陌讯skills聚合平台

azure-identity-rust

📁 microsoft/skills 📅 8 days ago
0
总安装量
2
周安装量
#55807
全站排名
安装命令
npx skills add https://github.com/microsoft/skills --skill azure-identity-rust

Agent 安装分布

opencode 1
gemini-cli 1
claude-code 1
github-copilot 1
codex 1
kimi-cli 1

Skill 文档

Azure Identity SDK for Rust

Authentication library for Azure SDK clients using Microsoft Entra ID (formerly Azure AD).

Installation

cargo add azure_identity

Environment Variables

# Service Principal (for production/CI)
AZURE_TENANT_ID=<your-tenant-id>
AZURE_CLIENT_ID=<your-client-id>
AZURE_CLIENT_SECRET=<your-client-secret>

# User-assigned Managed Identity (optional)
AZURE_CLIENT_ID=<managed-identity-client-id>

DeveloperToolsCredential

The recommended credential for local development. Tries developer tools in order (Azure CLI, Azure Developer CLI):

use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_secrets::SecretClient;

let credential = DeveloperToolsCredential::new(None)?;
let client = SecretClient::new(
    "https://my-vault.vault.azure.net/",
    credential.clone(),
    None,
)?;

Credential Chain Order

Order Credential Environment
1 AzureCliCredential az login
2 AzureDeveloperCliCredential azd auth login

Credential Types

Credential Usage
DeveloperToolsCredential Local development – tries CLI tools
ManagedIdentityCredential Azure VMs, App Service, Functions, AKS
WorkloadIdentityCredential Kubernetes workload identity
ClientSecretCredential Service principal with secret
ClientCertificateCredential Service principal with certificate
AzureCliCredential Direct Azure CLI auth
AzureDeveloperCliCredential Direct azd CLI auth
AzurePipelinesCredential Azure Pipelines service connection
ClientAssertionCredential Custom assertions (federated identity)

ManagedIdentityCredential

For Azure-hosted resources:

use azure_identity::ManagedIdentityCredential;

// System-assigned managed identity
let credential = ManagedIdentityCredential::new(None)?;

// User-assigned managed identity
let options = ManagedIdentityCredentialOptions {
    client_id: Some("<user-assigned-mi-client-id>".into()),
    ..Default::default()
};
let credential = ManagedIdentityCredential::new(Some(options))?;

ClientSecretCredential

For service principal with secret:

use azure_identity::ClientSecretCredential;

let credential = ClientSecretCredential::new(
    "<tenant-id>".into(),
    "<client-id>".into(),
    "<client-secret>".into(),
    None,
)?;

Best Practices

  1. Use DeveloperToolsCredential for local dev — automatically picks up Azure CLI
  2. Use ManagedIdentityCredential in production — no secrets to manage
  3. Clone credentials — credentials are Arc-wrapped and cheap to clone
  4. Reuse credential instances — same credential can be used with multiple clients
  5. Use tokio feature — cargo add azure_identity --features tokio

Reference Links

Resource Link
API Reference https://docs.rs/azure_identity
Source Code https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/identity/azure_identity
crates.io https://crates.io/crates/azure_identity
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。