(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support to avoid having to change Application Gateway SKUv2 from WAF to Standard when disassociating WAF policy.

    For now,when customers want to disassociate WAF policy from Application Gateway,
    we have to change Application Gateway from WAF SKU to Standard SKU.
    When we changed to Standard SKU,system can be exposed to threats.
    Please redesign this just like that disassociating WAF policy from listener.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure VPN with Azure MFA should require two-factor authentication every time it connects

    We are using Azure VPN client with Azure MFA, and the client requires the second factor (code via SMS) only when the user connects for the first time. After that, every time we click on the VPN icon, the VPN client connects automatically, ignoring the MFA requirement, even if we log off the user or turn off the PC. It seems that, after the first authentication with MFA, the client turns into a "one-factor authentication" access, requiring only userid and password. If someone obtains the Windows credentials for a user, an attacker with access to the laptop can connect remotely…

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  3. When moving a resource

    When moving a resource (or resource group) to a new subscription.
    ask for real movement after the validation, this would enable a dry test upfront for planning

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  4. Update status of invoice in Azure portal

    Currently, in invoice blade on Azure portal, the status of invoice won't be changed from due to paid if the payment was delay. So it got confused to know if the payment has been processed or not. Please improve this status to follow the payment status which is good to check payment.
    Thanks.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. Prevent Account Lockout due to Brute Force Attack

    Currently Azure Active Directory is locking Office 365 user accounts based on the number of failed sign-ins. If the user credentials are entered incorrectly, it does not check or verify existing Azure Conditional Access Policy, whether this account can sign-in from that location (Country or IP address) or not, because the authentication was not successful.

    To prevent Azure AD account lockouts, can you design the Modern Authentication system in Azure AD to check for existing Azure Conditional Access Policy for failed logins coming from blocked locations (Country or IP address)?

    This will help Office 365 Admins prevent account lockouts, sourced…

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  6. Make Azure DevOps Agents an Azure Trusted Service

    Make Azure DevOps Agents an Azure Trusted Service.
    It is very frustating having to code workaround because of this, i.e. when there are firewall rules for key vault or storage.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  7. Implement tags for Reservations

    Currently Reservations of VM instances are not marked by tags. This limitation brings inconvenience when grouping resources by tags at Cost management feature. It would be good to have tagging option for Reservation feature to be able to group resources for example per "Project name" tag to know where to put expenses of Monthly reservations.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Offers  ·  Flag idea as inappropriate…  ·  Admin →
  8. deny guest users to list all membership users

    A guest user when accept the invitation goes to a "myApp" page in which can see all tenant users (other guests included).
    I want to deny this possibility (also for GDPR)

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  9. Outstanding Payment

    Need Payment history and total outstanding per subscription.

    As a subscriber I can only see invoices at azure, but there is no payment history which tells me how and when azure has captured this payment.

    It is our legal right to see the payments captured by AZURE. Tomorrow AZURE go and capture another payment from my card how I will reconcile which payment is for what.

    If you are taking payment then you must show somewhere that we have captured this payment via this way against this invoice or for this purpose.

    Also there is no way I can see…

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  10. Implement Password Writeback healthy support through MPN Portal

    I would like to inquire about an issue in the CSP portal.
    For an end customer with the Self Service and Password Write Back feature enabled in Azure AD, the correct helathy status is being showed up as working,, this is only being displayed when the tenant is accessed directly through the Azure Portal (portal.azure.com), form the end user perspective.
    If the customer environment is accessed from the partner portal, the same features are being showed as "not working".

    This will undoubtedly cause issues for engineers that are trying to essentially fix an issue that is not really broken.
    And…

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. Using a system assigned managed identity to connect to Azure AD

    Using a system assigned managed identity to connect to Azure AD corresponding to the way it is also possible for Azure Resources with Add-AzAccount -identity.

    It would be useful for the assignment of Azure AD groups to Azure resources in an automated way.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. B2C Availability checks in real time

    Currently, there is no way to track B2C availability on real time. i.e: When the MFA service is down and it generates SMS codes delay. I know that for such scenario we would need to rely on https://status.azure.com page, however, that does not provide real time outages as most of the time the outages are published when resolved. Please add a B2C capability to have availability checks to integrate with our Application Tests.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Availability  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow for renewal of expired subscriptions by customer (expecially free trials)

    You should make this process easier or you will likely lose a lot of would be customers. You should offer the ability to renew an expired subscription to a pay as you go plan once the free trial period expires (or really I think for any expired subscription). I was shocked to find that because I got busy the day my plan expired I had to contact support to get it renewed the next day (which they responded in 12 hours and had it renewed for me, which is great but shouldn't have had to log a support ticket for…

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Public licenses dependency Web page

    Currently, there is no place to find license dependencies. This is crucial to being able to assign licenses correctly without the need to contact support where there is an internal site with this information.

    This will enhance Customer knowledge and reduce Support cases.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Availability  ·  Flag idea as inappropriate…  ·  Admin →
  15. Privileged Identity Management (PIM) - Start and End Time in PIM email to be in local time not UTC

    Require new feature to customize the time from UTC to local time in the PIM email.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  16. EA: Managing subscriptions operations by multiple users, not by single account owner

    This is regarding Azure account & subscription management in Enterprise Agreement
    There is a scenario where the account owner is not available for considerable long time due to his/her sick/vacation leave or long biz trip for example, which cause subscriptions operations downtime.
    To avoid that, we should be able to have multiple users for such subscriptions operations.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. 30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support using Azure SignalR in ASP.NET (OWIN)

    Azure SignalR SDK only runs on ASP.NET Core, which is a blocker for lots of companies / existing projects.

    Please also support ASP.NET (OWIN runtime).

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Authentication tenant restriction - Permit authentication only in our own tenant and permit access to other tenants only as guests

    When we did all the tests to implement the tenant restrictions, we only put our domains in the "Restrict-Access-To-Tenants" proxy header and we were able to access other tenants as guests.

    Now, if the destination tenants are not in the list, our users that are guests in another tenant cannot access resources outside. It’s impossible for us to manage one list of all the tenants where our 6000 users could become guests.

    We would like to authorize the connection to other tenants as guests if the authentication is done in our tenant.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Availability  ·  Flag idea as inappropriate…  ·  Admin →
  20. Azure AD Administrative Units

    Allow adding users inside Administrative Units via Group Assignment.
    At the moment when group is assigned to Administrative Units inside Azure AD, members are not becoming part of the Unit. Also User admins of the unit may not govern the Group members.
    Would be good if users could inherit administrative Units from by the Group membership.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base