azure-attestation
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseAzure Attestation Skill
Azure Attestation技能
This skill provides expert guidance for Azure Attestation. Covers troubleshooting, best practices, security, configuration, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.
本技能为Azure Attestation提供专业指导,涵盖故障排查、最佳实践、安全防护、配置和部署等内容。它结合了本地快速参考内容与远程文档获取能力。
How to Use This Skill
如何使用本技能
IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g.,), useL35-L120with the specified lines. For categories with file links (e.g.,read_file), use[security.md](security.md)on the linked reference fileread_file
IMPORTANT for Agent: Ifis more than 3 months old, suggest the user pull the latest version from the repository. Ifmetadata.generated_attools are not available, suggest the user install it: Installation Guidemcp_microsoftdocs
This skill requires network access to fetch documentation content:
- Preferred: Use with query string
mcp_microsoftdocs:microsoft_docs_fetch. Returns Markdown.from=learn-agent-skill - Fallback: Use with query string
fetch_webpage. Returns Markdown.from=learn-agent-skill&accept=text/markdown
Agent 注意事项:使用下方的分类索引查找相关章节。对于带有行范围的分类(例如),请使用L35-L120工具读取指定行内容。对于带有文件链接的分类(例如read_file),请使用[security.md](security.md)工具读取链接的参考文件read_file
Agent 注意事项:如果的时间超过3个月,请建议用户从代码仓库拉取最新版本。如果metadata.generated_at工具不可用,请建议用户安装该工具:安装指南mcp_microsoftdocs
本技能需要网络访问权限来获取文档内容:
- 首选方式:使用工具,并添加查询字符串
mcp_microsoftdocs:microsoft_docs_fetch,返回Markdown格式内容。from=learn-agent-skill - 备用方式:使用工具,并添加查询字符串
fetch_webpage,返回Markdown格式内容。from=learn-agent-skill&accept=text/markdown
Category Index
分类索引
| Category | Lines | Description |
|---|---|---|
| Troubleshooting | L33-L37 | Diagnosing and resolving common Azure Attestation failures, including policy/quote validation errors, configuration issues, and troubleshooting attestation responses and tokens. |
| Best Practices | L38-L46 | Guidance on validating attestation tokens, writing secure attestation policies, and configuring/enforcing SGX and TPM attestation baselines using sample policies. |
| Security | L47-L52 | Using Azure Policy to govern attestation providers, and securing Azure Attestation with private endpoints, firewalls, managed identities, and access control settings |
| Configuration | L53-L69 | Configuring Azure Attestation policies (grammar, versions, claim rules), policy signer certs, and monitoring/logging via Azure Monitor, CLI, PowerShell, and log schema. |
| Deployment | L70-L73 | How to create and configure a private endpoint for Azure Attestation using PowerShell, including network setup and secure access to attestation resources. |
| 分类 | 行范围 | 描述 |
|---|---|---|
| Troubleshooting | L33-L37 | 诊断并解决Azure Attestation常见故障,包括策略/引用验证错误、配置问题,以及证明响应和令牌的故障排查。 |
| Best Practices | L38-L46 | 提供验证证明令牌、编写安全证明策略,以及使用示例策略配置/实施SGX和TPM证明基线的指导。 |
| Security | L47-L52 | 使用Azure Policy管理证明提供者,通过专用端点、防火墙、托管标识和访问控制设置保护Azure Attestation的安全。 |
| Configuration | L53-L69 | 配置Azure Attestation策略(语法、版本、声明规则)、策略签名者证书,以及通过Azure Monitor、CLI、PowerShell和日志架构进行监控与日志记录。 |
| Deployment | L70-L73 | 如何使用PowerShell为Azure Attestation创建和配置专用端点,包括网络设置和证明资源的安全访问。 |
Troubleshooting
故障排查
| Topic | URL |
|---|---|
| Troubleshoot common Azure Attestation errors and issues | https://learn.microsoft.com/en-us/azure/attestation/troubleshoot-guide |
| 主题 | 链接 |
|---|---|
| 排查Azure Attestation常见错误和问题 | https://learn.microsoft.com/en-us/azure/attestation/troubleshoot-guide |
Best Practices
最佳实践
| Topic | URL |
|---|---|
| Interpret and validate Azure Attestation tokens with examples | https://learn.microsoft.com/en-us/azure/attestation/attestation-token-examples |
| Author secure and correct Azure Attestation policies | https://learn.microsoft.com/en-us/azure/attestation/author-sign-policy |
| Configure custom TCB baseline enforcement for SGX attestation | https://learn.microsoft.com/en-us/azure/attestation/custom-tcb-baseline-enforcement |
| Use sample SGX attestation policies in Azure | https://learn.microsoft.com/en-us/azure/attestation/policy-examples |
| Use sample TPM attestation policies in Azure | https://learn.microsoft.com/en-us/azure/attestation/tpm-attestation-sample-policies |
| 主题 | 链接 |
|---|---|
| 示例解析与验证Azure Attestation令牌 | https://learn.microsoft.com/en-us/azure/attestation/attestation-token-examples |
| 编写安全合规的Azure Attestation策略 | https://learn.microsoft.com/en-us/azure/attestation/author-sign-policy |
| 为SGX证明配置自定义TCB基线实施 | https://learn.microsoft.com/en-us/azure/attestation/custom-tcb-baseline-enforcement |
| 在Azure中使用SGX证明示例策略 | https://learn.microsoft.com/en-us/azure/attestation/policy-examples |
| 在Azure中使用TPM证明示例策略 | https://learn.microsoft.com/en-us/azure/attestation/tpm-attestation-sample-policies |
Security
安全防护
| Topic | URL |
|---|---|
| Apply built-in Azure Policy definitions for Attestation | https://learn.microsoft.com/en-us/azure/attestation/policy-reference |
| Secure Azure Attestation with network and identity controls | https://learn.microsoft.com/en-us/azure/attestation/secure-attestation |
| 主题 | 链接 |
|---|---|
| 应用Attestation内置Azure Policy定义 | https://learn.microsoft.com/en-us/azure/attestation/policy-reference |
| 通过网络和身份控制保护Azure Attestation安全 | https://learn.microsoft.com/en-us/azure/attestation/secure-attestation |
Configuration
配置
Deployment
部署
| Topic | URL |
|---|---|
| Create Azure Attestation private endpoint with PowerShell | https://learn.microsoft.com/en-us/azure/attestation/private-endpoint-powershell |
| 主题 | 链接 |
|---|---|
| 使用PowerShell创建Azure Attestation专用端点 | https://learn.microsoft.com/en-us/azure/attestation/private-endpoint-powershell |