(General Feedback)

Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.

Remember that this site is only for feature suggestions and ideas!

If you have technical questions or need help with Azure, please try StackOverflow or visit our MSDN forums

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support Terminate notification for spot instances.

    Spot Machines are removed immediately without any information after changing desired scale on spot VMSS and we cannot perform connection draining.

    Regular instances have following feature - https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification. Documentation says it is not supported by spot instances.

    If we cannot scale down spot instances, we are missing opportunity to reduce cost and it forces some customers to implement their own custom autoscaling.

    We can estimate that implementing custom autoscaling will take 2 weeks of work. It is said that maintenance of code costs 10 times more than developing so a customer can lose 22 weeks on custom autoscaling in…

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  2. Monitor alert: Throttling Health Event's title and cause needs to be more specific rather than word like "UserInitiated"

    properties: {

        title: This storage account was throttled because it exceeded Azure Storage partition request per second, partition bandwidth, or IP scalability limits.,
    
    details: null,
    currentHealthStatus: Degraded,
    previousHealthStatus: Available,
    type: Downtime,
    cause: UserInitiated
    },

    ==========================

    Storage account throttling can be caused by busy storage partitions on the server side which is not related to customers' usage.

    The "UserInitiated" wording in the health event cause would lead to misunderstanding of reaching service limit when customers' traffic is not there yet. Maybe we can change the wording to "ClientInitiated".

    More specific alert cause can help both customers and support team to identify…

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  3. enterprise portal auditing

    The EA portal needs auditing capabilities.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  4. Custom Roles AssignableScope for root ("/")

    Currently Custom roles cannot have an AssignableScope set to root ("/"). Capability must be addded to have all subscriptions federating to a certain Azure AD tenant inherit a custom role. Maybe the AssignableScope parameter must be modified to also accept a tenant id or name for the scope of the role. The global admin of the tenant must be afforded the privilege to create this role.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  5. Improve error reporting when v3 functions reach timeout

    Azure Functions supports configuring a time limit for running functions though the "functionTimeout" property in "host.json" file. When a function deployed on a v3 function runtime stack is invoked (though an HTTP trigger, for example) and it reaches a predefined timeout, the invocation fails with status code 500, but no response body indicating the type of error is returned. However, functions deployed on a v1 runtime stack produce nice error messages, similar to the one below:

    {
    "id": "75293a6d-0b04-4250-80b9-8fbe2107dbc0",
    "requestId": "4e2d55d3-cc04-4d81-a290-c439a56c3a49",
    "statusCode": 500,
    "errorCode": 0,
    "message": "Timeout value of 00:00:15 was exceeded by function: Functions.f77c362f79bf0c40a03e74e2208f860a641bb1895af73c0fcde16a598"
    }

    In order to provide…

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  6. Map IPV6 addresses to locations so we can use it in Conditional Access policies using Countries/Regions as Named Locations

    It is not possible to have Conditional Access Policies using Countries/Regions correctly because AAD doesn't map IPV6 addresses to locations.

    When setting up Conditional Access, most of us are using Countries/Regions to limit the scope for the access, especially when we see how many sign-in attempts we get on a daily basis from foreign countries.

    We therefore add Countries/Regions as trusted locations in the AAD Named Locations.

    Problem is that AAD doesn't map IPV6 addresses to locations and therefore map incorrectly users using IPV6 when assessing Conditional Access policies.

    Result is that either users are blocked while they are within…

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  7. Azure Firewall Network Rule Logs there is no place to see which rule(rule name) blocked/allowed the traffic.

    Azure Firewall Network Rule Logs there is no place to see which rule(rule name) blocked/allowed the traffic.

    This will helpful for Daily operation and troubleshooting.

    MSFT Case :120092424003536

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  8. AAS as a Data Source.

    Hi Team,

    Currently Azure is not supporting AAS as a datasource. Suppose i created the Datamodel in AAS and i want to use same in another AAS model, it is not working. Can we have any idea when it will support AAS as a datasource

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  9. Modify QnA Maker provisioning process to support selection of an existing App Service Plan instead of a new App Service Plan being created

    Provisioning a QnA Maker Service provisions a Public App Service App <yourAppsName>.azurewebsites.net, but you are not given any control over the App Service Plan for which the App Service resides. My first choice would actually be an App Service Plan in our ASE environment, but if that isn’t doable at least let us select one of our existing public App Service plans to host this in.

