Azure MCP Server

Instructions

Implementation Reference

• src/AzureServer.ts:457-459 (registration)

  Switch case in handleCallTool that registers and routes the 'get-role-definitions' tool call to its handler function.
  case "get-role-definitions": result = await this.handleGetRoleDefinitions(args); break;
• src/AzureServer.ts:268-282 (schema)

  Tool schema definition returned by listTools, specifying the name, description, and input schema (optional scope parameter).
  { name: "get-role-definitions", description: "List available role definitions", inputSchema: { type: "object", properties: { scope: { type: "string", description: "Scope for role definitions. Leave empty for subscription level.", }, }, required: [], }, },
• src/AzureServer.ts:730-774 (handler)

  Primary handler implementation that parses input arguments, lists role definitions using Azure AuthorizationManagementClient.roleDefinitions.list(), formats the results, and handles errors.
  private async handleGetRoleDefinitions(args: any) { const { scope } = z .object({ scope: z.string().optional(), }) .parse(args); if (!this.context.authorizationClient) { throw new AzureMCPError( "Authorization client not initialized", "NO_CLIENT" ); } try { const roleDefinitions = []; const definitionScope = scope || `/subscriptions/${this.context.selectedSubscription}`; for await (const definition of this.context.authorizationClient.roleDefinitions.list( definitionScope )) { roleDefinitions.push({ id: definition.id, name: definition.name, roleName: definition.roleName, description: definition.description, type: definition.type, permissions: definition.permissions?.map((p) => ({ actions: p.actions, notActions: p.notActions, dataActions: p.dataActions, notDataActions: p.notDataActions, })), }); } return { roleDefinitions, total: roleDefinitions.length }; } catch (error) { this.logWithContext("error", `Error getting role definitions: ${error}`, { error, }); throw new AzureResourceError(`Failed to get role definitions: ${error}`); } }