diff --git a/src/KeyVault/KeyVault/Az.KeyVault.psd1 b/src/KeyVault/KeyVault/Az.KeyVault.psd1
index d8fe8ef86dd7..97d5ce733012 100644
--- a/src/KeyVault/KeyVault/Az.KeyVault.psd1
+++ b/src/KeyVault/KeyVault/Az.KeyVault.psd1
@@ -131,7 +131,8 @@ CmdletsToExport = 'Add-AzKeyVaultCertificate', 'Update-AzKeyVaultCertificate',
                'Undo-AzKeyVaultManagedStorageAccountRemoval', 
                'Add-AzKeyVaultNetworkRule', 'Update-AzKeyVaultNetworkRuleSet', 
                'Remove-AzKeyVaultNetworkRule', 'Export-AzKeyVaultSecurityDomain', 
-               'Import-AzKeyVaultSecurityDomain'
+               'Import-AzKeyVaultSecurityDomain',
+               'Get-AzKeyVaultSetting', 'Update-AzKeyVaultSetting'
 
 # Variables to export from this module
 # VariablesToExport = @()
diff --git a/src/KeyVault/KeyVault/Commands/Setting/GetAzKeyVaultSetting.cs b/src/KeyVault/KeyVault/Commands/Setting/GetAzKeyVaultSetting.cs
new file mode 100644
index 000000000000..ea9d238db538
--- /dev/null
+++ b/src/KeyVault/KeyVault/Commands/Setting/GetAzKeyVaultSetting.cs
@@ -0,0 +1,82 @@
+using Microsoft.Azure.Commands.KeyVault.Models;
+using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
+using Microsoft.Azure.Management.Internal.Resources.Utilities.Models;
+
+using System;
+using System.Collections.Generic;
+using System.Management.Automation;
+using System.Text;
+
+namespace Microsoft.Azure.Commands.KeyVault.Commands.Setting
+{
+    [Cmdlet("Get", ResourceManager.Common.AzureRMConstants.AzurePrefix + "KeyVaultSetting", DefaultParameterSetName = GetSettingViaFlattenParameters)]
+    [OutputType(typeof(PSKeyVaultSetting))]
+    public class GetAzKeyVaultSetting: KeyVaultCmdletBase
+    {
+        #region Parameter Set Names
+        private const string GetSettingViaFlattenParameters = " GetSettingViaFlattenParameters";
+        private const string GetSettingViaHsmObject = " GetSettingViaHsmObject";
+        private const string GetSettingViaHsmId = " GetSettingViaHsmId";
+        #endregion
+
+        #region Input Parameter Definitions
+
+        [Parameter(Mandatory = true,
+            Position = 0,
+            ParameterSetName = GetSettingViaFlattenParameters,
+            HelpMessage = "Name of the HSM.")]
+        [ResourceNameCompleter("Microsoft.KeyVault/managedHSMs", "FakeResourceGroupName")]
+        [ValidateNotNullOrEmpty]
+        public string HsmName;
+
+        [Parameter(Mandatory = true,
+            Position = 0,
+            ParameterSetName = GetSettingViaHsmObject,
+            ValueFromPipeline = true,
+            HelpMessage = "Hsm Object.")]
+        [ValidateNotNullOrEmpty]
+        public PSManagedHsm HsmObject;
+
+        [Parameter(Mandatory = true,
+            Position = 0,
+            ParameterSetName = GetSettingViaHsmId,
+            HelpMessage = "Hsm Resource Id.")]
+        [ValidateNotNullOrEmpty]
+        public string HsmId;
+
+        [Parameter(Mandatory = false,
+            Position = 1,
+            HelpMessage = "Name of the setting.")]
+        public string Name;
+
+        #endregion
+
+        public override void ExecuteCmdlet()
+        {
+            NormalizeParameterSets();
+
+            if (string.IsNullOrEmpty(Name))
+            {
+                WriteObject(this.Track2DataClient.GetManagedHsmSettings(HsmName), true);
+            }
+            else
+            {
+                WriteObject(this.Track2DataClient.GetManagedHsmSetting(HsmName, Name));
+            }
+        }
+
+        private void NormalizeParameterSets()
+        {
+            switch (ParameterSetName)
+            {
+                case GetSettingViaHsmId:
+                    var parsedResourceId = new ResourceIdentifier(HsmId);
+                    HsmName = parsedResourceId.ResourceName;
+                    break;
+                case GetSettingViaHsmObject:
+                    HsmName = HsmObject.VaultName;
+                    break;
+            }
+        }
+    }
+}
diff --git a/src/KeyVault/KeyVault/Commands/Setting/UpdateAzKeyVaultSetting.cs b/src/KeyVault/KeyVault/Commands/Setting/UpdateAzKeyVaultSetting.cs
new file mode 100644
index 000000000000..5eb3c9d71949
--- /dev/null
+++ b/src/KeyVault/KeyVault/Commands/Setting/UpdateAzKeyVaultSetting.cs
@@ -0,0 +1,116 @@
+using Microsoft.Azure.Commands.KeyVault.Models;
+using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
+using Microsoft.Azure.Management.Internal.Resources.Utilities.Models;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+
+using System;
+using System.Collections.Generic;
+using System.Management.Automation;
+using System.Text;
+
+namespace Microsoft.Azure.Commands.KeyVault.Commands.Setting
+{
+    [Cmdlet(VerbsData.Update, ResourceManager.Common.AzureRMConstants.AzurePrefix + "KeyVaultSetting")]
+    [OutputType(typeof(PSKeyVaultSetting))]
+    public class UpdateAzKeyVaultSetting : KeyVaultCmdletBase
+    {
+        #region Parameter Set Names
+
+        private const string UpdateSettingViaFlattenValuesParameterSet = " UpdateSettingViaFlattenValues";
+        private const string UpdateSettingViaHsmObjectParameterSet = "UpdateSettingViaHsmObject";
+        private const string UpdateSettingViaHsmIdParameterSet = "UpdateSettingViaHsmId";
+        private const string UpdateSettingViaInputObjectParameterSet = "UpdateSettingViaInputObject";
+
+        #endregion
+
+        #region Input Parameter Definitions
+
+        /// <summary>
+        /// Hsm name
+        /// </summary>
+        [Parameter(Mandatory = true,
