Azure Resource Manager

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure Resource Template Architecture Visualizer

    Right now - we have no option to visualize ARM template on a portal. http://armviz.io/ -is a 3rd party tool and it's not connected to a production azure environment.

    We need something like it on Azure portal.

    39 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Application Gateway configuration operations are extremely slow

    I know there is already a post on this, but as it has apparently been resolved (it has not) it seems to be being overlooked.

    https://feedback.azure.com/forums/281804-azure-resource-manager/suggestions/19119910-application-gateway-management-operations-are-agon

    When configuring any resources within the Application Gateway, everything takes such a long time, 5-10+ minutes is not uncommon to add a listener or a rule.

    I have also found that you have to wait for the last request to complete before starting to add any other gateway feature as if you do not it is likely to error the original request.

    Please can you look into this, as it is unbelievably time consuming.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  3. Enable using VSTS for Linked Templates

    We manage all of our code for use with Azure in Visual Studio Team Services, including our set of ARM Templates. We are using linked templates which work really well but in order to do so we currently have to either mirror our repo out to github or our internal Stash repository, or copy the files to a storage account. We have come up with a neat solution where we publish the templates to a web app that exposes the templates via http but what we would really like to be able to do is call the linked templates directly…

    36 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Enable Cloud Scripts as part of ARM Templates

    Add the ability to run a Custom Script as part of the ARM Template (similar to what is available for VMs but this suggestion is in the context of the “subscription” you deploy to).
    The “Script Resource” could be described something like this

    {
    "name": "postDeploymentScript",
    "type": "Microsoft.CloudShell/script",
    "apiVersion": "2017-08-26",
    "tags": {
    "displayName": "Post Deployment Script"
    },
    "dependsOn": [
    "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDBAccountName'))]"
    ],
    "properties":{
    "scriptType": "bash",
    "scriptUrl": "https://raw.githubusercontent.com/krist00fer/nether/master/setup.sh",
    "scriptParameters": [
    {
    "name": "cosmosDbEndpoint",
    "value": "[reference(concat('Microsoft.DocumentDB/databaseAccounts/', parameters('cosmosDBAccountName'))).documentEndpoint]"
    },
    {
    "name": "cosmosDbKey",
    "value": "[listKeys(resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDBAccountName')), '2015-04-08').primaryMasterKey]"
    }
    ]
    }
    }

    This is just an example of how it could look when…

    35 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Rename any Azure object and ability to have different name and DNS name

    The main idea is an option to rename any Azure object (rename VM, Sql DB ...) into ANY desired name at ANY time, unique only per user, not globally. If dns name is already used a random one should be given or asked user to input a new one.

    It would greatly help organizing Azure object.

    33 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    unplanned  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Unlimited deployments

    At the moment, there is a limitation of 800 deployments per resource group.

    Afterwards, you have to manually delete them in order to be able to perform new deployments.

    It would be nice if there wasn't any limit.

    Another option would be new deployments overriding old ones (you only get to save latest 800).

    32 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Increase maximum Resource group limit when using linked deployment templates

    I'm trying to create a script to deploy my entire system in one deployment using linked templates (the system consists of many microservices, which are isolated in their own resource groups). However I am hitting the following error:

    The template deployment and its nested deployments specifies too many target resource groups. At most '5' different resource groups is allowed

    Can this seemingly arbitrary limit be lifted/removed as this is blocking is from continuing our automation scripts.

    thank you

    32 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Resource tag inherit from ResourceGroup (or Subscription)

    Today we need to TAG all individual resources to get the TAG's available in the billing API for chargeback. Would be much more efficient to set TAGs on subscription level and/or ResourceGroup level and then let all resources inherit the TAG's with option to overide the inherited TAGs on the resources. This way we don't need to add TAG's to every resource.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. The limit of tag count for a resource is too small

    The limit of tag count for a resource is 15, which is too small.
    Is it possible to increase the value?

    31 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add DateTime calculation Capabilities with utcnow() in ARM Templates

    Having the possibility to generate SAS Tokens using listaccountsas() is a great step forward in arm template functions as it enables us to generate tokens to make use of linked templates residing on protected storage. However, we still have to provide a static value for token expiration to make use of that function.
    Being able to use datetime calculation functions together with utcnow() would enable us to close a gap and generate SAS tokens dynamically.

