Merge pull request #7570 from diberry/dibery/0723-mcp

JillGrant615 · web-flow · commit 846962e0a6fa · 2025-07-29T14:11:22.000-06:00
MCP: AZD, Azure tools, Key Vault -
diff --git a/articles/azure-mcp-server/TOC.yml b/articles/azure-mcp-server/TOC.yml
@@ -21,14 +21,16 @@ items:
           href: tools/azure-bicep-schema.md
         - name: Azure Cache for Redis
           href: tools/azure-cache-for-redis.md          
-        - name: Azure CLI Extension
+        - name: Azure CLI
           href: tools/azure-cli-extension.md
         - name: Azure Cosmos DB
           href: tools/cosmos-db.md
         - name: Azure Data Explorer
           href: tools/azure-data-explorer.md
         - name: Azure DB for PostgreSQL
           href: tools/postgresql.md
+        - name: Azure Developer CLI
+          href: tools/azure-developer-cli.md
         - name: Azure Foundry
           href: tools/azure-foundry.md
         - name: Azure Grafana
@@ -39,6 +41,8 @@ items:
           href: tools/azure-aks.md
         - name: Azure Load Testing
           href: tools/azure-load-testing.md
+        - name: Azure MCP tool
+          href: tools/azure-mcp-tool.md
         - name: Azure Monitor
           href: tools/monitor.md
         - name: Azure RBAC
diff --git a/articles/azure-mcp-server/includes/tools/supported-azure-services.md b/articles/azure-mcp-server/includes/tools/supported-azure-services.md
@@ -17,15 +17,17 @@ Azure MCP Server provides the following tools for Azure services and Azure-relat
 | [Azure App Configuration](../../tools/app-configuration.md) | Manage centralized application settings and feature flags. |
 | [Azure best practices](../../tools/azure-best-practices.md) | Get guidance on Azure Functions development, deployment, and Azure SDK usage. |
 | [Azure Cache for Redis](../../tools/azure-cache-for-redis.md) | Manage Azure Cache for Redis instances, Redis clusters, and access policies. |
-| [Azure CLI Extension](../../tools/azure-cli-extension.md) | Execute Azure CLI commands within the MCP server. |
+| [Azure CLI](../../tools/azure-cli-extension.md) | Execute Azure CLI commands within the MCP server. |
 | [Azure Cosmos DB](../../tools/cosmos-db.md) | Work with Azure Cosmos DB accounts, databases, containers, and documents. |
 | [Azure Data Explorer](../../tools/azure-data-explorer.md) | Work with Azure Data Explorer clusters, databases, tables, and queries. |
 | [Azure Database for PostgreSQL](../../tools/postgresql.md) | Manage Azure Database for PostgreSQL servers, databases, and tables.  |
+| [Azure Developer CLI](../../tools/azure-developer-cli.md) | Execute Azure Developer CLI commands for application development and deployment. |
 | [Azure Foundry](../../tools/azure-foundry.md) | Work with Azure AI Foundry models, deployments, and endpoints. |
 | [Azure Grafana](../../tools/azure-grafana.md) | List Grafana workspaces.|
 | [Azure Key Vault](../../tools/key-vault-key.md) | Manage keys, secrets, certificates in Azure Key Vault. |
 | [Azure Kubernetes Service](../../tools/azure-aks.md) | List Azure Kubernetes Service clusters. |
 | [Azure Load Testing](../../tools/azure-load-testing.md) | Create, run, and see load testing. |
+| [Azure MCP tool](../../tools/azure-mcp-tool.md) | Discover and manage available Azure MCP Server tools. |
 | [Azure Monitor](../../tools/monitor.md) | Query Azure Monitor logs and metrics. |
 | [Azure Native ISV](../../tools/azure-native-isv.md) | Work with Azure Native ISV services, including Datadog integration for monitoring and observability. |
 | [Azure Quick Review CLI](../../tools/azure-compliance-quick-review.md) | Generate compliance and security reports for Azure resources. 
diff --git a/articles/azure-mcp-server/index.yml b/articles/azure-mcp-server/index.yml
@@ -41,7 +41,7 @@ landingContent:
             url: tools/app-configuration.md
           - text: Azure Cache for Redis
             url: tools/azure-cache-for-redis.md
-          - text: Azure CLI Extension
+          - text: Azure CLI
             url: tools/azure-cli-extension.md
           - text: Azure Data Explorer
             url: tools/azure-data-explorer.md
diff --git a/articles/azure-mcp-server/tools/azure-developer-cli.md b/articles/azure-mcp-server/tools/azure-developer-cli.md
@@ -0,0 +1,43 @@
+---
+title: Azure Developer CLI Extension Tools
+description: Learn how to use the Azure MCP Server with the Azure Developer CLI Extension.
+keywords: azure mcp server, azmcp, azure developer cli extension, azd
+author: diberry
+ms.author: diberry
+ms.date: 07/22/2025
+content_well_notification: 
+  - AI-contribution
+ai-usage: ai-assisted
+ms.topic: reference
+ms.custom: build-2025
