Storage

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. make it possible to use SSL on blob storage using custom domains

    Currently you can use SSL but you have to user the standard URL. You can create a CNAME to your storage account but most browsers complain that the traffic was rerouted and is possibly an attack. There should be a way to install a domain certificate to your containers.

    4,717 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    145 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →

    You can now use the Azure CDN to access blobs with custom domains over HTTPS. See the following article for instructions on how to do so: https://docs.microsoft.com/en-us/azure/storage/storage-https-custom-domain-cdn. Having talked to a number of customers, we concluded that this solution addresses many scenarios where the need for HTTPS access to blobs with custom domains exists.

    Native Azure Storage support for using SSL to access blobs at custom domains is still on our backlog. We would love to hear about your scenarios where using the Azure CDN is not an acceptable solution, either by posting on this thread or sending us an email at azurestoragefeedback@microsoft.com.

  2. Static website hosting in Azure blob storage

    This would require supporting default file to render and somekind of redirect from root to a particular container.

    2,255 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    74 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. We are currently in public preview of static website hosting for Azure Storage to enable this scenario. Check out the blog post here for more details: https://azure.microsoft.com/en-us/blog/azure-storage-static-web-hosting-public-preview. The feature set includes support for default documents and custom error documents for HTTP status code 404.

    For any further questions, or to discuss your specific scenario, send us an email at azurestoragefeedback@microsoft.com.

  3. Provide Time to live feature for Blobs

    If I need to provide a user (or external system) some data (blob) which might be outcome of some processing (or other) and it has some expiration time I'd like to just put a new blob and set TTL property with TimeSpan (or set absolute DateTime). When the period is over my blob is deleted. So I don't have to pay for it and don't need to spin up some service for doing it myself.

    1,292 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    38 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. We are currently in public preview of blob storage lifecycle management. The feature set offers a rich, rule-based policy engine which you can use to transition your data to the best access tier and to expire data at the end of its lifecycle. See our post on the Azure Blog to get started: https://azure.microsoft.com/en-us/blog/azure-blob-storage-lifecycle-management-public-preview/preview/.

    For any further questions, or to discuss your specific scenario, send us an email at DLMFeedback@microsoft.com.

  4. Rename blobs without needing to copy them

    Copying blobs in order to rename them is a heavy operation, especially when the blob is big, or when you need to change many files, such as when changing a directory name.

    874 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    26 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →

    Our apologies for not updating this ask earlier. Renaming Blobs is on our backlog, but is unlikely to be released in the coming year. Today, you can use the “Copy Blob” API as a workaround.

    Using the Azure Files service you can address Azure Storage like a network share using the SMB2.1 protocol.  This enables usage of normal Windows API’s to rename files and directories.  You can get started with the Files service by visiting https://docs.microsoft.com/en-us/azure/storage/storage-dotnet-how-to-use-files.

    For any further questions, or to discuss your specific scenario, send us an email at azurestoragefeedback@microsoft.com.

  5. Allow adding headers to static website hosting in blob storage

    The static website hosting is fantastic, to make this feature even more awesome please allow adding of custom headers like CSP, HSTS etc secure the static website.

    384 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow user-based access to Blob Containers (for support employees)

    For auditing purposes and to prevent data corruption, we want to give our support employees a user-centric, read-only access to Blob Containers in order to be able to investigate possible data corruptions (caused by bugs in systems).

    This is not possible now because the security architecture of Blob Service does not even know the concept of users or roles.

    SAS is not secure enough mechanism because it gives access to anyone by just sharing a link + you can't track who's actually using it.

    310 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for you feedback. Currently we are in public preview of Azure Active Directory authentication for storage. This feature set allows you to use Azure’s role-based access control framework to grant specific permissions to users, groups and applications down to the scope of an individual blob container or queue. You can see the public preview announcement here: https://azure.microsoft.com/en-us/blog/announcing-the-preview-of-aad-authentication-for-storage/

    For any further questions, or to discuss your specific scenario, send us an email at azurestoragefeedback@microsoft.com.

  7. Azure Antimalware should be able to scan blob storage

    Azure Antimalware should be able to scan blob storage. Currently you have to save the file a a file system for the real time protection to be able to scan it. Once it has been scanned then you would have to move it to the blob storage. Would like to be able to write directly to blob storage and have the real time protection monitoring the files.

    291 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    15 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to mount a blob or virtual disk as an iSCSI device

    Either blobs or virtual disks should be mountable as as an iSCSI device. Right now, I'd have to create a windows server with an iSCSI target. This seems like madness because the blob is already some kind of virtual device.

    iSCSI is ideal for clustering and availability services and would solve problems with SQL Server clusters and other Windows Server cluster requirements.

    277 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  9. Azure Policy For Preventing Public Blob Containers

    There are no ARM REST API properties for Blob containers which means we can't create an Azure Policy for not allowing people to ever create public blob containers.

