Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article provides step-by-step guidance on how to configure Azure Key Vault Managed HSM networking settings with IP Network Firewall (preview) to work with other applications and Azure services. For detailed information about different network security configurations and concepts, see Network security for Azure Key Vault Managed HSM.
Here are step-by-step instructions to configure Managed HSM firewall using the Azure portal, Azure CLI, and Azure PowerShell.
Note
The IP Network Firewall (preview) feature requires subscription enablement. If you're interested in using this feature, create a support ticket with subscription and region information.
Important
There is a limit of 10 IP address or address ranges you can add per resource.
Here's how to configure Managed HSM firewalls by using the Azure portal:
- Browse to the Managed HSM you want to secure.
- Select Networking, then select the Public access tab.
- Under Public network access, select Manage.
- To add IP addresses to firewalls, next to Public network access, select Enable and next to Default action, select Enable from selected networks.
- Under IP Networks, add IPv4 address ranges by typing IPv4 address ranges in CIDR (Classless Inter-domain Routing) notation or individual IP addresses.
- If you want to allow Microsoft Trusted Services to bypass the Managed HSM Firewall, select Yes. For a full list of the current Managed HSM Trusted Services, see Azure Key Vault Trusted Services.
- Select Save.