MICROSOFT AZURE IoT Platform-Manual PDF
MICROSOFT AZURE IoT Platform-Manual PDF
IoT Hub is a managed service, hosted in the cloud, that acts as a central message hub for bi-directional
communication between your IoT application and the devices it manages. You can use Azure IoT Hub to build IoT
solutions with reliable and secure communications between millions of IoT devices and a cloud-hosted solution
backend. You can connect virtually any device to IoT Hub.
IoT Hub supports communications both from the device to the cloud and from the cloud to the device. IoT Hub
supports multiple messaging patterns such as device-to-cloud telemetry, file upload from devices, and request-
reply methods to control your devices from the cloud. IoT Hub monitoring helps you maintain the health of your
solution by tracking events such as device creation, device failures, and device connections.
IoT Hub's capabilities help you build scalable, full-featured IoT solutions such as managing industrial equipment
used in manufacturing, tracking valuable assets in healthcare, and monitoring office building usage.
Next steps
To try out an end-to-end IoT solution, check out the IoT Hub quickstarts:
Quickstart: Send telemetry from a device to an IoT hub
To learn more about the ways you can build and deploy IoT solutions with Azure IoT, visit:
Fundamentals: Azure IoT technologies and solutions.
Quickstart: Send telemetry from a device to an IoT
hub and monitor it with the Azure CLI
11/11/2019 • 7 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into the
cloud for storage or processing. In this quickstart, you use the Azure CLI to create an IoT Hub and a simulated
device, send device telemetry to the hub, and send a cloud-to-device message. You also use the Azure portal to
visualize device metrics. This is a basic workflow for developers who use the CLI to interact with an IoT Hub
application.
Prerequisites
If you don't have an Azure subscription, create one for free before you begin.
Azure CLI. You can run all commands in this quickstart using the Azure Cloud Shell, an interactive CLI shell
that runs in your browser. If you use the Cloud Shell, you don't need to install anything. If you prefer to use the
CLI locally, this quickstart requires Azure CLI version 2.0.76 or later. Run az --version to find the version. To
install or upgrade, see Install Azure CLI.
NOTE
If this is the first time you've used the Cloud Shell, it prompts you to create storage, which is required to use the
Cloud Shell. Select a subscription to create a storage account and Microsoft Azure Files share.
2. Select your preferred CLI environment in the Select environment dropdown. This quickstart uses the
Bash environment. All the following CLI commands work in the Powershell environment too.
Prepare two CLI sessions
In this section, you prepare two Azure CLI sessions. If you're using the Cloud Shell, you will run the two sessions
in separate browser tabs. If using a local CLI client, you will run two separate CLI instances. You'll use the first
session as a simulated device, and the second session to monitor and send messages. To run a command, select
Copy to copy a block of code in this quickstart, paste it into your shell session, and run it.
Azure CLI requires you to be logged into your Azure account. All communication between your Azure CLI shell
session and your IoT hub is authenticated and encrypted. As a result, this quickstart does not need additional
authentication that you'd use with a real device, such as a connection string.
1. Run the az extension add command to add the Microsoft Azure IoT Extension for Azure CLI to your CLI
shell. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
After you install the Azure IOT extension, you don't need to install it again in any Cloud Shell session.
2. Open a second CLI session. If you're using the Cloud Shell, select Open new session. If you're using the
CLI locally, open a second instance.
1. Run the az group create command to create a resource group. The following command creates a resource
group named MyResourceGroup in the eastus location.
2. Run the az iot hub create command to create an IoT hub. It might take a few minutes to create an IoT hub.
YourIotHubName. Replace this placeholder below with the name you chose for your IoT hub. An IoT hub
name must be globally unique in Azure. This placeholder is used in the rest of this quickstart to represent
your IoT hub name.
2. Run the az iot device simulate command in the first CLI session. This starts the simulated device. The
device sends telemetry to your IoT hub and receives messages from it.
YourIotHubName. Replace this placeholder below with the name you chose for your IoT hub.
To monitor a device:
1. In the second CLI session, run the az iot hub monitor-events command. This starts monitoring the
simulated device. The output shows telemetry that the simulated device sends to the IoT hub.
YourIotHubName. Replace this placeholder below with the name you chose for your IoT hub.
2. In the second CLI session, run the az iot device c2d-message send command. This sends a cloud-to-device
message from your IoT hub to the simulated device. The message includes a string and two key-value
pairs.
YourIotHubName. Replace this placeholder below with the name you chose for your IoT hub.
az iot device c2d-message send -d simDevice --data "Hello World" --props "key0=value0;key1=value1" -n
{YourIoTHubName}
Optionally, you can send cloud-to-device messages by using the Azure portal. To do this, browse to the
overview page for your IoT Hub, select IoT Devices, select the simulated device, and select Message to
Device.
3. In the first CLI session, confirm that the simulated device received the message.
4. After you view the message, close the second CLI session. Keep the first CLI session open. You use it to
clean up resources in a later step.
Clean up resources
If you no longer need the Azure resources created in this quickstart, you can use the Azure CLI to delete them.
If you continue to the next recommended article, you can keep the resources you've already created and reuse
them.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources.
2. Run the az group list command to confirm the resource group is deleted.
az group list
Next steps
In this quickstart, you used the Azure CLI to create an IoT hub, create a simulated device, send telemetry, monitor
telemetry, send a cloud-to-device message, and clean up resources. You used the Azure portal to visualize
messaging metrics on your device.
If you are a device developer, the suggested next step is to see the telemetry quickstart that uses the Azure IoT
Device SDK for C. Optionally, see one of the available Azure IoT Hub telemetry quickstart articles in your
preferred language or SDK.
Quickstart: Send telemetry from a device to an IoT hub (C )
Quickstart: Send telemetry from a device to an IoT
hub and read it with a back-end application (C)
12/19/2019 • 9 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into the
cloud for storage or processing. In this quickstart, you send telemetry from a simulated device application,
through IoT Hub, to a back-end application for processing.
The quickstart uses a C sample application from the Azure IoT device SDK for C to send telemetry to an IoT hub.
The Azure IoT device SDKs are written in ANSI C (C99) for portability and broad platform compatibility. Before
running the sample code, you will create an IoT hub and register the simulated device with that hub.
This article is written for Windows, but you can complete this quickstart on Linux as well.
OPTION EXAMPLE/LINK
Prerequisites
Install Visual Studio 2019 with the 'Desktop development with C++' workload enabled.
Install the latest version of Git.
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
mkdir cmake
cd cmake
5. Run the following command to build a version of the SDK specific to your development client platform. A
Visual Studio solution for the simulated device will be generated in the cmake directory.
cmake ..
If cmake doesn't find your C++ compiler, you might get build errors while running the above command. If
that happens, try running this command in the Visual Studio command prompt.
Once the build succeeds, the last few output lines will look similar to the following output:
$ cmake ..
-- Building for: Visual Studio 15 2017
-- Selecting Windows SDK version 10.0.16299.0 to target Windows 10.0.17134.
-- The C compiler identification is MSVC 19.12.25835.0
-- The CXX compiler identification is MSVC 19.12.25835.0
...
-- Configuring done
-- Generating done
-- Build files have been written to: E:/IoT Testing/azure-iot-sdk-c/cmake
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this section, you'll use the Azure Cloud
Shell with the IoT extension to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyCDevice: This is the name of the device you're registering. It's recommended to use MyCDevice as
shown. If you choose a different name for your device, you'll also need to use that name throughout this
article, and update the device name in the sample applications before you run them.
2. Run the following command in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
az iot hub device-identity show-connection-string --hub-name {YourIoTHubName} --device-id MyCDevice --
output table
azure-iot-sdk-c\iothub_client\samples\iothub_convenience_sample\iothub_convenience_sample.c
Replace the value of the connectionString constant with the device connection string you made a note of
earlier. Then save your changes to iothub_convenience_sample.c.
3. In a local terminal window, navigate to the iothub_convenience_sample project directory in the CMake
directory that you created in the Azure IoT C SDK. Enter the following command from your working
directory:
cd azure-iot-sdk-c/cmake/iothub_client/samples/iothub_convenience_sample
4. Run CMake in your local terminal window to build the sample with your updated connectionString value:
5. In your local terminal window, run the following command to run the simulated device application:
Debug\iothub_convenience_sample.exe
The following screenshot shows the output as the simulated device application sends telemetry to the IoT
hub:
Read the telemetry from your hub
In this section, you'll use the Azure Cloud Shell with the IoT extension to monitor the device messages that are
sent by the simulated device.
1. Using the Azure Cloud Shell, run the following command to connect and read messages from your IoT
hub:
YourIoTHubName: Replace this placeholder below with the name you choose for your IoT hub.
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of
deleting the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its contained
resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, sent simulated telemetry to the hub using a C
application, and read the telemetry from the hub using the Azure Cloud Shell.
To learn more about developing with the Azure IoT Hub C SDK, continue to the following How -to guide:
Develop using Azure IoT Hub C SDK
Quickstart: Send telemetry from a device to an IoT
hub and read it with a back-end application
(Node.js)
1/6/2020 • 8 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into
the cloud for storage or processing. In this quickstart, you send telemetry from a simulated device application,
through IoT Hub, to a back-end application for processing.
The quickstart uses two pre-written Node.js applications, one to send the telemetry and one to read the
telemetry from the hub. Before you run these two applications, you create an IoT hub and register a device
with the hub.
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written in Node.js. You need Node.js v10.x.x or later
on your development machine. If you are using the Azure Cloud Shell, do not update the installed version of
Node.js. The Azure Cloud Shell already has the latest Node.js version.
You can download Node.js for multiple platforms from nodejs.org.
You can verify the current version of Node.js on your development machine using the following command:
node --version
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure
Cloud Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyNodeDevice: This is the name of the device you're registering. It's recommended to use
MyNodeDevice as shown. If you choose a different name for your device, you'll also need to use that
name throughout this article, and update the device name in the sample applications before you run
them.
2. Run the following command in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
az iot hub device-identity show-connection-string --hub-name {YourIoTHubName} --device-id
MyNodeDevice --output table
You'll use this value later in the quickstart. This service connection string is different from the device
connection string you noted in the previous step.
npm install
node SimulatedDevice.js
The following screenshot shows the output as the simulated device application sends telemetry to your
IoT hub:
Read the telemetry from your hub
The back-end application connects to the service-side Events endpoint on your IoT Hub. The application
receives the device-to-cloud messages sent from your simulated device. An IoT Hub back-end application
typically runs in the cloud to receive and process device-to-cloud messages.
