首页 / 全部技能 / azure-keyvault-certificates-rust
A

Skill 详情

azure-keyvault-certificates-rust

Azure Key Vault Certificates SDK for Rust. Use for creating, importing, and managing certificates.

来源平台:GitHub
来源标识:sickn33/antigravity-awesome-skills
源文件:原始说明
AI 平台与模型 超热门 GitHub 中 风险 下载 1.95万Stars 3.68万 GitHub Copilot
来源平台GitHub
文档版本SKILL.md
热度超热门
排名信号下载 1.95万
概述 安装 文档 下载

快速判断

Azure Key Vault Certificates SDK for Rust. Use for creating, importing, and managing certificates.

最后校验2026-05-27
来源平台GitHub
安全提示
下载副本ZIP 可用

适合任务

  • 把重复任务整理成可复用的 AI 操作流程。
  • 让 AI 在特定场景下按统一规范执行。
  • 为团队或个人工作流提供可复制的任务说明。

输入与输出

输入:任务目标、上下文材料、文件路径、约束条件或需要处理的内容。

输出:按 Skill 说明生成的文档、代码、检查结果、计划、建议或操作步骤。

示例任务

  • 使用 azure-keyvault-certificates-rust 帮我处理当前任务,并说明执行前需要确认的输入。
  • 根据 azure-keyvault-certificates-rust 的说明,给我一个安全的使用步骤清单。

安装方式

  1. 下载本站提供的 Skill ZIP 并解压。
  2. 把解压后的 Skill 目录放入当前 AI 工具支持的 skills 目录。
  3. 如需在线查看原始内容,可打开 GitHub 的 SKILL.md

在线原始地址:azure-keyvault-certificates-rust/SKILL.md

风险边界

使用前请检查权限、外部依赖和要处理的数据类型。不要把密码、密钥、身份信息或敏感客户资料交给未经确认的 Skill。

SKILL.md 文档介绍

Azure Key Vault Certificates SDK for Rust

Client library for Azure Key Vault Certificates — secure storage and management of certificates.

Installation

cargo add azure_security_keyvault_certificates azure_identity

Environment Variables

AZURE_KEYVAULT_URL=https://<vault-name>.vault.azure.net/

Authentication

use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_certificates::CertificateClient;

let credential = DeveloperToolsCredential::new(None)?;
let client = CertificateClient::new(
    "https://<vault-name>.vault.azure.net/",
    credential.clone(),
    None,
)?;

Core Operations

Get Certificate

use azure_core::base64;

let certificate = client
    .get_certificate("certificate-name", None)
    .await?
    .into_model()?;

println!(
    "Thumbprint: {:?}",
    certificate.x509_thumbprint.map(base64::encode_url_safe)
);

Create Certificate

use azure_security_keyvault_certificates::models::{
    CreateCertificateParameters, CertificatePolicy,
    IssuerParameters, X509CertificateProperties,
};

let policy = CertificatePolicy {
    issuer_parameters: Some(IssuerParameters {
        name: Some("Self".into()),
        ..Default::default()
    }),
    x509_certificate_properties: Some(X509CertificateProperties {
        subject: Some("CN=example.com".into()),
        ..Default::default()
    }),
    ..Default::default()
};

let params = CreateCertificateParameters {
    certificate_policy: Some(policy),
    ..Default::default()
};

let operation = client
    .create_certificate("cert-name", params.try_into()?, None)
    .await?;

Import Certificate

use azure_security_keyvault_certificates::models::ImportCertificateParameters;

let params = ImportCertificateParameters {
    base64_encoded_certificate: Some(base64_cert_data),
    password: Some("optional-password".into()),
    ..Default::default()
};

let certificate = client
    .import_certificate("cert-name", params.try_into()?, None)
    .await?
    .into_model()?;

Delete Certificate

client.delete_certificate("certificate-name", None).await?;

List Certificates

use azure_security_keyvault_certificates::ResourceExt;
use futures::TryStreamExt;

let mut pager = client.list_certificate_properties(None)?.into_stream();
while let Some(cert) = pager.try_next().await? {
    let name = cert.resource_id()?.name;
    println!("Certificate: {}", name);
}

Get Certificate Policy

let policy = client
    .get_certificate_policy("certificate-name", None)
    .await?
    .into_model()?;

Update Certificate Policy

use azure_security_keyvault_certificates::models::UpdateCertificatePolicyParameters;

let params = UpdateCertificatePolicyParameters {
    // Update policy properties
    ..Default::default()
};

client
    .update_certificate_policy("cert-name", params.try_into()?, None)
    .await?;

Certificate Lifecycle

1. Create — generates new certificate with policy

2. Import — import existing PFX/PEM certificate

3. Get — retrieve certificate (public key only)

4. Update — modify certificate properties

5. Delete — soft delete (recoverable)

6. Purge — permanent deletion

Best Practices

1. Use Entra ID authDeveloperToolsCredential for dev

2. Use managed certificates — auto-renewal with supported issuers

3. Set proper validity period — balance security and maintenance

4. Use certificate policies — define renewal and key properties

5. Monitor expiration — set up alerts for expiring certificates

6. Enable soft delete — required for production vaults

RBAC Permissions

Assign these Key Vault roles:

  • Key Vault Certificates Officer — full CRUD on certificates
  • Key Vault Reader — read certificate metadata

Reference Links

| Resource | Link |

|----------|------|

| API Reference | https://docs.rs/azure_security_keyvault_certificates |

| Source Code | https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/keyvault/azure_security_keyvault_certificates |

| crates.io | https://crates.io/crates/azure_security_keyvault_certificates |

When to Use

This skill is applicable to execute the workflow or actions described in the overview.

Limitations

  • Use this skill only when the task clearly matches the scope described above.
  • Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
  • Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.
建议反馈