Azure Infra

基于聊天的 Azure 基础设施辅助工具，利用 Azure CLI 和门户上下文。用于查询、审计和监控 Azure 资源（VM、存储、IAM、Functions、AKS、应用服务、Key Vault、Azure Monitor、计费等），并在执行写入或破坏性操作前明确确认以提出安全变更建议。

Azure Infra

Overview

Use the local Azure CLI to answer questions about Azure resources. Default to read‑only queries. Only propose or run write/destructive actions after explicit user confirmation.

Quick Start

Ensure login: az account show (if not logged in, run az login --use-device-code).
If multiple subscriptions exist, ask the user to pick one; otherwise use the default subscription.
Use read‑only commands to answer the question.
If the user asks for changes, outline the exact command and ask for confirmation before running.

Safety Rules (must follow)

Treat all actions as read‑only unless the user explicitly requests a change and confirms it.
For any potentially destructive change (delete/terminate/destroy/modify/scale/billing/IAM credentials), require a confirmation step.
Prefer --dry-run when available and show the plan before execution.
Never reveal or log secrets (keys, client secrets, tokens).

Task Guide (common requests)

Inventory / list: use list/show/get commands.
Health / errors: use Azure Monitor metrics/logs queries.
Security checks: RBAC roles, public storage, NSG exposure, Key Vault access.
Costs: Cost Management (read‑only).
Changes: show exact CLI command and require confirmation.

Subscription & Tenant Handling

If the user specifies a subscription/tenant, honor it.
Otherwise use the default subscription from az account show.
When results are subscription‑scoped, state the subscription used.

References

See references/azure-cli-queries.md for common command patterns.

Assets

assets/icon.svg — custom icon (dark cloud + terminal prompt, Azure‑blue accent)