Skip to content

Add Azure Policy Tool #1483

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
msalaman merged 22 commits into from
Jan 15, 2026
Merged

Add Azure Policy Tool #1483

msalaman merged 22 commits into from
Jan 15, 2026

Conversation

@msalaman
Copy link
Contributor

@msalaman msalaman commented Jan 12, 2026
edited
Loading

What does this PR do?

Add Azure Policy Tool (https://learn.microsoft.com/en-us/azure/governance/policy/overview) with command that lists Azure policy assignments and corresponding definitions for a given subscription/scope.
Update Azure Best Practice tool instructions to invoke Azure policy tool and use policies to help guide code generation/deployment

GitHub issue number?

#504

Pre-merge Checklist

  • Required for All PRs
    • Read contribution guidelines
    • PR title clearly describes the change
    • Commit history is clean with descriptive messages (cleanup guide)
    • Added comprehensive tests for new/modified functionality
    • Updated servers/Azure.Mcp.Server/CHANGELOG.md and/or servers/Fabric.Mcp.Server/CHANGELOG.md for product changes (features, bug fixes, UI/UX, updated dependencies)
  • For MCP tool changes:
    • One tool per PR: This PR adds or modifies only one MCP tool for faster review cycles
    • Updated servers/Azure.Mcp.Server/README.md and/or servers/Fabric.Mcp.Server/README.md documentation
    • Validate README.md changes using script at eng/scripts/Process-PackageReadMe.ps1. See Package README
    • Updated command list in /servers/Azure.Mcp.Server/docs/azmcp-commands.md and/or /docs/fabric-commands.md
    • Run .\eng\scripts\Update-AzCommandsMetadata.ps1 to update tool metadata in azmcp-commands.md (required for CI)
    • For new or modified tool descriptions, ran [ToolDescriptionEvaluator]
    • For tools with new names, including new tools or renamed tools, update consolidated-tools.json
    • For new tools associated with Azure services or publicly available tools/APIs/products, add URL to documentation in the PR description
  • Extra steps for Azure MCP Server tool changes:
    • Updated test prompts in /servers/Azure.Mcp.Server/docs/e2eTestPrompts.md
    • 👉 For Community (non-Microsoft team member) PRs:
      • Security review: Reviewed code for security vulnerabilities, malicious code, or suspicious activities before running tests (crypto mining, spam, data exfiltration, etc.)
      • Manual tests run: added comment /azp run mcp - pullrequest - live to run Live Test Pipeline

@msalaman
Copy link
Contributor Author

msalaman commented Jan 14, 2026

image

@msalaman msalaman marked this pull request as ready for review January 14, 2026 21:39
Copilot AI review requested due to automatic review settings January 14, 2026 21:39
@msalaman msalaman requested a review from saikoumudi January 14, 2026 21:39
Copilot AI reviewed Jan 14, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a new Azure Policy tool to the Azure MCP Server that enables listing policy assignments for Azure subscriptions and scopes. The tool integrates with the Azure Best Practices guidance to help ensure generated code complies with organizational policies.

Changes:

  • Added new Azure Policy tool with policy assignment list command
  • Updated Azure Best Practice tool instructions to incorporate policy checking in code generation and deployment workflows
  • Added tool to consolidated tools registry and server configuration

Reviewed changes

Copilot reviewed 30 out of 32 changed files in this pull request and generated 12 comments.

