Microsoft Security Product Hub

Azure Dedicated HSM


Azure Dedicated HSM is a fully customer managed Hardware Security Module (HSM) that is provisioned in the Azure datacenter. The HSM appliance is dedicated to the customer and connected to private address space and Microsoft has no access to the cryptographic functionality or management of the HSM. It is designed to meet highly regulated or compliance requirements and protect cryptographic functions. Applications that access Azure Dedicated HSM require third party Thales client tools and SDKs to access HSM contents. VNET peering can be used to connect Azure virtual networks and cross-region via VPN Gateway.


  • Support for highly regulated services that meet FIPS 140-2 Level 3 cryptographic module security requirements
  • Fully self managed HSM, hosted in an Azure datacenter
  • No access by Microsoft to any administration or cryptographic functionality
Secure Remote Work
Zero Trust