How do I install azure-compliance?

Run `npx skills add https://github.com/microsoft/azure-skills --skill azure-compliance` in your terminal. You need to have run `npx skills init` once in your project first.

Which agent frameworks does azure-compliance support?

azure-compliance works with any agent framework supported by the Skills registry, including Claude Code, Cursor, GitHub Copilot, Cline, Codex, and Gemini CLI.

Is azure-compliance free to use?

Yes. azure-compliance is free to install and use. It is available from the open explainx.ai skill registry published by microsoft.

Where can I read ratings and reviews for azure-compliance?

Community ratings and review text appear on this explainx.ai skill page below the description. Reviews use a 1–5 scale and may include short written feedback from signed-in members.

Cloud

azure-compliance▌

microsoft/azure-skills · updated Apr 8, 2026

$npx skills add https://github.com/microsoft/azure-skills --skill azure-compliance

0 commentsdiscussion

summary

Azure compliance scanning, Key Vault expiration auditing, and resource configuration validation.

›Runs azqr (Azure Quick Review) for comprehensive compliance assessment against best practices across subscriptions and resource groups
›Monitors Key Vault keys, secrets, and certificates for expiration dates and identifies items without expiration policies
›Detects orphaned, misconfigured, and non-compliant resources using Resource Graph queries
›Classifies findings by priority (Critical,

skill.md

Azure Compliance & Security Auditing

Quick Reference

Property	Details
Best for	Compliance scans, security audits, Key Vault expiration checks
Primary capabilities	Comprehensive Resources Assessment, Key Vault Expiration Monitoring
MCP tools	azqr, subscription and resource group listing, Key Vault item inspection

When to Use This Skill

Run azqr or Azure Quick Review for compliance assessment
Validate Azure resource configuration against best practices
Identify orphaned or misconfigured resources
Audit Key Vault keys, secrets, and certificates for expiration

Skill Activation Triggers

Activate this skill when user wants to:

Check Azure compliance or best practices
Assess Azure resources for configuration issues
Run azqr or Azure Quick Review
Identify orphaned or misconfigured resources
Review Azure security posture
"Show me expired certificates/keys/secrets in my Key Vault"
"Check what's expiring in the next 30 days"
"Audit my Key Vault for compliance"
"Find secrets without expiration dates"
"Check certificate expiration dates"

Prerequisites

Authentication: user is logged in to Azure via az login
Permissions to read resource configuration and Key Vault metadata

Assessments

Assessment	Reference
Comprehensive Compliance (azqr)	references/azure-quick-review.md
Key Vault Expiration	references/azure-keyvault-expiration-audit.md
Resource Graph Queries	references/azure-resource-graph.md

MCP Tools

Tool	Purpose
`mcp_azure_mcp_extension_azqr`	Run azqr compliance scans
`mcp_azure_mcp_subscription_list`	List available subscriptions
`mcp_azure_mcp_group_list`	List resource groups
`keyvault_key_list`	List all keys in vault
`keyvault_key_get`	Get key details including expiration
`keyvault_secret_list`	List all secrets in vault
`keyvault_secret_get`	Get secret details including expiration
`keyvault_certificate_list`	List all certificates in vault
`keyvault_certificate_get`	Get certificate details including expiration

Assessment Workflow

Select scope (subscription or resource group) for Comprehensive Resources Assessment.
Run azqr and capture output artifacts.
Analyze Scan Results and summarize findings and recommendations.
Review Key Vault Expiration Monitoring output for keys, secrets, and certificates.
Classify issues and propose remediation or fix steps for each finding.

Priority Classification

Priority	Guidance
Critical	Immediate remediation required for high-impact exposure
High	Resolve within days to reduce risk
Medium	Plan a resolution in the next sprint
Low	Track and fix during regular maintenance

Error Handling

Error	Message	Remediation
Authentication required	"Please login"	Run `az login` and retry
Access denied	"Forbidden"	Confirm permissions and fix role assignments
Missing resource	"Not found"	Verify subscription and resource group selection

Best Practices

Run compliance scans on a regular schedule (weekly or monthly)
Track findings over time and verify remediation effectiveness
Separate compliance reporting from remediation execution
Keep Key Vault expiration policies documented and enforced

SDK Quick References

For programmatic Key Vault access, see the condensed SDK guides:

Key Vault (Python): Secrets/Keys/Certs
Secrets: TypeScript | Rust | Java
Keys: .NET | Java | TypeScript | Rust
Certificates: Rust

Discussion

Product Hunt–style comments (not star reviews)

No comments yet — start the thread.

general reviews

Ratings

4.7★★★★★37 reviews

★★★★★Shikha Mishra· Dec 16, 2024
azure-compliance reduced setup friction for our internal harness; good balance of opinion and flexibility.
★★★★★Sakura Kim· Dec 16, 2024
I recommend azure-compliance for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
★★★★★Nia Yang· Dec 8, 2024
Solid pick for teams standardizing on skills: azure-compliance is focused, and the summary matches what you get after install.
★★★★★Meera Rahman· Nov 27, 2024
We added azure-compliance from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.
★★★★★Yash Thakker· Nov 7, 2024
I recommend azure-compliance for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
★★★★★Aarav Tandon· Nov 7, 2024
azure-compliance reduced setup friction for our internal harness; good balance of opinion and flexibility.
★★★★★Dhruvi Jain· Oct 26, 2024
Useful defaults in azure-compliance — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
★★★★★Naina Bhatia· Oct 18, 2024
azure-compliance fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
★★★★★Oshnikdeep· Sep 5, 2024
azure-compliance has been reliable in day-to-day use. Documentation quality is above average for community skills.
★★★★★Arjun Jain· Sep 5, 2024
Registry listing for azure-compliance matched our evaluation — installs cleanly and behaves as described in the markdown.

showing 1-10 of 37

1 / 4