Storage

How can we improve Azure Storage?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 716 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      11 comments  ·  Flag idea as inappropriate…  ·  Admin →

      Azure Storage now provides a comprehensive set of security capabilities which together enable developers to build secure applications. Data can be secured in transit between an application and Azure by using Client-Side Encryption azure.microsoft.com/en-us/documentation/art.., HTTPs, Virtual Network and Firewalls, or SMB 3.0. Storage Service Encryption azure.microsoft.com/en-us/documentation/art.. provides encryption at rest, handling encryption, decryption, and key management in a totally transparent fashion.

    • Support Cross Origin Resource Sharing (CORS) via Access-Control-Allow-Origin header

      http://en.wikipedia.org/wiki/Cross-origin_resource_sharing

      This feature has many useful applications:
      * loading of JSON data without JSONP wrappers
      * pre-loading Image data with progress information
      * pre-loading Audio data on browsers that otherwise suppress audio preloading

      571 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        42 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • Allow Windows Azure Storage to filter the connection clients by their network info such as IP

        Azure storage is protected using a connection string which contains credentials. Usually this connection string is placed in a configuration file. Reality tells us that information placed in configuration string leaks. It is likely that the storage configuration string will leak to non-authorized people. If someone has the connection string he owns your Azure storage!
        It is not possible to compare Azure Storage connection string to SQL connection strings because SQL is not exposed to the web. Even if a bad guy has the connection string he cannot use it unless he get network access to the SQL server or…

        362 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          6 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
        • Ability to upload a file to windows azure blobs directly via Azure management portal

          I understand that there are third party tools out there that can be used. Also Data Transfer tool (SQL Azure Labs) can be used - but it would be great if we could upload a file to Windows Azure blobs directly via Azure management portal

          242 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            2 comments  ·  Portal  ·  Flag idea as inappropriate…  ·  Admin →
          • Create a Portable Class Library (PCL) implementation of the Azure Storage SDK

            I'd love to see the Azure Storage SDK implemented as a Portable Class Library (PCL), in the same way that the Azure Management SDK has been. Since I'm looking to use Xamarin to create cross-platform apps, and I'd like my data layer to be in a PCL so I can use it across Windows Store, iOS, and Android apps. Thanks!

            186 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              8 comments  ·  Client Libraries  ·  Flag idea as inappropriate…  ·  Admin →

              Thank your for your feedback!

              We did provide a PCL prior to version 7.2 of the Xamarin Azure Storage Client Library (https://github.com/Azure/azure-storage-net/releases). For 7.2 and beyond, the Xamarin library will leverage the .NET Standard runtime library, which is what will be supported by the Xamarin platform moving forward https://blog.xamarin.com/net-standard-library-support-for-xamarin/.

              For more information, please read our GA announcement (https://azure.microsoft.com/en-us/blog/announcing-storage-client-library-ga-for-xamarin/) and check out our getting started (https://docs.microsoft.com/en-us/azure/storage/storage-xamarin-blob-storage)

            • IP address in signed storage URLs?

              Almost everything is in the title: I'd like to see an IP address restriction to be added to signed URLs, in addition to the existing start and end of validity. On the client side, this would mean adding an IPAddress property to Microsoft.WindowsAzure.StorageClient.SharedAccessPolicy. If set, the IP address given would be added to the URL and signed with the rest. On the server side the Azure Blob Storage would only grant access if the timeframe and IP address matches.

              177 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
              • Storage accounts on VNET or Disable key options

                Allow storage accounts to be configured so that they can have external access disabled and be accessible only through a VNET. I would like to have a checkbox option that disabled all external access to the blob instead of just relying on keeping storage keys hidden. Even through keys can be rotated, they still always exist and could be used to gain unauthorized access.

                This would be useful for storage accounts that only contain VHD's and never need the possibility of them being accessed externally. This would be one more layer of safety, as well as easier to audit /…

                171 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  5 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

                  Thank you for your feedback. This ask is now completed. Azure storage provides a layered security model allowing you to secure your storage accounts to a specific set of allowed networks. When network rules are configured, only applications from allowed networks can access a storage account. See the following document for more details: https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security?toc=%2fazure%2fstorage%2fblobs%2ftoc.json.

                  For any further questions, or to discuss your specific scenario, send us an email at azurestoragefeedback@microsoft.com.

                • Make StorageClient library more unit test friendly

                  Currently, a developer has to jump through hoops to unit test code written against the StorageClient library. There is no official guidance for unit testing your apps, and after looking around for what others were doing I settled on creating custom interfaces and objects that wrap the library like the guys did with: http://cloudstorageapi.codeplex.com/.

                  How about making official interfaces for the library and providing us with an testing-oriented in-memory implementation that we can use to immediatly begin unit testing our apps without any hassle.

