(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure SQL PiTR - Option to disable or set to 1 day retention

    We currently have an SQL managed database, which we use for development purposes.

    We are developing how our data ingest will work, currently we drop the tables every day, and re-load all the data. As of the 31-AUG we started getting charged for PiTR which we didn't know about, until PiTR started costing us upwards of $120 per day.

    What I found out is after the initial backup (free) any changes were replicated to 6 regions (GRS storage) and set to 35 days retention period. These are backups we don't want or need, as data is ingested from the Datalake.…

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  2. On Azure AD Application Proxy Connectors “Internal URL”, we cannot set URL which includes “?” or doesn't end with “/”.

    On Azure AD Application Proxy Connectors “Internal URL”, we cannot set URL which includes “?” or doesn't end with “/”.
    We need to connect to on-premises apps from Azure AD Application Proxy connectors via Internet,
    then tried to set the URL which doesn't end with "/" or includes "?", but couldn’t.
    We hope this will be improved quickly.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Offers  ·  Flag idea as inappropriate…  ·  Admin →
  3. Application Gateway handling the Query parameter on back-end

    In application gateway HTTP settings when we use "override back-end path" option, it is stripping out the query parameter and retains only the resource path.

    Eg: https://<<HostName>>:443/resurcepath/invoke?api-version=2016-10-01&number=5

    It retains only "https://<<HostName>>:443/resurcepath/invoke" and ignoring "?api-version=2016-10-01&number=5"

    It will be good to retain the query parameters without doing any URL redirection etc

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  4. Use only a specific RDGW when using WVD

    For these reasons, we want to pin the [rdgateway-r0.wvd.microsoft.com] endpoint to a specific server.

    ・ Compliance
    ・ Charges are incurred for accessing different regions

    Although it is recognized that the operation of Traffic Manager is selected from a plurality of endpoints, it is desirable that it can be fixed by parameters or the like.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  5. Custom Role Definition - Storage CRUD using AD accounts for better Audit

    I wish to create a storage account CUSTOM role for my client.

    In that role I wish the Azure Identity (Users in On-Prem AD groups, Managed identity for webAPP, on-prem synced Service Accounts) to only Create/Add/Delete/Update (CRUD) without being able to see or self-rotate the Admin Key or SAS key for following.


    1. BLOB / Containers / Files

    2. FilesShare

    3. Table

    4. Queue/Messages.

    Current Method : [Auditing using KeyVault and Access Policies]

    Above is required as we want better Auditing directly from Storage account, rather than using current 2 step process method :

    Step 1 : Identity can go to key vault and…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Availability  ·  Flag idea as inappropriate…  ·  Admin →
  6. Upgrade CPUs in Azure App Service Premium Tier

    Currently the "Premium" tier on App Service offers this three options:

    P1: 1VCore DSV2
    P2: 2VCores DSv2
    P3: 4VCores DSv2

    I wouldn't call this a premium tier now that we are getting into 2020...

    App service is one of the most useful services offered in Azure and it really needs an upgrade.

    Amazon's Beanstalk does not have such limitations.

    I would suggest that to upgrade the hardware/resources of the Premium tier to at least:

    P1: 2 VCores
    P2: 4 VCores
    P3: 8 VCores

    The processors model should be upgraded as well to use DSv3 or even better the F series.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  7. Fully private App Gateway v2

    From: https://docs.microsoft.com/en-us/azure/application-gateway/migrate-v1-v2

    " v2 gateways currently don't support only private IP addresses."

    We need to be able to create fully private App Gateway V2, without public IP.