1. Open another local terminal window, navigate to the root folder of the sample Node.js project. Then
navigate to the iot-hub\Quickstarts\read-d2c-messages folder.
2. Open the ReadDeviceToCloudMessages.js file in a text editor of your choice.
Replace the value of the connectionString variable with the service connection string you made a note
of earlier. Then save your changes to ReadDeviceToCloudMessages.js.
3. In the local terminal window, run the following commands to install the required libraries and run the
back-end application:
npm install
node ReadDeviceToCloudMessages.js
The following screenshot shows the output as the back-end application receives telemetry sent by the
simulated device to the hub:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created
and reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently
deleted. Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT
Hub inside an existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself
instead of deleting the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its
contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, sent simulated telemetry to the hub using a
Node.js application, and read the telemetry from the hub using a simple back-end application.
To learn how to control your simulated device from a back-end application, continue to the next quickstart.
Quickstart: Control a device connected to an IoT hub
Quickstart: Send telemetry from a device to an IoT
hub and read it with a back-end application (.NET)
10/8/2019 • 8 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into
the cloud for storage or processing. In this quickstart, you send telemetry from a simulated device application,
through IoT Hub, to a back-end application for processing.
The quickstart uses two pre-written C# applications, one to send the telemetry and one to read the telemetry
from the hub. Before you run these two applications, you create an IoT hub and register a device with the hub.
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written using C#. You need the .NET Core SDK 2.1.0
or greater on your development machine.
You can download the .NET Core SDK for multiple platforms from .NET.
You can verify the current version of C# on your development machine using the following command:
dotnet --version
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure
Cloud Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyDotnetDevice: This is the name of the device you're registering. It's recommended to use
MyDotnetDevice as shown. If you choose a different name for your device, you'll also need to use that
name throughout this article, and update the device name in the sample applications before you run
them.
2. Run the following command in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
az iot hub device-identity show-connection-string --hub-name {YourIoTHubName} --device-id
MyDotnetDevice --output table
az iot hub policy show --name service --query primaryKey --hub-name {YourIoTHubName}
Make a note of these three values, which you'll use later in the quickstart.
dotnet restore
4. In the local terminal window, run the following command to build and run the simulated device
application:
dotnet run
The following screenshot shows the output as the simulated device application sends telemetry to your
IoT hub:
Read the telemetry from your hub
The back-end application connects to the service-side Events endpoint on your IoT Hub. The application
receives the device-to-cloud messages sent from your simulated device. An IoT Hub back-end application
typically runs in the cloud to receive and process device-to-cloud messages.
1. In another local terminal window, navigate to the root folder of the sample C# project. Then navigate to
the iot-hub\Quickstarts\read-d2c-messages folder.
2. Open the ReadDeviceToCloudMessages.cs file in a text editor of your choice. Update the following
variables and save your changes to the file.
VARIABLE VALUE
s_eventHubsCompatibleEndpoint Replace the value of the variable with the Event Hubs-
compatible endpoint you made a note of earlier.
s_eventHubsCompatiblePath Replace the value of the variable with the Event Hubs-
compatible path you made a note of earlier.
3. In the local terminal window, run the following commands to install the required libraries for the back-
end application:
dotnet restore
4. In the local terminal window, run the following commands to build and run the back-end application:
dotnet run
The following screenshot shows the output as the back-end application receives telemetry sent by the
simulated device to the hub:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created
and reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently
deleted. Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT
Hub inside an existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself
instead of deleting the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its
contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, sent simulated telemetry to the hub using a C#
application, and read the telemetry from the hub using a simple back-end application.
To learn how to control your simulated device from a back-end application, continue to the next quickstart.
Quickstart: Control a device connected to an IoT hub
Quickstart: Send telemetry to an Azure IoT hub
and read it with a Java application
11/8/2019 • 8 minutes to read • Edit Online
The quickstart shows how to send telemetry to an Azure IoT hub and read it with a Java application. IoT Hub is
an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into the cloud for
storage or processing. In this quickstart, you send telemetry from a simulated device application, through IoT
Hub, to a back-end application for processing.
The quickstart uses two pre-written Java applications, one to send the telemetry and one to read the telemetry
from the hub. Before you run these two applications, you create an IoT hub and register a device with the hub.
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written using Java. You need Java SE 8 on your
development machine.
You can download Java SE Development Kit 8 for multiple platforms from Java long-term support for Azure
and Azure Stack. Make sure you select Java 8 under Long-term support to get to downloads for JDK 8.
You can verify the current version of Java on your development machine using the following command:
java -version
To build the samples, you need to install Maven 3. You can download Maven for multiple platforms from
Apache Maven.
You can verify the current version of Maven on your development machine using the following command:
mvn --version
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure
Cloud Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyJavaDevice: This is the name of the device you're registering. It's recommended to use
MyJavaDevice as shown. If you choose a different name for your device, you'll also need to use that
name throughout this article, and update the device name in the sample applications before you run
them.
2. Run the following command in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
az iot hub device-identity show-connection-string --hub-name {YourIoTHubName} --device-id
MyJavaDevice --output table
az iot hub policy show --name service --query primaryKey --hub-name {YourIoTHubName}
Make a note of these three values, which you'll use later in the quickstart.
4. In the local terminal window, run the following commands to run the simulated device application:
The following screenshot shows the output as the simulated device application sends telemetry to your
IoT hub:
Read the telemetry from your hub
The back-end application connects to the service-side Events endpoint on your IoT Hub. The application
receives the device-to-cloud messages sent from your simulated device. An IoT Hub back-end application
typically runs in the cloud to receive and process device-to-cloud messages.
1. In another local terminal window, navigate to the root folder of the sample Java project. Then navigate
to the iot-hub\Quickstarts\read-d2c-messages folder.
2. Open the
src/main/java/com/microsoft/docs/iothub/samples/ReadDeviceToCloudMessages.java file in a
text editor of your choice. Update the following variables and save your changes to the file.
VARIABLE VALUE
eventHubsCompatibleEndpoint Replace the value of the variable with the Event Hubs-
compatible endpoint you made a note of earlier.
eventHubsCompatiblePath Replace the value of the variable with the Event Hubs-
compatible path you made a note of earlier.
3. In the local terminal window, run the following commands to install the required libraries and build the
back-end application:
4. In the local terminal window, run the following commands to run the back-end application:
The following screenshot shows the output as the back-end application receives telemetry sent by the
simulated device to the hub:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created
and reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently
deleted. Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT
Hub inside an existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself
instead of deleting the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its
contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, sent simulated telemetry to the hub using a Java
application, and read the telemetry from the hub using a simple back-end application.
To learn how to control your simulated device from a back-end application, continue to the next quickstart.
Quickstart: Control a device connected to an IoT hub
Quickstart: Send telemetry from a device to an IoT
hub and read it with a back-end application
(Python)
12/5/2019 • 6 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into
the cloud for storage or processing. In this quickstart, you send telemetry from a simulated device application,
through IoT Hub, to a back-end application for processing.
The quickstart uses a pre-written Python application to send the telemetry and a CLI utility to read the
telemetry from the hub. Before you run these two applications, you create an IoT hub and register a device with
the hub.
If you don’t have an Azure subscription, create a free account before you begin.
Prerequisites
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyPythonDevice: This is the name of the device you're registering. It's recommended to use
MyPythonDevice as shown. If you choose a different name for your device, you'll also need to use that
name throughout this article, and update the device name in the sample applications before you run
them.
2. Run the following command in Azure Cloud Shell to get the device connection string for the device you
registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
4. In the local terminal window, run the following commands to run the simulated device application:
python SimulatedDevice.py
The following screenshot shows the output as the simulated device application sends telemetry to your
IoT hub:
The following screenshot shows the output as the extension receives telemetry sent by the simulated device to
the hub:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created
and reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently
deleted. Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT
Hub inside an existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself
instead of deleting the resource group.
Next steps
In this quickstart, you set up an IoT hub, registered a device, sent simulated telemetry to the hub using a
Python application, and read the telemetry from the hub using a simple back-end application.
To learn how to control your simulated device from a back-end application, continue to the next quickstart.
Quickstart: Control a device connected to an IoT hub
Quickstart: Send IoT telemetry from an Android
device
10/8/2019 • 7 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into the
cloud for storage or processing. In this quickstart, you send telemetry to an IoT Hub from an Android application
running on a physical or simulated device.
The quickstart uses a pre-written Android application to send the telemetry. The telemetry will be read from the
IoT Hub using the Azure Cloud Shell. Before you run the application, you create an IoT hub and register a device
with the hub.
OPTION EXAMPLE/LINK
Prerequisites
Android studio from https://developer.android.com/studio/. For more information on Android Studio
installation, see android-installation.
Android SDK 27 is used by the sample in this article.
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
The sample Android application you run in this quickstart is part of the azure-iot-samples-java repository
on GitHub. Download or clone the azure-iot-samples-java repository.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyAndroidDevice: This is the name of the device you're registering. It's recommended to use
MyAndroidDevice as shown. If you choose a different name for your device, you'll also need to use that
name throughout this article, and update the device name in the sample applications before you run them.
2. Run the following command in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
az iot hub device-identity show-connection-string --hub-name {YourIoTHubName} --device-id
MyAndroidDevice --output table
\azure-iot-samples-java\iot-hub\Samples\device\AndroidSample
2. In Android Studio, open gradle.properties for the sample project and replace the
Device_Connection_String placeholder with the device connection string you made a note of earlier.
DeviceConnectionString=HostName={YourIoTHubName}.azure-
devices.net;DeviceId=MyAndroidDevice;SharedAccessKey={YourSharedAccessKey}
3. In Android Studio, click File > Sync Project with Gradle Files. Verify the build completes.
NOTE
If the project sync fails, it may be for one of the following reasons:
The versions of the Android Gradle plugin and Gradle referenced in the project are out of date for your version
of Android Studio. Follow these instructions to reference and install the correct versions of the plugin and
Gradle for your installation.
The license agreement for the Android SDK has not been signed. Follow the instructions in the Build output to
sign the license agreement and download the SDK.
4. Once the build has completed, click Run > Run 'app'. Configure the app to run on a physical Android
device or an Android emulator. For more information on running an Android app on a physical device or
emulator, see Run your app.
5. Once the app loads, click the Start button to start sending telemetry to your IoT Hub:
Read the telemetry from your hub
In this section, you will use the Azure Cloud Shell with the IoT extension to monitor the device messages that are
sent by the Android device.
