Azure · johnlokerse · Dec 16, 2025 · Dec 16, 2025 · Dec 16, 2025 · Dec 31, 2025
diff --git a/docs/experimental/mcp-tools.md b/docs/experimental/mcp-tools.md
@@ -10,6 +10,7 @@ We have built a Bicep MCP server with agentic tools to support Bicep code genera
 - `list_az_resource_types_for_provider`: Lists all available Azure resource types for a specific provider. The return value is a newline-separated list of resource types including their API version, e.g. `Microsoft.KeyVault/vaults@2024-11-01`. Such information is the most accurate and up-to-date as it is sourced from the Azure Resource Provider APIs.
 - `get_az_resource_type_schema`: Gets the schema for a specific Azure resource type and API version. Such information is the most accurate and up-to-date as it is sourced from the Azure Resource Provider APIs.
 - `list_avm_metadata`: Lists up-to-date metadata for all Azure Verified Modules (AVM). The return value is a newline-separated list of AVM metadata. Each line includes the module name, description, versions, and documentation URI for a specific module.
+- `get_bicep_local_deploy_extensions`: Lists developed Bicep Local Deploy extensions that enhance Bicep's capabilities for local deployments. These extensions allow you to manage non-Azure resources and services directly from Bicep templates, such as GitHub repositories, Kubernetes clusters, local file operations, and HTTP API calls.
 
 Please see below on how to contribute to the Bicep best practices tool.
 

diff --git a/src/Bicep.McpServer.UnitTests/Files/ServerTests/tools.json b/src/Bicep.McpServer.UnitTests/Files/ServerTests/tools.json
@@ -228,6 +228,26 @@
       ]
     }
   },
+  {
+    "name": "get_bicep_local_deploy_extensions",
+    "description": "Lists available Bicep Local Deploy extensions that enable managing non-Azure resources and third-party services using Bicep syntax.\n\nUse this tool when:\n- Users ask about managing non-Azure resources with Bicep (e.g., GitHub, Kubernetes, Cloudflare, Databricks)\n- Looking for extensions to interact with external APIs, DNS providers, or container platforms\n- Exploring ways to extend Bicep beyond Azure Resource Manager deployments\n- Checking if a community extension exists for a specific service or platform\n\nExtensions run locally using the experimental \u0027bicep local-deploy\u0027 command and can manage resources like GitHub repositories, Kubernetes objects, HTTP API calls, and more.",
+    "jsonSchema": {
+      "type": "object",
+      "properties": {}
+    },
+    "returnJsonSchema": {
+      "type": "object",
+      "properties": {
+        "content": {
+          "description": "Markdown document containing available Bicep Local Deploy extensions and their descriptions",
+          "type": "string"
+        }
+      },
+      "required": [
+        "content"
+      ]
+    }
+  },
   {
     "name": "list_avm_metadata",
     "description": "Lists metadata for all Azure Verified Modules (AVM) - Microsoft's official, pre-built, tested, and maintained Bicep modules for common Azure resource patterns.\n\nUse this tool to:\n- Discover reusable, production-ready Bicep modules for common scenarios\n- Find officially supported modules instead of writing resources from scratch\n- Check available versions and documentation for AVM modules\n- Accelerate Bicep development by leveraging tested, best-practice implementations\n\nAzure Verified Modules provide:\n- Pre-configured resource deployments following Microsoft best practices\n- Built-in security, reliability, and compliance features\n- Regular updates and maintenance by Microsoft\n- Comprehensive documentation and examples\n\nUse these modules in your Bicep files to reduce code and improve quality.",

diff --git a/src/Bicep.McpServer/BicepTools.cs b/src/Bicep.McpServer/BicepTools.cs
@@ -47,11 +47,20 @@ public record AvmMetadataResult(
         [Description("List of Azure Verified Module metadata entries")]
         ImmutableArray<AvmModuleMetadata> Modules);
 
+    public record LocalDeployExtensionsResult(
+        [Description("Markdown document containing available Bicep Local Deploy extensions and their descriptions")]
+        string Content);
+
     private static Lazy<BinaryData> BestPracticesMarkdownLazy { get; } = new(() =>
         BinaryData.FromStream(
             typeof(BicepTools).Assembly.GetManifestResourceStream("Files/bestpractices.md") ??
             throw new InvalidOperationException("Could not find embedded resource 'Files/bestpractices.md'")));
 
