Log Analytics dashboard, by selecting "custom" time range which is longer than 1 month, without any alert saying "dashboard only support 1 month view", but the data which can be viewed in the charts is limited to only one month.

Reproduce steps:
1.select a VM -> Logs -> pick up a sample query, click "Run"
2.Change Time range "Custom", define a time range longer than 1 months, then run the sample query again
3.Click "Pin to dashboard", then select or create a dashboardImage
4.Go to dashboard, only 1 month data is shown in chart as shown below (from Jan.21 - Feb.20th), despite of the time range we selected (which is from Jan.1st - Feb.20th).

I understand this is due to dashboard limitation for log charts, (Log charts are limited to last 30 days) as per:
https://docs.microsoft.com/en-us/azure/azure-monitor/visualizations#azure-dashboards

Suggestions:
Customer might not aware of the limitation simply from the portal. It would improve user experience if a simple validation in the charts custom dates to disallow data greater than 30 days to be requested.

We have migrated from WAF (v1) to WAFv2 and when checking the site with SSL Test (https://www.ssllabs.com/ssltest/analyze.html) it reports that the Certificate Chain is Incomplete and thus caps the score at 'B'.

This does not happen with WAF v1 - with an equivalent configuration or if AppGateway/WAF is bypassed and the AppService site is accessed directly with the bound SSL cert.

It seems this is due to so an infrastructure change between WAF v1 and WAF v2 which means by default the certificate chain is not resolved and returned automatically as it is everywhere else in Azure.

This makes the default WAF configuration less secure by default and most people may not even notice.

Please restore this functionality to ensure that SSL is not by default less secure when using WAFv2.

Note: this has also been reported as SR 119092622001872

Currently, there is no easy way to determine the number of active instances in an App Service Plan that has auto-scaling turned on. The most reliable way I've found to determine this is to open Live Metrics in Application Insights, which will then tell you the number of servers online. This is way too many clicks to find out this crucial bit of information. When I've received support from Microsoft engineers and asked about where to find this information, they've directed me to several metrics that never show the count, or do so inconsistently (e.g., sometimes the metric shows no data at all).

If I had my druthers, I would put the instance count on the Overview blade of the App Service Plan pane.

Note, my organization's Azure assets live in US Gov Texas primarily and we heavily utilize App Service Environments, so this feature would need to be made available in Azure Government and applicable for all App Service Plans, regardless of where or how they are hosted.

I would like to see some functionality that mitigates the risk of Rouge Administrator accounts. If an employee who is an Azure administrator goes crazy or their Azure account gets hacked then they could deliberately delete the whole Azure tenancy in a very short amount of time. This includes Azure backups.

I would like to see some functionality that could resurrect the Azure environment if that occurred.

You can take many precautions to protect Azure admin accounts but system administrators can become disgruntled employees just like any other employee. At the moment I don't believe Azure offers any protection from this type of threat.

I similar risk does exist with on-prem environments but at least there would be onsite backups if an Administrator went 'Rouge'

Universal Packages are great for storing binaries and other files needed during deployments or other custom solutions.

What's not good is that we're limited to the Azure CLI for both publishing and downloading these files. There is no other option or integration present.

The only option for automatic downloads on a new environment is to
- Download and Install/Update the Azure CLI
- Install/Update the azure-devops Azure CLI plugin
- wrap the "az artifacts universal download" command in a Powershell Script

Not only does this take forever, but it spawn many processes, downloads dynamic "package downloader" tools, write to STDOUT with progress messages that can't be disabled, and sometimes fail/throw SSL warning errors.

Please make a "managed" Powershell/.NET library to do this or even make it possible via the REST API.

Otherwise it's hard to confirm that things have downloaded, monitor the process, or create a parallelized download process.