How do I install azure-rbac?

Run `npx skills add https://github.com/microsoft/azure-skills --skill azure-rbac` in your terminal. You need to have run `npx skills init` once in your project first.

Which agent frameworks does azure-rbac support?

azure-rbac works with any agent framework supported by the Skills registry, including Claude Code, Cursor, GitHub Copilot, Cline, Codex, and Gemini CLI.

Is azure-rbac free to use?

Yes. azure-rbac is free to install and use. It is available from the open Skills registry published by microsoft.

Cloud

azure-rbac▌

Name: azure-rbac
Availability: InStock
Author: microsoft

microsoft/azure-skills · updated Apr 8, 2026

$npx skills add https://github.com/microsoft/azure-skills --skill azure-rbac

summary

Find minimal Azure RBAC roles, generate assignment commands, and provide Bicep infrastructure code.

›Identifies built-in roles matching desired permissions using Azure documentation, or creates custom role definitions when no built-in role fits
›Generates Azure CLI commands and Bicep code snippets for assigning roles to identities, service principals, and managed identities
›Clarifies prerequisites for granting roles, including which permissions ( Microsoft.Authorization/roleAssignments

skill.md

23:T4cb,Use the 'azure__documentation' tool to find the minimal role definition that matches the desired permissions the user wants to assign to an identity. If no built-in role matches the desired permissions, use the 'azure__extension_cli_generate' tool to create a custom role definition with the desired permissions. Then use the 'azure__extension_cli_generate' tool to generate the CLI commands needed to assign that role to the identity. Finally, use the 'azure__bicepschema' and 'azure__get_azure_bestpractices' tools to provide a Bicep code snippet for adding the role assignment. If user is asking about role necessary to set access, refer to Prerequisites for Granting Roles down below:

<h2>Prerequisites for Granting Roles</h2> To assign RBAC roles to identities, you need a role that includes the <code>Microsoft.Authorization/roleAssignments/write</code> permission. The most common roles with this permission are: <ul> <li>User Access Administrator (least privilege - recommended for role assignment only)</li> <li>Owner (full access including role assignment)</li> <li>Custom Role with <code>Microsoft.Authorization/roleAssignments/write</code></li> </ul>1d:["$","div",null,{"className":"prose prose-invert max-w-none prose-headings:font-semibold prose-headings:tracking-tight prose-h1:text-4xl prose-h1:mb-2 prose-h2:text-2xl prose-h2:mb-2 prose-h3:text-lg prose-h3:mb-2 prose-p:text-muted-foreground prose-li:text-muted-foreground prose-code:bg-muted prose-code:text-foreground prose-code:px-1 prose-code:py-0.5 prose-code:rounded-sm prose-code:text-sm prose-code:before:content-none prose-code:after:content-none prose-pre:bg-muted prose-pre:text-foreground prose-pre:border prose-pre:border-border prose-pre:rounded-md [&_table]:!border-[color:var(--border)] [&_th]:!border-[color:var(--border)] [&_td]:!border-[color:var(--border)]","dangerouslySetInnerHTML":{"__html":"$23"}}] 18:[["$","meta","0",{"charSet":"utf-8"}],["$","meta","1",{"name":"viewport","content":"width=device-width, initial-scale=1"}]] 16:null