Skip to main content
← back to extensions

@dougschaefer/azure

v2026.04.27.1

Azure infrastructure management via az CLI — 23 model types covering compute, networking, data, security, identity, monitoring, DNS, DevOps, and subscription-wide topology with Mermaid diagrams and cost estimation.

Repository

https://github.com/dougschaefer6/swamp-azure

Platforms

linux-x86_64linux-aarch64darwin-x86_64darwin-aarch64

Labels

azurecloudnetworkingvmfirewalldnsdevops

Contents

models

Quality score

How well-documented and verifiable this extension is.

100%

Grade A

  • Has README or module doc2/2earned
  • README has a code example1/1earned
  • README is substantive1/1earned
  • Most symbols documented1/1earned
  • No slow types1/1earned
  • Has description1/1earned
  • At least one platform tag (or universal)1/1earned
  • Two or more platform tags (or universal)1/1earned
  • License declared1/1earned
  • Verified public repository2/2earned

Install

$ swamp extension pull @dougschaefer/azure

Release Notes

Add curated README and LICENSE to tarball (additionalFiles), bringing extension's Swamp Club quality grade from F/B to A-/B.

@dougschaefer/azure-application-gatewayv2026.03.29.1azure/application_gateway.ts
listList all application gateways in a resource group (or subscription).
getGet a single application gateway.
ArgumentTypeDescription
namestringApplication gateway name
resourceGroup?stringResource group name
syncRefresh the stored state of an application gateway without making changes.
ArgumentTypeDescription
namestringApplication gateway name
resourceGroup?stringResource group name
deleteDelete an application gateway.
ArgumentTypeDescription
namestringApplication gateway name
resourceGroup?stringResource group name

Resources

appGateway(infinite)— Azure Application Gateway (L7 load balancer)
@dougschaefer/azure-bastionv2026.03.29.1azure/bastion.ts
listList all Bastion hosts in the subscription.
getGet a single Bastion host.
ArgumentTypeDescription
namestringBastion host name
resourceGroup?stringResource group name
syncRefresh the stored state of a Bastion host without making changes.
ArgumentTypeDescription
namestringBastion host name
resourceGroup?stringResource group name
createCreate a Bastion host. Requires a VNet with an AzureBastionSubnet.
ArgumentTypeDescription
namestringBastion host name
resourceGroup?stringResource group name
locationstringAzure region
deleteDelete a Bastion host.
ArgumentTypeDescription
namestringBastion host name
resourceGroup?stringResource group name

Resources

bastion(infinite)— Azure Bastion host for secure VM access
@dougschaefer/azure-devopsv2026.03.28.1azure/devops.ts

Global Arguments

ArgumentTypeDescription
organizationstringAzure DevOps organization URL. Use: ${{ vault.get('azure-devops', 'ORG_URL') }}
listProjectsList all projects in the organization.
getProjectGet a single project by name.
ArgumentTypeDescription
projectstringProject name
listReposList Git repositories in a project.
ArgumentTypeDescription
project?stringProject name (overrides global)
getRepoGet a single repository by name or ID.
ArgumentTypeDescription
repositorystringRepository name or ID
project?stringProject name (overrides global)
createRepoCreate a new Git repository.
ArgumentTypeDescription
namestringRepository name
project?stringProject name (overrides global)
deleteRepoDelete a Git repository by ID.
ArgumentTypeDescription
idstringRepository ID
project?stringProject name (overrides global)
listPipelinesList pipelines in a project.
ArgumentTypeDescription
project?stringProject name (overrides global)
getPipelineGet a single pipeline by ID.
ArgumentTypeDescription
idnumberPipeline ID
project?stringProject name (overrides global)
runPipelineTrigger a pipeline run.
ArgumentTypeDescription
idnumberPipeline ID
branch?stringSource branch to build
project?stringProject name (overrides global)
listBuildsList recent pipeline builds.
ArgumentTypeDescription
top?numberNumber of builds to return (default 20)
project?stringProject name (overrides global)
getBuildGet a single build by ID.
ArgumentTypeDescription
idnumberBuild ID
project?stringProject name (overrides global)
listWorkItemsQuery work items using WIQL. Defaults to recent items in the project.
ArgumentTypeDescription
wiql?stringWIQL query string
project?stringProject name (overrides global)
getWorkItemGet a single work item by ID.
ArgumentTypeDescription
idnumberWork item ID
project?stringProject name (overrides global)
createWorkItemCreate a new work item.
ArgumentTypeDescription
titlestringWork item title
typestringWork item type (e.g. Bug, Task, User Story)
assignedTo?stringAssigned user
areaPath?stringArea path
description?stringWork item description
project?stringProject name (overrides global)
updateWorkItemUpdate a work item by ID with field/value pairs.
ArgumentTypeDescription
idnumberWork item ID
project?stringProject name (overrides global)

