(General Feedback) Do you have an idea or suggestion based on your experience with Azure? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Azure customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.This forum (General Feedback) is used for any broad feedback related to Azure. If you have feedback on a specific service such as Azure Virtual Machines, Web Apps, or SQL Database, please submit your feedback in one of the forums available on the right.Remember that this site is only for feature suggestions and ideas!If you have technical questions or need help with Azure, reach out to us on Microsoft Q&A or try StackOverflow I suggest you ... You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas. There are two ways to get more votes: When an admin closes an idea you've voted on, you'll get your votes back from that idea. You can remove your votes from an open idea you support. To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas". More info… - enter your idea (new feature, new scenario, etc) - (thinking…) Reset Enter your idea and we'll search to see if someone has already suggested it. If a similar idea already exists, you can support and comment on it. If it doesn't exist, you can post your idea so others can support it. Enter your idea and we'll search to see if someone has already suggested it. Category Availability Azure Learning Path Offers Other azure.microsoft.com Describe your idea… (optional) Drop or click to upload files 1 2 3 votes We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close Post idea Cancel Submitting... Vote for an existing idea () or Post a new idea… Hot ideas Top ideas New ideas Category Availability (1249) Azure Learning Path (131) Offers (556) Other (2474) azure.microsoft.com (2368) Status under review (19) need-feedback (7) unplanned (2) planned (10) started (8) completed (152) declined (51) archived (13) closed (75) My feedback Immutable blob on Azure Backup It could be interesting to be able to take advantage of the feature immutable storage with Azure Backup's, at the blob level, to protect against attackers who delete backups. The soft delete (recycle bin) feature is not enough because it can be disabled. Note that immutable blob storage already exists at the level of a storage account. 285 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 14 comments · Other · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → RBAC Role Assignments 2000 limit Constraint Hello Team, Customer is having high distress in regard to the RBAC Role Assignments 2000 grant limitation. Customer is using Managed Identity and Storage access patterns relying on RBAC grants, it worried customer that it’s a trap and customer will hit that limit in a very short time. These RBAC roles are so useful for the customer but it’s only a matter of time before it hits the limit. Thank you for your consideration. 211 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 16 comments · Availability · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → started · AdminAzure AD Team (Product Manager, Microsoft Azure) responded Apologies for the delay in updating this item. We are aware of the challenges around this limit and are actively working to be able to raise it; however, we don’t have an ETA yet. We will update this item as we get more clarity on the timeline. Stay tuned and thank you for the understanding. -Arturo Lucatero @ArLucaID In Azure AD Connect, enable Group Writeback for *all* types of Azure groups (including Security groups, Mail-enabled Security groups, and Ex In Azure AD Connect, enable Group Writeback for all types of Azure groups (including Security groups, Mail-enabled Security groups, and Exchange distribution groups). This will enable us to utilize the Group Writeback feature to meet our business requirements. It is our opinion that the limitation of Azure AD Connect Group Writeback which restricts to only Microsoft 365 Groups greatly reduces the value of the feature, and we would like to understand why Microsoft decided to limit Group Writeback to only handle Microsoft 365 Groups. We would like to use Group Writeback for all types of Azure groups (including Security groups, Mail-enabled Security groups, Exchange distribution groups, in addition to Microsoft 365 Groups). Thank you for consideration. Pete Heilig Senior Systems Engineer, IAM Engineering Gartner peter.heilig@gartner.comIn Azure AD Connect, enable Group Writeback for all types of Azure groups (including Security groups, Mail-enabled Security groups, and Exchange distribution groups). This will enable us to utilize the Group Writeback feature to meet our business requirements. It is our opinion that the limitation of Azure AD Connect Group Writeback which restricts to only Microsoft 365 Groups greatly reduces the value of the feature, and we would like to understand why Microsoft decided to limit Group Writeback to only handle Microsoft 365 Groups. We would like to use Group Writeback for all types of Azure groups (including Security groups,… more 179 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 11 comments · azure.microsoft.com · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Enable body of HTTP DELETE in Azure Akamai CDN In some situation, Body part of HTTP DELETE request is important to execute DELETE operation in origin Server. But Azure Akamai CDN do not deliver body part of HTTP DELETE. This means that the kind of CDN will lose the body part in this HTTP method. This is really bad to some web structure to realize operation when we use Azure Akamai CDN. We are hoping that Body part of HTTP DELETE request can be enable d in Azure Akamai CDN 170 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 1 comment · Availability · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Moving countries shouldn't mean creating a new account I recently moved from Belgium to the Netherlands. I changed banks and therefore credit cards at the same time. To be able to use my NL credit card I have to close my existing Azure account and create a new one with a different email address just so I can use my NL card. Short sighted. Inefficient. Unfriendly to non-US based customers who never leave the US. 165 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 13 comments · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Make Azure available in Haiti Microsoft Azure should be available for developers and businesses in Haiti. This country lack of a power supply system you can rely on for business, so the cloud is our best options. Please consider adding Haiti in the list of supported countries while signing up for Microsoft Azure. 