Merge pull request #2664 from msmbaldwin/placeholder-standardization-managed-hsm

Standardize placeholders in key-vault/managed-hsm

Author: prmerger-automator[bot]

articles/key-vault/managed-hsm/authorize-azure-resource-manager.md

@@ -8,7 +8,7 @@ ms.custom: devx-track-arm-template
 ms.service: azure-key-vault
 ms.subservice: managed-hsm
 ms.topic: tutorial
-ms.date: 04/14/2025
+ms.date: 03/26/2026
 
 ms.author: mbaldwin
 # Customer intent: As a managed HSM administrator, I want to authorize Azure Resource Manager to perform key management operations via Azure Managed HSM
@@ -23,13 +23,13 @@ Azure Managed HSM doesn't trust Azure Resource Manager by default. However, for
 For the Azure portal or Azure Resource Manager to interact with Azure Managed HSM in the same way as Azure Key Vault Standard and Premium, an authorized Managed HSM administrator must allow Azure Resource Manager to act on behalf of the user. To change this behavior and allow users to use Azure portal or Azure Resource Manager to create new keys or list keys, make the following Azure Managed HSM setting update:
 
 ```azurecli-interactive
-az keyvault setting update --hsm-name <managed-hsm name> --name AllowKeyManagementOperationsThroughARM --value true 
+az keyvault setting update --hsm-name <hsm-name> --name AllowKeyManagementOperationsThroughARM --value true 
 ```
 
 To disable this trust and revert to the default behavior of Managed HSM:
 
 ```azurecli-interactive
-az keyvault setting update --hsm-name <managed-hsm name> --name AllowKeyManagementOperationsThroughARM --value false 
+az keyvault setting update --hsm-name <hsm-name> --name AllowKeyManagementOperationsThroughARM --value false 
 ```
 
 ## Next steps

articles/key-vault/managed-hsm/azure-policy.md

@@ -3,7 +3,7 @@ title: Integrate Azure Managed HSM with Azure Policy
 description: Learn how to integrate Azure Managed HSM with Azure Policy
 author: msmbaldwin
 ms.author: mbaldwin
-ms.date: 04/15/2025
+ms.date: 03/26/2026
 ms.service: azure-key-vault
 ms.subservice: managed-hsm
 ms.custom: devx-track-azurecli
@@ -72,15 +72,15 @@ az ad sp show --id a1b76039-a76c-499f-a2dd-846b4cc32627 --query id
 Copy the `id` printed and paste it in the following command:
 
 ```azurecli-interactive
-az keyvault role assignment create --scope / --role "Managed HSM Crypto Auditor" --assignee-object-id "the id printed in previous command" --hsm-name <hsm name>
+az keyvault role assignment create --scope / --role "Managed HSM Crypto Auditor" --assignee-object-id "the id printed in previous command" --hsm-name <hsm-name>
 ```
 
 On Linux or Windows Subsystem of Linux:
 
 ```azurecli-interactive
 spId=$(az ad sp show --id a1b76039-a76c-499f-a2dd-846b4cc32627 --query id|cut -d "\"" -f2)
 echo $spId
-az keyvault role assignment create --scope / --role "Managed HSM Crypto Auditor" --assignee-object-id $spId --hsm-name <hsm name>
+az keyvault role assignment create --scope / --role "Managed HSM Crypto Auditor" --assignee-object-id $spId --hsm-name <hsm-name>
 ```
 
 ### Create policy assignments - define rules of audit and/or deny

articles/key-vault/managed-hsm/logging.md

@@ -7,7 +7,7 @@ ms.author: mbaldwin
 ms.service: azure-key-vault
 ms.subservice: managed-hsm
 ms.topic: tutorial
-ms.date: 12/03/2025
+ms.date: 03/26/2026
 #Customer intent: As a Managed HSM administrator, I want to enable logging for my Managed HSM so I can monitor how and when my HSMs are accessed, and by who.
 ---
 
