azure-keyvault-keys-rust

仓库: sickn33/antigravity-awesome-skills
安装量: 41
排名: #17690

安装

npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill azure-keyvault-keys-rust

Azure Key Vault Keys SDK for Rust Client library for Azure Key Vault Keys — secure storage and management of cryptographic keys. Installation cargo add azure_security_keyvault_keys azure_identity Environment Variables AZURE_KEYVAULT_URL = https:// < vault-name

.vault.azure.net/ Authentication use azure_identity :: DeveloperToolsCredential ; use azure_security_keyvault_keys :: KeyClient ; let credential = DeveloperToolsCredential :: new ( None ) ? ; let client = KeyClient :: new ( "https://.vault.azure.net/" , credential . clone ( ) , None , ) ? ; Key Types Type Description RSA RSA keys (2048, 3072, 4096 bits) EC Elliptic curve keys (P-256, P-384, P-521) RSA-HSM HSM-protected RSA keys EC-HSM HSM-protected EC keys Core Operations Get Key let key = client . get_key ( "key-name" , None ) . await ? . into_model ( ) ? ; println! ( "Key ID: {:?}" , key . key . as_ref ( ) . map ( | k | & k . kid ) ) ; Create Key use azure_security_keyvault_keys :: models :: { CreateKeyParameters , KeyType } ; let params = CreateKeyParameters { kty : KeyType :: Rsa , key_size : Some ( 2048 ) , .. Default :: default ( ) } ; let key = client . create_key ( "key-name" , params . try_into ( ) ? , None ) . await ? . into_model ( ) ? ; Create EC Key use azure_security_keyvault_keys :: models :: { CreateKeyParameters , KeyType , CurveName } ; let params = CreateKeyParameters { kty : KeyType :: Ec , curve : Some ( CurveName :: P256 ) , .. Default :: default ( ) } ; let key = client . create_key ( "ec-key" , params . try_into ( ) ? , None ) . await ? . into_model ( ) ? ; Delete Key client . delete_key ( "key-name" , None ) . await ? ; List Keys use azure_security_keyvault_keys :: ResourceExt ; use futures :: TryStreamExt ; let mut pager = client . list_key_properties ( None ) ? . into_stream ( ) ; while let Some ( key ) = pager . try_next ( ) . await ? { let name = key . resource_id ( ) ? . name ; println! ( "Key: {}" , name ) ; } Backup Key let backup = client . backup_key ( "key-name" , None ) . await ? ; // Store backup.value safely Restore Key use azure_security_keyvault_keys :: models :: RestoreKeyParameters ; let params = RestoreKeyParameters { key_bundle_backup : backup_bytes , } ; client . restore_key ( params . try_into ( ) ? , None ) . await ? ; Cryptographic Operations Key Vault can perform crypto operations without exposing the private key: // For cryptographic operations, use the key's operations // Available operations depend on key type and permissions: // - encrypt/decrypt (RSA) // - sign/verify (RSA, EC) // - wrapKey/unwrapKey (RSA) Best Practices Use Entra ID auth — DeveloperToolsCredential for dev, ManagedIdentityCredential for production Use HSM keys for sensitive workloads — hardware-protected keys Use EC for signing — more efficient than RSA Use RSA for encryption — when encrypting data Backup keys — for disaster recovery Enable soft delete — required for production vaults Use key rotation — create new versions periodically RBAC Permissions Assign these Key Vault roles: Key Vault Crypto User — use keys for crypto operations Key Vault Crypto Officer — full CRUD on keys Reference Links Resource Link API Reference https://docs.rs/azure_security_keyvault_keys Source Code https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/keyvault/azure_security_keyvault_keys crates.io https://crates.io/crates/azure_security_keyvault_keys When to Use This skill is applicable to execute the workflow or actions described in the overview.

返回排行榜