(General Feedback)
Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.
Remember that this site is only for feature suggestions and ideas!If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums
-
RBAC Role Assignments 2000 limit Constraint
Hello Team,
Customer is having high distress in regard to the RBAC Role Assignments 2000 grant limitation. Customer is using Managed Identity and Storage access patterns relying on RBAC grants, it worried customer that it’s a trap and customer will hit that limit in a very short time. These RBAC roles are so useful for the customer but it’s only a matter of time before it hits the limit.
Thank you for your consideration.
56 votesApologies for the delay in updating this item. We are aware of the challenges around this limit and are actively working to be able to raise it; however, we don’t have an ETA yet.
We will update this item as we get more clarity on the timeline. Stay tuned and thank you for the understanding.
-Arturo Lucatero
@ArLucaID -
Adding certification authorities allowed by Front Door
Front Door requires the use of a certificate using the CAs published on the document below.
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-troubleshoot-allowed-caWe want to make available certificates issued by CAs that are not listed. e.g. 'Security Communication RootCA1', 'Security Communication RootCA2'. Please consider.
31 votes -
Enable Clone App for Linux Azure App Service
Hi,
Right now, the App Cloning feature is only available for Windows App Service. It could be really great to enable it for Linux content too.
The feature would be very usefull in order to change the App Service Plan of a running Linux App Service, without any recreation.
If we want to change the Plan for an Linux App Service we must choose an App Service Plan in the same deployment or recreate it.
The App Cloning feature would allow Finops optimisation becoming way more easier.Regards
24 votes -
CentOS Data Science VM
Microsoft announced Deprecation of CentOS DSVM Images.
Then Ubuntu is the only Linux flavour in Data Science Virtual Machine .
CentOS is considered to be a more stable distribution compared to Ubuntu because package updates are less frequent. Also Enterprise Linux (CentOS) is considered more secure out of the box.Depreciation notification - https://docs.microsoft.com/en-us/azure/machine-learning/data-science-virtual-machine/reference-deprecation
Considering these facts we need a Data Science Virtual Machine image with CentOS Operating System , with latest version (CentOS 8)
44 votes -
Add Stream Analytics to Azure Germany datacenters
Please add Stream Analytics to the Azure Germany datacenters (Frankfurt and Berlin).
This is a critical component to our product roadmaps, and ensures that we maintain compliance with the German BDSG federal data protection requirements in addition to the other EU data protection acts like GDPR.
Ensuring a full set of features in the German datacenters is particularly important due to BDSG.
27 votes -
Azure Event Grid RBAC support for topic/domain operations
Please provide support for RBAC authentication for Event Grid topic and domain operations. This is since it is currently available just for subscription related operations. One should be able to authenticate applications with RBAC to create topics, publish events to topics, etc. Thank you!
30 votes -
Allow Customers the ability to see the allocated workers from the client side, as well as which workers get into bad instances.
At the moment, customers are unable to see which of their workers are assigned to bad instances from the Azure Portal. In order to know this very valuable information, they have to contact Azure Support Staff, and be in close contact with them every time they make any updates, or restart their application to see if things are going correctly.
As workers are incredibly important, they are basically the backbone of function apps, I propose that we make it so that customers have the ability to see which workers are allocated to their app services.
19 votes -
ITSM Connector additional Australian regions
Implement more ITSM Connector Australian availability regions. Currently we are only able to deploy ITSM Connector to Log Analytic Workspaces within Australia Southeast.
As a large organisation bound by data sovereignty and our existing network design, we cannot utilise this service in regions outside of Australia. As a large organisation we need to be able to implement DR strategies for the services we use.
ITSM Connector is a direct path and simplifies our design requirements but as it does not meet our availability requirements, we cannot use it. Please look into more regions for ITSM connector within Australia.
14 votes -
Provide Windows Virtual Desktop SSO Capability
Currently, the windows virtual desktop offering does not support SSO. Many of our clients would like this capability to provide a seamless user experience when logging onto the windows virtual desktops. Today users are prompted to enter their credentials twice (one to log into the WVD client, and two to log into their desktop).
