Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, reach out to us on Microsoft Q&A or try StackOverflow


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Create More Learning Plans

    I really like the Learning Plans you have posted, and I'd like to see additional Learning Plans for the following topics:

    • Virtual Networks / Networking
    • Azure Active Directory - Operations
    • Storage

    Having these plans would really help those studying for the 70-533 and, of course, with understanding infrastructure topics for operations.

    I would be willing to contribute to these, but I do not see the Learning Plans anywhere on the GitHub repo.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    started  ·  2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  2. App service advisor. Allow to configure destination email

    Currently App Service Advisor send email to all subscription admins which is in some cases very annoying because not everyone must be aware of this.

    It should be configurable just as normal alerts, where you have the option to "Notify all admins" or just enter manually the emails you want to notify.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  3. "Managed identities for Azure resources" (MSI): support automation accounts

    It would be helpful to add support for MSI to automation accounts.

    The vision is that one could run runbooks against resources authenticating with a "System Assigned Managed Identity" rather than than a service principal or the certificate-based "AzureRunAsConnection", which need manual rotation and falls under the same security governance as service principals.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  4. front door backend health probe failure logs

    In case where your front door's backend health percentage is not what you expect, it would be helpful to have metrics or logs showing which backend health probes are failing.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  5. MFA Administrator Role

    Create a Role for individuals to manage Azure MFA. We do not want to give Global Administrator permissions just to manage MFA.

    This is a security issue and should be address quickly.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  6. SAP HANA DB backup support with SSLEnforce option

    Currently Azure recovery services vault backup supports SAP HANA DB backup without SSLEnforce option. We request the team to support SAP HANA backup with SSLEnforce.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  7. DPD timeout change for VWAN VPN Gateway

    DPD timeout for VWAN VPN Gateway cannot be changed currently.
    We need to change the DPD timer to mitigate the IKE session disconnects by short DPD timeout.

    Azure VPN Gateway had already implemented this feature.

    Multiple new features for Azure VPN Gateway are now generally available
    https://azure.microsoft.com/ja-jp/updates/multiple-new-features-for-azure-vpn-gateway-are-now-generally-available/

    Custom IPsec/IKE policy with DPD timeout - Setting IKE DPD (Dead Peer Detection) timeout allows customers to adjust the IKE session timeout value based on their connection latency and traffic conditions to minimize unnecessary tunnel disconnect, improving both reliability and experience. This feature brings the entire custom IPsec/IKE policy configuration experience to Azure…

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  8. New Datacenter in Italy

    is it possible to have a datacenter in Italy, maybe Milan?

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  9. Reduce violations to the SCIM specifiaction

    Azure AD violates the SCIM specifiaction in some points.
    1. PATCH operations are send with an upper case character, eg 'Add'. Scim specifies all lowercase operations, e.g. 'add'.
    2. Azure AD uses filters in paths for add operations. This is not specified in the SCIM spec.
    3. The urls for users and groups have to be prefixed with 'scim', e.g. https://scimsupportedapp.com/scim/v2/scim/Users. In this example the second scim is just redundant. This is not part of the spec and forces additional implementations especially for Azure AD.
    4. Azure AD seems to always send complex types as values for Scim PATCH.…

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  10. Ability to setup daily budget alert on my subscription consumption

    In addition to monthly budget, I would like to be able to set an alert on a daily consumption in order to react immediately and take corrective action to stay in my monthly budget.

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  11. Require to send app service plan's metric data to a workspace.

    A diagnostic setting to send the app service plan's metric data to a workspace is really needed.

    The metric data in app service plan is important and useful for monitoring the condition of all the apps, here is a strong requirement to make use of the data on Cx's goal flexibly by sending the data to a workspace.

    Please take this into consideration. Thanks a lot.

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure Bastion over a Peered network residing in another subscription

    It would be nice if Azure bastion could remotely connect to machines in a peered VNET residing in another subscription.

    Our hub is always located in a separate subscription. Azure bastion will be deployed in the hub. Without the possibility to remotely connect to machines in another subscription it is pretty useless to us. We would have to deploy multiple Bastions.

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  13. VNET capability for dev/test app service tier

    VNET is an essential feature that is required in every stage of the development cycle - It would be a blessing to get this capability to the lowest tiers of app-service plans.

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow using Office 365 groups for SCIM provisioning

    Group-based assignment to SAAS applications is supported for Security groups only currently: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/add-application-portal-assign-users

    We have a business requirement to assign Office 365 groups to SAAS applications for SCIM provisioning purpose and it would be great if AAD can support that. Thanks.

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  15. to write an plugin for Flutter

    Flutter is hot in mobile app development and it will have great future. Developing flutter plugin for Azure will only benefit Microsoft and lure more customers as Firebase doesn't support HIPPA compliance and some of those do don't have Flutter plugin.

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Identity Protection risky-sign in flag for guests

    We have guest users signing into our Tenancy with outstanding risks in their home tenant. If the guests home tenant has no impact on medium risks, they may not know it exists. When they sign into a Tenancy with a policy for medium risks, they could get blocked, but this Tenancy has no obvious way of seeing this flag. The suggestion is to add a field for a failed sign in of current risk = $true this could be used for both standard and guest users.

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  17. hybrid environment - User synchronization from Onprem

    In hybrid environment, User's is been sync from on prem to AAD with AAD connector, we can also activate password write back.
    If the user is lockout in on prem, this is not replicated to Azure\O365 and the user can log in in the cloud.
    And vice versa ,when user lockout in Azure, he still can login in on prem.
    I suggest to add this feature.

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  18. FrontDoor Designer - Do not show disabled KeyVault certificate versions

    When enabling HTTPS in FrontDoor designer for a custom domain, it lists all versions of certificates found in KeyVault, even when the version was disabled.

    Suggestion is not to show disabled versions of SSL certificates by default, perhaps with a check box to show disabled versions (not sure what the use case would be).

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable option to force token refresh for System Managed Identities

    When we enable managed identity on an Azure resource (say function app), Azure Instance Metadata service is responsible for acquiring token corresponding to this identity. This mechanism caches token for 8 hours by default and there is no way to override this caching mechanism. This is a serious problem in the below scenario:

    Imagine Managed identity is enabled on a function app. Say we have a security group which is being used to grant access to another resource (eg. Sql DB). There are two issues here -

    1. When we want to give this function app access to SQL DB -…

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  20. New dynamic security group based on strong authentication status

    Hi,

    Currently I can't see this available as a feature in azure directly and after some googling I'm not the only one I'd like to be able to create an dynamic azure security group based on users who have strong authentication enabled on their Microsoft account.

    The only solution I have for this is creating an on premise PowerShell script to run regularly and query msol to check if the user has strong auth enabled and add / remove from a local security group based on this. There's a number of reasons why this is less than ideal but currently…

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base