Skip to content

Commit 67b7b57

Browse files
committed
Updates
1 parent 0052770 commit 67b7b57

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

articles/key-vault/managed-hsm/tls-offload-library.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -202,9 +202,9 @@ There are two approaches to generating a key and using the key for the Key Less
202202
#### Granular approach
203203
204204
1. Create an Admin User (for example, TLSOffloadAdminUser) with the following role:
205-
- "Managed HSM Crypto Officer" role at the "/" scope
205+
- "Managed HSM Crypto Officer" role at the "/" scope
206206
1. Create a Key Generation service principal (for example, TLSOffloadKeyGenServicePrincipal) for the TLS Offload Key generation and assign the following role:
207-
- "Managed HSM Crypto User" role at the "/keys" scope.
207+
- "Managed HSM Crypto User" role at the "/keys" scope.
208208
1. Create a service principal for the TLS Offloading (for example, TLSOffload ServicePrincipal)
209209
1. The Admin User creates the following custom role definition:
210210
```azurecli
@@ -218,11 +218,11 @@ There are two approaches to generating a key and using the key for the Key Less
218218
}'
219219
```
220220
1. Generate a key with required label following "How to generate keys using the TLS Offload Library". Use the Key Generation service principal (for example, TLSOffloadKeyGenServicePrincipal) while generating keys. Note down the Key Label and Key Name. For example:
221-
- Key Label: tlsKey
222-
- Key Name: p11-6a2155dc40c94367a0f97ab452dc216f
221+
- Key Label: tlsKey
222+
- Key Name: p11-6a2155dc40c94367a0f97ab452dc216f
223223
1. Admin User assigns the following roles to the TLS Offload service principal
224-
- "TLS Library User Read Role" role at the "/keys" scope
225-
- "Managed HSM Crypto User" role at the "/keys/{key name}" scope
224+
- "TLS Library User Read Role" role at the "/keys" scope
225+
- "Managed HSM Crypto User" role at the "/keys/{key name}" scope
226226
```azurecli
227227
az keyvault role assignment create --hsm-name ContosoMHSM \
228228
--role " TLS Library User Read Role" \

0 commit comments

Comments
 (0)