Allow protect Cloud Shell storage with Azure storage firewall. Is not supported now to limit access to Azure Storage account. I need protect storage to be accessible from azure backend only

Have Azure Budget notifications/alert email for Resource Group and subscription give a estimation or forecast on current consumption on when the Budget will actually be reached to help give users a good idea on when the budget will be met - especially if it is before the months end.

Domain joined windows machines require a registry setting to disable the VMICTimeProvider and force time sync to domain hierarchy. This could be avoided if the Time Synchronization setting under Guest Integration options in Hyper-V manager was configurable from the Azure Portal or Azure Powershell.

Add Databricks cluster ability to allow auto-termination option to work with clusters which have RStudio app installed.

Group Based Licensing - While this feature is currently in preview, it seems that once a user receives a license for an specific product within an E3 by being member of a security group, no other product licenses within that E3 can be modified manually. This is not the case if the user had a "Direct" License assigned manually previously.

Create an option to reset a tenant to factory defaults (365 configurations, Users, AAD, Intune, Business store, etc).

Basically leave only tenant super admin, licenses and billing (Reset license assignments and configurations, but retain commercial information regarding trial days or purchases)

This will help company's process of configuration and deployment by allowing to test all features and document useful or required settings then do a reset and configure for production.

If azure resources are exhausted, I would like to know about the situation.

Currently, there are no Metrics available for CDNs. Simply viewing overall usage/bandwidth requires convoluted solutions like waiting for the invoice CSV (30 day wait, complicated to parse), using Verizon stats page (limited functionality, not available for Akamai endpoints), or analyzing logs (requires setting up log analytics service, creating custom queries, etc).

A far better solution would be to make information like usage/bandwidth available as an Azure Metric, similar to what we already have for Storage Accounts. This would provide a simple, standardized, and user-friendly way to view these essential stats.

Network performance monitoring agent is only available as an agent on a VM. It would be great to have a docker image to minimize IaaS in your environment.

The current set up allows the container instance to get an Access token using MSI. for further Authentication steps to use the access token with container and Blob storage we need to use either .Net or node.js application. We do not have an App assigned to the container service and would love the have the same function performed using Azure CLI or PowerShell.

We understand that nested groups are not supported in the PHS staged rolled out feature however we have a business requirement wherein we have around 24K users needs to be added under PHS staged rolled out group and we have added nested groups under PHS group and would like to see this scenario supported for our environment.

pl create ask.azure.com
where azure users can create stackoverflow like questions which can be answered by experts and other community members

When we changing the application gateway HTTP setting, the backend port always display as the default port for HTTP and HTTPS (80 and 443), even if we have used another custom port for HTTP or HTTPS.

Sometimes, I only want to change another setting for HTTP setting such as the timeout value, without changing the backend port. But this default display for HTTP/HTTPS port easy to mislead me into changing the custom port accidentally.

Other manufacturers of LoadBalancer technology allow many different options for load balancing method.
One of the most useful is "Least Connection" where new incoming sessions are routed to the server with the least number of client connections already.
This makes for a very even and efficient distribution of traffic.
The current sourceIP+protocol distribution is very uneven and puts more load on a single webserver.

we need to know how to get the detailed Azure consumption of CSP partners (we are indirect cloud providers). customers are asking for reports other than what the reconciliation file includes such as resource name, resource group name, meter id, meter description...

When we create a pipeline that access to azure resource like Azure Container Registry, we cannot restrict ip addresses without scripts.
https://docs.microsoft.com/en-us/azure/devops/organizations/security/allow-list-ip-url?view=azure-devops#microsoft-hosted-agents

Alternative option is having self-hosted agent.
But it is not managed service.

If Microsoft-hosted agents have static ip addresses, we will easy to build secure systems.