azure…16 votes -
Azure Files Network Drive Mapping with Intune Policies
Would be very handy to see Intune option of mapping network drive directly to Azure AD Joined devices. In Intune there is no option even to map regular network drives, but Azure File Shares would be game changer.
71 votes -
Windows 10 Support for Azure File Sync
We have a scenario where we would like to sync using Azure File Sync from Windows Enterprise 10 clients.
28 votes -
Events for Azure Files
Unfortunately without Events support for Azure Files, I can't perform any sort of Read/Write/Delete audit logging for my File shares. This is actually a serious requirement for HIPAA compliance; it is not enough to know when or how files changed (such as with Azure File Sync), but you must also know *who* changed or accessed the file.
14 votes -
Whitelist all Microsoft services in Storage account Firewall
Whitelist all Microsoft services including Azure Data Factory when the "Firewall and Virtual Network" option is enabled on Storage account and "Allow trusted Microsoft services to access this storage account" option is selected.
Similar option is already available on Azure Data Lake store, where we can access Data Lake from Data Factory pipelines after the firewall option is enabled.
90 votes
- Don't see your idea?