Azure Key Vault is a Microsoft-managed service providing cloud keys, secrets, and certificate storage and utility that is highly available, secure, durable, scalable, and redundant.
To manage your Azure Key Vault resources via the Azure Resource Manager, you would use the below package.
NPM Package | Reference |
---|---|
@azure/arm-keyvault | API Reference for @azure/arm-keyvault |
There are three packages to work with Key Vault keys, secrets and certificates respectively.
A fourth package, @azure/keyvault-admin
is also available for administrative tasks on your Key Vault instance.
- Key Vault Keys
- Create keys using elliptic curve or RSA encryption, optionally backed by Hardware Security Modules (HSM).
- Import, delete and update keys.
- Get one or more keys and deleted keys.
- Recover a deleted key and restore a backed up key.
- Get the versions and the attributes of a key.
- Encrypting, decrypting, signing, verifying, wrapping and unwrapping data with keys.
- Key Vault Secrets
- Get, set and delete a secret.
- Update a secret and it's attributes.
- Backup and restore a secret.
- Get, purge or recover a deleted secret.
- Get all the versions of a secret, or secrets, or deleted secrets.
- Key Vault Certificates
- Get, set and delete a certificate.
- Update a certificate, its attributes, issuer, policy, operation and contacts.
- Backup and restore a certificate.
- Get, purge or recover a deleted certificate.
- Get all the versions of a certificate, or certificates, or deleted certificates.
- Key Vault Admin
- Get, set, list, and delete Key Vault RBAC (Role-Based Access Control) role assignments.
- Get, set, list, and delete Key Vault RBAC (Role-Based Access Control) role definitions.
- Backup and restore Azure Key Vault Managed HSM instances, including selective restore of specific keys.