Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Resource Manager

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Delete resource with ARM template

    With delivery pipeline it is often needed to create and drop resources for the environments.
    Currently resource manager does not support deprovision deployment mode.
    It means that there is no way to delete exact resources which are specified within the template and were deployed during environment creation.
    Unfortunately Delete Resource Group is not an option because often resources are deployed in different resource groups.
    Actually Delete is part of Complete mode deployment, could you please just make it separate.

    152 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  2. Identity function for Azure Resource Manager Templates to know who submitted the deployment

    It would be good to be able to have a something that returned the user that requested the deployment, either the UPN or the AAD object Id. This can then be used to


    • Tag the resource with the details of who created/last updated.
      This would be great to avoid the masss of resources created without anyone knowing who created them. Thus helping audit and manageability.
      If its a function it could be used in policy and thus enforced tagging.


    • Add permissions based on the user doing the deploy.
      The last one is useful for the developer scenario where the you…

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add role assignment of AzureAD roles

    Currenlty, ARM templates ("Microsoft.Authorization/roleAssignments") does not support assigning AzureAD roles like 'Application Administrator', 'Cloud Application Administrator' or 'Directory Readers'.

    Assigning AzureAD roles are needed for "app registration" in AzureAD

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. expose the "eventName" property

    We need a property we can use to identify the different events from a deployment, which currently looks completely identical with the only difference not being usable to identify the correct events automatically

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to add functional extensions to templates

    I find myself often writing the same boilerplate code in my templates. Particularly in the functions section (name formatting and such). It would be nice to be able to import functions into templates and maintain common functions in a single place.

    Example in the attachment

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  6. Change Google bot logic

    cx is currently using WAF on Microsoft FD and using bot rule to automatically identify bots.

    When checking the logs, we found that even some real google bot was identified as bad bot. Looks like there is an IP list for google bot and managed by PG team.

    Is there any chance that we could use some logic to separate bad/ good bots? Since his IP list may need to be refreshed from time to time and that's why some real good bot was identified as bad bot.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  7. Nested template calling API multiple times

    Hi,

    I make a call to a function api via nested arm template but it calls api multiple times eventhough it is supposed to be called only once.

    I did monitor my API, most of the times it gets called twice but sometimes even more.

    Could you please look into it and let me know please?

    {"$schema":"https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#","contentVersion":"1.0.0.0","parameters":{},"variables":{"apiVersionDeploy":"2017-05-10","funcionUrl":"http://...","environmentFunctionKey":"xxxx",},"resources":[{"type":"Microsoft.Resources/deployments","apiVersion":"[variables('apiVersionDeploy')]","name":"test","dependsOn":[],"properties":{"templateLink":{"uri":"[concat(variables('funcionUrl'), '?code=', variables('environmentFunctionKey'))]"},"mode":"Incremental"}}],"outputs":{}}

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add a retry mechnanism when parallel deployments fail due to any kind of "Conflict" error

    Scenario:
    - multiple ARM deployments running in parallel
    - all contain a deployment task targeting the same resource group / resource e.g. add a KeyVault access policy/a secret
    - all except one deployment fail with a "Conflict" error and need to be restarted manually

    Expected behaviour:
    Azure retries automatically when such a "Conflict" occurs

    Analysis from the KeyVault team:
    "Based on the investigation performed, we were able to conclude the existing conflicts (409) when trying to run parallel deployments where due to the fact that the deployments were trying to write new access policies to the Key Vault.

    Since Key…

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  9. Automatically update available sub in global subscription filter option

    We have a global subscription filter feature which can be used to select frequently one in azure portal. In this scenario, we need to manually select one subscription to see available resources even though cx has owner permission. Actually, sometimes cx will forget this step.

    Please consider disable this feature and automatically updated in azure portal if cx already has owner role.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. YAML/YML support for ARM

    Can we have YAML support for ARM just like AWS cloudformation

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for bringing this to our attention. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  11. Support Rename Resources (VMs, Resource Groups, VNets)

    Azure subscriptions can be renamed because the subscription GUID is actually used inside the system to determine the instance of the subscription.
    Azure resources can also be moved between resource groups or subscriptions. After the move, the resource URI will change, causing the script to be modified.
    In addition, VM and other resources also have resource IDs inside.

