It should be Possible to assign the Blueprint to a Management Group. So every subscripiton with will be added to the Management Group, get automatic the blueprint assignment29 votes
The ability to create an Azure Blueprint with an ARM Template. Additionally the ability to export Azure Blueprints as an ARM Templates. That way we can use them in a more repeatable fashion and store our definitions as IaC and deploy them with our existing deployment pipelines.26 votes
It would be great if Blueprints could reference a template in an Azure Template Library rather than having to cut and paste the ARM template into the Blueprint.
This way Blueprints could be made up of tested components in the library. We could even specify versions in the BluePrint to allow for better release testing.22 votes
Since there are lots of configuration things that ARM Templates cannot do, it would be extremely helpful if it was possible to include a custom script, preferably PowerShell, in an Azure Blueprint. If including custom scripts is not possible, having the ability to execute an Automation Runbook would also be a good way to solve this problem.21 votes
We are working to release the ability to run a custom script in Azure Blueprint
Very useful for ARM deployments of services such as AKS which require an SP. Terraform does this rather well, so it would be good to see the same for Blueprints (and perhaps Azure Deployment Manager).
Or maybe just have an ARM provider type for it as that would simplify feeding the id and secret through to the service that needs it.18 votes
Since a Blueprint has the ability to create multiple resources in Azure it should also have the ability to clean up those resources. Think of it as the same as deleting a ResourceGroup deletes all resources in the ResourceGroup.16 votes
Have Azure Blueprints that are published at the Management Group level visible at the Subscription Level
In Azure Blueprints definitions, as a user, if I select an Azure Subscription I want to see any Blueprints that have been assigned at the Management Group levels above the subscription as well as the Subscription Blueprint definitions.
This would provide a better view of the Blueprints that are available to be deployed in that Subscription.15 votes
Right now, to see what an older version of a blueprint does, we rely solely on the comments created when the version is published. This set really high standards for those comments.
It would be a great feature, if it was possible to see the ARM templates deployed in previous published versions, too determine what was actually deployed in that version.15 votes
Creating groups idempotently would be great as then you could have standardised group names and use those in the Role Assignments.14 votes
A feature where it would be possible to create "blueprint wide paramters" that can be set during the assignment would be really valuable . We create a lot of blueprints where the same parameter value is used multiple times in multiple ARM templates in a single blueprint.
This is often used in naming conventions, to set a specific suffix or prefix during assignment.10 votes
Allow Deny Assignments for Existing Resource Groups - Currently deny assignments with Blueprints is only allowed for new resources. It would be really helpful if the same feature can be applied to existing resource groups.8 votes
Create a Python SDK for Azure Blueprints. Blueprints are an amazing service, and allow Azure to be directly competitive with AWS's services like Landing Zone, Control Tower, and their Account Vending Machine. Unfortunately, the lack of Python support will prevent many of the customers who are not traditional Microsoft shops from adopting this service.
Please develop a Python, and Node, SDK!
Thank you8 votes
Take an existing nested or linked arm template and convert it into a blueprint, with each template being converted into an artifact. With this you could take advantage of blueprints update and locking features.7 votes
It would be a nice feature to add Custom RBAC Role as a Azure Blueprint Artifact. Deploying custom RBAC roles currently is painful and packaging them in an Azure Blueprint would allow for a less painful and much more standarized way of deploying custom RBAC roles.6 votes
When applying a Blueprint, have an option to limit what is visible for users to deploy in the Azure Portal6 votes
Please add the following strongTypes that are supported by Azure Policy:
Additionally, I would like the following:
existingVNETs - displays existing Virtual Networks
existingVNETSubnets - displays exiting VNET Subnets5 votes
Currently the only way to register all services for a subscription, if the users dont have owner or contributor roles on them, is to run a shell command for every single subscription to register all services. Being able to do this within a blueprint would save a great amount of time when building out tenants.5 votes
Currently, all Blueprint Parameters require a value to be entered. Please support optional parameters for Blueprints. There are numerous use cases for this:
- Deploy a VM standalone or in an Availability Set.
- Add additional tags to resources.
- And so on...
Currently the only Blueprint Parameter validation properties that are accepted is "defaultValue" and "allowedValues". Please add the following that are supported by ARM Template Parameters and would provide a much better experience for an Blueprint Assigner:
More information about the above properties can be found here: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates#parameters4 votes
When using an ARM template artifact within a resource group artifact, allow us to use the resourceGroup() functions, like respourceGroup().location. Currently, we receive the error: Error: 'The function 'resourceGroup' is not valid.'4 votes
We are working on a fix to make sure all ARM template functions work if they are deployed by a blueprint
- Don't see your idea?