Ideally it would be nice to just have to log into the client and be able to leverage SSO to log into the desktops.
34 votes -
Allow provisioning of users in Azure US Government Environment
Currently we are using SCIM for Genesys for PureCloud App in Azure which allows SSO and provisioning of users from Azure AD. This is working well in the General Azure but it is not available in the Azure US Government Environment.
10 votes -
Authentication tenant restriction - Permit authentication only in our own tenant and permit access to other tenants only as guests
When we did all the tests to implement the tenant restrictions, we only put our domains in the "Restrict-Access-To-Tenants" proxy header and we were able to access other tenants as guests.
Now, if the destination tenants are not in the list, our users that are guests in another tenant cannot access resources outside. It’s impossible for us to manage one list of all the tenants where our 6000 users could become guests.
We would like to authorize the connection to other tenants as guests if the authentication is done in our tenant.
30 votes -
Public licenses dependency Web page
Currently, there is no place to find license dependencies. This is crucial to being able to assign licenses correctly without the need to contact support where there is an internal site with this information.
This will enhance Customer knowledge and reduce Support cases.
31 votes -
Renew SSL/TLS Certificate automatically through multiple subscriptions.
Currently, Azure does not have the ability to auto renew app service SSL/TLS certificates through multiple subscriptions. With close to 100 subscriptions and hundreds of app services it is not convenient to manage and maintain via scripting efforts.
28 votes -
Maintenance notification for “NMAgent updates”
Blackout occurred for 5 seconds as the NMAgent, which is a network of Azure infrastructure, was updated.
In the event of an outbreak, the user must be able to receive alarms or notifications for the affected resource.
Because this maintenance influences the Windows Cluster users. This notification make many azure users so happy.24 votes -
Improve the speed and accuracy of the Azure Status page
Recently Azure AD experienced a major outage that affected every service in Azure that used AAD for authentication.
Unfortunately, the Azure Status page never reflected the outage and the manually typed report came in over 30 minutes after most of our users started reporting problems related to Azure AD Authentication. The manual report also indicated that the problem was limited to the Azure Portal, but was not. It was widespread to every service that used Auth through Azure AD.
Please make the status page more accurate, (automated if it's not?) and reflect outages sooner.
7 votes -
Perform Microsoft Authenticator Backup in OneDrive
First of all: Managed Open is active in our infrastructure.
All Microsoft apps are located in the business container on the iOS device.It is currently not possible to back up the account information of the "Authenticator" app.
iCloud does not work due to Managed Open in (private container) and OnDrive is not available.I am aware that you want to prevent business data from being backed up in a private area, but if the Authenticator App and OnDrive App are both in the business container, the account information can be saved in the business OneDrive account.
9 votes -
School@123
School@123
3 votes -
Add a "Blob Storage Connection Status" to the diagnostic tools for Function Apps
Recently we encountered an issue where blobs in an "azure-webjobs" container (used by Azure Functions) were placed into the "Archive" access tier automatically by a rule configured in our storage account.
This resulted in us being unable to list or add function keys to our function app instance in the Azure portal, receiving only a nondescript "internal server error" message.
It also resulted in all invocations of functions on that instance responding with a 500 error (and no further information), and the invocations not appearing in the AppInsights logs.
As we had no information in the error messages we were…
9 votes -
Allow use existing private DNS zone to create a new private endpoint
Imagine a private DNS zone already deployed in our environment and serving many resources and zones, why bother to create a new private DNS zone when we want to create private endpoints, instead of just associate the existing private DNS zone with it?
I know there is an option to choose whether or not to create a new private DNS zone when creating a Private Endpoint, but I think the option to associate already existing private DNS zones should also be added.
I hope the feature will go live as soon as possible, as it will satisfy some of the…
14 votes -
4 votes
- Don't see your idea?