Azure Resource Manager

How can we improve the Azure Resource Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Enable using local filesystem for Linked Templates

    Allow an ARM template to reference a relative file path on the local file system for accessing Linked Templates. It seems absurd that this isn't already available. We shouldn't be forced to put our templates in a publicly available resource to retrieve them and use them in other templates.

    299 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  9 comments  ·  Flag idea as inappropriate…  ·  Admin →
    • how to identify who created the virtual machine or any other resources under our subscription

      We have a subscription. Most of my team members are admins. We are trying to clean up the resources by decommissioning the unused resources. For this, we need to know as to who created these resources so that we can directly connect with them. Is there any way?

      209 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        under review  ·  12 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • An SDK to generate ARM templates programmatically

        For complex topologies or higher level abstractions it is not possible to have a static template because it may be overly complicated and hard to maintain. For such scenarios it will be good to have an SDK to generate ARM templates programmatically.

        Existing Client Libraries are not entirely fitting ARM template language and require workarounds to be implemented to use them for template generation.

        142 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          8 comments  ·  Flag idea as inappropriate…  ·  Admin →

          This is something we’re thinking about, but would like to ensure that we’re providing a sufficiently robust set of capabilities within the template language syntax itself.

          What scenarios are “overly complicated and hard to maintain”? This will help us understand where we need to invest.

        • Allow Renaming Of EVERYTHING! Plain And Simple

          Allow renaming of every resource. Allow movement of every resource between resource groups. Allow renaming of administrator account names, passwords (yes, i know that is already there).

          Come on guys and gals, It's a simple task of using pointer lists to put a layer between static configuration information and the "user" display. We absolutely have to get rid of the "one and done" during setup.

          108 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            under review  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Enable using VSTS for Linked Templates

            We manage all of our code for use with Azure in Visual Studio Team Services, including our set of ARM Templates. We are using linked templates which work really well but in order to do so we currently have to either mirror our repo out to github or our internal Stash repository, or copy the files to a storage account. We have come up with a neat solution where we publish the templates to a web app that exposes the templates via http but what we would really like to be able to do is call the linked templates directly…

            80 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              under review  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
            • Azure Resource Template Architecture Visualizer

              Right now - we have no option to visualize ARM template on a portal. http://armviz.io/ -is a 3rd party tool and it's not connected to a production azure environment.

              We need something like it on Azure portal.

              66 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                under review  ·  4 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • Provide a Resource Manager Template Function that generates a cryptographically strong password

                When one designs systems with the assumption that it would be breached at some time in the future, sharing passwords between services (IaaS or PaaS) isn’t recommended. If a password for one service is discovered by a malicious agent, it could be used to compromise other parts of the system. As such, its best to ensure each service (PaaS or IaaS) has its own unique cryptographically strong password.

                Having a unique password per service also allows for easier password rotation (through Scipts, DSC and other configuration management systems).

                As the number of systems (PaaS or IaaS) increases, we don’t want…

                43 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                • Enable Cloud Scripts as part of ARM Templates

                  Add the ability to run a Custom Script as part of the ARM Template (similar to what is available for VMs but this suggestion is in the context of the “subscription” you deploy to).
                  The “Script Resource” could be described something like this

                  {
                  "name": "postDeploymentScript",
                  "type": "Microsoft.CloudShell/script",
                  "apiVersion": "2017-08-26",
                  "tags": {
                  "displayName": "Post Deployment Script"
                  },
                  "dependsOn": [
                  "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDBAccountName'))]"
                  ],
                  "properties":{
                  "scriptType": "bash",
                  "scriptUrl": "https://raw.githubusercontent.com/krist00fer/nether/master/setup.sh",
                  "scriptParameters": [
                  {
                  "name": "cosmosDbEndpoint",
                  "value": "[reference(concat('Microsoft.DocumentDB/databaseAccounts/', parameters('cosmosDBAccountName'))).documentEndpoint]"
                  },
                  {
                  "name": "cosmosDbKey",
                  "value": "[listKeys(resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDBAccountName')), '2015-04-08').primaryMasterKey]"
                  }
                  ]
                  }
                  }

                  This is just an example of how it could look when…

                  37 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                  • Support functions within the definition of parameters...

