We are looking at options to enable this.
Thank you for voting on this suggestion. It is now completed and can be done via custom Azure Policy. Here is a sample custom policy to apply a specific tag at the RG and have them inherited by the Resources in that RG: https://github.com/Azure/azure-policy/tree/master/samples/ResourceGroup/copy-resourcegroup-tag
Tag inheritance for existing resources is something that we plan to add support for in 2019.
dragging on a bit / any chance of an update ?
85 votes7 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
We aren’t planning to add the ability to enable MFA per-user to the Account Administrator, but we do have planned a limited admin role that will be able to perform that function, along with other MFA related settings. If you’ve implemented MFA through Conditional Access policy instead of the per-user enablement, you can use the Conditional Access Policy admin to control who has to do MFA.
Hit this today , try to replace expensive Legacy MFA solution with Azure MFA
288 votes43 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Just wanted to post another update that this is a high priority, but we do not have any details to announce yet.
/Stuart and Vince
I have the same ask of wanting to assign groups to AzureAD Roles. We have an existing PAM product to Self Service Request/ Authorise membership of On Prem Groups (that AD Connected into Azure) via built in workflow*. The logs for this are used for complying with Internal / External Audits etc.
Currently investigating whether said Product can Manage Azure AD roles directly itself , so at least we have same request / authorise workflow.
* Yep, know about PIM :-;
Thank you for your suggestions and your patience! We are working hard to enable the following enhancements for better network security:
- Adding ADF to the list of “Trusted Azure service” for Azure Key Vault and Azure Storage (blob/ADLS Gen2). ETA is in the upcoming weeks.
- Static IP range for Azure Integration Runtime so that you can whitelist specific IP ranges for ADF as part of firewall rules. ETA is next few months.
- Support service tag for ADF
We will provide an update as soon as any of the above becomes available.
Would like this to . We have a INFOSec requirement to limit access to HDInsight using on Prem Addresses only - ie block access to people outside the company. If we do this via a NSG , it breaks Data Factory connecvity to HDInsight which is used to run a python script as part of transform .
So at present the only way I can see to fix this , is to change the NSG to allow traffic on Port 443 to the whole Azure IP range which is very open / and has to be checked / refreshed weekly.
+1 as well as InviteRedirectUrl and ability to do multiple email addresses at once.
At this point our recommendation is to move resources into a new Resource Group with the new name.
We are working on adding Cost Management current costs and last period costs to the app! Please stay tuned.
Current cost, breakdown, projected like the main portal
I mean Get-AzureRMVMSize of course..
I agree with my friend anonymous . I would be great to have a Get-AzureStorageTableContent (ie like Get-AzureStorageBlobContent) cmdlet for querying TableStorage , with a -Filter switch to able "WHERE" like functionality . So you get results as a Powershell type resultset that can be Piped (Where-object / sort-object) etc.
Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature