AzResourceGraphMCP

krnese/AzResourceGraphMCP

3.1

If you are the rightful owner of AzResourceGraphMCP and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The Azure Resource Graph MCP Server enables querying of Azure resources using KQL directly within VS Code and GitHub Copilot, focusing on security and compliance.

Azure Resource Graph MCP Server

A Model Context Protocol (MCP) server that provides Azure Resource Graph querying capabilities directly within VS Code and GitHub Copilot.

Features

  • 🔍 Query Azure resources using KQL (Kusto Query Language)
  • 🛡️ Security-focused queries for compliance and governance
  • 🚀 Direct integration with VS Code and GitHub Copilot
  • 🔐 Uses Azure DefaultAzureCredential for authentication

One-Click Installation

Option 1: VS Code Insiders (Recommended)

Click the link below to automatically install and configure the MCP server:

📦 Install Azure Resource Graph MCP Server

⚠️ Important: Replace YOUR_SUBSCRIPTION_ID in the VS Code configuration after installation with your actual Azure Subscription ID.

Option 2: VS Code Stable (Alternative)

For VS Code stable, use this configuration link:

📦 Install Azure Resource Graph MCP Server (Stable)

Manual Installation

If you prefer manual installation, add this configuration to your VS Code settings.json:

{
  "mcp": {
    "servers": {
      "azure-rg-mcp": {
        "command": "npx",
        "args": ["-y", "@krnese/azure-resource-graph-mcp@latest"],
        "env": {
          "AZURE_SUBSCRIPTION_ID": "your-subscription-id-here"
        }
      }
    }
  }
}

Prerequisites

  1. Node.js 18+ - Download here
  2. Azure CLI - Install here
  3. Azure Authentication - Run az login to authenticate
  4. VS Code with MCP support - Use VS Code Insiders or stable with MCP extension

Configuration

Setting your Azure Subscription ID

After installation, you need to configure your Azure Subscription ID:

  1. Open VS Code Settings (Cmd/Ctrl + ,)
  2. Search for "mcp"
  3. Find the "azure-rg-mcp" server configuration
  4. Replace YOUR_SUBSCRIPTION_ID with your actual Azure Subscription ID

Alternatively, you can edit your settings.json directly and update the AZURE_SUBSCRIPTION_ID value.

Finding your Subscription ID

# List all subscriptions
az account list --output table

# Get current subscription
az account show --query id --output tsv

Usage Examples

Once installed, you can use natural language queries in VS Code:

  • "Show me all virtual machines in my Azure subscription"
  • "List storage accounts with public access enabled"
  • "Find resources without tags"
  • "Show me all resources in the East US region"
  • "List all App Services with HTTPS only disabled"

Advanced KQL Queries

You can also use direct KQL queries:

Resources
| where type =~ "microsoft.compute/virtualmachines"
| where properties.storageProfile.osDisk.managedDisk.storageAccountType !~ "Premium_LRS"
| project name, location, resourceGroup, vmSize=properties.hardwareProfile.vmSize

Security Queries

The server includes built-in security-focused queries:

  • Resources with public endpoints
  • Unencrypted storage accounts
  • VMs without managed disks
  • Resources missing required tags
  • Non-compliant network security groups

Troubleshooting

Authentication Issues

# Ensure you're logged in
az login

# Check current account
az account show

Permission Issues

Ensure your account has at least Reader role on the subscription you want to query.

MCP Server Not Starting

  1. Check VS Code Developer Console for errors
  2. Verify Node.js is installed: node --version
  3. Test manual installation: npx @krnese/azure-resource-graph-mcp@latest

Development

To contribute or modify the server:

git clone https://github.com/krnese/AzResourceGraphMCP.git
cd AzResourceGraphMCP
npm install
npm start

License

MIT License - see file for details.