1. Using the Azure Cloud Shell, run the following command to connect and read messages from your IoT
hub:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
The following screenshot shows the output as the IoT hub receives telemetry sent by the Android device:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of
deleting the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its contained
resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, sent simulated telemetry to the hub using an
Android application, and read the telemetry from the hub using the Azure Cloud Shell.
To learn how to control your simulated device from a back-end application, continue to the next quickstart.
Quickstart: Control a device connected to an IoT hub
Quickstart: Send telemetry from a device to an IoT
hub (iOS)
10/8/2019 • 7 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to ingest high volumes of telemetry from your IoT devices into the
cloud for storage or processing. In this article, you send telemetry from a simulated device application to IoT
Hub. Then you can view the data from a back-end application.
This article uses a pre-written Swift application to send the telemetry and a CLI utility to read the telemetry
from IoT Hub.
OPTION EXAMPLE/LINK
Prerequisites
Download the code sample from Azure samples
The latest version of XCode, running the latest version of the iOS SDK. This quickstart was tested with
XCode 10.2 and iOS 12.2.
The latest version of CocoaPods.
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
myiOSdevice: This is the name of the device you're registering. It's recommended to use myiOSdevice
as shown. If you choose a different name for your device, you'll also need to use that name throughout
this article, and update the device name in the sample applications before you run them.
2. Run the following command in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
cd quickstart/sample-device
Make sure that XCode is closed, then run the following command to install the CocoaPods that are declared in
the podfile file:
pod install
Along with installing the pods required for your project, the installation command also created an XCode
workspace file that is already configured to use the pods for dependencies.
Run the sample application
1. Open the sample workspace in XCode.
2. Expand the MQTT Client Sample project and then expand the folder of the same name.
3. Open ViewController.swift for editing in XCode.
4. Search for the connectionString variable and update the value with the device connection string that
you made a note of earlier.
5. Save your changes.
6. Run the project in the device emulator with the Build and run button or the key combo command + r.
The following screenshot shows the output as the extension receives telemetry sent by the simulated device to
the hub:
The following screenshot shows the type of telemetry that you see in your local terminal window:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created
and reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside
an existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of
deleting the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its
contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, sent simulated telemetry to the hub from an iOS
device, and read the telemetry from the hub.
To learn how to control your simulated device from a back-end application, continue to the next quickstart.
Quickstart: Control a device connected to an IoT hub
Quickstart: Use Node.js to control a device
connected to an Azure IoT hub
10/17/2019 • 8 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to manage your IoT devices from the cloud, and ingest high
volumes of device telemetry to the cloud for storage or processing. In this quickstart, you use a direct method to
control a simulated device connected to your IoT hub. You can use direct methods to remotely change the
behavior of a device connected to your IoT hub.
The quickstart uses two pre-written Node.js applications:
A simulated device application that responds to direct methods called from a back-end application. To
receive the direct method calls, this application connects to a device-specific endpoint on your IoT hub.
A back-end application that calls the direct methods on the simulated device. To call a direct method on a
device, this application connects to service-side endpoint on your IoT hub.
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written using Node.js. You need Node.js v10.x.x or later
on your development machine.
You can download Node.js for multiple platforms from nodejs.org.
You can verify the current version of Node.js on your development machine using the following command:
node --version
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
If you haven't already done so, download the sample Node.js project from https://github.com/Azure-
Samples/azure-iot-samples-node/archive/master.zip and extract the ZIP archive.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
If you completed the previous Quickstart: Send telemetry from a device to an IoT hub, you can skip this step.
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyNodeDevice: This is the name of the device you're registering. It's recommended to use
MyNodeDevice as shown. If you choose a different name for your device, you also need to use that
name throughout this article, and update the device name in the sample applications before you run them.
2. Run the following commands in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
You use this value later in the quickstart. This service connection string is different from the device
connection string you noted in the previous step.
npm install
node SimulatedDevice.js
The following screenshot shows the output as the simulated device application sends telemetry to your
IoT hub:
Call the direct method
The back-end application connects to a service-side endpoint on your IoT Hub. The application makes direct
method calls to a device through your IoT hub and listens for acknowledgments. An IoT Hub back-end
application typically runs in the cloud.
1. In another local terminal window, navigate to the root folder of the sample Node.js project. Then navigate
to the iot-hub\Quickstarts\back-end-application folder.
2. Open the BackEndApplication.js file in a text editor of your choice.
Replace the value of the connectionString variable with the service connection string you made a note of
earlier. Then save your changes to BackEndApplication.js.
3. In the local terminal window, run the following commands to install the required libraries and run the
back-end application:
npm install
node BackEndApplication.js
The following screenshot shows the output as the application makes a direct method call to the device and
receives an acknowledgment:
After you run the back-end application, you see a message in the console window running the simulated
device, and the rate at which it sends messages changes:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of
deleting the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its contained
resources are deleted.
Next steps
In this quickstart, you called a direct method on a device from a back-end application, and responded to the direct
method call in a simulated device application.
To learn how to route device-to-cloud messages to different destinations in the cloud, continue to the next
tutorial.
Tutorial: Route telemetry to different endpoints for processing
Quickstart: Control a device connected to an IoT hub
(.NET)
10/16/2019 • 8 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to manage your IoT devices from the cloud, and ingest high volumes
of device telemetry to the cloud for storage or processing. In this quickstart, you use a direct method to control a
simulated device connected to your IoT hub. You can use direct methods to remotely change the behavior of a
device connected to your IoT hub.
The quickstart uses two pre-written .NET applications:
A simulated device application that responds to direct methods called from a back-end application. To
receive the direct method calls, this application connects to a device-specific endpoint on your IoT hub.
A back-end application that calls the direct methods on the simulated device. To call a direct method on a
device, this application connects to service-side endpoint on your IoT hub.
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written using C#. You need the .NET Core SDK 2.1.0 or
greater on your development machine.
You can download the .NET Core SDK for multiple platforms from .NET.
You can verify the current version of C# on your development machine using the following command:
dotnet --version
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell instance.
The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific commands to
Azure CLI.
If you haven't already done so, download the sample C# project from https://github.com/Azure-Samples/azure-
iot-samples-csharp/archive/master.zip and extract the ZIP archive.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
If you completed the previous Quickstart: Send telemetry from a device to an IoT hub, you can skip this step.
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyDotnetDevice: This is the name of the device you're registering. It's recommended to use
MyDotnetDevice as shown. If you choose a different name for your device, you also need to use that
name throughout this article, and update the device name in the sample applications before you run them.
2. Run the following commands in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
You use this value later in the quickstart. This service connection string is different from the device connection
string you noted in the previous step.
dotnet restore
4. In the local terminal window, run the following command to build and run the simulated device application:
dotnet run
The following screenshot shows the output as the simulated device application sends telemetry to your IoT
hub:
Call the direct method
The back-end application connects to a service-side endpoint on your IoT Hub. The application makes direct
method calls to a device through your IoT hub and listens for acknowledgments. An IoT Hub back-end application
typically runs in the cloud.
1. In another local terminal window, navigate to the root folder of the sample C# project. Then navigate to the
iot-hub\Quickstarts\back-end-application folder.
2. Open the BackEndApplication.cs file in a text editor of your choice.
Replace the value of the s_connectionString variable with the service connection string you made a note of
earlier. Then save your changes to BackEndApplication.cs.
3. In the local terminal window, run the following commands to install the required libraries for the back-end
application:
dotnet restore
4. In the local terminal window, run the following commands to build and run the back-end application:
dotnet run
The following screenshot shows the output as the application makes a direct method call to the device and
receives an acknowledgment:
After you run the back-end application, you see a message in the console window running the simulated
device, and the rate at which it sends messages changes:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of deleting
the resource group.
To delete a resource group by name:
1. Sign in to the Azure portal and select Resource groups.
2. In the Filter by name textbox, type the name of the resource group containing your IoT Hub.
3. To the right of your resource group in the result list, select ... then Delete resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its contained
resources are deleted.
Next steps
In this quickstart, you called a direct method on a device from a back-end application, and responded to the direct
method call in a simulated device application.
To learn how to route device-to-cloud messages to different destinations in the cloud, continue to the next tutorial.
Tutorial: Route telemetry to different endpoints for processing
Quickstart: Control a device connected to an Azure
IoT hub with Java
11/8/2019 • 9 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to manage your IoT devices from the cloud, and ingest high
volumes of device telemetry to the cloud for storage or processing. In this quickstart, you use a direct method to
control a simulated device connected to your Azure IoT hub with a Java application. You can use direct methods
to remotely change the behavior of a device connected to your IoT hub.
The quickstart uses two pre-written Java applications:
A simulated device application that responds to direct methods called from a back-end application. To
receive the direct method calls, this application connects to a device-specific endpoint on your IoT hub.
A back-end application that calls the direct methods on the simulated device. To call a direct method on a
device, this application connects to service-side endpoint on your IoT hub.
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written using Java. You need Java SE 8 on your
development machine.
You can download Java SE Development Kit 8 for multiple platforms from Java long-term support for Azure and
Azure Stack. Make sure you select Java 8 under Long-term support to get to downloads for JDK 8.
You can verify the current version of Java on your development machine using the following command:
java -version
To build the samples, you need to install Maven 3. You can download Maven for multiple platforms from Apache
Maven.
You can verify the current version of Maven on your development machine using the following command:
mvn --version
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
If you haven't already done so, download the sample Java project from https://github.com/Azure-Samples/azure-
iot-samples-java/archive/master.zip and extract the ZIP archive.
Register a device
If you completed the previous Quickstart: Send telemetry from a device to an IoT hub, you can skip this step.
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyJavaDevice: This is the name of the device you're registering. It's recommended to use
MyJavaDevice as shown. If you choose a different name for your device, you also need to use that name
throughout this article, and update the device name in the sample applications before you run them.
2. Run the following commands in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you choose for your IoT hub.
You use this value later in the quickstart. This service connection string is different from the device connection
string you noted in the previous step.
4. In the local terminal window, run the following commands to run the simulated device application:
The following screenshot shows the output as the simulated device application sends telemetry to your IoT
hub:
Call the direct method
The back-end application connects to a service-side endpoint on your IoT Hub. The application makes direct
method calls to a device through your IoT hub and listens for acknowledgments. An IoT Hub back-end
application typically runs in the cloud.
1. In another local terminal window, navigate to the root folder of the sample Java project. Then navigate to
the iot-hub\Quickstarts\back-end-application folder.
2. Open the src/main/java/com/microsoft/docs/iothub/samples/BackEndApplication.java file in a
text editor of your choice.
Replace the value of the iotHubConnectionString variable with the service connection string you made a
note of earlier. Then save your changes to BackEndApplication.java.