                    For example, instead of this...

                    "locations": {
                    "type": "array",
                    "minLength": 1,
                    "allowedValues": [
                    "westus",
                    "eastus",
                    ...
                    ]
                    }

                    ... I'd prefer to write something like this:

                    "locations": {
                    "type": "array",
                    "minLength": 1,
                    "allowedValues": "[providers('Microsoft.Web', 'serverfarms').Locations]"
                    }

                    30 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                    • Change the location

                      Change the location for example change App service from western Europe to north Europe.

                      30 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Ability to add, edit and save custom JSON templates in portal with RBAC for reuse and self-service

                        Ability to add, edit and save custom JSON templates in portal for reuse. Currently we can do this in Visual Studio, and you can even paste those templates in to https://portal.azure.com/#create/Microsoft.Template to deploy, but it would be nice to be able to save them for repeat use in a self-service kind of scenario for developers to use by giving them RBAC access.

                        Also, deploying machine this way provides no way to join them to the domain, and I've had mixed results with DSC for various reasons. Need a way to join the domain at machine creation time, preferably with credentials…

                        21 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →

                          The first part of your request is under discussion – it’s something we hear frequently and are thinking about quite a bit!

                          For domain join, please see https://github.com/Azure/azure-quickstart-templates/tree/master/201-vm-domain-join

                          If you’re having issues with DSC or custom script extensions working as expected, please open an item in the Virtual Machines section – the right folks will see it there :)

                        • Fix Move-AzureResource : ResourceNotTopLevel error when moving SQL or staging environments

                          Move-AzureResource : ResourceNotTopLevel: Identifier '/subscriptions/***/resourceGroups/Default-SQL-AustraliaEast/providers/Microsoft.Sql/servers/***/databases/mysqldb' is not a top level resource.
                          At line:1 char:66
                          + Get-AzureResource -ResourceGroupName Default-SQL-AustraliaEast | Move-AzureResou ...
                          + ~~~~~~~~~~~~~~~
                          + CategoryInfo : CloseError: (:) [Move-AzureResource], CloudException
                          + FullyQualifiedErrorId : Microsoft.Azure.Commands.Resources.MoveAzureResourceCommand

                          9 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Support ARM Template Deployments on Management Group Scope

                            Azure Resources can be deployed on subscription or resource group level, but not on management group level.
                            My particular use case is the deployment of Policy Definitions & Assignments using ARM Templates. While the deployment succeeds, it's not possible to define a management group as the deployment scope. As a result, the policy definition has the subscription assigned as scope and cannot be assigned on a management group level.
                            The API version 2018-05-01 supports the argument "managementGroupId". https://docs.microsoft.com/en-us/rest/api/resources/policydefinitions/createorupdateatmanagementgroup

                            4 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                            • Capability to rename server farm location

                              I suggest the capability to define my custom subcollection of your server farm, where I can define my custom name.

                              Example: Usually I use "West Europe", "North Europe" and "East USA" server farm.
                              I will rename it in:
                              - "West Europe" -> "Europe 1"
                              - "North Europe" -> "Europe 2"
                              - "East USA" -> "USA 1"

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                              • Transferring subscription

                                I recently had my subscription transferred, your support only has access to the old portal. It has now completely broken the new portal and they have no idea how to fix it.

                                Seems like it may be down to them not having access to "Resource Groups" therefore not being able to complete the transfer.

                                Its a shame, I was enjoying the new portal and now I am stuck with no support.

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Billing History Options with Resource Move

                                  When manipulating resources in resource groups I would like to be able to decide whether I can move unbilled costs during the move. There are scenarios where we might want to leave the costs incurred in a previous resource group and have the new resource group not have those historical costs present. At other times we might want the opposite.

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Don't see your idea?

                                  Azure Resource Manager

                                  Feedback and Knowledge Base