Skills
Azure expertise
Curated workflows teach agents how Azure work should be planned, validated, deployed, diagnosed, secured, and optimized.
Azure expertise for AI coding agents
Install once. Give agents an Azure-native path from idea to cloud.
Azure Skills packages Azure workflows, MCP-backed execution, and Foundry guidance so compatible agents can plan, validate, deploy, diagnose, and optimize with cloud-specific guardrails.
Start here
Install Azure guidance where your agent runs
Each host gets the same Azure skill layer plus MCP-backed tools for live Azure and Foundry workflows.
APM
Install once across compatible agent hosts from the repository apm.yml.
apm install microsoft/azure-skills- Best path when you use multiple harnesses.
- Uses the repository package definition.
- Keeps skills and MCP configuration aligned.
GitHub Copilot CLI
Add the Azure Skills marketplace, then install the Azure plugin in Copilot CLI.
/plugin marketplace add microsoft/azure-skills/plugin install azure@azure-skills- Use /plugin update azure@azure-skills to update.
- Run /mcp show to verify Azure MCP is configured.
- Authenticate Azure CLI before live resource operations.
Visual Studio Code
Install the Azure MCP extension, which brings Azure MCP and Azure skills into GitHub Copilot.
code --install-extension ms-azuretools.vscode-azure-mcp-server- Requires Git CLI for skill installation.
- Restart VS Code if Copilot does not discover the skills.
- Use az login before asking for live Azure resources.
Claude Code
Install the Azure plugin from the official Claude Code plugin marketplace.
/plugin install azure@claude-plugins-official- Search for azure in /plugin if you prefer interactive install.
- Update with /plugin update azure@claude-plugins-official.
- Node.js 18+ is required for MCP server startup.
Gemini CLI
Install the Azure Skills extension directly from the repository.
gemini extensions install https://github.com/microsoft/azure-skills- The extension configures Azure MCP through npx.
- Use az login before resource-backed prompts.
- Reinstall or update when repository guidance changes.
Cursor
Install the Azure plugin from Cursor Marketplace or Cursor settings.
Open Cursor Settings > Plugins, search for Azure, then install the Azure plugin.- The marketplace listing points back to microsoft/azure-skills.
- Reload Cursor if skills are not discovered immediately.
- Azure MCP still needs local Node.js and Azure authentication.
Codex CLI
Add the marketplace, browse plugins, and install the Azure plugin.
codex plugin marketplace add microsoft/azure-skills# Then run /plugins and install azure- Use /skills to enable or disable individual Azure skills.
- A CLI-installed plugin is also available in the Codex app.
- Keep Node.js 18+ available for MCP.
IntelliJ IDEA
Enable skills in the GitHub Copilot plugin, then install Azure Skills through the Azure Toolkit or skills CLI.
npx skills add https://github.com/microsoft/azure-skills/tree/main/.github/plugins/azure-skills/skills -a github-copilot -g -y- Requires the GitHub Copilot plugin with Skills enabled.
- Azure Toolkit can prompt for installation after restart.
- Git and Node.js must be available on PATH.
What gets installed
One package, three layers of Azure capability.
The plugin combines skill guidance, MCP execution, and Foundry-specific workflows so agents can answer with Azure context and act through supported tools.
MCP
Live Azure tools
Azure MCP gives agents structured access to Azure services for inventory, pricing, diagnostics, monitoring, and resource operations.
Foundry
AI specialist
Foundry MCP adds model, agent, deployment, and evaluation workflows for teams building AI systems on Microsoft Foundry.
Skill catalog
Azure workflows for the moments agents usually guess.
AI and data 7 Architecture 6 Build and deploy 4 Governance 5 Operate 5
Prepare
Deployment readiness
Plans Azure hosting, infrastructure, identity, and app configuration before deployment.
Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate).
Plan firstGenerate IaCChoose hosting
Prepare this app for Azure. v1.2.13 Validate
Preflight checks
Checks Azure infrastructure and app configuration before changes are deployed.
Pre-deployment validation for Azure readiness. Run deep checks on configuration, infrastructure (Bicep or Terraform), RBAC role assignments, managed identity permissions, and prerequisite...
Review IaCCheck configCatch drift
Validate my Azure deployment files. v1.1.2 Deploy
Release execution
Deploys applications and infrastructure with recovery steps for common Azure failures.
Execute Azure deployments for ALREADY-PREPARED applications that have existing .azure/deployment-plan.md and infrastructure files. DO NOT use this skill when the user asks to CREATE a new...
