azure-admin
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseAzure Administration Skill
Azure 管理技能
Overview
概述
This skill provides comprehensive Azure administration capabilities, covering identity management, resource orchestration, CLI tooling, and DevOps automation. It integrates Microsoft's Azure ecosystem including Azure CLI (az), Azure Developer CLI (azd), Entra ID (formerly Azure AD), and Azure MCP (Model Context Protocol) for AI-powered workflows.
Core Capabilities:
- Identity & Access Management: User provisioning, RBAC, service principals, managed identities
- Resource Management: Subscriptions, resource groups, ARM templates, Bicep deployments
- CLI & Tooling: az CLI patterns, azd workflows, PowerShell integration
- MCP Integration: Azure MCP server for AI-driven Azure operations
- DevOps Automation: CI/CD pipelines, infrastructure as code, deployment strategies
- Cost & Governance: Budget management, policy enforcement, compliance
Target Audience:
- Cloud administrators managing Azure environments
- DevOps engineers automating Azure deployments
- Security teams implementing RBAC and compliance
- Developers using Azure services and MCP integration
Philosophy Alignment:
This skill follows amplihack principles: ruthless simplicity, working code only, clear module boundaries, and systematic workflows.
本技能提供全面的Azure管理功能,涵盖身份管理、资源编排、CLI工具及DevOps自动化。它集成了微软Azure生态系统,包括Azure CLI(az)、Azure Developer CLI(azd)、Entra ID(原Azure AD)以及用于AI驱动工作流的Azure MCP(Model Context Protocol)。
核心功能:
- 身份与访问管理:用户配置、RBAC、服务主体、托管标识
- 资源管理:订阅、资源组、ARM模板、Bicep部署
- CLI与工具:az CLI模式、azd工作流、PowerShell集成
- MCP集成:用于AI驱动Azure操作的Azure MCP服务器
- DevOps自动化:CI/CD流水线、基础设施即代码、部署策略
- 成本与治理:预算管理、策略执行、合规性
目标受众:
- 管理Azure环境的云管理员
- 自动化Azure部署的DevOps工程师
- 实施RBAC和合规性的安全团队
- 使用Azure服务和MCP集成的开发人员
理念对齐:
本技能遵循amplihack原则:极致简洁、仅保留可运行代码、清晰的模块边界和系统化工作流。
Quick Reference Matrix
快速参考矩阵
Common Task Mapping
常见任务映射
| Task | Primary Tool | Secondary Tools | Skill Doc Reference |
|---|---|---|---|
| Create user account | az cli | Entra ID Portal | @docs/user-management.md |
| Assign RBAC role | az cli | Azure Portal | @docs/role-assignments.md |
| Deploy resource group | az cli, Bicep | ARM templates | @docs/resource-management.md |
| Setup service principal | az cli | Portal | @docs/user-management.md#service-principals |
| Enable managed identity | az cli | Portal | @docs/user-management.md#managed-identities |
| Create resource | az cli, azd | Portal, Terraform | @docs/resource-management.md |
| Query resources | az cli --query | JMESPath | @docs/cli-patterns.md#querying |
| Bulk user operations | az cli + bash | PowerShell | @examples/bulk-user-onboarding.md |
| Environment provisioning | azd | az cli, Bicep | @examples/environment-setup.md |
| Audit role assignments | az cli | Azure Policy | @examples/role-audit.md |
| Cost analysis | az cli, Portal | Cost Management API | @docs/cost-optimization.md |
| MCP integration | Azure MCP | az cli | @docs/mcp-integration.md |
| CI/CD pipeline | Azure DevOps | GitHub Actions | @docs/devops-automation.md |
| 任务 | 主要工具 | 次要工具 | 技能文档参考 |
|---|---|---|---|
| 创建用户账户 | az cli | Entra ID 门户 | @docs/user-management.md |
| 分配RBAC角色 | az cli | Azure 门户 | @docs/role-assignments.md |
| 部署资源组 | az cli、Bicep | ARM 模板 | @docs/resource-management.md |
| 设置服务主体 | az cli | 门户 | @docs/user-management.md#service-principals |
| 启用托管标识 | az cli | 门户 | @docs/user-management.md#managed-identities |