+            Position = 0,
+            ParameterSetName = UpdateSettingViaFlattenValuesParameterSet,
+            HelpMessage = "Name of the HSM.")]
+        [ResourceNameCompleter("Microsoft.KeyVault/managedHSMs", "FakeResourceGroupName")]
+        [ValidateNotNullOrEmpty]
+        public string HsmName { get; set; }
+
+        [Parameter(Mandatory = true,
+            Position = 0,
+            ParameterSetName = UpdateSettingViaHsmObjectParameterSet,
+            ValueFromPipeline = true,
+            HelpMessage = "Hsm Object.")]
+        [ValidateNotNullOrEmpty]
+        public PSManagedHsm HsmObject;
+
+        [Parameter(Mandatory = true,
+            Position = 0,
+            ParameterSetName = UpdateSettingViaHsmIdParameterSet,
+            HelpMessage = "Hsm Resource Id.")]
+        [ValidateNotNullOrEmpty]
+        public string HsmId;
+
+        /// <summary>
+        /// Name of the setting
+        /// </summary>
+        [Parameter(Mandatory = true,
+            Position = 1,
+            ParameterSetName = UpdateSettingViaFlattenValuesParameterSet,
+            HelpMessage = "Name of the setting.")]
+        [Parameter(Mandatory = true,
+            Position = 1,
+            ParameterSetName = UpdateSettingViaHsmObjectParameterSet)]
+        [Parameter(Mandatory = true,
+            Position = 1,
+            ParameterSetName = UpdateSettingViaHsmIdParameterSet)]
+        public string Name { get; set; }
+
+        /// <summary>
+        /// Resource group name
+        /// </summary>
+        [Parameter(Mandatory = true, Position = 2, ParameterSetName = UpdateSettingViaFlattenValuesParameterSet,
+            HelpMessage = "Value of the setting.")]
+        [Parameter(Mandatory = true, Position = 2, ParameterSetName = UpdateSettingViaHsmObjectParameterSet)]
+        [Parameter(Mandatory = true, Position = 2, ParameterSetName = UpdateSettingViaHsmIdParameterSet)]
+        [Parameter(Mandatory = false, Position = 2, ParameterSetName = UpdateSettingViaInputObjectParameterSet)]
+        public string Value { get; set; }
+
+        [Parameter(Mandatory = true,
+            Position = 0,
+            ParameterSetName = UpdateSettingViaInputObjectParameterSet,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "The location of the deleted vault.")]
+        [ValidateNotNullOrEmpty()]
+        public PSKeyVaultSetting InputObject { get; set; }
+        
+        #endregion
+
+        public override void ExecuteCmdlet()
+        {
+            NormalizeParameterSets();
+            WriteObject(Track2DataClient.UpdateManagedHsmSetting(InputObject));
+        }
+        private void NormalizeParameterSets()
+        {
+            switch (ParameterSetName)
+            {
+                case UpdateSettingViaHsmIdParameterSet:
+                    var parsedResourceId = new ResourceIdentifier(HsmId);
+                    HsmName = parsedResourceId.ResourceName;
+                    break;
+                case UpdateSettingViaHsmObjectParameterSet:
+                    HsmName = HsmObject.VaultName; 
+                    break;
+            }
+            if (!ParameterSetName.Equals(UpdateSettingViaInputObjectParameterSet))
+            {
+                InputObject = Track2DataClient.GetManagedHsmSetting(HsmName, Name);
+            }
+            if (this.IsParameterBound(c => c.Value))
+            {
+                InputObject.Value = this.Value;
+            }
+        }
+    }
+}
diff --git a/src/KeyVault/KeyVault/KeyVault.csproj b/src/KeyVault/KeyVault/KeyVault.csproj
index 8fee97be98a7..364e42fe696b 100644
--- a/src/KeyVault/KeyVault/KeyVault.csproj
+++ b/src/KeyVault/KeyVault/KeyVault.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <PsModuleName>KeyVault</PsModuleName>
@@ -12,7 +12,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Azure.Security.KeyVault.Administration" Version="4.0.0" />
+    <PackageReference Include="Azure.Security.KeyVault.Administration" Version="4.3.0" />
     <PackageReference Include="Azure.Security.KeyVault.Keys" Version="4.3.0" />
     <PackageReference Include="Azure.Security.KeyVault.Certificates" Version="4.3.0" />
     <PackageReference Include="Portable.BouncyCastle" Version="1.8.8" />
diff --git a/src/KeyVault/KeyVault/Models/IKeyVaultDataServiceClient.cs b/src/KeyVault/KeyVault/Models/IKeyVaultDataServiceClient.cs
index 6e13e202d3c3..476736b2751f 100644
--- a/src/KeyVault/KeyVault/Models/IKeyVaultDataServiceClient.cs
+++ b/src/KeyVault/KeyVault/Models/IKeyVaultDataServiceClient.cs
@@ -261,5 +261,14 @@ public interface IKeyVaultDataServiceClient
         void RemoveHsmRoleAssignment(string hsmName, string scope, string roleAssignmentName);
         void RemoveHsmRoleDefinition(string hsmName, string scope, string name);
         #endregion
+
+        #region
+        IEnumerable<PSKeyVaultSetting> GetManagedHsmSettings(string managedHsm);
+
+        PSKeyVaultSetting GetManagedHsmSetting(string managedHsm, string settingName);
+
+        PSKeyVaultSetting UpdateManagedHsmSetting(PSKeyVaultSetting psSettingParams);
+
+        #endregion
     }
 }
diff --git a/src/KeyVault/KeyVault/Models/KeyVaultDataServiceClient.cs b/src/KeyVault/KeyVault/Models/KeyVaultDataServiceClient.cs
index 77fa0982078c..d86e4c22ea75 100644
--- a/src/KeyVault/KeyVault/Models/KeyVaultDataServiceClient.cs
+++ b/src/KeyVault/KeyVault/Models/KeyVaultDataServiceClient.cs
@@ -2238,5 +2238,23 @@ public PSKeyRotationPolicy SetManagedHsmKeyRotationPolicy(PSKeyRotationPolicy ke
         #endregion
 