Run azdRecover failuresVerify release
Deploy this project to Azure. v1.1.2 Evolve
Modernization path
Guides Azure app upgrades while preserving deployment and operations guardrails.
Assess and upgrade Azure workloads between plans, tiers, or SKUs, or modernize Azure SDK dependencies in source code.
Modernize safelyPreserve IaCUpdate runtime
Upgrade this Azure app. v1.1.4 Enterprise plan
Landing-zone design
Creates enterprise-ready infrastructure plans across networking, identity, governance, and operations.
Architect and provision enterprise Azure infrastructure from workload descriptions. For cloud architects and platform engineers planning networking, identity, security, compliance, and mu...
Network topologyGovernancePlatform standards
Plan enterprise Azure infrastructure for this app. v1.2.1 Compute
Service selection
Chooses the right Azure compute service for application shape, scale, and operations needs.
Azure VM and VMSS router for recommendations, pricing, autoscale, orchestration, connectivity troubleshooting, capacity reservations, and Essential Machine Management.
ACAApp ServiceFunctions
What Azure compute should host this workload? v2.4.2 Kubernetes
AKS guidance
Guides AKS architecture, deployment, operations, and troubleshooting workflows.
Plan, create, and configure production-ready Azure Kubernetes Service (AKS) clusters. Covers Day-0 checklist, SKU selection (Automatic vs Standard), networking options (private API server...
AKSHelmCluster checks
Help me run this workload on AKS. v1.1.4 AI Runway
AKS platform setup
Sets up AI Runway patterns on AKS for platform teams and application developers.
Set up AI Runway on AKS — from bare cluster to running model. Covers cluster verification, controller install, GPU assessment, provider setup, and first deployment.
Platform setupAKSAI workloads
Set up AI Runway on AKS. v1.0.1 Reliability
Resilience review
Reviews architecture and operations choices against Azure reliability practices.
Assess and improve the reliability posture of PaaS Applications (Azure Functions and Azure App Service). Scans deployed resources for zone redundancy, ZRS storage, health probes, and mult...
ResilienceAvailabilityRecovery
Review this Azure architecture for reliability. v1.0.2 Migration
Cloud transition
Plans and executes application migration paths into Azure with service-fit guidance.
Assess and migrate cross-cloud workloads to Azure with reports and code conversion. Supports Lambda→Functions, Beanstalk/Heroku/App Engine→App Service, Fargate/Kubernetes/Cloud Run/Spring...
AssessMap servicesModernize
Migrate this application to Azure. v1.2.1 Cost
Optimization
Finds cost drivers and recommends Azure sizing, pricing, and cleanup improvements.
Unified Azure cost management: query historical costs, forecast future spending, and optimize to reduce waste.
PricingRightsizeClean up
Find cost savings across my Azure subscription. v1.2.1 Compliance
Policy alignment
Helps align Azure resources and deployments with compliance and security expectations.
Run Azure compliance and security audits with azqr plus Key Vault expiration checks. Covers best-practice assessment, resource review, policy/compliance validation, and security posture c...
PolicySecurityEvidence
Check this Azure deployment for compliance risks. v1.1.1 RBAC
Access control
Selects least-privilege Azure roles for identities, apps, services, and operators.
Helps users find the right Azure RBAC role for an identity with least privilege access, then generate CLI commands and Bicep code to assign it. Also provides guidance on permissions requi...
Least privilegeRole assignmentIdentity
What role should this managed identity use? v1.1.1 App identity
Entra registration
Creates and configures Entra app registrations for secure Azure integrations.
Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration.
App registrationSecretsPermissions
Create an Entra app registration for this service. v1.1.1 Agent identity
Identity setup
Configures Entra identity patterns for agents and service integrations.
Provision Microsoft Entra Agent Identity Blueprints, BlueprintPrincipals, and per-instance Agent Identities via Microsoft Graph, and configure OAuth 2.0 token exchange (fmi_path, OBO, cro...
Managed identityAgent accessPermissions
Set up an Entra identity for this agent. v1.0.1 Diagnostics
Troubleshooting
Uses Azure signals and tools to diagnose failing applications and infrastructure.
Debug Azure production issues on Azure using AppLens, Azure Monitor, resource health, and safe triage.
LogsMetricsRoot cause
Troubleshoot why my Azure app is failing. v1.1.6 Observability
Application Insights
Adds Application Insights instrumentation and telemetry patterns to applications.
