Back to MCP Servers

Azure MCP Server

Official Microsoft MCP server connecting AI agents to 40+ Azure services including Storage, Cosmos DB, PostgreSQL, AI Search, Key Vault, and AKS.

Developer Tools by Microsoft OAuth2 active
GitHub Docs npm: @azure/mcp
Overview

The Azure MCP Server is the official Microsoft-maintained Model Context Protocol server that exposes 40+ Azure service areas to AI agents through a single unified server. It implements the MCP specification to give assistants like Claude, Cursor, and GitHub Copilot direct access to query, manage, and provision Azure resources, ranging from data services (Cosmos DB, SQL, PostgreSQL, MySQL, Storage, Data Explorer) to compute (App Service, AKS, Container Apps, Functions, Virtual Machines) and AI/observability tooling (AI Search, AI Foundry, Monitor, Log Analytics, Workbooks).

Beyond raw service APIs, the server bundles meta-tools for Azure CLI generation, Bicep, Terraform best practices, Well-Architected Framework guidance, and a "Cloud Architect" advisor, making it useful for both day-to-day ops and architectural decisions. Authentication leverages the standard Azure identity stack (Azure CLI, Azure PowerShell, or environment-based credentials), so the server inherits whatever RBAC permissions the signed-in user or service principal already has.

The server is distributed as an npm package (@azure/mcp), a .NET tool (Azure.Mcp), a Python package via uvx, and a Docker image on mcr.microsoft.com. It is generally available and is the canonical way to integrate Azure with MCP-compatible clients.

Tools

Tool Description
Azure Storage Manage blob containers, file shares, queues, and tables in Azure Storage accounts.
Azure Cosmos DB Query and manage Cosmos DB databases, containers, and items.
Azure Database for PostgreSQL Query PostgreSQL flexible servers and manage databases.
Azure Database for MySQL Manage and query Azure Database for MySQL servers.
Azure SQL Database Manage SQL Database, SQL Servers, and SQL Elastic Pools.
Azure AI Search Manage AI Search services, indexes, and run search queries.
Azure Key Vault List and manage secrets, keys, and certificates in Key Vault.
Azure Monitor Query Log Analytics workspaces, metrics, and diagnostic data.
Azure Kubernetes Service (AKS) Manage AKS clusters and node pools.
Azure App Service Manage App Service web apps, deployment slots, and settings.
Azure Container Apps Manage Container Apps environments and revisions.
Azure Container Registry Manage ACR registries, repositories, and tags.
Azure Functions Manage Function Apps and function configuration.
Azure Resource Groups List, create, and manage resource groups within subscriptions.
Azure Subscription List subscriptions available to the signed-in identity.
Azure RBAC List and inspect role assignments and role definitions.
Azure Service Bus Manage Service Bus namespaces, queues, and topics.
Azure Event Grid Manage Event Grid topics and subscriptions.
Azure Redis Cache Manage Azure Cache for Redis instances.
Azure Data Explorer Query Kusto clusters and databases using KQL.
Azure App Configuration Manage App Configuration stores, keys, and labels.
Microsoft Foundry Interact with Foundry models and deployments.
Azure AI Services Speech Work with Azure Speech service resources.
Azure Load Testing Run and inspect load test runs.
Azure Managed Grafana Manage Managed Grafana workspaces.
Azure Policy Inspect Azure Policy assignments and compliance state.
Azure Advisor Retrieve Azure Advisor recommendations for cost, security, reliability, and performance.
Azure Quota Inspect resource quotas and usage by region.
Azure Service Health Query Service Health events and active incidents.
Azure Migrate Inspect Azure Migrate projects and assessments.
Azure Backup Manage Recovery Services vaults and backup items.
Azure CLI Generate Generate Azure CLI commands from natural language intent.
Azure Terraform / Terraform Best Practices Generate and validate Terraform code with Azure best practices.
Bicep Author and validate Bicep templates.
Azure Best Practices Return Microsoft best-practice guidance for Azure services.
Azure Well-Architected Framework Consult Well-Architected pillars (cost, security, reliability, ops, performance).
Cloud Architect High-level architectural guidance and reference designs.
Azure Workbooks Manage and run Azure Monitor Workbooks.
Azure Virtual Desktop Manage AVD host pools and session hosts.
Azure Confidential Ledger Manage Confidential Ledger instances and entries.
Azure Service Fabric Manage Service Fabric clusters and applications.
Azure Marketplace Browse Azure Marketplace offerings.
Azure Quick Review CLI Run quick review scans across Azure resources.
Azure Device Registry Manage Azure IoT Operations Device Registry assets.
Azure Managed Lustre Manage Azure Managed Lustre filesystems.
Azure Storage Sync Manage Storage Sync services and sync groups.
Azure Communication Services Manage Communication Services resources.
Setup Guide