Resources

project(infinite)— Azure DevOps project
repo(infinite)— Azure DevOps Git repository
pipeline(infinite)— Azure DevOps pipeline
build(infinite)— Azure DevOps pipeline build/run
workItem(infinite)— Azure DevOps work item
@dougschaefer/azure-diskv2026.03.29.1azure/disk.ts
listList all managed disks in a resource group (or all in the subscription).
getGet a single managed disk.
ArgumentTypeDescription
namestringDisk name
resourceGroup?stringResource group name
syncRefresh the stored state of a managed disk without making changes.
ArgumentTypeDescription
namestringDisk name
resourceGroup?stringResource group name
listOrphanedList managed disks that are not attached to any VM (diskState is Unattached).
createCreate a managed disk.
ArgumentTypeDescription
namestringDisk name
resourceGroup?stringResource group name
locationstringAzure region
sizeGbnumberDisk size in GB
zone?stringAvailability zone (1, 2, or 3)
deleteDelete a managed disk. Disk must be unattached.
ArgumentTypeDescription
namestringDisk name
resourceGroup?stringResource group name

Resources

disk(infinite)— Azure managed disk
@dougschaefer/azure-dnsv2026.03.28.1azure/dns.ts
listZonesList all DNS zones in a resource group (or all in the subscription if no resource group specified).
getZoneGet a single DNS zone.
ArgumentTypeDescription
namestringDNS zone name
resourceGroup?stringResource group name
createZoneCreate a DNS zone.
ArgumentTypeDescription
namestringDNS zone name, e.g. example.com
resourceGroup?stringResource group name
deleteZoneDelete a DNS zone.
ArgumentTypeDescription
namestringDNS zone name
resourceGroup?stringResource group name
syncZoneRefresh stored state for a DNS zone.
ArgumentTypeDescription
namestringDNS zone name
resourceGroup?stringResource group name
listRecordsList all record sets in a DNS zone.
ArgumentTypeDescription
zoneNamestringDNS zone name
resourceGroup?stringResource group name
getRecordGet a specific record set from a DNS zone.
ArgumentTypeDescription
zoneNamestringDNS zone name
namestringRecord set name (e.g. 'www', '@' for apex)
resourceGroup?stringResource group name
createRecordAdd a record to a record set in a DNS zone. Creates the record set if it does not exist.
ArgumentTypeDescription
zoneNamestringDNS zone name
namestringRecord set name (e.g. 'www', '@' for apex)
resourceGroup?stringResource group name
deleteRecordRemove a single record from a record set in a DNS zone.
ArgumentTypeDescription
zoneNamestringDNS zone name
namestringRecord set name
resourceGroup?stringResource group name
deleteRecordSetDelete an entire record set from a DNS zone.
ArgumentTypeDescription
zoneNamestringDNS zone name
namestringRecord set name
resourceGroup?stringResource group name
exportZoneExport a DNS zone as a zone file. Returns the zone file content as a string.
ArgumentTypeDescription
zoneNamestringDNS zone name
resourceGroup?stringResource group name

