Storage

How can we improve Azure Storage?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. App Service AAD Authentication on Azure Storage Static Site Hosting

    Currently, after exposing a site through Azure Storage Static Site Hosting, the only login method is to use ADAL.js or similiar. This means that no private info can be kept in the static site, and has to be retrieved from a backend which is secured using AAD. This is because even if I redirect to login, search crawlers will pick up the info.

    In practice, as soon as I have a site with potentially sensitive info on it, I drop to using an App Service for just one feature: AAD Authentication.

    If we could have a system identical to App…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  2. Include Logic Apps in the Trusted Microsoft Services for Storage Accounts

    Include Logic Apps in the Trusted Microsoft Services for Storage Accounts when configuring diagnostic settings in the Logic App to "archive to a storage account". Security Center flags logic app for not having this configured but then after configuring the storage account is flagged for not restriction access, "Restrict access to storage accounts with firewall and virtual network configurations (Preview)". Since the logic app can not be assigned to a virtual network this cannot be resolved/secured properly without taking my environment in to an App Service Environment.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  3. Include Logic Apps in the Trusted Microsoft Services for Storage Accounts

    Include Logic Apps in the Trusted Microsoft Services for Storage Accounts when configuring diagnostic settings in the Logic App to "archive to a storage account". Security Center flags logic app for not having this configured but then after configuring the storage account is flagged for not restriction access, "Restrict access to storage accounts with firewall and virtual network configurations (Preview)". Since the logic app can not be assigned to a virtual network this cannot be resolved/secured properly without taking my environment in to an App Service Environment.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  4. API / CLI Request for max allowed size of storage account

    We have to know for an automation purpose the maximum size of storage accounts in all azure regions. There is currently know way to identify via API / CLI the max possible account size per region,

    Based on that, we have to create alerts rules for the storage accounts to monitor the used capacity / threshold.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  5. Forecast or Show Approximate Storage Size for Selected Items for Azure Backup before the actual/scheduled Backup

    Hi Azure Microsoft Team

    Highly appreciate if you can calculate or forecast the selected items to Backup in the Schedule Backup Wizard for Azure Backup so that we can determine the file size storage are being backup rather than after the backup job success.

    It will be another awesome feature to be added.

    Thank you

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  6. Search for container or files based on a date or date range

    I would like to search for blobs (container or file) by single date or date range using either Microsoft Azure Storage Explorer on my desktop or portal. This will allow me to delete or review items without having to know the name of the container or the file.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  7. Give size limitations on imports and exports. Is there any size limitation especially dealing with drives.

    Please update the documentation with import/export sizes and increase the level of detail with application in limitations.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  8. Firewall rule that can accept connections from VNET on the other AAD tenant

    Currently Storage firewall have a limitation, that source VNET must be in the same AAD tenant.
    https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security?toc=%2fazure%2fvirtual-network%2ftoc.json#required-permissions

    It would be nice if cross tenant connection is enabled. It is quite useful to protect storage data by VNET basis and at the same time can accept connection from other partner companies who want to work on the specific storage account.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  9. Blob Life cycle management for page blobs

    Provide life cycle management feature for Page blobs too similar to the block blob.
    Currently SQL server 2014 or older version support backing up data to page blobs only. Hence it would be good to have the page blob life cycle management policy on it. This will help in managing the deletion of page blobs on a timely basis.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow non-public address ranges for Firewall and/or cross-region VNET rules

    Storage accounts firewalls currently allow white-listing of networks within the same region.

    I have peered VNETs in other regions that require access to a Blob Store.

    I am unable to add these VNETs to the white-list and when I try to white-list the address range I am unable to because it is only possible white-list public IPs.

    This leaves no option other than to leave the firewall open to world access. Although it is possible to lock down access using IAM, the addition of a Firewall would be preferred.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  11. Customer Managed Keys for SSE using ARM or Azure Policy

    A common requirement we have is to re-configure Storage Accounts to use Customer Managed Keys for Storage Service Encryption (SSE). Currently, this can only be achieved manually through the Azure Portal, or through a sequence of PowerShell commands.

    To improve manageability and compliance with corporate governance policies, we would like the ability to configure Storage Service Encryption (SSE) as it's own Resource Type using ARM Templates. This would be similar to how "SQL Transparent Data Encrytpion" can be configured... https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2014-04-01/servers/databases/transparentdataencryption

    This would allow us to:

    a) Create new Storage Accounts with Customer Managed Keys configured by default
    b) Use Azure…

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow internal access to a storage account in any regions from any Microsoft.Storage service endpoint without needing public internet access

    Currently Microsoft has confirmed to me that it is only possible to access storage accounts hosted in a specific location from an Azure VM via the Microsoft.Storage service endpoint without internet access but only if the VM is located in either the primary or secondary (backup replication site) storage account location.

    For example, if I create a blob container in US East 2 (secondary replication location: Central US) I will be able to access a blob (ex. https://someblobname.blob.core.windows.net/somefolder/someblob.txt) from a US East 2 or Central US VM via the storage service endpoint attached to the VMs VNet. However, I…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  13. Copy VM Image Across Regions through Azure Portal

    I have a new Microsoft customer that recently migrated from AWS. After their migration the customer noticed one major difference in functionality that negatively affects their post migration business plans. AWS has the ability to move images across regions through the AWS portal. The customer expressed that they would benefit greatly if the Azure portal had this same functionality. I understand that this is possible using AzureCLI (image copy estension), however, this option is not viable for the customer's environment.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow Logic App Connectors to dynamically pull a Storage Account Key rather than sticking with a statically configured key value

    Currently, Connectors to Storage Accounts are configured with a Storage Account key during setup. Implementing Microsoft's recommended key rotation breaks the Connector as it's not able to dynamically pull the key value.

    There is a workaround via PowerShell and adding an Azure Automation step to grab the key value and update the Connector prior to running any Logic App steps that require this Connector. While functional, this adds more access and complexity than should be required.

    Data Factory v2 has a connector that dynamically pulls values from a Key Vault (screenshot attached). It would be great if the Storage Account…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  15. Azure Storage Firewall for Linked ARM Templates

    Add the Azure Resource Manager public IP addresses to the list of services that are "Allow Trusted Microsoft services to access this storage account" so that a blob storage account can be used as a linked ARM template location without having to use SaS tokens in releases.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  16. 6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  17. Microsoft Teams integration

    It would be great to see Azure storage (blob and/or Files) as a data source for Microsoft Teams.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  18. New tool to view Storage Tables on iOS

    Following your encouragement to inform about new tools to work with Azure Storage services I want to inform about my App AzureTabStorClient which can be used to view Azure Storage Tables on iOS devices. See more details at: https://azuretabstorclient.wordpress.com/

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable Storage Account Firewall to access from App Service without ASE

    Currently it is not possible to configure storage account firewall to accept requests from App Services event whitelist outbound IP addresses of Appservices.
    It is great if above is possible

    248 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  20. 11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base