Azure Resource Manager

How can we improve the Azure Resource Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Allow the value of 'Latest' when deploying VM Extensions

    At the moment when deploying extensions such as the DSC or custom scripting extension through PowerShell or ARM templates a version value is required to be hard-coded, this has the effect of being very out of date in all official online documentation, and generally means that people will be missing out on the latest improvements in the extensions.

    Providing an easy way of getting the latest version such as the method used when selecting operating system images (version = latest) would simplify scripting while also maintaining flexibility and improving take-up of the latest features / bugfixes.

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
    • Add parameter -STATUS for "AddAzureRMMetricAlertRule" commandlet in order to allow administrators to DISABLE/ENABLE alert rules azure via PS

      I am looking for a way to script the alert rule management in azure but cannot find a way to disable all alert rules for a specific resource group via powershell.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • Support cross product as a function in the ARM language

        cross(arg1, arg2) where arg1 and arg2 are strings or arrays-of-strings would produce the concatenation of all items in arg1 with all items in arg2. For example. In a load balancer template, I might want to deploy a number of NAT rules, which I might need to return a list of IDs for so they could be used by NIC resources.

        "variables": {
        "NAT-RulePrefix": "SSH",
        "NAT-FrontendPorts": "[range(50000,50002)]",
        "NAT-RuleNames": "[cross(variables('NAT-RulePrefix'), variables('NAT-FrontendPorts')]"
        }

        After evaluation, NAT-RuleNames would be "SSH50000", "SSH50001", "SSH50002"

        3 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
        • Regarding Azure Managed Applications...

          I’ve been reading the info about Azure Managed Applications.

          As a long time ISV partner, I find the offering interesting as this is something we have been proposing to our prospects and clients for the past few years. The difference being, we have suggested our clients receive invoicing for infrastructure servicing and application licensing directly through us as this Managed Applications model did not exist at the time. Of course, we also offer the suggestion (if the prospect/client has the capability) for them to own the infrastructure and let us simply manage the application within it.

          For over 30 years…

          3 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Create a way for EventGrid to utilize ARM template for Subscription Level Event Supscription

            Currently ARM template's are able to be made for Event Grid which works for deployment from automation tools (i.e. VSTS release).

            It would be of benefit if we can make a deployment ARM template that would allow for EventGrid subscription level subscriptions.

            This would allow for consistent release process as other Azure Resource Deployment.

            3 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • Sign instance metadata services

              Current instance metadata services respond to an unauthenticated API call with an unsigned JSON reply.
              As an ISV I need to be sure that my software is running againsta known customer - and I can correlate their subscription ID available from instance metadata against our customer list.

              Currently it is possible to spoof the JSON response to an instance metadata query quite easily, and there is no way I can ensure that the response is genuine.

              AWS provides a signed metadat document which contains the full metadata for the instance in a signed JSON document - this can be checked…

              3 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • ARM templates ability to remove assets

                As an engineer, I would like to manage azure infrastructure in the an automation fashion. For that I need ARM templates to be able remove assets when they are removed from the ARM template or at least flagged to delete. Plus, I would all services on azure to be support in ARM. example, Active directory application keys are not supported in arm.

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                • Move or give option for ARM templates based on YAML instead of JSON

                  As an engineer, I would like to build azure infrastructure through ARM templates using YAML language instead of JSON. It will make templates easier to use and much simpler.

                  4 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • Multiple VMExtensions CustomScriptExtension or CommandsToExecute

                    Instead of trying to put everything into one CommandToExecute it would be nice to be able to have multiple extensions or even ability to have multple commandsToExecute.

                    "Multiple VMExtensions per handler not supported for OS type 'Windows'. VMExtension 'CustomScriptExtension' with handler 'Microsoft.Compute.CustomScriptExtension' already added or specified in input."

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                    • No parity between Function App and Web app app-settings when using incremental mode

                      Given you have a Web App and a Function App in one ARM script that has been deployed in incremental mode.

                      When the script is ran the new Web App app-settings are MERGED with the existing Web App app-settings (which is what i would expect when running in incremental mode). However, the Function App app-settings are REPLACED, and any old settings no longer exist.

                      Please fix this so that Function App app-settings copy the same behaviour as web Apps

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Azure Templates from Azure Portal, specify password securely eg. from Key Vault

                        I'm trying to built a Custom Template for "self service" deployment of VMs in specific sizes and joined to a Domain.
                        The password for the JoinDomain account (same for the local admin account) currently needs to be inputted either directly in the json template as cleantext or inputted by the user who deploys the VM.

                        I can't see any way to use Key Vault or Secure passwords in templates in the Azure Templates node.

                        This can be done with powershell or with a Parameters.json if the template is being deployed outside of Azure Templates.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • Allow the input of tags during resource creation

                          We have policies that enforce tagName and tagValue. However because there is no facility to create/add tags during the creation of any resource in the ARM portal, it is just counter productive unless the person is well versed in creating resources via PowerShell where tags can be set during deployment of resources.

                          I understand people should be deploying from code most of the time anyway but if we can reinforce the habit of tagging even through the portal, it will go a long way to cultivating that mindset in the future.

                          4 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Unlock VMs Prior to Initiating Backups via Recovery Services Vault Job

                            If you lock a resource group containing VMs as ReadOnly, VMs in that resource group will fail to backup because they are locked.