         #endregion
+
+        #region Setting
+        public IEnumerable<PSKeyVaultSetting> GetManagedHsmSettings(string managedHsm)
+        {
+            throw new NotImplementedException();
+        }
+
+        public PSKeyVaultSetting GetManagedHsmSetting(string managedHsm, string settingName)
+        {
+            throw new NotImplementedException();
+        }
+
+        public PSKeyVaultSetting UpdateManagedHsmSetting(PSKeyVaultSetting psSettingParams)
+        {
+            throw new NotImplementedException();
+        }
+
+        #endregion
     }
 }
diff --git a/src/KeyVault/KeyVault/Models/PSKeyVaultSetting.cs b/src/KeyVault/KeyVault/Models/PSKeyVaultSetting.cs
new file mode 100644
index 000000000000..79afab1ff526
--- /dev/null
+++ b/src/KeyVault/KeyVault/Models/PSKeyVaultSetting.cs
@@ -0,0 +1,48 @@
+using Azure.Security.KeyVault.Administration;
+
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace Microsoft.Azure.Commands.KeyVault.Models
+{
+    public class PSKeyVaultSetting
+    {
+        /// <summary>
+        /// The account setting to be updated.
+        /// </summary>
+        public string HsmName;
+
+        /// <summary>
+        /// The account setting to be updated.
+        /// </summary>
+        public string Name;
+
+        /// <summary>
+        /// Gets the type specifier of the value.
+        /// </summary>
+        public string SettingType;
+
+        /// <summary>
+        /// Gets the value of the account setting.
+        /// </summary>
+        public string Value;
+
+        public PSKeyVaultSetting() { }
+
+
+        public PSKeyVaultSetting(KeyVaultSetting keyVaultSetting, string hsmName = null) 
+        {
+            if (null != keyVaultSetting)
+            {
+                Name = keyVaultSetting.Name;
+                SettingType = keyVaultSetting.SettingType?.ToString();
+                Value = keyVaultSetting.Value.ToString();
+            }
+            HsmName = hsmName;
+        }
+
+        public override string ToString() => $"{Name}={Value} ({SettingType ?? string.Empty})";
+
+    }
+}
diff --git a/src/KeyVault/KeyVault/Track2Models/Track2HsmClient.cs b/src/KeyVault/KeyVault/Track2Models/Track2HsmClient.cs
index c8e26844e464..e23cb8ec270f 100644
--- a/src/KeyVault/KeyVault/Track2Models/Track2HsmClient.cs
+++ b/src/KeyVault/KeyVault/Track2Models/Track2HsmClient.cs
@@ -15,6 +15,8 @@
 using Azure.Security.KeyVault.Keys.Cryptography;
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 using System.Xml;
+using Microsoft.Azure.Management.WebSites.Version2016_09_01.Models;
+using Microsoft.Azure.Commands.Common.Exceptions;
 
