Azure Infrastructure Blog

4 MIN READ

🚀GitHub Copilot CLI: AI Assistance from the Command Line for Infrastructure Deployments

ibrahimbaig

Microsoft

Mar 25, 2026

What is GitHub Copilot CLI?

GitHub Copilot CLI is an AI-powered assistant that runs directly inside your terminal.

Instead of manually writing commands, scripts, or debugging issues, you can simply describe what you want — and Copilot executes it.

Here’s the shift:

Traditional CLI	Copilot CLI
You write commands	You describe intent
You debug manually	AI suggests fixes
You search docs	AI brings context

For Cloud and DevOps engineers, this becomes extremely powerful because most of our work already happens in:

CLI (Azure CLI, Bash, PowerShell)
Infrastructure as Code (Terraform)
Pipelines (CI/CD)

Copilot CLI sits right in the middle of all this.

Why This Matters for Cloud & DevOps

Here’s the thing — DevOps work is repetitive and context-heavy.

You constantly:

Write Azure CLI commands
Debug IAC (Infrastructure as Code) issues
Fix pipeline failures
Check logs and configs

Copilot CLI reduces this friction.

Example

Instead of:

az group create --name my-rg --location eastus

You can say:

Create a resource group in Azure named my-rg in East US

And it generates + executes the command.

Now scale this to:

Multi-region deployments
App Gateway configs
Terraform modules

That’s where it becomes a real productivity multiplier.

Setting Up GitHub Copilot CLI

Prerequisites

GitHub Copilot Subscription:
Active subscription required, including Individual, Business, or Enterprise plans with proper licensing
Supported Operating Systems:
Supports Windows, macOS, and Linux for consistent development across major platforms
Software Version Requirements:
Node.js version 22+, npm version 10+, and PowerShell 6+ on Windows necessary for npm-based installation

Installation

Cross-Platform Installation:
Installing via npm provides a global Copilot CLI setup working consistently on Windows, macOS, and Linux
macOS and Linux Installation:
Homebrew allows easy Copilot CLI installation on macOS and Linux with a single command
Windows Installation:
WinGet enables native Windows package management for seamless Copilot CLI installation
System PATH Integration:
All installation methods add Copilot CLI to system PATH for immediate terminal access

npm install -g github/copilot

Login

copilot auth login

Start CLI

copilot

When you start, it will ask permission to trust the directory — this is important because it:

Reads files
Modifies code
Executes commands

How to Use Copilot CLI (Real DevOps Examples)

Let’s move beyond basics.

🔹 Azure CLI Usage

Create an Azure App Service with Linux runtime and Node.js

Update an Application Gateway backend pool using az cli

Delete all resources in this resource group safely

🔹 Terraform Usage

Create a Terraform module for Azure VNet with 3 subnets

Fix issues in @main.tf

Explain this Terraform code and suggest improvements

🔹 Pipeline Debugging

Analyze this Azure DevOps pipeline YAML and fix errors

Why is this deployment failing?

🔹 File Context Usage

Explain @variables.tf

Optimize azure-pipelines.yml

🔹 Built-in Commands

/review     → Code review
/context    → Current context
/usage      → Token usage
/compact    → Optimize memory

5. Advantages of using Github Copilot CLI
Less Context Switching

No need to jump between:
Docs
Terminal
Browser

Faster Troubleshooting

It understands:
Errors
Logs
Config files

Infrastructure Automation

You can:
Generate Terraform/Bicep or any IAC code
Write Azure CLI scripts
Automate deployments

Acts Like an Agent

Not just suggestions — it can:
Execute commands
Modify files
Run workflows

MCP (Model Context Protocol) – The Real Power

This is where things get interesting.

MCP allows Copilot to connect with external systems.

👉 Think: APIs, documentation servers, automation tools

🔷 MCP Architecture (Diagram)

Adding MCP Servers

You can extend Copilot using MCP servers.

Add MCP Server (Interactive)

/mcp add

Provide:

Name
Type (local or HTTP)
Command or URL

Example: Local MCP Server

npx @playwright/mcp@latest

Example: Remote MCP Server

https://mcp.context7.com/mcp

Config File Method

📁 ~/.copilot/mcp-config.json

{
"mcpServers": {
    "docs": {
      "type": "http",
      "url": "https://mcp.context7.com/mcp",
      "tools": ["*"]
    }
}
}

Manage MCP Servers

/mcp show
/mcp edit docs
/mcp enable docs
/mcp disable docs

Real DevOps Use Case

You can connect:

Azure documentation APIs
Internal tools
Monitoring systems

Then ask:

Fetch latest Azure App Gateway documentation

CLI Workflow (How It Actually Works)

User Prompt
   ↓
Copilot CLI understands intent
   ↓
Reads files / context
   ↓
(Optional) Uses MCP tools
   ↓
Generates + executes commands
   ↓
Returns result

Adding Skills (Underrated Feature)

Skills = reusable workflows.

Think of them like:

Predefined automation
Standardized instructions
Tool integrations

Example Skills

Run security scans
Validate pipelines
Analyze logs

How Skills Work

They are defined using:

Instruction files
Agent configurations
Repo-level context

Copilot automatically picks them when relevant.

Customizing Copilot CLI

Config File

📁 ~/.copilot/config.json

What You Can Control

Permissions
Execution behavior
Tool access
Logging

Recommended: Custom Instructions

We can create custom instructions which our copilot will follow while taking actions on our promps.

📁 .github/copilot-instructions.md

Example:

- Always use Terraform for infrastructure
- Prefer Azure CLI for automation
- Follow naming convention: env-app-region
- Use managed identity where possible

This ensures:

Consistency
Best practices
Governance

Real-World UseCase Scenario

You can find the sample instruction files and skills in my https://github.com/ibrahimbaig12345/GHCP_CLI_DEMO repo.

A POC for storage account with private endpoints:
We simply enter a prompt to create the storage account; it will take all the details from its custom instructions file and generate a .sh file to execute the relevant cmds for the resource creation.

Using Skills to do a routine Security Scan of the Azure Subscription:
You can give a simple prompt like "Can you help me with a quick security scan of my current azure subscription"

You can check the result as shown above.