(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Use only a specific RDGW when using WVD

    For these reasons, we want to pin the [rdgateway-r0.wvd.microsoft.com] endpoint to a specific server.

    ・ Compliance
    ・ Charges are incurred for accessing different regions

    Although it is recognized that the operation of Traffic Manager is selected from a plurality of endpoints, it is desirable that it can be fixed by parameters or the like.

    315 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  2. Require to update cookie based session affinity application gateway in secure

    Please add Secure http for application gateway cookie based session affinity in azure. The websites are showing not secure for "ApplicationGatewayAffinity".

    124 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make DomainDNSName,NetbiosName & Samaccountname attributes avaialble to public to use AAD Join without AAD Connect

    We use okta for synchronizing accounts to Azure AD.

    We plan to use AAD Join for our windows10 devices, it works well with AAD Connect(As AAD Connect synchronizes attributes DomainDNSName, NetBIOS name & Onpremisesamaccoutnanme)

    Okta could not update these attributes, I want to find a way to update the attributes(by using PowerShell or GraphAPI?).

    And also would like to know if there is any possibility to sync MSDS-Keycredentiallink attribute to on-premise without using AAD Connect so that I can use windows hello.

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  4. Moving IBM Mainframes to Azure

    we need an easy way to lift and Mainframes/ AS400 to lift and to Azure. instead of replatforming if Microsoft can build a layer which AS 400 or Mainframe apps can run on, can help drive consumption of Azure. Hopefully Microsoft can do it before AWS

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow Password Policies to be set at the Group Level

    Allow Password Policies to be set at the Group Level instead of only at the domain level.

    Example: Our default password expiration is 90 days, but we have a group that requires their passwords to be reset every 60 days.

    This is not currently possible.

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  6. Azure Sql Import Bacpac slow

    We are testing a production database migration to Azure SQL. The database is 50GB and even on the S3 tier we are going on 30 hours still and the import isn't complete (pegged at 100% DTU). At this point I couldn't even tell you when this will finish. I understand I could have chosen the highest premium tier to import this and it might have been quicker, however I only want to test this database and right now I've lost 3-4 days on this (importing at S0, S1 tiers). My suggestion is to allow an option when going through the…

    53 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enterprise Applications Search Improvement

    We are unable to use the Enterprise Applications blade to find our applications. The interface only lists the first 20 applications. You cannot even download a list of them. In order to search for one on the list you have to know what letters the application name starts with. You cannot do partial search on part of the name, you must start with the first name. This is a HUGE problem if we forgot the name of an application.

    For example. We created an Application called Ameris Webex. It is not listed in the first 20 applications, therefore we have…

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  8. Azure SQL PiTR - Option to disable or set to 1 day retention

    We currently have an SQL managed database, which we use for development purposes.

    We are developing how our data ingest will work, currently we drop the tables every day, and re-load all the data. As of the 31-AUG we started getting charged for PiTR which we didn't know about, until PiTR started costing us upwards of $120 per day.

    What I found out is after the initial backup (free) any changes were replicated to 6 regions (GRS storage) and set to 35 days retention period. These are backups we don't want or need, as data is ingested from the Datalake.…

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  9. Within Azure AD Devices-All Devices, Make "Download" an option

    When creating Conditional Access policies it is impossible to get a report from Azure or PowerShell that list all devices that are in a "Pending" state in the Registered column.
    There should be an option to download everything in Azure AD Devices-All Devices to a csv file and include the device ID and the Registered state. This would help to find all devices that would fail Conditional Access policies requiring a registered device be used.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  10. MFA Block/unblock

    Create another Admin Role that allows the view of MFA users that are blocked/unblocked so in the case of the issue users getting themselves blocked for various issues, and only Global Admins can unblock (or wait out the 90 day period), other Admins (aside from Global Admins) can do so.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  11. Set TLS 1.2 or 1.3 as default for Azure Automation Account

    Currently Azure Automation runbooks start a powershell session that has Its security protocol set to SSL3 and TLS 1.0 by default.

    Since there are alot of security risks involved with using TLS 1.0 we would like to have this version set to 1.2 or even 1.3 by default.

    Since Okta has disabled TLS 1.0 and 1.1 per 1st of August 2018 this is also causing errors in Azure Automation runbooks, where we specifically need to specify a later version in each runbook.

