{"id":"49aa0313-2772-4804-bd4d-ab162a9849bd","shortId":"FV4cRZ","kind":"skill","title":"azure-payment-hsm","tagline":"Expert knowledge for Azure Payment Hsm development including troubleshooting, best practices, decision making, architecture & design patterns, security, and configuration. Use when configuring Payment HSM VNets/FastPath, payShield Manager access, HA/DR topologies, SKUs, or traffi","description":"# Azure Payment Hsm Skill\n\nThis skill provides expert guidance for Azure Payment Hsm. Covers troubleshooting, best practices, decision making, architecture & design patterns, security, and configuration. It combines local quick-reference content with remote documentation fetching capabilities.\n\n## How to Use This Skill\n\n> **IMPORTANT for Agent**: Use the **Category Index** below to locate relevant sections. For categories with line ranges (e.g., `L35-L120`), use `read_file` with the specified lines. For categories with file links (e.g., `[security.md](security.md)`), use `read_file` on the linked reference file\n\n> **IMPORTANT for Agent**: If `metadata.generated_at` is more than 3 months old, suggest the user pull the latest version from the repository. If `mcp_microsoftdocs` tools are not available, suggest the user install it: [Installation Guide](https://github.com/MicrosoftDocs/mcp/blob/main/README.md)\n\nThis skill requires **network access** to fetch documentation content:\n- **Preferred**: Use `mcp_microsoftdocs:microsoft_docs_fetch` with query string `from=learn-agent-skill`. Returns Markdown.\n- **Fallback**: Use `fetch_webpage` with query string `from=learn-agent-skill&accept=text/markdown`. Returns Markdown.\n\n## Category Index\n\n| Category | Lines | Description |\n|----------|-------|-------------|\n| Troubleshooting | L34-L38 | Diagnosing and resolving common Azure Payment HSM deployment issues, including provisioning failures, configuration problems, and known platform limitations or workarounds. |\n| Best Practices | L39-L43 | Guidance on inspecting, monitoring, and routing network traffic to Azure Payment HSM, including using firewalls, NSGs, and network appliances for secure traffic control. |\n| Decision Making | L44-L49 | Guidance on choosing/changing Azure Payment HSM performance SKUs, and understanding support options, roles, and responsibilities for operating the service. |\n| Architecture & Design Patterns | L50-L55 | Designing Azure Payment HSM architectures: HA/DR patterns, device lifecycle management, supported topologies, deployment constraints, and planning resilient HSM solutions. |\n| Security | L56-L62 | Security setup for Payment HSM: configuring SSH/payShield manager access, understanding compliance certifications/scope, and applying hardening and security best practices. |\n| Configuration | L63-L74 | Configuring Azure Payment HSM networking and access: VNets/peering, FastPath, ARM/CLI deployment, IP layout (split/reused VNets), provider registration, and payShield Manager browser access. |\n\n### Troubleshooting\n| Topic | URL |\n|-------|-----|\n| Resolve known issues with Azure Payment HSM deployments | https://learn.microsoft.com/en-us/azure/payment-hsm/known-issues |\n\n### Best Practices\n| Topic | URL |\n|-------|-----|\n| Inspect and route network traffic for Azure Payment HSM | https://learn.microsoft.com/en-us/azure/payment-hsm/inspect-traffic |\n\n### Decision Making\n| Topic | URL |\n|-------|-----|\n| Select and change Azure Payment HSM performance SKUs | https://learn.microsoft.com/en-us/azure/payment-hsm/change-performance-level |\n| Use Azure Payment HSM support and understand responsibilities | https://learn.microsoft.com/en-us/azure/payment-hsm/support-guide |\n\n### Architecture & Design Patterns\n| Topic | URL |\n|-------|-----|\n| Design high availability and DR for Azure Payment HSM | https://learn.microsoft.com/en-us/azure/payment-hsm/deployment-scenarios |\n| Plan solution topologies and constraints for Payment HSM | https://learn.microsoft.com/en-us/azure/payment-hsm/solution-design |\n\n### Security\n| Topic | URL |\n|-------|-----|\n| Configure SSH access to Azure Payment HSM payShield manager | https://learn.microsoft.com/en-us/azure/payment-hsm/access-payshield-manager-ssh |\n| Understand Payment HSM compliance certifications and scope | https://learn.microsoft.com/en-us/azure/payment-hsm/certification-compliance |\n| Apply security best practices to Azure Payment HSM | https://learn.microsoft.com/en-us/azure/payment-hsm/secure-payment-hsm |\n\n### Configuration\n| Topic | URL |\n|-------|-----|\n| Configure browser access to payShield Manager for Payment HSM | https://learn.microsoft.com/en-us/azure/payment-hsm/access-payshield-manager |\n| Configure Payment HSM IPs in different VNets via ARM | https://learn.microsoft.com/en-us/azure/payment-hsm/create-different-ip-addresses |\n| Configure Azure Payment HSM across separate VNets | https://learn.microsoft.com/en-us/azure/payment-hsm/create-different-vnet |\n| Deploy Payment HSM with split VNets via ARM template | https://learn.microsoft.com/en-us/azure/payment-hsm/create-different-vnet-template |\n| Configure FastPathEnabled feature flag and tag for Payment HSM | https://learn.microsoft.com/en-us/azure/payment-hsm/fastpathenabled |\n| Configure VNet peering and fastpath for Payment HSM | https://learn.microsoft.com/en-us/azure/payment-hsm/peer-vnets |\n| Manage Azure Payment HSM resources with Azure CLI | https://learn.microsoft.com/en-us/azure/payment-hsm/quickstart-cli |\n| Register Azure Payment HSM resource providers and features | https://learn.microsoft.com/en-us/azure/payment-hsm/register-payment-hsm-resource-providers |\n| Reuse existing virtual networks for Azure Payment HSM deployment | https://learn.microsoft.com/en-us/azure/payment-hsm/reuse-vnet |","tags":["azure","payment","hsm","agent","skills","microsoftdocs","agent-skills","agentic-skills","agentskill","ai-agents","ai-coding","azure-functions"],"capabilities":["skill","source-microsoftdocs","skill-azure-payment-hsm","topic-agent","topic-agent-skills","topic-agentic-skills","topic-agentskill","topic-ai-agents","topic-ai-coding","topic-azure","topic-azure-functions","topic-azure-kubernetes-service","topic-azure-openai","topic-azure-sql-database","topic-azure-storage"],"categories":["Agent-Skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/MicrosoftDocs/Agent-Skills/azure-payment-hsm","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add MicrosoftDocs/Agent-Skills","source_repo":"https://github.com/MicrosoftDocs/Agent-Skills","install_from":"skills.sh"}},"qualityScore":"0.698","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 497 github stars · SKILL.md body (5,316 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T00:53:35.374Z","embedding":null,"createdAt":"2026-04-18T21:59:43.125Z","updatedAt":"2026-04-22T00:53:35.374Z","lastSeenAt":"2026-04-22T00:53:35.374Z","tsv":"'/en-us/azure/payment-hsm/access-payshield-manager':494 '/en-us/azure/payment-hsm/access-payshield-manager-ssh':458 '/en-us/azure/payment-hsm/certification-compliance':468 '/en-us/azure/payment-hsm/change-performance-level':404 '/en-us/azure/payment-hsm/create-different-ip-addresses':506 '/en-us/azure/payment-hsm/create-different-vnet':516 '/en-us/azure/payment-hsm/create-different-vnet-template':528 '/en-us/azure/payment-hsm/deployment-scenarios':432 '/en-us/azure/payment-hsm/fastpathenabled':540 '/en-us/azure/payment-hsm/inspect-traffic':389 '/en-us/azure/payment-hsm/known-issues':373 '/en-us/azure/payment-hsm/peer-vnets':551 '/en-us/azure/payment-hsm/quickstart-cli':562 '/en-us/azure/payment-hsm/register-payment-hsm-resource-providers':573 '/en-us/azure/payment-hsm/reuse-vnet':585 '/en-us/azure/payment-hsm/secure-payment-hsm':479 '/en-us/azure/payment-hsm/solution-design':443 '/en-us/azure/payment-hsm/support-guide':415 '/microsoftdocs/mcp/blob/main/readme.md)':162 '3':133 'accept':201 'access':32,167,323,344,359,449,485 'across':511 'agent':82,126,185,199 'appli':328,469 'applianc':257 'architectur':18,57,286,296,416 'arm':503,524 'arm/cli':347 'avail':152,423 'azur':2,8,38,48,218,248,270,293,339,367,384,397,406,427,451,474,508,553,558,564,579 'azure-payment-hsm':1 'best':14,53,234,332,374,471 'browser':358,484 'capabl':74 'categori':85,93,109,205,207 'certif':463 'certifications/scope':326 'chang':396 'choosing/changing':269 'cli':559 'combin':64 'common':217 'complianc':325,462 'configur':23,26,62,226,320,334,338,447,480,483,495,507,529,541 'constraint':305,437 'content':69,171 'control':261 'cover':51 'decis':16,55,262,390 'deploy':221,304,348,370,517,582 'descript':209 'design':19,58,287,292,417,421 'develop':11 'devic':299 'diagnos':214 'differ':500 'doc':177 'document':72,170 'dr':425 'e.g':97,113 'exist':575 'expert':5,45 'failur':225 'fallback':189 'fastpath':346,545 'fastpathen':530 'featur':531,570 'fetch':73,169,178,191 'file':103,111,118,123 'firewal':253 'flag':532 'github.com':161 'github.com/microsoftdocs/mcp/blob/main/readme.md)':160 'guid':159 'guidanc':46,239,267 'ha/dr':33,297 'harden':329 'high':422 'hsm':4,10,28,40,50,220,250,272,295,309,319,341,369,386,399,408,429,440,453,461,476,491,497,510,519,537,548,555,566,581 'import':80,124 'includ':12,223,251 'index':86,206 'inspect':241,378 'instal':156,158 'ip':349,498 'issu':222,365 'knowledg':6 'known':229,364 'l120':100 'l34':212 'l34-l38':211 'l35':99 'l35-l120':98 'l38':213 'l39':237 'l39-l43':236 'l43':238 'l44':265 'l44-l49':264 'l49':266 'l50':290 'l50-l55':289 'l55':291 'l56':313 'l56-l62':312 'l62':314 'l63':336 'l63-l74':335 'l74':337 'latest':141 'layout':350 'learn':184,198 'learn-agent-skil':183,197 'learn.microsoft.com':372,388,403,414,431,442,457,467,478,493,505,515,527,539,550,561,572,584 'learn.microsoft.com/en-us/azure/payment-hsm/access-payshield-manager':492 'learn.microsoft.com/en-us/azure/payment-hsm/access-payshield-manager-ssh':456 'learn.microsoft.com/en-us/azure/payment-hsm/certification-compliance':466 'learn.microsoft.com/en-us/azure/payment-hsm/change-performance-level':402 'learn.microsoft.com/en-us/azure/payment-hsm/create-different-ip-addresses':504 'learn.microsoft.com/en-us/azure/payment-hsm/create-different-vnet':514 'learn.microsoft.com/en-us/azure/payment-hsm/create-different-vnet-template':526 'learn.microsoft.com/en-us/azure/payment-hsm/deployment-scenarios':430 'learn.microsoft.com/en-us/azure/payment-hsm/fastpathenabled':538 'learn.microsoft.com/en-us/azure/payment-hsm/inspect-traffic':387 'learn.microsoft.com/en-us/azure/payment-hsm/known-issues':371 'learn.microsoft.com/en-us/azure/payment-hsm/peer-vnets':549 'learn.microsoft.com/en-us/azure/payment-hsm/quickstart-cli':560 'learn.microsoft.com/en-us/azure/payment-hsm/register-payment-hsm-resource-providers':571 'learn.microsoft.com/en-us/azure/payment-hsm/reuse-vnet':583 'learn.microsoft.com/en-us/azure/payment-hsm/secure-payment-hsm':477 'learn.microsoft.com/en-us/azure/payment-hsm/solution-design':441 'learn.microsoft.com/en-us/azure/payment-hsm/support-guide':413 'lifecycl':300 'limit':231 'line':95,107,208 'link':112,121 'local':65 'locat':89 'make':17,56,263,391 'manag':31,301,322,357,455,488,552 'markdown':188,204 'mcp':147,174 'metadata.generated':128 'microsoft':176 'microsoftdoc':148,175 'monitor':242 'month':134 'network':166,245,256,342,381,577 'nsgs':254 'old':135 'oper':283 'option':278 'pattern':20,59,288,298,418 'payment':3,9,27,39,49,219,249,271,294,318,340,368,385,398,407,428,439,452,460,475,490,496,509,518,536,547,554,565,580 'payshield':30,356,454,487 'peer':543 'perform':273,400 'plan':307,433 'platform':230 'practic':15,54,235,333,375,472 'prefer':172 'problem':227 'provid':44,353,568 