Azure Resource Manager

How can we improve the Azure Resource Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. currently the Role Assignments - List API does not return the roleDefinitionName and it will be helpful if it returns so

    currently the Role Assignments - List API does not return the roleDefinitionName and it will be helpful if it returns so as it is very crucial for testing and validating roles assigned using the API.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
    • Provide policies against ARM templates

      It would be nice if I could apply a subscription or resource group wide policy to require that certain arbitrary ARM settings be enabled or configured a certain way.

      One thing that comes to mind is to require the SQL Server AD Admin account be consistently set on all Azure SQL databases across the subscription.

      This policy would sort of overlay on top of any resources you published or created, override values, or otherwise restrict what you could do.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • Add parameter -STATUS for "AddAzureRMMetricAlertRule" commandlet in order to allow administrators to DISABLE/ENABLE alert rules azure via PS

        I am looking for a way to script the alert rule management in azure but cannot find a way to disable all alert rules for a specific resource group via powershell.

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
        • Support cross product as a function in the ARM language

          cross(arg1, arg2) where arg1 and arg2 are strings or arrays-of-strings would produce the concatenation of all items in arg1 with all items in arg2. For example. In a load balancer template, I might want to deploy a number of NAT rules, which I might need to return a list of IDs for so they could be used by NIC resources.

          "variables": {
          "NAT-RulePrefix": "SSH",
          "NAT-FrontendPorts": "[range(50000,50002)]",
          "NAT-RuleNames": "[cross(variables('NAT-RulePrefix'), variables('NAT-FrontendPorts')]"
          }

          After evaluation, NAT-RuleNames would be "SSH50000", "SSH50001", "SSH50002"

          3 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • ARM templates ability to remove assets

            As an engineer, I would like to manage azure infrastructure in the an automation fashion. For that I need ARM templates to be able remove assets when they are removed from the ARM template or at least flagged to delete. Plus, I would all services on azure to be support in ARM. example, Active directory application keys are not supported in arm.

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • Add hash table parameter support for all AzureRM PowerShell commands

              Using a hash table looks much cleaner and can be easier to read than using long single line commands or use the back tick to wrap them. It seems sporadically supported but it seems you can never tell which command until you run it.

              3 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • Disallow invalid address prefixes in NSG rules in ARM portal

                The ARM portal curently allows invalid address prefixes (e.g., 10.92.0.14/3) in NSG rules. The powershell cmdlet Set-AzureRmNetworkSecurityGroup does not. This is problematic for scripts which read in existing NSG rules, make a single valid modification, and then attempt to write the rules back out. It fails because the ARM portal allowed a bad entry.

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                • Regarding fields in Azure Activity Log

                  It would be great if you can add couple of more fields in the activity log , old and new values. For example if someone is updating an alert defnition Azure is logging the event but not capturing the old and new values of the updated alert definition

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • export only specific resources

                    Now we can not select specific resources to export as a template and all the resources in the resource group are exported as a template.
                    I'd like to export only some specific resources as a template.

                    I think this idea is on the way to release in the future because it is written in
                    following URL but I'd like to use this feature as soon as possible.

                    https://docs.microsoft.com/en-us/rest/api/resources/resourcegroups#ResourceGroups_ExportTemplate

                    4 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                    • Implement the ability to clear the "Activity Log"

                      We have been testing azure for a little while and will soon move it into production. In our case we desire the activity log be purged/cleared. However no such option is available from the Azure web console.

                      1 vote
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Could not delete Azure recovery services vault

                        Wondering if anyone could help. Had been searching for solution but still could not find a good source.

                        I'm not able to delete Azure recovery services vault. It keep prompting that there is existing resources.

                        I check on the setting that it mention, replicated items, registered server etc, and could not find any.

                        I even try to do a remove-azurermresourcegroup -force. Still not success.

                        Wondering if there is a method? Saw many facing the same issue as me, but none of the recommended solution works. I face the same error when using powershell.