143 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) under review · 11 comments · Availability · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → granularity for delegation of azure app permissions We need more granularity for the delegation of azure app permissions to developers and administrators. Administrators and developers require that an app must be restricted to a specific group of users or objects. For a group in a single tenant, there is no granular authorization for groups of users or objects (such as Sharepoint online sites, teams and other resources). Developers can do this by using popular authorization patterns, such as: B. Azure's role-based access control (Azure RBAC). However, this approach involves a considerable amount of work for developers. We would like a delegation of authorizations in a single tenant to groups of users and resources. Example: Restrict the App Permission to access only sharepoint sites with a filter prefix like /sites/Contoso1_ or other attributesWe need more granularity for the delegation of azure app permissions to developers and administrators. Administrators and developers require that an app must be restricted to a specific group of users or objects. For a group in a single tenant, there is no granular authorization for groups of users or objects (such as Sharepoint online sites, teams and other resources). Developers can do this by using popular authorization patterns, such as: B. Azure's role-based access control (Azure RBAC). However, this approach involves a considerable amount of work for developers. We would like a delegation of authorizations in a single tenant… more 141 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 0 comments · azure.microsoft.com · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Add the ability to enable and configure access-based enumeration (ABE) for Azure Files Shares Add the ability to enable and configure access-based enumeration (ABE) for Azure Files Shares 132 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 0 comments · azure.microsoft.com · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Easy invoice management (especially for many subscriptions) It would be nice to have one list of all invoices. It is important especially in case where there are many subscriptions within one account. And this list should have invoice title on it, now there are only dates. Now it is very hard to find invoice using invoice title (using bank statement) 124 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 2 comments · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → under review · AdminAzure Billing Team (Admin, Microsoft Azure) responded Hi there, This is one of the many improvements our development team is hoping to include in future iterations of our product. I can’t guarantee that we have the resources to get this done any time soon, but it definitely should be in the pipeline. -Adam (Azure Billing Team) support "Managment Groups" Scope under CSP Cost Management. Currently it is not supported selecting a "Management Group" Scope it there are CSP subscriptions (which is currently supported with Azure Plan). 110 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 1 comment · azure.microsoft.com · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Authenticate to Azure Files from Azure AD joined device We can use Azure AD DS and AD (in preview) to authenticate users to Azure Files, but only if their device is Azure AD DS joined, or AD joined respectively. I want to be able to do this from Azure AD joined devices. 105 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 3 comments · Other · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Allow Privileged Authentication Administrator and Authentication Administrator to block/unblock MFA for users Currently, only global administrator can block/unblock MFA for users. However, the global administrator has too much authority, so please allow other roles as well. I want Privileged Authentication Administrator and Authentication Administrator to be able to do these things. 97 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 3 comments · Offers · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Support proxying of NTLM traffic for Application Gateway/WAF V2 Instead of Application Gateway/WAF V1, the Application Gateway/WAF V2 doesn't support NLTM traffic proxying. This prevents organizations to publish LOB-apps that require NTLM authentication on their backends, and thus the ability to use the modern scaling capabilities of AG/WAF V2. 86 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 2 comments · Other · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → support multiple values for the same key when tagging. If i want to allocate multiple departments while tagging i should be able to do that. Currently AzureRM tagging only supports one value for one key. This means if i want to tag multiple departments to one resource it is incapable of handling it. 83 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 3 comments · azure.microsoft.com · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Role with access to all reservations Please add the options to give access to all reservations, current and future to a group or user. Currently only the user that created the reservation has access to it and you have to grant access on each reservation individually. Very cumbersome and does not allow any automation around reservations. Create a role that will always have access to all reservations. 