Resources

zone(infinite)— Azure DNS zone
recordSet(infinite)— DNS record set within a zone
@dougschaefer/azure-firewallv2026.04.02.1azure/firewall.ts
listList all Azure Firewalls in a resource group (or all in the subscription).
getGet a single Azure Firewall.
ArgumentTypeDescription
namestringFirewall name
resourceGroup?stringResource group name
syncRefresh the stored state of an Azure Firewall without making changes.
ArgumentTypeDescription
namestringFirewall name
resourceGroup?stringResource group name
createCreate an Azure Firewall. Requires a VNet with an AzureFirewallSubnet.
ArgumentTypeDescription
namestringFirewall name
resourceGroup?stringResource group name
locationstringAzure region
vnetNamestringVNet name (must have AzureFirewallSubnet)
deleteDelete an Azure Firewall.
ArgumentTypeDescription
namestringFirewall name
resourceGroup?stringResource group name
listPoliciesList all firewall policies in a resource group.
getPolicyGet a single firewall policy.
ArgumentTypeDescription
namestringFirewall policy name
resourceGroup?stringResource group name
syncPolicyRefresh the stored state of a firewall policy without making changes.
ArgumentTypeDescription
namestringFirewall policy name
resourceGroup?stringResource group name
listRuleCollectionGroupsList all rule collection groups in a firewall policy.
ArgumentTypeDescription
policyNamestringFirewall policy name
resourceGroup?stringResource group name
getRuleCollectionGroupGet a single rule collection group from a firewall policy.
ArgumentTypeDescription
namestringRule collection group name
policyNamestringFirewall policy name
resourceGroup?stringResource group name
createRuleCollectionGroupCreate a rule collection group in a firewall policy.
ArgumentTypeDescription
namestringRule collection group name
policyNamestringFirewall policy name
resourceGroup?stringResource group name
prioritynumberPriority (100-65000, lower = higher priority)
deleteRuleCollectionGroupDelete a rule collection group from a firewall policy.
ArgumentTypeDescription
namestringRule collection group name
policyNamestringFirewall policy name
resourceGroup?stringResource group name
addFilterCollectionAdd a filter rule collection (network or application rules) to an existing rule collection group.
ArgumentTypeDescription
rcgNamestringRule collection group name
policyNamestringFirewall policy name
resourceGroup?stringResource group name
collectionNamestringNew rule collection name
collectionPrioritynumberCollection priority (100-65000)
actionTypeenumFilter action
addNatCollectionAdd a NAT (DNAT) rule collection to an existing rule collection group.
ArgumentTypeDescription
rcgNamestringRule collection group name
policyNamestringFirewall policy name
resourceGroup?stringResource group name
collectionNamestringNew NAT collection name
collectionPrioritynumberCollection priority (100-65000)
ruleNamestringFirst DNAT rule name
sourceAddressesarraySource IP(s) or * for any
destinationAddressesarrayFirewall public IP(s) to match
destinationPortsarrayExternal port(s) to match
translatedAddressstringInternal IP to forward to
translatedPortstringInternal port to forward to
ipProtocolsarrayProtocols
addRuleAdd a rule to an existing rule collection. Supports NatRule, NetworkRule, and ApplicationRule types.
ArgumentTypeDescription
rcgNamestringRule collection group name
policyNamestringFirewall policy name
collectionNamestringExisting rule collection name
resourceGroup?stringResource group name
ruleTypeenumRule type
ruleNamestringRule name
sourceAddressesarraySource IP(s), CIDR(s), or * for any
destinationAddresses?arrayDestination IP(s) or CIDR(s)
destinationPorts?arrayDestination port(s)
ipProtocols?arrayProtocols: TCP, UDP, Any, ICMP
translatedAddress?stringDNAT translated internal IP (NatRule only)
translatedPort?stringDNAT translated internal port (NatRule only)
targetFqdns?arrayTarget FQDNs (ApplicationRule only)
protocols?arrayApp protocols, e.g. Http=80 Https=443 (ApplicationRule only)
description?stringRule description
removeRuleRemove a rule from a rule collection.
ArgumentTypeDescription
rcgNamestringRule collection group name
policyNamestringFirewall policy name
collectionNamestringRule collection name
ruleNamestringRule name to remove
resourceGroup?stringResource group name
removeCollectionRemove an entire rule collection from a rule collection group.
ArgumentTypeDescription
rcgNamestringRule collection group name
policyNamestringFirewall policy name
collectionNamestringRule collection name to remove
resourceGroup?stringResource group name
createPolicyCreate a firewall policy.
ArgumentTypeDescription
namestringPolicy name
resourceGroup?stringResource group name
locationstringAzure region

