voidomin/azure-keyvault-keys-rust
skills/azure-keyvault-keys-rust/SKILL.md
Azure Key Vault Keys SDK for Rust. Use for creating, managing, and using cryptographic keys. Triggers: "keyvault keys rust", "KeyClient rust", "create key rust", "encrypt rust", "sign rust".
tools
Updated Apr 19, 2026
$ install --global
skillsauthnpx skillsauth add voidomin/Param_Adventures_Phase2 azure-keyvault-keys-rustInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 4, 2026, 4:23 PM174.9s1 file scanned
SKILL.md
- name:
- azure-keyvault-keys-rust
- description:
- Azure Key Vault Keys SDK for Rust. Use for creating, managing, and using cryptographic keys. Triggers: "keyvault keys rust", "KeyClient rust", "create key rust", "encrypt rust", "sign rust".
- risk:
- unknown
- source:
- community
- date_added:
- 2026-02-27
Azure Key Vault Keys SDK for Rust
Client library for Azure Key Vault Keys — secure storage and management of cryptographic keys.
Installation
cargo add azure_security_keyvault_keys azure_identity
Environment Variables
AZURE_KEYVAULT_URL=https://<vault-name>.vault.azure.net/
Authentication
use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_keys::KeyClient;
let credential = DeveloperToolsCredential::new(None)?;
let client = KeyClient::new(
"https://<vault-name>.vault.azure.net/",
credential.clone(),
None,
)?;
Key Types
| Type | Description | |------|-------------| | RSA | RSA keys (2048, 3072, 4096 bits) | | EC | Elliptic curve keys (P-256, P-384, P-521) | | RSA-HSM | HSM-protected RSA keys | | EC-HSM | HSM-protected EC keys |
Core Operations
Get Key
let key = client
.get_key("key-name", None)
.await?
.into_model()?;
println!("Key ID: {:?}", key.key.as_ref().map(|k| &k.kid));
Create Key
use azure_security_keyvault_keys::models::{CreateKeyParameters, KeyType};
let params = CreateKeyParameters {
kty: KeyType::Rsa,
key_size: Some(2048),
..Default::default()
};
let key = client
.create_key("key-name", params.try_into()?, None)
.await?
.into_model()?;
Create EC Key
use azure_security_keyvault_keys::models::{CreateKeyParameters, KeyType, CurveName};
let params = CreateKeyParameters {
kty: KeyType::Ec,
curve: Some(CurveName::P256),
..Default::default()
};
let key = client
.create_key("ec-key", params.try_into()?, None)
.await?
.into_model()?;
Delete Key
client.delete_key("key-name", None).await?;
List Keys
use azure_security_keyvault_keys::ResourceExt;
use futures::TryStreamExt;
let mut pager = client.list_key_properties(None)?.into_stream();
while let Some(key) = pager.try_next().await? {
let name = key.resource_id()?.name;
println!("Key: {}", name);
}
Backup Key
let backup = client.backup_key("key-name", None).await?;
// Store backup.value safely
Restore Key
use azure_security_keyvault_keys::models::RestoreKeyParameters;
let params = RestoreKeyParameters {
key_bundle_backup: backup_bytes,
};
client.restore_key(params.try_into()?, None).await?;
Cryptographic Operations
Key Vault can perform crypto operations without exposing the private key:
// For cryptographic operations, use the key's operations
// Available operations depend on key type and permissions:
// - encrypt/decrypt (RSA)
// - sign/verify (RSA, EC)
// - wrapKey/unwrapKey (RSA)
Best Practices
- Use Entra ID auth —
DeveloperToolsCredentialfor dev,ManagedIdentityCredentialfor production - Use HSM keys for sensitive workloads — hardware-protected keys
- Use EC for signing — more efficient than RSA
- Use RSA for encryption — when encrypting data
- Backup keys — for disaster recovery
- Enable soft delete — required for production vaults
- Use key rotation — create new versions periodically
RBAC Permissions
Assign these Key Vault roles:
Key Vault Crypto User— use keys for crypto operationsKey Vault Crypto Officer— full CRUD on keys
Reference Links
| Resource | Link | |----------|------| | API Reference | https://docs.rs/azure_security_keyvault_keys | | Source Code | https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/keyvault/azure_security_keyvault_keys | | crates.io | https://crates.io/crates/azure_security_keyvault_keys |
When to Use
This skill is applicable to execute the workflow or actions described in the overview.
Related Skills
voidomin/canvas-design
documentation
VerifiedTrustedCommunity
Create beautiful visual art in .png and .pdf documents using design philosophy. You should use this skill when the user asks to create a poster, piece of art, design, or other static piece. Create ...
SKILL.mdUpdated Apr 19, 2026
voidomin/canva-automation
tools
VerifiedTrustedCommunity
Automate Canva tasks via Rube MCP (Composio): designs, exports, folders, brand templates, autofill. Always search tools first for current schemas.
SKILL.mdUpdated Apr 19, 2026
voidomin/calendly-automation
tools
VerifiedTrustedCommunity
Automate Calendly scheduling, event management, invitee tracking, availability checks, and organization administration via Rube MCP (Composio). Always search tools first for current schemas.
SKILL.mdUpdated Apr 19, 2026
voidomin/cal-com-automation
tools
VerifiedTrustedCommunity
Automate Cal.com tasks via Rube MCP (Composio): manage bookings, check availability, configure webhooks, and handle teams. Always search tools first for current schemas.
SKILL.mdUpdated Apr 19, 2026