[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"skill-fee05c78-d1e7-46a2-bcd4-64ec68d9cbdd":3,"$fKytlzZ-iIRjxkDqrI90zO-xXnFYPghyLqIT4cM_tYns":42},{"id":4,"title":5,"description":6,"categoryId":7,"moduleId":8,"tags":9,"prompt":10,"icon":11,"source":12,"sourceUrl":13,"authorId":14,"authorName":15,"isPublic":16,"stars":17,"runs":18,"createdAt":19,"updatedAt":19,"module":20,"category":27,"packages":33},"fee05c78-d1e7-46a2-bcd4-64ec68d9cbdd","azure-security-keyvault-secrets-java","Azure Key Vault 密钥管理 Java SDK。用于存储、检索或管理密码、API密钥、连接字符串或其他敏感配置数据。","cat_coding_backend","mod_coding","sickn33,coding","---\nname: azure-security-keyvault-secrets-java\ndescription: \"Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.\"\nrisk: unknown\nsource: community\ndate_added: \"2026-02-27\"\n---\n\n# Azure Key Vault Secrets (Java)\n\nSecurely store and manage secrets like passwords, API keys, and connection strings.\n\n## Installation\n\n```xml\n\u003Cdependency>\n \u003CgroupId>com.azure\u003C\u002FgroupId>\n \u003CartifactId>azure-security-keyvault-secrets\u003C\u002FartifactId>\n \u003Cversion>4.9.0\u003C\u002Fversion>\n\u003C\u002Fdependency>\n```\n\n## Client Creation\n\n```java\nimport com.azure.security.keyvault.secrets.SecretClient;\nimport com.azure.security.keyvault.secrets.SecretClientBuilder;\nimport com.azure.identity.DefaultAzureCredentialBuilder;\n\n\u002F\u002F Sync client\nSecretClient secretClient = new SecretClientBuilder()\n .vaultUrl(\"https:\u002F\u002F\u003Cvault-name>.vault.azure.net\")\n .credential(new DefaultAzureCredentialBuilder().build())\n .buildClient();\n\n\u002F\u002F Async client\nSecretAsyncClient secretAsyncClient = new SecretClientBuilder()\n .vaultUrl(\"https:\u002F\u002F\u003Cvault-name>.vault.azure.net\")\n .credential(new DefaultAzureCredentialBuilder().build())\n .buildAsyncClient();\n```\n\n## Create\u002FSet Secret\n\n```java\nimport com.azure.security.keyvault.secrets.models.KeyVaultSecret;\n\n\u002F\u002F Simple secret\nKeyVaultSecret secret = secretClient.setSecret(\"database-password\", \"P@ssw0rd123!\");\nSystem.out.println(\"Secret name: \" + secret.getName());\nSystem.out.println(\"Secret ID: \" + secret.getId());\n\n\u002F\u002F Secret with options\nKeyVaultSecret secretWithOptions = secretClient.setSecret(\n new KeyVaultSecret(\"api-key\", \"sk_live_abc123xyz\")\n .setProperties(new SecretProperties()\n .setContentType(\"application\u002Fjson\")\n .setExpiresOn(OffsetDateTime.now().plusYears(1))\n .setNotBefore(OffsetDateTime.now())\n .setEnabled(true)\n .setTags(Map.of(\n \"environment\", \"production\",\n \"service\", \"payment-api\"\n ))\n )\n);\n```\n\n## Get Secret\n\n```java\n\u002F\u002F Get latest version\nKeyVaultSecret secret = secretClient.getSecret(\"database-password\");\nString value = secret.getValue();\nSystem.out.println(\"Secret value: \" + value);\n\n\u002F\u002F Get specific version\nKeyVaultSecret specificVersion = secretClient.getSecret(\"database-password\", \"\u003Cversion-id>\");\n\n\u002F\u002F Get only properties (no value)\nSecretProperties props = secretClient.getSecret(\"database-password\").getProperties();\nSystem.out.println(\"Enabled: \" + props.isEnabled());\nSystem.out.println(\"Created: \" + props.getCreatedOn());\n```\n\n## Update Secret Properties\n\n```java\n\u002F\u002F Get secret\nKeyVaultSecret secret = secretClient.getSecret(\"api-key\");\n\n\u002F\u002F Update properties (cannot update value - create