+--- 
+# Azure Developer CLI extension tools for the Azure MCP Server
+
+The Azure MCP Server allows you to execute any Azure Developer CLI command using natural language prompts. You can perform application development, deployment, and management operations without needing to remember specific command syntax, parameters, or formatting.
+
+[Azure Developer CLI (azd)](/azure/developer/azure-developer-cli/) is a developer-centric command-line interface (CLI) tool for creating Azure applications. It provides a set of developer-friendly commands that map to key stages in your workflow, from initializing a new project to deploying to Azure. For a complete list of Azure Developer CLI commands this tool can execute, see the [Azure Developer CLI reference documentation](/azure/developer/azure-developer-cli/reference).
+
+[!INCLUDE [tip-about-params](../includes/tools/parameter-consideration.md)]
+
+## Execute Azure Developer CLI command
+
+The Azure MCP Server can execute Azure Developer CLI commands. This provides complete access to Azure application development and deployment operations through familiar command-line syntax.
+
+**Example prompts** include:
+
+- **Initialize a new project**: "Create a sample todo list app with NodeJS and MongoDB"
+- **Deploy application**: "Deploy my application to Azure"
+- **Manage environments**: "Show me my azd environments"
+- **Monitor application**: "Check the status of my deployed application"
+- **Template operations**: "List available azd templates"
+
+| Parameter | Required or optional | Description |
+|-----------|-------------|-------------|
+| **Command** | Required | The Azure Developer CLI command to execute (without the 'azd' prefix). For a complete list of Azure Developer CLI commands, see the [Azure Developer CLI reference documentation](/azure/developer/azure-developer-cli/reference). |
+
+## Related content
+
+- [What are the Azure MCP Server tools?](index.md)
+- [Get started using Azure MCP Server](../get-started.md)
+- [Azure Developer CLI reference documentation](/azure/developer/azure-developer-cli/reference)
+- [Azure Developer CLI overview](/azure/developer/azure-developer-cli/overview)
diff --git a/articles/azure-mcp-server/tools/azure-mcp-tool.md b/articles/azure-mcp-server/tools/azure-mcp-tool.md
@@ -0,0 +1,42 @@
+---
+title: Azure MCP Tools Management
+description: Learn how to use the Azure MCP Server to discover and manage available tools.
+keywords: azure mcp server, azmcp, tools, tool management
+author: diberry
+ms.author: diberry
+ms.date: 07/22/2025
+content_well_notification: 
+  - AI-contribution
+ai-usage: ai-assisted
+ms.topic: reference
+ms.custom: build-2025
+--- 
+# Azure MCP tools management for the Azure MCP Server
+
+The Azure MCP Server provides tools to discover and manage the available Azure tools within the server. You can list all available tools using natural language prompts without remembering specific command syntax.
+
+
+[!INCLUDE [tip-about-params](../includes/tools/parameter-consideration.md)]
+
+## List tools
+
+The Azure MCP Server can list all available tools and their capabilities. This helps you discover what Azure services and operations you can manage through the MCP server.
+
+**Example prompts** include:
+
+- **List all tools**: "Show me all available Azure MCP tools"
+- **Discover capabilities**: "What tools are available in the Azure MCP server?"
+- **View tool inventory**: "List all Azure tools I can use"
+- **Check available services**: "What Azure services can I manage with MCP?"
+- **Find tools**: "Show me what Azure operations are available"
+
+| Parameter | Required or optional | Description |
+|-----------|-------------|-------------|
+| None | N/A | This command requires no parameters and lists all available tools. |
+
+
+## Related content
+
+- [What are the Azure MCP Server tools?](index.md)
+- [Get started using Azure MCP Server](../get-started.md)
+- [Azure MCP Server GitHub repository](https://github.com/Azure-Samples/azure-mcp-server)
diff --git a/articles/azure-mcp-server/tools/key-vault-key.md b/articles/azure-mcp-server/tools/key-vault-key.md
@@ -1,10 +1,10 @@
 ---
 title: Azure Key Vault Tools 
-description: Learn how to use the Azure MCP Server with Azure Key Vault keys.
+description: Learn how to use the Azure MCP Server with Azure Key Vault keys, secrets, and certificates.
 keywords: azure mcp server, azmcp, key vault
 author: diberry
 ms.author: diberry
-ms.date: 07/01/2025
+ms.date: 07/22/2025
 content_well_notification: 
   - AI-contribution
 ai-usage: ai-assisted
@@ -13,22 +13,24 @@ ms.custom: build-2025
 --- 
 # Azure Key Vault tools for the Azure MCP Server
 