3. In the local terminal window, run the following commands to install the required libraries and build the
back-end application:
4. In the local terminal window, run the following commands to run the back-end application:
The following screenshot shows the output as the application makes a direct method call to the device and
receives an acknowledgment:
After you run the back-end application, you see a message in the console window running the simulated
device, and the rate at which it sends messages changes:
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of deleting
the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its contained
resources are deleted.
Next steps
In this quickstart, you called a direct method on a device from a back-end application, and responded to the direct
method call in a simulated device application.
To learn how to route device-to-cloud messages to different destinations in the cloud, continue to the next
tutorial.
Tutorial: Route telemetry to different endpoints for processing
Quickstart: Control a device connected to an IoT hub
(Python)
12/5/2019 • 9 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to manage your IoT devices from the cloud, and ingest high
volumes of device telemetry to the cloud for storage or processing. In this quickstart, you use a direct method to
control a simulated device connected to your IoT hub. You can use direct methods to remotely change the
behavior of a device connected to your IoT hub.
The quickstart uses two pre-written Python applications:
A simulated device application that responds to direct methods called from a back-end application. To
receive the direct method calls, this application connects to a device-specific endpoint on your IoT hub.
A back-end application that calls the direct methods on the simulated device. To call a direct method on a
device, this application connects to service-side endpoint on your IoT hub.
IMPORTANT
In this article, the back-end application uses the Python V1 service client and the device application uses the Python V2
device client. The V1 service client is located in the v1-deprecated branch of the Azure IoT Python SDK GitHub repository.
The Pip package for the V1 service client, azure-iothub-service-client, has strict, platform-specific requirements -- including
the version of Python installed on your development machine. These requirements are noted in the Prerequisites section.
OPTION EXAMPLE/LINK
Prerequisites
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
If you haven't already done so, download the sample Python project from https://github.com/Azure-
Samples/azure-iot-samples-python/archive/master.zip and extract the ZIP archive.
For Windows, the following prerequisites are required to install the V1 IoT Hub service client Pip package:
Make sure you have Python version 3.6.x installed.
Make sure you have the Microsoft Visual C++ Redistributable for Visual Studio installed.
For non-Windows platforms, see the Python Pip package distribution table in the V1 SDK documentation.
Make sure the Python 3.x version specified for your platform and any associated requirements are installed on
your development machine. Installing Python 3.x rather than 2.7 enables async operations in the V2 device client,
which is also used in this quickstart.
Register a device
If you completed the previous Quickstart: Send telemetry from a device to an IoT hub, you can skip this step.
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyPythonDevice: This is the name of the device you're registering. It's recommended to use
MyPythonDevice as shown. If you choose a different name for your device, you also need to use that
name throughout this article, and update the device name in the sample applications before you run them.
2. Run the following commands in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
You use this value later in the quickstart. This service connection string is different from the device
connection string you noted in the previous step.
4. In the local terminal window, run the following commands to run the simulated device application:
python SimulatedDevice.py
The following screenshot shows the output as the simulated device application sends telemetry to your IoT
hub:
Call the direct method
The back-end application connects to a service-side endpoint on your IoT Hub. The application makes direct
method calls to a device through your IoT hub and listens for acknowledgments. An IoT Hub back-end
application typically runs in the cloud.
1. In another local terminal window, navigate to the root folder of the sample Python project. Then navigate
to the iot-hub\Quickstarts\back-end-application folder.
2. Open the BackEndApplication.py file in a text editor of your choice.
Replace the value of the CONNECTION_STRING variable with the service connection string you made a note of
earlier. Then save your changes to BackEndApplication.py.
3. In the local terminal window, run the following commands to install the required libraries for the simulated
device application:
4. In the local terminal window, run the following commands to run the back-end application:
python BackEndApplication.py
The following screenshot shows the output as the application makes a direct method call to the device and
receives an acknowledgment:
After you run the back-end application, you see a message in the console window running the simulated
device, and the rate at which it sends messages changes:
NOTE
If you get an error on the import of iothub_service_client, make sure you've installed the exact version of Python
and any other associated artifacts specified for your platform in Prerequisites. If, after verifying the prerequisites,
you still get an error, you may need to build the service client for your platform. To learn how to build the SDK for
your platform, see the devbox setup instructions in the V1 SDK documentation.
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of deleting
the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group
again to confirm, and then select Delete. After a few moments, the resource group and all of its contained
resources are deleted.
Next steps
In this quickstart, you've called a direct method on a device from a back-end application, and responded to the
direct method call in a simulated device application.
To learn how to route device-to-cloud messages to different destinations in the cloud, continue to the next
tutorial.
Tutorial: Route telemetry to different endpoints for processing
Quickstart: Control a device connected to an IoT hub
(Android)
10/16/2019 • 11 minutes to read • Edit Online
IoT Hub is an Azure service that enables you to manage your IoT devices from the cloud, and ingest high
volumes of device telemetry to the cloud for storage or processing. In this quickstart, you use a direct method to
control a simulated device connected to your IoT hub. You can use direct methods to remotely change the
behavior of a device connected to your IoT hub.
The quickstart uses two pre-written Java applications:
A simulated device application that responds to direct methods called from a back-end service application.
To receive the direct method calls, this application connects to a device-specific endpoint on your IoT hub.
A service application that calls the direct method on the Android device. To call a direct method on a
device, this application connects to service-side endpoint on your IoT hub.
OPTION EXAMPLE/LINK
Prerequisites
Android studio from https://developer.android.com/studio/. For more information on Android Studio
installation, see android-installation.
Android SDK 27 is used by the sample in this article.
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell
instance. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) specific
commands to Azure CLI.
Two sample applications are required by this quickstart: The Device SDK sample Android application and
the Service SDK sample Android application. Both of these samples are part of the azure-iot-samples-java
repository on GitHub. Download or clone the azure-iot-samples-java repository.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Register a device
If you completed the previous Quickstart: Send telemetry from a device to an IoT hub, you can skip this step and
use the same device registered in the previous quickstart.
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyAndroidDevice: This is the name of the device you're registering. It's recommended to use
MyAndroidDevice as shown. If you choose a different name for your device, you also need to use that
name throughout this article, and update the device name in the sample applications before you run them.
2. Run the following commands in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you choose for your IoT hub.
You use this value later in the quickstart. This service connection string is different from the device connection
string you noted in the previous step.
\azure-iot-samples-java\iot-hub\Samples\device\AndroidSample
2. In Android Studio, open gradle.properties for the sample project and replace the
Device_Connection_String placeholder with the device connection string you made a note of earlier.
DeviceConnectionString=HostName={YourIoTHubName}.azure-
devices.net;DeviceId=MyAndroidDevice;SharedAccessKey={YourSharedAccessKey}
3. In Android Studio, click File > Sync Project with Gradle Files. Verify the build completes.
NOTE
If the project sync fails, it may be for one of the following reasons:
The versions of the Android Gradle plugin and Gradle referenced in the project are out of date for your version
of Android Studio. Follow these instructions to reference and install the correct versions of the plugin and Gradle
for your installation.
The license agreement for the Android SDK has not been signed. Follow the instructions in the Build output to
sign the license agreement and download the SDK.
4. Once the build has completed, click Run > Run 'app'. Configure the app to run on a physical Android
device or an Android emulator. For more information on running an Android app on a physical device or
emulator, see Run your app.
5. Once the app loads, click the Start button to start sending telemetry to your IoT Hub:
This app needs to be left running on a physical device or emulator while you execute the service SDK sample to
update the telemetry interval during run-time.
By default, the telemetry app sends telemetry from the Android device every five seconds. In the next section, you
will use a direct method call to update the telemetry interval for the Android IoT device.
\azure-iot-samples-java\iot-hub\Samples\service\AndroidSample
2. In Android Studio, open gradle.properties for the sample project. Update the values for the
ConnectionString and DeviceId properties with the service connection string you noted earlier and the
Android device ID you registered.
ConnectionString=HostName={YourIoTHubName}.azure-
devices.net;SharedAccessKeyName=service;SharedAccessKey={YourSharedAccessKey}
DeviceId=MyAndroidDevice
3. In Android Studio, click File > Sync Project with Gradle Files. Verify the build completes.
NOTE
If the project sync fails, it may be for one of the following reasons:
The versions of the Android Gradle plugin and Gradle referenced in the project are out of date for your version
of Android Studio. Follow these instructions to reference and install the correct versions of the plugin and Gradle
for your installation.
The license agreement for the Android SDK has not been signed. Follow the instructions in the Build output to
sign the license agreement and download the SDK.
4. Once the build has completed, click Run > Run 'app'. Configure the app to run on a separate physical
Android device or an Android emulator. For more information on running an Android app on a physical
device or emulator, see Run your app.
5. Once the app loads, update the Set Messaging Interval value to 1000 and click Invoke.
Th telemetry messaging interval is in milliseconds. The default telemetry interval of the device sample is
set for 5 seconds. This change will update the Android IoT device so that telemetry is sent every second.
6. The app will receive an acknowledgment indicating whether the method executed successfully or not.
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of deleting
the resource group.
Next steps
In this quickstart, you called a direct method on a device from a back-end application, and responded to the direct
method call in a simulated device application.
To learn how to route device-to-cloud messages to different destinations in the cloud, continue to the next
tutorial.
Tutorial: Route telemetry to different endpoints for processing
Quickstart: Communicate to a device application in
C# via IoT Hub device streams (preview)
11/14/2019 • 8 minutes to read • Edit Online
OPTION EXAMPLE/LINK
Prerequisites
The preview of device streams is currently supported only for IoT hubs that are created in the following
regions:
Central US
Central US EUAP
North Europe
Southeast Asia
The two sample applications that you run in this quickstart are written in C#. You need the .NET Core SDK
2.1.0 or later on your development machine.
Download the .NET Core SDK for multiple platforms from .NET.
Verify the current version of C# on your development machine by using the following command:
dotnet --version
Add the Azure IoT Extension for Azure CLI to your Cloud Shell instance by running the following
command. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS )-specific
commands to the Azure CLI.
Download the sample C# project and extract the ZIP archive. You need it on both the device side and the
service side.
In Size and scale, you can accept the default settings and select Review + create at the bottom. Consider
the following options:
Pricing and scale tier: Your selected tier. Select one of the standard tiers (S1, S2, or S3) or F1: Free
tier. This choice can also be guided by the size of your fleet and the non-streaming workloads that
you expect in your hub, for example, telemetry messages. For example, the free tier is intended for
testing and evaluation. It allows 500 devices to be connected to the IoT hub and up to 8,000
messages per day. Each Azure subscription can create one IoT hub in the free tier.