new version instead)\nsecret.getProperties()\n .setEnabled(false)\n .setExpiresOn(OffsetDateTime.now().plusMonths(6))\n .setTags(Map.of(\"status\", \"rotating\"));\n\nSecretProperties updated = secretClient.updateSecretProperties(secret.getProperties());\nSystem.out.println(\"Updated: \" + updated.getUpdatedOn());\n```\n\n## List Secrets\n\n```java\nimport com.azure.core.util.paging.PagedIterable;\nimport com.azure.security.keyvault.secrets.models.SecretProperties;\n\n\u002F\u002F List all secrets (properties only, no values)\nfor (SecretProperties secretProps : secretClient.listPropertiesOfSecrets()) {\n System.out.println(\"Secret: \" + secretProps.getName());\n System.out.println(\" Enabled: \" + secretProps.isEnabled());\n System.out.println(\" Created: \" + secretProps.getCreatedOn());\n System.out.println(\" Content-Type: \" + secretProps.getContentType());\n \n \u002F\u002F Get value if needed\n if (secretProps.isEnabled()) {\n KeyVaultSecret fullSecret = secretClient.getSecret(secretProps.getName());\n System.out.println(\" Value: \" + fullSecret.getValue().substring(0, 5) + \"...\");\n }\n}\n\n\u002F\u002F List versions of a secret\nfor (SecretProperties version : secretClient.listPropertiesOfSecretVersions(\"database-password\")) {\n System.out.println(\"Version: \" + version.getVersion());\n System.out.println(\"Created: \" + version.getCreatedOn());\n System.out.println(\"Enabled: \" + version.isEnabled());\n}\n```\n\n## Delete Secret\n\n```java\nimport com.azure.core.util.polling.SyncPoller;\nimport com.azure.security.keyvault.secrets.models.DeletedSecret;\n\n\u002F\u002F Begin delete (returns poller for soft-delete enabled vaults)\nSyncPoller\u003CDeletedSecret, Void> deletePoller = secretClient.beginDeleteSecret(\"old-secret\");\n\n\u002F\u002F Wait for deletion\nDeletedSecret deletedSecret = deletePoller.poll().getValue();\nSystem.out.println(\"Deleted on: \" + deletedSecret.getDeletedOn());\nSystem.out.println(\"Scheduled purge: \" + deletedSecret.getScheduledPurgeDate());\n\ndeletePoller.waitForCompletion();\n```\n\n## Recover Deleted Secret\n\n```java\n\u002F\u002F List deleted secrets\nfor (DeletedSecret deleted : secretClient.listDeletedSecrets()) {\n System.out.println(\"Deleted: \" + deleted.getName());\n System.out.println(\"Deletion date: \" + deleted.getDeletedOn());\n}\n\n\u002F\u002F Recover deleted secret\nSyncPoller\u003CKeyVaultSecret, Void> recoverPoller = secretClient.beginRecoverDeletedSecret(\"old-secret\");\nrecoverPoller.waitForCompletion();\n\nKeyVaultSecret recovered = recoverPoller.getFinalResult();\nSystem.out.println(\"Recovered: \" + recovered.getName());\n```\n\n## Purge Deleted Secret\n\n```java\n\u002F\u002F Permanently delete (cannot be recovered)\nsecretClient.purgeDeletedSecret(\"old-secret\");\n\n\u002F\u002F Get deleted secret info first\nDeletedSecret deleted = secretClient.getDeletedSecret(\"old-secret\");\nSystem.out.println(\"Will purge: \" + deleted.getName());\nsecretClient.purgeDeletedSecret(\"old-secret\");\n```\n\n## Backup and Restore\n\n```java\n\u002F\u002F Backup secret (all versions)\nbyte[] backup = secretClient.backupSecret(\"important-secret\");\n\n\u002F\u002F Save to file\nFiles.write(Paths.get(\"secret-backup.blob\"), backup);\n\n\u002F\u002F Restore from backup\nbyte[] backupData = Files.readAllBytes(Paths.get(\"secret-backup.blob\"));\nKeyVaultSecret restored = secretClient.restoreSecretBackup(backupData);\nSystem.out.println(\"Restored: \" + restored.getName());\n```\n\n## Async Operations\n\n```java\nSecretAsyncClient asyncClient = new SecretClientBuilder()\n .vaultUrl(\"https:\u002F\u002F\u003Cvault>.vault.azure.net\")\n .credential(new DefaultAzureCredentialBuilder().build())\n .buildAsyncClient();\n\n\u002F\u002F Set secret async\nasyncClient.setSecret(\"async-secret\", \"async-value\")\n .subscribe(\n secret -> System.out.println(\"Created: \" + secret.getName()),\n error -> System.out.println(\"Error: \" + error.getMessage())\n );\n\n\u002F\u002F Get secret async\nasyncClient.getSecret(\"async-secret\")\n .subscribe(secret -> System.out.println(\"Value: \" + secret.getValue()));\n\n\u002F\u002F List secrets async\nasyncClient.listPropertiesOfSecrets()\n .doOnNext(props -> System.out.println(\"Found: \" + props.getName()))\n .subscribe();\n```\n\n## Configuration Patterns\n\n### Load Multiple Secrets\n\n```java\npublic class ConfigLoader {\n private final SecretClient client;\n \n public ConfigLoader(String vaultUrl) {\n this.client = new SecretClientBuilder()\n .vaultUrl(vaultUrl)\n .credential(new DefaultAzureCredentialBuilder().build())\n .buildClient();\n }\n \n public Map\u003CString, String> loadSecrets(List\u003CString> secretNames) {\n Map\u003CString, String> secrets = new HashMap\u003C>();\n for (String name : secretNames) {\n try {\n KeyVaultSecret secret = client.getSecret(name);\n secrets.put(name, secret.getValue());\n } catch (ResourceNotFoundException e) {\n System.out.println(\"Secret not found: \" + name);\n }\n }\n return secrets;\n }\n}\n\n\u002F\u002F Usage\nConfigLoader loader = new ConfigLoader(\"https:\u002F\u002Fmy-vault.vault.azure.net\");\nMap\u003CString, String> config = loader.loadSecrets(\n Arrays.asList(\"db-connection-string\", \"api-key\", \"jwt-secret\")\n);\n```\n\n### Secret Rotation Pattern\n\n```java\npublic void rotateSecret(String secretName, String newValue) {\n \u002F\u002F Get current secret\n KeyVaultSecret current = secretClient.getSecret(secretName);\n \n \u002F\u002F Disable old version\n current.getProperties().setEnabled(false);\n secretClient.updateSecretProperties(current.getProperties());\n \n \u002F\u002F Create new version with new value\n KeyVaultSecret newSecret = secretClient.setSecret(secretName, newValue);\n System.out.println(\"Rotated to version: \" + newSecret.getProperties().getVersion());\n}\n```\n\n## Error Handling\n\n```java\nimport com.azure.core.exception.HttpResponseException;\nimport com.azure.core.exception.ResourceNotFoundException;\n\ntry {\n KeyVaultSecret secret = secretClient.getSecret(\"my-secret\");\n System.out.println(\"Value: \" + secret.getValue());\n} catch (ResourceNotFoundException e) {\n System.out.println(\"Secret not found\");\n} catch (HttpResponseException e) {\n int status = e.getResponse().getStatusCode();\n if (status == 403) {\n System.out.println(\"Access denied - check permissions\");\n } else if (status == 429) {\n System.out.println(\"Rate limited - retry later\");\n } else {\n System.out.println(\"HTTP error: \" + status);\n }\n}\n```\n\n## Secret Properties\n\n| Property | Description |\n|----------|-------------|\n| `name` | Secret name |\n| `value` | Secret value (string) |\n| `id` | Full identifier URL |\n| `contentType` | MIME type hint |\n| `enabled` | Whether secret can be retrieved |\n| `notBefore` | Activation time |\n| `expiresOn` | Expiration time |\n| `createdOn` | Creation timestamp |\n| `updatedOn` | Last update timestamp |\n| `recoveryLevel` | Soft-delete recovery level |\n| `tags` | User-defined metadata |\n\n## Environment Variables\n\n```bash\nAZURE_KEYVAULT_URL=https:\u002F\u002F\u003Cvault-name>.vault.azure.net\n```\n\n## Best Practices\n\n1. **Enable Soft Delete** - Protects against accidental deletion\n2. **Use Tags** - Tag secrets with environment, service, owner\n3. **Set Expiration** - Use `setExpiresOn()` for credentials that should rotate\n4. **Content Type** - Set `contentType` to indicate format (e.g., `application\u002Fjson`)\n5. **Version Management** - Don't delete old versions immediately during rotation\n6. **Access Logging** - Enable diagnostic logging on Key Vault\n7. **Least Privilege** - Use separate vaults for different environments\n\n## Common Secret Types\n\n```java\n\u002F\u002F Database connection string\nsecretClient.setSecret(new KeyVaultSecret(\"db-connection\", \n \"Server=myserver.database.windows.net;Database=mydb;...\")\n .setProperties(new SecretProperties()\n .setContentType(\"text\u002Fplain\")\n .setTags(Map.of(\"type\", \"connection-string\"))));\n\n\u002F\u002F API key\nsecretClient.setSecret(new KeyVaultSecret(\"stripe-api-key\", \"sk_live_...\")\n .setProperties(new SecretProperties()\n .setContentType(\"text\u002Fplain\")\n .setExpiresOn(OffsetDateTime.now().plusYears(1))));\n\n\u002F\u002F JSON configuration\nsecretClient.setSecret(new KeyVaultSecret(\"app-config\", \n \"{\\\"endpoint\\\":\\\"https:\u002F\u002F...\\\",\\\"key\\\":\\\"...\\\"}\")\n .setProperties(new SecretProperties()\n .setContentType(\"application\u002Fjson\")));\n\n\u002F\u002F Certificate password\nsecretClient.setSecret(new KeyVaultSecret(\"cert-password\", \"CertP@ss!\")\n .setProperties(new SecretProperties()\n .setContentType(\"text\u002Fplain\")\n .setTags(Map.of(\"certificate\", \"my-cert\"))));\n```\n\n## Trigger Phrases\n\n- \"Key Vault secrets Java\", \"secret management Java\"\n- \"store password\", \"store API key\", \"connection string\"\n- \"retrieve secret\", \"rotate secret\"\n- \"Azure secrets\", \"vault secrets\"\n\n## When to Use\nThis skill is applicable to execute the workflow or actions described in the overview.\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.\n","","imported","https:\u002F\u002Fgithub.com\u002Fsickn33\u002Fantigravity-awesome-skills","user_system_seed","SkillOPIC",true,174,818,"2026-05-16 13:07:40",{"id":8,"name":21,"slug":22,"icon":23,"description":24,"sort":25,"createdAt":26},"编程开发","coding","mdi-code-braces","代码生成、调试、审查,提升开发效率",2,"2026-05-16 12:53:40",{"id":7,"name":28,"slug":29,"icon":30,"description":31,"moduleId":8,"sort":25,"skillCount":32,"createdAt":26},"后端开发","backend","mdi-server","API、数据库、服务端架构",296,[34],{"id":35,"skillId":4,"version":36,"fileName":37,"fileSize":38,"filePath":39,"fileHash":40,"manifest":41,"createdAt":19},"69c946d3-6a68-454e-b5b8-d4e2beeef069","1.0.0","azure-security-keyvault-secrets-java.zip",3624,"uploads\u002Fskills\u002Ffee05c78-d1e7-46a2-bcd4-64ec68d9cbdd\u002Fazure-security-keyvault-secrets-java.zip","ef5c8e782ae7c718ec8312dd0b4de9dd6125336d09ac22c2b1ec60fd7f44531b","[{\"path\":\"SKILL.md\",\"isDirectory\":false,\"size\":11852}]",{"code":43,"message":44,"data":45},200,"success",{"items":46,"stats":47,"page":50},[],{"averageRating":48,"totalRatings":48,"ratingCounts":49},0,[48,48,48,48,48],{"limit":51,"offset":48,"hasMore":52,"nextOffset":51,"ratedOnly":16},15,false]