+    private static Lazy<BinaryData> LocalDeployExtensionsMarkdownLazy { get; } = new(() =>
+        BinaryData.FromStream(
+            typeof(BicepTools).Assembly.GetManifestResourceStream("Files/localdeployextensions.md") ??
+            throw new InvalidOperationException("Could not find embedded resource 'Files/localdeployextensions.md'")));
+
     private static readonly JsonSerializerOptions JsonSerializerOptions = new()
     {
         WriteIndented = true,
@@ -61,14 +70,14 @@ public record AvmMetadataResult(
     [McpServerTool(Title = "List available Azure resource types", Destructive = false, Idempotent = true, OpenWorld = false, ReadOnly = true, UseStructuredContent = true)]
     [Description("""
     Lists all available Azure resource types and their API versions for a specific Azure resource provider namespace.
-    
+
     Use this tool to:
     - Discover what resource types are available in a provider (e.g., what can be created under Microsoft.Storage)
     - Find the latest API versions for Azure resources
     - Explore the complete resource type catalog for a given provider
-    
+
     Data is sourced directly from Azure Resource Provider APIs, ensuring accuracy and currency.
-    
+
     Example provider namespaces: Microsoft.Compute, Microsoft.Storage, Microsoft.Network, Microsoft.Web, Microsoft.KeyVault
     """)]
     public ResourceTypeListResult ListAzResourceTypesForProvider(
@@ -84,14 +93,14 @@ public ResourceTypeListResult ListAzResourceTypesForProvider(
     [McpServerTool(Title = "Get Azure resource type schema", Destructive = false, Idempotent = true, OpenWorld = false, ReadOnly = true, UseStructuredContent = true)]
     [Description("""
     Retrieves the complete JSON schema definition for a specific Azure resource type and API version, including all properties, nested types, and constraints.
-    
+
     Use this tool to:
     - Understand what properties are available on an Azure resource
     - Learn about required vs optional properties, their types, and allowed values
     - Discover nested resource types and their schemas
     - Find available resource functions and their signatures
     - Generate accurate Bicep code with proper property names and types
-    
+
     The returned JSON schema includes resource type definitions, nested complex types, resource function signatures (like list* operations), and property constraints.
     Data is sourced directly from Azure Resource Provider APIs, ensuring the most accurate and up-to-date schema information.
     Specify the resource type (e.g., Microsoft.KeyVault/vaults) and API version (e.g., 2024-11-01 or 2024-12-01-preview).
@@ -113,34 +122,49 @@ public ResourceTypeSchemaResult GetAzResourceTypeSchema(
     [McpServerTool(Title = "Get Bicep best-practices", Destructive = false, Idempotent = true, OpenWorld = false, ReadOnly = true, UseStructuredContent = true)]
     [Description("""
     Retrieves comprehensive, up-to-date best practices and coding standards for authoring Bicep templates.
-    
+
     Use this tool when:
     - Generating new Bicep code to ensure it follows current best practices
     - Reviewing existing Bicep code for quality improvements
     - Learning recommended patterns for common scenarios
     - Understanding security, maintainability, and reliability guidelines
-    
+
     Covers naming conventions, code organization, parameter usage, resource declarations, module composition, security recommendations, performance optimization, and testing approaches.
     The practices are maintained by the Bicep team and reflect current recommended approaches.
     """)]
     public BestPracticesResult GetBicepBestPractices() => new(BestPracticesMarkdownLazy.Value.ToString());
 