81 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 5 comments · Other · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → AAD MacBook client for Azure P2S VPN with AAD/MFA support Currently AAD login is supported for native Windows 10 clients only, leaving those connecting with MacBook, Linux etc. without an option, or having to revert VPN Gateway (vWAN hub) P2S config back to basic cert based. With Virtual Wan in particular being a use case I have and with multiple MacBook users connecting globally, this is a use case I need asap. 79 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 3 comments · Other · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Get more information in Microsoft Authenticator notifications Using MFA with Microsoft Authenticator, we can only see the username. It woulde be useful get also the application and the devices that is requesting the approval. It is difficult to determine if it is right when multiples applications are in use (Outlook, OneDrive, Skype...) 76 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 7 comments · azure.microsoft.com · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Support for ManageEngine MDM when requiring device compliance in Azure Conditional Access We use ManageEngine MDM for managing mobile devices. We want to use conditional access policies to ensure the device has been marked as compliant by ManageEngine MDM before allowing access to certain applications. Currently Azure AD Conditional Access Policies only supports InTune for checking device compliance as described @ https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-policy-connected-applications#trusted-devices. This should be extended to support ALL 3rd party EMM solutions. 72 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 3 comments · azure.microsoft.com · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → alert when a VM I/O limit is reached When a VM hits its global VM-wide IOPS or bandwidth limit and throttling kicks in, provide a facility for creating an alert based on this situation. Currently, the methods to detect I/O throttling rely on collecting guest OS statistics and comparing them to the limits specified by Azure. It would be a real benefit to determine at the hypervisor level when I/O throttling has taken place and record this in customer-visible metrics. These metrics are already internally visible to Microsoft support, so the data is collected-- just not presented. At a minimum, the disastrous situation where whole-VM I/O throttling has taken place should be able to generate an alert. A good resource for describing I/O throttling is here: https://docs.microsoft.com/en-us/archive/blogs/xiangwu/azure-vm-storage-performance-and-throttling-demystify A good quote from that article: In order to prevent the blocking issues and to improve the performance, we need to: Prevent VM level throttling at all cost. I completely agree with this. Throttling often is not merely a slowdown, but instead causes VMs to hang, crash, or cease servicing requests. This creates significant availability issues that are hard to detect by other means since Azure heartbeats continue even while the business services are dead. Beyond this basic alert on "your server may be dead" from global VM IO throttling, it would be great if we could also get individual disk alerts when throttling kicks in, or even (ideally) when some percentage of the maximum is reached for some defined period of time. When a VM hits its global VM-wide IOPS or bandwidth limit and throttling kicks in, provide a facility for creating an alert based on this situation. Currently, the methods to detect I/O throttling rely on collecting guest OS statistics and comparing them to the limits specified by Azure. It would be a real benefit to determine at the hypervisor level when I/O throttling has taken place and record this in customer-visible metrics. These metrics are already internally visible to Microsoft support, so the data is collected-- just not presented. At a minimum, the disastrous situation where whole-VM I/O throttling has… more 68 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 0 comments · Availability · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → Support for SSL passthrough with Azure Front Door I want to transfer a client certificate to the backend with Azure Front Door. However, Azure Front Door doesn't support the SSL passthrough function. I would like to support transferring the client certificate used in the TLS session established between Azure Front Door and the client to the backend. 67 votes Vote Vote Vote Vote We're glad you're herePlease sign in to leave feedback Signed in as (Sign out) Close Close 1 vote 2 votes 3 votes Remove votes You have left! (?) (thinking…) 1 comment · Other · Flag idea as inappropriate…Flag idea as inappropriate… · Delete… · Admin → ← Previous 1 2 3 4 5 … 357 358 Next → Don't see your idea? Post a new idea…
started · AdminAzure AD Team (Product Manager, Microsoft Azure) responded Apologies for the delay in updating this item. We are aware of the challenges around this limit and are actively working to be able to raise it; however, we don’t have an ETA yet. We will update this item as we get more clarity on the timeline. Stay tuned and thank you for the understanding. -Arturo Lucatero @ArLucaID
under review · AdminAzure Billing Team (Admin, Microsoft Azure) responded Hi there, This is one of the many improvements our development team is hoping to include in future iterations of our product. I can’t guarantee that we have the resources to get this done any time soon, but it definitely should be in the pipeline. -Adam (Azure Billing Team)