Create Webroles

Name: Create Webroles
Author: microsoft

microsoft/power-platform-skills

Generate a correctly formatted Power Pages web-role YAML file with a new UUID after the code site has been deployed at least once.

Overview

Create Webroles is an agent skill for the Build phase that writes a validated web-role YAML file (with UUID) into a Power Pages code site’s `.powerpages-site/web-roles` directory.

Install

npx skills add https://github.com/microsoft/power-platform-skills --skill create-webroles

What is this skill?

CLI script accepts `--projectRoot`, `--name`, and optional `--anonymous` / `--authenticated` flags
Validates that the web-roles directory exists before writing YAML
Generates a UUID via shared `generate-uuid` helper
Returns JSON `{ id, filePath }` on stdout; validation errors go to stderr with exit code 1
Requires at least one prior site deploy so `.powerpages-site/web-roles` exists

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 77 installs on skills.sh; 349 GitHub stars; 3/3 security scanners passed (skills.sh audits).

What problem does it solve?

You need a new Power Pages web role on disk but want to avoid manual YAML mistakes and inconsistent IDs.

Who is it for?

Power Pages code-site repos that already have `.powerpages-site/web-roles` after an initial deployment.

Skip if: Greenfield sites that have never been deployed, or teams that need full role-matrix design without a generator script.

When should I use this skill?

Creating a web role YAML for a Power Pages code site when `.powerpages-site/web-roles` already exists.

What do I get? / Deliverables

A new web-role YAML file lands in the project with a generated UUID and JSON confirmation of `id` and `filePath` for downstream deploy or review.

Web-role YAML file under `.powerpages-site/web-roles`
Stdout JSON with `id` and `filePath`

Recommended Skills

Azure Deploymicrosoft/azure-skills

Azure Deploy is a Microsoft agent skill that executes cloud releases for applications that are already planned and valid…374k installs·1.2k stars

Azure Preparemicrosoft/azure-skills

Azure Prepare is Microsoft's skill for getting applications ready to run on Azure—writing the deployment plan, generatin…374k installs·1.2k stars

Azure Storagemicrosoft/azure-skills

Azure Storage skill helps agents pick the right Azure storage service—Blob for objects, Files for SMB shares, Queues for…374k installs·1.2k stars

Azure Validatemicrosoft/azure-skills

Microsoft-guided preflight validation for Azure deployments including IaC, identity, and service-specific readiness.374k installs·1.2k stars

Appinsights Instrumentationmicrosoft/azure-skills

appinsights-instrumentation is a Microsoft Azure-skills package that walks solo builders through enabling Application In…374k installs·1.2k stars

Azure Resource Lookupmicrosoft/azure-skills

Azure Resource Lookup is a Microsoft agent skill that helps solo builders and small teams answer “what do I have in Azur…373k installs·1.2k stars

Journey fit

Primary fit

BuildIntegrations & version control

Web roles are configuration artifacts for Power Pages code sites—created while wiring access control during product build, not during idea or launch SEO work. The skill integrates with the `.powerpages-site/web-roles` folder and Power Pages deployment layout, which is platform connector and site-structure work.

How it compares

A focused file generator—not a full Power Pages security or portal provisioning workflow.

Common Questions / FAQ

Who is create-webroles for?

Solo builders and indie teams maintaining Power Pages as code who add web roles programmatically alongside agents or CI.

When should I use create-webroles?

During Build integrations work when you are defining anonymous or authenticated web roles and the site’s web-roles folder already exists from a prior deploy.

Is create-webroles safe to install?

It writes files under your project root; review the Security Audits panel on this page and run it only on trusted repos with backups.

SKILL.md

READMESKILL.md - Create Webroles

#!/usr/bin/env node

// Creates a web role YAML file for Power Pages code sites.
// Generates UUID, validates inputs, writes correctly-formatted YAML.
//
// Usage:
//   node create-web-role.js --projectRoot <path> --name <string> [--anonymous] [--authenticated]
//
// Output (JSON to stdout):
//   { "id": "<uuid>", "filePath": "<path>" }
//
// Exits with code 1 on validation errors (messages to stderr).

const fs = require('fs');
const path = require('path');
const generateUuid = require(path.join(__dirname, '..', '..', '..', 'scripts', 'generate-uuid'));

