{"id":"66518b9b-bfb2-4250-bbad-d79e1ce718cb","shortId":"gQjfNE","kind":"skill","title":"azure-attestation","tagline":"Expert knowledge for Azure Attestation development including troubleshooting, best practices, security, configuration, and deployment. Use when validating attestation tokens, authoring SGX/TPM policies, configuring policy signers, or securing endpoints, and other Azure Attestatio","description":"# Azure Attestation Skill\n\nThis skill provides expert guidance for Azure Attestation. Covers troubleshooting, best practices, security, configuration, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.\n\n## How to Use This Skill\n\n> **IMPORTANT for Agent**: Use the **Category Index** below to locate relevant sections. For categories with line ranges (e.g., `L35-L120`), use `read_file` with the specified lines. For categories with file links (e.g., `[security.md](security.md)`), use `read_file` on the linked reference file\n\n> **IMPORTANT for Agent**: If `metadata.generated_at` is more than 3 months old, suggest the user pull the latest version from the repository. If `mcp_microsoftdocs` tools are not available, suggest the user install it: [Installation Guide](https://github.com/MicrosoftDocs/mcp/blob/main/README.md)\n\nThis skill requires **network access** to fetch documentation content:\n- **Preferred**: Use `mcp_microsoftdocs:microsoft_docs_fetch` with query string `from=learn-agent-skill`. Returns Markdown.\n- **Fallback**: Use `fetch_webpage` with query string `from=learn-agent-skill&accept=text/markdown`. Returns Markdown.\n\n## Category Index\n\n| Category | Lines | Description |\n|----------|-------|-------------|\n| Troubleshooting | L33-L37 | Diagnosing and resolving common Azure Attestation failures, including policy/quote validation errors, configuration issues, and troubleshooting attestation responses and tokens. |\n| Best Practices | L38-L46 | Guidance on validating attestation tokens, writing secure attestation policies, and configuring/enforcing SGX and TPM attestation baselines using sample policies. |\n| Security | L47-L52 | Using Azure Policy to govern attestation providers, and securing Azure Attestation with private endpoints, firewalls, managed identities, and access control settings |\n| Configuration | L53-L69 | Configuring Azure Attestation policies (grammar, versions, claim rules), policy signer certs, and monitoring/logging via Azure Monitor, CLI, PowerShell, and log schema. |\n| Deployment | L70-L73 | How to create and configure a private endpoint for Azure Attestation using PowerShell, including network setup and secure access to attestation resources. |\n\n### Troubleshooting\n| Topic | URL |\n|-------|-----|\n| Troubleshoot common Azure Attestation errors and issues | https://learn.microsoft.com/en-us/azure/attestation/troubleshoot-guide |\n\n### Best Practices\n| Topic | URL |\n|-------|-----|\n| Interpret and validate Azure Attestation tokens with examples | https://learn.microsoft.com/en-us/azure/attestation/attestation-token-examples |\n| Author secure and correct Azure Attestation policies | https://learn.microsoft.com/en-us/azure/attestation/author-sign-policy |\n| Configure custom TCB baseline enforcement for SGX attestation | https://learn.microsoft.com/en-us/azure/attestation/custom-tcb-baseline-enforcement |\n| Use sample SGX attestation policies in Azure | https://learn.microsoft.com/en-us/azure/attestation/policy-examples |\n| Use sample TPM attestation policies in Azure | https://learn.microsoft.com/en-us/azure/attestation/tpm-attestation-sample-policies |\n\n### Security\n| Topic | URL |\n|-------|-----|\n| Apply built-in Azure Policy definitions for Attestation | https://learn.microsoft.com/en-us/azure/attestation/policy-reference |\n| Secure Azure Attestation with network and identity controls | https://learn.microsoft.com/en-us/azure/attestation/secure-attestation |\n\n### Configuration\n| Topic | URL |\n|-------|-----|\n| Use Azure Attestation claim rule functions and operators | https://learn.microsoft.com/en-us/azure/attestation/claim-rule-functions |\n| Use Azure Attestation claim rule grammar in policies | https://learn.microsoft.com/en-us/azure/attestation/claim-rule-grammar |\n| Understand Azure Attestation claim sets and categories | https://learn.microsoft.com/en-us/azure/attestation/claim-sets |\n| Enable diagnostic logging for Azure Attestation | https://learn.microsoft.com/en-us/azure/attestation/enable-logging |\n| Reference for Azure Attestation monitoring and log schema | https://learn.microsoft.com/en-us/azure/attestation/logs-data-reference |\n| Monitor Azure Attestation with Azure Monitor | https://learn.microsoft.com/en-us/azure/attestation/monitor-logs |\n| Configure Azure Attestation policy signer certificates | https://learn.microsoft.com/en-us/azure/attestation/policy-signer-examples |\n| Configure Azure Attestation policy language version 1.0 | https://learn.microsoft.com/en-us/azure/attestation/policy-version-1-0 |\n| Configure Azure Attestation policy language version 1.1 | https://learn.microsoft.com/en-us/azure/attestation/policy-version-1-1 |\n| Configure Azure Attestation policy language version 1.2 | https://learn.microsoft.com/en-us/azure/attestation/policy-version-1-2 |\n| Set up Azure Attestation using Azure CLI | https://learn.microsoft.com/en-us/azure/attestation/quickstart-azure-cli |\n| Configure Azure Attestation provider with PowerShell | https://learn.microsoft.com/en-us/azure/attestation/quickstart-powershell |\n| Understand and use Azure Attestation log data | https://learn.microsoft.com/en-us/azure/attestation/view-logs |\n\n### Deployment\n| Topic | URL |\n|-------|-----|\n| Create Azure Attestation private endpoint with PowerShell | https://learn.microsoft.com/en-us/azure/attestation/private-endpoint-powershell |","tags":["azure","attestation","agent","skills","microsoftdocs","agent-skills","agentic-skills","agentskill","ai-agents","ai-coding","azure-functions","azure-kubernetes-service"],"capabilities":["skill","source-microsoftdocs","skill-azure-attestation","topic-agent","topic-agent-skills","topic-agentic-skills","topic-agentskill","topic-ai-agents","topic-ai-coding","topic-azure","topic-azure-functions","topic-azure-kubernetes-service","topic-azure-openai","topic-azure-sql-database","topic-azure-storage"],"categories":["Agent-Skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/MicrosoftDocs/Agent-Skills/azure-attestation","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add MicrosoftDocs/Agent-Skills","source_repo":"https://github.com/MicrosoftDocs/Agent-Skills","install_from":"skills.sh"}},"qualityScore":"0.698","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 497 github stars · SKILL.md body (5,405 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T12:53:30.063Z","embedding":null,"createdAt":"2026-04-18T21:58:15.855Z","updatedAt":"2026-04-22T12:53:30.063Z","lastSeenAt":"2026-04-22T12:53:30.063Z","tsv":"'/en-us/azure/attestation/attestation-token-examples':352 '/en-us/azure/attestation/author-sign-policy':362 '/en-us/azure/attestation/claim-rule-functions':433 '/en-us/azure/attestation/claim-rule-grammar':444 '/en-us/azure/attestation/claim-sets':454 '/en-us/azure/attestation/custom-tcb-baseline-enforcement':373 '/en-us/azure/attestation/enable-logging':463 '/en-us/azure/attestation/logs-data-reference':474 '/en-us/azure/attestation/monitor-logs':483 '/en-us/azure/attestation/policy-examples':383 '/en-us/azure/attestation/policy-reference':408 '/en-us/azure/attestation/policy-signer-examples':492 '/en-us/azure/attestation/policy-version-1-0':502 '/en-us/azure/attestation/policy-version-1-1':512 '/en-us/azure/attestation/policy-version-1-2':522 '/en-us/azure/attestation/private-endpoint-powershell':564 '/en-us/azure/attestation/quickstart-azure-cli':532 '/en-us/azure/attestation/quickstart-powershell':541 '/en-us/azure/attestation/secure-attestation':419 '/en-us/azure/attestation/tpm-attestation-sample-policies':393 '/en-us/azure/attestation/troubleshoot-guide':337 '/en-us/azure/attestation/view-logs':551 '/microsoftdocs/mcp/blob/main/readme.md)':154 '1.0':499 '1.1':509 '1.2':519 '3':125 'accept':193 'access':159,271,321 'agent':74,118,177,191 'appli':397 'attest':3,8,21,37,46,211,221,233,237,244,258,263,280,313,323,331,346,358,370,377,387,405,411,425,436,447,460,467,477,486,495,505,515,526,535,546,557 'attestatio':35 'author':23,353 'avail':144 'azur':2,7,34,36,45,210,254,262,279,292,312,330,345,357,380,390,401,410,424,435,446,459,466,476,479,485,494,504,514,525,528,534,545,556 'azure-attest':1 'baselin':245,366 'best':12,49,225,338 'built':399 'built-in':398 'capabl':66 'categori':77,85,101,197,199,451 'cert':288 'certif':489 'claim':284,426,437,448 'cli':294,529 'combin':56 'common':209,329 'configur':15,26,52,217,274,278,307,363,420,484,493,503,513,533 'configuring/enforcing':240 'content':61,163 'control':272,416 'correct':356 'cover':47 'creat':305,555 'custom':364 'data':548 'definit':403 'deploy':17,54,299,552 'descript':201 'develop':9 'diagnos':206 'diagnost':456 'doc':169 'document':64,162 'e.g':89,105 'enabl':455 'endpoint':31,266,310,559 'enforc':367 'error':216,332 'exampl':349 'expert':4,42 'failur':212 'fallback':181 'fetch':65,161,170,183 'file':95,103,110,115 'firewal':267 'function':428 'github.com':153 'github.com/microsoftdocs/mcp/blob/main/readme.md)':152 'govern':257 'grammar':282,439 'guid':151 'guidanc':43,230 'ident':269,415 'import':72,116 'includ':10,213,316 'index':78,198 'instal':148,150 'interpret':342 'issu':218,334 'knowledg':5 'l120':92 'l33':204 'l33-l37':203 'l35':91 'l35-l120':90 'l37':205 'l38':228 'l38-l46':227 'l46':229 'l47':251 'l47-l52':250 'l52':252 'l53':276 'l53-l69':275 'l69':277 'l70':301 'l70-l73':300 'l73':302 'languag':497,507,517 'latest':133 'learn':176,190 'learn-agent-skil':175,189 'learn.microsoft.com':336,351,361,372,382,392,407,418,432,443,453,462,473,482,491,501,511,521,531,540,550,563 'learn.microsoft.com/en-us/azure/attestation/attestation-token-examples':350 'learn.microsoft.com/en-us/azure/attestation/author-sign-policy':360 'learn.microsoft.com/en-us/azure/attestation/claim-rule-functions':431 'learn.microsoft.com/en-us/azure/attestation/claim-rule-grammar':442 'learn.microsoft.com/en-us/azure/attestation/claim-sets':452 'learn.microsoft.com/en-us/azure/attestation/custom-tcb-baseline-enforcement':371 'learn.microsoft.com/en-us/azure/attestation/enable-logging':461 'learn.microsoft.com/en-us/azure/attestation/logs-data-reference':472 'learn.microsoft.com/en-us/azure/attestation/monitor-logs':481 'learn.microsoft.com/en-us/azure/attestation/policy-examples':381 'learn.microsoft.com/en-us/azure/attestation/policy-reference':406 'learn.microsoft.com/en-us/azure/attestation/policy-signer-examples':490 'learn.microsoft.com/en-us/azure/attestation/policy-version-1-0':500 'learn.microsoft.com/en-us/azure/attestation/policy-version-1-1':510 'learn.microsoft.com/en-us/azure/attestation/policy-version-1-2':520 'learn.microsoft.com/en-us/azure/attestation/private-endpoint-powershell':562 'learn.microsoft.com/en-us/azure/attestation/quickstart-azure-cli':530 'learn.microsoft.com/en-us/azure/attestation/quickstart-powershell':539 'learn.microsoft.com/en-us/azure/attestation/secure-attestation':417 'learn.microsoft.com/en-us/azure/attestation/tpm-attestation-sample-policies':391 'learn.microsoft.com/en-us/azure/attestation/troubleshoot-guide':335 'learn.microsoft.com/en-us/azure/attestation/view-logs':549 'line':87,99,200 'link':104,113 'local':57 'locat':81 'log':297,457,470,547 'manag':268 'markdown':180,196 'mcp':139,166 'metadata.generated':120 'microsoft':168 'microsoftdoc':140,167 'monitor':293,468,475,480 