From e3690d5f7f0b201500a3e104af42b25ef57bd45d Mon Sep 17 00:00:00 2001
From: Martijn Baay <martijn.baay@gmail.com>
Date: Wed, 28 Dec 2022 16:10:56 +0100
Subject: [PATCH] Support Key Vault Managed HSM keys when configuring Storage
 Account CMK

---
 .../storage_account_customer_managed_key_resource.go  | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/internal/services/storage/storage_account_customer_managed_key_resource.go b/internal/services/storage/storage_account_customer_managed_key_resource.go
index 73ac73f7c27e..9103261e1328 100644
--- a/internal/services/storage/storage_account_customer_managed_key_resource.go
+++ b/internal/services/storage/storage_account_customer_managed_key_resource.go
@@ -48,9 +48,14 @@ func resourceStorageAccountCustomerManagedKey() *pluginsdk.Resource {
 			},
 
 			"key_vault_id": {
-				Type:         pluginsdk.TypeString,
-				Required:     true,
-				ValidateFunc: keyVaultValidate.VaultID,
+				Type:     pluginsdk.TypeString,
+				Required: true,
+				ValidateFunc: validation.Any(
+					// Storage Account Customer Managed Keys support both Key Vault and Key Vault Managed HSM keys:
+					// https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview
+					keyVaultValidate.VaultID,
+					keyVaultValidate.ManagedHSMID,
+				),
 			},
 
 			"key_name": {