playbooks

home / skills / fcakyon / claude-codex-settings / azure-usage

azure-usage skill

/plugins/azure-tools/skills/azure-usage

This skill helps you query and manage Azure resources such as storage, Key Vault, Cosmos DB, and AKS using MCP best practices.

npx playbooks add skill fcakyon/claude-codex-settings --skill azure-usage

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
1.8 KB
---
name: azure-usage
description: This skill should be used when user asks to "query Azure resources", "list storage accounts", "manage Key Vault secrets", "work with Cosmos DB", "check AKS clusters", "use Azure MCP", or interact with any Azure service.
---

# Azure MCP Best Practices

## Tool Selection

| Task                 | Tool                   | Example                             |
| -------------------- | ---------------------- | ----------------------------------- |
| List resources       | `mcp__azure__*_list`   | Storage accounts, Key Vault secrets |
| Get resource details | `mcp__azure__*_get`    | Container details, database info    |
| Create resources     | `mcp__azure__*_create` | New secrets, storage containers     |
| Query data           | `mcp__azure__*_query`  | Log Analytics, Cosmos DB            |

## Common Operations

### Storage

- `storage_accounts_list` - List storage accounts
- `storage_blobs_list` - List blobs in container
- `storage_blobs_upload` - Upload file to blob

### Key Vault

- `keyvault_secrets_list` - List secrets
- `keyvault_secrets_get` - Get secret value
- `keyvault_secrets_set` - Create/update secret

### Cosmos DB

- `cosmosdb_databases_list` - List databases
- `cosmosdb_containers_list` - List containers
- `cosmosdb_query` - Query documents

### AKS

- `aks_clusters_list` - List AKS clusters
- `aks_nodepools_list` - List node pools

### Monitor

- `monitor_logs_query` - Query Log Analytics

## Authentication

Azure MCP uses Azure Identity SDK. Authenticate via:

- `az login` (Azure CLI - recommended)
- VS Code Azure extension
- Environment variables (service principal)

## Reference

- [Azure MCP Server](https://github.com/microsoft/mcp/tree/main/servers/Azure.Mcp.Server)
- [Supported Services (40+)](https://learn.microsoft.com/azure/developer/azure-mcp-server/)

Overview

This skill lets you inspect and manage Azure resources through an MCP-backed interface. It exposes common resource operations like listing storage accounts, reading Key Vault secrets, querying Cosmos DB, and checking AKS clusters. The skill is optimized for interactive queries and scripted automation workflows.

How this skill works

The skill calls Azure MCP tool endpoints that map to resource operations (list, get, create, query). It authenticates via Azure Identity (az login, VS Code auth, or environment service principal) and routes requests to specific MCP commands such as storage_accounts_list, keyvault_secrets_get, cosmosdb_query, and aks_clusters_list. Results are returned as structured data for further processing or display.

When to use it

  • You need an inventory of Azure resources across subscriptions or resource groups.
  • You want to read or update Key Vault secrets securely via automation.
  • You need to list or upload blobs, or examine storage account contents.
  • You want to run ad-hoc queries against Cosmos DB or Log Analytics.
  • You need to inspect AKS clusters and node pools before deployments.

Best practices

  • Authenticate with az login or a managed identity to avoid secret sprawl.
  • Prefer list/get/query commands rather than broad create/delete unless needed; follow least-privilege principles.
  • Paginate large result sets and use filters to reduce API load and cost.
  • Use Key Vault operations for secret management and avoid embedding secrets in code or chat logs.
  • Validate results in a staging subscription or resource group before applying changes in production.

Example use cases

  • List all storage accounts in a subscription and inspect attached containers and blobs.
  • Retrieve a Key Vault secret value for a deployment pipeline or rotate a secret programmatically.
  • Run a Cosmos DB SQL query to find documents matching a production issue.
  • Query Log Analytics for recent errors using monitor_logs_query and export results for analysis.
  • List AKS clusters and node pools to validate cluster capacity before scaling operations.

FAQ

How do I authenticate this skill to access Azure?

Use az login, the VS Code Azure extension, or set Azure service principal environment variables; az login is recommended for interactive use.

Which MCP commands should I use to list resources?

Use mcp__azure__*_list endpoints such as storage_accounts_list, keyvault_secrets_list, cosmosdb_databases_list, and aks_clusters_list for inventory tasks.