| 创建资源 | az cli、azd | 门户、Terraform | @docs/resource-management.md |
| 查询资源 | az cli --query | JMESPath | @docs/cli-patterns.md#querying |
| 批量用户操作 | az cli + bash | PowerShell | @examples/bulk-user-onboarding.md |
| 环境配置 | azd | az cli、Bicep | @examples/environment-setup.md |
| 审计角色分配 | az cli | Azure Policy | @examples/role-audit.md |
| 成本分析 | az cli、门户 | Cost Management API | @docs/cost-optimization.md |
| MCP集成 | Azure MCP | az cli | @docs/mcp-integration.md |
| CI/CD流水线 | Azure DevOps | GitHub Actions | @docs/devops-automation.md |
Command Pattern Reference
命令模式参考
bash
undefinedbash
undefinedIdentity operations
Identity operations
az ad user create --display-name "Jane Doe" --user-principal-name jane@domain.com
az ad sp create-for-rbac --name myServicePrincipal --role Contributor
az ad user create --display-name "Jane Doe" --user-principal-name jane@domain.com
az ad sp create-for-rbac --name myServicePrincipal --role Contributor
Resource operations
Resource operations
az group create --name myResourceGroup --location eastus
az deployment group create --resource-group myRG --template-file main.bicep
az group create --name myResourceGroup --location eastus
az deployment group create --resource-group myRG --template-file main.bicep
RBAC operations
RBAC operations
az role assignment create --assignee user@domain.com --role Reader --scope /subscriptions/xxx
az role assignment list --assignee user@domain.com --all
az role assignment create --assignee user@domain.com --role Reader --scope /subscriptions/xxx
az role assignment list --assignee user@domain.com --all
Query patterns
Query patterns
az vm list --query "[?powerState=='VM running'].{Name:name, RG:resourceGroup}"
az resource list --resource-type "Microsoft.Compute/virtualMachines" --query "[].{name:name, location:location}"
az vm list --query "[?powerState=='VM running'].{Name:name, RG:resourceGroup}"
az resource list --resource-type "Microsoft.Compute/virtualMachines" --query "[].{name:name, location:location}"
Cost management
Cost management
az consumption usage list --start-date 2025-01-01 --end-date 2025-01-31
az costmanagement query --type ActualCost --dataset-aggregation name=Cost,function=Sum
az consumption usage list --start-date 2025-01-01 --end-date 2025-01-31
az costmanagement query --type ActualCost --dataset-aggregation name=Cost,function=Sum
Azure Developer CLI (azd)
Azure Developer CLI (azd)
azd init --template todo-nodejs-mongo
azd up # provision + deploy
azd env list
azd down
undefinedazd init --template todo-nodejs-mongo
azd up # provision + deploy
azd env list
azd down
undefinedTopic 1: Identity & Access Management
主题1:身份与访问管理
Manage Azure identities through Entra ID: users, groups, service principals, managed identities, and RBAC.
Common operations: User creation, group management, role assignment, service principal setup, managed identity configuration, RBAC auditing
See: @docs/user-management.md and @docs/role-assignments.md for complete guides
Quick example:
bash
undefined通过Entra ID管理Azure身份:用户、组、服务主体、托管标识及RBAC。
常见操作: 用户创建、组管理、角色分配、服务主体设置、托管标识配置、RBAC审计
参考: 完整指南请见@docs/user-management.md和@docs/role-assignments.md
快速示例:
bash
undefinedCreate user
Create user
az ad user create --display-name "Jane Doe" --user-principal-name jane@contoso.com --password "SecureP@ssw0rd!"
az ad user create --display-name "Jane Doe" --user-principal-name jane@contoso.com --password "SecureP@ssw0rd!"
