benjaminastera/skills/azure-keyvault-certificates-rust
skills/azure-keyvault-certificates-rust/SKILL.md
--- name: azure-keyvault-certificates-rust description: "|" Azure Key Vault Certificates SDK for Rust. Use for creating, importing, and managing certificates. Triggers: "keyvault certificates rust", "CertificateClient rust", "create certificate rust", "import certificate rust". package: azure_security_keyvault_certificates risk: unknown source: community --- # Azure Key Vault Certificates SDK for Rust Client library for Azure Key Vault Certificates — secure storage and management of certif
$ install --global
skillsauthnpx skillsauth add benjaminastera/antigravity-awesome-skills skills/azure-keyvault-certificates-rustInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 2:54 AM73.0s1 file scanned
SKILL.md
- name:
- azure-keyvault-certificates-rust
- description:
- |
- Triggers:
- keyvault certificates rust", "CertificateClient rust", "create certificate rust", "import certificate rust".
- package:
- azure_security_keyvault_certificates
- risk:
- unknown
- source:
- community
Azure Key Vault Certificates SDK for Rust
Client library for Azure Key Vault Certificates — secure storage and management of certificates.
Installation
cargo add azure_security_keyvault_certificates azure_identity
Environment Variables
AZURE_KEYVAULT_URL=https://<vault-name>.vault.azure.net/
Authentication
use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_certificates::CertificateClient;
let credential = DeveloperToolsCredential::new(None)?;
let client = CertificateClient::new(
"https://<vault-name>.vault.azure.net/",
credential.clone(),
None,
)?;
Core Operations
Get Certificate
use azure_core::base64;
let certificate = client
.get_certificate("certificate-name", None)
.await?
.into_model()?;
println!(
"Thumbprint: {:?}",
certificate.x509_thumbprint.map(base64::encode_url_safe)
);
Create Certificate
use azure_security_keyvault_certificates::models::{
CreateCertificateParameters, CertificatePolicy,
IssuerParameters, X509CertificateProperties,
};
let policy = CertificatePolicy {
issuer_parameters: Some(IssuerParameters {
name: Some("Self".into()),
..Default::default()
}),
x509_certificate_properties: Some(X509CertificateProperties {
subject: Some("CN=example.com".into()),
..Default::default()
}),
..Default::default()
};
let params = CreateCertificateParameters {
certificate_policy: Some(policy),
..Default::default()
};
let operation = client
.create_certificate("cert-name", params.try_into()?, None)
.await?;
Import Certificate
use azure_security_keyvault_certificates::models::ImportCertificateParameters;
let params = ImportCertificateParameters {
base64_encoded_certificate: Some(base64_cert_data),
password: Some("optional-password".into()),
..Default::default()
};
let certificate = client
.import_certificate("cert-name", params.try_into()?, None)
.await?
.into_model()?;
Delete Certificate
client.delete_certificate("certificate-name", None).await?;
List Certificates
use azure_security_keyvault_certificates::ResourceExt;
use futures::TryStreamExt;
let mut pager = client.list_certificate_properties(None)?.into_stream();
while let Some(cert) = pager.try_next().await? {
let name = cert.resource_id()?.name;
println!("Certificate: {}", name);
}
Get Certificate Policy
let policy = client
.get_certificate_policy("certificate-name", None)
.await?
.into_model()?;
Update Certificate Policy
use azure_security_keyvault_certificates::models::UpdateCertificatePolicyParameters;
let params = UpdateCertificatePolicyParameters {
// Update policy properties
..Default::default()
};
client
.update_certificate_policy("cert-name", params.try_into()?, None)
.await?;
Certificate Lifecycle
- Create — generates new certificate with policy
- Import — import existing PFX/PEM certificate
- Get — retrieve certificate (public key only)
- Update — modify certificate properties
- Delete — soft delete (recoverable)
- Purge — permanent deletion
Best Practices
- Use Entra ID auth —
DeveloperToolsCredentialfor dev - Use managed certificates — auto-renewal with supported issuers
- Set proper validity period — balance security and maintenance
- Use certificate policies — define renewal and key properties
- Monitor expiration — set up alerts for expiring certificates
- Enable soft delete — required for production vaults
RBAC Permissions
Assign these Key Vault roles:
Key Vault Certificates Officer— full CRUD on certificatesKey Vault Reader— read certificate metadata
Reference Links
| Resource | Link | |----------|------| | API Reference | https://docs.rs/azure_security_keyvault_certificates | | Source Code | https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/keyvault/azure_security_keyvault_certificates | | crates.io | https://crates.io/crates/azure_security_keyvault_certificates |
When to Use
This skill is applicable to execute the workflow or actions described in the overview.
Related Skills
benjaminastera/loki-mode
development
VerifiedTrustedCommunity
Multi-agent autonomous startup system for Claude Code. Triggers on "Loki Mode". Orchestrates 100+ specialized agents across engineering, QA, DevOps, security, data/ML, business operations,...
44SKILL.mdUpdated Apr 23, 2026
benjaminastera/llm-evaluation
testing
VerifiedTrustedCommunity
Implement comprehensive evaluation strategies for LLM applications using automated metrics, human feedback, and benchmarking. Use when testing LLM performance, measuring AI application quality, or ...
44SKILL.mdUpdated Apr 23, 2026
benjaminastera/llm-application-dev-prompt-optimize
development
VerifiedTrustedCommunity
You are an expert prompt engineer specializing in crafting effective prompts for LLMs through advanced techniques including constitutional AI, chain-of-thought reasoning, and model-specific optimizati
44SKILL.mdUpdated Apr 23, 2026
benjaminastera/llm-application-dev-langchain-agent
development
VerifiedTrustedCommunity
You are an expert LangChain agent developer specializing in production-grade AI systems using LangChain 0.1+ and LangGraph.
44SKILL.mdUpdated Apr 23, 2026