Azure Resource Manager

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Automatically delete old deployments as DeploymentQuotaExceeded error occurs

    We are often hitting the DeploymentQuotaExceeded error, exceeding the quota of 800 deployments. This happens because old deployments are never deleted, no matter how old they are. We would like to request as a feature a rolling behavior where, as the quota is reached, the oldest deployment is automatically deleted.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  2. Application Gateway configuration operations are extremely slow

    I know there is already a post on this, but as it has apparently been resolved (it has not) it seems to be being overlooked.

    https://feedback.azure.com/forums/281804-azure-resource-manager/suggestions/19119910-application-gateway-management-operations-are-agon

    When configuring any resources within the Application Gateway, everything takes such a long time, 5-10+ minutes is not uncommon to add a listener or a rule.

    I have also found that you have to wait for the last request to complete before starting to add any other gateway feature as if you do not it is likely to error the original request.

    Please can you look into this, as it is unbelievably time consuming.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  3. Add DateTime calculation Capabilities with utcnow() in ARM Templates

    Having the possibility to generate SAS Tokens using listaccountsas() is a great step forward in arm template functions as it enables us to generate tokens to make use of linked templates residing on protected storage. However, we still have to provide a static value for token expiration to make use of that function.
    Being able to use datetime calculation functions together with utcnow() would enable us to close a gap and generate SAS tokens dynamically.

    A possible scenario could look like:

    addhours(parameters(utcnow(),1))

    and provide the result as expiration time inside the listaccountsas() function

    28 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  4. Increase Keyvault Reference Limit in Parameters from 29 to 60+

    As of right now, the communicated limit for keyvault references in a parameters file is "30", but is actually in practice 29 (appears to be a bug?).

    This limitation is quite low for mature systems. Take, for example, the following potential data points:

    - Multiple SQL ids/passwords, storage account keys, AI instrumentation, Redis cache credentials, etc. for connection strings
    - App to app communication creds/API keys
    - Programmatically created dynamically named/numbered resources
    - References to signing keys for different purposes

    Many of the clients I work with are struggling with this issue, which seems easily fixable by increasing the limit…

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog. Since this request came out of an escalation, I’ve engaged the feature owner to take a look and suggest next best step to validate and resolve the reported bug.

  5. Specify CostCenter when creating Subscription from API

    It would be realy helpfull If I could specify the costcenter during the creating of a subscription.

    Currently there is no way to do this when creating an subscription
    https://docs.microsoft.com/en-us/azure/azure-resource-manager/programmatically-create-subscription?tabs=rest

    Without this i have to sign in to the EA Portal and specify the cost center manually

    26 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  6. Delete resource with ARM template

    With delivery pipeline it is often needed to create and drop resources for the environments.
    Currently resource manager does not support deprovision deployment mode.
    It means that there is no way to delete exact resources which are specified within the template and were deployed during environment creation.
    Unfortunately Delete Resource Group is not an option because often resources are deployed in different resource groups.
    Actually Delete is part of Complete mode deployment, could you please just make it separate.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  7. Show Azure Storage <StaticWebsite> setting when query in Azure Resource Graph

    It's not possible to query Storage <StaticWebsite> setting in Azure Resource Graph to see which accounts have this feature enabled or not. I understand ARG is based on ARM properties returned by management API, and it seems the ARM response for storage account does not have this data-plane property.
    However I think it should be included in the response as it's a general property for StorageV2 accounts. It's not convenient for users and we need to get this info from Storage API - https://docs.microsoft.com/en-us/rest/api/storageservices/get-blob-service-properties)

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. The REST api for 'Policy States - List Query Results For Management Group' is taking more time to show the correct compliance status

    Currently when we are assigning a policy with a not scope field, The REST api for 'Policy States - List Query Results For Management Group', shows incorrect compliance status for resources which are included in the not scope field. As this is a design limitation, which sometimes takes a while for a change like exclusions to take effect.

    It would be really great if we can prioritize this issue.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Creation/updation of Metric alert on Application Insights's Custom metric through ARM should be allowed even if there is no data emitted.

    As of today, if there is no data emitted in the past 24 hours for a custom metric at app insights, ARM does not allow to create or update a metric alert and shows "metric name not found" Error.

    To create/update an alert we have to wait for the data logging/emitting which does not make sense. It leaves us to perform two ARM deployment while it can be achieved in a single one.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for bringing this to our attention. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  10. Create a "Tag Administrator" role

    As a person responsible for maintaining tags on resources, I need a "Tag Administrator" role which allows me to create, modify, and delete tags WITHOUT allowing me to make other configuration changes to the associated resource.

    I had hoped that the "Microsoft.Resources/tags/*" RBAC action would allow the setting of tags on any resource but sadly it does not -- perhaps it could? Otherwise, a ".../tags/write" action will be needed on each resource that supports tags.

