Azure Key Vault is a Microsoft-managed service providing cloud keys, secrets, and certificate storage and utility that is highly available, secure, durable, scalable, and redundant.
Libraries for resource management
To manage your Azure Key Vault resources via the Azure Resource Manager, you would use the below package.
|@azure/arm-keyvault||API Reference for @azure/arm-keyvault|
Libraries for data access
There are three packages to work with Key Vault keys, secrets and certificates respectively.
A fourth package,
@azure/keyvault-admin (still in preview) is also available for administrative tasks on your Key Vault instance.
These packages have the below features:
- Key Vault Keys
- Create keys using elliptic curve or RSA encryption, optionally backed by Hardware Security Modules (HSM).
- Import, delete and update keys.
- Get one or more keys and deleted keys.
- Recover a deleted key and restore a backed up key.
- Get the versions and the attributes of a key.
- Encrypting, decrypting, signing, verifying, wrapping and unwrapping data with keys.
- Key Vault Secrets
- Get, set and delete a secret.
- Update a secret and it's attributes.
- Backup and restore a secret.
- Get, purge or recover a deleted secret.
- Get all the versions of a secret, or secrets, or deleted secrets.
- Key Vault Certificates
- Get, set and delete a certificate.
- Update a certificate, its attributes, issuer, policy, operation and contacts.
- Backup and restore a certificate.
- Get, purge or recover a deleted certificate.
- Get all the versions of a certificate, or certificates, or deleted certificates.