azure-keyvault-secrets-rust

Azure Key Vault Secrets SDK for Rust

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "azure-keyvault-secrets-rust" with this command: npx skills add claudedjale/skillset/claudedjale-skillset-azure-keyvault-secrets-rust

Azure Key Vault Secrets SDK for Rust

Client library for Azure Key Vault Secrets — secure storage for passwords, API keys, and other secrets.

Installation

cargo add azure_security_keyvault_secrets azure_identity

Environment Variables

AZURE_KEYVAULT_URL=https://<vault-name>.vault.azure.net/

Authentication

use azure_identity::DeveloperToolsCredential; use azure_security_keyvault_secrets::SecretClient;

let credential = DeveloperToolsCredential::new(None)?; let client = SecretClient::new( "https://<vault-name>.vault.azure.net/", credential.clone(), None, )?;

Core Operations

Get Secret

let secret = client .get_secret("secret-name", None) .await? .into_model()?;

println!("Secret value: {:?}", secret.value);

Set Secret

use azure_security_keyvault_secrets::models::SetSecretParameters;

let params = SetSecretParameters { value: Some("secret-value".into()), ..Default::default() };

let secret = client .set_secret("secret-name", params.try_into()?, None) .await? .into_model()?;

Update Secret Properties

use azure_security_keyvault_secrets::models::UpdateSecretPropertiesParameters; use std::collections::HashMap;

let params = UpdateSecretPropertiesParameters { content_type: Some("text/plain".into()), tags: Some(HashMap::from([("env".into(), "prod".into())])), ..Default::default() };

client .update_secret_properties("secret-name", params.try_into()?, None) .await?;

Delete Secret

client.delete_secret("secret-name", None).await?;

List Secrets

use azure_security_keyvault_secrets::ResourceExt; use futures::TryStreamExt;

let mut pager = client.list_secret_properties(None)?.into_stream(); while let Some(secret) = pager.try_next().await? { let name = secret.resource_id()?.name; println!("Secret: {}", name); }

Get Specific Version

use azure_security_keyvault_secrets::models::SecretClientGetSecretOptions;

let options = SecretClientGetSecretOptions { secret_version: Some("version-id".into()), ..Default::default() };

let secret = client .get_secret("secret-name", Some(options)) .await? .into_model()?;

Best Practices

  • Use Entra ID auth — DeveloperToolsCredential for dev, ManagedIdentityCredential for production

  • Use into_model()? — to deserialize responses

  • Use ResourceExt trait — for extracting names from IDs

  • Handle soft delete — deleted secrets can be recovered within retention period

  • Set content type — helps identify secret format

  • Use tags — for organizing and filtering secrets

  • Version secrets — new values create new versions automatically

RBAC Permissions

Assign these Key Vault roles:

  • Key Vault Secrets User — get and list

  • Key Vault Secrets Officer — full CRUD

Reference Links

Resource Link

API Reference https://docs.rs/azure_security_keyvault_secrets

Source Code https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/keyvault/azure_security_keyvault_secrets

crates.io https://crates.io/crates/azure_security_keyvault_secrets

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

azure-observability

No summary provided by upstream source.

Repository SourceNeeds Review
6-claudedjale
General

azure-appconfiguration-java

No summary provided by upstream source.

Repository SourceNeeds Review
5-claudedjale
General

copilot-sdk

No summary provided by upstream source.

Repository SourceNeeds Review
5-claudedjale
General

azure-compliance

No summary provided by upstream source.

Repository SourceNeeds Review
5-claudedjale