[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"skill-97b069cd-e4c0-4a68-9627-83a27bc8e84e":3,"$f05jozFOr538sLQMehXna8BAmufv-nfb-HTYrrjnJWPU":43},{"id":4,"title":5,"description":6,"categoryId":7,"moduleId":8,"tags":9,"prompt":10,"icon":11,"source":12,"sourceUrl":13,"authorId":14,"authorName":15,"isPublic":16,"stars":17,"runs":18,"createdAt":19,"updatedAt":19,"module":20,"category":27,"packages":34},"97b069cd-e4c0-4a68-9627-83a27bc8e84e","azure-keyvault-secrets-ts","使用Azure Key Vault Secrets SDK for JavaScript（@azure\u002Fkeyvault-secrets）管理密钥。用于存储和检索应用程序密钥或配置值。","cat_coding_devops","mod_coding","sickn33,coding","---\nname: azure-keyvault-secrets-ts\ndescription: \"Manage secrets using Azure Key Vault Secrets SDK for JavaScript (@azure\u002Fkeyvault-secrets). Use when storing and retrieving application secrets or configuration values.\"\nrisk: unknown\nsource: community\ndate_added: \"2026-02-27\"\n---\n\n# Azure Key Vault Secrets SDK for TypeScript\n\nManage secrets with Azure Key Vault.\n\n## Installation\n\n```bash\n# Secrets SDK\nnpm install @azure\u002Fkeyvault-secrets @azure\u002Fidentity\n```\n\n## Environment Variables\n\n```bash\nKEY_VAULT_URL=https:\u002F\u002F\u003Cvault-name>.vault.azure.net\n# Or\nAZURE_KEYVAULT_NAME=\u003Cvault-name>\n```\n\n## Authentication\n\n```typescript\nimport { DefaultAzureCredential } from \"@azure\u002Fidentity\";\nimport { SecretClient } from \"@azure\u002Fkeyvault-secrets\";\n\nconst credential = new DefaultAzureCredential();\nconst vaultUrl = `https:\u002F\u002F${process.env.AZURE_KEYVAULT_NAME}.vault.azure.net`;\n\nconst keyClient = new KeyClient(vaultUrl, credential);\nconst secretClient = new SecretClient(vaultUrl, credential);\n```\n\n## Secrets Operations\n\n### Create\u002FSet Secret\n\n```typescript\nconst secret = await secretClient.setSecret(\"MySecret\", \"secret-value\");\n\n\u002F\u002F With attributes\nconst secretWithAttrs = await secretClient.setSecret(\"MySecret\", \"value\", {\n  enabled: true,\n  expiresOn: new Date(\"2025-12-31\"),\n  contentType: \"application\u002Fjson\",\n  tags: { environment: \"production\" }\n});\n```\n\n### Get Secret\n\n```typescript\n\u002F\u002F Get latest version\nconst secret = await secretClient.getSecret(\"MySecret\");\nconsole.log(secret.value);\n\n\u002F\u002F Get specific version\nconst specificSecret = await secretClient.getSecret(\"MySecret\", {\n  version: secret.properties.version\n});\n```\n\n### List Secrets\n\n```typescript\nfor await (const secretProperties of secretClient.listPropertiesOfSecrets()) {\n  console.log(secretProperties.name);\n}\n\n\u002F\u002F List versions\nfor await (const version of secretClient.listPropertiesOfSecretVersions(\"MySecret\")) {\n  console.log(version.version);\n}\n```\n\n### Delete Secret\n\n```typescript\n\u002F\u002F Soft delete\nconst deletePoller = await secretClient.beginDeleteSecret(\"MySecret\");\nawait deletePoller.pollUntilDone();\n\n\u002F\u002F Purge (permanent)\nawait secretClient.purgeDeletedSecret(\"MySecret\");\n\n\u002F\u002F Recover\nconst recoverPoller = await secretClient.beginRecoverDeletedSecret(\"MySecret\");\nawait recoverPoller.pollUntilDone();\n```\n\n## Keys Operations\n\n### Create Keys\n\n```typescript\n\u002F\u002F Generic key\nconst key = await keyClient.createKey(\"MyKey\", \"RSA\");\n\n\u002F\u002F RSA key with size\nconst rsaKey = await keyClient.createRsaKey(\"MyRsaKey\", { keySize: 2048 });\n\n\u002F\u002F Elliptic Curve key\nconst ecKey = await keyClient.createEcKey(\"MyEcKey\", { curve: \"P-256\" });\n\n\u002F\u002F With attributes\nconst keyWithAttrs = await keyClient.createKey(\"MyKey\", \"RSA\", {\n  enabled: true,\n  expiresOn: new Date(\"2025-12-31\"),\n  tags: { purpose: \"encryption\" },\n  keyOps: [\"encrypt\", \"decrypt\", \"sign\", \"verify\"]\n});\n```\n\n### Get Key\n\n```typescript\nconst key = await keyClient.getKey(\"MyKey\");\nconsole.log(key.name, key.keyType);\n```\n\n### List Keys\n\n```typescript\nfor await (const keyProperties of keyClient.listPropertiesOfKeys()) {\n  console.log(keyProperties.name);\n}\n```\n\n### Rotate Key\n\n```typescript\n\u002F\u002F Manual rotation\nconst rotatedKey = await keyClient.rotateKey(\"MyKey\");\n\n\u002F\u002F Set rotation policy\nawait keyClient.updateKeyRotationPolicy(\"MyKey\", {\n  lifetimeActions: [{ action: \"Rotate\", timeBeforeExpiry: \"P30D\" }],\n  expiresIn: \"P90D\"\n});\n```\n\n### Delete