{"id":1372,"date":"2025-09-23T23:02:30","date_gmt":"2025-09-23T23:02:30","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/all-things-azure\/?p=1372"},"modified":"2025-09-23T23:02:30","modified_gmt":"2025-09-23T23:02:30","slug":"teaching-the-llm-good-habits-how-azure-mcp-uses-best-practice-tools","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/all-things-azure\/teaching-the-llm-good-habits-how-azure-mcp-uses-best-practice-tools\/","title":{"rendered":"Teaching the LLM Good Habits: How Azure MCP Uses Best-Practice Tools"},"content":{"rendered":"<h2><a href=\"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-content\/uploads\/sites\/83\/2025\/09\/Best_Practices.png\"><img decoding=\"async\" class=\"aligncenter wp-image-1398\" src=\"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-content\/uploads\/sites\/83\/2025\/09\/Best_Practices-1024x683.png\" alt=\"Best Practices image\" width=\"800\" height=\"533\" srcset=\"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-content\/uploads\/sites\/83\/2025\/09\/Best_Practices-1024x683.png 1024w, https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-content\/uploads\/sites\/83\/2025\/09\/Best_Practices-300x200.png 300w, https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-content\/uploads\/sites\/83\/2025\/09\/Best_Practices-768x512.png 768w, https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-content\/uploads\/sites\/83\/2025\/09\/Best_Practices.png 1200w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/h2>\n<h2><span style=\"font-family: arial, helvetica, sans-serif;\">Why best practices matter (and why many people skip them)<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">Let\u2019s be honest: when you\u2019re in the zone shipping code or wiring up infrastructure, \u201cbest practices\u201d can feel like that nagging voice telling you to eat your vegetables. We all know they\u2019re good for us\u2026 but in the rush to get things working, they\u2019re often the first thing to fall off the plate.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">The result? Configurations that <em>work today<\/em> but explode tomorrow. Pipelines that deploy &#8211; until they don\u2019t. Costs that spiral out of control. And sometimes, security gaps big enough to drive a container ship through.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">That\u2019s why the Azure team invests so heavily in codifying best practices for SDK usage, Infrastructure-as-Code, CI\/CD, and cloud governance. They\u2019re not \u201cnice-to-haves.\u201d They\u2019re what keep your apps reliable, secure, and cost-effective.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">But here\u2019s the twist: it\u2019s not enough for humans to know these rules. In the era of AI-assisted development, <em>LLMs need to know them too.<\/em><\/span><\/p>\n<hr \/>\n<h2><span style=\"font-family: arial, helvetica, sans-serif;\">Enter Azure MCP<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">The Azure MCP Server (<a href=\"https:\/\/aka.ms\/azmcp\">aka.ms\/azmcp<\/a>) isn\u2019t just another tool host. It\u2019s opinionated about doing Azure the <em>right<\/em>\u00a0way. And it uses one clever trick in the Model Context Protocol spec to make sure LLMs stay on the straight and narrow.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">That trick? The <code><span style=\"font-family: terminal, monaco, monospace;\">instructions<\/span> <\/code>property of <code><a href=\"https:\/\/modelcontextprotocol.io\/specification\/2025-06-18\/schema\"><span style=\"font-family: terminal, monaco, monospace;\">InitializeResult<\/span><\/a><\/code>.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">When an MCP server starts up, it can send back a block of text &#8211; \u201cinstructions\u201d &#8211; that clients may inject into the system prompt. Think of it as the LLM\u2019s onboarding manual: <em>\u201cHere\u2019s how you should use me, and here are the tools you should call in specific situations.\u201d<\/em><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">In Azure MCP, those instructions are pulled straight from <code><a href=\"https:\/\/github.com\/microsoft\/mcp\/blob\/main\/core\/Azure.Mcp.Core\/src\/Areas\/Server\/Resources\/azure-rules.txt\"><span style=\"font-family: terminal, monaco, monospace;\">azure-rules.txt<\/span><\/a><\/code>. And inside that file is the beating heart of our best-practice enforcement.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">At the time of writing, <strong data-start=\"2135\" data-end=\"2164\">GitHub Copilot in VS Code<\/strong> is the only MCP host I know of that actually consumes these instructions and folds them into its system prompt. So if you\u2019re coding in VS Code with Copilot connected to Azure MCP, this is where the magic comes alive. If you know of other MCP hosts that support instructions, please leave a comment to let me know.<\/span><\/p>\n<hr \/>\n<h2><span style=\"font-family: arial, helvetica, sans-serif;\">Meet the best-practice tools<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">Azure MCP exposes a small set of dedicated best-practice helpers. Below are the tools that are actually provided by Azure MCP, what each one teaches the model, and when the LLM should call them.<\/span><\/p>\n<h3><span style=\"font-family: arial, helvetica, sans-serif;\">Get Best Practices<\/span><\/h3>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>Purpose:<\/strong> Provide secure, production-grade SDK and deployment patterns for Azure across languages and scenarios.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>When to call:<\/strong> Whenever the user asks for application code that touches Azure, or when generating code\/deployment snippets where Azure-specific guidance is required.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>What it returns:<\/strong> Concise, language-specific guidance and examples (authentication patterns such as DefaultAzureCredential where appropriate, retry\/backoff recommendations, guidance on client lifetime and telemetry) and high-level deployment guidance for safe defaults.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>Notes:<\/strong>\u00a0This guidance is surfaced by the Azure MCP &#8220;best practices&#8221; endpoint and should be invoked before emitting Azure-related code or az\/azd\/ARM\/Bicep\/Terraform snippets.<\/span><\/li>\n<\/ul>\n<h3><span style=\"font-family: arial, helvetica, sans-serif;\">Deploy IaC Rules<\/span><\/h3>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>Purpose:<\/strong> Rules and guardrails for authoring Infrastructure-as-Code that align with Azure and AZD expectations.