    In order to edit tags at present, I basically have to be granted "Contributor" access to the resource, which is not ideal and does not…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  11. Make it easy to hide/filter events in Activity Log

    It would be much easier to find important events if I could hide certain event types not just on severity.

    For example 'Microsoft Azure Policy Insights' is spamming resources with warning events every few minutes and the only way to hide is by deselecting "Warning" severity, which potentially hides important information.

    If could deselect by operation names, for example "Audit", life would be much better :)

    An alternative approach would be to bundle all events of the same type and list as 1 entry that you can expand/collapse.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  12. Support ARM Template Deployments on Management Group Scope

    Azure Resources can be deployed on subscription or resource group level, but not on management group level.
    My particular use case is the deployment of Policy Definitions & Assignments using ARM Templates. While the deployment succeeds, it's not possible to define a management group as the deployment scope. As a result, the policy definition has the subscription assigned as scope and cannot be assigned on a management group level.
    The API version 2018-05-01 supports the argument "managementGroupId". https://docs.microsoft.com/en-us/rest/api/resources/policydefinitions/createorupdateatmanagementgroup

    24 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Introduce function to check whether a resource exists

    Currently, the reference() function throws an error at runtime when the resource doesn't exist. I'd like to either have this result a null object instead, or alternatively I'd like a new function such as "exists(resourceName or resourceIdentifier)" returning a boolean. The function should be useable in a "condition" statement.

    I'd like to use this function to work around scenarios where some Azure resources are dependent on each other to be deployed.

    Example: use an ARM template to create a Front Door with a custom domain and an Azure DNS alias record pointing to the Front Door.

    Currently, this is not…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for bringing this to our attention. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. More informative error response code for Azure REST API

    We are using Azure Resource Manager to automate the creation of Azure Subscription, assign some user after the creation, deploy some resource to the Subscription, etc.

    The issue is, sometimes the API response returned is not very informative and often misleading. For example, directly after creating the Subscription using ARM, if we try to assign a user to the Subscription using ARM, sometimes the API would return 403 response. Is it a permission problem with our client? No, after we add some logic to retry the API call whenever the response returned 403, eventually the API would return 200 response.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  15. Support linked ARM templates on private vnets

    In short, I'd like to be able to use BLOB storage on private vnets, and allow access to that storage when deploying with ARM templates. It shouldn't be necessary to open the BLOB storage up to public access (even if protected by SAS tokens) just to use the storage account during ARM deployment.

    My preferred solution is to either have the ARM deploy servers included in the "trusted Microsoft services" that I've granted access to the storage account; or add another checkbox (similar to keyvault) granting network access to the storage account when accessed during deployment.

    For example, I should…

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  16. YAML/YML support for ARM

    Can we have YAML support for ARM just like AWS cloudformation

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for bringing this to our attention. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  17. ARM template parameter validation

    It should be possible to validate and restrict ARM template parameters using a regex.

    This would greatly reduce the change for parameter value errors causing a template deployment to fail.

    This would also make ARM templates a more competitive alternative to AZ CLI and Azure PowerShell.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature

  18. Certificate Manager on Azure like AWS Certificate Manager

    AWS has a Certificate Manager service that can easily provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services.

    https://aws.amazon.com/certificate-manager/

    It would be great if Azure can provide similar service so that customers don't have to buy and bring their own ssl certificates when using Azure services.

    I am aware that Azure CDN supports custom domains and it can automatically provision a custom ssl certificate for that domain for free. But you can't do similar things on Application Gateway, or Azure Web Apps, etc.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Assign resources in ARM templates a simple unique reference ID

    The dependsOn array (for example) uses a horrible syntax to refer to resources within the same ARM template. I don't know why since they're all objects in the same "memory space" so when the template is run, they could have simple IDs and a simple way to refer to them.

    Imagine if we were able to assign our own GUID or other unique surrogate ID to each resource, it could be used to refer to resources in the same template without the nightmare addressing syntax you have.

    The deployment manager can maintain a memory structure containing the ID and the…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  20. Deploy-AzureResourceGroup.ps1 relies on outdated AzureRM module instead of new AZ module

    Azure Resource Group Visual Studio template generates Deploy-AzureResourceGroup.ps1 that relies on outdated PowerShell module - AzureRM. New module named AZ should be used.
    Also, this script doesn't contain a #Requires -Modules instruction for non default modules, which leads to errors in the middle of script execution for those, who already migrated to AZ module.

    https://docs.microsoft.com/en-us/powershell/azure/new-azureps-module-az?view=azps-2.4.0#continued-support-for-azurerm
    "The existing AzureRM module will no longer receive new cmdlets or features."

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for bringing this to our attention. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

← Previous 1 3 4 5 21 22
  • Don't see your idea?

Azure Resource Manager

Categories

Feedback and Knowledge Base