AzPolicyMCP

AzPolicyMCP

Simple MCP server to help create Azure Policies for any resource type.

Overview

The project outlines the requirements for an Azure Policy Model Context Protocol (MCP) Server aimed at empowering Large Language Models (LLMs) to assist in generating, validating, and deploying Azure custom policies. It addresses problems of generating potentially incorrect or non-compliant Azure policy JSON by providing tools to fetch relevant built-in policies, validate the structure of generated policies against official schemas, and manage policy assignments via the Azure REST API. The server targets LLM applications like chatbots or code assistants that need to interact with Azure Policy definitions.

Core Features

• Fetches and lists Azure built-in policy categories and definitions.
• Validates policy JSON against Azure schemas (currently disabled).
• Deploys and manages Azure Policy Assignments using LLM-defined policies.
• Supports querying policy compliance and deleting policy assignments.

User Experience

The LLM client application interacts with the server to fulfill user requests for Azure policies by fetching categories, definitions, compliance, and deploying assignments according to user specifics.

Azure Authentication Setup

Uses MSAL for authentication with Azure credentials set via environment variables.

Technical Architecture

Built using Python's FastMCP with key components integrated like GitHub API for data access and Azure REST API for policy management.

Development Roadmap

Focuses on debugging validation tools, implementing Microsoft APIs, creating detailed documentation, and expanding test coverage.

Risks and Mitigations

Highlights key risks such as validation issues, secure Azure authentication, LLM intent misinterpretation, and proposes mitigation strategies.