                        Hope there is a solution. =) Thank…

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • Inconsistent case of the resourceId and resourceGroupName in Activitylog webhook payload

                          When use the webhook notification with the Azure ActivityLog, I found that there is inconsistent case of the resourceId and resourceGroupName sent from the ActivityLog administrative events (payload).
                          Eg: the real VM resource: named UbuntuTestVM with the resource group UbuntuTest.
                          The resourceId and resourceGroupName of one of the activityLog event is:
                          "resourceId": "/subscriptions/eda89037-7150-4678-a831-8e2ff85a579f/resourceGroups/ubuntutest/providers/Microsoft.Compute/virtualMachines/ubuntutestvm",
                          "resourceGroupName": "ubuntutest"

                          The operationName is the same. Looks like a defect to me, could be when there is different channel to operate an action (eg: stop an VM), some channel decide to use the original name and some decide to change it to lower case.

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                          • Add sharedPublicIpAddressPermission enum property to Microsoft.DevTestLab/labs/virtualnetworks Azure template

                            "Enable shared public IP" is a configurable field for the VNet Lab Subnet but isn't accessible as a property value from Azure Template for Microsoft.DevTestLab/labs/virtualnetworks. It would be great to add sharedPublicIpAddressPermission property similar to useInVmCreationPermission and usePublicIpAddressPermission.

                            Thanks,
                            Vince

                            1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • copyindex() function for nsg inbound rules

                              In ARM templates, we would like to configure NSG inbound rules in parameters file (to avoid hardcoding and to allow easy update of rules to redeploy subsequently).
                              Do allow this, the copyindex function must be added, not available for inbound NSG rules currently.
                              This would also cut down the overhead of managing NSG rules in ARM Templates where there are several rules and several on premise customer IP Address spaces that each rule must apply to.
                              This would be assisted by this other Improvement https://feedback.azure.com/forums/34192--general-feedback/suggestions/18015976-allow-for-multiple-individual-destination-ip-s-to

                              2 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                              • DSC Extension: settings.configurationData.url accept manifest FILE (.psd1)

                                When writing an ARM template to deploy DSC if the configuration requires configuration data, currently a URL to the file has to be passed. It would be helpful to be able to include the psd1 file in the same zip file required by settings.configuration.url, and reference the psd1 file in the same way as settings.configuration.script.

                                As it stands, VSTS deployment tasks have to handle the ZIP file AND a .psd1 file.

                                Reference article: https://blogs.msdn.microsoft.com/powershell/2016/02/26/arm-dsc-extension-settings/

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • fix your template engine. One of the most frustrating experiences in my life.

                                  If you can't allow me to properly export my templates so that, when imported, they work (i.e. populate the settings), then either fix your template engine, or fix you import/export functionality, or abandon it and give us a UI. I have never had so much frustration in trying to give a company $3000+/month. Absurd. Make it easy for me to give you money. A crazy idea, i know.

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Azure ARM object/component/resource relationship infographic

                                    It would be great to have a visual infographic type representation of the relationships between all possible ARM resources/components/assets/types (I guess a schema map of sorts)

                                    Also, details on strategies for large scale naming/grouping of items

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Allow Azure domain name management automation through Powershell scripts (ARM)

                                      You can buy a domain name through Azure Web App Service, Custom domains blade. You can manage domain name parameters (A and CNAME recordsets, etc.) through Custom domains blade as well (Advanced Management).

                                      What's missing is the automation part - the ability to access and manage bought Azure domain names through, say, Powershell scripts. It would allow for great flexibility and automation, blue/green swaps would be a breeze, just switch Azure domain name recordsets to point to another VM in a resource group, etc.

                                      Is it reasonable to expect something that great in the near future?

                                      Thanks.

                                      4 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Allow more dates when selecting delimiter using custom log files

                                        Allow more dates when selecting delimiter using custom log files. For example I have a custom log file with the following timestamp records: 09/05/2017 14:04:44 and none the regex recognize a record

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Allow the Hybrid Use Benefit (HUB) Server templates to be deployed to the Dev/Test Enterprise Subscription

                                          Currently you cannot deploy the HUB server templates to a Dev/Test Enterprise Subscription even if you have Software Assurance. This ends up with us maintaining two different ARM templates across environments and subscriptions. I do not know why this restriction is in place but it would be great if we could simplify things by allowing those templates to be deployed on a Dev/Test Enterprise subscription.

                                          3 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 17 18
                                          • Don't see your idea?

                                          Azure Resource Manager

                                          Feedback and Knowledge Base