Merge pull request #225830 from msmbaldwin/mhsm-misc

v-dirichards · web-flow · commit 5531cd4add49 · 2023-02-01T11:17:20.000-06:00
Adding security baseline to docset
diff --git a/articles/key-vault/managed-hsm/best-practices.md b/articles/key-vault/managed-hsm/best-practices.md
@@ -14,6 +14,8 @@ ms.author: mbaldwin
 ---
 # Best practices when using Managed HSM
 
+This article provides best practices for securing your Azure Managed HSM key management system.  For a full list of security recommendations, see the [Azure Managed HSM security baseline](/security/benchmark/azure/baselines/key-vault-managed-hsm-security-baseline).
+
 ## Control Access to your managed HSM
 
 Managed HSM is a cloud service that safeguards encryption keys. As these keys are sensitive and business critical, make sure to secure access to your managed HSMs by allowing only authorized applications and users. This [article](access-control.md) provides an overview of the access model. It explains authentication and authorization, and role-based access control.
@@ -39,8 +41,9 @@ Managed HSM is a cloud service that safeguards encryption keys. As these keys ar
 
 ## Next steps
 
-- See [Full backup/restore](backup-restore.md) for information on full HSM backup/restore.
-- See [Managed HSM logging](logging.md) to learn how to use Azure Monitor to configure logging
-- See [Manage managed HSM keys](key-management.md) for key management.
-- See [Managed HSM role management](role-management.md) for managing role assignments.
-- See [Managed HSM soft-delete overview](soft-delete-overview.md) for recovery options.
+- [Azure Managed HSM security baseline](/security/benchmark/azure/baselines/key-vault-managed-hsm-security-baseline)
+- [Full backup/restore](backup-restore.md)
+- [Managed HSM logging](logging.md)
+- [Manage managed HSM keys](key-management.md)
+- [Managed HSM role management](role-management.md)
+- [Managed HSM soft-delete overview](soft-delete-overview.md)
diff --git a/articles/key-vault/managed-hsm/overview.md b/articles/key-vault/managed-hsm/overview.md
@@ -57,6 +57,7 @@ For pricing information, please see Managed HSM Pools section on [Azure Key Vaul
 ## Next steps
 - [Key management in Azure](../../security/fundamentals/key-management.md)
 - See [Quickstart: Provision and activate a managed HSM using Azure CLI](quick-create-cli.md) to create and activate a managed HSM
+- [Azure Managed HSM security baseline](/security/benchmark/azure/baselines/key-vault-managed-hsm-security-baseline)
 - See [Best Practices using Azure Key Vault Managed HSM](best-practices.md)
 - [Managed HSM Status](https://azure.status.microsoft)
 - [Managed HSM Service Level Agreement](https://azure.microsoft.com/support/legal/sla/key-vault-managed-hsm/v1_0/)
diff --git a/articles/key-vault/managed-hsm/toc.yml b/articles/key-vault/managed-hsm/toc.yml
@@ -64,6 +64,8 @@ items:
     href: built-in-roles.md
   - name: Managed HSM Soft-delete 
     href: soft-delete-overview.md
+  - name: Security baseline
+    href: /security/benchmark/azure/baselines/key-vault-managed-hsm-security-baseline?toc=/azure/key-vault/managed-hsm/&bc=/azure/key-vault/managed-hsm/breadcrumb/toc.json
 
 - name: Reference
   items:
