Azure Compliance
БесплатноНе проверенEnables natural-language queries about Azure resource compliance, including VM compliance, patch status, orphaned RBAC, and infrastructure health, through read-
Описание
Enables natural-language queries about Azure resource compliance, including VM compliance, patch status, orphaned RBAC, and infrastructure health, through read-only MCP tools.
README
CI License: MIT Python 3.12+ FastMCP 3.x
Honest Azure compliance for LLM agents — ask infra-health questions in plain English and get answers that distinguish a real
failfrom anot_evaluable, and never fake apass.
An MCP server, built with FastMCP 3.x, that exposes read-only Azure resource-compliance data so an agent can answer questions like "which storage accounts allow TLS 1.0?" or "which VMs have no disk encryption?" — each finding tagged with where the verdict came from and whether it could be evaluated at all.

Why honest compliance?
Most tooling collapses "compliant", "non-compliant", and "couldn't tell" into a single pass/fail bit — so a control it can't actually measure silently shows green. This server refuses to guess:
fail— positive evidence a protection is absent (e.g.encryptionAtHost = false). Actionable; shows up in the default view.not_evaluable— the signal genuinely isn't in the data (e.g. no guest-config policy assigned). Surfaced explicitly, never as a pass.source— every finding records its provenance:arg|azure_policy|defender.
Quickstart
Requires uv and Python 3.12+. Runs out of the box — mock mode needs zero Azure setup.
uv sync # install dependencies
uv run python scripts/demo.py # fastest look — runs the tools against mock data
uv run server.py # mock data, stdio transport — works immediately
Point it at your own tenant when you're ready:
uv run server.py --mode live # real Azure Resource Graph (e.g. after `az login`)
uv run server.py --transport http # remote: Streamable HTTP
uv run fastmcp dev inspector server.py # explore the tools interactively
Live mode authenticates with DefaultAzureCredential against your own tenant and is strictly read-only.
Architecture
Tools depend only on a Provider protocol, never on a concrete data source — so the same tool code runs against synthetic mock data or live Azure Resource Graph (ARG), selected at startup with --mode.
flowchart LR
Agent["LLM agent / MCP client"] -->|stdio · HTTP| Server["FastMCP server\n(check_compliance, query_resources)"]
Server --> Protocol["Provider protocol\n(read-only)"]
Protocol -->|--mode mock| Mock["MockProvider\nseeded ARG-shaped data"]
Protocol -->|--mode live| Live["LiveProvider\nDefaultAzureCredential"]
Live -->|injection-safe KQL| ARG[("Azure Resource Graph\nresources · policyresources")]
Controls (check_compliance evaluates five):
| control | source | signal |
|---|---|---|
required_tags |
arg |
resources.tags (env / owner / costCenter) |
tls_min_1_2 |
arg |
resources.properties.minimumTlsVersion |
public_network_access |
arg |
resources.properties.publicNetworkAccess |
disk_encryption |
arg |
securityProfile.encryptionAtHost — host-level only; OFF ⇒ fail, ADE not assessed |
guest_config_extension |
azure_policy |
policyresources guest-config states; no data ⇒ not_evaluable |
Transports: stdio (default, local) and Streamable HTTP (remote, intended behind OAuth 2.1). In stdio mode stdout is reserved for the protocol — logging goes to stderr only.
See SPEC.md for the full tool contracts.
Design decisions & tradeoffs
- Mock provider is the default. The repo runs with zero Azure account, credentials, or network — so reviewers, CI, and new contributors get meaningful output immediately. The mock dataset is shaped exactly like ARG rows, so one mapping serves both modes.
- Read-only by construction. No tool can create, update, or delete a resource. The live path only ever issues ARG queries; there is no mutation surface to misuse.
- Control-based, not Azure-Policy-based. Compliance is evaluated from resource configuration (the ARG row), so it works even when no Azure Policy is assigned — except where the signal genuinely lives elsewhere (guest-config), which routes to
policyresourcesand is honest about it. - The
not_evaluable+sourcehonesty model. A third status plus a provenance field means the agent can tell "this is broken" from "I can't see this from here" — the core reason to trust the output. - KQL pushdown for scale. Live filters (
query_resources) are pushed into the ARG query (where+take) rather than fetched-then-filtered, so large tenants stay cheap. An opt-in contract test asserts the pushdown matches the reference Python filter, so both modes stay provably consistent. - Injection-safe escaping. ARG has no bind parameters, so every user-supplied value is encoded as an escaped KQL string literal — never concatenated raw. (ARG is read-only regardless, but the discipline is enforced and unit-tested.)
Status & roadmap
v0.2.0 — check_compliance and query_resources shipped (mock + live), honest not_evaluable/source model, KQL pushdown, CI on every PR.
Next:
-
get_patch_status— patch/update assessment across VMs -
find_orphaned_rbac— role assignments pointing at deleted principals -
summarize_health— rolled-up infra-health summary - evals — task-level evaluation of agent answers over the mock dataset
Development
uv run pytest # tests (live tests are opt-in: RUN_LIVE_TESTS=1)
uv run ruff check . # lint
uv run ruff format --check . # format
Security
- All Azure tools are read-only — nothing in this server modifies Azure resources.
- Secrets, tenant IDs, and
.envare gitignored and must never be committed; live mode uses only your localDefaultAzureCredential. - In stdio mode, logging goes to stderr only (stdout is reserved for the protocol).
License
Установка Azure Compliance
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/vivekanjana76/azure-compliance-mcpFAQ
Azure Compliance MCP бесплатный?
Да, Azure Compliance MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Azure Compliance?
Нет, Azure Compliance работает без API-ключей и переменных окружения.
Azure Compliance — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Azure Compliance в Claude Desktop, Claude Code или Cursor?
Открой Azure Compliance на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Azure Compliance with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