                            Please provide an option to bypass ReadOnly locks for recovery services backup jobs.

                            17 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              3 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • Enable Cloud Scripts as part of ARM Templates

                              Add the ability to run a Custom Script as part of the ARM Template (similar to what is available for VMs but this suggestion is in the context of the “subscription” you deploy to).
                              The “Script Resource” could be described something like this

                              {
                              "name": "postDeploymentScript",
                              "type": "Microsoft.CloudShell/script",
                              "apiVersion": "2017-08-26",
                              "tags": {
                              "displayName": "Post Deployment Script"
                              },
                              "dependsOn": [
                              "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDBAccountName'))]"
                              ],
                              "properties":{
                              "scriptType": "bash",
                              "scriptUrl": "https://raw.githubusercontent.com/krist00fer/nether/master/setup.sh",
                              "scriptParameters": [
                              {
                              "name": "cosmosDbEndpoint",
                              "value": "[reference(concat('Microsoft.DocumentDB/databaseAccounts/', parameters('cosmosDBAccountName'))).documentEndpoint]"
                              },
                              {
                              "name": "cosmosDbKey",
                              "value": "[listKeys(resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDBAccountName')), '2015-04-08').primaryMasterKey]"
                              }
                              ]
                              }
                              }

                              This is just an example of how it could look when…

                              25 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                              • In the Custom Script Extension for Windows, provide an option to supress the auto-escaping of double quotes in the command line

                                I'm trying to pass a command line where one of the parameters may contain quotes or spaces. The extension automatically replaces all double quote characters with backslash-double quote. However (a) that prevents me from ever wrapping the entire parameter in double quotes (so I can't pass params that contain spaces) and (b) its arguably broken anyway (since it should replace it with \^" rather than just \". (For rationale, see https://stackoverflow.com/a/31413730 )

                                So, could you add an optional parameter to the extension, that allows us to turn the current quote replacement behavior on and off? Turning it off would allow…

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Ability to deploy resources in more than one subscription at a time

                                  Currently it's possible to deploy resources in more than one resource group, https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-cross-resource-group-deployment. But in my experience, in enterprise customers, it would be useful to have the ability to deploy resources in more than one subscription at a time through a single command. Examples: deploy vnets to different subscriptions, plus their vnet peerings, deploy same app topology for its different environments to respective dev, test and prod subscriptions, etc.

                                  3 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Managed Application creation from definition not working

                                    Over the weekend the templates for the managed application deployment were changed, with now only two ARM templates needed for the deployment. The template that was previously called "MainTemplate.json" was removed, and this part of the process was automated. I think that Microsoft.Solutions/appliancedefinitions was moved to Microsoft.Solutions/applicationdefinitions, as getting the deployment working again involved updating the CLI so that the automated part of the deployment used the right location.

                                    However, I think that something hasn't been updated in the portal, because when you try to create a managed application from a service catalog definition, the existing definitions can't be found.

                                    4 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                    • ARM Template IF function should not evaluate both TRUE and FALSE during processing

                                      The ARM IF function (https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-functions-logical#if) is incredibly useful for templates, but evaluates both sides of the result (True and false) which causes lots of issues.

                                      See:
                                      * https://stackoverflow.com/questions/45979991/arm-template-conditional-output-parameters
                                      * https://stackoverflow.com/questions/45923848/can-i-have-an-arm-template-resource-with-a-copy-array-of-0-to-n

                                      A very simple example of this is in this template:

                                      {
                                      "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
                                      "contentVersion": "1.0.0.0",
                                      "parameters": {},
                                      "variables": {
                                      "AVSRootName": "AVSRoot"
                                      },
                                      "resources": [
                                      {
                                      "name": "[if(bool('true'), concat(variables('AVSRootName'),div(10, 2)),concat(variables('AVSRootName'),div(10, 0)))]",
                                      "type": "Microsoft.Compute/availabilitySets",
                                      "location": "[resourceGroup().location]",
                                      "apiVersion": "2015-06-15",
                                      "dependsOn": [],
                                      "tags": {
                                      "displayName": "AVS"
                                      },
                                      "properties": {
                                      "platformUpdateDomainCount": 1,
                                      "platformFaultDomainCount": 1
                                      }
                                      }
                                      ]
                                      }

                                      Which will always throw this error:

                                      Validation returned the following errors:
                                      : Deployment…

                                      11 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • [Feedback] - Azure Templates Improvement Suggestions

                                        Been using the Azure Templates (Preview) for a while and just wanted highlight a few improvement suggestions.

                                        1.) An ability to import an ARM template JSON file from local desktop into Azure Templates

                                        2.) An ability to connect or link the Azure Templates to GitHub, Bitbucket or (on-premise) GitLab repository and list those remote ARM templates within the Azure Templates blade

                                        3.) An ability to either deny adding the template based on after concat the template name with username prefix to determine if the length has breach the template name characters limit or increase the maximum length limit for deployment…

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Alphabetical sorting of the directory list dropdown

                                          I would love it if the dropdown list of directories at the top of Azure Resource Manager was an ordered list.
                                          We have approximately 30 directories that are named with sortable names, yet in this list they are all mixed.

                                          12 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 12 13
                                          • Don't see your idea?

                                          Azure Resource Manager

                                          Feedback and Knowledge Base