-The Azure MCP Server allows you to manage Azure Key Vault resources, including keys, secrets, and certificates with natural language prompts. You can manage keys without remembering specialized command syntax.
+The Azure MCP Server allows you to manage Azure Key Vault resources, including keys, secrets, and certificates with natural language prompts. You can manage these resources without remembering specialized command syntax.
 
 [Azure Key Vault](/azure/key-vault/general/overview) is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys.
 
 [!INCLUDE [tip-about-params](../includes/tools/parameter-consideration.md)]
 
-## Create key
+## Keys
+
+### Create key
 
 The Azure MCP Server can create a new key in an Azure Key Vault. This allows you to add cryptographic keys for your applications.
 
 Example prompts include:
 
-- **Create key**: "Create a new RSA key named 'app-encryption-key' in my 'mykeyvault' Key Vault."
-- **Generate key**: "Generate a new EC key called 'signing-key' in Key Vault 'security-kv'"
-- **Add key**: "Add a new 2048-bit RSA key named 'data-key' to my Key Vault"
-- **Set up key**: "Create an encryption key for my application in Key Vault"
+- **Create RSA key**: "Create a new RSA key named 'app-encryption-key' in my 'mykeyvault' Key Vault."
+- **Generate EC key**: "Generate a new EC key called 'signing-key' in Key Vault 'security-kv'"
+- **Add encryption key**: "Add a new 2048-bit RSA key named 'data-key' to my Key Vault"
+- **Set up signing key**: "Create an EC key for JWT signing in my Key Vault"
 - **Make new key**: "Create a P-256 EC key called 'jwt-signing' in my 'api-vault'"
 
 | Parameter | Required or optional | Description |
@@ -38,14 +40,14 @@ Example prompts include:
 | **Key** | Required | The name of the key to create. |
 | **Key type** | Required | The type of key to create (RSA, EC). |
 
-## Get key
+### Get key
 
 The Azure MCP Server can retrieve details of a specific key from an Azure Key Vault. This allows you to view key properties and metadata.
 