Show a summary per file
File Description
tools/Azure.Mcp.Tools.Policy/src/Azure.Mcp.Tools.Policy.csproj Project file for new Policy tool
tools/Azure.Mcp.Tools.Policy/src/Services/PolicyService.cs Service implementation for listing policy assignments
tools/Azure.Mcp.Tools.Policy/src/Services/IPolicyService.cs Service interface definition
tools/Azure.Mcp.Tools.Policy/src/Commands/Assignment/PolicyAssignmentListCommand.cs Command implementation for listing policy assignments
tools/Azure.Mcp.Tools.Policy/src/Commands/PolicyJsonContext.cs JSON serialization context for AOT compatibility
tools/Azure.Mcp.Tools.Policy/src/Models/PolicyAssignment.cs Model for policy assignment data
tools/Azure.Mcp.Tools.Policy/src/Models/PolicyDefinition.cs Model for policy definition data
tools/Azure.Mcp.Tools.Policy/src/Options/Assignment/PolicyAssignmentListOptions.cs Options for list command
tools/Azure.Mcp.Tools.Policy/src/Options/PolicyOptionDefinitions.cs Shared option definitions
tools/Azure.Mcp.Tools.Policy/src/Options/BasePolicyOptions.cs Base options class
tools/Azure.Mcp.Tools.Policy/src/Options/Assignment/AssignmentGetOptions.cs Options for future get command
tools/Azure.Mcp.Tools.Policy/src/PolicySetup.cs Service registration and command setup
tools/Azure.Mcp.Tools.Policy/tests/Azure.Mcp.Tools.Policy.UnitTests/Assignment/PolicyAssignmentListCommandTests.cs Unit tests for list command
tools/Azure.Mcp.Tools.AzureBestPractices/src/Resources/azure-general-deployment-best-practices.txt Updated to include policy checking step
tools/Azure.Mcp.Tools.AzureBestPractices/src/Resources/azure-general-codegen-best-practices.txt Updated to include policy checking step
tools/Azure.Mcp.Tools.AzureBestPractices/src/Resources/azure-functions-deployment-best-practices.txt Updated to include policy checking step
tools/Azure.Mcp.Tools.AzureBestPractices/src/Resources/azure-functions-codegen-best-practices.txt Updated to include policy checking step
servers/Azure.Mcp.Server/src/Program.cs Registered Policy tool in server
servers/Azure.Mcp.Server/docs/e2eTestPrompts.md Added test prompts for Policy tool
servers/Azure.Mcp.Server/docs/azmcp-commands.md Added command documentation
servers/Azure.Mcp.Tools.Policy/src/GlobalUsings.cs Global using statements
servers/Azure.Mcp.Tools.Policy/tests/Azure.Mcp.Tools.Policy.UnitTests/GlobalUsings.cs Global using statements for tests
core/Azure.Mcp.Core/src/Areas/Server/Resources/consolidated-tools.json Added Policy tool to consolidated tools registry
.github/CODEOWNERS Added code ownership for Policy tool

@msalaman msalaman requested a review from JasonYeMSFT January 15, 2026 21:46
@github-project-automation github-project-automation bot moved this from Untriaged to In Progress in Azure MCP Server Jan 15, 2026
@msalaman msalaman merged commit af9f749 into main Jan 15, 2026
28 checks passed
@msalaman msalaman deleted the masalama/AzurePolicyTool branch January 15, 2026 23:02
@github-project-automation github-project-automation bot moved this from In Progress to Done in Azure MCP Server Jan 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@JasonYeMSFT JasonYeMSFT JasonYeMSFT approved these changes

@g2vinay g2vinay Awaiting requested review from g2vinay g2vinay is a code owner

@conniey conniey Awaiting requested review from conniey conniey is a code owner

@fanyang-mono fanyang-mono Awaiting requested review from fanyang-mono fanyang-mono is a code owner

@XiaofuHuang XiaofuHuang Awaiting requested review from XiaofuHuang XiaofuHuang is a code owner

@wbreza wbreza Awaiting requested review from wbreza wbreza is a code owner automatically assigned from microsoft/azure-mcp

@KarishmaGhiya KarishmaGhiya Awaiting requested review from KarishmaGhiya KarishmaGhiya is a code owner automatically assigned from microsoft/azure-mcp

@tmeschter tmeschter Awaiting requested review from tmeschter tmeschter is a code owner automatically assigned from microsoft/azure-mcp

@saikoumudi saikoumudi Awaiting requested review from saikoumudi saikoumudi is a code owner automatically assigned from microsoft/azure-mcp

Assignees

No one assigned

Labels

tools-BestPractices tools-Policy

Projects

Azure MCP Server
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@msalaman @JasonYeMSFT