Microsoft Azure Hardware Security Modules management client library for .NET

Azure Cloud HSM: Azure Cloud HSM is a single-tenant HSM solution, granting customers administrative control over a highly available HSM cluster for various functionalities like PKCS#11, TDE, SSL/TLS processing, and custom applications, while Microsoft manages service provisioning, patching, and hosting.

Azure Dedicated HSM: Azure Dedicated HSM is a single-tenant bare metal HSM service that allows customers to lease a general-purpose HSM appliance within Microsoft datacenters, providing complete ownership, management and control. It is particularly beneficial for legacy lift-and-shift workloads.

This library follows the new Azure SDK guidelines, and provides many core capabilities:

- Support MSAL.NET, Azure.Identity is out of box for supporting MSAL.NET.
- Support [OpenTelemetry]( for distributed tracing.
- HTTP pipeline with custom policies.
- Better error-handling.
- Support uniform telemetry across all languages.

Getting started

Install the package

Install the Microsoft Azure Hardware Security Modules management library for .NET with NuGet:

dotnet add package Azure.ResourceManager.HardwareSecurityModules --prerelease


Authenticate the Client

To create an authenticated client and start interacting with Microsoft Azure resources, see the quickstart guide here.

Key concepts

Key concepts of the Microsoft Azure SDK for .NET can be found here


Documentation is available to help you learn how to use this package:


Code samples for using the management library for .NET can be found in the following locations


Next steps

For more information about Microsoft Azure SDK, see this website.


For details on contributing to this repository, see the contributing guide.

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (for example, label, comment). Follow the instructions provided by the bot. You'll only need to do this action once across all repositories using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact with any other questions or comments.