Key\n\n```typescript\nconst deletePoller = await keyClient.beginDeleteKey(\"MyKey\");\nawait deletePoller.pollUntilDone();\n\n\u002F\u002F Purge\nawait keyClient.purgeDeletedKey(\"MyKey\");\n```\n\n## Cryptographic Operations\n\n### Create CryptographyClient\n\n```typescript\nimport { CryptographyClient } from \"@azure\u002Fkeyvault-keys\";\n\n\u002F\u002F From key object\nconst cryptoClient = new CryptographyClient(key, credential);\n\n\u002F\u002F From key ID\nconst cryptoClient = new CryptographyClient(key.id!, credential);\n```\n\n### Encrypt\u002FDecrypt\n\n```typescript\n\u002F\u002F Encrypt\nconst encryptResult = await cryptoClient.encrypt({\n  algorithm: \"RSA-OAEP\",\n  plaintext: Buffer.from(\"My secret message\")\n});\n\n\u002F\u002F Decrypt\nconst decryptResult = await cryptoClient.decrypt({\n  algorithm: \"RSA-OAEP\",\n  ciphertext: encryptResult.result\n});\n\nconsole.log(decryptResult.result.toString());\n```\n\n### Sign\u002FVerify\n\n```typescript\nimport { createHash } from \"node:crypto\";\n\n\u002F\u002F Create digest\nconst hash = createHash(\"sha256\").update(\"My message\").digest();\n\n\u002F\u002F Sign\nconst signResult = await cryptoClient.sign(\"RS256\", hash);\n\n\u002F\u002F Verify\nconst verifyResult = await cryptoClient.verify(\"RS256\", hash, signResult.result);\nconsole.log(\"Valid:\", verifyResult.result);\n```\n\n### Wrap\u002FUnwrap Keys\n\n```typescript\n\u002F\u002F Wrap a key (encrypt it for storage)\nconst wrapResult = await cryptoClient.wrapKey(\"RSA-OAEP\", Buffer.from(\"key-material\"));\n\n\u002F\u002F Unwrap\nconst unwrapResult = await cryptoClient.unwrapKey(\"RSA-OAEP\", wrapResult.result);\n```\n\n## Backup and Restore\n\n```typescript\n\u002F\u002F Backup\nconst keyBackup = await keyClient.backupKey(\"MyKey\");\nconst secretBackup = await secretClient.backupSecret(\"MySecret\");\n\n\u002F\u002F Restore (can restore to different vault)\nconst restoredKey = await keyClient.restoreKeyBackup(keyBackup!);\nconst restoredSecret = await secretClient.restoreSecretBackup(secretBackup!);\n```\n\n## Key Types\n\n```typescript\nimport {\n  KeyClient,\n  KeyVaultKey,\n  KeyProperties,\n  DeletedKey,\n  CryptographyClient,\n  KnownEncryptionAlgorithms,\n  KnownSignatureAlgorithms\n} from \"@azure\u002Fkeyvault-keys\";\n\nimport {\n  SecretClient,\n  KeyVaultSecret,\n  SecretProperties,\n  DeletedSecret\n} from \"@azure\u002Fkeyvault-secrets\";\n```\n\n## Error Handling\n\n```typescript\ntry {\n  const secret = await secretClient.getSecret(\"NonExistent\");\n} catch (error: any) {\n  if (error.code === \"SecretNotFound\") {\n    console.log(\"Secret does not exist\");\n  } else {\n    throw error;\n  }\n}\n```\n\n## Best Practices\n\n1. **Use DefaultAzureCredential** - Works across dev and production\n2. **Enable soft-delete** - Required for production vaults\n3. **Set expiration dates** - On both keys and secrets\n4. **Use key rotation policies** - Automate key rotation\n5. **Limit key operations** - Only grant needed operations (encrypt, sign, etc.)\n6. **Browser not supported** - These SDKs are Node.js only\n\n## When to Use\nThis skill is applicable to execute the workflow or actions described in the overview.\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.\n","","imported","https:\u002F\u002Fgithub.com\u002Fsickn33\u002Fantigravity-awesome-skills","user_system_seed","SkillOPIC",true,171,925,"2026-05-16 13:06:44",{"id":8,"name":21,"slug":22,"icon":23,"description":24,"sort":25,"createdAt":26},"编程开发","coding","mdi-code-braces","代码生成、调试、审查，提升开发效率",2,"2026-05-16 12:53:40",{"id":7,"name":28,"slug":29,"icon":30,"description":31,"moduleId":8,"sort":32,"skillCount":33,"createdAt":26},"DevOps","devops","mdi-cog-outline","CI\u002FCD、容器化、部署运维",3,162,[35],{"id":36,"skillId":4,"version":37,"fileName":38,"fileSize":39,"filePath":40,"fileHash":41,"manifest":42,"createdAt":19},"964ccdd1-ae2f-4042-ac59-6ebfc1d86dd0","1.0.0","azure-keyvault-secrets-ts.zip",2365,"uploads\u002Fskills\u002F97b069cd-e4c0-4a68-9627-83a27bc8e84e\u002Fazure-keyvault-secrets-ts.zip","a9d4a6a28b9e5009e99aa3b561eae383ac89d7f41dafddc6dae643722924f0a1","[{\"path\":\"SKILL.md\",\"isDirectory\":false,\"size\":6579}]",{"code":44,"message":45,"data":46},200,"success",{"items":47,"stats":48,"page":51},[],{"averageRating":49,"totalRatings":49,"ratingCounts":50},0,[49,49,49,49,49],{"limit":52,"offset":49,"hasMore":53,"nextOffset":52,"ratedOnly":16},15,false]