(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add the ability to enable and configure access-based enumeration (ABE) for Azure Files Shares

    Add the ability to enable and configure access-based enumeration (ABE) for Azure Files Shares

    76 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  2. 43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  3. In Azure AD Connect, enable Group Writeback for *all* types of Azure groups (including Security groups, Mail-enabled Security groups, and Ex

    In Azure AD Connect, enable Group Writeback for all types of Azure groups (including Security groups, Mail-enabled Security groups, and Exchange distribution groups). This will enable us to utilize the Group Writeback feature to meet our business requirements. It is our opinion that the limitation of Azure AD Connect Group Writeback which restricts to only Microsoft 365 Groups greatly reduces the value of the feature, and we would like to understand why Microsoft decided to limit Group Writeback to only handle Microsoft 365 Groups. We would like to use Group Writeback for all types of Azure groups (including Security groups,…

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support Terminate notification for spot instances.

    Spot Machines are removed immediately without any information after changing desired scale on spot VMSS and we cannot perform connection draining.

    Regular instances have following feature - https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification. Documentation says it is not supported by spot instances.

    If we cannot scale down spot instances, we are missing opportunity to reduce cost and it forces some customers to implement their own custom autoscaling.

    We can estimate that implementing custom autoscaling will take 2 weeks of work. It is said that maintenance of code costs 10 times more than developing so a customer can lose 22 weeks on custom autoscaling in…

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  5. Azure policy to block all public access

    I would like to be able to create a policy and apply it to subscription(s), that would block any created resource from being able to be reached from the public internet. I want my developers to be able to experiment and try out different resources, but I don't want to put my network at risk while they experiment.
    Right now I have to play wack-a-mole and identify all the different resources that could get a public IP and create policy around that resource.
    I believe it would be in Microsoft's best interest to create a policy that one could apply…

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  6. Improve error reporting when v3 functions reach timeout

    Azure Functions supports configuring a time limit for running functions though the "functionTimeout" property in "host.json" file. When a function deployed on a v3 function runtime stack is invoked (though an HTTP trigger, for example) and it reaches a predefined timeout, the invocation fails with status code 500, but no response body indicating the type of error is returned. However, functions deployed on a v1 runtime stack produce nice error messages, similar to the one below:

    {
    "id": "75293a6d-0b04-4250-80b9-8fbe2107dbc0",
    "requestId": "4e2d55d3-cc04-4d81-a290-c439a56c3a49",
    "statusCode": 500,
    "errorCode": 0,
    "message": "Timeout value of 00:00:15 was exceeded by function: Functions.f77c362f79bf0c40a03e74e2208f860a641bb1895af73c0fcde16a598"
    }

    In order to provide…

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support for ManageEngine MDM when requiring device compliance in Azure Conditional Access

    We use ManageEngine MDM for managing mobile devices. We want to use conditional access policies to ensure the device has been marked as compliant by ManageEngine MDM before allowing access to certain applications.

    Currently Azure AD Conditional Access Policies only supports InTune for checking device compliance as described @ https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-policy-connected-applications#trusted-devices. This should be extended to support ALL 3rd party EMM solutions.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  8. Prevent Account Lockout due to Brute Force Attack

    Currently Azure Active Directory is locking Office 365 user accounts based on the number of failed sign-ins. If the user credentials are entered incorrectly, it does not check or verify existing Azure Conditional Access Policy, whether this account can sign-in from that location (Country or IP address) or not, because the authentication was not successful.

    To prevent Azure AD account lockouts, can you design the Modern Authentication system in Azure AD to check for existing Azure Conditional Access Policy for failed logins coming from blocked locations (Country or IP address)?

    This will help Office 365 Admins prevent account lockouts, sourced…

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  9. Azure Firewall Network Rule Logs there is no place to see which rule(rule name) blocked/allowed the traffic.

    Azure Firewall Network Rule Logs there is no place to see which rule(rule name) blocked/allowed the traffic.

    This will helpful for Daily operation and troubleshooting.