    A 1-1 ratio of App Service Plan to App Service is extremely inefficient.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  10. Make start/stop solution able to target only 1 VM instead, listing each VM to not be targeted.

    Hello,

    Please create another scoping feature in the Microsoft.Automation - Start/Stop solution, so that a user could target only 1 desired VM, instead of listing all VMs to be ignored in the "VM Exclude List".

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow CNAME "chains" when creating an App Service Managed Certificate

    Currently, the App Service Managed Certificate feature only supports CNAME's that point directly to XYZ.azurewebsites.net during certificate creation.

    Please consider adding support for CNAME's that end up resolving to XYZ.azurewebsites.net as well (a CNAME "chain", for lack of a better word).

    Such setups already pass the "hostname eligibility" test in the portal UI, but fail in the creation step.

    Example for the failing scenario:
    criipto-test.ft.mitid.dk is a CNAME for idp.criipto.io
    idp.criipto.io is a CNAME for greanidp.azurewebsites.net

    The error message is:
    Failed to create App Service Managed Certificate for hostname criipto-test.ft.mitid.dk. Click here for more details. Error Details: Properties.CanonicalName is invalid.…

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  12. GiveSetting to increase the mod_security limit for following attributes : SecRequestBodyLimit 536870912 SecRequestBodyNoFilesLimit 536870912

    we hosted application in Azure VM and configured WAF Application Gateway. But we are getting following error

    Request body no files data length is larger than the configured limit (131072).. Deny with code (413)

    For this we done so much googling and found the solution that we need to increase following parameters in the application gateway. If not possible then need configuration to by pass this limit checking so our application will not stuck because sometime application need to send request with this length.

    Request to increase the mod_security limit for following attributes : SecRequestBodyLimit 536870912 SecRequestBodyNoFilesLimit 536870912

    Many others…

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  13. [ASE] Improve the ASE Scaling operation time

    Scaling out our App Service plans in an App Service Environment can take over 30 minutes normally (sometimes >50mins). it's very impact the ASE application availability, we would like to know is there other way to reduce the time? Like:

    1) Is there any pre-allocated settings in ASE?
    2) Is there any action/plan to optimized the scaling time?

    thanks in advance.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  14. Group name instead of group id for SAML

    We need to send Group name instead of group id for SAML as there is no option to send group name for the cloud created one. Enabling will help.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  15. linkable support requests

    Currently Support Requests (https://docs.microsoft.com/en-us/azure/azure-portal/supportability/how-to-create-azure-support-request) can not be directly linked to, which makes tracking them in my own internal system and sharing them with my coworkers an difficult and time wasting hassle of copying and pasting just the identifier which they then have to search for themselves in the portal. Communication and information transfer would be much faster with simply a hyperlink pointing to the generated support ticket resource. Nearly every other resource has links which work like this.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  16. Rename VNET

    I would like to have the possibility to rename the vnet

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Port Ranges for Azure Firewall DNAT Rules

    Would be great to add a range of ports to a single DNAT rule instead of a single port per rule. This prevents us from using the Azure Firewall for protocols like SIP where the ranges are in the thousands

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  18. - provide DNS Query details logs in Azure DNS zone resource portal

    In the Azure DNS Zone portal, we could only see some metrics for the query volume sum with a number but not more detail about the queries.

    It should be better to add a log to show more detail for the DNS queries in Azure DNS Zone.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow user self consent when user assignment is required for applications

    If user assignment required is false, users can consent on their own behalf depending on the user consent settings.
    If user assignment required is true, users can suddenly not consent on their own behalf and require and admin to do so on their behalf, for the whole tenant.
    I suggest that users should be able to consent on their own behalf, even when user assignment is required to access the application.

    There is no reason to require admin consent based on the user assignment setting.
    Furthermore it is counter intuitive; If the user has been manually assigned a role in…

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  20. As part of Azure.AD authentication assertion make sure you return the group membership details, the user belongs to. This will help the serv

    As part of Azure.AD authentication assertion, make sure you return the group membership details, the user belongs to. This will help the service provider to make authorization decision based on group membership

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

(General Feedback)

Categories

Feedback and Knowledge Base