Azure Omni-Tool MCP Server
Enables intelligent interaction with Azure resources through natural language by translating requests into safe, auditable Azure CLI commands with plan/review workflows and direct access to 8 Azure services including Storage, Cosmos DB, Key Vault, and more.
README
Azure Omni-Tool MCP Server
A Model Context Protocol (MCP) server in TypeScript that acts as an intelligent bridge between natural language requests and Azure CLI execution.
Features
✅ Plan/Execute Flow - Review commands before execution
✅ Safety Guardrails - Shell injection detection, destructive command warnings
✅ Audit Trail - Operator email tagging for traceability
✅ Retry Logic - Exponential backoff for transient failures
✅ Caching - LRU cache with configurable TTL
✅ Tenant Scoping - Configure tenant/subscription via environment
✅ Azure Service Adapters - Type-safe access to 8 Azure services
Architecture Overview
flowchart TB
subgraph Client["🖥️ Client Layer"]
LLM[LLM / AI Agent]
end
subgraph MCP["⚙️ MCP Server"]
direction TB
Entry[index.ts]
subgraph Tools["Tools"]
T1[manage_azure_resources]
T2[get_azure_context]
T3[azure_service]
end
subgraph Lib["Core Libraries"]
Auth[auth.ts]
Cache[cache.ts]
CLI[cli-executor.ts]
Retry[retry.ts]
Safety[safety.ts]
Audit[audit.ts]
end
subgraph Services["Service Adapters"]
S1[StorageService]
S2[CosmosService]
S3[SearchService]
S4[KustoService]
S5[MonitorService]
S6[AppConfigService]
S7[KeyVaultService]
S8[PostgresService]
end
end
subgraph Azure["☁️ Azure"]
AzCLI[Azure CLI]
AzAPI[Azure APIs]
end
LLM -->|MCP Protocol| Entry
Entry --> Tools
Tools --> Lib
Tools --> Services
Services --> Lib
Lib --> AzCLI
Auth --> AzAPI
Request Flow
sequenceDiagram
participant C as Client
participant M as MCP Server
participant S as Safety
participant E as CLI Executor
participant A as Azure
C->>M: Tool Request
M->>S: Validate Input
alt Unsafe Command
S-->>M: Block + Warning
M-->>C: Error Response
else Safe
S-->>M: Approved
M->>E: Execute Command
E->>A: az CLI call
A-->>E: Response
E-->>M: Result + Parse
M-->>C: Structured Output
end
Plan/Execute Flow
flowchart LR
A[LLM Client] -->|Natural Language| B[MCP Server]
B --> C{execute_now?}
C -->|false| D[Return Plan]
C -->|true| E[Execute CLI]
E --> F{Success?}
F -->|Yes| G[Return Output]
F -->|No| H[Return Error + Analysis]
H -->|Feedback Loop| A
Quick Start
1. Install Dependencies
npm install
2. Configure Environment
cp .env.example .env
# Edit .env with your settings
3. Build & Run
npm run build
npm start
MCP Client Configuration
{
"mcpServers": {
"azure-omni-tool": {
"command": "node",
"args": ["path/to/Azure-mcp/dist/index.js"]
}
}
}
Tools
manage_azure_resources
Plan and execute Azure CLI commands with safety checks.
| Argument | Type | Description |
|---|---|---|
command |
string | Azure CLI command |
explanation |
string | Why this command was chosen |
execute_now |
boolean | false = plan, true = execute |
get_azure_context
Query Azure environment with caching.
| Query Type | Description |
|---|---|
subscriptions |
List accessible subscriptions |
resource_groups |
List resource groups |
resources |
List resources |
custom |
Custom KQL via Resource Graph |
azure_service
Interact with specific Azure services.
| Service | Actions |
|---|---|
storage |
list, listContainers, listBlobs, getContainer, listTables, queryTable |
cosmos |
list, listDatabases, listContainers, query, getContainer |
search |
list, listIndexes, getIndex, query, getService |
kusto |
list, listDatabases, listTables, getSchema, sample, query |
monitor |
list, getWorkspace, listTables, query, listMetrics, getMetrics |
appconfig |
list, getStore, listKeyValues, getKeyValue, setKeyValue, lock, unlock |
keyvault |
list, getVault, listKeys, getKey, createKey, listSecrets, getSecret, listCertificates |
postgres |
list, getServer, listDatabases, listParameters, getParameter, listTables, getTableSchema, query |
Environment Variables
| Variable | Description | Default |
|---|---|---|
AZURE_TENANT_ID |
Azure tenant for scoping | - |
AZURE_SUBSCRIPTION_ID |
Default subscription | - |
OPERATOR_EMAIL |
Email for audit trail | - |
OPERATOR_NAME |
Operator name | - |
LOG_LEVEL |
Logging level | info |
ENABLE_CACHE |
Enable query caching | true |
CACHE_TTL_SECONDS |
Cache duration | 300 |
CACHE_CLEANUP_INTERVAL_MS |
Cache cleanup interval | 60000 |
MAX_RETRIES |
Retry attempts | 3 |
RETRY_DELAY_MS |
Base retry delay | 1000 |
COMMAND_TIMEOUT_MS |
CLI timeout | 120000 |
AZURE_MCP_INCLUDE_PRODUCTION_CREDENTIALS |
Enable Managed Identity | false |
Project Structure
Azure-mcp/
├── src/
│ ├── index.ts # MCP server entry
│ ├── lib/
│ │ ├── auth.ts # Azure credential management
│ │ ├── audit.ts # Audit trail with correlation IDs
│ │ ├── cache.ts # LRU cache with TTL
│ │ ├── cli-executor.ts # Azure CLI wrapper
│ │ ├── config.ts # Environment config
│ │ ├── logger.ts # Structured JSON logging
│ │ ├── retry.ts # Exponential backoff
│ │ ├── safety.ts # Input sanitization
│ │ └── types.ts # Shared types
│ ├── services/
│ │ ├── base-service.ts # Abstract service base
│ │ ├── storage.ts # Azure Storage
│ │ ├── cosmos.ts # Cosmos DB
│ │ ├── search.ts # AI Search
│ │ ├── kusto.ts # Data Explorer
│ │ ├── monitor.ts # Monitor / Log Analytics
│ │ ├── appconfig.ts # App Configuration
│ │ ├── keyvault.ts # Key Vault
│ │ ├── postgres.ts # PostgreSQL Flexible Server
│ │ └── index.ts # Service factory
│ └── tools/
│ ├── azure-manager.ts # Plan/Execute tool
│ ├── context-retriever.ts # Context queries
│ └── service-tool.ts # Service adapter tool
├── .env.example
├── package.json
└── tsconfig.json
Prerequisites
- Node.js >= 18.0.0
- Azure CLI installed and authenticated (
az login)
License
MIT
推荐服务器
Baidu Map
百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Playwright MCP Server
一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。
Audiense Insights MCP Server
通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。
Magic Component Platform (MCP)
一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。
VeyraX
一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。
Kagi MCP Server
一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。
graphlit-mcp-server
模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。
Exa MCP Server
模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。
mcp-server-qdrant
这个仓库展示了如何为向量搜索引擎 Qdrant 创建一个 MCP (Managed Control Plane) 服务器的示例。
e2b-mcp-server
使用 MCP 通过 e2b 运行代码。