Resources

firewall(infinite)— Azure Firewall instance
policy(infinite)— Azure Firewall policy
ruleCollectionGroup(infinite)— Firewall policy rule collection group
@dougschaefer/azure-key-vaultv2026.03.29.1azure/key_vault.ts
listList all Key Vaults in a resource group (or all in the subscription).
getGet a single Key Vault.
ArgumentTypeDescription
namestringKey Vault name
resourceGroup?stringResource group name
syncRefresh the stored state of a Key Vault without making changes.
ArgumentTypeDescription
namestringKey Vault name
resourceGroup?stringResource group name
createCreate a Key Vault.
ArgumentTypeDescription
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a Key Vault. If soft delete is enabled, the vault enters a deleted state and can be recovered.
ArgumentTypeDescription
namestringKey Vault name
resourceGroup?stringResource group name

Resources

keyVault(infinite)— Azure Key Vault
@dougschaefer/azure-load-balancerv2026.03.29.1azure/load_balancer.ts
listList all load balancers in a resource group (or all in the subscription).
getGet a single load balancer with full configuration.
ArgumentTypeDescription
namestringLoad balancer name
resourceGroup?stringResource group name
syncRefresh the stored state of a load balancer without making changes.
ArgumentTypeDescription
namestringLoad balancer name
resourceGroup?stringResource group name
createCreate a load balancer.
ArgumentTypeDescription
namestringLoad balancer name
resourceGroup?stringResource group name
locationstringAzure region
deleteDelete a load balancer.
ArgumentTypeDescription
namestringLoad balancer name
resourceGroup?stringResource group name
listBackendPoolsList backend address pools on a load balancer.
ArgumentTypeDescription
lbNamestringLoad balancer name
resourceGroup?stringResource group name
listProbesList health probes on a load balancer.
ArgumentTypeDescription
lbNamestringLoad balancer name
resourceGroup?stringResource group name

Resources

loadBalancer(infinite)— Azure Load Balancer (L4)
backendPool(infinite)— Backend address pool
probe(infinite)— Health probe
@dougschaefer/azure-managed-identityv2026.03.29.1azure/managed_identity.ts
listList all user-assigned managed identities in a resource group (or subscription).
getGet a single user-assigned managed identity.
ArgumentTypeDescription
namestringIdentity name
resourceGroup?stringResource group name
syncRefresh the stored state of a managed identity without making changes.
ArgumentTypeDescription
namestringIdentity name
resourceGroup?stringResource group name
createCreate a user-assigned managed identity.
ArgumentTypeDescription
namestringIdentity name
resourceGroup?stringResource group name
locationstringAzure region
deleteDelete a user-assigned managed identity.
ArgumentTypeDescription
namestringIdentity name
resourceGroup?stringResource group name

Resources

identity(infinite)— Azure user-assigned managed identity
@dougschaefer/azure-monitorv2026.03.29.1azure/monitor.ts
listMetricAlertsList all metric alert rules in a resource group (or subscription).
listActivityLogAlertsList all activity log alerts in the subscription.
listActionGroupsList all action groups in a resource group (or subscription).
getDiagnosticSettingsList diagnostic settings for a specific Azure resource.

Resources

metricAlert(infinite)— Azure Monitor metric alert rule
activityLogAlert(infinite)— Azure Monitor activity log alert
diagnosticSetting(infinite)— Diagnostic setting on an Azure resource
actionGroup(infinite)— Azure Monitor action group
@dougschaefer/azure-nat-gatewayv2026.03.29.1azure/nat_gateway.ts
listList all NAT gateways in a resource group (or all in the subscription).
getGet a single NAT gateway.
ArgumentTypeDescription
namestringNAT gateway name
resourceGroup?stringResource group name
syncRefresh the stored state of a NAT gateway without making changes.
ArgumentTypeDescription
namestringNAT gateway name
resourceGroup?stringResource group name
createCreate a NAT gateway.
ArgumentTypeDescription
namestringNAT gateway name
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a NAT gateway.
ArgumentTypeDescription
namestringNAT gateway name
resourceGroup?stringResource group name

