Azure Rbac
技能 活跃Helps users find the right Azure RBAC role for an identity with least privilege access, then generate CLI commands and Bicep code to assign it. Also provides guidance on permissions required to grant roles. WHEN: bicep for role assignment, what role should I assign, least privilege role, RBAC role for, role to read blobs, role for managed identity, custom role definition, assign role to identity, what role do I need to grant access, permissions to assign roles.
To streamline the process of assigning Azure RBAC roles with least privilege by providing role identification, code generation, and permission insights.
功能
- Find minimal Azure RBAC roles for least privilege access
- Generate Azure CLI commands for role assignment
- Generate Bicep code for role assignment
- Provide guidance on permissions required to grant roles
使用场景
- When needing to assign a specific Azure RBAC role to a managed identity.
- When determining the minimal permissions required for an identity to perform a task.
- When generating Bicep code to automate Azure role assignments.
- When needing to understand what permissions are required to assign roles in Azure.
非目标
- Managing Azure resources other than RBAC role assignments.
- Providing a comprehensive guide to all Azure permissions.
- Directly executing Azure role assignments without user review of generated code/commands.
Trust
- warning:Issues AttentionThere are 19 open issues and 11 closed issues in the last 90 days, indicating a closure rate below 50% and potentially slow response times.
Practical Utility
- info:Usage examplesWhile the skill's functionality is clear, explicit end-to-end usage examples with specific inputs and claimed outputs are not detailed in the SKILL.md or README.
- info:Edge casesThe skill mentions the scenario of needing a custom role definition when no built-in role matches, but specific documentation on other failure modes (e.g., expired credentials, invalid permissions for the user assigning the role) and recovery steps is not detailed.
安装
请先添加 Marketplace
/plugin marketplace add microsoft/skills/plugin install azure-skills@skills质量评分
类似扩展
Azure Deploy
100Execute Azure deployments for ALREADY-PREPARED applications that have existing .azure/deployment-plan.md and infrastructure files. DO NOT use this skill when the user asks to CREATE a new application — use azure-prepare instead. This skill runs azd up, azd deploy, terraform apply, and az deployment commands with built-in error recovery. Requires .azure/deployment-plan.md from azure-prepare and validated status from azure-validate. WHEN: "run azd up", "run azd deploy", "execute deployment", "push to production", "push to cloud", "go live", "ship it", "bicep deploy", "terraform apply", "publish to Azure", "launch on Azure". DO NOT USE WHEN: "create and deploy", "build and deploy", "create a new app", "set up infrastructure", "create and deploy to Azure using Terraform" — use azure-prepare for these.
Better Auth Organization Plugin
75Configure multi-tenant organizations, manage members and invitations, define custom roles and permissions, set up teams, and implement RBAC using Better Auth's organization plugin. Use when users need org setup, team management, member roles, access control, or the Better Auth organization plugin.
Hybrid Cloud Networking
100Configure secure, high-performance connectivity between on-premises infrastructure and cloud platforms using VPN and dedicated connections. Use when building hybrid cloud architectures, connecting data centers to cloud, or implementing secure cross-premises networking.
Azure Postgres Ts
100Connect to Azure Database for PostgreSQL Flexible Server from Node.js/TypeScript using the pg (node-postgres) package. Use for PostgreSQL queries, connection pooling, transactions, and Microsoft Entra ID (passwordless) authentication. Triggers: "PostgreSQL", "postgres", "pg client", "node-postgres", "Azure PostgreSQL connection", "PostgreSQL TypeScript", "pg Pool", "passwordless postgres".
Azure Servicebus Py
100Azure Service Bus SDK for Python messaging. Use for queues, topics, subscriptions, and enterprise messaging patterns. Triggers: "service bus", "ServiceBusClient", "queue", "topic", "subscription", "message broker".
Azure Monitor Query Py
100Azure Monitor Query SDK for Python. Use for querying Log Analytics workspaces and Azure Monitor metrics. Triggers: "azure-monitor-query", "LogsQueryClient", "MetricsQueryClient", "Log Analytics", "Kusto queries", "Azure metrics".