azure-rbac
Find least-privilege Azure RBAC roles and generate CLI/Bicep to assign them.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for azure-rbac, derived from its capabilities.
AIVSS 6.6 ยท Medium
View MAESTRO 7-layer threat model โOverview
A Microsoft azure-skills plugin skill that helps pick the correct least-privilege Azure RBAC role for an identity, then generates the CLI commands and Bicep code to assign it, plus guidance on permissions needed to grant roles. Security-relevant: it produces identity/permission-granting infrastructure code.
Key features
- Least-privilege role selection
- CLI + Bicep assignment generation
- Grant-permission guidance
Use cases
- Choosing an RBAC role for a managed identity
- Generating a Bicep role assignment