Skill

azure-keyvault-secrets-rust

Manages Azure Key Vault secrets in Rust: authenticate with Entra ID, get/set/update/delete/list using SecretClient. Includes best practices.

Rust

Azure

security

backend

npx claudepluginhub microsoft/skills --plugin azure-sdk-rust

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Client library for Azure Key Vault Secrets — secure storage for passwords, API keys, and other secrets.

SKILL.md

Similar Skills

azure-keyvault-secrets-rust

36.7k

Manages Azure Key Vault secrets in Rust: authenticate with DeveloperToolsCredential, get/set/update/delete/list secrets, handle versions and tags.

antigravity-awesome-skills

azure-keyvault-keys-rust

2.0k

Manages cryptographic keys using Azure Key Vault Keys Rust SDK: create RSA/EC keys, encrypt/sign/verify, backup/restore securely without exposing private keys.

azure-sdk-rust

skill-lookup

159.9k

Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.

prompts.chat

Stats

Parent Repo Stars1964

Parent Repo Forks219

Last CommitApr 2, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Azure Key Vault Secrets SDK for Rust

Client library for Azure Key Vault Secrets — secure storage for passwords, API keys, and other secrets.

Installation

cargo add azure_security_keyvault_secrets azure_identity

Environment Variables

AZURE_KEYVAULT_URL=https://<vault-name>.vault.azure.net/

Authentication

use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_secrets::SecretClient;

let credential = DeveloperToolsCredential::new(None)?;
let client = SecretClient::new(
    "https://<vault-name>.vault.azure.net/",
    credential.clone(),
    None,
)?;

Core Operations

Get Secret

let secret = client
    .get_secret("secret-name", None)
    .await?
    .into_model()?;

println!("Secret value: {:?}", secret.value);

Set Secret

use azure_security_keyvault_secrets::models::SetSecretParameters;

let params = SetSecretParameters {
    value: Some("secret-value".into()),
    ..Default::default()
};

let secret = client
    .set_secret("secret-name", params.try_into()?, None)
    .await?
    .into_model()?;

Update Secret Properties

use azure_security_keyvault_secrets::models::UpdateSecretPropertiesParameters;
use std::collections::HashMap;

let params = UpdateSecretPropertiesParameters {
    content_type: Some("text/plain".into()),
    tags: Some(HashMap::from([("env".into(), "prod".into())])),
    ..Default::default()
};

client
    .update_secret_properties("secret-name", params.try_into()?, None)
    .await?;

Delete Secret

client.delete_secret("secret-name", None).await?;

List Secrets

use azure_security_keyvault_secrets::ResourceExt;
use futures::TryStreamExt;

let mut pager = client.list_secret_properties(None)?.into_stream();
while let Some(secret) = pager.try_next().await? {
    let name = secret.resource_id()?.name;
    println!("Secret: {}", name);
}

Get Specific Version

use azure_security_keyvault_secrets::models::SecretClientGetSecretOptions;

let options = SecretClientGetSecretOptions {
    secret_version: Some("version-id".into()),
    ..Default::default()
};

let secret = client
    .get_secret("secret-name", Some(options))
    .await?
    .into_model()?;

Best Practices

Use Entra ID auth — DeveloperToolsCredential for dev, ManagedIdentityCredential for production
Use into_model()? — to deserialize responses
Use ResourceExt trait — for extracting names from IDs
Handle soft delete — deleted secrets can be recovered within retention period
Set content type — helps identify secret format
Use tags — for organizing and filtering secrets
Version secrets — new values create new versions automatically

RBAC Permissions

Assign these Key Vault roles:

Key Vault Secrets User — get and list
Key Vault Secrets Officer — full CRUD

Reference Links

Resource	Link
API Reference	https://docs.rs/azure_security_keyvault_secrets
Source Code	https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/keyvault/azure_security_keyvault_secrets
crates.io	https://crates.io/crates/azure_security_keyvault_secrets