Number of IoT Hub units: The number of messages allowed per unit per day depends on your
hub's pricing tier. This choice depends on non-streaming workload you expect in your hub. You can
select 1 for now.
Advanced Settings > Device-to-cloud partitions: This property relates the device-to-cloud
messages to the number of simultaneous readers of the messages. Most hubs only need four
partitions.
For more information about tier options, see Choose the right IoT hub tier.
6. To review your choices, choose Review + create. Your results will be similar to the following:
7. To create your new IoT hub, select Create. The process takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this section, you use Azure Cloud Shell to
register a simulated device.
1. To create the device identity, run the following command in Cloud Shell:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
For the name of the device you're registering, it's recommended to use MyDevice as shown. If you choose a
different name for your device, use that name throughout this article, and update the device name in the sample
applications before you run them.
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
Note the returned device connection string for later use in this quickstart. It looks like the following
example:
HostName={YourIoTHubName}.azure-devices.net;DeviceId=MyDevice;SharedAccessKey={YourSharedAccessKey}
3. You also need the service connection string from your IoT hub to enable the service-side application to
connect to your IoT hub and establish a device stream. The following command retrieves this value for your
IoT hub:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
Note the returned service connection string for later use in this quickstart. It looks like the following
example:
"HostName={YourIoTHubName}.azure-devices.net;SharedAccessKeyName=service;SharedAccessKey=
{YourSharedAccessKey}"
Communicate between the device and the service via device streams
In this section, you run both the device-side application and the service-side application and communicate
between the two.
Run the service -side application
In a local terminal window, navigate to the iot-hub/Quickstarts/device-streams-echo/service directory in your
unzipped project folder. Keep the following information handy:
# In Windows
dotnet run {ServiceConnectionString} MyDevice
The application will wait for the device application to become available.
NOTE
A timeout occurs if the device-side application doesn't respond in time.
cd ./iot-hub/Quickstarts/device-streams-echo/device/
# In Windows
dotnet run {DeviceConnectionString}
At the end of the last step, the service-side application initiates a stream to your device. After the stream is
established, the application sends a string buffer to the service over the stream. In this sample, the service-side
application simply echoes back the same data to the device, which demonstrates a successful bidirectional
communication between the two applications.
Console output on the device side:
Clean up resources
If you plan to continue to the next recommended article, you can keep and reuse the resources you've already
created.
Otherwise, to avoid charges, you can delete the Azure resources that you created in this article.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you don't accidentally delete the wrong resource group or resources. If you created the IoT hub inside an
existing resource group that contains resources that you want to keep, delete only the IoT hub resource itself, not the
resource group.
4. To confirm the deletion of the resource group, reenter the resource group name, and then select Delete.
After a few moments, the resource group and all its contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, established a device stream between C# applications
on the device and service sides, and used the stream to send data back and forth between the applications.
To learn more about device streams, see:
Device streams overview
Quickstart: Communicate to a device application in
Node.js via IoT Hub device streams (preview)
11/14/2019 • 8 minutes to read • Edit Online
Microsoft Azure IoT Hub currently supports device streams as a preview feature.
IoT Hub device streams allow service and device applications to communicate in a secure and firewall-friendly
manner. During public preview, Node.js SDK only supports device streams on the service side. As a result, this
quickstart only covers instructions to run the service-side application. You should run an accompanying device-
side application from one of the following quickstarts:
Communicate to device apps in C via IoT Hub device streams
Communicate to device apps in C# via IoT Hub device streams.
The service-side Node.js application in this quickstart has the following functionalities:
Creates a device stream to an IoT device.
Reads input from command line and sends it to the device application, which will echo it back.
The code will demonstrate the initiation process of a device stream, as well as how to use it to send and receive
data.
OPTION EXAMPLE/LINK
Prerequisites
The preview of device streams is currently only supported for IoT Hubs created in the following regions:
Central US
Central US EUAP
North Europe
Southeast Asia
To run the service-side application in this quickstart, you need Node.js v10.x.x or later on your development
machine.
You can download Node.js for multiple platforms from Nodejs.org.
You can verify the current version of Node.js on your development machine using the following command:
node --version
Run the following command to add the Microsoft Azure IoT Extension for Azure CLI to your Cloud Shell instance.
The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS ) commands to Azure CLI.
If you haven't already done so, download the sample Node.js project from https://github.com/Azure-
Samples/azure-iot-samples-node/archive/streams-preview.zip and extract the ZIP archive.
In Size and scale, you can accept the default settings and select Review + create at the bottom. Consider
the following options:
Pricing and scale tier: Your selected tier. Select one of the standard tiers (S1, S2, or S3) or F1: Free
tier. This choice can also be guided by the size of your fleet and the non-streaming workloads that
you expect in your hub, for example, telemetry messages. For example, the free tier is intended for
testing and evaluation. It allows 500 devices to be connected to the IoT hub and up to 8,000
messages per day. Each Azure subscription can create one IoT hub in the free tier.
Number of IoT Hub units: The number of messages allowed per unit per day depends on your
hub's pricing tier. This choice depends on non-streaming workload you expect in your hub. You can
select 1 for now.
Advanced Settings > Device-to-cloud partitions: This property relates the device-to-cloud
messages to the number of simultaneous readers of the messages. Most hubs only need four
partitions.
For more information about tier options, see Choose the right IoT hub tier.
6. To review your choices, choose Review + create. Your results will be similar to the following:
7. To create your new IoT hub, select Create. The process takes a few minutes.
Register a device
If you completed the previous Quickstart: Send telemetry from a device to an IoT hub, you can skip this step.
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following command in Azure Cloud Shell to create the device identity.
YourIoTHubName: Replace this placeholder below with the name you chose for your IoT hub.
MyDevice: This is the name for the device you're registering. It's recommended to use MyDevice as
shown. If you choose a different name for your device, you also need to use that name throughout this
article, and update the device name in the sample applications before you run them.
Note the returned service connection string for later use in this quickstart. It looks like the following
example:
"HostName={YourIoTHubName}.azure-devices.net;SharedAccessKeyName=service;SharedAccessKey=
{YourSharedAccessKey}"
# In Linux
export IOTHUB_CONNECTION_STRING="{ServiceConnectionString}"
export STREAMING_TARGET_DEVICE="MyDevice"
# In Windows
SET IOTHUB_CONNECTION_STRING={ServiceConnectionString}
SET STREAMING_TARGET_DEVICE=MyDevice
Change the ServiceConnectionString placeholder to match your service connection string, and MyDevice
to match your device ID if you gave yours a different name.
Navigate to Quickstarts/device-streams-service in your unzipped project folder and run the sample using
node.
cd azure-iot-samples-node-streams-preview/iot-hub/Quickstarts/device-streams-service
node echo.js
At the end of the last step, the service-side program will initiate a stream to your device and once established will
send a string buffer to the service over the stream. In this sample, the service-side program simply reads the
stdin on the terminal and sends it to the device, which will then echo it back. This demonstrates successful
bidirectional communication between the two applications.
Clean up resources
If you plan to continue to the next recommended article, you can keep and reuse the resources you've already
created.
Otherwise, to avoid charges, you can delete the Azure resources that you created in this article.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you don't accidentally delete the wrong resource group or resources. If you created the IoT hub inside an
existing resource group that contains resources that you want to keep, delete only the IoT hub resource itself, not the
resource group.
4. To confirm the deletion of the resource group, reenter the resource group name, and then select Delete.
After a few moments, the resource group and all its contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, established a device stream between applications on
the device and service side, and used the stream to send data back and forth between the applications.
Use the links below to learn more about device streams:
Device streams overview
Quickstart: Communicate to a device application in
C via IoT Hub device streams (preview)
12/20/2019 • 8 minutes to read • Edit Online
OPTION EXAMPLE/LINK
Prerequisites
You need the following prerequisites:
Install Visual Studio 2019 with the Desktop development with C++ workload enabled.
Install the latest version of Git.
Run the following command to add the Azure IoT Extension for Azure CLI to your Cloud Shell instance.
The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS )-specific commands
to the Azure CLI.
The preview of device streams is currently supported only for IoT hubs that are created in the following regions:
Central US
Central US EUAP
North Europe
Southeast Asia
NOTE
Before you begin this procedure, be sure that Visual Studio is installed with the Desktop development with C++
workload.
mkdir cmake
cd cmake
4. Run the following commands from the cmake directory to build a version of the SDK that's specific to your
development client platform.
In Linux:
cmake ..
make -j
In Windows, open a Developer Command Prompt for Visual Studio. Run the command for your
version of Visual Studio. This quickstart uses Visual Studio 2019. These commands create a Visual
Studio solution for the simulated device in the cmake directory.
In Size and scale, you can accept the default settings and select Review + create at the bottom. Consider
the following options:
Pricing and scale tier: Your selected tier. Select one of the standard tiers (S1, S2, or S3) or F1: Free
tier. This choice can also be guided by the size of your fleet and the non-streaming workloads that
you expect in your hub, for example, telemetry messages. For example, the free tier is intended for
testing and evaluation. It allows 500 devices to be connected to the IoT hub and up to 8,000
messages per day. Each Azure subscription can create one IoT hub in the free tier.
Number of IoT Hub units: The number of messages allowed per unit per day depends on your
hub's pricing tier. This choice depends on non-streaming workload you expect in your hub. You can
select 1 for now.
Advanced Settings > Device-to-cloud partitions: This property relates the device-to-cloud
messages to the number of simultaneous readers of the messages. Most hubs only need four
partitions.
For more information about tier options, see Choose the right IoT hub tier.
6. To review your choices, choose Review + create. Your results will be similar to the following:
7. To create your new IoT hub, select Create. The process takes a few minutes.
Register a device
You must register a device with your IoT hub before it can connect. In this section, you use Azure Cloud Shell with
the IoT Extension to register a simulated device.
1. To create the device identity, run the following command in Cloud Shell:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
For the name of the device you're registering, it's recommended to use MyDevice as shown. If you choose a
different name for your device, use that name throughout this article, and update the device name in the sample
applications before you run them.
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
Note the returned device connection string for later use in this quickstart. It looks like the following
example:
HostName={YourIoTHubName}.azure-devices.net;DeviceId=MyDevice;SharedAccessKey={YourSharedAccessKey}
Communicate between the device and the service via device streams
In this section, you run both the device-side application and the service-side application and communicate
between the two.
Run the device -side application
To run the device-side application, follow these steps:
1. Provide your device credentials by editing the iothub_client_c2d_streaming_sample.c source file in the
iothub_client/samples/iothub_client_c2d_streaming_sample folder and adding your device connection
string.