// --- CLI arg parsing ---

const args = process.argv.slice(2);

function getArg(name) {
  const idx = args.indexOf(`--${name}`);
  return idx !== -1 && idx + 1 < args.length ? args[idx + 1] : null;
}

function hasFlag(name) {
  return args.includes(`--${name}`);
}

const projectRoot = getArg('projectRoot');
const roleName = getArg('name');
const isAnonymous = hasFlag('anonymous');
const isAuthenticated = hasFlag('authenticated');

// --- Validation ---

if (!projectRoot || !roleName) {
  console.error('Usage: node create-web-role.js --projectRoot <path> --name <string> [--anonymous] [--authenticated]');
  process.exit(1);
}

const webRolesDir = path.join(projectRoot, '.powerpages-site', 'web-roles');
if (!fs.existsSync(webRolesDir)) {
  console.error(`Error: Web roles directory not found at ${webRolesDir}`);
  console.error('The site must be deployed at least once before web roles can be created.');
  process.exit(1);
}

// --- Helpers ---

function writeYaml(fields) {
  const keys = Object.keys(fields).sort();
  return keys.map(k => `${k}: ${fields[k]}`).join('\n') + '\n';
}

// --- Create web role ---

const uuid = generateUuid();

const fields = {
  anonymoususersrole: isAnonymous,
  authenticatedusersrole: isAuthenticated,
  id: uuid,
  name: roleName,
};

const yamlContent = writeYaml(fields);

// File name: kebab-case with .yml extension (matching create-webroles skill convention)
const fileName = `${roleName.toLowerCase().replace(/\s+/g, '-')}.webrole.yml`;
const filePath = path.join(webRolesDir, fileName);

fs.writeFileSync(filePath, yamlContent, 'utf8');

const result = { id: uuid, filePath: filePath };
process.stdout.write(JSON.stringify(result));


#!/usr/bin/env node

// Validates that new web role YAML files were created in .powerpages-site/web-roles/.
// Runs as a Stop hook to verify the skill produced output.

const path = require('path');
const { approve, block, runValidation, findPowerPagesSiteDir } = require('../../../scripts/lib/validation-helpers');
const { validateWebRoles } = require('../../../scripts/lib/web-roles-validator');

runValidation((cwd) => {
  const webRolesDir = findPowerPagesSiteDir(cwd, 'web-roles');
  if (!webRolesDir) approve(); // No .powerpages-site found — not a web roles session

  const validation = validateWebRoles(path.resolve(webRolesDir, '..', '..'));
  const webRoleFiles = validation.webRoles;
  if (webRoleFiles && webRoleFiles.length === 0) {
    block('Web roles validation failed:\n- No web role YAML files found in .powerpages-site/web-roles/');
  }
  const errors = validation.findings
    .filter(finding => finding.severity === 'error')
    .map(finding => finding.filePath ? `${finding.message} (${path.basename(finding.filePath)})` : finding.message);

  if (errors.length > 0) {
    block('Web roles validation failed:\n- ' + errors.join('\n- '));
  }

  approve();
});


---
name: create-webroles
description: >-
  Creates and configures web roles for a Power Pages code site. Web roles control access
  and permissions for site users, including authenticated and anonymous roles. Use when the
  user wants to create, add, set up, or manage web roles for their site.
user-invocable: true
allowed-tools: Read, Write, Bash, Grep, Glob, AskUserQuestion, Task, TaskCreate, TaskUpdate, TaskList
model: opus
---

> **Plugin check**: Run `node "${CLAUDE_PLUGIN_ROOT}/scripts/check-version.js"` — if it outputs a message, show it to the user b

What is this skill?

CLI script accepts `--projectRoot`, `--name`, and optional `--anonymous` / `--authenticated` flags

Validates that the web-roles directory exists before writing YAML

Generates a UUID via shared `generate-uuid` helper

Returns JSON `{ id, filePath }` on stdout; validation errors go to stderr with exit code 1

Requires at least one prior site deploy so `.powerpages-site/web-roles` exists

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 77 installs on skills.sh; 349 GitHub stars; 3/3 security scanners passed (skills.sh audits).

