Anonymous

My feedback

  1. 1,895 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    407 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently evaluating an option that will provide the functionality offered by nested groups, but removes the complexity nested groups adds. We appreciate your patience on this ask and want to ensure we deliver a solution that benefits all of our customers. Below are use cases that we’d like for you to stack rank, with #1 being priority for you. We thank you for the continued comments and feedback.

    Use case A: nested group in a cloud security group inherits apps assignment
    Use case B: nested group in a cloud security group inherits license assignment
    Use case C: nesting groups under Office 365 groups

    Anonymous supported this idea  · 
  2. 383 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  43 comments  ·  Azure Key Vault » Managing application secrets  ·  Flag idea as inappropriate…  ·  Admin →
    Anonymous supported this idea  · 
  3. 229 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Signup and Billing  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Anonymous commented  · 

    I would call this the single biggest gap in the ability to put together an effective enterprise cloud governance strategy. Allowing ANYONE in your company to do this with no way to disable is completely inappropriate. You allow similar functionality in other areas (Azure AD app registrations, Azure Devops organizations, o365 groups, etc), how does MS not see allowing this major capability as a problem. I get it that you want people to play around with Azure, but as company cloud administrations, it is essential that we be able to secure our tenants!

    Anonymous supported this idea  · 
  4. 96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  (General Feedback) » azure.microsoft.com  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Anonymous commented  · 

    I vote for this as well. Agreed, the solution is ok for a simple one off, but for a large, complex global company this doesn't scale well and isn't easy to manage (especially if you need to manage multiple resources in different VNETs). Many services work very well without having to set this up as well, it would be good to get behavioral parity on services using private endpoint.

    At a minimum, you should also update the documentation on gen 2 data lake that this is a known issue. It took support over two weeks to find this workaround for me.

Feedback and Knowledge Base