Azure Resource Manager

How can we improve the Azure Resource Manager?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Stop generating random resource names

    Azure needs an overarching policy when developing new features to ensure when resources are being created that all names can be managed or templated according to sane conventions.

    Spinning up a new container service (AKS, ACS, whatever) generates many unpredictable resources and resource groups. There are many things in Azure that cause this to happen.

    Stop doing this! Please, adopt a policy across all your development teams that enforces a little more care and caution with naming and structure when automatically provisioning resources!

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add parameter to allow "temporary storage" drive letter to be specified at deploy-time

    Provide option in ARM template to specify the driver letter assigned to "Temporary Storage". Currently defaulted to D:.

    There was a similar, declined, suggestion from over 3 years ago: where MS suggested they were looking at improvements. @Corey Sanders goes on to say it would require another reboot, well, I currently use DSC to move it, and that requires another reboot, so it's neither here nor there, whether the additional reboot is fired by ""Microsoft.Compute/virtualMachines/" or "Microsoft.Compute/virtualMachines/extensions":
    https://feedback.azure.com/forums/216843-virtual-machines/suggestions/5558184-please-move-temporary-drive-to-t-drive-instead-of

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Automation script should copy storage account settings

    Azure Portal can export its Automation script in order to deploy from ARM template, of course in case of Azure Functions on dynamic hosting plan.
    However, the Portal currently never generates appSettings in ARM template.
    Functions saves the connection string of the storage account in appSettings, so if we recover from the template, it always fails because of the lack of storage account information.
    (Deployment would be successful, but newly created Functions never works well.)

    Do you have a plan to fix this?
    I know some template samples in Github can create Dynamic Functions successfully, but Azure Portal can't generate…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add info on a resource of who created the resource

    The Property pane of a resource contains today the date the resource was created, but there is no information about who created it. Often we find resources that was created a long time ago, but nobody know who created it so it is close to impossible to know if the resource is still in use or not. The audit log can give us some clue, but it only go back 90 days. Would be great that the resource have the account info on the property page that show who created the resource.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow us to change the location of resources

    It is inconvenient and outage-prone to migrate a resource to a new location at present.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to add, edit and save custom JSON templates in portal with RBAC for reuse and self-service

    Ability to add, edit and save custom JSON templates in portal for reuse. Currently we can do this in Visual Studio, and you can even paste those templates in to https://portal.azure.com/#create/Microsoft.Template to deploy, but it would be nice to be able to save them for repeat use in a self-service kind of scenario for developers to use by giving them RBAC access.

    Also, deploying machine this way provides no way to join them to the domain, and I've had mixed results with DSC for various reasons. Need a way to join the domain at machine creation time, preferably with credentials…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    The first part of your request is under discussion – it’s something we hear frequently and are thinking about quite a bit!

    For domain join, please see https://github.com/Azure/azure-quickstart-templates/tree/master/201-vm-domain-join

    If you’re having issues with DSC or custom script extensions working as expected, please open an item in the Virtual Machines section – the right folks will see it there :)

  7. Specify CostCenter when creating Subscription from API

    It would be realy helpfull If I could specify the costcenter during the creating of a subscription.

    Currently there is no way to do this when creating an subscription
    https://docs.microsoft.com/en-us/azure/azure-resource-manager/programmatically-create-subscription?tabs=rest

    Without this i have to sign in to the EA Portal and specify the cost center manually

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. Support linked ARM templates on private vnets

    In short, I'd like to be able to use BLOB storage on private vnets, and allow access to that storage when deploying with ARM templates. It shouldn't be necessary to open the BLOB storage up to public access (even if protected by SAS tokens) just to use the storage account during ARM deployment.

    My preferred solution is to either have the ARM deploy servers included in the "trusted Microsoft services" that I've granted access to the storage account; or add another checkbox (similar to keyvault) granting network access to the storage account when accessed during deployment.

    For example, I should…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  9. Increase RBAC Role assignment limit or allow Resource Group nesting

    With the limit for RBAC Role assignment at 2000, the number of role per resource groups can be attained relatively quickly with larger deployments. I was thinking of 2 ways to bypass the issue, either allow us to increase the limit to Role Assignments in a subscriptions or allow us to do resource group nesting. That way we could apply the roles to the main resource group to use inheritance instead of using multiple role assignments for all the similar resources.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. ARM Template "Dry Run" command

    It would be really useful if the PS/CLI commands to interact with ARM Templates had a 'Dry Run" command that would build out a resource list that could be used to verify the execution of the provided ARM Template.

    An example of this concept would be the AngularCLI dryrun flag that illustrates the created/modified files for when it executes.

    The benefit of this would be to verify that the resources are created as expected without having to generate all the resources which is time consuming and could be costly for some resource types. This would also be helpful when testing…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  11. ARM Template - Automate Azure Function Event Grid Subscription

    Presently using ARM I can automate the creation of an Azure Function Subscriber that has a HTTP trigger.

    "properties": {
    "destination": {
    "endpointType": "WebHook",
    "properties": {
    "endpointUrl": "[listsecrets(resourceId('Microsoft.Web/sites/functions', parameters('azurefunctions_name'), parameters('azurefunctions_loadTcsItemSubscription')),'2015-08-01').trigger_url]"
    }
    },
    "filter": {
    "includedEventTypes": [
    "All"
    ]
    }
    },

    I am however unable to do the same for an Azure Function Event Grid trigger, there seems to be no way of accessing the master key. Can this be added to an upcoming release. please.

    Many Thanks

    Paul

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Reference Resource IDs in Get VM API

    Source: https://msdn.microsoft.com/en-us/library/azure/mt163682.aspx

    In the Get VM API, have the response data contain provider resource IDs or URIs or some reference, similar to the below:

    {
    name: 'example'
    id: '/subscriptions/<subId>/resoruceGroups/<rgName>/providers/Microsoft.Comput/virtualMachines/example'
    properties: {
    virtualNetwork: {
    id: '/subscriptions/<subId>/resourceGroups/<rgName>/providers/Microsoft.Network/virtualNetworks/examplevn/'
    name: 'examplevn'
    }
    storageAccount: {
    id: '/subscriptions/<subId>/resoruceGroups/<rgName>/providers/Microsoft.Storage/storageAccounts/examplesa/'
    name: 'examplesa'
    }
    ...
    }
    }

    currently, in order for a user to get the reference virtual network or storage account from a virtual machine api (listed above), they have to hack around using the vnIface ID or poll a different endpoint for storage accounts (resource.blob.core.windows.net/vhds/vhds.vhd)

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Please provide compatible service.

    Recently you provide ARM model. But unfortunatelly we need to modify our powershell script to change from ASM to ARM. This tasks and costs are big impact for us in a position of finance and human resources.

    Could you please provide compatible service which is the same feature of previous service in the future? Or could you provide more guidance documentation to migrate to new service from old one?

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add official support for API Management Service in ARM Templates

    I would like to deploy an API Management Service using ARM Template. I managed to get it working but since the service takes about 30 min to activate the deployment, for some reason, will never change to "Succeeded" and the deployment script never finish.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow use of copyIndex inside variable definition...

    This would be helpful in ensuring consistent naming schemes when deploying multiple resources of the same type. I've attached a sample ARM template to demonstrate a use case.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Drag drop interface for ARM templates like AWS CloudFormation designer

    A visual tool allowing drag and drop of azure Azure resourcessimilar to AWS Cloud Formation designer tool.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Create a resource group template in Azure Storage when a new resource group is created

    When a new resource group is created in the Azure Preview Portal it would be nice were an equivalent resource group template to be saved into Azure Storage. This is done when resource group templates are used directly. I thought GCE did a nice job of always providing a script equivalent for each portal action - it helped improve understanding of scripted deployments.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Certificate Manager on Azure like AWS Certificate Manager

    AWS has a Certificate Manager service that can easily provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services.

    https://aws.amazon.com/certificate-manager/

    It would be great if Azure can provide similar service so that customers don't have to buy and bring their own ssl certificates when using Azure services.

    I am aware that Azure CDN supports custom domains and it can automatically provision a custom ssl certificate for that domain for free. But you can't do similar things on Application Gateway, or Azure Web Apps, etc.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Resource Policy: dynamic values in policy parameters or conditions

    Policy parameters or conditions values are limited to strings or arrays. In environments where change is a constant, those strings and arrays need to be updated regularly. Instead of having to update the policy, it would be great if we had some way of having dynamic values, for example coming from an HTTP request or from some other external source.

    Consider a scenario in which you have dozens of applications each with multiple resources. Each application has a different owner (product owner). You want to apply a tagging enforcement policy that states that every resource must have a "owner" tag…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. 7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Azure Resource Manager

Feedback and Knowledge Base