Create group and add member
Create group and add member
az ad group create --display-name "Engineering Team" --mail-nickname "engineering"
az ad group member add --group "Engineering Team" --member-id $(az ad user show --id jane@contoso.com --query id -o tsv)
az ad group create --display-name "Engineering Team" --mail-nickname "engineering"
az ad group member add --group "Engineering Team" --member-id $(az ad user show --id jane@contoso.com --query id -o tsv)
Create service principal
Create service principal
az ad sp create-for-rbac --name "myAppSP" --role Contributor --scopes /subscriptions/{sub-id}
az ad sp create-for-rbac --name "myAppSP" --role Contributor --scopes /subscriptions/{sub-id}
Enable managed identity
Enable managed identity
az vm identity assign --name myVM --resource-group myRG
az vm identity assign --name myVM --resource-group myRG
Assign RBAC role
Assign RBAC role
az role assignment create --assignee jane@contoso.com --role Reader --scope /subscriptions/{sub-id}
**Key concepts:**
- **Users & Groups**: Entra ID accounts, group-based permissions
- **Service Principals**: App authentication, certificate-based auth preferred
- **Managed Identities**: Azure-managed credentials, no secret rotation needed
- **RBAC**: Owner, Contributor, Reader, custom roles at multiple scopes
- **Security**: MFA enforcement, least privilege, regular access reviews
**Best practices:**
- Use groups for role assignments (not individual users)
- Prefer managed identities over service principals
- Rotate service principal credentials every 90 days
- Store credentials in Azure Key Vault
- Enable MFA for all administrative accountsaz role assignment create --assignee jane@contoso.com --role Reader --scope /subscriptions/{sub-id}
**核心概念:**
- **用户与组**:Entra ID账户、基于组的权限
- **服务主体**:应用程序身份验证,首选基于证书的身份验证
- **托管标识**:Azure托管凭据,无需密钥轮换
- **RBAC**:所有者、参与者、读者及多范围自定义角色
- **安全性**:MFA强制实施、最小权限原则、定期访问审核
**最佳实践:**
- 使用组进行角色分配(而非单个用户)
- 优先选择托管标识而非服务主体
- 每90天轮换一次服务主体凭据
- 将凭据存储在Azure Key Vault中
- 为所有管理员账户启用MFATopic 2: Resource Management
主题2:资源管理
Organize and deploy Azure resources through subscriptions, resource groups, and infrastructure as code.
Common operations: Resource group creation, tagging strategy, ARM/Bicep deployment, resource locks, multi-region management
See: @docs/resource-management.md for advanced patterns
Quick example:
bash
undefined通过订阅、资源组和基础设施即代码来组织和部署Azure资源。
常见操作: 资源组创建、标记策略、ARM/Bicep部署、资源锁定、多区域管理
参考: 高级模式请见@docs/resource-management.md
快速示例:
bash
undefinedCreate resource group with tags
Create resource group with tags
az group create --name myResourceGroup --location eastus
az group update --name myResourceGroup --tags Environment=Production CostCenter=IT
az group create --name myResourceGroup --location eastus
az group update --name myResourceGroup --tags Environment=Production CostCenter=IT
Deploy Bicep template with validation
Deploy Bicep template with validation
az deployment group validate --resource-group myRG --template-file main.bicep
az deployment group create --resource-group myRG --template-file main.bicep --parameters vmName=myVM
az deployment group validate --resource-group myRG --template-file main.bicep
az deployment group create --resource-group myRG --template-file main.bicep --parameters vmName=myVM
Lock resource group to prevent deletion
Lock resource group to prevent deletion
az lock create --name DontDelete --resource-group myResourceGroup --lock-type CanNotDelete
az lock create --name DontDelete --resource-group myResourceGroup --lock-type CanNotDelete
Query resources by tag
Query resources by tag
az resource list --tag Environment=Production --query "[].{Name:name, Type:type}"
**Resource hierarchy:**
Management Groups (optional)
└── Subscriptions (billing boundary)
└── Resource Groups (logical container)
└── Resources (VMs, databases, storage, etc.)
