you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 05 Apr 2026
22 points (92.3% liked)
TechTakes
2536 readers
48 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 2 years ago
MODERATORS
if even half of this is true, it's really fucking bad lol
I can't validate any of the internal stuff, but the attitude of layering manual solutions and mitigation scripts on top of bad design choices and praying you could keep building the next bit of the bridge as the last one collapsed underneath you would explain a lot of experiences I had supporting systems running on Azure. The level of weird "Azure just does that sometimes" cases and the lack of ability for their support to actually provide insight was incredibly frustrating. I think I probably ended up providing a couple of automatic recovery scripts for people to use inside their F5 guests because we never could find an actual explanation for the errors they were getting, and the node issues they describe could have explained the bursts of Azure cases that would come in some days.
My workplace doesn't have much in terms of workloads running in Azure, but even just interacting mostly with Entra, Exchange Online, SSO, and some automated account provisioning: It is insane just how many rules and practices have built up around the unreliabilty and non-reproducable but still frequently occurring issues.
Boss warned me that licensing can take up to 48 hours to take effect in his experience. But I'd been living in it for a week and changes were effectively immediate. Until they just weren't.
One of our processes regular took an hour for Azure to complete its part. It was this way for years. Suddenly it started sporadically taking up to four hours with no discernable pattern, so now we set the following steps to run four hours later.
Audit logs that don't actually show you what you're looking for, and instead show impossible situations like an automated Microsoft process granting a user their Office license a full month after they'd already had it. But the logs don't show the initial license assignment, even though they've been using that functionality this whole time and the license has shown as applied to them the whole time.
And more cases of completely missing basic fucking functionality than I could ever fucking recall.
Why the fuck can't I discern between a user who has a license assigned directly and through a group, and a user who just has the license through the group only? Through the API it is impossible. In the web UI, it indicates the multiple sources of the license correctly. But only most of the time. Sometimes it displays the info wrong.
Arg. Sorry for the rant. Azure has been a pain in my ass since I first started studying certs for it.
The only thing I can personally confirm is the JIT permissions thing. I didn't work in the Core Azure stuff so I can't verify the rest, but none of it is unbelievable...