name: azure-mcp description: Comprehensive Azure cloud management skill using Azure CLI. Manage 40+ Azure services including storage, databases, containers, monitoring, security, AI services, messaging, and infrastructure. Use for any Azure resource management, configuration, troubleshooting, or deployment tasks.
Azure MCP - Comprehensive Azure Management Skill
Manage Azure resources using Azure CLI across all major services.
Triggers
Use this skill when you see:
- azure, az cli, azure resource
- azure storage, blob, cosmos, keyvault
- azure aks, kubernetes, container
- azure monitor, log analytics
- azure sql, postgres, mysql
- event grid, service bus, functions
- app service, resource group, subscription
Instructions
Authentication
# Login interactively
az login
# Login with service principal
az login --service-principal \
--username <APP_ID> \
--password <PASSWORD> \
--tenant <TENANT_ID>
# Login with managed identity
az login --identity
# Set subscription
az account set --subscription "My Subscription"
# List subscriptions
az account list --output table
Resource Groups
# Create resource group
az group create --name mygroup --location eastus
# List resource groups
az group list --output table
# Delete resource group
az group delete --name mygroup --yes --no-wait
# List resources in group
az resource list --resource-group mygroup --output table
Storage Accounts
# Create storage account
az storage account create \
--name mystorageaccount \
--resource-group mygroup \
--location eastus \
--sku Standard_LRS \
--kind StorageV2
# List storage accounts
az storage account list --resource-group mygroup --output table
# Get connection string
az storage account show-connection-string \
--name mystorageaccount \
--resource-group mygroup
# Create container
az storage container create \
--name mycontainer \
--account-name mystorageaccount
# Upload blob
az storage blob upload \
--account-name mystorageaccount \
--container-name mycontainer \
--name myblob \
--file ./localfile.txt
# List blobs
az storage blob list \
--account-name mystorageaccount \
--container-name mycontainer \
--output table
Key Vault
# Create Key Vault
az keyvault create \
--name mykeyvault \
--resource-group mygroup \
--location eastus \
--enable-rbac-authorization
# Set secret
az keyvault secret set \
--vault-name mykeyvault \
--name mysecret \
--value "secret-value"
# Get secret
az keyvault secret show \
--vault-name mykeyvault \
--name mysecret
# List secrets
az keyvault secret list --vault-name mykeyvault --output table
# Create key
az keyvault key create \
--vault-name mykeyvault \
--name mykey \
--kty RSA \
--size 2048
App Service
# Create App Service plan
az appservice plan create \
--name myplan \
--resource-group mygroup \
--sku B1 \
--is-linux
# Create Web App
az webapp create \
--name mywebapp \
--resource-group mygroup \
--plan myplan \
--runtime "PYTHON:3.11"
# Configure settings
az webapp config appsettings set \
--name mywebapp \
--resource-group mygroup \
--settings KEY=value
# Deploy from Git
az webapp deployment source config \
--name mywebapp \
--resource-group mygroup \
--repo-url https://github.com/org/repo \
--branch main
# View logs
az webapp log tail \
--name mywebapp \
--resource-group mygroup
Azure SQL
# Create SQL server
az sql server create \
--name mysqlserver \
--resource-group mygroup \
--location eastus \
--admin-user sqladmin \
--admin-password "Password123!"