**Bicep basics:** Declarative IaC with cleaner syntax than ARM templates, transpiles to ARM JSON, modular and reusable.
**Tagging strategy:** Environment, CostCenter, Owner, Application, Criticality, BackupPolicyaz resource list --tag Environment=Production --query "[].{Name:name, Type:type}"
**资源层级:**
管理组(可选)
└── 订阅(计费边界)
└── 资源组(逻辑容器)
└── 资源(虚拟机、数据库、存储等)
**Bicep基础:** 声明式IaC,语法比ARM模板更简洁,可转换为ARM JSON,模块化且可复用。
**标记策略:** Environment、CostCenter、Owner、Application、Criticality、BackupPolicyTopic 3: CLI & Tooling
主题3:CLI与工具
Master Azure CLI (az), Azure Developer CLI (azd), and query patterns for automation.
Common operations: Authentication, JMESPath queries, batch operations, azd workflows, PowerShell integration
See: @docs/cli-patterns.md for advanced scripting
Quick example:
bash
undefined掌握Azure CLI(az)、Azure Developer CLI(azd)及用于自动化的查询模式。
常见操作: 身份验证、JMESPath查询、批量操作、azd工作流、PowerShell集成
参考: 高级脚本请见@docs/cli-patterns.md
快速示例:
bash
undefinedAzure CLI authentication
Azure CLI authentication
az login
az account set --subscription "My Subscription Name"
az account show
az login
az account set --subscription "My Subscription Name"
az account show
JMESPath query patterns
JMESPath query patterns
az vm list --query "[?powerState=='VM running'].{Name:name, RG:resourceGroup}"
az resource list --query "[?contains(name, 'prod')]"
az vm list --query "sort_by([],&name)[0:5]" # Top 5 by name
az vm list --query "[?powerState=='VM running'].{Name:name, RG:resourceGroup}"
az resource list --query "[?contains(name, 'prod')]"
az vm list --query "sort_by([],&name)[0:5]" # Top 5 by name
Azure Developer CLI (azd)
Azure Developer CLI (azd)
azd init --template todo-nodejs-mongo
azd up # provision + deploy in one command
azd env new development
azd monitor --logs
azd down # cleanup
**JMESPath essentials:** Filter `[?condition]`, Project `[].{Name:name}`, Sort `sort_by([],&field)`, Contains `contains(name, 'str')`
**azd structure:** azure.yaml, infra/ (main.bicep), src/ (application code)
**PowerShell:** `Install-Module -Name Az`, `Connect-AzAccount`, `Get-AzVM`azd init --template todo-nodejs-mongo
azd up # provision + deploy in one command
azd env new development
azd monitor --logs
azd down # cleanup
**JMESPath要点:** 过滤`[?condition]`、投影`[].{Name:name}`、排序`sort_by([],&field)`、包含`contains(name, 'str')`
**azd结构:** azure.yaml、infra/(main.bicep)、src/(应用代码)
**PowerShell:** `Install-Module -Name Az`、`Connect-AzAccount`、`Get-AzVM`Topic 4: MCP Integration
主题4:MCP集成
Use Azure MCP (Model Context Protocol) to enable AI-powered Azure operations through Claude Code and other AI workflows.