 namespace Microsoft.Azure.Commands.KeyVault.Track2Models
 {
@@ -27,6 +29,7 @@ internal class Track2HsmClient
         private KeyVaultBackupClient CreateBackupClient(string hsmName) => new KeyVaultBackupClient(_uriHelper.CreateVaultUri(hsmName), _credential);
         private KeyVaultAccessControlClient CreateRbacClient(string hsmName) => new KeyVaultAccessControlClient(_uriHelper.CreateVaultUri(hsmName), _credential);
         private CryptographyClient CreateCryptographyClient(string keyId) => new CryptographyClient(new Uri(keyId), _credential);
+        private KeyVaultSettingsClient CreateKeyVaultSettingsClient(string hsmName) => new KeyVaultSettingsClient(_uriHelper.CreateVaultUri(hsmName), _credential);
 
         public Track2HsmClient(IAuthenticationFactory authFactory, IAzureContext context)
         {
@@ -669,5 +672,76 @@ internal void RemoveHsmRoleDefinition(string hsmName, string scope, string roleD
             client.DeleteRoleDefinitionAsync(new KeyVaultRoleScope(scope), Guid.Parse(roleDefinitionName)).ConfigureAwait(false).GetAwaiter().GetResult();
         }
         #endregion
+
+        #region Setting
+        /// <summary>
+        /// 
+        /// </summary>
+        /// <param name="managedHsmName"></param>
+        /// <param name="settingName">The name of the account setting</param>
+        /// <returns></returns>
+        /// <exception cref="ArgumentNullException"></exception>
+        internal PSKeyVaultSetting GetSetting(string managedHsmName, string settingName)
+        {
+            if (string.IsNullOrEmpty(managedHsmName))
+                throw new ArgumentNullException("managedHsmName");
+            if (string.IsNullOrEmpty(settingName))
+                throw new ArgumentNullException("settingName");
+
+            var client = CreateKeyVaultSettingsClient(managedHsmName);
+            try
+            {
+                return new PSKeyVaultSetting(client.GetSetting(settingName), managedHsmName);
+            }
+            catch (Exception ex)
+            {
+                throw GetInnerException(ex);
+            }
+        }
+
+        internal IEnumerable<PSKeyVaultSetting> GetSettings(string managedHsmName)
+        {
+            if (string.IsNullOrEmpty(managedHsmName))
+                throw new ArgumentNullException("managedHsmName");
+            var client = CreateKeyVaultSettingsClient(managedHsmName);
+            try
+            {
+                GetSettingsResult result = client.GetSettings();
+                return null == result ? new List<PSKeyVaultSetting>() : 
+                    result.Settings?.Select(s => new PSKeyVaultSetting(s, managedHsmName));
+            }
+            catch (Exception ex)
+            {
+                throw GetInnerException(ex);
+            }
+        }
+
+        internal PSKeyVaultSetting UpdateSetting(PSKeyVaultSetting psSettingParams)
+        {
+            if (string.IsNullOrEmpty(psSettingParams?.HsmName))
+                throw new ArgumentNullException("managedHsmName");
+            if (null == psSettingParams?.Value)
+                throw new ArgumentNullException("settingValue");
+
+            var client = CreateKeyVaultSettingsClient(psSettingParams.HsmName);
+            try
+            {
+                if (psSettingParams.SettingType.Equals("boolean"))
+                {
+                    bool.TryParse(psSettingParams.Value, out var result);
+                    return new PSKeyVaultSetting(client.UpdateSetting(new KeyVaultSetting(psSettingParams.Name, result)), psSettingParams.HsmName);
+                }
+                else
+                {
+                    throw new AzPSArgumentException("Can't update KeyVaultSetting.Value as string", "KeyVaultSettingValue");
+                }
+
+            }
+            catch (Exception ex)
+            {
+                throw GetInnerException(ex);
+            }
+        }
+        #endregion
     }
 }
diff --git a/src/KeyVault/KeyVault/Track2Models/Track2KeyVaultDataServiceClient.cs b/src/KeyVault/KeyVault/Track2Models/Track2KeyVaultDataServiceClient.cs
index cb4fe26e63d2..714d21a65a76 100644
--- a/src/KeyVault/KeyVault/Track2Models/Track2KeyVaultDataServiceClient.cs
+++ b/src/KeyVault/KeyVault/Track2Models/Track2KeyVaultDataServiceClient.cs
@@ -621,5 +621,22 @@ public PSKeyRotationPolicy SetManagedHsmKeyRotationPolicy(PSKeyRotationPolicy ke
         }
         #endregion
 
