Azure Cloud HSM

AzureSecurity

Single-tenant FIPS 140-2 Level 3 hardware security modules in your VNet for keys you must hold yourself — replaces the older Dedicated HSM offering, exposes PKCS#11 / JCE / OpenSSL clients, and supports the workloads (PKI roots, code-signing, payment HSM) that can't share a multi-tenant key vault

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore Azure in TreemapExplore security in HoneycombSee Azure regions on the World Map
DocumentationPricing

Attributes

Fips Level
140-2 Level 3
Tenancy
single

Sub-services (2)

HSM cluster

Multi-zone pool of dedicated HSMs with synchronised key material

PKCS#11 / JCE / OpenSSL

Standard cryptographic client libraries for application integration

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

PCI DSSSOC 2ISO 27001

Where this runs

73 regions
36 countries
13sovereign
Sovereign regions (13)
  • Australia Central · CanberraAzure Australia Government
  • Australia Central 2 · CanberraAzure Australia Government
  • US Gov Virginia · VirginiaAzure Government (US)
  • US Gov Arizona · ArizonaAzure Government (US)
  • US Gov Texas · TexasAzure Government (US)
  • US DoD East · VirginiaAzure Government Secret (US)
  • US DoD Central · IowaAzure Government Secret (US)
  • China North (Beijing) · BeijingMicrosoft Azure China (21Vianet)
  • China East (Shanghai) · ShanghaiMicrosoft Azure China (21Vianet)
  • China North 2 · BeijingMicrosoft Azure China (21Vianet)
  • China East 2 · ShanghaiMicrosoft Azure China (21Vianet)
  • China North 3 · HebeiMicrosoft Azure China (21Vianet)
  • China East 3 · ShanghaiMicrosoft Azure China (21Vianet)
Commercial regions (60)

Europe (21)

  • Austria East
  • Belgium Central
  • Denmark East
  • Finland Central
  • France South
  • France Central
  • Germany North
  • Germany West Central
  • Greece Central
  • North Europe
  • Italy North
  • West Europe
  • Norway East
  • Norway West
  • Poland Central
  • Spain Central
  • Sweden Central
  • Switzerland West
  • Switzerland North
  • UK West
  • UK South

North America (13)

  • Canada East
  • Canada Central
  • Mexico Central
  • West US
  • East US 3
  • North Central US
  • Central US
  • West US 3
  • South Central US
  • East US
  • East US 2
  • West US 2
  • West Central US

South America (3)

  • Brazil Southeast
  • Brazil South
  • Chile Central

Asia (13)

  • East Asia
  • South India
  • Jio India West
  • West India
  • Jio India Central
  • Central India
  • Indonesia Central
  • Japan West
  • Japan East
  • Malaysia West
  • Southeast Asia
  • Korea South
  • Korea Central

Oceania (3)

  • Australia East
  • Australia Southeast
  • New Zealand North

Middle East (5)

  • Israel Central
  • Qatar Central
  • Saudi Arabia Central
  • UAE Central
  • UAE North

Africa (2)

  • South Africa West
  • South Africa North

Tags

hsmfips-140-2key-managementsingle-tenantcompliance

Equivalent services on other platforms

AWS CloudHSMAWS

Single-tenant FIPS 140-2 Level 3 hardware security modules in your VPC for keys you must hold yourself — code-signing, document signing, TLS offload, and PKI roots where shared multi-tenant KMS isn't acceptable for compliance reasons

Google Cloud HSMGCP

FIPS 140-2 Level 3 hardware-protected keys exposed through the same Cloud KMS API as software keys — keys never leave the HSM hardware boundary, supporting workloads (PKI roots, code-signing, regulated payment flows) that need a hardware attestation rather than a multi-tenant software KMS

Pricing

Pricing model:per-hour