 Example prompts include:
 
-- **Get key**: "Show me details of the 'app-encryption-key' in my 'mykeyvault' Key Vault."
-- **View key**: "Get information about the 'signing-key' in Key Vault 'security-kv'"
+- **Get key details**: "Show me details of the 'app-encryption-key' in my 'mykeyvault' Key Vault."
+- **View key info**: "Get information about the 'signing-key' in Key Vault 'security-kv'"
 - **Retrieve key**: "Get properties of the 'data-key' in my Key Vault"
 - **Check key**: "Show me the details of the encryption key in my vault"
 - **Find key**: "Get the properties of 'jwt-signing' key in 'api-vault'"
@@ -56,13 +58,52 @@ Example prompts include:
 | **Vault** | Required | The name of the Key Vault. |
 | **Key** | Required | The name of the key to retrieve. |
 
-## Get secret
+### List keys
+
+The Azure MCP Server can list all keys in an Azure Key Vault. This helps you manage your cryptographic keys and view your key inventory.
+
+Example prompts include:
+
+- **List all keys**: "Show me all keys in my 'mykeyvault' Key Vault."
+- **View keys**: "What keys do I have in Key Vault 'security-kv'?"
+- **Find keys**: "List keys in my Key Vault 'central-keys'"
+- **Query keys**: "Show all keys including managed keys in my Key Vault"
+- **Check keys**: "What keys are available in my 'encryption-vault'?"
+
+| Parameter | Required or optional | Description |
+|-----------|-------------|-------------|
+| **Subscription** | Required | The Azure subscription ID or name. |
+| **Vault** | Required | The name of the Key Vault. |
+| **Include managed** | Required | Whether or not to include managed keys in results. |
+
+## Secrets
+
+### Create secret
+
+The Azure MCP Server can create a new secret in an Azure Key Vault. This allows you to securely store sensitive information like passwords, API keys, and connection strings.
+
+Example prompts include:
+
+- **Create API secret**: "Create a secret named 'api-key' with value 'xyz123' in my 'production-vault' Key Vault."
+- **Store password**: "Add a secret called 'database-password' to Key Vault 'security-kv'"
+- **Save connection string**: "Create a secret for my database connection string in Key Vault"
+- **Add credentials**: "Store my service principal secret in Key Vault 'api-vault'"
+- **Set configuration**: "Create a secret named 'app-config' in my Key Vault"
+
+| Parameter | Required or optional | Description |
+|-----------|-------------|-------------|
+| **Subscription** | Required | The Azure subscription ID or name. |
+| **Vault** | Required | The name of the Key Vault. |
+| **Name** | Required | The name of the secret to create. |
+| **Value** | Required | The value of the secret to store. |
+
+### Get secret
 
 The Azure MCP Server can retrieve a specific secret from a Key Vault. This is useful for accessing sensitive configuration values, API keys, connection strings, and other secrets stored securely in Azure Key Vault.
 
 Example prompts include:
 
-- **Get a specific secret**: "Retrieve the 'database-connection-string' secret from my 'production-vault' Key Vault."
+- **Get specific secret**: "Retrieve the 'database-connection-string' secret from my 'production-vault' Key Vault."
 - **Access API key**: "Get the 'third-party-api-key' secret from the 'api-secrets' vault"
 - **Check secret value**: "What is the value of the 'ssl-certificate-password' secret in my Key Vault?"
 - **Retrieve configuration**: "Get the 'app-config-secret' from vault 'eastus-keyvault'"
@@ -74,25 +115,80 @@ Example prompts include:
 | **Vault** | Required | The name of the Key Vault. |
 | **Name** | Required | The name of the secret to retrieve. |
 
-## List keys
+### List secrets
 
-The Azure MCP Server can list all keys in an Azure Key Vault. This helps you manage your cryptographic keys.
+The Azure MCP Server can list all secrets in an Azure Key Vault. This helps you manage your stored secrets and view your secret inventory.
 