                  120 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    7 comments  ·  Client Libraries  ·  Flag idea as inappropriate…  ·  Admin →
                  • Allow FIPS compliant Content Validation/Payload checking, e.g. not MD5

                    The WindowsAzure.Storage library uses an MD5 hash for content validation during uploads. MD5 is not a FIPS compliant algorithm, so attempting to upload when you have the "Enforce FIPS" registry setting enabled causes an exception to be thrown. Disabling the FIPS setting, or disabling all Content Validation are not viable workarounds.

                    The library should allow an alternative hashing algorithm.

                    113 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      1 comment  ·  Client Libraries  ·  Flag idea as inappropriate…  ·  Admin →

                      We already have an implementation of MD5 that is allowed when FIPS compliance is enabled. This is appropriate when you are aware that MD5 should not be used for cryptographic operations but you still would like to leverage the additional integrity check provided by Azure Storage’s MD5 support. To switch to this implementation, set the following static property.

                      CloudStorageAccount.UseV1MD5 = false;

                      Let us know if this does not address this request.

                    • Provisioned IOPS

                      Please can Microsoft add the capability to request "provisioned IOPS" for storage e.g. the same feature that Amazon Web Services offers. Without the 500IOPs per disk and max of 16 data disks is a real limitation for large scale production workloads.

                      107 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        1 comment  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
                      • Provide alternatives to Atom for Azure Storage data format

                        Atom is very verbose when fetching data, especially for Azure Tables. Please allow additional lightweight formats such as JSON and POX (plain old XML).

                        105 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          9 comments  ·  Tables  ·  Flag idea as inappropriate…  ·  Admin →
                        • Add ability to tag storage accounts, blobs, tables, etc

                          You can currently tag Web Sites and SQL servers, but I want to be able to tag my storage account entities as well, so I can see all associated services for a particular project.

                          95 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

                            Thank you for your feedback. Currently you can tag storage accounts using Azure Resource Manager: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags. If your ask is to be able to tag the specific storage services (Blob, File, Table, Queue), blob containers, or storage resources, please open a new ask with more detail. To discuss your specific scenario you can send us an email at azurestoragefeedback@microsoft.com.

                          • Option to upload page blobs (vhd) directly form Visual Studio using azure sdk

                            Is not good enough to have touse PowerShell for single VHD files because the visual studio UI does not have option to indicate that the file that you are uploading is a VHD (Page blob). I understand the power of PowerShell when you try to use repetitive task and you want the same outcome but should be a balance and allow single tasks to be able to be performed using a user interface.

                            87 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Storage Explorer  ·  Flag idea as inappropriate…  ·  Admin →
                            • 86 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                5 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →

                                Thanks for your feedback. Check out the recently announced Blob Storage events along with Event Grid: docs.microsoft.com/en-us/azure/storage/blob… You can use event grid to connect these events to Azure Functions. This tutorial provides a detailed example: docs.microsoft.com/en-us/azure/event-grid/r… For any further questions, or to discuss your specific scenario, send us an email at azurestoragefeedback@microsoft.com.

                              • Add an Upsert command in Azure tables

                                It is quite typical in data warehousing scenarios to have to insert a row if it doesn't exist, and update it if it does ("Upsert").
                                In the current version, if you want to do that for a batch of 100 entities, you have to retrieve the entity first, so you know wether to update it or insert it. And since there is no way of retrieving a batch of 100 entities when you know their Partition Key/Row Key, you pretty much have to do 1 request for every single entity, costing you 100 transactions before you are able to do…

                                77 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  8 comments  ·  Tables  ·  Flag idea as inappropriate…  ·  Admin →
                                • Access *.file.core.windows.net outside Azure Datacenter

                                  According to the http://blogs.msdn.com/b/windowsazurestorage/archive/2014/05/12/introducing-microsoft-azure-file-service.aspx blog post, the file storage can only be accessed from a VM/Worker/Web role from within a datacenter in the same region. It would be really nice if we could use it for on-premises workloads also.

                                  75 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    5 comments  ·  Files  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Azure Files on a Virtual Network

                                    It should be possible to place an Azure Files drive on a private Virtual Network and secure it to be only available via the Virtual Network using a private IP address. Now, anyone with the key can access it from any VM on any subscription. Enterprises typically want tighter security and be able to only allow access from within their own environments.

                                    60 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      2 comments  ·  Files  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Make javascript library for Blobs and Tables

                                      It would only require one server side call to obtain SAS(Shared Access Signatures) to get access.

                                      The library could also support parallel uploading for fast uploads!

                                      57 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        4 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Use JSON for Azure Table internally and across the wire.

                                        JSON is a pretty efficient format when compared to the current XML blob.

                                        I'd like to use JSON for all my across the wire transfers and also only be billed for the smaller JSON overhead for archived data.

                                        56 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          4 comments  ·  Tables  ·  Flag idea as inappropriate…  ·  Admin →
                                        • 53 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            4 comments  ·  Blobs  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 6 7
                                          • Don't see your idea?

                                          Feedback and Knowledge Base