Azure Key Vault Managed HSM is generally available
Share
Services
Azure Key Vault Managed HSM (hardware security module) is now generally available.
Managed HSM offers a fully managed, highly available, single-tenant, high-throughput, standards-compliant cloud service to safeguard cryptographic keys for your cloud applications, using **FIPS 140-2 Level 3** validated HSMs.
Key features and benefits:
* **Fully managed, highly available, single-tenant, high-throughput HSM as a service**: You don’t need to provision, configure, patch and maintain HSMs for key management. Each HSM cluster uses a separate customer-specific security domain that cryptographically isolates your HSM cluster.
* **Access control, enhanced data protection and compliance**: Centralise key management and set permissions at key level granularity. Managed HSM uses FIPS 140-2 Level 3 validated HSMs to help you meet compliance requirements. Use private endpoints to connect securely and privately from your applications.
* **Integrated with Azure services**: Encrypt data at rest with a customer managed key in Managed HSM for [Azure Storage](https://docs.microsoft.com/azure/storage/common/encryption-customer-managed-keys), [Azure SQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/transparent-data-encryption-byok-overview) and [Azure Information Protection](https://docs.microsoft.com/azure/information-protection/byok-price-restrictions). Get complete logs of all activity via Azure Monitor and use Log Analytics for analytics and alerts. Some [third-party solutions](https://docs.microsoft.com/azure/key-vault/managed-hsm/third-party-solutions) are also integrated with Managed HSM.
* **Uses the same API as Key Vault**: Managed HSM allows you to store and manage HSM-keys for your cloud applications using the same Key Vault APIs, which means migrating from vaults to managed HSM pools is very simple.
We received feedback from customers all over the world spanning many industry segments during public preview. We are incorporating that feedback and will continue to add more features over the next few months to address key management, auto-rotation, multi-region higher availability, new key types and algorithms, and many more, including a pricing update.
Azure Key Vault Managed HSM is another service that is built on Azure’s confidential computing platform. Azure confidential computing protects the confidentiality and integrity of your data and code while it’s processed in the public cloud.
[Learn more about confidential computing](https://azure.microsoft.com/en-us/solutions/confidential-compute/).
Region availability:
* East US, West US, East US 2, Central US, South Central US, Canada Central
* North Europe, West Europe, UK South, Switzerland North, South Africa North
* Australia Central, Korea Central, Southeast Asia, East Asia
[Learn more](https://aka.ms/mhsm).
* Key Vault
* Azure Key Vault Managed HSM
* Compliance
* Features
* Services
* Security
* [ Key Vault](https://azure.microsoft.com/en-gb/products/key-vault/)
What else is happening at Microsoft Azure?
Read update
Services
Share
Generally Available: Storage account default maximum request rate limit increase to 40,000 requests per second
December 12th, 2024
Services
Share
Read update
Services
Share
Generally Available: Regional Disaster Recovery by Azure Backup for AKS
November 22nd, 2024
Services
Share
Generally Available: Enhancements on Azure Container Storage for performance, scalability, and operational insights
November 19th, 2024
Services
Share