+        #region Setting
+        public IEnumerable<PSKeyVaultSetting> GetManagedHsmSettings(string managedHsm)
+        {
+            return HsmClient.GetSettings(managedHsm);
+        }
+
+        public PSKeyVaultSetting GetManagedHsmSetting(string managedHsm, string settingName)
+        {
+            return HsmClient.GetSetting(managedHsm, settingName);
+        }
+
+        public PSKeyVaultSetting UpdateManagedHsmSetting(PSKeyVaultSetting psSettingParams)
+        {
+            return HsmClient.UpdateSetting(psSettingParams);
+        }
+        #endregion
+
     }
 }
\ No newline at end of file
diff --git a/src/KeyVault/KeyVault/help/Az.KeyVault.md b/src/KeyVault/KeyVault/help/Az.KeyVault.md
index 5e37166d1356..479a0aa11e77 100644
--- a/src/KeyVault/KeyVault/help/Az.KeyVault.md
+++ b/src/KeyVault/KeyVault/help/Az.KeyVault.md
@@ -65,6 +65,9 @@ Gets the policy for a certificate in a key vault.
 ### [Get-AzKeyVaultKey](Get-AzKeyVaultKey.md)
 Gets Key Vault keys. Please notes that detailed information about a key, like key type or key size, only available when querying a specific key version.
 
+### [Get-AzKeyVaultKeyRotationPolicy](Get-AzKeyVaultKeyRotationPolicy.md)
+Gets the key rotation policy for the specified key in Key Vault.
+
 ### [Get-AzKeyVaultManagedHsm](Get-AzKeyVaultManagedHsm.md)
 Get managed HSMs.
 
@@ -74,6 +77,9 @@ Gets Key Vault managed Azure Storage Accounts.
 ### [Get-AzKeyVaultManagedStorageSasDefinition](Get-AzKeyVaultManagedStorageSasDefinition.md)
 Gets Key Vault managed Storage SAS Definitions.
 
+### [Get-AzKeyVaultRandomNumber](Get-AzKeyVaultRandomNumber.md)
+Get the requested number of bytes containing random values from a managed HSM.
+
 ### [Get-AzKeyVaultRoleAssignment](Get-AzKeyVaultRoleAssignment.md)
 Get or list role assignments of a managed HSM. Use respective parameters to list assignments to a specific user or a role definition.
 
@@ -92,6 +98,9 @@ Imports previously exported security domain data to a managed HSM.
 ### [Invoke-AzKeyVaultKeyOperation](Invoke-AzKeyVaultKeyOperation.md)
 Performs operation like "Encrypt", "Decrypt", "Wrap" or "Unwrap" using a specified key stored in a key vault or managed hsm.
 
+### [Invoke-AzKeyVaultKeyRotation](Invoke-AzKeyVaultKeyRotation.md)
+Creates a new key version in Key Vault, stores it, then returns the new key.
+
 ### [New-AzKeyVault](New-AzKeyVault.md)
 Creates a key vault.
 
@@ -138,7 +147,7 @@ Deletes a certificate operation from a key vault.
 Deletes a key in a key vault.
 
 ### [Remove-AzKeyVaultManagedHsm](Remove-AzKeyVaultManagedHsm.md)
-Deletes a managed HSM.
+Deletes/Purges a managed HSM.
 
 ### [Remove-AzKeyVaultManagedStorageAccount](Remove-AzKeyVaultManagedStorageAccount.md)
 Removes a Key Vault managed Azure Storage Account and all associated SAS definitions.
@@ -182,6 +191,9 @@ Sets a certificate issuer in a key vault.
 ### [Set-AzKeyVaultCertificatePolicy](Set-AzKeyVaultCertificatePolicy.md)
 Creates or updates the policy for a certificate in a key vault.
 
+### [Set-AzKeyVaultKeyRotationPolicy](Set-AzKeyVaultKeyRotationPolicy.md)
+Sets the key rotation policy for the specified key in Key Vault.
+
 ### [Set-AzKeyVaultManagedStorageSasDefinition](Set-AzKeyVaultManagedStorageSasDefinition.md)
 Sets a Shared Access Signature (SAS) definition with Key Vault for a given Key Vault managed Azure Storage Account.
 
