Named network sets (avoid repeated network rules in every Azure service)
Both SQL Server and Storage now support firewall for inbound requests, where I can inform authorized IP addresses or virtual networks that have access. It is expected that other Azure services will follow that (Key Vault? Data Lake?).
The problem is that if I have a subset of services that use same firewall rules, I have to repeat these rules over and over.
The suggestion is that Azure Network allows definition of a named network set, or simply named network definition, and then in each service I simply inform that name, instead of repeating the rules again,
This way if I change the network set (by adding or removing authorized networks), I don't have to go over each service repeat the modification.
Thanks for the feedback, we are evaluating multiple options to implement service policies for azure service.
Today we support Service Tags to control traffic to PaaS services on azure like Storage and Sql.