Journey fit

Primary fit

BuildIntegrations & version control

SKILL.md

READMESKILL.md - Create Webroles

#!/usr/bin/env node

// Creates a web role YAML file for Power Pages code sites.
// Generates UUID, validates inputs, writes correctly-formatted YAML.
//
// Usage:
//   node create-web-role.js --projectRoot <path> --name <string> [--anonymous] [--authenticated]
//
// Output (JSON to stdout):
//   { "id": "<uuid>", "filePath": "<path>" }
//
// Exits with code 1 on validation errors (messages to stderr).

const fs = require('fs');
const path = require('path');
const generateUuid = require(path.join(__dirname, '..', '..', '..', 'scripts', 'generate-uuid'));

// --- CLI arg parsing ---

const args = process.argv.slice(2);

function getArg(name) {
  const idx = args.indexOf(`--${name}`);
  return idx !== -1 && idx + 1 < args.length ? args[idx + 1] : null;
}

function hasFlag(name) {
  return args.includes(`--${name}`);
}

const projectRoot = getArg('projectRoot');
const roleName = getArg('name');
const isAnonymous = hasFlag('anonymous');
const isAuthenticated = hasFlag('authenticated');

// --- Validation ---

if (!projectRoot || !roleName) {
  console.error('Usage: node create-web-role.js --projectRoot <path> --name <string> [--anonymous] [--authenticated]');
  process.exit(1);
}

const webRolesDir = path.join(projectRoot, '.powerpages-site', 'web-roles');
if (!fs.existsSync(webRolesDir)) {
  console.error(`Error: Web roles directory not found at ${webRolesDir}`);
  console.error('The site must be deployed at least once before web roles can be created.');
  process.exit(1);
}

// --- Helpers ---

function writeYaml(fields) {
  const keys = Object.keys(fields).sort();
  return keys.map(k => `${k}: ${fields[k]}`).join('\n') + '\n';
}

// --- Create web role ---

const uuid = generateUuid();

const fields = {
  anonymoususersrole: isAnonymous,
  authenticatedusersrole: isAuthenticated,
  id: uuid,
  name: roleName,
};

const yamlContent = writeYaml(fields);

// File name: kebab-case with .yml extension (matching create-webroles skill convention)
const fileName = `${roleName.toLowerCase().replace(/\s+/g, '-')}.webrole.yml`;
const filePath = path.join(webRolesDir, fileName);

fs.writeFileSync(filePath, yamlContent, 'utf8');

const result = { id: uuid, filePath: filePath };
process.stdout.write(JSON.stringify(result));


#!/usr/bin/env node

// Validates that new web role YAML files were created in .powerpages-site/web-roles/.
// Runs as a Stop hook to verify the skill produced output.

const path = require('path');
const { approve, block, runValidation, findPowerPagesSiteDir } = require('../../../scripts/lib/validation-helpers');
const { validateWebRoles } = require('../../../scripts/lib/web-roles-validator');

runValidation((cwd) => {
  const webRolesDir = findPowerPagesSiteDir(cwd, 'web-roles');
  if (!webRolesDir) approve(); // No .powerpages-site found — not a web roles session

  const validation = validateWebRoles(path.resolve(webRolesDir, '..', '..'));
  const webRoleFiles = validation.webRoles;
  if (webRoleFiles && webRoleFiles.length === 0) {
    block('Web roles validation failed:\n- No web role YAML files found in .powerpages-site/web-roles/');
  }
  const errors = validation.findings
    .filter(finding => finding.severity === 'error')
    .map(finding => finding.filePath ? `${finding.message} (${path.basename(finding.filePath)})` : finding.message);

  if (errors.length > 0) {
    block('Web roles validation failed:\n- ' + errors.join('\n- '));
  }

  approve();
});


---
name: create-webroles
description: >-
  Creates and configures web roles for a Power Pages code site. Web roles control access
  and permissions for site users, including authenticated and anonymous roles. Use when the
  user wants to create, add, set up, or manage web roles for their site.
user-invocable: true
allowed-tools: Read, Write, Bash, Grep, Glob, AskUserQuestion, Task, TaskCreate, TaskUpdate, TaskList
model: opus
---

> **Plugin check**: Run `node "${CLAUDE_PLUGIN_ROOT}/scripts/check-version.js"` — if it outputs a message, show it to the user b

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is create-webroles for?

When should I use create-webroles?

Is create-webroles safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is create-webroles for?

When should I use create-webroles?

Is create-webroles safe to install?

SKILL.md