'monitoring/logging':290 'month':126 'network':158,317,413 'old':127 'oper':430 'polici':25,27,238,248,255,281,286,359,378,388,402,441,487,496,506,516 'policy/quote':214 'powershel':295,315,538,561 'practic':13,50,226,339 'prefer':164 'privat':265,309,558 'provid':41,259,536 'pull':131 'queri':172,186 'quick':59 'quick-refer':58 'rang':88 'read':94,109 'refer':60,114,464 'relev':82 'remot':63 'repositori':137 'requir':157 'resolv':208 'resourc':324 'respons':222 'return':179,195 'rule':285,427,438 'sampl':247,375,385 'schema':298,471 'section':83 'secur':14,30,51,236,249,261,320,354,394,409 'security.md':106,107 'set':273,449,523 'setup':318 'sgx':241,369,376 'sgx/tpm':24 'signer':28,287,488 'skill':38,40,71,156,178,192 'skill-azure-attestation' 'source-microsoftdocs' 'specifi':98 'string':173,187 'suggest':128,145 'tcb':365 'text/markdown':194 'token':22,224,234,347 'tool':141 'topic':326,340,395,421,553 'topic-agent' 'topic-agent-skills' 'topic-agentic-skills' 'topic-agentskill' 'topic-ai-agents' 'topic-ai-coding' 'topic-azure' 'topic-azure-functions' 'topic-azure-kubernetes-service' 'topic-azure-openai' 'topic-azure-sql-database' 'topic-azure-storage' 'tpm':243,386 'troubleshoot':11,48,202,220,325,328 'understand':445,542 'url':327,341,396,422,554 'use':18,69,75,93,108,165,182,246,253,314,374,384,423,434,527,544 'user':130,147 'valid':20,215,232,344 'version':134,283,498,508,518 'via':291 'webpag':184 'write':235","prices":[{"id":"0459fbff-f6cd-47b6-9061-7893f6131efe","listingId":"66518b9b-bfb2-4250-bbad-d79e1ce718cb","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"MicrosoftDocs","category":"Agent-Skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:58:15.855Z"}],"sources":[{"listingId":"66518b9b-bfb2-4250-bbad-d79e1ce718cb","source":"github","sourceId":"MicrosoftDocs/Agent-Skills/azure-attestation","sourceUrl":"https://github.com/MicrosoftDocs/Agent-Skills/tree/main/skills/azure-attestation","isPrimary":false,"firstSeenAt":"2026-04-18T21:58:15.855Z","lastSeenAt":"2026-04-22T12:53:30.063Z"}],"details":{"listingId":"66518b9b-bfb2-4250-bbad-d79e1ce718cb","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"MicrosoftDocs","slug":"azure-attestation","github":{"repo":"MicrosoftDocs/Agent-Skills","stars":497,"topics":["agent","agent-skills","agentic-skills","agentskill","ai","ai-agents","ai-coding","azure","azure-functions","azure-kubernetes-service","azure-openai","azure-sql-database","azure-storage","azure-virtual-machine","claude-code","github-copilot","microsoft-learn","openai-codex","skills"],"license":"cc-by-4.0","html_url":"https://github.com/MicrosoftDocs/Agent-Skills","pushed_at":"2026-04-22T01:37:27Z","description":"Curated Agent Skills for Microsoft & Azure – giving AI coding assistants structured, real-time expertise from Microsoft Learn docs.","skill_md_sha":"ff82895c8cd19d48ebb51c153b2c1514946e4487","skill_md_path":"skills/azure-attestation/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/MicrosoftDocs/Agent-Skills/tree/main/skills/azure-attestation"},"layout":"multi","source":"github","category":"Agent-Skills","frontmatter":{"name":"azure-attestation","description":"Expert knowledge for Azure Attestation development including troubleshooting, best practices, security, configuration, and deployment. Use when validating attestation tokens, authoring SGX/TPM policies, configuring policy signers, or securing endpoints, and other Azure Attestation related development tasks. Not for Azure Confidential Computing (use azure-confidential-computing), Azure Virtual Enclaves (use azure-virtual-enclaves), Azure Key Vault (use azure-key-vault), Azure Security (use azure-security).","compatibility":"Requires network access. Uses mcp_microsoftdocs:microsoft_docs_fetch or fetch_webpage to retrieve documentation."},"skills_sh_url":"https://skills.sh/MicrosoftDocs/Agent-Skills/azure-attestation"},"updatedAt":"2026-04-22T12:53:30.063Z"}}