Antigravity-awesome-skills azure-keyvault-certificates-rust
install
source · Clone the upstream repo
git clone https://github.com/benjaminasterA/antigravity-awesome-skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/benjaminasterA/antigravity-awesome-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/azure-keyvault-certificates-rust" ~/.claude/skills/benjaminastera-antigravity-awesome-skills-azure-keyvault-certificates-rust && rm -rf "$T"
manifest:
skills/azure-keyvault-certificates-rust/SKILL.mdsource content
Azure Key Vault Certificates SDK for Rust
Client library for Azure Key Vault Certificates — secure storage and management of certificates.
Installation
cargo add azure_security_keyvault_certificates azure_identity
Environment Variables
AZURE_KEYVAULT_URL=https://<vault-name>.vault.azure.net/
Authentication
use azure_identity::DeveloperToolsCredential; use azure_security_keyvault_certificates::CertificateClient; let credential = DeveloperToolsCredential::new(None)?; let client = CertificateClient::new( "https://<vault-name>.vault.azure.net/", credential.clone(), None, )?;
Core Operations
Get Certificate
use azure_core::base64; let certificate = client .get_certificate("certificate-name", None) .await? .into_model()?; println!( "Thumbprint: {:?}", certificate.x509_thumbprint.map(base64::encode_url_safe) );
Create Certificate
use azure_security_keyvault_certificates::models::{ CreateCertificateParameters, CertificatePolicy, IssuerParameters, X509CertificateProperties, }; let policy = CertificatePolicy { issuer_parameters: Some(IssuerParameters { name: Some("Self".into()), ..Default::default() }), x509_certificate_properties: Some(X509CertificateProperties { subject: Some("CN=example.com".into()), ..Default::default() }), ..Default::default() }; let params = CreateCertificateParameters { certificate_policy: Some(policy), ..Default::default() }; let operation = client .create_certificate("cert-name", params.try_into()?, None) .await?;
Import Certificate
use azure_security_keyvault_certificates::models::ImportCertificateParameters; let params = ImportCertificateParameters { base64_encoded_certificate: Some(base64_cert_data), password: Some("optional-password".into()), ..Default::default() }; let certificate = client .import_certificate("cert-name", params.try_into()?, None) .await? .into_model()?;
Delete Certificate
client.delete_certificate("certificate-name", None).await?;
List Certificates
use azure_security_keyvault_certificates::ResourceExt; use futures::TryStreamExt; let mut pager = client.list_certificate_properties(None)?.into_stream(); while let Some(cert) = pager.try_next().await? { let name = cert.resource_id()?.name; println!("Certificate: {}", name); }
Get Certificate Policy
let policy = client .get_certificate_policy("certificate-name", None) .await? .into_model()?;
Update Certificate Policy
use azure_security_keyvault_certificates::models::UpdateCertificatePolicyParameters; let params = UpdateCertificatePolicyParameters { // Update policy properties ..Default::default() }; client .update_certificate_policy("cert-name", params.try_into()?, None) .await?;
Certificate Lifecycle
- Create — generates new certificate with policy
- Import — import existing PFX/PEM certificate
- Get — retrieve certificate (public key only)
- Update — modify certificate properties
- Delete — soft delete (recoverable)
- Purge — permanent deletion
Best Practices
- Use Entra ID auth —
for devDeveloperToolsCredential - Use managed certificates — auto-renewal with supported issuers
- Set proper validity period — balance security and maintenance
- Use certificate policies — define renewal and key properties
- Monitor expiration — set up alerts for expiring certificates
- Enable soft delete — required for production vaults
RBAC Permissions
Assign these Key Vault roles:
— full CRUD on certificatesKey Vault Certificates Officer
— read certificate metadataKey Vault Reader
Reference Links
When to Use
This skill is applicable to execute the workflow or actions described in the overview.