@@ -197,6 +209,9 @@ Recovers a deleted certificate in a key vault into an active state.
 ### [Undo-AzKeyVaultKeyRemoval](Undo-AzKeyVaultKeyRemoval.md)
 Recovers a deleted key in a key vault into an active state.
 
+### [Undo-AzKeyVaultManagedHsmRemoval](Undo-AzKeyVaultManagedHsmRemoval.md)
+Recover a managed HSM.
+
 ### [Undo-AzKeyVaultManagedStorageAccountRemoval](Undo-AzKeyVaultManagedStorageAccountRemoval.md)
 Recovers a previously deleted KeyVault-managed storage account.
 
@@ -206,9 +221,6 @@ Recovers a previously deleted KeyVault-managed storage SAS definition.
 ### [Undo-AzKeyVaultRemoval](Undo-AzKeyVaultRemoval.md)
 Recovers a deleted key vault into an active state.
 
-### [Undo-AzKeyVaultManagedHsmRemoval](./Undo-AzKeyVaultManagedHsmRemoval.md)
-Recovers a deleted HSM into an active state.
-
 ### [Undo-AzKeyVaultSecretRemoval](Undo-AzKeyVaultSecretRemoval.md)
 Recovers a deleted secret in a key vault into an active state.
 
diff --git a/src/KeyVault/KeyVault/help/Get-AzKeyVaultCertificate.md b/src/KeyVault/KeyVault/help/Get-AzKeyVaultCertificate.md
index 5625896a9a12..a5b00e3e5ac7 100644
--- a/src/KeyVault/KeyVault/help/Get-AzKeyVaultCertificate.md
+++ b/src/KeyVault/KeyVault/help/Get-AzKeyVaultCertificate.md
@@ -224,8 +224,8 @@ Name      : test2
 Version   :
 Id        : https://ContosoKV01.vault.azure.net:443/certificates/test2
 ```
-This command gets all certificates starting with "test" from the key vault named ContosoKV01.
 
+This command gets all certificates starting with "test" from the key vault named ContosoKV01.
 
 ## PARAMETERS
 
diff --git a/src/KeyVault/KeyVault/help/Get-AzKeyVaultManagedHsm.md b/src/KeyVault/KeyVault/help/Get-AzKeyVaultManagedHsm.md
index 7782df781fd1..8c0fd08fa086 100644
--- a/src/KeyVault/KeyVault/help/Get-AzKeyVaultManagedHsm.md
+++ b/src/KeyVault/KeyVault/help/Get-AzKeyVaultManagedHsm.md
@@ -12,7 +12,7 @@ Get managed HSMs.
 
 ## SYNTAX
 
-### GetManagedHsm
+### GetManagedHsm (Default)
 ```
 Get-AzKeyVaultManagedHsm [[-Name] <String>] [[-ResourceGroupName] <String>] [-Tag <Hashtable>]
  [-DefaultProfile <IAzureContextContainer>] [-SubscriptionId <String>] [<CommonParameters>]
@@ -95,6 +95,7 @@ This command gets all managed HSMs in the subscription that start with "myhsm".
 ```powershell
 Get-AzKeyVaultManagedHsm -InRemovedState
 ```
+
 ```output
 Name                     Location      DeletionDate           ScheduledPurgeDate    Purge Protection Enabled?
 ----                     --------      ------------           ------------------    -------------------------
diff --git a/src/KeyVault/KeyVault/help/Get-AzKeyVaultSecret.md b/src/KeyVault/KeyVault/help/Get-AzKeyVaultSecret.md
index 03fd787d636a..f328b06658ca 100644
--- a/src/KeyVault/KeyVault/help/Get-AzKeyVaultSecret.md
+++ b/src/KeyVault/KeyVault/help/Get-AzKeyVaultSecret.md
@@ -291,7 +291,7 @@ Register-SecretVault -Name AzKeyVault -ModuleName Az.KeyVault -VaultParameters @
 # Set secret for vault AzKeyVault
 $secure = ConvertTo-SecureString -String "Password" -AsPlainText -Force
 Set-Secret -Vault AzKeyVault -Name secureSecret -SecureStringSecret $secure 
-Get-Secret -Vault AzKeyVault -Name secureSecret -AsPlainText 
+Get-Secret -Vault AzKeyVault -Name secureSecret -AsPlainText
 ```
 
 ```output
diff --git a/src/KeyVault/KeyVault/help/Get-AzKeyVaultSetting.md b/src/KeyVault/KeyVault/help/Get-AzKeyVaultSetting.md
new file mode 100644
index 000000000000..e19756d34056
--- /dev/null
+++ b/src/KeyVault/KeyVault/help/Get-AzKeyVaultSetting.md
@@ -0,0 +1,135 @@
+---
+external help file: Microsoft.Azure.PowerShell.Cmdlets.KeyVault.dll-Help.xml
+Module Name: Az.KeyVault
+online version:
+schema: 2.0.0
+---
+
+# Get-AzKeyVaultSetting
+
+## SYNOPSIS
+{{ Fill in the Synopsis }}
+
+## SYNTAX
+
+###  GetSettingViaFlattenParameters (Default)
+```
+Get-AzKeyVaultSetting [-DefaultProfile <IAzureContextContainer>] [-HsmName] <String> [[-Name] <String>]
+ [<CommonParameters>]
+```
+
+###  GetSettingViaHsmObject
+```
+Get-AzKeyVaultSetting [-DefaultProfile <IAzureContextContainer>] [-HsmObject] <PSManagedHsm> [[-Name] <String>]
+ [<CommonParameters>]
+```
+
+###  GetSettingViaHsmId
+```
+Get-AzKeyVaultSetting [-DefaultProfile <IAzureContextContainer>] [-HsmId] <String> [[-Name] <String>]
+ [<CommonParameters>]
+```
+
+## DESCRIPTION
+{{ Fill in the Description }}
+
+## EXAMPLES
+
+### Example 1
+```powershell
+PS C:\> {{ Add example code here }}
+```
+
+{{ Add example description here }}
+
+## PARAMETERS
+
+### -DefaultProfile
+The credentials, account, tenant, and subscription used for communication with Azure.
+
+```yaml
+Type: Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer
+Parameter Sets: (All)
+Aliases: AzContext, AzureRmContext, AzureCredential
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -HsmId
+Hsm Resource Id.
+
+```yaml
+Type: System.String
+Parameter Sets:  GetSettingViaHsmId
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -HsmName
+Name of the HSM.
+
+```yaml
+Type: System.String
+Parameter Sets:  GetSettingViaFlattenParameters
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -HsmObject
+Hsm Object.
+
+```yaml
+Type: Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm
+Parameter Sets:  GetSettingViaHsmObject
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: True (ByValue)
+Accept wildcard characters: False
+```
+
+### -Name
+Name of the setting.
+
+```yaml
+Type: System.String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: 1
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+### Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm
+
+## OUTPUTS
+
+### Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSetting
+
+## NOTES
+
+## RELATED LINKS
diff --git a/src/KeyVault/KeyVault/help/New-AzKeyVault.md b/src/KeyVault/KeyVault/help/New-AzKeyVault.md
index 546b79b05e52..c20c289415bb 100644
--- a/src/KeyVault/KeyVault/help/New-AzKeyVault.md
+++ b/src/KeyVault/KeyVault/help/New-AzKeyVault.md
@@ -164,6 +164,7 @@ Network Rule Set                 :
                                  
 Tags                             :
 ```
+
 Creating a key vault and specifies network rules to allow access to the specified IP address from the virtual network identified by $myNetworkResId. See `New-AzKeyVaultNetworkRuleSetObject` for more information.
 
