Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,309 questions
1 answer
One of the answers was accepted by the question author.
Why I cannot create keys in Azure Key Vault?
Hi I have encountered some problems when using Azure Key Vault. The Problem: I cannot create keys in Azure Key Vault, either a Key Vault key or a Key Vault key with HSM protection. Some try: I have checked that I am a privileged contributor within the…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 46%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
1 answer
(Unauthorized) Received token issued for incorrect tenant. Received tenant ID=XXXX, but expected tenant ID=YYYY when issuing Azure powershell commands
Hello, I'm trying to train for Azure HSM hardware implementation job and going through some of the Azure training. Specifically, I'm going through this part of some training and trying to create various keys mentioned using the Azure PS with the latest…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 92%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
1 answer
Why there is no AzureDiagnostics table for Azure Key Vault Managed HSM in Log Analytics workspace
AzureDiagnostics table is available for most resources in Azure and we can see log table in Log Analytics workspace. But for Azure Key Vault Managed HSM there is no AzureDiagnostics table in Log Analytics workspace. If I change scope in Log Analytics…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 28.000000000000004%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 23%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Hardware security module integration with Azure VMs
Is there any option available to connect a physical Hardware Security Module (HSM) to an Azure VM, or is the only option to use the Dedicated HSM in the Azure portal?
asked 2024-05-24T03:10:23.81+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 38%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVA%3C/text%3E%3C/svg%3E)
Vishnu Anand
185
Reputation points
edited a comment 2024-06-05T12:48:59.78+00:00
Vishnu Anand
185
Reputation points
1 answer
One of the answers was accepted by the question author.
Microsoft Sales hub for partners t
Hello, I am looking for a Microsoft Sales hub for partners to access powerpoint presentations for customers, as Azure Key Vault, and other Microsoft/Azure services, boiler plate information, competitive matrix, reference architecture etc.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
2 answers
Azure Dedicated HSM FIPS 140-2 Level 3 Proof
Our auditor is requesting the FIPS CMVP certificate that is used in the Azure Dedicated HSM. Can you provide us the certificate?
asked 2024-02-16T16:01:42.9133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 92%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sridharan, Sidhartha
10
Reputation points
commented 2024-02-28T21:55:15.67+00:00
JamesTran-MSFT
36,631
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Why Azure Managed HSM doesn't trust Azure Resource Manager.
Hi "Azure Managed HSM doesn't trust Azure Resource Manager by default. However, for environments where such risk is an acceptable tradeoff for the ease of use of the Azure portal and template deployments, Managed HSM offers a way for an…
asked 2024-01-31T13:55:10.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 16%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGH%3C/text%3E%3C/svg%3E)
Glenn Hunter
125
Reputation points Microsoft Employee
commented 2024-02-09T22:01:03.1766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT
36,861
Reputation points Microsoft Employee
1 answer
Is there a plan to use HSMs with a valid FIPS certificate that is not historical for HSM protected key vaults?
This Microsoft link shows that the HSM protected key vault uses HSMs with certificates that are historical. Key Vault service uses a mix of Thales nShield F2 6000+ and Marvell LiquidSecurity HSM cards in the backend for HSM functionality. They are…
asked 2023-05-08T20:23:21.9466667+00:00
Sridharan, Sidhartha
10
Reputation points
commented 2024-02-01T20:43:40.93+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 57.99999999999999%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHC%3C/text%3E%3C/svg%3E)
Harry, Christopher
20
Reputation points
2 answers
One of the answers was accepted by the question author.
I deleted an HSM in KeyVault but I'm still paying for it
Hi, One month ago, I created by mistake an HSM then removed it. Yesterday I got a recommendation saying that I don't have a backup for this resource. When clicking on the resource it says that the resource doesn't exist. In the activity log I can see…
asked 2023-08-10T13:01:07.94+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 14.000000000000002%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM3%3C/text%3E%3C/svg%3E)
MichelMassaro-3126
20
Reputation points
commented 2024-01-10T13:58:20.89+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 66%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVS%3C/text%3E%3C/svg%3E)
Veronica Segura
0
Reputation points Microsoft Employee
0 answers
About SDK information for Azure Dedicated HSM
We are considering using Azure Dedicated HSM. Is it possible to implement it in Java? If possible, could you please provide the SDK? Sincerely,
asked 2023-08-31T11:05:31.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 63%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
宮越 一稀
0
Reputation points
commented 2023-09-05T22:42:22.5266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
26,216
Reputation points Microsoft Employee
1 answer
Azure Dedicated HSM - custom cipher algorithm
We want to deploy a cloud data encryption service for symmetric encryption. We use our custom proprietary block cipher algorithm. Is there a way to use our own symmetric cipher code with Azure Dedicated HSM secure key storage and encryption service?
asked 2023-08-22T16:46:35.75+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 68%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
Darhani, David
0
Reputation points
commented 2023-08-29T16:30:03.4633333+00:00
JamesTran-MSFT
36,631
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
I deleted an HSM key vault, but I’m so far unable to purge that through PowerShell, please help!