# In Linux
# Go to the sample's folder cmake/iothub_client/samples/iothub_client_c2d_streaming_sample
make -j
rem In Windows
rem Go to the cmake folder at the root of repo
cmake --build . -- /m /p:Configuration=Release
# In Linux
# Go to the sample's folder cmake/iothub_client/samples/iothub_client_c2d_streaming_sample
./iothub_client_c2d_streaming_sample
rem In Windows
rem Go to the sample's release folder
cmake\iothub_client\samples\iothub_client_c2d_streaming_sample\Release
iothub_client_c2d_streaming_sample.exe
Clean up resources
If you plan to continue to the next recommended article, you can keep and reuse the resources you've already
created.
Otherwise, to avoid charges, you can delete the Azure resources that you created in this article.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you don't accidentally delete the wrong resource group or resources. If you created the IoT hub inside an
existing resource group that contains resources that you want to keep, delete only the IoT hub resource itself, not the
resource group.
4. To confirm the deletion of the resource group, reenter the resource group name, and then select Delete.
After a few moments, the resource group and all its contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, established a device stream between a C application
on the device and another application on the service side, and used the stream to send data back and forth
between the applications.
To learn more about device streams, see:
Device streams overview
Quickstart: Enable SSH and RDP over an IoT Hub
device stream by using a C# proxy application
(preview)
11/14/2019 • 11 minutes to read • Edit Online
Microsoft Azure IoT Hub currently supports device streams as a preview feature.
IoT Hub device streams allow service and device applications to communicate in a secure and firewall-friendly
manner. This quickstart guide involves two C# applications that enable client-server application traffic (such as
Secure Shell [SSH] and Remote Desktop Protocol [RDP ] to be sent over a device stream that's established
through an IoT hub. For an overview of the setup, see Local proxy application sample for SSH or RDP.
This article first describes the setup for SSH (using port 22) and then describes how to modify the setup's port for
RDP. Because device streams are application- and protocol-agnostic, the same sample can be modified to
accommodate other types of application traffic. This modification usually involves only changing the
communication port to the one that's used by the intended application.
How it works
The following figure illustrates how the device-local and service-local proxy applications in this sample enable
end-to-end connectivity between the SSH client and SSH daemon processes. Here, we assume that the daemon is
running on the same device as the device-local proxy application.
1. The service-local proxy application connects to the IoT hub and initiates a device stream to the target
device.
2. The device-local proxy application completes the stream initiation handshake and establishes an end-to-
end streaming tunnel through the IoT hub's streaming endpoint to the service side.
3. The device-local proxy application connects to the SSH daemon that's listening on port 22 on the device.
This setting is configurable, as described in the "Run the device-local proxy application" section.
4. The service-local proxy application waits for new SSH connections from a user by listening on a designated
port, which in this case is port 2222. This setting is configurable, as described in the "Run the service-local
proxy application" section. When the user connects via the SSH client, the tunnel enables SSH application
traffic to be transferred between the SSH client and server application.
NOTE
SSH traffic that's sent over a device stream is tunneled through the IoT hub's streaming endpoint rather than sent directly
between service and device. For more information, see the benefits of using Iot Hub device streams.
OPTION EXAMPLE/LINK
Prerequisites
The preview of device streams is currently supported only for IoT hubs that are created in the following
regions:
Central US
Central US EUAP
Southeast Asia
North Europe
The two sample applications that you run in this quickstart are written in C#. You need the .NET Core SDK
2.1.0 or later on your development machine.
You can download the .NET Core SDK for multiple platforms from .NET.
Verify the current version of C# on your development machine by using the following command:
dotnet --version
Run the following command to add the Azure IoT Extension for Azure CLI to your Cloud Shell instance.
The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS )-specific commands
to the Azure CLI.
In Size and scale, you can accept the default settings and select Review + create at the bottom. Consider
the following options:
Pricing and scale tier: Your selected tier. Select one of the standard tiers (S1, S2, or S3) or F1: Free
tier. This choice can also be guided by the size of your fleet and the non-streaming workloads that
you expect in your hub, for example, telemetry messages. For example, the free tier is intended for
testing and evaluation. It allows 500 devices to be connected to the IoT hub and up to 8,000
messages per day. Each Azure subscription can create one IoT hub in the free tier.
Number of IoT Hub units: The number of messages allowed per unit per day depends on your
hub's pricing tier. This choice depends on non-streaming workload you expect in your hub. You can
select 1 for now.
Advanced Settings > Device-to-cloud partitions: This property relates the device-to-cloud
messages to the number of simultaneous readers of the messages. Most hubs only need four
partitions.
For more information about tier options, see Choose the right IoT hub tier.
6. To review your choices, choose Review + create. Your results will be similar to the following:
7. To create your new IoT hub, select Create. The process takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use Azure Cloud Shell
to register a simulated device.
1. To create the device identity, run the following command in Cloud Shell:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
For the name of the device you're registering, it's recommended to use MyDevice as shown. If you choose a
different name for your device, use that name throughout this article, and update the device name in the sample
applications before you run them.
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
Note the returned device connection string for later use in this quickstart. It looks like the following
example:
HostName={YourIoTHubName}.azure-devices.net;DeviceId=MyDevice;SharedAccessKey={YourSharedAccessKey}
3. To connect to your IoT hub and establish a device stream, you also need the service connection string from
your IoT hub to enable the service-side application. The following command retrieves this value for your
IoT hub:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
Note the returned service connection string for later use in this quickstart. It looks like the following
example:
"HostName={YourIoTHubName}.azure-devices.net;SharedAccessKeyName=service;SharedAccessKey=
{YourSharedAccessKey}"
DeviceConnectionString The device connection string of the device that you created
earlier.
targetServiceHostName The IP address where the SSH server listens. The address
would be localhost if it were the same IP where the device-
local proxy application is running.
targetServicePort The port that's used by your application protocol (for SSH, by
default, this would be port 22).
# In Windows
dotnet run {DeviceConnectionString} localhost 22
localPortNumber A local port that your SSH client will connect to. We use port
2222 in this sample, but you could use other arbitrary
numbers.
cd ./iot-hub/Quickstarts/device-streams-proxy/service/
# In Windows
dotnet run {ServiceConnectionString} MyDevice 2222
At this point, the SSH sign-in window prompts you to enter your credentials.
Console output on the service side (the service-local proxy application listens on port 2222):
Console output on the device-local proxy application, which connects to the SSH daemon at IP_address:22:
Console output of the SSH client application. The SSH client communicates to the SSH daemon by connecting to
port 22, which the service-local proxy application is listening on:
DeviceConnectionString The device connection string of the device that you created
earlier.
cd ./iot-hub/Quickstarts/device-streams-proxy/device
# In Windows
dotnet run {DeviceConnectionString} localhost 3389
localPortNumber A local port that your SSH client will connect to. We use port
2222 in this sample, but you could modify this to other
arbitrary numbers.
cd ./iot-hub/Quickstarts/device-streams-proxy/service/
# In Windows
dotnet run {ServiceConnectionString} MyDevice 2222
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you don't accidentally delete the wrong resource group or resources. If you created the IoT hub inside an
existing resource group that contains resources that you want to keep, delete only the IoT hub resource itself, not the
resource group.
4. To confirm the deletion of the resource group, reenter the resource group name, and then select Delete.
After a few moments, the resource group and all its contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, deployed device-local and service-local proxy
applications to establish a device stream through the IoT hub, and used the proxy applications to tunnel SSH or
RDP traffic. The same paradigm can accommodate other client-server protocols, where the server runs on the
device (for example, the SSH daemon).
To learn more about device streams, see:
Device streams overview
Quickstart: Enable SSH and RDP over an IoT Hub
device stream by using a Node.js proxy application
(preview)
11/14/2019 • 8 minutes to read • Edit Online
Microsoft Azure IoT Hub currently supports device streams as a preview feature.
IoT Hub device streams allow service and device applications to communicate in a secure and firewall-friendly
manner.
This quickstart describes the execution of a Node.js proxy application that's running on the service side to enable
Secure Shell (SSH) and Remote Desktop Protocol (RDP ) traffic to be sent to the device over a device stream. For
an overview of the setup, see Local Proxy Sample.
During public preview, the Node.js SDK supports device streams on the service side only. As a result, this
quickstart covers instructions to run only the service-local proxy application. To run the device-local proxy
application, see:
Enable SSH and RDP over IoT Hub device streams by using a C proxy application
Enable SSH and RDP over IoT Hub device streams by using a C# proxy application
This article describes the setup for SSH (by using port 22) and then describes how to modify the setup for RDP
(which uses port 3389). Because device streams are application- and protocol-agnostic, you can modify the same
sample to accommodate other types of client-server application traffic, usually by modifying the communication
port.
OPTION EXAMPLE/LINK
Prerequisites
The preview of device streams is currently supported only for IoT hubs that are created in the following
regions:
Central US
Central US EUAP
Southeast Asia
North Europe
To run the service-local application in this quickstart, you need Node.js v10.x.x or later on your development
machine.
Download Node.js for multiple platforms.
Verify the current version of Node.js on your development machine by using the following command:
node --version
Add the Azure IoT Extension for Azure CLI to your Cloud Shell instance by running the following
command. The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS )-specific
commands to the Azure CLI.
If you haven't already done so, download the sample Node.js project and extract the ZIP archive.
In Size and scale, you can accept the default settings and select Review + create at the bottom. Consider
the following options:
Pricing and scale tier: Your selected tier. Select one of the standard tiers (S1, S2, or S3) or F1: Free
tier. This choice can also be guided by the size of your fleet and the non-streaming workloads that
you expect in your hub, for example, telemetry messages. For example, the free tier is intended for
testing and evaluation. It allows 500 devices to be connected to the IoT hub and up to 8,000
messages per day. Each Azure subscription can create one IoT hub in the free tier.
Number of IoT Hub units: The number of messages allowed per unit per day depends on your
hub's pricing tier. This choice depends on non-streaming workload you expect in your hub. You can
select 1 for now.
Advanced Settings > Device-to-cloud partitions: This property relates the device-to-cloud
messages to the number of simultaneous readers of the messages. Most hubs only need four
partitions.
For more information about tier options, see Choose the right IoT hub tier.
6. To review your choices, choose Review + create. Your results will be similar to the following:
7. To create your new IoT hub, select Create. The process takes a few minutes.
Register a device
If you completed Quickstart: Send telemetry from a device to an IoT hub, you can skip this step.
A device must be registered with your IoT hub before it can connect. In this section, you use Azure Cloud Shell to
register a simulated device.
