Azure Resource Manager
-
1 vote
-
Exported template should be easily deployable in all scenarios
Exported template should be made deployable even when they include PrincipalID and KeyVault properties. Currently, if we have a resource with SystemManagedKey, we need to remove these from the exported template before deploying: keyvaultproperties, PrincipalID and TenantID. This takes additional time and effort. Thanks.
2 votes -
default region for creating new resources
Allow the user to set a default Azure Region for creating new resources. I always have to change the "random default" to my own Region (West Europe). Let me set a default, that is selected during every new "create" but still allow me to change during creation. Would be awesome and very helpfull!!
1 vote -
The client with object id does not have authorization to perform action 'Microsoft.Compute/virtualMac
Error Authorization Failed does not provide enough description for the customer:
"Message: The client '<identifier>' with object id '<identifier>' does not have authorization to perform action 'Microsoft.Compute/virtualMachines/read' over scope ...The error message was not enough to be able for a new user to be able to determine what the case is to resolve the issue. This error occurs for users who have a new Azure Subscription where they have not registered the resource provider for the product when they try to create a new job for that product such as SQL, Azure Stream Analytics, Data Factory...
Please add verbage…
2 votes -
Expose resource manager API utilization metrics
Currently it's impossible to chart resource manager API utilization. That means that if you hit the API too frequently and get 429 error responses, it's very difficult to verify if any changes you make improve the situation.
As a use-case, older AKS clusters had a bug which resulted in excessive resource manager API requests - when the AKS cluster scaled up and you were using LoadBalancer services. This was for the loadbalancers to query the VMSS.
If a chart of API utilization was available, we'd be able to visualize the problem and see if any remediation techniques were effective.
1 vote -
Increased frequency of ARM template deployment failures
Deployment using ARM templates started to fail at a higher rate than usual. Make the ARM template deployment process more stable so the deployments will have fewer failures.
1 vote -
Parameter object validation always fails because required property type is missing
As it is more readable for the customers and quite similar to terraform, we decided to use parameter objects to hand over parameters to an ARM Template. It works but the validation always fails due to the missing property
1 vote -
please help me
Hello, can you help when trying to get Mcadalet.net domain name help?
1 vote -
Complete mode should display / return deletion operations
When running a deployment in Complete mode, operations for deleting resources in the resource group that do not exist in the current deployment template are not shown in the deployment summary, or in the DeploymentOperations object using the .NET SDK.
The operations for deleting existing resources when running a deployment in Complete mode should be displayed / retrievable on the new deployment.
2 votes -
Allow manual / ad-hoc deployment rollback
When creating or updating a deployment, there are options to rollback on failure to either the last successful deployment, or a specific deployment (OnErrorDeployment).
There should be a way to rollback to the last successful deployment or a specific deployment without a deployment creation or update failing.
This would be useful in cases where we want to roll back to the previous successful deployment after a cancelled deployment leaves a resource group in an unwanted state, or if we want to bring a resource group back to a previous state for any reason, but we don't want to export the…
2 votes -
Improve the listkey function to work outside resources and output sections
Listkeys only works in the resources and output sections of arm templates. Which make the function basically useless. Why even have it usable in the output, it just creates a security vulnerability. If you output secrets in the output section the values gets logged in the deployment logs and now the secret is view-able to anyone with read access on the resource group the arm template happen in.
1 vote -
Support Rename Resources (VMs, Resource Groups, VNets)
Azure subscriptions can be renamed because the subscription GUID is actually used inside the system to determine the instance of the subscription.
Azure resources can also be moved between resource groups or subscriptions. After the move, the resource URI will change, causing the script to be modified.
In addition, VM and other resources also have resource IDs inside.In this case, why not provide the function of resource renaming? This is very MUST HAVE, and many customers are requesting this feature!!!!!
1 vote -
Automatic tagging
To ensure cost allocation and monitoring which user/admin created/modified which resource(s), we need "automatic tagging" - e.g.:
- logged in user (name) is used for a "Creator: "-tag
- current time is used for a "Created on: "-tag
- ...
This way, cost allocation and resource monitoring can be done in a straight forward way with Azure tools.
1 voteThanks for the feedback!
We are currently working with the resource provider teams to include creation and modification metadata as a property of the resource. Would that meet your needs for this request?
Else, have you tried using Azure Policy to automatically manage tags and tag enforcement?
https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/govern-tags -
armclient doesn't work well in Azure China
Running the armclient through PowerShell does not return the API as expected in China. There is not much documentation to compose the json file. Users without Azure Global are unable to get json files, and there is no documentation on how to get json file without having Azure Global account.
1 vote -
Add capitalize string function to ARM templates
ARM templates have string functions to manipulate strings, e.g. the toUpper function.
It would be nice if a "capitalize" function could be added, that would only make the first letter a capital letter and the other letters lowercase. E.g. "Examplestring".
Currently, you need to do something like this to ensure a string starts with a capital letter with the other letters being lowercase:
"myCapitalizedString": "[concat(toUpper(first(parameters('exampleString'))), toLower(skip(parameters('exampleString'), 1)))]"
A capitilize function (or TitleString or whatever you want to call it) would ideally lead to something like this:
"myCapitalizedString": "[capitalize(parameters('exampleString'))]"
1 vote -
Add role assignment of AzureAD roles
Currenlty, ARM templates ("Microsoft.Authorization/roleAssignments") does not support assigning AzureAD roles like 'Application Administrator', 'Cloud Application Administrator' or 'Directory Readers'.
Assigning AzureAD roles are needed for "app registration" in AzureAD
13 votes -
Ability to add functional extensions to templates
I find myself often writing the same boilerplate code in my templates. Particularly in the functions section (name formatting and such). It would be nice to be able to import functions into templates and maintain common functions in a single place.
Example in the attachment
8 votes -
Add the ability to deploy On-Premise Data Gateways via automated deployment
We're trying to fully automate our deployments via ARM templates with Azure DevOps, but have been unable to deploy On-Premise Data Gateways with a service principle connection. Investigating the situation with Microsoft revealed that you must use a personal or service account with Azure CLI.
2 votes -
ARM template enable service property/policy setting
This is a feature request to have a settings to enable service property and policy settings. Enable static website setting during blob storage account creation. Enable key vault policy setting during blob storage account creation.
1 vote -
dependson
If the "dependsOn" section is defined after the "properties" section, and the properties section contains a reference to the parent resource, template validation will succeed but deployment will fail.
Propose: Amend validator to enforce dependsOn definition before properties.
Example
"resources": [
…{
"type": "Microsoft.Web/serverfarms",
"apiVersion": "2018-02-01",
"name": "[parameters('servicePlanName')]",
"location": "[parameters('location')]",
"tags": {
"app": "RAPT",
"appowner": "Corporate Services",
"backup": "N/A",
"createdby": "[parameters('tagCreatedBy')]",
"environment": "[parameters('tagEnvironment')]",
"implementation": "[parameters('tagImplementation')]",
"technology": "Web"
},
"sku": {
"name": "[parameters('TierCode')]",
"tier": "[parameters('TierName')]",
"size": "[parameters('TierCode')]",
"family": "[parameters('TierFamily')]",
"capacity": "[parameters('TierCapacity')]"
},
"kind": "app",
"properties": {
"name": "[parameters('servicePlanName')]",
"perSiteScaling": false,
"maximumElasticWorkerCount": 1,
"isSpot": false,
"reserved": false,
"isXenon": false,
"hyperV": false,
"targetWorkerCount":1 vote
- Don't see your idea?