I am trying to create a one click setup of an application running on top of Microsoft AKS. I want to create my UIDefinitions.json file, and I want it to have the option that Microsoft AKS wizard has which allows creation of a new service principal, and store the ID and securestring in a variable I can pass to my ARM template. However, I cannot find anything in the documentation that allows me to achieve that in the documentation (https://docs.microsoft.com/en-us/azure/managed-applications/create-uidefinition-overview) or the quick start templates on github.

How does one actually go about achieving this?

We need to add "Additonal Security Verification", which shows up for MFA enabled user to configure MFA setting, to the list of Cloud Apps in Conditional Access so that they can block access to the page for specific users or non admin users.

I have some customers whose admins configure MFA settings such as mobile phones and the method for their users manually, and do not want the users to change the settings, such as mobile phone number.

Add support for X.509 authentication. Allow me to configure which CAs to honor (allow me to honor just my own CAs). Allow me to associate X.509 certificates to Azure user accounts. This would enable authentication improvements for at least 2 use cases:
- Higher level of assurance (X.509 on smart cards) for authentication to Azure Portal (e.g., Global Administrator needs stronger authentication options than currently available).
- Mobile user authentication - certificates on mobile devices would be able to be used for authentication.

The Microsoft managed list of available images for scale sets currently does not include Windows Server 2016 Core. Providing our own image works but is painful as we must maintain the image.

Since Windows Server Core images are already managed by Microsoft for IAAS VMs, you should also offer this images for scale sets.

We use a slack service hook to make sure the builds are doing fine, but now the service is quite verbose and it would be great if we only got notified when the status got changed, from succeeded to fail and vice versa.

When we have twenty builds that succeeded you might miss that twenty first that failed.

If one creates a VM using the normal market place resources the licensing would be added to the bill where as with HUB we're able to use our EA's for licensing.

That said, there should be an option to migrate the VM from the original licensing to the HUB licensing without having to rebuild everything.

The ability to automatically generate basic Visio Diagrams based on the resources deployed within a Resource Group.

Maybe some options to have server diagrams, network diagrams, storage diagrams, etc.

Add invoices for the Developer Support subscription in https://portal.azure.com

Please add billing alerts for Sponsorship subscriptions.

It would be interesting to allow import an openapi definition from an internal URL (through VNET integration). The request should resolve with custom dns and go through VPN or Express Route.
Now, you get errors that the URL is not publicly available.

So, the target would be to load openapi specifications from onpremise through VNET and VPN

Regards,

Google Cloud Dataprep is Trifacta integrated with Big Query, and it is very powerful. What does Microsoft have that compares?

Azure should allows us to extend the drive with out powering off the VM which avoids a down time for a virtual machine

I see Azure PowerShell command to get and set owner for Active Directory applications. Need something similar in Azure CLI.

https://docs.microsoft.com/en-us/powershell/module/azuread/get-azureadapplicationowner?view=azureadps-2.0

Can you please keep Azure CLI up to date with functionality that is available in Azure PowerShell

Starting from 1.1.819.0 of AAD Connect, you see "Continue without any verified domains" check box even when there are some other verified domains.

The term "Continue without any verified domains" could be misleading.

It should be changed to something like "Continue with non-verified domains"

Add Azure Application Gateway (With WAF) support for RD Gateway traffic.

Currently I can only route traffic for RD Web through the application gateway. It would be useful if I could route all RD traffic through the application gateway and not have to have multiple public IPs and Traffic Manager profiles and split RD Broker/Web and RD Gateway traffic.

At the moment I can't even route RD Gateway traffic through Application Gateway even with WAF disabled.

I believe there was a user write back feature of AAD connect, however it is now disabled. I would like to have that feature in the future so that it would be useful and convenient for admins. Thanks

Now policies can be assigned on a subscription/resource group/resources level.
But my customer want to assign policies once on all subscriptions under EA portal or at least on department level