1. To create the device identity, run the following command in Cloud Shell:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
For the name of the device you're registering, it's recommended to use MyDevice as shown. If you choose a
different name for your device, use that name throughout this article, and update the device name in the sample
applications before you run them.
az iot hub device-identity create --hub-name {YourIoTHubName} --device-id MyDevice
2. To enable the back-end application to connect to your IoT hub and retrieve the messages, you also need a
service connection string. The following command retrieves the string for your IoT hub:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
Note the returned service connection string for later use in this quickstart. It looks like the following
example:
"HostName={YourIoTHubName}.azure-devices.net;SharedAccessKeyName=service;SharedAccessKey=
{YourSharedAccessKey}"
# In Linux
export IOTHUB_CONNECTION_STRING="{ServiceConnectionString}"
export STREAMING_TARGET_DEVICE="MyDevice"
export PROXY_PORT=2222
# In Windows
SET IOTHUB_CONNECTION_STRING={ServiceConnectionString}
SET STREAMING_TARGET_DEVICE=MyDevice
SET PROXY_PORT=2222
Change the ServiceConnectionString placeholder to match your service connection string, and MyDevice
to match your device ID if you gave yours a different name.
2. Navigate to the Quickstarts/device-streams-service directory in your unzipped project folder. Use the
following code to run the service-local proxy application:
cd azure-iot-samples-node-streams-preview/iot-hub/Quickstarts/device-streams-service
Console output of the SSH client application (SSH client communicates to SSH daemon by connecting to port 22,
where the service-local proxy application is listening):
RDP to your device via device streams
Now use your RDP client application and connect to the service proxy on port 2222, an arbitrary port that you
chose earlier.
NOTE
Ensure that your device proxy is configured correctly for RDP and configured with RDP port 3389.
Clean up resources
If you plan to continue to the next recommended article, you can keep and reuse the resources you've already
created.
Otherwise, to avoid charges, you can delete the Azure resources that you created in this article.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you don't accidentally delete the wrong resource group or resources. If you created the IoT hub inside an
existing resource group that contains resources that you want to keep, delete only the IoT hub resource itself, not the
resource group.
4. To confirm the deletion of the resource group, reenter the resource group name, and then select Delete.
After a few moments, the resource group and all its contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, and deployed a service proxy application to enable
RDP and SSH on an IoT device. The RDP and SSH traffic will be tunneled via a device stream through the IoT
hub. This process eliminates the need for direct connectivity to the device.
To learn more about device streams, see:
Device streams overview
Quickstart: Enable SSH and RDP over an IoT Hub
device stream by using a C proxy application
(preview)
12/20/2019 • 10 minutes to read • Edit Online
How it works
The following figure illustrates how the device- and service-local proxy programs enable end-to-end connectivity
between the SSH client and SSH daemon processes. During public preview, the C SDK supports device streams
on the device side only. As a result, this quickstart covers instructions to run only the device-local proxy
application. To build and run the accompanying service-side application, follow the instructions in one of the
following quickstarts:
SSH/RDP over IoT Hub device streams using C# proxy
SSH/RDP over IoT Hub device streams using NodeJS proxy.
1. The service-local proxy connects to the IoT hub and starts a device stream to the target device.
2. The device-local proxy completes the stream initiation handshake and establishes an end-to-end streaming
tunnel through the IoT hub's streaming endpoint to the service side.
3. The device-local proxy connects to the SSH daemon that's listening on port 22 on the device. This setting is
configurable, as described in the "Run the device-local proxy application" section.
4. The service-local proxy waits for new SSH connections from a user by listening on a designated port,
which in this case is port 2222. This setting is configurable, as described in the "Run the device-local proxy
application" section. When the user connects via SSH client, the tunnel enables SSH application traffic to
be transferred between the SSH client and server programs.
NOTE
SSH traffic that's sent over a device stream is tunneled through the IoT hub's streaming endpoint rather than sent directly
between service and device. For more information, see the benefits of using Iot Hub device streams. Furthermore, the figure
illustrates the SSH daemon that's running on the same device (or machine) as the device-local proxy. In this quickstart,
providing the SSH daemon IP address allows the device-local proxy and the daemon to run on different machines as well.
Prerequisites
The preview of device streams is currently supported only for IoT hubs that are created in the following
regions:
Central US
Central US EUAP
North Europe
Southeast Asia
Install Visual Studio 2019 with the Desktop development with C++ workload enabled.
Install the latest version of Git.
Run the following command to add the Azure IoT Extension for Azure CLI to your Cloud Shell instance.
The IOT Extension adds IoT Hub, IoT Edge, and IoT Device Provisioning Service (DPS )-specific commands
to the Azure CLI.
mkdir cmake
cd cmake
4. Run the following commands from the cmake directory to build a version of the SDK that's specific to your
development client platform.
In Linux:
cmake ..
make -j
In Windows, run the following commands in Developer Command Prompt for Visual Studio 2015
or 2017. A Visual Studio solution for the simulated device will be generated in the cmake directory.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
In Size and scale, you can accept the default settings and select Review + create at the bottom. Consider
the following options:
Pricing and scale tier: Your selected tier. Select one of the standard tiers (S1, S2, or S3) or F1: Free
tier. This choice can also be guided by the size of your fleet and the non-streaming workloads that
you expect in your hub, for example, telemetry messages. For example, the free tier is intended for
testing and evaluation. It allows 500 devices to be connected to the IoT hub and up to 8,000
messages per day. Each Azure subscription can create one IoT hub in the free tier.
Number of IoT Hub units: The number of messages allowed per unit per day depends on your
hub's pricing tier. This choice depends on non-streaming workload you expect in your hub. You can
select 1 for now.
Advanced Settings > Device-to-cloud partitions: This property relates the device-to-cloud
messages to the number of simultaneous readers of the messages. Most hubs only need four
partitions.
For more information about tier options, see Choose the right IoT hub tier.
6. To review your choices, choose Review + create. Your results will be similar to the following:
7. To create your new IoT hub, select Create. The process takes a few minutes.
Register a device
A device must be registered with your IoT hub before it can connect. In this section, you use Azure Cloud Shell
with the IoT extension to register a simulated device.
1. To create the device identity, run the following command in Cloud Shell:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
For the name of the device you're registering, it's recommended to use MyDevice as shown. If you choose a
different name for your device, use that name throughout this article, and update the device name in the sample
applications before you run them.
2. To get the device connection string for the device that you just registered, run the following commands in
Cloud Shell:
NOTE
Replace the YourIoTHubName placeholder with the name you chose for your IoT hub.
Note the returned device connection string for later use in this quickstart. It looks like the following
example:
HostName={YourIoTHubName}.azure-devices.net;DeviceId=MyDevice;SharedAccessKey={YourSharedAccessKey}
# In Linux
# Go to the sample's folder cmake/iothub_client/samples/iothub_client_c2d_streaming_proxy_sample
make -j
rem In Windows
rem Go to cmake at root of repository
cmake --build . -- /m /p:Configuration=Release
rem In Windows
rem Go to the sample's release folder
cmake\iothub_client\samples\iothub_client_c2d_streaming_proxy_sample\Release
iothub_client_c2d_streaming_proxy_sample.exe
At this point, the SSH sign-in window prompts you to enter your credentials.
The following image shows the console output on the device-local proxy, which connects to the SSH daemon at
IP_address:22 :
The following image shows the console output of the SSH client program. The SSH client communicates to the
SSH daemon by connecting to port 22, which the service-local proxy is listening on:
Clean up resources
If you plan to continue to the next recommended article, you can keep and reuse the resources you've already
created.
Otherwise, to avoid charges, you can delete the Azure resources that you created in this article.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you don't accidentally delete the wrong resource group or resources. If you created the IoT hub inside an
existing resource group that contains resources that you want to keep, delete only the IoT hub resource itself, not the
resource group.
4. To confirm the deletion of the resource group, reenter the resource group name, and then select Delete.
After a few moments, the resource group and all its contained resources are deleted.
Next steps
In this quickstart, you set up an IoT hub, registered a device, deployed a device- and a service-local proxy program
to establish a device stream through IoT Hub, and used the proxies to tunnel SSH traffic.
To learn more about device streams, see:
Device streams overview
Tutorial: Use the Azure CLI and Azure portal to
configure IoT Hub message routing
11/14/2019 • 13 minutes to read • Edit Online
Message routing enables sending telemetry data from your IoT devices to built-in Event Hub-compatible
endpoints or custom endpoints such as blob storage, Service Bus Queues, Service Bus Topics, and Event
Hubs. To configure custom message routing, you create routing queries to customize the route that matches a
certain condition. Once set up, the incoming data is automatically routed to the endpoints by the IoT Hub. If a
message doesn't match any of the defined routing queries, it is routed to the default endpoint.
In this 2-part tutorial, you learn how to set up and use these custom routing queries with IoT Hub. You route
messages from an IoT device to one of multiple endpoints, including blob storage and a Service Bus queue.
Messages to the Service Bus queue are picked up by a Logic App and sent via e-mail. Messages that do not
have custom message routing defined are sent to the default endpoint, then picked up by Azure Stream
Analytics and viewed in a Power BI visualization.
To complete Parts 1 and 2 of this tutorial, you perform the following tasks:
Part I: Create resources, set up message routing
Create the resources -- an IoT hub, a storage account, a Service Bus queue, and a simulated device. This
can be done using the Azure portal, an Azure Resource Manager template, the Azure CLI, or Azure
PowerShell.
Configure the endpoints and message routes in IoT Hub for the storage account and Service Bus queue.
Part II: Send messages to the hub, view routed results
Create a Logic App that is triggered and sends e-mail when a message is added to the Service Bus queue.
Download and run an app that simulates an IoT Device sending messages to the hub for the different
routing options.
Create a Power BI visualization for data sent to the default endpoint.
View the results ...
...in the Service Bus queue and e-mails.
...in the storage account.
...in the Power BI visualization.
Prerequisites
For Part 1 of this tutorial:
You must have an Azure subscription. If you don't have an Azure subscription, create a free account
before you begin.
For Part 2 of this tutorial:
You must have completed Part 1 of this tutorial, and have the resources still available.
Install Visual Studio.
Have access to a Power BI account to analyze the default endpoint's stream analytics. (Try Power BI
for free.)
Have an Office 365 account for sending notification e-mails.
Use Azure Cloud Shell
Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. You
can use either Bash or PowerShell with Cloud Shell to work with Azure services. You can use the Cloud Shell
preinstalled commands to run the code in this article without having to install anything on your local
environment.