Guidance for instrumenting webapps with Azure Application Insights. Provides telemetry patterns, SDK setup, and configuration references.
TelemetryTracingApp Insights
Add Application Insights to this app. v1.1.2 Inventory
Resource discovery
Finds and explains Azure resources, groups, subscriptions, and relationships.
List, find, and show Azure resources across subscriptions or resource groups. Handles prompts like "list the websites in my subscription", "list my web apps", "show my app services", "lis...
InventorySubscriptionsResource graph
List my Azure resource groups. v1.1.3 Visualize
Architecture map
Creates diagrams and summaries from Azure resource relationships.
Analyze Azure resource groups and generate detailed Mermaid architecture diagrams showing the relationships between individual resources.
DiagramsDependenciesTopology
Visualize my Azure resources. v1.1.2 Capacity
Quota planning
Checks quota and capacity constraints before provisioning or scaling Azure resources.
Check/manage Azure quotas and usage across providers. For deployment planning, capacity validation, region selection.
QuotaCapacityRegions
Check quota for this Azure deployment. v1.1.2 Azure AI
AI services
Guides Azure AI Search, Speech, OpenAI, Document Intelligence, and related SDK choices.
Use for Azure AI: Search, Speech, OpenAI, Document Intelligence. Helps with search, vector/hybrid search, speech-to-text, text-to-speech, transcription, OCR.
SearchSpeechOpenAI
Add Azure AI Search to this app. v1.1.1 Foundry
Agent lifecycle
Deploys, evaluates, monitors, and optimizes Foundry models and agents.
Deploy, evaluate, fine-tune, and manage Foundry agents end-to-end: Docker build, ACR push, hosted/prompt agent create, container start, batch eval, continuous eval, prompt optimizer, Agen...
AgentsEvalsModels
Deploy and evaluate this agent in Foundry. v1.1.23 AI gateway
Gateway patterns
Designs AI gateway patterns for model access, routing, safety, and observability.
Configure Azure API Management as an AI Gateway for AI models, MCP tools, and agents.
RoutingSafetyObservability
Add an AI gateway for this application. v3.1.1 Storage
Data services
Guides Azure Storage account, blob, queue, and data access patterns.
Azure Storage Services including Blob Storage, File Shares, Queue Storage, Table Storage, and Data Lake. Answers questions about storage access tiers (hot, cool, cold, archive), when to u...
BlobQueuesManaged identity
Add Azure Storage to this app. v1.1.2 Kusto
Analytics
Works with Azure Data Explorer and Kusto queries for operational and analytical scenarios.
Query and analyze data in Azure Data Explorer (Kusto/ADX) using KQL for log analytics, telemetry, and time series analysis.
KQLADXAnalytics
Query this telemetry with Kusto. v1.1.1 Messaging
Eventing
Chooses and configures Azure messaging services for events, queues, and integration flows.
Troubleshoot and resolve issues with Azure Messaging SDKs for Event Hubs and Service Bus. Covers connection failures, authentication errors, message processing issues, and SDK configurati...
Service BusEvent GridQueues
Choose Azure messaging for this workflow. v1.1.2 Copilot SDK
Hosted copilots
Prepares and deploys hosted Copilot SDK applications with Azure services.
Build, deploy, and modify GitHub Copilot SDK apps on Azure. MANDATORY when codebase contains @github/copilot-sdk or CopilotClient in package.json. PREFER OVER azure-prepare when copilot-s...
Copilot SDKHostingIdentity
Prepare this Copilot SDK app for Azure. v1.1.3 Prompts to try
Ask for outcomes, not generic cloud advice.
These prompts activate guided Azure workflows and, when configured, MCP tools that can inspect real resources.
Prepare
Prepare this app for Azure. Plan hosting, infrastructure, identity, and deployment files before generation starts.
Validate
Validate my Azure deployment files before I run azd up. Catch Azure configuration and infrastructure issues before they become deployment failures.
Deploy
Deploy this project to Azure Container Apps. Run deployment flows with recovery guidance and post-deployment verification.
Diagnose
Troubleshoot why my container app is failing health probes. Route from symptoms to Azure logs, metrics, settings, identities, and service-specific checks.
Optimize
Find cost savings across my Azure subscription. Use pricing, sizing, and resource inventory signals to find practical savings.
Secure
What role should I assign to let this managed identity read blobs? Choose least-privilege roles and identity patterns for Azure resources and applications.
Ready for Azure-aware agents?