Common operations: List resources via MCP, query resource properties, execute az commands through MCP, AI-driven automation
See: @docs/mcp-integration.md for complete tool reference
Quick setup:
Install and configure:
bash
npm install -g @modelcontextprotocol/server-azureAdd to :
~/.config/claude-code/mcp.jsonjson
{
"mcpServers": {
"azure": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-azure"],
"env": {
"AZURE_SUBSCRIPTION_ID": "your-subscription-id"
}
}
}
}Available MCP tools:
- : List resources by type/filter
azure_list_resources - : Get detailed resource info
azure_get_resource - : List Entra ID users
azure_list_users - : List RBAC assignments
azure_list_role_assignments - : Execute Azure Resource Graph queries
azure_query - : Execute arbitrary az CLI commands
azure_cli
Usage example:
Ask Claude Code: "Show me all running VMs in my subscription"
Claude Code uses MCP tool:
json
{
"tool": "azure_list_resources",
"parameters": {
"resourceType": "Microsoft.Compute/virtualMachines",
"filter": "powerState eq 'VM running'"
}
}使用Azure MCP(Model Context Protocol)通过Claude Code及其他AI工作流启用AI驱动的Azure操作。
常见操作: 通过MCP列出资源、查询资源属性、通过MCP执行az命令、AI驱动的自动化
参考: 完整工具参考请见@docs/mcp-integration.md
快速设置:
安装并配置:
bash
npm install -g @modelcontextprotocol/server-azure添加至:
~/.config/claude-code/mcp.jsonjson
{
"mcpServers": {
"azure": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-azure"],
"env": {
"AZURE_SUBSCRIPTION_ID": "your-subscription-id"
}
}
}
}可用MCP工具:
- :按类型/过滤器列出资源
azure_list_resources - :获取详细资源信息
azure_get_resource - :列出Entra ID用户
azure_list_users - :列出RBAC分配
azure_list_role_assignments - :执行Azure资源图查询
azure_query - :执行任意az CLI命令
azure_cli
使用示例:
询问Claude Code:"显示我订阅中所有运行的VM"
Claude Code使用MCP工具:
json
{
"tool": "azure_list_resources",
"parameters": {
"resourceType": "Microsoft.Compute/virtualMachines",
"filter": "powerState eq 'VM running'"
}
}Topic 5: DevOps Automation
主题5:DevOps自动化
Automate Azure deployments through CI/CD pipelines, infrastructure as code, and GitOps workflows.
Common operations: Azure DevOps pipelines, GitHub Actions integration, Bicep deployments, blue-green deployments, testing
See: @docs/devops-automation.md for advanced patterns
Quick example - Azure DevOps YAML:
yaml
trigger:
- main
pool:
vmImage: "ubuntu-latest"
variables:
azureSubscription: "myServiceConnection"
stages:
- stage: Deploy
jobs:
- deployment: DeployInfra
environment: production
strategy:
runOnce:
deploy:
steps:
- task: AzureResourceManagerTemplateDeployment@3
inputs:
azureResourceManagerConnection: $(azureSubscription)
resourceGroupName: myRG
templateLocation: Linked artifact
csmFile: main.bicepQuick example - GitHub Actions:
yaml
name: Deploy to Azure
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Azure Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Deploy Bicep
uses: azure/arm-deploy@v1
with:
resourceGroupName: myRG
template: ./infra/main.bicepBest practices:
- Version control all IaC in Git
- Create reusable Bicep modules
- Separate parameter files per environment
- Validate templates before deployment (what-if)
- Document architecture decisions
通过CI/CD流水线、基础设施即代码和GitOps工作流自动化Azure部署。
常见操作: Azure DevOps流水线、GitHub Actions集成、Bicep部署、蓝绿部署、测试
参考: 高级模式请见@docs/devops-automation.md
快速示例 - Azure DevOps YAML:
yaml
trigger:
- main
pool:
vmImage: "ubuntu-latest"
variables:
azureSubscription: "myServiceConnection"
stages:
- stage: Deploy
jobs:
- deployment: DeployInfra
environment: production
strategy:
runOnce:
deploy:
steps:
- task: AzureResourceManagerTemplateDeployment@3
inputs:
azureResourceManagerConnection: $(azureSubscription)
resourceGroupName: myRG
templateLocation: Linked artifact
csmFile: main.bicep快速示例 - GitHub Actions:
yaml
name: Deploy to Azure
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Azure Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Deploy Bicep
uses: azure/arm-deploy@v1
with:
resourceGroupName: myRG
template: ./infra/main.bicep最佳实践:
- 在Git中版本控制所有IaC
- 创建可复用的Bicep模块
- 为每个环境分离参数文件
- 部署前验证模板(what-if)
- 记录架构决策
Topic 6: Cost & Governance
主题6:成本与治理
Monitor and optimize Azure spending through cost management, budgets, and policy enforcement.
