(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow protect Cloud Shell storage with firewall

    Allow protect Cloud Shell storage with Azure storage firewall. Is not supported now to limit access to Azure Storage account. I need protect storage to be accessible from azure backend only

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. budget

    Have Azure Budget notifications/alert email for Resource Group and subscription give a estimation or forecast on current consumption on when the Budget will actually be reached to help give users a good idea on when the budget will be met - especially if it is before the months end.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide an option to disable the TimeSync guest integration service for Azure Virtual Machines.

    Domain joined windows machines require a registry setting to disable the VMICTimeProvider and force time sync to domain hierarchy. This could be avoided if the Time Synchronization setting under Guest Integration options in Hyper-V manager was configurable from the Azure Portal or Azure Powershell.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  4. Functionality to allow auto-terminate option to work with RStudio installed clusters in Databricks

    Add Databricks cluster ability to allow auto-termination option to work with clusters which have RStudio app installed.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. 11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  6. Group Based Licensing

    Group Based Licensing - While this feature is currently in preview, it seems that once a user receives a license for an specific product within an E3 by being member of a security group, no other product licenses within that E3 can be modified manually. This is not the case if the user had a "Direct" License assigned manually previously.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  7. Create a full tenant factory reset option.

    Create an option to reset a tenant to factory defaults (365 configurations, Users, AAD, Intune, Business store, etc).

    Basically leave only tenant super admin, licenses and billing (Reset license assignments and configurations, but retain commercial information regarding trial days or purchases)

    This will help company's process of configuration and deployment by allowing to test all features and document useful or required settings then do a reset and configure for production.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  8. Publish Information for Azure Resource Exhaust

    If azure resources are exhausted, I would like to know about the situation.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  9. Provide Metrics for CDN Endpoints (like we have for Storage Accounts)

    Currently, there are no Metrics available for CDNs. Simply viewing overall usage/bandwidth requires convoluted solutions like waiting for the invoice CSV (30 day wait, complicated to parse), using Verizon stats page (limited functionality, not available for Akamai endpoints), or analyzing logs (requires setting up log analytics service, creating custom queries, etc).

    A far better solution would be to make information like usage/bandwidth available as an Azure Metric, similar to what we already have for Storage Accounts. This would provide a simple, standardized, and user-friendly way to view these essential stats.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. NPM agent as a docker container

    Network performance monitoring agent is only available as an agent on a VM. It would be great to have a docker image to minimize IaaS in your environment.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support Azure CLI for Container instance when using MSI

    The current set up allows the container instance to get an Access token using MSI. for further Authentication steps to use the access token with container and Blob storage we need to use either .Net or node.js application. We do not have an App assigned to the container service and would love the have the same function performed using Azure CLI or PowerShell.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. SSO to on-premises resources using FIDO2 keys: Do I really need a Global Admin without MFA?

    I'm referencig this procedure: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-security-key-on-premises#create-kerberos-server-object

    To setup and matain the Kerberos TGT for Azure AD some powershell commands need to be run.
    A s a common requirement, each command requires to authenticate to Azure AD with a Global Administrator.
    The article states that is required to: "# Enter an Azure Active Directory global administrator username and password."

    This requirement has security concerns that may not be always satisfiyed.
    For example our company (as a Microsoft CSP) is required to not have any Global Admin without MFA.

    For this reason I'd like to ask the DEV team if this requirement could…

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  13. Migrate to cloud authentication using staged rollout

    We understand that nested groups are not supported in the PHS staged rolled out feature however we have a business requirement wherein we have around 24K users needs to be added under PHS staged rolled out group and we have added nested groups under PHS group and would like to see this scenario supported for our environment.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. ask.azure.com

    pl create ask.azure.com
    where azure users can create stackoverflow like questions which can be answered by experts and other community members

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  15. Display current setting for HTTP/HTTPS backend port instead of default port (80/443) when changing the http setting of Application Gateway

    When we changing the application gateway HTTP setting, the backend port always display as the default port for HTTP and HTTPS (80 and 443), even if we have used another custom port for HTTP or HTTPS.

    Sometimes, I only want to change another setting for HTTP setting such as the timeout value, without changing the backend port. But this default display for HTTP/HTTPS port easy to mislead me into changing the custom port accidentally.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add "Least Connection" style algorithm to Azure Load Balancers

    Other manufacturers of LoadBalancer technology allow many different options for load balancing method.
    One of the most useful is "Least Connection" where new incoming sessions are routed to the server with the least number of client connections already.
    This makes for a very even and efficient distribution of traffic.
    The current sourceIP+protocol distribution is very uneven and puts more load on a single webserver.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. Azure Detailed Usage Reports for CSP Customers

    we need to know how to get the detailed Azure consumption of CSP partners (we are indirect cloud providers). customers are asking for reports other than what the reconciliation file includes such as resource name, resource group name, meter id, meter description...

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Azure DevOps Microsoft-hosted Agents have static ip addresses

    When we create a pipeline that access to azure resource like Azure Container Registry, we cannot restrict ip addresses without scripts.
    https://docs.microsoft.com/en-us/azure/devops/organizations/security/allow-list-ip-url?view=azure-devops#microsoft-hosted-agents

    Alternative option is having self-hosted agent.
    But it is not managed service.

    If Microsoft-hosted agents have static ip addresses, we will easy to build secure systems.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. After migrating from WAF to WAF_v2 SSL Certificate chain is reported as incomplete

    We have migrated from WAF (v1) to WAFv2 and when checking the site with SSL Test (https://www.ssllabs.com/ssltest/analyze.html) it reports that the Certificate Chain is Incomplete and thus caps the score at 'B'.

    This does not happen with WAF v1 - with an equivalent configuration or if AppGateway/WAF is bypassed and the AppService site is accessed directly with the bound SSL cert.

    It seems this is due to so an infrastructure change between WAF v1 and WAF v2 which means by default the certificate chain is not resolved and returned automatically as it is everywhere else in Azure.

    This…

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. alter how Administrative Units manage groups and their members

    Administrative Units allow for users and groups to be added to the AU, and then RBAC roles to be assigned to users for that AU specifically. We tested this recently only to learn that in order for a Helpdesk Admin to reset a user's password, that user has to be added independently of the groups. For example, if John Doe is a member of group Sales, and the Sales group is added to the AU, a Helpdesk Admin for that group would not be able to reset John Doe's password. Only if John Doe is also added as a user…

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base