Kiro Powers are curated bundles of MCP servers, documentation, and workflow guides that extend AI coding assistants with domain-specific capabilities. This repository provides Azure-focused powers for cloud infrastructure design, operations, and monitoring.
The powers follow the natural developer workflow: Design → Build/Operate → Observe.
┌─────────────────┐ ┌──────────────────┐ ┌───────────────────┐
│ azure-architect │ ──▶ │ azure-operations │ ──▶ │ azure-monitoring │
│ │ │ │ │ │
│ "Design it" │ │ "Build & run it" │ │ "Watch & fix it" │
│ No auth needed │ │ az login (r/w) │ │ az login (r/o) │
└─────────────────┘ └──────────────────┘ └───────────────────┘
Start here when planning new infrastructure. Get Bicep schemas, Terraform best practices, and architecture recommendations—all without needing Azure authentication.
Example tasks:
- "What's the Bicep schema for a storage account?"
- "Generate a deployment plan for a web app with database"
- "What are the best practices for AKS networking?"
Once your design is ready, use this power to create and manage resources. Requires az login with read/write permissions.
Example tasks:
- "List my storage accounts"
- "Show Key Vault secrets in my subscription"
- "List role assignments for this resource group"
- "Show Azure Advisor recommendations for cost savings"
Monitor your running infrastructure and troubleshoot issues. Requires az login with read-only permissions.
Example tasks:
- "Query the last hour of errors from Log Analytics"
- "Show CPU metrics for my AKS cluster"
- "Check resource health for my App Service"
| Power | Description | Auth Required |
|---|---|---|
| azure-architect | Design infrastructure with Bicep schemas, Terraform patterns, architecture guidance, Azure docs | Optional* |
| azure-operations | Manage resources - storage, databases, RBAC, policy, cost optimization | az login (r/w) |
| azure-monitoring | Observe & troubleshoot with Log Analytics, metrics, alerts, health | az login (r/o) |
*Azure MCP design-time tools may require authentication for some operations. Microsoft Docs tools work without authentication.
# Check Node.js (required)
node --version
# Expected: v20.0.0 or higher
# Check Azure CLI (required for azure-operations and azure-monitoring)
az --version
# Expected: azure-cli 2.50.0 or higherNot installed?
# Interactive login (required for azure-operations and azure-monitoring)
az login
# Set your default subscription (optional)
az account set --subscription "Your Subscription Name"
# Verify
az account show --query "{name:name, id:id}" -o table- Open Kiro
- Open the Powers panel (click Powers icon in sidebar)
- Click "Add Custom Power"
- Select the power folder (e.g.,
azure-architect) - Click "Add"
After installing azure-architect, try:
"What's the Bicep schema for a storage account?"
"Generate a deployment plan for a web app with database"
| Your Goal | Install These Powers |
|---|---|
| Full Azure workflow | All three powers |
| Design only | azure-architect |
| Manage resources | azure-operations |
| Troubleshoot issues | azure-monitoring |
| Role | Recommended Powers |
|---|---|
| Developer | azure-operations |
| Platform Engineer | All three powers |
| SRE / Operations | azure-operations + azure-monitoring |
| Security Engineer | azure-operations (includes RBAC & Policy) |
| FinOps / Cost Analyst | azure-operations (includes Advisor) |
| Power | Authentication | Permissions |
|---|---|---|
| azure-architect | Optional (az login) |
Design-time tools may work without auth; Microsoft Docs requires none |
| azure-operations | az login |
Read/Write |
| azure-monitoring | az login |
Read-only |
Design infrastructure without authentication. Get Bicep schemas, Terraform best practices, architecture recommendations, and Azure documentation.
Namespaces: bicepschema, deploy, get_bestpractices, azureterraformbestpractices, cloudarchitect, group, subscription
Additional MCP Server: Microsoft Docs (https://learn.microsoft.com/api/mcp) for Azure documentation search
Steering Files:
iac-workflows.md- IaC tool selection, Bicep/Terraform patternsnetworking-patterns.md- Network design patterns, NSG rules
Manage Azure resources with read/write access. Combines resource management, identity, security policy, and cost tools.
Namespaces: storage, keyvault, cosmos, sql, postgres, mysql, redis, aks, acr, functionapp, appservice, eventhubs, servicebus, eventgrid, signalr, role, policy, advisor, quota
Steering Files:
operations-best-practices.md- Resource management patterns, naming conventionssecurity-guidelines.md- RBAC patterns, policy compliance
Query logs and metrics for observability and troubleshooting with read-only access.
Namespaces: monitor, applicationinsights, grafana, workbooks, resourcehealth
Steering Files:
monitoring-workflows.md- KQL patterns, troubleshooting workflowskql-patterns.md- Common KQL queries, performance optimization
| Error | Solution |
|---|---|
AADSTS700016: Application not found |
Run az login to re-authenticate |
InvalidAuthenticationToken |
Token expired - run az login again |
AuthorizationFailed |
Check RBAC permissions on the resource |
SubscriptionNotFound |
Run az account list to verify access |
| Error | Solution |
|---|---|
| Server won't start | Verify Node.js 20+ is installed |
| Tools not loading | Check namespace configuration in mcp.json |
| Timeout errors | Network issue - check connectivity to Azure |
| Tool name not found | Azure MCP tools use azmcp_ prefix (e.g., azmcp_storage_account_list) |
# Re-authenticate
az login
# Clear npm cache (if npx fails)
npm cache clean --force
# Verify Azure CLI works
az group list -o table- Azure MCP Server Documentation - Official documentation
- Microsoft MCP Repository - Source code for Azure MCP and other Microsoft MCP servers
- Microsoft Learn MCP Server - Documentation search MCP
- Kiro Powers - Powers documentation
- Changelog - Version history
MIT