Resources

natGateway(infinite)— Azure NAT gateway
@dougschaefer/azure-network-watcherv2026.03.29.1azure/network_watcher.ts
listList all Network Watcher instances in the subscription.
listFlowLogsList all NSG flow logs for a Network Watcher.
ArgumentTypeDescription
watcherNamestringNetwork Watcher name
listConnectionMonitorsList all connection monitors for a Network Watcher.
ArgumentTypeDescription
watcherNamestringNetwork Watcher name
checkConnectivityTest connectivity from a source VM to a destination endpoint.
ArgumentTypeDescription
sourceVmIdstringSource VM resource ID
destPortnumberDestination port

Resources

watcher(infinite)— Azure Network Watcher instance
flowLog(infinite)— NSG flow log configuration
connectionMonitor(infinite)— Connection monitor test
@dougschaefer/azure-nsgv2026.03.28.1azure/nsg.ts
listList all NSGs in a resource group (or all in the subscription if no resource group specified).
getGet a single NSG with all its rules.
ArgumentTypeDescription
namestringNSG name
resourceGroup?stringResource group name
syncRefresh the stored state of an NSG and its rules without making changes.
ArgumentTypeDescription
namestringNSG name
resourceGroup?stringResource group name
createCreate a network security group.
ArgumentTypeDescription
namestringNSG name
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a network security group.
ArgumentTypeDescription
namestringNSG name
resourceGroup?stringResource group name
listRulesList all custom rules in an NSG.
ArgumentTypeDescription
nsgNamestringNSG name
resourceGroup?stringResource group name
getRuleGet a single NSG rule.
ArgumentTypeDescription
nsgNamestringNSG name
ruleNamestringRule name
resourceGroup?stringResource group name
createRuleCreate a security rule in an NSG.
ArgumentTypeDescription
nsgNamestringNSG name
ruleNamestringRule name
accessenumAllow or deny traffic
resourceGroup?stringResource group name
updateRuleUpdate an existing security rule. Only specified fields are changed.
ArgumentTypeDescription
nsgNamestringNSG name
ruleNamestringRule name
resourceGroup?stringResource group name
priority?numberNew priority
access?enumNew access
protocol?stringNew protocol
description?stringNew description
deleteRuleDelete a security rule from an NSG.
ArgumentTypeDescription
nsgNamestringNSG name
ruleNamestringRule name
resourceGroup?stringResource group name

Resources

nsg(infinite)— Azure network security group
rule(infinite)— Individual security rule within an NSG
@dougschaefer/azure-private-endpointv2026.03.29.1azure/private_endpoint.ts
listList all private endpoints in a resource group (or all in the subscription).
getGet a single private endpoint.
ArgumentTypeDescription
namestringPrivate endpoint name
resourceGroup?stringResource group name
syncRefresh the stored state of a private endpoint without making changes.
ArgumentTypeDescription
namestringPrivate endpoint name
resourceGroup?stringResource group name
createCreate a private endpoint for a Private Link-enabled service.
ArgumentTypeDescription
namestringPrivate endpoint name
resourceGroup?stringResource group name
locationstringAzure region
vnetNamestringVNet containing the subnet
subnetNamestringSubnet for the private endpoint NIC
deleteDelete a private endpoint.
ArgumentTypeDescription
namestringPrivate endpoint name
resourceGroup?stringResource group name
listPrivateDnsZonesList all private DNS zones in a resource group.

Resources

privateEndpoint(infinite)— Azure Private Endpoint for Private Link connections
privateDnsZone(infinite)— Private DNS zone for private endpoint resolution
@dougschaefer/azure-public-ipv2026.03.28.1azure/public_ip.ts
listList all public IP addresses in a resource group (or all in the subscription).
getGet a single public IP address.
ArgumentTypeDescription
namestringPublic IP name
resourceGroup?stringResource group name
syncRefresh the stored state of a public IP address without making changes.
ArgumentTypeDescription
namestringPublic IP name
resourceGroup?stringResource group name
createCreate a public IP address.
ArgumentTypeDescription
namestringPublic IP name
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a public IP address.
ArgumentTypeDescription
namestringPublic IP name
resourceGroup?stringResource group name

Resources

publicIp(infinite)— Azure public IP address
@dougschaefer/azure-resource-groupv2026.03.05.1azure/resource_group.ts
listList all resource groups in the subscription. Produces one resource instance per group.
getGet a single resource group by name.
ArgumentTypeDescription
namestringResource group name
createCreate a resource group.
ArgumentTypeDescription
namestringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a resource group and all its resources.
ArgumentTypeDescription
namestringResource group name to delete

Resources

resourceGroup(infinite)— Azure resource group
@dougschaefer/azure-route-tablev2026.03.29.1azure/route_table.ts
listList all route tables in a resource group (or all in the subscription).
getGet a single route table with all its routes.
ArgumentTypeDescription
namestringRoute table name
resourceGroup?stringResource group name
syncRefresh the stored state of a route table without making changes.
ArgumentTypeDescription
namestringRoute table name
resourceGroup?stringResource group name
createCreate a route table.
ArgumentTypeDescription
namestringRoute table name
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a route table.
ArgumentTypeDescription
namestringRoute table name
resourceGroup?stringResource group name
listRoutesList all routes in a route table.
ArgumentTypeDescription
routeTableNamestringRoute table name
resourceGroup?stringResource group name
createRouteCreate a route in a route table.
ArgumentTypeDescription
routeTableNamestringRoute table name
routeNamestringRoute name
resourceGroup?stringResource group name
updateRouteUpdate an existing route in a route table.
ArgumentTypeDescription
routeTableNamestringRoute table name
routeNamestringRoute name
resourceGroup?stringResource group name
deleteRouteDelete a route from a route table.
ArgumentTypeDescription
routeTableNamestringRoute table name
routeNamestringRoute name
resourceGroup?stringResource group name

Resources

routeTable(infinite)— Azure route table
route(infinite)— Individual route within a route table
@dougschaefer/azure-sqlv2026.03.28.1azure/sql.ts
listServersList all SQL servers in a resource group (or all in the subscription).
getServerGet a single SQL server.
ArgumentTypeDescription
namestringSQL server name
resourceGroup?stringResource group name
syncServerRefresh the stored state of a SQL server without making changes.
ArgumentTypeDescription
namestringSQL server name
resourceGroup?stringResource group name
syncDatabaseRefresh the stored state of a database without making changes.
ArgumentTypeDescription
namestringDatabase name
serverNamestringSQL server name
resourceGroup?stringResource group name
createServerCreate an Azure SQL logical server.
ArgumentTypeDescription
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
adminUserstringServer admin username
deleteServerDelete an Azure SQL logical server and all its databases.
ArgumentTypeDescription
namestringSQL server name
resourceGroup?stringResource group name
listDatabasesList all databases on a SQL server.
ArgumentTypeDescription
serverNamestringSQL server name
resourceGroup?stringResource group name
getDatabaseGet a single database on a SQL server.
ArgumentTypeDescription
namestringDatabase name
serverNamestringSQL server name
resourceGroup?stringResource group name
createDatabaseCreate a database on a SQL server.
ArgumentTypeDescription
namestringDatabase name
serverNamestringSQL server name
resourceGroup?stringResource group name
deleteDatabaseDelete a database from a SQL server.
ArgumentTypeDescription
namestringDatabase name
serverNamestringSQL server name
resourceGroup?stringResource group name

Resources

server(infinite)— Azure SQL logical server
database(infinite)— Azure SQL database
@dougschaefer/azure-storage-accountv2026.03.28.1azure/storage_account.ts
listList all storage accounts in a resource group (or all in the subscription).
getGet a single storage account.
ArgumentTypeDescription
namestringStorage account name
resourceGroup?stringResource group name
syncRefresh the stored state of a storage account without making changes.
ArgumentTypeDescription
namestringStorage account name
resourceGroup?stringResource group name
createCreate a storage account.
ArgumentTypeDescription
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a storage account.
ArgumentTypeDescription
namestringStorage account name
resourceGroup?stringResource group name

