Microsoft Cloud Tools
Once you connect your Entra ID tenant, InfraScout gives Claude access to a comprehensive set of Microsoft Cloud tools. These tools cover identity, Azure infrastructure, Microsoft 365 services, and security — letting you assess your cloud environment as naturally as you assess on-premises hosts. No agent is needed on cloud systems; InfraScout queries Microsoft's APIs directly using your connected tenant credentials.
Prerequisite
A connected Entra ID tenant is required before any Microsoft Cloud tools are available. See Connecting Entra ID for setup instructions.
Identity (Entra ID)
These tools query your Entra ID directory — users, groups, roles, service principals, and admin units. Use them to audit privilege hygiene, find stale accounts, review role assignments, and check Privileged Identity Management (PIM) eligibility schedules.
"List all users with Global Administrator role assignments.""Show me service principals with application role assignments to sensitive permissions.""List all PIM-eligible role assignments and their scheduled expiry."
Azure Platform
These tools query your Azure subscriptions, resource groups, and resources. They also cover governance features — access reviews, entitlement management, and lifecycle workflows — and delegated admin relationships (GDAP) for partners managing customer tenants. Basic Azure cost queries are available.
"List all Azure subscriptions and their resource counts.""Show me any access packages that allow external guest access.""Query the cost summary for last month across all subscriptions."
Security
These tools cover Microsoft Defender for Endpoint (machine inventory, recommendations, and logon users), Defender Advanced Hunting (KQL queries against the XDR data lake — process events, alert evidence, and arbitrary hunting queries), identity protection (risky users and risk detections), Conditional Access policies, sign-in and audit logs, named locations, BitLocker keys, and LAPS credentials.
"List all Defender machines that have high-severity recommendations.""Show me PowerShell process executions on this device in the last 24 hours.""What entities did Defender link to alert
<id>?""Show me the current Conditional Access policies and flag any that have no MFA requirement."
Microsoft 365 Services
These tools cover Teams (teams, channels, members, and installed apps), SharePoint (sites, lists, and drives), Exchange Online (mailbox settings and mail folders), and Intune (managed devices, device configurations, compliance policies, detected apps, and mobile apps). Licensing tools let you review subscribed SKUs and per-user assignments. Usage and Copilot adoption reports are also available.
"List all Teams and flag any with external members.""Show me Intune managed devices that are not compliant with device compliance policies.""Get the Microsoft 365 usage report for the last month."
Using These Tools
You don't call these tools by name. Just describe what you want to understand and Claude selects the right tools automatically. For example:
"Review the identity security posture for my Entra tenant — focus on privileged accounts, stale users, and MFA gaps."
If you are working with multiple Entra connections — for example, managing several customer tenants — use entra_connection_list to select which connection Claude should use at the start of your session.