Let Web Apps to be PCI compliance
Despite that PCI compliance is promoted at Azure, a Web App created at Azure is non compliant by default, and cannot be set-up appropriately.
I understand that a Web App is not as isolated as an ASE (that still is not compliance by default, needs advanced set-up), with instances sharing system level settings with other clients (so cannot be changed independently), and I understand some set-up changes that apply to all clients, even ones that do not require PCI, can lead to problems to some of them.
I propose an option to opt-in to PCI compliance at Web App level; enable it can put the instance inside a system with appropriated set-up, shared with other clients that had enabled the option too. Alternatively (if that's not possible), a new 'PCI Web App' service, that has all Web App features plus the PCI compliance by default and keep up to date; on this case, an easy way to migrate existent Web App into this one will be useful.
As an example, a PCI Web App will disable TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS1.0, both enabled at Web App right now and not compliant.