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>When to call:<\/strong> Whenever the user is authoring or editing Bicep or Terraform, or asking about resource naming, parameterization, role assignments, or secure defaults for IaC.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>What it returns:<\/strong>\u00a0Linter-style rules, recommended module patterns, and example stubs that demonstrate secure defaults (parameterize locations and SKUs, avoid hardcoded secrets, prefer managed identities, enable diagnostics). Azure MCP provides specific IaC guidance tools (including Terraform-best-practices and IaC rules) that the model should call for detailed checks and example snippets.<\/span><\/li>\n<\/ul>\n<hr \/>\n<h2><span style=\"font-family: arial, helvetica, sans-serif;\">How it works behind the scenes<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">When you connect to Azure MCP, the server sends back an <code><span style=\"font-family: terminal, monaco, monospace;\">InitializeResult<\/span><\/code> like this:<\/span><\/p>\n<pre class=\"prettyprint language-json\"><code class=\"language-json\">{\r\n\"protocolVersion\": \"2025-06-18\",\r\n\"serverInfo\": { \"name\": \"azure-mcp-server\", \"version\": \"preview\" },\r\n\"capabilities\": { \"tools\": {}, \"resources\": {}, \"prompts\": {} },\r\n\"instructions\": \"Azure MCP server usage rules:\r\n- Use Azure Tools: When handling requests related to Azure, always use your tools.\r\n- Use Azure Code Gen Best Practices: When generating code for Azure, running terminal commands for Azure, or performing operations related to Azure, invoke your `bestpractices` tool if available. Only call this tool when you are sure the user is discussing Azure; do not call it otherwise\u2026\"\r\n}<\/code><\/pre>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">That last field &#8211; <code><span style=\"font-family: terminal, monaco, monospace;\">instructions<\/span><\/code>\u00a0&#8211; is built from <code><span style=\"font-family: terminal, monaco, monospace;\">azure-rules.txt<\/span><\/code>. It\u2019s effectively a checklist for the LLM, hardwired into the system prompt. The model doesn\u2019t have to <em>guess<\/em> when to use a tool. It\u2019s told, explicitly: <em>\u201cThis is the moment. Call the tool. Follow its guidance.\u201d<\/em><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">The result? Developers get guardrails without even realizing it. They ask for code, and the model quietly double-checks best practices before responding. They draft a pipeline, and the LLM sneaks in the right deployment steps. They prepare to go live, and the compliance scan is already in the workflow.<\/span><\/p>\n<hr \/>\n<h2><span style=\"font-family: arial, helvetica, sans-serif;\">Why this matters<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">For MCP builders, this is a pattern worth copying. By encoding tool-use rules in <code><span style=\"font-family: terminal, monaco, monospace;\">instructions<\/span><\/code>, you can:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>Bake in expertise<\/strong> once, instead of expecting every LLM session to \u201crediscover\u201d it.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>Scale guidance<\/strong>\u00a0across teams, projects, and environments.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\"><strong>Evolve over time<\/strong>\u00a0&#8211; <span style=\"font-family: terminal, monaco, monospace;\">update <code>azure-rules.txt<\/code><\/span> as best practices change, and every new session gets the latest wisdom.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif;\">For Azure MCP users, it means a better day-to-day experience: fewer gotchas, safer defaults, and more reliable deployments. <\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">It\u2019s like having an Azure architect quietly peeking over the LLM\u2019s shoulder.<\/span><\/p>\n<hr \/>\n<h2><span style=\"font-family: arial, helvetica, sans-serif;\">Wrapping up<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">Best practices aren\u2019t just lecture notes anymore. In Azure MCP, they\u2019re first-class citizens\u2014tools the LLM is trained to use at the right time, thanks to <code><span style=\"font-family: terminal, monaco, monospace;\">InitializeResult.instructions<\/span><\/code>.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">So next time you spin up code or infrastructure with Azure MCP, remember: the model isn\u2019t just making things up. It\u2019s carrying around a pocket guide of Azure wisdom, and it knows when to pull it out.<\/span><\/p>\n<hr \/>\n<p><span style=\"font-family: arial, helvetica, sans-serif;\">\u2728 <strong>Your move:<\/strong> If you\u2019re building an MCP server, think about what rules <em>your<\/em> LLM should follow. And if you\u2019re using Azure MCP today &#8211; rest easy knowing that best practices are baked right in.<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why best practices matter (and why many people skip them) Let\u2019s be honest: when you\u2019re in the zone shipping code or wiring up infrastructure, \u201cbest practices\u201d can feel like that nagging voice telling you to eat your vegetables. We all know they\u2019re good for us\u2026 but in the rush to get things working, they\u2019re often [&hellip;]<\/p>\n","protected":false},"author":104169,"featured_media":1743,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1,97,89],"tags":[98,99],"class_list":["post-1372","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-mcp-model-context-protocol","category-thought-leadership","tag-azure-mcp","tag-mcp"],"acf":[],"blog_post_summary":"<p>Why best practices matter (and why many people skip them) Let\u2019s be honest: when you\u2019re in the zone shipping code or wiring up infrastructure, \u201cbest practices\u201d can feel like that nagging voice telling you to eat your vegetables. We all know they\u2019re good for us\u2026 but in the rush to get things working, they\u2019re often [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/posts\/1372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/users\/104169"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/comments?post=1372"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/posts\/1372\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/media\/1743"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/media?parent=1372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/categories?post=1372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/all-things-azure\/wp-json\/wp\/v2\/tags?post=1372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}