Provides tools for managing Azure PostgreSQL Flexible Server instances, including listing servers, databases, and parameters, querying table schemas, and executing SQL queries.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Azure Omni-Tool MCP Serverlist all storage containers in my production resource group"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Azure Omni-Tool MCP Server
A Model Context Protocol (MCP) server in TypeScript that acts as an intelligent bridge between natural language requests and Azure CLI execution.
Features
✅ Plan/Execute Flow - Review commands before execution
✅ Safety Guardrails - Shell injection detection, destructive command warnings
✅ Audit Trail - Operator email tagging for traceability
✅ Retry Logic - Exponential backoff for transient failures
✅ Caching - LRU cache with configurable TTL
✅ Tenant Scoping - Configure tenant/subscription via environment
✅ Azure Service Adapters - Type-safe access to 8 Azure services
Architecture Overview
flowchart TB
subgraph Client["🖥️ Client Layer"]
LLM[LLM / AI Agent]
end
subgraph MCP["⚙️ MCP Server"]
direction TB
Entry[index.ts]
subgraph Tools["Tools"]
T1[manage_azure_resources]
T2[get_azure_context]
T3[azure_service]
end
subgraph Lib["Core Libraries"]
Auth[auth.ts]
Cache[cache.ts]
CLI[cli-executor.ts]
Retry[retry.ts]
Safety[safety.ts]
Audit[audit.ts]
end
subgraph Services["Service Adapters"]
S1[StorageService]
S2[CosmosService]
S3[SearchService]
S4[KustoService]
S5[MonitorService]
S6[AppConfigService]
S7[KeyVaultService]
S8[PostgresService]
end
end
subgraph Azure["☁️ Azure"]
AzCLI[Azure CLI]
AzAPI[Azure APIs]
end
LLM -->|MCP Protocol| Entry
Entry --> Tools
Tools --> Lib
Tools --> Services
Services --> Lib
Lib --> AzCLI
Auth --> AzAPIRequest Flow
sequenceDiagram
participant C as Client
participant M as MCP Server
participant S as Safety
participant E as CLI Executor
participant A as Azure
C->>M: Tool Request
M->>S: Validate Input
alt Unsafe Command
S-->>M: Block + Warning
M-->>C: Error Response
else Safe
S-->>M: Approved
M->>E: Execute Command
E->>A: az CLI call
A-->>E: Response
E-->>M: Result + Parse
M-->>C: Structured Output
endPlan/Execute Flow
flowchart LR
A[LLM Client] -->|Natural Language| B[MCP Server]
B --> C{execute_now?}
C -->|false| D[Return Plan]
C -->|true| E[Execute CLI]
E --> F{Success?}
F -->|Yes| G[Return Output]
F -->|No| H[Return Error + Analysis]
H -->|Feedback Loop| AQuick Start
1. Install Dependencies
npm install2. Configure Environment
cp .env.example .env
# Edit .env with your settings3. Build & Run
npm run build
npm startMCP Client Configuration
{
"mcpServers": {
"azure-omni-tool": {
"command": "node",
"args": ["path/to/Azure-mcp/dist/index.js"]
}
}
}Tools
manage_azure_resources
Plan and execute Azure CLI commands with safety checks.
Argument | Type | Description |
| string | Azure CLI command |
| string | Why this command was chosen |
| boolean |
|
get_azure_context
Query Azure environment with caching.
Query Type | Description |
| List accessible subscriptions |
| List resource groups |
| List resources |
| Custom KQL via Resource Graph |
azure_service
Interact with specific Azure services.
Service | Actions |
| list, listContainers, listBlobs, getContainer, listTables, queryTable |
| list, listDatabases, listContainers, query, getContainer |
| list, listIndexes, getIndex, query, getService |
| list, listDatabases, listTables, getSchema, sample, query |
| list, getWorkspace, listTables, query, listMetrics, getMetrics |
| list, getStore, listKeyValues, getKeyValue, setKeyValue, lock, unlock |
| list, getVault, listKeys, getKey, createKey, listSecrets, getSecret, listCertificates |
| list, getServer, listDatabases, listParameters, getParameter, listTables, getTableSchema, query |
Environment Variables
Variable | Description | Default |
| Azure tenant for scoping | - |
| Default subscription | - |
| Email for audit trail | - |
| Operator name | - |
| Logging level |
|
| Enable query caching |
|
| Cache duration |
|
| Cache cleanup interval |
|
| Retry attempts |
|
| Base retry delay |
|
| CLI timeout |
|
| Enable Managed Identity |
|
Project Structure
Azure-mcp/
├── src/
│ ├── index.ts # MCP server entry
│ ├── lib/
│ │ ├── auth.ts # Azure credential management
│ │ ├── audit.ts # Audit trail with correlation IDs
│ │ ├── cache.ts # LRU cache with TTL
│ │ ├── cli-executor.ts # Azure CLI wrapper
│ │ ├── config.ts # Environment config
│ │ ├── logger.ts # Structured JSON logging
│ │ ├── retry.ts # Exponential backoff
│ │ ├── safety.ts # Input sanitization
│ │ └── types.ts # Shared types
│ ├── services/
│ │ ├── base-service.ts # Abstract service base
│ │ ├── storage.ts # Azure Storage
│ │ ├── cosmos.ts # Cosmos DB
│ │ ├── search.ts # AI Search
│ │ ├── kusto.ts # Data Explorer
│ │ ├── monitor.ts # Monitor / Log Analytics
│ │ ├── appconfig.ts # App Configuration
│ │ ├── keyvault.ts # Key Vault
│ │ ├── postgres.ts # PostgreSQL Flexible Server
│ │ └── index.ts # Service factory
│ └── tools/
│ ├── azure-manager.ts # Plan/Execute tool
│ ├── context-retriever.ts # Context queries
│ └── service-tool.ts # Service adapter tool
├── .env.example
├── package.json
└── tsconfig.jsonPrerequisites
Node.js >= 18.0.0
Azure CLI installed and authenticated (
az login)
License
MIT
Resources
Looking for Admin?
Admins can modify the Dockerfile, update the server description, and track usage metrics. If you are the server author, to access the admin panel.