Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Storage

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow SASKey generation without revealing storage keys

    I would like to be able to allow authorized users to generate SAS keys but not see (list) the storage account primary (master) keys. If someone is in possession of a master key, you cannot stop data exfiltration (until you become aware and change the keys). As least with an SAS key, the act of creating it can be detected (e.g., if they create an SAS token without a proper IP address restriction, etc.). Furthermore, the act of creating an SAS key is logged in the Azure Activity log.

    So I would like to suggest defining a new RBAC action…

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  2. Email Notifications of Storage/Capacity

    have email notifications of storage limit or service capacities. Recently ran out of space w/ no warning...

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  3. Filter and sort files/blobs easily

    Enable filtering of files/blobs by their type rather than only their name, and enable ordering list per date of modification or file size.
    Right now it's a bit cumbersome to use when we're debugging.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add Alerts for Storage Account Usage

    Add alerts for storage account usage, user should be able to set an alert for say 500GB usage.

    Thanks

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  5. Immutable storage cannot be unlocked

    Function: Immutable storage

    Issue: Customer can easily lock his resources in storage accounts, but he cannot unlock them by himself when the lock is no longer needed.

    Ref document: https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage#faq

    Recommend: Provide an "unlock" button to customer.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  6. Support disabling "account key" based authentication to an Azure Storage Account

    Authenticating to a storage account using an AD principal is a greatly improved method of authentication, however since account key based authentication is always enabled there remains a critical security threat vector if since a key was compromised or inadvertently disclosed.

    It would be great if it was possible to entirely disable or block account key authentication for a storage account, or even to disable account key authentication for individual services (blob,queue,table).

    Taking the idea further would also allow for granular control of which containers/queues/tables would allow access key authentication.

    This would be an explicit choose by the user and…

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add Microsoft.Web (App Service & Functions) to Resource instance Option List

    In the Resource Instance Rules feature introduced on below news release, we'd like Microsoft.Web to be added.

    https://azure.microsoft.com/ja-jp/updates/storage-resource-instance-rules-preview/

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  8. User assigned identity in storage account (ARM template for custom key SSE)

    We are trying to define ARM template for storage accounts using custom key for SSE. Such definition is required for Azure Blueprints.

    Currently the only way to enable custom key for SSE is 3 step process: 1-Create SystemAssigned identity in storage account, 2-Update Keyvault access policies for that identity, 3-Update storage encryption settings.

    If we can get User (customer) assigned identity into storage account for accessing Keyvault, then we can pre-prepare / isolate step 1 and 2. Then we can have ARM template definition with custom key for SSE defined for a new storage account as a single step (3).

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  9. Remove custom domain from storage account

    Classic storage accounts enable a custom domain to be associated. But it does not allow removal?

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow sas with spesific content-type

    I would like to have sas which only able to read only file with .jpg,.js,.css for example

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automate domain replacement in Azure Storage Explorer link generator

    Azure Storage Explorer comes with a default URL generator for all files - http(s)://<storage account>.blob.core.windows.net/<container>/<file name>.

    The application also allows you to bind a custom URL to the service that takes the place of the "<storage account>.blob.core.windows.net/" section of the URL, making it http(s)://<custom domain>/<container>/<file name>.

    It would be super helpful to be able to be able to update the settings to indicate a custom domain is being used so that the "Copy URL" function replaced the root domain for you.

    Currently the advice received from MS is to manually replace the indicated URL segment manually, every time Storage Explorer…

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support custom domains for ADLS Gen2

    Custom domains for ADLS (Azure Data Lake Storage) Gen2 are not yet supported.
    Could you please tell me when custom domains for ADLS Gen2 are supported?
    Could you please support the feature?

    https://docs.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-supported-blob-storage-features

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  13. Firewall rule that can accept connections from VNET on the other AAD tenant

    Currently Storage firewall have a limitation, that source VNET must be in the same AAD tenant.
    https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security?toc=%2fazure%2fvirtual-network%2ftoc.json#required-permissions

    It would be nice if cross tenant connection is enabled. It is quite useful to protect storage data by VNET basis and at the same time can accept connection from other partner companies who want to work on the specific storage account.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  14. Market Share

    Either charge for Data Transactions or total storage usage.... you're already charging for Active Time, this might deter Larger companies.
    People might start thinking that they are double charged and it gets out of hand.

    Microsoft might want to make money but i think it should focus more on the market share first.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  15. Search for container or files based on a date or date range

    I would like to search for blobs (container or file) by single date or date range using either Microsoft Azure Storage Explorer on my desktop or portal. This will allow me to delete or review items without having to know the name of the container or the file.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  16. 4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  17. Relax Storage account name rules for improved readability

    Why can Azure storage account name be only up to 24 characters and cannot contain anything besides numbers and lowercase characters? Most Azure services allow at least "-" character, but Storage and Kusto are notable exceptions.

    I love to have an incident at 3 am and figure out if it is prodscr1weuncasrlt or prodscr1neuncasrlt, vs prod-scr1-weu-cas-rlt.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  18. Increase storage account create calls per subscription limit

    “RDFE throttles the storage account creation; the default throttling limit is 20 per subscription per hour "

    Most of our automation creates storage account on the fly and they fails with following reasons

    "The maximum number storage account creations calls allowed for a subscription in an hour has been exceeded. Please try again after some time."

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  19. Improving the indexed partitioning criteria for handling storage accounts with same naming conventions

    As described in detail here: https://azure.microsoft.com/en-us/documentation/articles/storage-performance-checklist/#subheading47 , Azure handles indexed partitioning with an index with aphabetical criteria, so storage accounts starting with A-H will go into one partition, H’-R will go into a different partition and last R’-Z will go into another different partition too.
    We discovered that this could affect High Availability of VMs if you take care of putting them into Availability Set and use different storage accounts for their virtual disks, but same naming convention for accounts. In this case, if a fail happens on a given partition for example during an internal maintenance task or storage…

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  20. Create an Azure Instance type with NVDIMM memories for high speed Storage Cache

    An NVDIMM (https://en.wikipedia.org/wiki/NVDIMM) is a type of memory used by Storage vendors as local cache, to accelerate High Performance Computing, Deep Learning, Deep Analytics, Simulations, and other storage-and-compute-intensive applications.

    Currently no cloud vendor supports instances with NVDIMMs, and Azure could break new ground here. We already have GPU's, FPGA's and other specialized hardware on our instances.

    NVDIMM would enable certain ISVs who cater for the HPC, Deep Learning, Simulation, and Deep Analytics crowd, and enable them to provide innovative solutions that today only exist in Private Cloud on on-premises applications.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base