    This is how every AWS breach has occurred due to accidentally setting storage to public.

    186 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow setting Archive tier at the account and container levels

    Currently the archive tier can be set only at the blob level. There are plenty of uses cases for having entire storage accounts or containers for archival where setting the tier for each blob is tedious and non-value-adding.

    142 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. We are currently in public preview of blob storage lifecycle management. The feature set offers a rich, rule-based policy engine which you can use to transition your data to the best access tier and to expire data at the end of its lifecycle. This framework can be used to match and tier blobs based on prefix to enable batch archiving of an account, containers, or even virtual directories. Having talked to a number of customers, we concluded that this solution addresses many scenarios where the need for account and container level archiving exists. See our post on the Azure Blog to get started: https://azure.microsoft.com/en-us/blog/azure-blob-storage-lifecycle-management-public-preview/preview/.

    For any further questions, or to discuss your specific scenario, send us an email at DLMFeedback@microsoft.com.

  11. Virus scanning for Blob Storage

    Need the ability for real-time virus scanning on blobs.

    100 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable Authorization to the Azure Static Websites using Azure Active Directory

    Right now, there is development done to use Blob storage for a static website (known as Azure Static Websites). The feature is in preview.

    However, the downside of this is that the website is public. There is no built-in to restrict the access to the website.

    In my use case, I would have used Azure Static Websites to store the static documentation produced by DocFx (https://dotnet.github.io/docfx/). This documentation includes the classes as well including technical documentation and wikis.

    I would be great if I could use my Azure Active Directory to control who can actually see the pages…

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  13. Auto defragment append blobs

    Append blobs are great, however, when a such a blob is generated through a long series of small increments, the read performance of the resulting blob is very poor: from 10x to 20x slower than reading a regular page blob.

    The performance problem goes away if the app rewrite the append-blob in large 4MB chunks. However, this process is complicated to setup, and collides with any 'always-on' property of the app.

    As append blobs are append-only, it would be much better if Azure was taking care of defragmenting the append blobs on its own; possible through a dedicated API operation…

    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  14. Make Blob access policies Azure Resource Manager managed

    In order to apply Azure Policies the item you want to control has to be ARM managed. Apparently Blob Access Policies are not ARM managed (i.e. resource that can be managed by calling https://management.azure.com/[ResourceId]). Because of this the Azure Policies product group can't make a policy alias to audit/deny the use of public containers/blobs, see: https://github.com/Azure/azure-policy/issues/131.

    This is a big issue because the use of anonymous access to storage containing enterprise data is a huge risk.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable life cycle management for append blob

    Currently life cycle management is only supported for block blob. We are using Azure SQL DB auditing feature and this is creating huge amount of blob files.But these are of append blob type and that is not supported by life cycle management. Please provide support for append blob so that we can manage these log files properly.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  16. Raise the default storage signed version for anonymous requests to above 2011-08-18

    My customer used blob to serve anonymous request for their video site. They noticed that users using chrome or android could not adjust the playback progress, which is caused by the low default storage signed version 2009-09-19 not supporting Range in HTTP header.
    Is it possible to raise the default signed version from 2009-09-19 to at least 2011-08-18 so that customer would not need to set the default signed version manually in this case?

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  17. Static sites: add support for URL rewrite rules

    Simple URL rewrite rules are very common in static site hosting, especially rules to map any request to a common index.html page. This allows client-side script to handle the route URL. For example, here's a rule in an Azure Website web.config to do exactly this:

    <rule name="Route page requests to index.html" stopProcessing="true" patternSyntax="Wildcard">>
    <match url="*" />
    <conditions logicalGrouping="MatchAll">
    <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="true" negate="true" />
    <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="true" negate="true" />
    </conditions>
    <action type="Rewrite" url="/index.html" />
    </rule>

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  18. Include Azure SQL as a "trusted Micorsoft service to access the Storage Account"

    We're restricting access to our Storage Accounts by configuring the Firewall & Virtual networks.
    However, one of these storage accounts must also be accessible to our Azure SQL db's. This is currently not supported.

    Rather than securing the Storage Account, it has been proposed to restrict access from the Azure SQL side, BUT, that configuration currently only works if some other features (external tables) aren't used. We've now come full circle :)

    Ideally, we'd like to see that we can secure the Storage Account - and include Azure SQL as a trusted service.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  19. We would like to audit/log delete operations on Azure blob storage containers. Currently we can only do this at a Storage Account layer.

    We are simply looking for more granularity with our storage logging in Azure. If someone were to view/delete our blob containers, we would like to see these operations logged and have the ability to alert on them.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
  20. hotlink prevention

    Preventing others to consume my Azure resources via HTTP_REFERER header validation.
    This is a common scenario for blogs, websites etc.

    Scott Hanselman has even written a blog post about it: http://www.hanselman.com/blog/BlockingImageHotlinkingLeechingAndEvilSploggersWithIISUrlRewrite.aspx

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base