 Example prompts include:
 
-- **List keys**: "Show me all keys in my 'mykeyvault' Key Vault."
-- **View keys**: "What keys do I have in Key Vault 'security-kv'?"
-- **Find keys**: "List keys in my Key Vault 'central-keys'"
-- **Query keys**: "Show all keys in my Key Vault"
-- **Check keys**: "What keys are available in my 'encryption-vault'?"
+- **List all secrets**: "Show me all secrets in my 'production-vault' Key Vault."
+- **View secrets**: "What secrets do I have in Key Vault 'api-secrets'?"
+- **Find secrets**: "List secrets in my Key Vault 'configuration-kv'"
+- **Query secrets**: "Show all secrets in my Key Vault"
+- **Check secrets**: "What secrets are stored in my 'eastus-keyvault'?"
+
+| Parameter | Required or optional | Description |
+|-----------|-------------|-------------|
+| **Subscription** | Required | The Azure subscription ID or name. |
+| **Vault** | Required | The name of the Key Vault. |
+
+## Certificates
+
+### Create certificate
+
+The Azure MCP Server can create a new certificate in an Azure Key Vault using the default policy. This allows you to generate SSL/TLS certificates for your applications.
+
+Example prompts include:
+
+- **Create SSL certificate**: "Create a certificate named 'web-ssl-cert' in my 'production-vault' Key Vault."
+- **Generate certificate**: "Create a new certificate called 'api-tls-cert' in Key Vault 'security-kv'"
+- **Add certificate**: "Generate a certificate for my web application in Key Vault"
+- **Set up TLS cert**: "Create a certificate named 'app-certificate' in my Key Vault"
+- **Make new cert**: "Create a certificate called 'service-cert' in 'certificates-vault'"
+
+| Parameter | Required or optional | Description |
+|-----------|-------------|-------------|
+| **Subscription** | Required | The Azure subscription ID or name. |
+| **Vault** | Required | The name of the Key Vault. |
+| **Name** | Required | The name of the certificate to create. |
+
+### Get certificate
+
+The Azure MCP Server can retrieve details of a specific certificate from an Azure Key Vault. This allows you to view certificate properties, expiration dates, and metadata.
+
+Example prompts include:
+
+- **Get certificate details**: "Show me details of the 'web-ssl-cert' certificate in my 'production-vault' Key Vault."
+- **View certificate info**: "Get information about the 'api-tls-cert' certificate in Key Vault 'security-kv'"
+- **Retrieve certificate**: "Get properties of the 'app-certificate' in my Key Vault"
+- **Check certificate**: "Show me the details of the SSL certificate in my vault"
+- **Find certificate**: "Get the properties of 'service-cert' certificate in 'certificates-vault'"
+
+| Parameter | Required or optional | Description |
+|-----------|-------------|-------------|
+| **Subscription** | Required | The Azure subscription ID or name. |
+| **Vault** | Required | The name of the Key Vault. |
+| **Name** | Required | The name of the certificate to retrieve. |
+
+### List certificates
+
+The Azure MCP Server can list all certificates in an Azure Key Vault. This helps you manage your certificates and track expiration dates.
+
+Example prompts include:
+
+- **List all certificates**: "Show me all certificates in my 'production-vault' Key Vault."
+- **View certificates**: "What certificates do I have in Key Vault 'security-kv'?"
+- **Find certificates**: "List certificates in my Key Vault 'certificates-kv'"
+- **Query certificates**: "Show all certificates in my Key Vault"
+- **Check certificates**: "What certificates are available in my 'ssl-vault'?"
 
 | Parameter | Required or optional | Description |
 |-----------|-------------|-------------|
 | **Subscription** | Required | The Azure subscription ID or name. |
 | **Vault** | Required | The name of the Key Vault. |
-| **Include managed** | Optional | Whether or not to include managed keys in results. |
 
 ## Related content
 
 - [What are the Azure MCP Server tools?](index.md)
-- [Get started using Azure MCP Server](../get-started.md)
+- [Get started using Azure MCP Server](../get-started.md)
+- [Azure Key Vault documentation](/azure/key-vault/)
diff --git a/articles/azure-mcp-server/tools/tools.json b/articles/azure-mcp-server/tools/tools.json