Common operations: Cost analysis, budget alerts, policy assignment, quota management, resource optimization
See: @docs/cost-optimization.md for detailed strategies
Quick example:
bash
undefined通过成本管理、预算和策略执行来监控和优化Azure支出。
常见操作: 成本分析、预算警报、策略分配、配额管理、资源优化
参考: 详细策略请见@docs/cost-optimization.md
快速示例:
bash
undefinedView current month costs by resource group
View current month costs by resource group
az costmanagement query
--type ActualCost
--dataset-aggregation name=Cost,function=Sum
--dataset-grouping name=ResourceGroup,type=Dimension
--timeframe MonthToDate
--type ActualCost
--dataset-aggregation name=Cost,function=Sum
--dataset-grouping name=ResourceGroup,type=Dimension
--timeframe MonthToDate
az costmanagement query
--type ActualCost
--dataset-aggregation name=Cost,function=Sum
--dataset-grouping name=ResourceGroup,type=Dimension
--timeframe MonthToDate
--type ActualCost
--dataset-aggregation name=Cost,function=Sum
--dataset-grouping name=ResourceGroup,type=Dimension
--timeframe MonthToDate
Get consumption usage details
Get consumption usage details
az consumption usage list
--start-date 2025-01-01
--end-date 2025-01-31
--query "[].{Date:usageStart, Service:meterName, Cost:pretaxCost}"
--start-date 2025-01-01
--end-date 2025-01-31
--query "[].{Date:usageStart, Service:meterName, Cost:pretaxCost}"
az consumption usage list
--start-date 2025-01-01
--end-date 2025-01-31
--query "[].{Date:usageStart, Service:meterName, Cost:pretaxCost}"
--start-date 2025-01-01
--end-date 2025-01-31
--query "[].{Date:usageStart, Service:meterName, Cost:pretaxCost}"
Assign policy to enforce tagging
Assign policy to enforce tagging
az policy assignment create
--name "require-tag-environment"
--policy "require-tag-on-resources"
--params '{"tagName":{"value":"Environment"}}'
--resource-group myRG
--name "require-tag-environment"
--policy "require-tag-on-resources"
--params '{"tagName":{"value":"Environment"}}'
--resource-group myRG
az policy assignment create
--name "require-tag-environment"
--policy "require-tag-on-resources"
--params '{"tagName":{"value":"Environment"}}'
--resource-group myRG
--name "require-tag-environment"
--policy "require-tag-on-resources"
--params '{"tagName":{"value":"Environment"}}'
--resource-group myRG
Check VM quota usage
Check VM quota usage
az vm list-usage --location eastus --output table
**Cost optimization strategies:**
1. Right-size resources (use appropriate VM sizes)
2. Reserved instances (30-70% savings for 1-3 year commits)
3. Spot instances for fault-tolerant workloads
4. Auto-shutdown schedules for non-production
5. Storage tiering (move cold data to Archive)
6. Regular cleanup of unused resources
**Azure Policy use cases:**
- Require tags on resources
- Restrict resource locations
- Limit allowed VM SKUs
- Enforce encryption at rest
- Audit complianceaz vm list-usage --location eastus --output table
**成本优化策略:**
1. 合理调整资源大小(使用合适的VM规格)
2. 预留实例(1-3年承诺可节省30-70%成本)
3. 临时实例用于容错工作负载
4. 非生产环境自动关机计划
5. 存储分层(将冷数据移至归档层)
6. 定期清理未使用资源
**Azure Policy用例:**
- 要求资源添加标记
- 限制资源位置
- 限制允许的VM SKU
- 强制静态加密
- 审计合规性Troubleshooting
故障排除
Common Issues
常见问题
Authentication Errors:
bash
az logout && az login --use-device-code
az account show # Verify tenant and subscriptionPermission Denied:
- Check RBAC:
az role assignment list --assignee {user-or-sp} - Verify resource provider:
az provider list --query "[?registrationState=='NotRegistered']" - Confirm proper scope (subscription vs resource group)
