From azure
Expert knowledge for Azure Attestation development including troubleshooting, best practices, security, configuration, and deployment. Use when validating attestation tokens, authoring SGX/TPM policies, configuring policy signers, or securing endpoints, and other Azure Attestation related development tasks. Not for Azure Confidential Computing (use azure-confidential-computing), Azure Virtual Enclaves (use azure-virtual-enclaves), Azure Key Vault (use azure-key-vault), Azure Security (use azure-security).
npx claudepluginhub atc-net/atc-agentic-toolkit --plugin azureThis skill uses the workspace's default tool permissions.
This skill provides expert guidance for Azure Attestation. Covers troubleshooting, best practices, security, configuration, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.
Implements AWS Nitro Enclaves for confidential computing: builds enclave images, configures KMS policies with PCR keys, validates attestation against Nitro PKI, sets up secure vsock channels for sensitive data like PII.
Implements AWS Nitro Enclaves for confidential computing: builds EIF images, configures PCR-based KMS policies, validates attestations via AWS PKI, sets up secure vsock channels for sensitive data.
Outlines requirements for certifying Azure Terraform modules with AVM, including providers, code style, variables, outputs, testing, documentation, and compliance.
Share bugs, ideas, or general feedback.
This skill provides expert guidance for Azure Attestation. Covers troubleshooting, best practices, security, configuration, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.
IMPORTANT for Agent: This file may be large. Use the Category Index below to locate relevant sections, then use
read_filewith specific line ranges (e.g.,L136-L144) to read the sections needed for the user's question This skill requires network access to fetch documentation content. Usemcp_microsoftdocs:microsoft_docs_fetchto retrieve full articles.
WebFetch tool if the Microsoft Learn MCP server is not available.| Category | Lines | Description |
|---|---|---|
| Troubleshooting | L27-L30 | Diagnosing and resolving common Azure Attestation failures, including policy/quote validation errors, configuration issues, and troubleshooting attestation responses and tokens. |
| Best Practices | L32-L39 | Guidance on validating attestation tokens, writing secure attestation policies, and configuring/enforcing SGX and TPM attestation baselines using sample policies. |
| Security | L41-L45 | Using Azure Policy to govern attestation providers, and securing Azure Attestation with private endpoints, firewalls, managed identities, and access control settings |
| Configuration | L47-L62 | Configuring Azure Attestation policies (grammar, versions, claim rules), policy signer certs, and monitoring/logging via Azure Monitor, CLI, PowerShell, and log schema. |
| Deployment | L64-L67 | How to create and configure a private endpoint for Azure Attestation using PowerShell, including network setup and secure access to attestation resources. |
| Topic | URL |
|---|---|
| Troubleshoot common Azure Attestation errors and issues | https://learn.microsoft.com/en-us/azure/attestation/troubleshoot-guide |
| Topic | URL |
|---|---|
| Interpret and validate Azure Attestation tokens with examples | https://learn.microsoft.com/en-us/azure/attestation/attestation-token-examples |
| Author secure and correct Azure Attestation policies | https://learn.microsoft.com/en-us/azure/attestation/author-sign-policy |
| Configure custom TCB baseline enforcement for SGX attestation | https://learn.microsoft.com/en-us/azure/attestation/custom-tcb-baseline-enforcement |
| Use sample SGX attestation policies in Azure | https://learn.microsoft.com/en-us/azure/attestation/policy-examples |
| Use sample TPM attestation policies in Azure | https://learn.microsoft.com/en-us/azure/attestation/tpm-attestation-sample-policies |
| Topic | URL |
|---|---|
| Apply built-in Azure Policy definitions for Attestation | https://learn.microsoft.com/en-us/azure/attestation/policy-reference |
| Secure Azure Attestation with network and identity controls | https://learn.microsoft.com/en-us/azure/attestation/secure-attestation |
| Topic | URL |
|---|---|
| Create Azure Attestation private endpoint with PowerShell | https://learn.microsoft.com/en-us/azure/attestation/private-endpoint-powershell |