    MSFT Case :120092424003536

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add the subscription ID to the invoice in order to better manage the billing for each of your departments

    Could you please add the Subscription ID to our Azure Invoice? We have many different departments utilizing your great platform. We have one Azure tenant, but many different subscriptions for different departments. When we get the invoice, it's very hard to sort out the charge backs for each department in our billing system. Right now, we know we can do it with tags, but it'd be so much more streamlined if you could include one more field with the subscription ID

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  11. Extend Front Door Rest API

    Improve Front Door Rest API to allow create/update/delete on the individual components (e.g backend pools, routes) rather than on the entire resource as a whole.

    We have a case where different teams are creating microsites that use frontdoor as a routing mechanism. Each team wants to IaC their routes and backend pools but cant commit these separately, frontdoor has to be created/updated as a whole. This presents a problem whereby each team need to have insight into the existing routes, pools, etc that other teams have created else they run the risk of deleting all these and only applying their…

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow Port Ranges for Azure Firewall DNAT Rules

    Would be great to add a range of ports to a single DNAT rule instead of a single port per rule. This prevents us from using the Azure Firewall for protocols like SIP where the ranges are in the thousands

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  13. Map IPV6 addresses to locations so we can use it in Conditional Access policies using Countries/Regions as Named Locations

    It is not possible to have Conditional Access Policies using Countries/Regions correctly because AAD doesn't map IPV6 addresses to locations.

    When setting up Conditional Access, most of us are using Countries/Regions to limit the scope for the access, especially when we see how many sign-in attempts we get on a daily basis from foreign countries.

    We therefore add Countries/Regions as trusted locations in the AAD Named Locations.

    Problem is that AAD doesn't map IPV6 addresses to locations and therefore map incorrectly users using IPV6 when assessing Conditional Access policies.

    Result is that either users are blocked while they are within…

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  14. Azure AD B2C Password History

    Password history maintenance is one of the basic requirement for LDAP user management. Since this feature is missing within B2C, it is creating Non compliancy in audit on how users password are stored and managed within Azure AB B2C. Please treat this as an enhancement request so that this feature is available within Admin GUI and following parameters can be set.

    • Systems should prevent end users from reusing an old password when their password expires.
    • 13 previous passwords should be remembered and blocked from being used.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  15. VNET capability for dev/test app service tier

    VNET is an essential feature that is required in every stage of the development cycle - It would be a blessing to get this capability to the lowest tiers of app-service plans.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Bastion over a Peered network residing in another subscription

    It would be nice if Azure bastion could remotely connect to machines in a peered VNET residing in another subscription.

    Our hub is always located in a separate subscription. Azure bastion will be deployed in the hub. Without the possibility to remotely connect to machines in another subscription it is pretty useless to us. We would have to deploy multiple Bastions.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  17. Azure Advisor configuration should have rule where CPU usage is less than 30 %

    Currently Advisor having option to pull out VMs reports where CPU usage is less than 20% which can be improved by increasing CPU usage less than 30% also. You can put customized limit 25% ,30% so that we can understand more in depth.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  18. passwordless authentication

    Please implement passwordless authentication through authenticator app for work or school accounts.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  19. - provide DNS Query details logs in Azure DNS zone resource portal

    In the Azure DNS Zone portal, we could only see some metrics for the query volume sum with a number but not more detail about the queries.

    It should be better to add a log to show more detail for the DNS queries in Azure DNS Zone.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  20. enable to add resource group to SQL Long term Retention instance

    I have noticed that SQL Long term Retention service doesn't show resource group in usage reports. The Instance ID doesn't have a "resourcegroup/****" section, hence the resource group column is blank.

    It would be helpful to be able to group this instance with a resource group as well.

    Could you set up an option to specify a resource group when we configure SQL Long term Retention instance?
    https://docs.microsoft.com/en-us/azure/azure-sql/database/long-term-backup-retention-configure

    Or, at least make it taggable?

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 104 105
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base