Azure Data Factory UI should have a timeout setting for inactivity and force logoff users after certain inactive time, let say 30 minutes. this is a mandatory requirement in our organization for all web clients

Recently, there have been issues with obtaining Azure resources and reservations for SQL PaaS vCore model (pool and individual databases).

I would like to see consumption and quota data for this service in the Usage & Quotas section of the portal for individual subscriptions.

Please add RBAC permissions for KeyVault networking (i.e FW, VNET integration and Private Link)

In some cases we need to grant users write access to the Key Vault in order to manage access policies, but need to specifically deny any access to networking.

Currently it is impossible to filter IP prefixes that are announced or received on ER Circuit and Virtual Network Gateway. It would be ideal if there could be a way to filter out which networks are announced and how they are announced (summarization and filtering via BGP).

Private Networking is currently offered at only the developer and extraordinarily expensive Premium level in the API Management Service. A stroke of genius by your product group in extracting unnecessary API spend from your Azure customers who need basic API security as part of an external API service. The private networking capability should be standard at all API Management Service tiers.

We need a way to programmatically query either via PowerShell or rest api the content of the block/unblock users report in user portal . or have a way to determine by accessing properties on the user account.

Is it possible to get a NSG Manager were you can apply rules to multiple NSGs at one time similar to Azure Firewall Manager.

Display the management group that subscriptions belong to. Also from the Manage Group view, display the Subscriptions that belong under the group.
Organizing Management groups and subscription is important in a large company. Displaying that information from each viewpoint is important also.

I have a customer who owns a storage account with multiple containers. Each of these containers has multiple folders with files in them. My customer would like to provide his client access to a specific folder within the storage account container. At present, I can assign a Storage Blob Data Reader role which provides read access to all the folders/files within the container. I would like to see whether we can wither have a built-in role or a custom role which provides access to a specific folder within the container.

Currently, gRPC-Web supported by azure App service partially. bi-directional streaming is not supported by Azure App Service. Which is limits usage scenarios.

we can only see the vhub connection state at the moment, but each connection is actually built by 2 VPN tunnels from active-active VPNGw. It would be great if we can list each individual VPN link state on the vhub portal, or from the Azure monitor.

Currently, Subscription-level admins aren't exposed in PIM. Appears to be a big blind-spot if they aren't covered for elevation & access review workflows.

The FQDN for keyvault privateLink is displaying incorrectly in the portal. The FQDN for the private link shows .vaultcore.azure.net, but should only reflect the name of the keyvault, .vault.azure.net. Other services with private link such as storage show as *.blob.core.windows.net and are resolvable. The privateLink FQDN for keyvault should work the same. Please see the attached images showing an example of the correctly keyvault FQDN shown for the keyvault resource and the incorrect FQDN shown for the private link.

Allow those writing Azure Policy to document their config files like developers would document code with comments. Simply allow including "comment":{} and ignore it.

I would like to be able to do something like this:

"comment":{

"CreatedOn": "7/30/2020",

"Purpose": "Block changes that would take the configuration out of a state of compliance with policy XYZ",

"ItemsBlocked":[

    "Turning off logging",

    "Turning off https",

    "Turning on remote debugging"

],

"PointOfContact": "If you have concerns about this policy please contact the security and compliance team"

}

Not applicable resources under ASC is showing up as Non-Compliance resource list in policy initiative is not good and need to find solution to match state of Azure resource

In classic ML studio one could visualize the resultant clusters after completion of a K-Means run. I've not yet been able to find that, or at least plot data of the same run in the new ml.azure.com.

Track usage of programmatic subscription creation quota

Per documentation, https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/programmatically-create-subscription?tabs=azure-cli, there is a limit of 2000 subscriptions you can create per enrollment account. This is a cumulative limit (i.e. if you create 1000 subscriptions and delete them, you can still only create 1000 additional subscriptions programmatically).

There is no way currently (that we can find) to see what our usage is against that limit either in the Azure portal (portal.azure.com) or in the EA portal (ea.azure.com).

We are requesting that a way be provided/exposed to access this information.

We enabled a Policy to allow only certain Azure regions to our corporate users. However, we discovered through troubleshooting an issue that some Azure services must have certain regions allowed in order to be deployed. This is not clear to the customer beforehand.
For example QnA Maker must allowed US WEST as a region for deployment.
I recommend you update this information ( https://azure.microsoft.com/en-us/global-infrastructure/services/?products=cognitive-services ) with an indicator marking REQUIRED REGION(S) for each service that has such a requirement.

Thanks