Hi, I could really use assistance with purging an “HSM key vault” that I added to my Azure portal last week. I created the “HSM key vault” as part of an online video lesson I was going through, in preparation for the AZ-104 exam. However, I’ve been…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 10%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
0 answers
Managed HSM didn't deploy successfully. Can't delete it and it's maxing out my monthly subscription allowance
Hey there. I tried to add a Managed HSM to my subscription and it didn't deploy properly. Now I can't delete it yet it seems to be running and using up my monthly subscription allowance. I can't even log a service/bug request with Microsoft as it's…
asked 2023-08-10T15:08:49.79+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Marcus Serrao
1
Reputation point
commented 2023-08-14T11:53:24.6433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Sandeep G-MSFT
19,686
Reputation points Microsoft Employee
4 answers
One of the answers was accepted by the question author.
Difference- HSM protected keys in Vaults (VS) HSM-protected keys in Managed HSM
While creating Azure VMs, we can keep the SSE encryption keys using Customer Managed Keys. We have 2 options when storing these CMK keys in HSM namely ( i know azure keyvault software based also supports CMK, but that is not my question . Mine is…
asked 2023-02-27T12:55:45.9466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 71%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
MS Techie
2,701
Reputation points
answered 2023-08-11T04:35:22.1333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 39%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Senthil Kumar Thangarajan
0
Reputation points
0 answers
How to solve error "One of the specified key operations is not supported" in Azure Key Vault HSM Managed
Dear community, on my Azure Key Vault HSM Managed resource, I am trying to generate a 128bit AES-HSM key but I got the following error: "One of the specified key operations is not supported" What does it mean? How can I solve? Thank You
asked 2023-07-13T11:45:44.3566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 54%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Fausto Filippi
0
Reputation points
commented 2023-07-14T22:22:22.61+00:00
Marilee Turscak-MSFT
36,861
Reputation points Microsoft Employee
2 answers
How to grant permissions to imported keys in Azure Key Vault Managed HSM
Hey folks, Your advice is highly appreciated. I'm having trouble with granting permissions to Imported rsa keys in Azure Managed HSM. I wish to use our own generated RSA keys for PostgreSQL flexible server for Data encryption in Azure. What have I done…
asked 2023-06-08T17:55:42.9933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 2%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Raul Siim
0
Reputation points
commented 2023-06-19T18:41:48.91+00:00
JamesTran-MSFT
36,631
Reputation points Microsoft Employee
0 answers
How to import a wrapped private key in the Azure Managed HSM?
I have received a wrapped (encrypted) and base 64 encode of the key as a json format. I want to import this key into the Azure Managed HSM. I tried to do so but facing two issues - Not able to convert the wrapped key to the desired file format and…
asked 2023-06-07T15:10:30.0733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 43%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Abhishek Paul
0
Reputation points
commented 2023-06-08T01:18:47.42+00:00
Marilee Turscak-MSFT
36,861
Reputation points Microsoft Employee
1 answer
What CA signs certificates when using Azure Key Vault with HSM to generate & store application PKI keys and certificates?
Hi. Can anyone tell me what CA is used when I generate keys and get them signed within the Azure Key Vault? Also, do I have the ability to stand up a subordinate CA in Azure, leveraging Azure Key Vault with HSM to store my CA keys and where the sub CA…
asked 2023-04-04T16:36:47.7366667+00:00
Marcus Serrao
1
Reputation point
commented 2023-05-08T03:49:56.4266667+00:00
Akshay-MSFT
17,871
Reputation points Microsoft Employee
3 answers
What options are there for HSM on Azure Stack HCI?
Can i use managed HSM on Azure Stack HCI? Could it be a third party HSM? Thanks!
asked 2023-01-04T20:24:36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 26%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
Jaime Rodriguez
1
Reputation point
answered 2023-02-27T08:26:11.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Martin Gammelgård Rasmussen
0
Reputation points
1 answer
Is keyvault and keyvault HSM similiar from code perspective?
Hi I wonder whether getting certificates from KeyVault in c# is any different (do I need to use the same api, same integration nugets) from getting certificates from KeyVault based on HSM? thanks Michal
asked 2022-10-12T11:48:49.077+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 47%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Michal Szilder
1
Reputation point
commented 2022-10-25T03:53:52.567+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
32,986
Reputation points Microsoft Employee