Resources

storageAccount(infinite)— Azure storage account
@dougschaefer/azure-topologyv2026.03.29.1azure/topology.ts
inventoryDiscover all resources across the subscription (or a single resource group). Produces per-resource data handles for VMs, disks, VNets, NSGs, firewalls, public IPs, NAT gateways, route tables, load balancers, application gateways, Bastion, Key Vaults, storage accounts, private endpoints, managed identities, and SQL servers.
generateGenerate a Mermaid topology diagram. When resourceGroup is provided, diagrams a single RG. When omitted, produces a subscription-wide hub-and-spoke diagram across all resource groups with LR layout, traffic flow arrows, and Azure-branded colors.
costEstimateEstimate monthly costs for VMs in a resource group using the Azure Retail Pricing API (public, no auth required).
ArgumentTypeDescription
resourceGroup?stringResource group name
exportTemplateExport an ARM template for all resources in a resource group.
ArgumentTypeDescription
resourceGroup?stringResource group name

Resources

topology(infinite)— Mermaid topology diagram for an Azure resource group
costEstimate(infinite)— Cost estimate for resources in a resource group
armTemplate(infinite)— Exported ARM template for a resource group
inventoryItem(infinite)— Individual Azure resource discovered during subscription inventory
@dougschaefer/azure-vmv2026.03.28.1azure/vm.ts
listList VMs in a resource group (or all in the subscription if no resource group specified). Includes power state.
getGet a single VM with instance details.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
syncRefresh the stored state of a VM without making changes. Useful for drift detection and monitoring.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
getInstanceViewGet the instance view of a VM — power state, agent status, disk status.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
createCreate a virtual machine. Creates NIC, public IP, and OS disk automatically unless specified.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
adminUsernamestringAdmin username
vnetName?stringExisting VNet name
subnetName?stringExisting subnet name
osDiskSizeGb?numberOS disk size in GB
deleteDelete a virtual machine. Note: associated NIC, OS disk, and public IP are NOT automatically deleted — clean up separately.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
startStart a stopped/deallocated VM.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
stopPower off a VM without deallocating (still incurs compute charges).
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
deallocateDeallocate a VM (releases compute resources, stops charges).
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
restartRestart a running VM.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name
resizeResize a VM to a different size. VM must be deallocated first for some size changes.
ArgumentTypeDescription
namestringVM name
sizestringNew VM size, e.g. Standard_D4s_v5
resourceGroup?stringResource group name
listSizesList available VM sizes in a location.
ArgumentTypeDescription
locationstringAzure region, e.g. eastus2
runCommandRun a shell command on a VM via the Azure VM Run Command extension.
ArgumentTypeDescription
namestringVM name
resourceGroup?stringResource group name

Resources

vm(infinite)— Azure virtual machine
instanceView(infinite)— VM instance view with power state and agent status
@dougschaefer/azure-vnetv2026.03.28.1azure/vnet.ts
listList all VNets in a resource group (or all in the subscription if no resource group specified).
getGet a single VNet by name.
ArgumentTypeDescription
namestringVNet name
resourceGroup?stringResource group name
syncRefresh the stored state of a VNet and its subnets without making changes.
ArgumentTypeDescription
namestringVNet name
resourceGroup?stringResource group name
createCreate a virtual network.
ArgumentTypeDescription
namestringVNet name
resourceGroup?stringResource group name
locationstringAzure region, e.g. eastus2
deleteDelete a virtual network.
ArgumentTypeDescription
namestringVNet name
resourceGroup?stringResource group name
listSubnetsList all subnets in a VNet.
ArgumentTypeDescription
vnetNamestringVNet name
resourceGroup?stringResource group name
getSubnetGet a single subnet.
ArgumentTypeDescription
vnetNamestringVNet name
subnetNamestringSubnet name
resourceGroup?stringResource group name
createSubnetCreate a subnet in a VNet.
ArgumentTypeDescription
vnetNamestringVNet name
subnetNamestringSubnet name
resourceGroup?stringResource group name
updateSubnetUpdate a subnet — attach or detach NSG or route table.
ArgumentTypeDescription
vnetNamestringVNet name
subnetNamestringSubnet name
resourceGroup?stringResource group name
deleteSubnetDelete a subnet from a VNet.
ArgumentTypeDescription
vnetNamestringVNet name
subnetNamestringSubnet name
resourceGroup?stringResource group name
listPeeringsList all peering connections for a VNet.
ArgumentTypeDescription
vnetNamestringVNet name
resourceGroup?stringResource group name
createPeeringCreate a VNet peering connection. Creates one direction only — you need to create the reverse peering on the remote VNet separately.
ArgumentTypeDescription
vnetNamestringLocal VNet name
peeringNamestringPeering connection name
resourceGroup?stringResource group name
deletePeeringDelete a VNet peering connection.
ArgumentTypeDescription
vnetNamestringVNet name
peeringNamestringPeering connection name
resourceGroup?stringResource group name

