Azure Dedicated HSM is a fully customer managed Hardware Security Module (HSM) that is provisioned in the Azure datacenter. The HSM appliance is dedicated to the customer and connected to private address space and Microsoft has no access to the cryptographic functionality or management of the HSM. It is designed to meet highly regulated or compliance requirements and protect cryptographic functions. Applications that access Azure Dedicated HSM require third party Thales client tools and SDKs to access HSM contents. VNET peering can be used to connect Azure virtual networks and cross-region via VPN Gateway.