+
+    [McpServerTool(Title = "Get available Bicep Local Deploy extensions", Destructive = false, Idempotent = true, OpenWorld = false, ReadOnly = true, UseStructuredContent = true)]
+    [Description("""
+    Lists available Bicep Local Deploy extensions that enable managing non-Azure resources and third-party services using Bicep syntax.
+
+    Use this tool when:
+    - Users ask about managing non-Azure resources with Bicep (e.g., GitHub, Kubernetes, Cloudflare, Databricks)
+    - Looking for extensions to interact with external APIs, DNS providers, or container platforms
+    - Exploring ways to extend Bicep beyond Azure Resource Manager deployments
+    - Checking if a community extension exists for a specific service or platform
+
+    Extensions run locally using the experimental 'bicep local-deploy' command and can manage resources like GitHub repositories, Kubernetes objects, HTTP API calls, and more.
+    """)]
+    public LocalDeployExtensionsResult GetBicepLocalDeployExtensions() => new(LocalDeployExtensionsMarkdownLazy.Value.ToString());
+
     [McpServerTool(Title = "List Azure Verified Modules (AVM)", Destructive = false, Idempotent = true, OpenWorld = true, ReadOnly = true, UseStructuredContent = true)]
     [Description("""
     Lists metadata for all Azure Verified Modules (AVM) - Microsoft's official, pre-built, tested, and maintained Bicep modules for common Azure resource patterns.
-    
+
     Use this tool to:
     - Discover reusable, production-ready Bicep modules for common scenarios
     - Find officially supported modules instead of writing resources from scratch
     - Check available versions and documentation for AVM modules
     - Accelerate Bicep development by leveraging tested, best-practice implementations
-    
+
     Azure Verified Modules provide:
     - Pre-configured resource deployments following Microsoft best practices
     - Built-in security, reliability, and compliance features
     - Regular updates and maintenance by Microsoft
     - Comprehensive documentation and examples
-    
+
     Use these modules in your Bicep files to reduce code and improve quality.
     """)]
     public async Task<AvmMetadataResult> ListAvmMetadata()

diff --git a/src/Bicep.McpServer/Files/localdeployextensions.md b/src/Bicep.McpServer/Files/localdeployextensions.md
@@ -0,0 +1,18 @@
+# Bicep Local Deploy Extensions
+
+Bicep Local Deploy is an experimental feature that enables you to author Bicep files using extensions designed to run fully locally, without requiring an Azure connection. These extensions allow you to manage non-Azure resources and services directly from Bicep templates, such as GitHub repositories, Kubernetes clusters, local file operations, and HTTP API calls. Extensions can be combined to create powerful infrastructure workflows that span multiple platforms and services.
+
+## Extensions
+
+| Name                                               | Repository                                                             | Description                                                                                                                                                                          |
+| -------------------------------------------------- | ---------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| Azure DevOps Extension                             | <https://github.com/johnlokerse/azure-devops-bicep-local-deploy>       | Create and manage Azure DevOps projects, repositories, pipelines, service connections, artifact feeds, and permissions using declarative Bicep syntax.                               |
+| Azure Entitlement Management Bicep Local Extension | <https://github.com/duanany/entitlement-management-bicep-local-deploy> | Manage Azure Entitlement Management access packages, catalogs, policies, and PIM group eligibility for just-in-time access control via infrastructure-as-code.                       |
+| Cloudflare Extension                               | <https://github.com/riosengineer/cloudflare-bicep-deploy>              | Manage Cloudflare DNS records and infrastructure through Bicep templates with declarative configuration support.                                                                     |
+| Databricks Extension                               | <https://github.com/gijsreyn/bicep-ext-databricks>                     | Deploy and manage Azure Databricks resources including Unity Catalog, workspace objects, and compute resources through declarative Bicep templates.                                  |
+| GitHub Extension                                   | <https://github.com/anthony-c-martin/bicep-ext-github>                 | Create and configure GitHub repositories, issues, teams, and other resources directly from Bicep templates with full IntelliSense support.                                           |
+| Http Extension                                     | <https://github.com/maikvandergaag/bicep-ext-http>                     | Perform HTTP requests (GET, POST, PUT, PATCH, DELETE) during deployment to call external APIs, trigger webhooks, and integrate with third-party services.                            |
+| Key Vault Extension                                | <https://github.com/anthony-c-martin/bicep-ext-keyvault>               | Manage Azure Key Vault secrets, keys, and certificates through the data plane API, enabling direct manipulation of Key Vault content during deployment.                              |
+| Kubernetes Extension                               | <https://github.com/anthony-c-martin/bicep-ext-kubernetes>             | Deploy and manage Kubernetes resources using Bicep syntax, providing native Kubernetes object support with type safety and IntelliSense.                                             |
+| Local Extension                                    | <https://github.com/anthony-c-martin/bicep-ext-local>                  | Execute local operations and file system tasks during deployment, enabling infrastructure workflows that interact with the local environment.                                        |
+| Password Generator Extension                       | <https://github.com/mimachniak/bicep-ext-PassWordGenerator>            | Generate secure, complex passwords with configurable requirements (length, character sets) and pass them directly to resources during deployment without manual password management. |