Prerequisites

  • An Azure subscription
  • Azure authentication via one of:
    • Azure CLI (az login)
    • Azure PowerShell (Connect-AzAccount)
    • Environment variables (for CI/CD or Docker)
  • Node.js LTS (for the npm/npx method)

Install via npx (recommended)

Add to your MCP client config (claude_desktop_config.json, .cursor/mcp.json, or VS Code mcp.json):

{
  "mcpServers": {
    "Azure MCP Server": {
      "command": "npx",
      "args": ["-y", "@azure/mcp@latest", "server", "start"]
    }
  }
}

Alternative install methods

  • NPM: npm install @azure/mcp@latest
  • .NET tool: dotnet tool install Azure.Mcp
  • Python (uvx): uvx --from msmcp-azure azmcp server start
  • Docker:
    docker run -i --rm --env-file /path/to/.env \
  mcr.microsoft.com/azure-sdk/azure-mcp:latest

IDE extensions

  • VS Code / VS Code Insiders: Install the "Azure MCP Server" extension and sign in via Azure: Sign In
  • Visual Studio 2022/2026: "GitHub Copilot for Azure"
  • IntelliJ IDEA: "Azure Toolkit for IntelliJ" plugin
  • Eclipse: "Azure Toolkit for Eclipse" plugin

Optional configuration

  • AZURE_MCP_COLLECT_TELEMETRY=false to disable telemetry
  • --cloud flag for sovereign clouds (China, US Government)
  • RBAC roles on the authenticated identity control which operations succeed
Use Cases
  • Query a Log Analytics workspace with KQL to investigate an incident and correlate failures across App Service, AKS, and Cosmos DB
  • Inspect Key Vault secrets, App Service settings, and RBAC assignments before a deployment to verify configuration drift
  • Run ad-hoc queries against Cosmos DB or Azure Database for PostgreSQL without leaving the IDE
  • Generate Bicep, Terraform, or Azure CLI commands from natural language and validate them against Well-Architected guidance
  • Audit a subscription with Azure Advisor, Service Health, and Quick Review CLI to surface cost, security, and reliability issues
Example Prompts
  • "List all storage accounts in my production resource group and show containers larger than 10 GB."
  • "Run a KQL query against my Log Analytics workspace to find App Service 5xx errors in the last hour."
  • "Show me the top Advisor recommendations across all my subscriptions, grouped by category."
  • "Generate a Bicep template for an AKS cluster with a Key Vault and Cosmos DB backend, following Azure best practices."
  • "Read the value of the connection-string secret from the prod-kv Key Vault and use it to query my Cosmos DB."
Pros
  • Officially maintained by Microsoft and generally available, with broad coverage across 40+ Azure service areas in a single server
  • Multiple distribution channels (npm, NuGet, PyPI, Docker) and first-class IDE extensions for VS Code, Visual Studio, IntelliJ, and Eclipse
  • Reuses standard Azure auth (Azure CLI, PowerShell, env vars) and inherits existing RBAC, so no separate credential management
  • Bundles architectural guidance tools (Well-Architected, Best Practices, Cloud Architect, Bicep, Terraform) alongside operational tools
Limitations
  • Capabilities are gated by the RBAC roles of the signed-in identity, so a misconfigured principal can silently fail on many operations
  • Requires Azure auth to be set up before the server starts (no in-server interactive login flow for headless setups)
  • Telemetry is enabled by default and must be explicitly disabled via AZURE_MCP_COLLECT_TELEMETRY=false
Alternatives
  • AWS MCP Servers for the equivalent capability across AWS services
  • Google Cloud MCP servers for GCP resource and database access
  • Provider-specific MCPs like the Cloudflare MCP server when only edge/CDN workloads are needed instead of full cloud coverage
More Developer Tools MCP Servers
AWS API
Bridge that lets AI assistants manage AWS infrastructure by executing validated AWS CLI commands across every AWS service.
AWS CDK
Official AWS Labs MCP server that guides agents through AWS CDK development with prescriptive patterns, CDK Nag security validation, and Solutions Constructs discovery.
AWS CloudWatch
Official AWS Labs MCP server for CloudWatch. Query metrics, analyze logs, investigate alarms, and run PromQL queries for AI-powered root cause analysis.
Aiven
Official MCP server for the Aiven cloud data platform. Manage PostgreSQL, Apache Kafka, and other Aiven services from AI assistants.