Azure Resource Manager
-
Deploy to Azure button should obey Azure Portal last visited directory
The Azure portal has a setting for Sign in to your last visited directory. It appears that when using the Deploy to Azure button (https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deploy-to-azure-button) this last visited directory setting is not followed. This can lead to confusion when you go to deploy and you don't see the Azure subscriptions that you were just looking at in the portal and that you expected to deploy to.
For more information, please see the following GitHub issue: https://github.com/Azure/azure-quickstart-templates/issues/8680.
1 vote -
Remove https://management.azure.com Azure Lighthouse limitation
Currently Azure Lighthouse can only delegate permission on ressources reachabled from https://management.azure.com (Azure Resource Manager).
In case of some Azure products, like Azure Data Factories, with Lighthouse, we canno't fully manage the resource because it can be accross others Azure API, https://adf.azure.com
Could you integrate other dedicated API with Lighthouse to allow a full support of Azure resources ?
Thanks.
2 votes -
Built in functions should enable returning seconds since the epoch
The built in utcNow and dateTimeAdd functions currently can only format to date/time strings using dotnet format strings so can't output seconds since the epoch. This is a problem because the KeyVault secret expiry only accepts seconds since the epoch (https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/vaults/secrets) so there's no way to set this value from a template.
Please add the ability to get seconds since the epoch from date functions. This could be done by overloading the built in "int" function or by adding an additional option to the format string (perhaps detect the new special character and follow a different code path…
1 vote -
Possible to use the same template link relative path twice
Hi !
I face a limitation with my nested template where I need to generate 2 EventHub (with other resources). I put the EH template in a nested one and wanted to use it two times in the main template but I've got this error message :
BadRequestError: TemplateSpecVersionInvalidArtifactPath: The artifact path 'eventhub.nest.json' is not supported. An artifact path should be unique and not contain any expressions.Of course when I try with one call it works perfectly !
At the moment is there a solution to do that in the purpose to reuse an existing nested template ?thx
1 vote -
Automatically update available sub in global subscription filter option
We have a global subscription filter feature which can be used to select frequently one in azure portal. In this scenario, we need to manually select one subscription to see available resources even though cx has owner permission. Actually, sometimes cx will forget this step.
Please consider disable this feature and automatically updated in azure portal if cx already has owner role.
6 votes -
Block peering across tenant
We have a feature to allow VNET peering across different tenants. However some cx need to disable this feature.
Please consider having a check box for cx to choose if they want to enable/ disable this feature. Or other workaround to help block this when they want to.
9 votes -
set email for backup alerts in RecoveryServiceVault via ARM
Need the ability to set the backup alerts on a RecoveryServiceVault via ARM templates.
Currently this is only available via the portal as per https://docs.microsoft.com/en-us/azure/backup/backup-azure-monitoring-built-in-monitor#notification-for-backup-alerts)
2 votes -
Cancel subscriptions using ARM/PowerSehll
I would like to be able to cancel subscriptions using PowerShell
1 vote -
Nested template calling API multiple times
Hi,
I make a call to a function api via nested arm template but it calls api multiple times eventhough it is supposed to be called only once.
I did monitor my API, most of the times it gets called twice but sometimes even more.
Could you please look into it and let me know please?
{"$schema":"https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#","contentVersion":"1.0.0.0","parameters":{},"variables":{"apiVersionDeploy":"2017-05-10","funcionUrl":"http://...","environmentFunctionKey":"xxxx",},"resources":[{"type":"Microsoft.Resources/deployments","apiVersion":"[variables('apiVersionDeploy')]","name":"test","dependsOn":[],"properties":{"templateLink":{"uri":"[concat(variables('funcionUrl'), '?code=', variables('environmentFunctionKey'))]"},"mode":"Incremental"}}],"outputs":{}}
7 votes -
Enabling static website from ARM template
Currently ,it's not possible to enable static website from ARM template .I understand management API for storage account does not have static website data-plane property.
However it's not convenient for users and it should be able to enable static website from ARM template.6 votes -
Unable to list FrontendEndpoints in Front Door instance with many endpoints
Front Door supports up to 500 FrontendEndpoint objects according to the documentation: https://github.com/MicrosoftDocs/azure-docs/blob/master/includes/front-door-limits.md
However, past around 60-70 FrontendEndpoints, the following api request is timing out with a 504 error:
Note: This timeout also occurs with the az cli and Azure PowerShell.
If I delete a couple of endpoints, the api requests will start working again, but as soon as I add them back, this request starts erroring out with 504s again.
Current Workaround: It appears the "full" endpoint continues to work correctly with many FrontEndEndpoints, so it seems you can select the frontendEndpoints object out of this:
2 votes -
appsettings
When deploying a app service with siteConfig in arm template, it always delete all existing app settings. Is there any way to keep existing appsettings?
1 vote -
please update Microsoft.Resources/deploymentScripts documentation on that limitations
Azure AD authentication is not support for the SQL Servers in the Containers right now. It's something that is in development.” please update Microsoft.Resources/deploymentScripts documentation on that limitations , it will help to make crucial decision about architecture.
2 votes -
Azure Deploy Button needs to support template parameters
The Deploy to Azure button is awesome, and the previous version which was Deprecated on 10/1/2020 had support for using a Separate Template Parameters file to populate drop-down boxes in the Azure Deployment Experience.
The new Azure Deploy button does not retrieve parameter values, which makes the vast majority of the
Azure Quickstart Templates
which were painstakingly created no longer function.Here's an example of a Template Parameter file, which were titled azureDeploy.parameters.json.
An ideal fix would either:
A. Look for params next to the template URL and use those to drive the drop-down boxes
B. Provide a second…
1 vote -
Restrict use of spaces in tag names
Currently spaces are allowed in tags. This causes issues with tag governance, as a common occurrence for policy compliance failures is a leading or trailing space in a tag name. Please restrict the use of spaces in tag names, or strip spaces from the input.
19 votes -
Deploy maps in integration account by referencing the map file in the visual studio project
Currently, to automate deployment of an integration account and map i have to insert the text from the map file in the content section of the maps section of the integration account template.
Inserting the map code as text means i have to escape any chars such as double qoutes. this is time consuming and would be much better if the template could simply referr to a map file in the visual studio project.
1 vote -
define and Reference Blueprint Parameters from within ARM templates
A depends on only works within a single arm template and we do not have check resource exists / not exist functions. It would be useful to be able to define blueprint parameters and be able to reference these with arm templates. Thus define common info once like:
location
naming prefixes
and names.Examples of problems:
having to define vnets, udrs, nsgs and flowlogs all in the same arm template. Makes it difficult to modularize the arm template if you want NSGs and UDRs in different resource groups to vNets. Thus, limit scope of roles to change these. Avoid someone…1 vote -
1 vote
-
Wrong error message while tagging
After applying tagging policy to Azure resources, if we are adding any wrong tags on any resource so wrong error message is showing. Error should be related to policy and it should say tag names are not compatible/not matching with policy defined.
Instead, error is coming as Could not save the tags. Access unauthorized.
There is no issue with access here.
2 votes -
Send emails to directory roles regardless of PIM elevation status
Currently alerts sent to directory roles (e.g. Identity Protection alerts that get sent to Global Admins or Security Admins) are only sent to those people if they happen to be elevated in PIM at that time. Just because someone is not elevated does not mean they should not receive those alerts; alerts like these should be sent to the people with the directory role regardless of their elevation status in PIM.
2 votes
- Don't see your idea?