'provis':224 'pull':139 'queri':180,194 'quick':67 'quick-refer':66 'rang':96 'read':102,117 'refer':68,122 'regist':563 'registr':354 'relev':90 'remot':71 'repositori':145 'requir':165 'resili':308 'resolv':216,363 'resourc':556,567 'respons':281,412 'return':187,203 'reus':574 'role':279 'rout':244,380 'scope':465 'section':91 'secur':21,60,259,311,315,331,444,470 'security.md':114,115 'select':394 'separ':512 'servic':285 'setup':316 'skill':41,43,79,164,186,200 'skill-azure-payment-hsm' 'skus':35,274,401 'solut':310,434 'source-microsoftdocs' 'specifi':106 'split':521 'split/reused':351 'ssh':448 'ssh/payshield':321 'string':181,195 'suggest':136,153 'support':277,302,409 'tag':534 'templat':525 'text/markdown':202 'tool':149 'topic':361,376,392,419,445,481 'topic-agent' 'topic-agent-skills' 'topic-agentic-skills' 'topic-agentskill' 'topic-ai-agents' 'topic-ai-coding' 'topic-azure' 'topic-azure-functions' 'topic-azure-kubernetes-service' 'topic-azure-openai' 'topic-azure-sql-database' 'topic-azure-storage' 'topolog':34,303,435 'traffi':37 'traffic':246,260,382 'troubleshoot':13,52,210,360 'understand':276,324,411,459 'url':362,377,393,420,446,482 'use':24,77,83,101,116,173,190,252,405 'user':138,155 'version':142 'via':502,523 'virtual':576 'vnet':352,501,513,522,542 'vnets/fastpath':29 'vnets/peering':345 'webpag':192 'workaround':233","prices":[{"id":"9e6b490f-88c0-4999-a3f6-cba55410ef38","listingId":"49aa0313-2772-4804-bd4d-ab162a9849bd","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"MicrosoftDocs","category":"Agent-Skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:59:43.125Z"}],"sources":[{"listingId":"49aa0313-2772-4804-bd4d-ab162a9849bd","source":"github","sourceId":"MicrosoftDocs/Agent-Skills/azure-payment-hsm","sourceUrl":"https://github.com/MicrosoftDocs/Agent-Skills/tree/main/skills/azure-payment-hsm","isPrimary":false,"firstSeenAt":"2026-04-18T21:59:43.125Z","lastSeenAt":"2026-04-22T00:53:35.374Z"}],"details":{"listingId":"49aa0313-2772-4804-bd4d-ab162a9849bd","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"MicrosoftDocs","slug":"azure-payment-hsm","github":{"repo":"MicrosoftDocs/Agent-Skills","stars":497,"topics":["agent","agent-skills","agentic-skills","agentskill","ai","ai-agents","ai-coding","azure","azure-functions","azure-kubernetes-service","azure-openai","azure-sql-database","azure-storage","azure-virtual-machine","claude-code","github-copilot","microsoft-learn","openai-codex","skills"],"license":"cc-by-4.0","html_url":"https://github.com/MicrosoftDocs/Agent-Skills","pushed_at":"2026-04-19T02:43:40Z","description":"Curated Agent Skills for Microsoft & Azure – giving AI coding assistants structured, real-time expertise from Microsoft Learn docs.","skill_md_sha":"71f84e425a093bb49aee9223f1531d9d415850bd","skill_md_path":"skills/azure-payment-hsm/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/MicrosoftDocs/Agent-Skills/tree/main/skills/azure-payment-hsm"},"layout":"multi","source":"github","category":"Agent-Skills","frontmatter":{"name":"azure-payment-hsm","description":"Expert knowledge for Azure Payment Hsm development including troubleshooting, best practices, decision making, architecture & design patterns, security, and configuration. Use when configuring Payment HSM VNets/FastPath, payShield Manager access, HA/DR topologies, SKUs, or traffic inspection, and other Azure Payment Hsm related development tasks. Not for Azure Dedicated HSM (use azure-dedicated-hsm), Azure Cloud Hsm (use azure-cloud-hsm), Azure Key Vault (use azure-key-vault), Azure Information Protection (use azure-information-protection).","compatibility":"Requires network access. Uses mcp_microsoftdocs:microsoft_docs_fetch or fetch_webpage to retrieve documentation."},"skills_sh_url":"https://skills.sh/MicrosoftDocs/Agent-Skills/azure-payment-hsm"},"updatedAt":"2026-04-22T00:53:35.374Z"}}