    In this case, why not provide the function of resource renaming? This is very MUST HAVE, and many customers are requesting this feature!!!!!

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  12. Assign resources in ARM templates a simple unique reference ID

    The dependsOn array (for example) uses a horrible syntax to refer to resources within the same ARM template. I don't know why since they're all objects in the same "memory space" so when the template is run, they could have simple IDs and a simple way to refer to them.

    Imagine if we were able to assign our own GUID or other unique surrogate ID to each resource, it could be used to refer to resources in the same template without the nightmare addressing syntax you have.

    The deployment manager can maintain a memory structure containing the ID and the…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  13. Allow actual output of type "securestring"

    When defining ARM outputs, "securestring" is a valid type, but nothing is actually outputted. This raises the question as to why it's a valid type, if it serves no purpose.

    The "securestring" should be returned for further processing. (Alternately, there should be a schema error for specifying a type that can't work.)

    Additional discussion at https://github.com/MicrosoftDocs/azure-docs/issues/32931.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. Allow usage of function arrays in the dependsOn section

    The dependsOn section needs an array of strings, and each string added can call some functions like resourceId, parameters, and variables. But it does not accept a parameter or variable that contains an array of strings. It also doesn't allow the use of copy.

    Allowing this would make it much easier (actually make it possible) to dynamically generate a list of dependencies based on parameters.

    For instance, creating alerts links to action group resources. It is very likely that the action groups to use are given as a parameter (array of strings). Converting those strings to resourceIds (multiple) is easy…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  15. Kubernetes Custom Policy Definitions in Azure Policy

    Azure Policy helps to enforce organizational standards and to assess compliance at-scale which is not limited to Azure managed resources but also the resources deployed in a Kubernetes cluster such as Pods, Deployments, ConfigMaps, Secrets and etc.

    There are set of built-in Kubernetes policies provided under Azure Policy Definitions which can be directly enforced with supported parameter changes. But provided built-in Kubernetes policies are not enough to enforce required organizational policies to Kubernetes clusters.

    Ex: Developers tend to keep all the application configurations in Kubernetes ConfigMaps rather than using Secrets for sensitive data such as username/passwords, tokens and etc. This…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow the contributor role to set and remove locks

    At the moment the contributor can not set or delete roles because it has no Microsoft.Authorization permissions.

    But the contribute to the project and sometimes need to delete resources they can do that no when lock is set but we set locks to prevent unintended deletion of resources.

    But to do this now we have to make everybody owner which is strange. I get that the Contributor role do not have Microsoft.Authorization/ permissions but not why they do not have Microsoft.Authorization/locks/ permissions

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. CopyIndex - add staged length for count

    Add CopyIndex function to allow a numerical length to count. Enterprise may have their naming standards end with "01", "02", "03", etc. CopyIndex currently will only count logically from 0. "1" "2" "3", etc.

    Suggested framework:
    CopyIndex(loopName, offset, stagedlength)

    Suggest framework example:
    CopyIndex('VM',1,000)

    Results would be:
    VM001
    VM002
    VM003
    VM004

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  18. Deploy maps in integration account by referencing the map file in the visual studio project

    Currently, to automate deployment of an integration account and map i have to insert the text from the map file in the content section of the maps section of the integration account template.

    Inserting the map code as text means i have to escape any chars such as double qoutes. this is time consuming and would be much better if the template could simply referr to a map file in the visual studio project.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. Microsoft.Resources/deploymentScripts should also have a windows container image

    Microsoft.Resources/deploymentScripts is a great and needed addition ARM templates.

    Still, limiting it to linux container images is not ideal, at least for our case where we have PowerShell scripts that need to run and they are not PSCore. The migration for them is not that straight forward.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add the ability to deploy On-Premise Data Gateways via automated deployment

    We're trying to fully automate our deployments via ARM templates with Azure DevOps, but have been unable to deploy On-Premise Data Gateways with a service principle connection. Investigating the situation with Microsoft revealed that you must use a personal or service account with Azure CLI.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Azure Resource Manager

Categories

Feedback and Knowledge Base