# Create database
az sql db create \
--name mydb \
--resource-group mygroup \
--server mysqlserver \
--service-objective S0
# Configure firewall
az sql server firewall-rule create \
--name AllowAzure \
--resource-group mygroup \
--server mysqlserver \
--start-ip-address 0.0.0.0 \
--end-ip-address 0.0.0.0
# Get connection string
az sql db show-connection-string \
--server mysqlserver \
--name mydb \
--client ado.net
Azure PostgreSQL
# Create PostgreSQL Flexible Server
az postgres flexible-server create \
--name mypostgres \
--resource-group mygroup \
--location eastus \
--admin-user pgadmin \
--admin-password "Password123!" \
--sku-name Standard_D2s_v3 \
--tier GeneralPurpose \
--storage-size 32
# Create database
az postgres flexible-server db create \
--resource-group mygroup \
--server-name mypostgres \
--database-name mydb
# Configure firewall
az postgres flexible-server firewall-rule create \
--resource-group mygroup \
--name mypostgres \
--rule-name AllowAll \
--start-ip-address 0.0.0.0 \
--end-ip-address 255.255.255.255
Virtual Networks
# Create VNet
az network vnet create \
--name myvnet \
--resource-group mygroup \
--location eastus \
--address-prefix 10.0.0.0/16 \
--subnet-name default \
--subnet-prefix 10.0.1.0/24
# Create subnet
az network vnet subnet create \
--name mysubnet \
--resource-group mygroup \
--vnet-name myvnet \
--address-prefix 10.0.2.0/24
# Create NSG
az network nsg create \
--name mynsg \
--resource-group mygroup \
--location eastus
# Add NSG rule
az network nsg rule create \
--name AllowHTTP \
--nsg-name mynsg \
--resource-group mygroup \
--priority 100 \
--destination-port-ranges 80 443 \
--access Allow \
--protocol Tcp
Monitoring
# Create Log Analytics workspace
az monitor log-analytics workspace create \
--workspace-name myworkspace \
--resource-group mygroup \
--location eastus
# Create alert rule
az monitor metrics alert create \
--name "High CPU Alert" \
--resource-group mygroup \
--scopes /subscriptions/.../resourceGroups/mygroup/providers/Microsoft.Compute/virtualMachines/myvm \
--condition "avg Percentage CPU > 80" \
--window-size 5m \
--evaluation-frequency 1m
# Query logs
az monitor log-analytics query \
--workspace /subscriptions/.../workspaces/myworkspace \
--analytics-query "AzureActivity | take 10"
# Create Application Insights
az monitor app-insights component create \
--app myappinsights \
--resource-group mygroup \
--location eastus \
--workspace /subscriptions/.../workspaces/myworkspace
Service Bus
# Create namespace
az servicebus namespace create \
--name myservicebus \
--resource-group mygroup \
--location eastus \
--sku Standard
# Create queue
az servicebus queue create \
--name myqueue \
--namespace-name myservicebus \
--resource-group mygroup
# Create topic and subscription
az servicebus topic create \
--name mytopic \
--namespace-name myservicebus \
--resource-group mygroup
az servicebus topic subscription create \
--name mysubscription \
--topic-name mytopic \
--namespace-name myservicebus \
--resource-group mygroup
# Get connection string
az servicebus namespace authorization-rule keys list \
--namespace-name myservicebus \
--resource-group mygroup \
--name RootManageSharedAccessKey
Identity and RBAC
# Create managed identity
az identity create \
--name myidentity \
--resource-group mygroup
# Assign role
az role assignment create \
--assignee <PRINCIPAL_ID> \
--role "Storage Blob Data Contributor" \
--scope /subscriptions/.../resourceGroups/mygroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount
# List role assignments
az role assignment list \
--scope /subscriptions/.../resourceGroups/mygroup \
--output table
# Create service principal
az ad sp create-for-rbac \
--name myserviceprincipal \
--role Contributor \
--scopes /subscriptions/.../resourceGroups/mygroup
Container Registry
# Create ACR
az acr create \
--name myacr \
--resource-group mygroup \
--sku Standard \
--admin-enabled true
# Login to ACR
az acr login --name myacr
# Build image
az acr build \
--registry myacr \
--image myapp:v1 \
.
# List repositories
az acr repository list --name myacr --output table
# List tags
az acr repository show-tags --name myacr --repository myapp
Best Practices
- Resource Groups: Organize resources by lifecycle and management
- Tags: Use tags for cost allocation and organization
- RBAC: Follow least privilege principle
- Monitoring: Enable diagnostics and alerts
- Networking: Use private endpoints for sensitive resources
Common Workflows
Deploy Application Stack
- Create resource group
- Set up networking (VNet, subnets)
- Deploy database services
- Deploy application (App Service, Container Apps)
- Configure monitoring and alerts
Manage Resources
- List resources:
az resource list - View details:
az resource show - Update settings:
az resource update - Delete:
az resource delete - Monitor:
az monitor