    At the moment V2 Gateways will be public facing so we need to stick with V1. We cannot rely on NSG/Firewall to restrict traffic: we need to be able to provision a private load balancer.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  8. Unsupported administrator operations

    Unsupported administrator operations- Any administrator-initiated end-user password reset from the Microsoft 365 admin center

    Please add the ability for Administrators to reset end-user password from the Microsoft 365 Admin Center, and have it write-back to on-premises AD

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-writeback#unsupported-writeback-operations

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  9. Security Center workflow automation should be linked to management groups

    When using workflow automation in Azure Security Center, you need to associate a workflow (logic app) to a subscription.
    But I have alot of subscriptions and new ones added every day.
    I want a logic app to be run automatically when a threat is detected on multiple subscriptions. (I mean the logic to be associated to multiple subs)

    So, I would argue to associate a workflow automation to a Management Group, so all subscriptions in that MG is associated with that workflow and will be run on threats detected on all subs in that MG. (which can of course also…

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  10. OS selection screen when creating a new virtual machine in the Azure portal

    In the OS selection screen when creating a new virtual machine in the Azure portal, two identical notations are displayed side by side for each OS version.

    The investigation revealed that the top is a first generation virtual machine and the bottom is a second generation virtual machine.

    We need to make improvements so that we can immediately determine if a virtual machine is a first-generation virtual machine or a second-generation virtual machine.

    The actual screen is attached.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  11. SSL Certificate expiry warning at keyvault level

    It would be nice once a cert is put into the keyvault that expiry warnings are automatically applied.

    Currently we configure the warnings at certificate level inside the keyvault, but this can be tedious and certificates can be missed.

    We would like expiry warnings to be automatically applied to a certificate once its placed into the keyvault.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. Availability Zone resource

    Often to fail VM deployment at availability zone, like "not enough resource" or "conditions are too strict".

    Expect more physical resource preparetion to availability zone environment.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Availability  ·  Flag idea as inappropriate…  ·  Admin →
  13. prevent to use double byte charactor for resource group name

    Even not allow to use double byte chatactor (ex. Japanese charactor) for resource group name, it is possible to use them right now.

    Prevent not to allow for using "unsuitable charactor" when create resource group.

    https://docs.microsoft.com/en-us/rest/api/resources/resourcegroups/createorupdate

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. Create automation to separate resources from other consumers that cause SNAT Port Exhaustion

    Because resources are shared among consumers in plans, one person may experience SNAT Port Exhaustion side effects from another consumer. This can cause business critical elements to malfunction without a clear cause.

    I recommend that you create some sort of automation that recognizes any snat port exhaustion on a resource, and moves the instance to a restricted sandbox environment where other consumer's resources won't be affected until the issue is fixed.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Show ticket number in approval screen

    When requesting a PIM role, you are asked for a ticket number which is then displayed in the audit log. This ticket number should be displayed to the user who is approving the request so they can validate the request

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Function Apps to Switzerland West Azure region

    Add Azure Function Apps to be available in Switzerland West Azure region

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Availability  ·  Flag idea as inappropriate…  ·  Admin →
  17. To all Employees of Enterprise Accounts - your personal phone is needed for company use

    For companies with Enterprise subscriptions they are being forced to ask their employees to use THEIR OWN PERSONAL PHONES to authenticate this App. If you do not you will lose your cloud data - a form of extortion. One alternative suggested was for employees to request the company purchase a phone for them to do this authentication. Can you imagine the additional expense if everyone did this? I'm a stock holder in this company and don't want poor designs from external apps to cause additional unexpected expenses. This design was not thought through as far as the impact to enterprise…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  18. App registration owners should allow for groups

    We have many App Registrations. Adding our team members to the owners list is tedious. Please allow for a group to be added as owners.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add X-Forwarded-For information in Application Gateway Access log

    If we have other Layer 7 Load Balancer like Cloudflare load balancer uses in front of AppGw, we are not able to obtain real client IP. Imagine Cloudflare load balancer inserts X-Forwarded-For info before forwarding request to AppGw, can we add X-Forwarded-For information in Application Gateway Access log?

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. Sign-In Risk Policy > MFA > Add an Exclude App and a way to mark and IP safe for unfamiliar locations

    We are having issues with our Sign-In Risk Policy set to Low to action MFA. If our location switches egressing IP addresses, the entire location and users within that location are hit with a low risk for unfamiliar location.

    We do not have the ability to mark an IP safe within this policy, or to exclude a specific app from this policy. Can we have a feature request to add an app exclusion within the Sign-In Risk Policy and the ability to add IP addresses within the unfamiliar locations to be marked as safe to stop MFA triggering on our…

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 189 190
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base