    PCI DSS 3.2 also prohibits the use of TLS 1.0 after June 30, 2018.
    Source: https://www.owasp.org/index.php/TransportLayerProtection

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure Policy - Indexed mode policies pick up resources that don't support tags

    For example, I created a custom policy definition that audits if a tag exists. It is set mode=indexed, so only taggable and location based resources should be evaluated.

    Here are some things that are coming back as non-compliant:
    /microsoft.insights/alertrules
    /microsoft.insights/actiongroups
    /Microsoft.Compute/virtualMachines/extensions
    /microsoft.insights/activitylogalerts
    /microsoft.operationsmanagement/solutions
    /microsoft.portal/dashboards

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  8 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  13. Additional "/read" permission to allow call to Network Watcher queryFlowLogStatus api

    Today default Build-In Reader role not allow to execute Query Flow Log Status, because Reader role allows all operations of "*/read".
    But query flow log status operation have "/action" in the end:
    Microsoft.Network/networkWatchers/queryFlowLogStatus/action

    This makes complicated to use different applications and services which want to query flow log status. To be able to do it they ask customers to create custom role in each and each subscription with that permission and then assign that role to the application (In addition to Reader role which they ask to assign for other features).

    If will be additional permission with "/read" operation to…

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  14. support multiple values for the same key when tagging. If i want to allocate multiple departments while tagging i should be able to do that.

    Currently AzureRM tagging only supports one value for one key. This means if i want to tag multiple departments to one resource it is incapable of handling it.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  15. Fully private App Gateway v2

    From: https://docs.microsoft.com/en-us/azure/application-gateway/migrate-v1-v2

    " v2 gateways currently don't support only private IP addresses."

    We need to be able to create fully private App Gateway V2, without public IP.

    At the moment V2 Gateways will be public facing so we need to stick with V1. We cannot rely on NSG/Firewall to restrict traffic: we need to be able to provision a private load balancer.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  16. CDN

    There needs to be a way to apply service tags to Azure CDN. When applying NSGs or firewall rules it would be beneficial to be able to use Service Tags to target the CDNs.

    Marc

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  17. Upgrade CPUs in Azure App Service Premium Tier

    Currently the "Premium" tier on App Service offers this three options:

    P1: 1VCore DSV2
    P2: 2VCores DSv2
    P3: 4VCores DSv2

    I wouldn't call this a premium tier now that we are getting into 2020...

    App service is one of the most useful services offered in Azure and it really needs an upgrade.

    Amazon's Beanstalk does not have such limitations.

    I would suggest that to upgrade the hardware/resources of the Premium tier to at least:

    P1: 2 VCores
    P2: 4 VCores
    P3: 8 VCores

    The processors model should be upgraded as well to use DSv3 or even better the F series.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  18. Outstanding Payment

    Need Payment history and total outstanding per subscription.

    As a subscriber I can only see invoices at azure, but there is no payment history which tells me how and when azure has captured this payment.

    It is our legal right to see the payments captured by AZURE. Tomorrow AZURE go and capture another payment from my card how I will reconcile which payment is for what.

    If you are taking payment then you must show somewhere that we have captured this payment via this way against this invoice or for this purpose.

    Also there is no way I can see…

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  19. Display notification that the pricing calculator does not include VAT, GST or other local taxes

    Might I suggest that a note be placed on the calculator that the price displayed is exclusive of local taxes (that should cover VAT, GST and any other sales tax...)

    I believe it is a legal requirement for businesses trading in Australia for 'ex GST' or similar if a price for a service does not include GST, or as a single value to be displayed in the case that goods and services provided are not exclusively provided to businesses.

    See https://www.accc.gov.au/business/pricing/displaying-prices

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  20. Application Gateway handling the Query parameter on back-end

    In application gateway HTTP settings when we use "override back-end path" option, it is stripping out the query parameter and retains only the resource path.

    Eg: https://<<HostName>>:443/resurcepath/invoke?api-version=2016-10-01&number=5

    It retains only "https://<<HostName>>:443/resurcepath/invoke" and ignoring "?api-version=2016-10-01&number=5"

    It will be good to retain the query parameters without doing any URL redirection etc

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 63 64
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base