@@ -179,9 +179,9 @@ Individual blobs are stored as text, formatted as JSON. Here's an example log en
 ```json
 [
   {
-    "TenantId": "{tenant-id}",
+    "TenantId": "<tenant-id>",
     "time": "2020-08-31T19:52:39.763Z",
-    "resourceId": "/SUBSCRIPTIONS/<subscription-id>/RESOURCEGROUPS/<RESOURCE-GROUP>/PROVIDERS/MICROSOFT.KEYVAULT/MANAGEDHSMS/<HSM-NAME>",
+    "resourceId": "/SUBSCRIPTIONS/<subscription-id>/RESOURCEGROUPS/<resource-group>/PROVIDERS/MICROSOFT.KEYVAULT/MANAGEDHSMS/<hsm-name>",
     "operationName": "BackupCreate",
     "operationVersion": "7.0",
     "category": "AuditEvent",
@@ -193,7 +193,7 @@ Individual blobs are stored as text, formatted as JSON. Here's an example log en
     },
     "durationMs": 488,
     "callerIpAddress": "X.X.X.X",
-    "identity": "{\"claim\":{\"appid\":\"{application-id}\",\"http_schemas_microsoft_com_identity\":{\"claims\":{\"objectidentifier\":\"{object-id}\"}},\"http_schemas_xmlsoap_org_ws_2005_05_identity\":{\"claims\":{\"upn\":\"<user-email>\"}}}}",
+    "identity": "{\"claim\":{\"appid\":\"<application-id>\",\"http_schemas_microsoft_com_identity\":{\"claims\":{\"objectidentifier\":\"<object-id>\"}},\"http_schemas_xmlsoap_org_ws_2005_05_identity\":{\"claims\":{\"upn\":\"<user-email>\"}}}}",
     "clientInfo": "azsdk-python-core/1.7.0 Python/3.8.2 (Linux-4.19.84-microsoft-standard-x86_64-with-glibc2.29) azsdk-python-azure-keyvault/7.2",
     "correlationId": "aaaa0000-bb11-2222-33cc-444444dddddd",
     "subnetId": "(unknown)",

articles/key-vault/managed-hsm/quick-create-powershell.md

@@ -3,7 +3,7 @@ title: Create and retrieve attributes of a managed key in Azure Key Vault – Az
 description: Quickstart showing how to set and retrieve a managed key from Azure Key Vault using Azure PowerShell
 author: msmbaldwin
 ms.author: mbaldwin
-ms.date: 03/13/2026
+ms.date: 03/26/2026
 ms.topic: quickstart
 ms.service: azure-key-vault
 ms.subservice: keys
@@ -33,7 +33,7 @@ New-AzResourceGroup -Name "<resource-group>" -Location "<location>"
 To create a Managed HSM, you need your Microsoft Entra principal ID.  To get your ID, use the Azure PowerShell [Get-AzADUser](/powershell/module/az.resources/get-azaduser) cmdlet, and pass your email address to the `UserPrincipalName` parameter:
 
 ```azurepowershell-interactive
-Get-AzADUser -UserPrincipalName "<[email protected]>"
+Get-AzADUser -UserPrincipalName "<user-principal-name>"
 ```
 
 Your principal ID is returned in the format, "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx".

articles/key-vault/managed-hsm/recovery.md

@@ -138,7 +138,7 @@ For more information, see [Managed HSM soft-delete overview](soft-delete-overvie
 * To delete an HSM:
 
     ```powershell
-    Remove-AzKeyVaultManagedHsm -Name '<hsm-name>'
+    Remove-AzKeyVaultManagedHsm -Name "<hsm-name>"
     ```
   This action is recoverable because soft-delete is on by default.
 
@@ -147,25 +147,25 @@ For more information, see [Managed HSM soft-delete overview](soft-delete-overvie
 * To delete a key:
 
   ```powershell
-  Remove-AzKeyVaultKey -HsmName <hsm-name> -Name '<key-name>'
+  Remove-AzKeyVaultKey -HsmName "<hsm-name>" -Name "<key-name>"
   ```
 
 * To list all deleted keys: 
 
   ```powershell
-  Get-AzKeyVaultKey -HsmName <hsm-name> -InRemovedState
+  Get-AzKeyVaultKey -HsmName "<hsm-name>" -InRemovedState
   ```
 
 * To recover a soft-deleted key:
 
     ```powershell
-    Undo-AzKeyVaultKeyRemoval -HsmName <hsm-name> -Name <key-name>
+    Undo-AzKeyVaultKeyRemoval -HsmName "<hsm-name>" -Name "<key-name>"
     ```
 
 * To purge a soft-deleted key:
 
     ```powershell
-    Remove-AzKeyVaultKey -HsmName <hsm-name> -Name <key-name> -InRemovedState
+    Remove-AzKeyVaultKey -HsmName "<hsm-name>" -Name "<key-name>" -InRemovedState
     ```
     > [!WARNING] 
     > This operation will permanently delete your key.

articles/key-vault/managed-hsm/tls-offload-library.md

@@ -7,7 +7,7 @@ ms.service: azure-key-vault
 ms.subservice: managed-hsm
 ms.custom: devx-track-azurecli
 ms.topic: get-started
-ms.date: 01/30/2026
+ms.date: 03/26/2026
 
 ms.author: mbaldwin
 ---
@@ -116,7 +116,7 @@ For Managed Identities,specify command arguments as follows:
 ```azurecli
 az keyvault role assignment create --hsm-name <hsm-name> \
       --role "Managed HSM Crypto User"  \
-       --assignee-object-id <object_id>  \
+       --assignee-object-id <object-id>  \
        --assignee-principal-type MSI \
        --scope /keys
 ```