Resources

vnet(infinite)— Azure virtual network
subnet(infinite)— Azure subnet within a virtual network
peering(infinite)— Virtual network peering connection
@dougschaefer/azure-vwanv2026.03.05.1azure/vwan.ts
listList all Virtual WANs in a resource group (or subscription).
getGet a single Virtual WAN.
ArgumentTypeDescription
namestringvWAN name
resourceGroup?stringResource group name
createCreate a Virtual WAN.
ArgumentTypeDescription
namestringvWAN name
resourceGroup?stringResource group name
locationstringAzure region
deleteDelete a Virtual WAN.
ArgumentTypeDescription
namestringvWAN name
resourceGroup?stringResource group name
listHubsList all virtual hubs in a resource group (or subscription).
getHubGet a single virtual hub.
ArgumentTypeDescription
namestringVirtual hub name
resourceGroup?stringResource group name
createHubCreate a virtual hub within a vWAN.
ArgumentTypeDescription
namestringVirtual hub name
resourceGroup?stringResource group name
locationstringAzure region
vwanNamestringParent vWAN name
deleteHubDelete a virtual hub.
ArgumentTypeDescription
namestringVirtual hub name
resourceGroup?stringResource group name
listHubConnectionsList all VNet connections to a virtual hub.
ArgumentTypeDescription
hubNamestringVirtual hub name
resourceGroup?stringResource group name
createHubConnectionConnect a VNet to a virtual hub.
ArgumentTypeDescription
namestringConnection name
hubNamestringVirtual hub name
resourceGroup?stringResource group name
deleteHubConnectionRemove a VNet connection from a virtual hub.
ArgumentTypeDescription
namestringConnection name
hubNamestringVirtual hub name
resourceGroup?stringResource group name
listVpnSitesList all VPN sites in a resource group (or subscription).
getVpnSiteGet a single VPN site.
ArgumentTypeDescription
namestringVPN site name
resourceGroup?stringResource group name
createVpnSiteCreate a VPN site (branch office) configuration.
ArgumentTypeDescription
namestringVPN site name
resourceGroup?stringResource group name
locationstringAzure region
vwanNamestringAssociated vWAN name
deviceModel?stringVPN device model
deleteVpnSiteDelete a VPN site.
ArgumentTypeDescription
namestringVPN site name
resourceGroup?stringResource group name
listVpnGatewaysList all site-to-site VPN gateways in a resource group (or subscription).
getVpnGatewayGet a single VPN gateway.
ArgumentTypeDescription
namestringVPN gateway name
resourceGroup?stringResource group name
inventoryInventory the complete vWAN topology — vWAN, hubs, hub connections, VPN sites, and VPN gateways in a resource group.
ArgumentTypeDescription
resourceGroup?stringResource group name

Resources

vwan(infinite)— Azure Virtual WAN
virtualHub(infinite)— Virtual hub within a vWAN
hubConnection(infinite)— VNet connection to a virtual hub
vpnSite(infinite)— VPN site (branch office) configuration
vpnGateway(infinite)— Site-to-site VPN gateway in a virtual hub