 ## PARAMETERS
diff --git a/src/KeyVault/KeyVault/help/Remove-AzKeyVaultSecret.md b/src/KeyVault/KeyVault/help/Remove-AzKeyVaultSecret.md
index 98cefca38ed6..de521737e47e 100644
--- a/src/KeyVault/KeyVault/help/Remove-AzKeyVaultSecret.md
+++ b/src/KeyVault/KeyVault/help/Remove-AzKeyVaultSecret.md
@@ -96,7 +96,6 @@ None
 
 This example removes a secret named `secureSecret` in Azure Key Vault `test-kv` by command `Remove-Secret` in module `Microsoft.PowerShell.SecretManagement`.
 
-
 ### Example 4: Purge deleted secret from the key vault permanently
 ```powershell
 Remove-AzKeyVaultSecret -VaultName 'Contoso' -Name 'FinanceSecret' -InRemovedState
diff --git a/src/KeyVault/KeyVault/help/Set-AzKeyVaultKeyRotationPolicy.md b/src/KeyVault/KeyVault/help/Set-AzKeyVaultKeyRotationPolicy.md
index 10a81cbe2974..5a7105feddee 100644
--- a/src/KeyVault/KeyVault/help/Set-AzKeyVaultKeyRotationPolicy.md
+++ b/src/KeyVault/KeyVault/help/Set-AzKeyVaultKeyRotationPolicy.md
@@ -88,7 +88,7 @@ KeyName         : test-keyAM +00:00
 LifetimeActions : {[Action: Notify, TimeAfterCreate: , TimeBeforeExpiry: P30D]}
 ExpiresIn       : P2Y
 CreatedOn       : 12/10/2021 3:21:51 AM +00:00
-UpdatedOn       : 6/9/2022 7:43:27 
+UpdatedOn       : 6/9/2022 7:43:27
 ```
 
