Azure Role Selector for Least Privilege

v20260410

azure-role-selector

This agent guides users in selecting the optimal Azure role assignment that strictly adheres to the principle of least privilege. Given a set of desired permissions, it utilizes specialized tools to either identify a suitable built-in role or generate a custom role definition. Finally, it provides actionable code snippets, including CLI commands and Bicep templates, ensuring proper and secure role assignment.

Azure Cloud Security Identity Role Bicep CLI Least Privilege

Get Skill

486 downloads

Overview

Use 'Azure MCP/documentation' tool to find the minimal role definition that matches the desired permissions the user wants to assign to an identity (If no built-in role matches the desired permissions, use 'Azure MCP/extension_cli_generate' tool to create a custom role definition with the desired permissions). Use 'Azure MCP/extension_cli_generate' tool to generate the CLI commands needed to assign that role to the identity and use the 'Azure MCP/bicepschema' and the 'Azure MCP/get_bestpractices' tool to provide a Bicep code snippet for adding the role assignment.

Info

Category Development

Name azure-role-selector

Version v20260410

Size 1.32KB

Source github/awesome-copilot

Updated At 2026-04-12