Run Azure compliance and security audits with azqr plus Key Vault expiration checks. Covers best-practice assessment, resource review, policy/compliance validation, and security posture checks. WHEN: compliance scan, security audit, BEFORE running azqr (compliance cli tool), Azure best practices, Key Vault expiration check, expired certificates, expiring secrets, orphaned resources, compliance assessment.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "azure-compliance" skill from askskill: 1. Download https://raw.githubusercontent.com/microsoft/GitHub-Copilot-for-Azure/main/plugin/skills/azure-compliance/SKILL.md 2. Save it as ~/.claude/skills/azure-compliance/SKILL.md 3. Reload skills and tell me it's ready
| Property | Details |
|---|---|
| Best for | Compliance scans, security audits, Key Vault expiration checks |
| Primary capabilities | Comprehensive Resources Assessment, Key Vault Expiration Monitoring |
| MCP tools | azqr, subscription and resource group listing, Key Vault item inspection |
Activate this skill when user wants to:
az login| Assessment | Reference |
|---|---|
| Comprehensive Compliance (azqr) | references/azure-quick-review.md |
| Key Vault Expiration | references/azure-keyvault-expiration-audit.md |
| Resource Graph Queries | references/azure-resource-graph.md |
| Tool | Purpose |
|---|---|
mcp_azure_mcp_extension_azqr | Run azqr compliance scans |
mcp_azure_mcp_subscription_list | List available subscriptions |
mcp_azure_mcp_group_list | List resource groups |
keyvault_key_list | List all keys in vault |
keyvault_key_get | Get key details including expiration |
keyvault_secret_list | List all secrets in vault |
keyvault_secret_get | Get secret details including expiration |
keyvault_certificate_list | List all certificates in vault |
keyvault_certificate_get | Get certificate details including expiration |
| Priority | Guidance |
|---|---|
| Critical | Immediate remediation required for high-impact exposure |
| High | Resolve within days to reduce risk |
| Medium | Plan a resolution in the next sprint |
| Low | Track and fix during regular maintenance |
| Error | Message | Remediation |
|---|---|---|
| Authentication required | "Please login" | Run az login and retry |
| Access denied | "Forbidden" | Confirm permissions and fix role assignments |
| Missing resource | "Not found" | Verify subscription and resource group selection |
For programmatic Key Vault access, see the condensed SDK guides:
…
Set up Entra ID app registration, OAuth, permissions, and MSAL integration.
Set up Azure Application Insights telemetry for web apps with best practices.
Troubleshoot Azure Event Hubs and Service Bus SDK connection and messaging issues.
Find, list, and inspect Azure resources across subscriptions and resource groups.
Deploy, evaluate, fine-tune, and optimize Microsoft Foundry agents and models.
Deploy prepared Azure apps with built-in recovery for common release errors.