Skip Navigation

Azure Dedicated HSM pricing

Manage hardware security modules that you use in the cloud

Azure Dedicated HSM allows you to do key management on a hardware security module that you control in the cloud. You can meet your compliance requirements such as FIPS 140-2 Level 3 and help ensure your keys are secure by using a cloud-hosted HSM. You can drastically reduce the latency of applications and increase their performance by running them in your own hardware security module in Azure.

Explore pricing options

Apply filters to customize pricing options to your needs.

Prices are estimates only and are not intended as actual price quotes. Actual pricing may vary depending on the type of agreement entered with Microsoft, date of purchase, and the currency exchange rate. Prices are calculated based on US dollars and converted using London closing spot rates that are captured in the two business days prior to the last business day of the previous month end. If the two business days prior to the end of the month autumn on a bank holiday in major markets, the rate setting day is generally the day immediately preceding the two business days. This rate applies to all transactions during the forthcoming month. Sign in to the Azure pricing calculator to see pricing based on your current programme/offer with Microsoft. Contact an Azure sales specialist for more information on pricing or to request a price quote. See frequently asked questions about Azure pricing.

Hourly usage fee per HSM
Azure Dedicated HSM $-

The service is available in limited regions – To learn more about availability, please contact your local Microsoft representative.

Azure pricing and purchasing options

Connect with us directly

Get a walkthrough of Azure pricing. Understand pricing for your cloud solution, learn about cost optimisation and request a custom proposal.

Talk to a sales specialist

See ways to purchase

Purchase Azure services through the Azure website, a Microsoft representative or an Azure partner.

Explore your options

Additional resources

Azure Dedicated HSM

Learn more about Azure Dedicated HSM features and capabilities.

Pricing calculator

Estimate your expected monthly costs for using any combination of Azure products.


Review the Service Level Agreement for Azure Dedicated HSM.


Review technical tutorials, videos and more Azure Dedicated HSM resources.

  • Azure Dedicated HSM (hardware security module) is a cloud-based service that provides HSMs hosted in Azure datacenters that are directly connected to a customers’ virtual network. These are dedicated network HSM appliances (Gemalto's SafeNet Network HSM 7, FIPS 140-2 Level 3) available in a customers' private IP address space. Microsoft does not have any access to the cryptographic functionality of the HSMs. Only the customer has full administrative control and cryptographic control over these HSMs and can get full activity logs directly from the HSM. Dedicated HSMs help customers meet compliance/regulatory requirements such as GDPR, HIPAA, PCI-DSS, eIDAS and many others.
  • HSM (hardware security module) is a physical computing device used for safeguarding and managing cryptographic keys that can be used for cryptographic operations. The key material stays safe in a tamper-resistant, tamper-evident hardware module, while allowing authenticated/authorised applications to use the keys to perform cryptographic operations. The key material never leaves the HSM protection boundary.
  • HSMs are used for storing cryptographic keys that are used for cryptographic functionality such as SSL (secure socket layer), encrypting data, PKI (public key infrastructure), DRM (digital rights management) and signing documents.
  • Customers can provision HSMs in specific regions using PowerShell or command line interface. The customer specifies virtual network and subnet detail for the HSMs to be connected to. Once provisioned, the HSMs will be available in the designated subnet at an assigned IP addresses in the customer's private IP address space. Customers can then connect to the HSMs using the SSH tool for appliance management and administration, to setup HSM client connections, initialise HSMs, create partitions, define and assign roles such as partition officer, crypto officer and crypto user. Finally, a customer will use Gemalto provided HSM client tools/SDK/software to perform cryptographic operations from their applications.
  • By design, the customer has exclusive administrative control of the HSM device including monitoring, configuration and software/firmware maintenance. Considering Microsoft is not involved in this, we cannot ensure the health and hence uptime of the device.
  • No. The Dedicated HSM service does not support integration with other Azure or Microsoft cloud services.

Talk to a sales specialist for a walk-through of Azure pricing. Understand pricing for your cloud solution.

Get free cloud services and a $200 credit to explore Azure for 30 days.

Added to estimate. Press 'v' to view on calculator
Can we help you?