    A possible scenario could look like:

    addhours(parameters(utcnow(),1))

    and provide the result as expiration time inside the listaccountsas() function

    29 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  11. RBAC rules need an option to block IAM inheritance

    Create an option that allows blocking of inheritance for RBAC rules.

    ATM if you create a generic rule at a top layer it means you cannot block access to a particular item.

    As such the only way to create a rule which doesnt allow access is by creating multiple top layer items that exclude the one item you want to block.

    Need a setup similar to NTFS security inheritance blocking options.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. String array function Join

    in some cases, I need to concatenate several references (variables) which have rather long names (or complex object structures).

    The standard approach (Concat(...)) makes for a very long lines.

    Since multi-line values aren't supported (another area for improvement), the current approach I use is to create an array of each segment, since each member of the array can be its own line.

    Ideally I'd like to take that array and just Join(string[], "_")... but currently I can't, so I'm forced to concat(var[0], "_", var[1], "_", var[2]).

    The inclusion of a JOIN function would SIGNIFICANTLY simplify the variable's definition.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Specify CostCenter when creating Subscription from API

    It would be realy helpfull If I could specify the costcenter during the creating of a subscription.

    Currently there is no way to do this when creating an subscription
    https://docs.microsoft.com/en-us/azure/azure-resource-manager/programmatically-create-subscription?tabs=rest

    Without this i have to sign in to the EA Portal and specify the cost center manually

    26 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. Custom RBAC role to only allow the assignment of TAGS on resources.

    Would be nice to have a custom RBAC role in the Azure portal created that allows a user to ONLY be able to set TAGS on resources, resource groups and/or subscriptions for billing purposes.

    25 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Parameters in Nested Templates is broken

    For nested templates, you cannot use parameters or variables that are defined within the nested template. It is currently broken (as per the documentation).

    It'd be great if this could be fixed. An example of what I'm talking about can be seen here:

    https://github.com/bmoore-msft/AzureRM-Samples/blob/master/dynamicSecretId/azuredeploy.inline.json

    Note: It's not only with Keyvault references that this is broken, but rather all inline parameters when using an inline template.

    Thanks!

    25 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Provide a Resource Manager Template Function that generates a cryptographically strong password

    When one designs systems with the assumption that it would be breached at some time in the future, sharing passwords between services (IaaS or PaaS) isn’t recommended. If a password for one service is discovered by a malicious agent, it could be used to compromise other parts of the system. As such, its best to ensure each service (PaaS or IaaS) has its own unique cryptographically strong password.

    Having a unique password per service also allows for easier password rotation (through Scipts, DSC and other configuration management systems).

    As the number of systems (PaaS or IaaS) increases, we don’t want…

    25 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support ARM Template Deployments on Management Group Scope

    Azure Resources can be deployed on subscription or resource group level, but not on management group level.
    My particular use case is the deployment of Policy Definitions & Assignments using ARM Templates. While the deployment succeeds, it's not possible to define a management group as the deployment scope. As a result, the policy definition has the subscription assigned as scope and cannot be assigned on a management group level.
    The API version 2018-05-01 supports the argument "managementGroupId". https://docs.microsoft.com/en-us/rest/api/resources/policydefinitions/createorupdateatmanagementgroup

    24 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow Renaming of Azure Resources

    Allow for the renaming of Azure resources such as VNET, Subnet, Resource Group, Network Security Group, Load Balancer, etc..

    23 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Improve access to Key Vault from ARM templates

    Accessing secrets from KV in an ARM templates is super important, especially from VSTS release management pipelines yet the support is limited.

    The way you get at key vaults secrets from templates currently has very limited application. You use "reference" but this can only be applied to a parameter. Why not a variable or inline? However the real limitation is using a dynamic key vault id. Firstly nobody is going to use a static key vault id. It will nearly always be derived from other parameters or functions e.g. subscription() or resourceGroup(). So to do that you must use nested…

    23 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Automatically delete old deployments as DeploymentQuotaExceeded error occurs

    We are often hitting the DeploymentQuotaExceeded error, exceeding the quota of 800 deployments. This happens because old deployments are never deleted, no matter how old they are. We would like to request as a feature a rolling behavior where, as the quota is reached, the oldest deployment is automatically deleted.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Deployment Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  • Don't see your idea?

Azure Resource Manager

Categories

Feedback and Knowledge Base