Limit what's visible in the portal based on RM policies
Currently, the Azure portal shows all available resources and all available regions. It would be great if we can curate what's visible in the portal based ARM policies. For instance, if I have a policy that limits what regions I can provision my resources into, the portal should only show the allowable resources. Currently, the user won't know there's a restriction until they try to provision something outside of an allowable region. This causes user frustration, confusion, and most importantly, time.
Other use cases:
If I restrict access to only compute, networking, and storage service providers, those should be the only sections available.
If I restrict access to specific images (Windows and CentOS), users should only see those images when they try to provision a VM.
We can do this, if it gets to the top of the list
Scott Hinsley commented
Today, we allow a portal user to click the +New button even if they are blocked by policy from deploying the service. The user isn't aware they are blocked from deploying until they receive an error at the end of a long workflow. Greying out the +New button would better set user expectation, improving customer experience.