適用於 Node.js 的 Azure Key Vault 模組Azure Key Vault modules for Node.js

Azure 金鑰保存庫可協助保護雲端應用程式和服務所使用的密碼編譯金鑰和密碼。Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services. 使用金鑰保存庫之後,您可以加密金鑰和密碼 (例如驗證金鑰、儲存體帳戶金鑰、資料加密金鑰、.PFX 檔案和密碼),方法是使用受硬體安全模組 (HSM) 保護的金鑰。By using Key Vault, you can encrypt keys and secrets (such as authentication keys, storage account keys, data encryption keys, .PFX files, and passwords) by using keys that are protected by hardware security modules (HSMs). 為了加強保證,您可以在 HSM 中匯入或產生金鑰。For added assurance, you can import or generate keys in HSMs. 如果您選擇這麼做,Microsoft 會在進行過 FIPS 140-2 Level 2 驗證的 HSM (硬體和韌體) 中處理您的金鑰。If you choose to do this, Microsoft processes your keys in FIPS 140-2 Level 2 validated HSMs (hardware and firmware).

金鑰保存庫簡化了金鑰管理程序,並可讓您控管存取和加密資料的金鑰。Key Vault streamlines the key management process and enables you to maintain control of keys that access and encrypt your data. 開發人員可以在幾分鐘內建立開發和測試的金鑰,然後順利地將他們移轉至生產金鑰。Developers can create keys for development and testing in minutes, and then seamlessly migrate them to production keys. 安全性系統管理員可以視需要授與 (和撤銷) 存取金鑰的權限。Security administrators can grant (and revoke) permission to keys, as needed.

管理套件Management Package

安裝 npm 模組Install the npm module

安裝 Azure Key Vault npm 模組Install the Azure Key Vault npm module

npm install azure-arm-keyvault

範例Example

此範例會在 Azure 中建立新的 Key Vault 服務。This example creates a new Key Vault service in Azure.

const msRestAzure = require('ms-rest-azure');
const KeyVaultManagementClient = require('azure-arm-keyvault');

const subscriptionId = 'your-subscription-id';
const resourceGroup = 'your-resource-group';
const vaultName = 'your-new-vault';
const tenantGUID = 'your-tenant-guid';

// Interactive Login
let client;
msRestAzure
  .interactiveLogin()
  .then(credentials => {
    client = new KeyVaultManagementClient(credentials, subscriptionId);
    return client.vaults.list();
  })
  .then(vaults => {
    console.dir(vaults, { depth: null, colors: true });
    const parameters = {
      location: 'East US',
      properties: {
        sku: { family: 'A', name: 'standard' },
        accessPolicies: [],
        enabledForDeployment: false,
        tenantId: tenantGUID
      }
    };
    console.info('Creating vault ${vaultName} ...');
    return client.vaults.createOrUpdate(resourceGroup, vaultName, parameters);
  })
  .then(vault => console.dir(vault, { depth: null, colors: true }))
  .catch(err => {
    console.log('An error occured');
    console.dir(err, { depth: null, colors: true });
    return err;
  });

範例Samples

深入探索可在應用程式中使用的 Node.js 程式碼範例Explore more sample Node.js code you can use in your apps.