Resource Not Found:
- Verify subscription context:
az account show - Check resource group exists:
az group exists --name {rg-name} - Search across subscriptions:
az resource list --name {resource-name}
Quota Exceeded:
bash
az vm list-usage --location eastus --output table身份验证错误:
bash
az logout && az login --use-device-code
az account show # Verify tenant and subscription权限被拒绝:
- 检查RBAC:
az role assignment list --assignee {user-or-sp} - 验证资源提供程序:
az provider list --query "[?registrationState=='NotRegistered']" - 确认正确的范围(订阅 vs 资源组)
资源未找到:
- 验证订阅上下文:
az account show - 检查资源组是否存在:
az group exists --name {rg-name} - 跨订阅搜索:
az resource list --name {resource-name}
配额超出:
bash
az vm list-usage --location eastus --output tableRequest quota increase through Azure Portal or support ticket
Request quota increase through Azure Portal or support ticket
**CLI Tool Issues:**
- Update to latest: `az upgrade`
- Clear cache: `rm -rf ~/.azure/`
- Reinstall extensions: `az extension list-available`
**See:** @docs/troubleshooting.md for comprehensive debugging guide
**CLI工具问题:**
- 更新至最新版本:`az upgrade`
- 清除缓存:`rm -rf ~/.azure/`
- 重新安装扩展:`az extension list-available`
**参考:** 全面调试指南请见@docs/troubleshooting.mdCertification Path
认证路径
Azure Administrator Associate (AZ-104):
- Prerequisites: 6 months hands-on Azure experience
- Domains: Identity, governance, storage, compute, networking, monitoring
- Study Resources: @references/az-104-guide.md
- Practice: Azure free account, Microsoft Learn labs
Next Steps:
- Azure Solutions Architect Expert (AZ-305)
- Azure DevOps Engineer Expert (AZ-400)
- Azure Security Engineer Associate (AZ-500)
Azure管理员助理(AZ-104):
- 先决条件:6个月Azure实操经验
- 领域:身份、治理、存储、计算、网络、监控
- 学习资源:@references/az-104-guide.md
- 实践:Azure免费账户、Microsoft Learn实验室
下一步:
- Azure解决方案架构师专家(AZ-305)
- Azure DevOps工程师专家(AZ-400)
- Azure安全工程师助理(AZ-500)
Further Learning
进一步学习
Documentation:
- @docs/user-management.md - Complete user and identity operations
- @docs/role-assignments.md - RBAC patterns and custom roles
- @docs/resource-management.md - Advanced resource operations
- @docs/mcp-integration.md - MCP tools and workflows
- @docs/cli-patterns.md - Advanced CLI scripting
- @docs/devops-automation.md - CI/CD and GitOps
- @docs/cost-optimization.md - Cost management strategies
- @docs/troubleshooting.md - Debugging and resolution
Examples:
- @examples/bulk-user-onboarding.md - Automated user provisioning
- @examples/environment-setup.md - Complete environment deployment
- @examples/role-audit.md - RBAC compliance auditing
- @examples/mcp-workflow.md - AI-powered Azure operations
References:
- @references/microsoft-learn.md - Official learning paths
- @references/az-104-guide.md - Certification preparation
- @references/api-references.md - API and SDK documentation
文档:
- @docs/user-management.md - 完整的用户和身份操作
- @docs/role-assignments.md - RBAC模式和自定义角色
- @docs/resource-management.md - 高级资源操作
- @docs/mcp-integration.md - MCP工具和工作流
- @docs/cli-patterns.md - 高级CLI脚本
- @docs/devops-automation.md - CI/CD和GitOps
- @docs/cost-optimization.md - 成本管理策略
- @docs/troubleshooting.md - 调试和解决方法
示例:
- @examples/bulk-user-onboarding.md - 自动化用户配置
- @examples/environment-setup.md - 完整环境部署
- @examples/role-audit.md - RBAC合规性审计
- @examples/mcp-workflow.md - AI驱动的Azure操作
参考:
- @references/microsoft-learn.md - 官方学习路径
- @references/az-104-guide.md - 认证准备
- @references/api-references.md - API和SDK文档