 These commands set the rotation policy of key `test-key` by JSON file.
@@ -105,7 +105,7 @@ KeyName         : test-keyAM +00:00
 LifetimeActions : {[Action: Notify, TimeAfterCreate: , TimeBeforeExpiry: P30D]}
 ExpiresIn       : P2Y
 CreatedOn       : 12/10/2021 3:21:51 AM +00:00
-UpdatedOn       : 6/9/2022 7:43:27 
+UpdatedOn       : 6/9/2022 7:43:27
 ```
 
 These commands set the expiry time will be applied on the new key version of `test-key` as 2 years.
@@ -132,7 +132,7 @@ These commands set the duration before expiry to attempt to rotate `test-key` as
 ```powershell
 $policy = Get-AzKeyVaultKeyRotationPolicy -VaultName test-kv -Name test-key1
 $policy.KeyName = "test-key2"
-$policy | Set-AzKeyVaultKeyRotationPolicy 
+$policy | Set-AzKeyVaultKeyRotationPolicy
 ```
 
 ```output
diff --git a/src/KeyVault/KeyVault/help/Update-AzKeyVaultSetting.md b/src/KeyVault/KeyVault/help/Update-AzKeyVaultSetting.md
new file mode 100644
index 000000000000..9ae0e5046519
--- /dev/null
+++ b/src/KeyVault/KeyVault/help/Update-AzKeyVaultSetting.md
@@ -0,0 +1,185 @@
+---
+external help file: Microsoft.Azure.PowerShell.Cmdlets.KeyVault.dll-Help.xml
+Module Name: Az.KeyVault
+online version:
+schema: 2.0.0
+---
+
+# Update-AzKeyVaultSetting
+
+## SYNOPSIS
+{{ Fill in the Synopsis }}
+
+## SYNTAX
+
+###  UpdateSettingViaFlattenValues
+```
+Update-AzKeyVaultSetting [-HsmName] <String> [-Name] <String> [-Value] <String>
+ [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
+```
+
+### UpdateSettingViaHsmObject
+```
+Update-AzKeyVaultSetting [-Name] <String> [-Value] <String> [-DefaultProfile <IAzureContextContainer>]
+ [-HsmObject] <PSManagedHsm> [<CommonParameters>]
+```
+
+### UpdateSettingViaHsmId
+```
+Update-AzKeyVaultSetting [-Name] <String> [-Value] <String> [-DefaultProfile <IAzureContextContainer>]
+ [-HsmId] <String> [<CommonParameters>]
+```
+
+### UpdateSettingViaInputObject
+```
+Update-AzKeyVaultSetting [[-Value] <String>] [-InputObject] <PSKeyVaultSetting>
+ [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
+```
+
+## DESCRIPTION
+{{ Fill in the Description }}
+
+## EXAMPLES
+
+### Example 1
+```powershell
+PS C:\> {{ Add example code here }}
+```
+
+{{ Add example description here }}
+
+## PARAMETERS
+
+### -DefaultProfile
+The credentials, account, tenant, and subscription used for communication with Azure.
+
+```yaml
+Type: Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer
+Parameter Sets: (All)
+Aliases: AzContext, AzureRmContext, AzureCredential
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -HsmId
+Hsm Resource Id.
+
+```yaml
+Type: System.String
+Parameter Sets: UpdateSettingViaHsmId
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -HsmName
+Name of the HSM.
+
+```yaml
+Type: System.String
+Parameter Sets:  UpdateSettingViaFlattenValues
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -HsmObject
+Hsm Object.
+
+```yaml
+Type: Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm
+Parameter Sets: UpdateSettingViaHsmObject
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: True (ByValue)
+Accept wildcard characters: False
+```
+
+### -InputObject
+The location of the deleted vault.
+
+```yaml
+Type: Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSetting
+Parameter Sets: UpdateSettingViaInputObject
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
+### -Name
+Name of the setting.
+
+```yaml
+Type: System.String
+Parameter Sets:  UpdateSettingViaFlattenValues, UpdateSettingViaHsmObject, UpdateSettingViaHsmId
+Aliases:
+
+Required: True
+Position: 1
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Value
+Value of the setting.
+
+```yaml
+Type: System.String
+Parameter Sets:  UpdateSettingViaFlattenValues, UpdateSettingViaHsmObject, UpdateSettingViaHsmId
+Aliases:
+
+Required: True
+Position: 2
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+```yaml
+Type: System.String
+Parameter Sets: UpdateSettingViaInputObject
+Aliases:
+
+Required: False
+Position: 2
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+### Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSetting
+
+### Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm
+
+## OUTPUTS
+
+### Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultSetting
+
+## NOTES
+
+## RELATED LINKS