Back to Skills
Skill

azure-lighthouse

Expert knowledge for Azure Lighthouse development including decision making, security, configuration, integrations & coding patterns, and deployment. Use when building, debugging, or optimizing Azure Lighthouse applications. Not for Azure Arc (use azure-arc), Azure Managed Applications (use azure-managed-applications), Azure Resource Manager (use azure-resource-manager), Azure Role-based access control (use azure-rbac).

From azure
Install
1
Run in your terminal
$
npx claudepluginhub atc-net/atc-agentic-toolkit --plugin azure
Tool Access

This skill uses the workspace's default tool permissions.

Skill Content

Azure Lighthouse Skill

This skill provides expert guidance for Azure Lighthouse. Covers decision making, security, configuration, integrations & coding patterns, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.

How to Use This Skill

IMPORTANT for Agent: This file may be large. Use the Category Index below to locate relevant sections, then use read_file with specific line ranges (e.g., L136-L144) to read the sections needed for the user's question This skill requires network access to fetch documentation content. Use mcp_microsoftdocs:microsoft_docs_fetch to retrieve full articles.

  • Fallback: Use the built-in WebFetch tool if the Microsoft Learn MCP server is not available.

Category Index

CategoryLinesDescription
Decision MakingL33-L40Guidance on when and how to use Azure Lighthouse: multi-tenant enterprise setups, ISV SaaS patterns, comparing Lighthouse vs managed apps, and designing Managed Service offers.
SecurityL41-L48Securing Azure Lighthouse: tenant/user/role mapping, RBAC and AOBO controls, PIM and eligible authorizations, and recommended security hardening practices.
ConfigurationL49-L61Configuring and managing Azure Lighthouse delegations: onboarding via ARM/policy, updating/removing access, deploying/using policies (incl. built-ins), remediation with managed identities, and monitoring changes.
Integrations & Coding PatternsL62-L69Cross-tenant integration patterns for managing Arc servers, Sentinel workspaces, Migrate projects, and Monitor Logs at scale using Azure Lighthouse.
DeploymentL70-L73Guidance for packaging, publishing, and managing Azure Lighthouse managed service offers in Azure Marketplace, including requirements, steps, and configuration details.

Decision Making

TopicURL
Use Azure Lighthouse in multi-tenant enterpriseshttps://learn.microsoft.com/en-us/azure/lighthouse/concepts/enterprise
Apply Azure Lighthouse in ISV SaaS scenarioshttps://learn.microsoft.com/en-us/azure/lighthouse/concepts/isv-scenarios
Choose between Azure Lighthouse and managed applicationshttps://learn.microsoft.com/en-us/azure/lighthouse/concepts/managed-applications
Design Managed Service offers for Azure Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/concepts/managed-services-offers

Security

TopicURL
Apply CSP AOBO and Lighthouse security controlshttps://learn.microsoft.com/en-us/azure/lighthouse/concepts/cloud-solution-provider
Implement recommended security practices for Azure Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/concepts/recommended-security-practices
Map tenants, users, and roles for Azure Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/concepts/tenants-users-roles
Configure eligible authorizations and PIM for Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/create-eligible-authorizations

Configuration

TopicURL
Configure policy remediation with managed identities via Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/deploy-policy-remediation
Monitor Azure Lighthouse delegation changes via activity logshttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/monitor-delegation-changes
Onboard customers to Azure Lighthouse with ARMhttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer
Delegate all subscriptions in a management group with policyhttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/onboard-management-group
Deploy Azure Policy across tenants with Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/policy-at-scale
Remove Azure Lighthouse delegations and accesshttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/remove-delegation
Update Azure Lighthouse delegations and role assignmentshttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/update-delegation
Use Azure Lighthouse ARM templates and sampleshttps://learn.microsoft.com/en-us/azure/lighthouse/samples/
Use built-in Azure Policy definitions for Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/samples/policy-reference

Integrations & Coding Patterns

TopicURL
Integrate Azure Lighthouse with Azure Arc at scalehttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/manage-hybrid-infrastructure-arc
Manage Microsoft Sentinel workspaces at scale with Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/manage-sentinel-workspaces
Manage Azure Migrate projects across tenants with Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/migration-at-scale
Use Azure Monitor Logs across tenants via Lighthousehttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/monitor-at-scale

Deployment

TopicURL
Publish Azure Lighthouse Managed Service offershttps://learn.microsoft.com/en-us/azure/lighthouse/how-to/publish-managed-services-offers
Similar Skills
Stats
Parent Repo Stars0
Parent Repo Forks1
Last CommitMar 19, 2026
Actions
View SourceView PluginView on GitHubView README