To start Azure Cloud Shell:
OPTION EXAMPLE/LINK
NOTE
You must use an Iot hub in a paid tier to complete this tutorial. The free tier only allows you to set up one
endpoint, and this tutorial requires multiple endpoints.
TIP
A tip about debugging: this script uses the continuation symbol (the backslash \ ) to make the script more readable. If
you have a problem running the script, make sure your Cloud Shell session is running bash and that there are no
spaces after any of the backslashes.
# Concatenate this number onto the resources that have to be globally unique.
# You can set this to "" or to a specific value if you don't want it to be random.
# This retrieves a random value.
randomValue=$RANDOM
# Add a consumer group to the IoT hub for the 'events' endpoint.
az iot hub consumer-group create --hub-name $iotHubName \
--name $iotHubConsumerGroup
Now that the base resources are set up, you can configure the message routing in the Azure portal.
VALUE RESULT
NOTE
The data can be written to blob storage in either the Apache Avro format, which is the default, or JSON (preview).
The capability to encode JSON format is in preview in all regions in which IoT Hub is available, except East US, West US
and West Europe. The encoding format can be only set at the time the blob storage endpoint is configured. The format
cannot be changed for an endpoint that has already been set up. When using JSON encoding, you must set the
contentType to JSON and the contentEncoding to UTF-8 in the message system properties.
For more detailed information about using a blob storage endpoint, please see guidance on routing to storage.
1. In the Azure portal, select Resource Groups, then select your resource group. This tutorial uses
ContosoResources.
2. Select the IoT hub under the list of resources. This tutorial uses ContosoTestHub.
3. Select Message Routing. In the Message Routing pane, select +Add. On the Add a Route pane,
select +Add next to the Endpoint field to show the supported endpoints, as displayed in the following
picture:
4. Select Blob storage. You see the Add a storage endpoint pane.
5. Enter a name for the endpoint. This tutorial uses ContosoStorageEndpoint.
6. Select Pick a container. This takes you to a list of your storage accounts. Select the one you set up in
the preparation steps. This tutorial uses contosostorage. It shows a list of containers in that storage
account. Select the container you set up in the preparation steps. This tutorial uses contosoresults.
You return to the Add a storage endpoint pane and see the selections you made.
7. Set the encoding to AVRO or JSON. For the purpose of this tutorial, use the defaults for the rest of the
fields. This field will be greyed out if the region selected does not support JSON encoding.,
NOTE
You can set the format of the blob name using the Blob file name format. The default is
{iothub}/{partition}/{YYYY}/{MM}/{DD}/{HH}/{mm} . The format must contain {iothub}, {partition}, {YYYY},
{MM}, {DD}, {HH}, and {mm} in any order.
For example, using the default blob file name format, if the hub name is ContosoTestHub, and the date/time is
October 30, 2018 at 10:56 a.m., the blob name will look like this: ContosoTestHub/0/2018/10/30/10/56 .
The blobs are written in the Avro format.
8. Select Create to create the storage endpoint and add it to the route. You return to the Add a route
pane.
9. Now complete the rest of the routing query information. This query specifies the criteria for sending
messages to the storage container you just added as an endpoint. Fill in the fields on the screen.
Name: Enter a name for your routing query. This tutorial uses ContosoStorageRoute.
Endpoint: This shows the endpoint you just set up.
Data source: Select Device Telemetry Messages from the dropdown list.
Enable route: Be sure this field is set to enabled .
Routing query: Enter level="storage" as the query string.
Select Save. When it finishes, it returns to the Message Routing pane, where you can see your new
routing query for storage. Close the Routes pane, which returns you to the Resource group page.
Route to a Service Bus queue
Now set up the routing for the Service Bus queue. You go to the Message Routing pane, then add a route.
When adding the route, define a new endpoint for the route. After this route is set up, messages where the
level property is set to critical are written to the Service Bus queue, which triggers a Logic App, which then
sends an e-mail with the information.
1. On the Resource group page, select your IoT hub, then select Message Routing.
2. In the Message Routing pane, select +Add.
3. On the Add a Route pane, Select +Add next to the Endpoint field. Select Service Bus Queue. You
see the Add Service Bus Endpoint pane.
4. Fill in the fields:
Endpoint Name: Enter a name for the endpoint. This tutorial uses ContosoSBQueueEndpoint.
Service Bus Namespace: Use the dropdown list to select the service bus namespace you set up in
the preparation steps. This tutorial uses ContosoSBNamespace.
Service Bus queue: Use the dropdown list to select the Service Bus queue. This tutorial uses
contososbqueue.
5. Select Create to add the Service Bus queue endpoint. You return to the Add a route pane.
6. Now you complete the rest of the routing query information. This query specifies the criteria for
sending messages to the Service Bus queue you just added as an endpoint. Fill in the fields on the
screen.
Name: Enter a name for your routing query. This tutorial uses ContosoSBQueueRoute.
Endpoint: This shows the endpoint you just set up.
Data source: Select Device Telemetry Messages from the dropdown list.
Routing query: Enter level="critical" as the query string.
7. Select Save. When it returns to the Routes pane, you see both of your new routes, as displayed here.
8. You can see the custom endpoints you set up by selecting the Custom Endpoints tab.
9. Close the Message Routing pane, which returns you to the Resource group pane.
Next steps
Now that you have the resources set up and the message routes configured, advance to the next tutorial to
learn how to send messages to the IoT hub and see them be routed to the different destinations.
Part 2 - View the message routing results
Tutorial: Use an Azure Resource Manager template to
configure IoT Hub message routing
11/14/2019 • 16 minutes to read • Edit Online
Message routing enables sending telemetry data from your IoT devices to built-in Event Hub-compatible
endpoints or custom endpoints such as blob storage, Service Bus Queues, Service Bus Topics, and Event Hubs. To
configure custom message routing, you create routing queries to customize the route that matches a certain
condition. Once set up, the incoming data is automatically routed to the endpoints by the IoT Hub. If a message
doesn't match any of the defined routing queries, it is routed to the default endpoint.
In this 2-part tutorial, you learn how to set up and use these custom routing queries with IoT Hub. You route
messages from an IoT device to one of multiple endpoints, including blob storage and a Service Bus queue.
Messages to the Service Bus queue are picked up by a Logic App and sent via e-mail. Messages that do not have
custom message routing defined are sent to the default endpoint, then picked up by Azure Stream Analytics and
viewed in a Power BI visualization.
To complete Parts 1 and 2 of this tutorial, you perform the following tasks:
Part I: Create resources, set up message routing
Create the resources -- an IoT hub, a storage account, a Service Bus queue, and a simulated device. This can be
done using the Azure portal, an Azure Resource Manager template, the Azure CLI, or Azure PowerShell.
Configure the endpoints and message routes in IoT Hub for the storage account and Service Bus queue.
Part II: Send messages to the hub, view routed results
Create a Logic App that is triggered and sends e-mail when a message is added to the Service Bus queue.
Download and run an app that simulates an IoT Device sending messages to the hub for the different routing
options.
Create a Power BI visualization for data sent to the default endpoint.
View the results ...
...in the Service Bus queue and e-mails.
...in the storage account.
...in the Power BI visualization.
Prerequisites
For Part 1 of this tutorial:
You must have an Azure subscription. If you don't have an Azure subscription, create a free account
before you begin.
For Part 2 of this tutorial:
You must have completed Part 1 of this tutorial, and have the resources still available.
Install Visual Studio.
Have access to a Power BI account to analyze the default endpoint's stream analytics. (Try Power BI for
free.)
Have an Office 365 account for sending notification e-mails.
Use Azure Cloud Shell
Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. You can
use either Bash or PowerShell with Cloud Shell to work with Azure services. You can use the Cloud Shell
preinstalled commands to run the code in this article without having to install anything on your local environment.
To start Azure Cloud Shell:
OPTION EXAMPLE/LINK
NOTE
You must use an Iot hub in a paid tier to complete this tutorial. The free tier only allows you to set up one endpoint,
and this tutorial requires multiple endpoints.
VALUE RESULT
The first step is to set up the endpoint to which the data will be routed. The second step is to set up the message
route that uses that endpoint. After setting up the routing, you can view the endpoints and message routes in the
portal.
{
"type": "Microsoft.ServiceBus/namespaces",
"comments": "The Sku should be 'Standard' for this tutorial.",
"sku": {
"name": "Standard",
"tier": "Standard"
},
"name": "[variables('service_bus_namespace')]",
"apiVersion": "[variables('sbVersion')]",
"location": "[parameters('location')]",
"properties": {
"provisioningState": "Succeeded",
"metricId": "[concat('a4295411-5eff-4f81-b77e-276ab1ccda12:', variables('service_bus_namespace'))]",
"serviceBusEndpoint": "[concat('https://',
variables('service_bus_namespace'),'.servicebus.windows.net:443/')]",
"status": "Active"
},
"dependsOn": []
}
This section creates the Service Bus queue. This part of the script has a dependsOn clause that ensures the
namespace is created before the queue.
{
"type": "Microsoft.ServiceBus/namespaces/queues",
"name": "[concat(variables('service_bus_namespace'), '/', variables('service_bus_queue'))]",
"apiVersion": "[variables('sbVersion')]",
"location": "[parameters('location')]",
"scale": null,
"properties": {},
"dependsOn": [
"[resourceId('Microsoft.ServiceBus/namespaces', variables('service_bus_namespace'))]"
]
}
{
"apiVersion": "2018-04-01",
"type": "Microsoft.Devices/IotHubs",
"name": "[variables('IoTHubName')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]",
"[resourceId('Microsoft.ServiceBus/namespaces', variables('service_bus_namespace'))]",
"[resourceId('Microsoft.ServiceBus/namespaces/queues', variables('service_bus_namespace'),
variables('service_bus_queue'))]"
],
"properties": {
"eventHubEndpoints": {}
"events": {
"retentionTimeInDays": 1,
"partitionCount": "[parameters('d2c_partitions')]"
}
},
The next section is the section for the message routing configuration for the Iot Hub. First is the section for the
endpoints. This part of the template sets up the routing endpoints for the Service Bus queue and the storage
account, including the connection strings.
To create the connection string for the queue, you need the queueAuthorizationRulesResourcedId, which is
retrieved inline. To create the connection string for the storage account, you retrieve the primary storage key and
then use it in the format for the connection string.
The endpoint configuration is also where you set the blob format to AVRO or JSON .
NOTE
The data can be written to blob storage in either the Apache Avro format, which is the default, or JSON (preview).
The capability to encode JSON format is in preview in all regions in which IoT Hub is available, except East US, West US and
West Europe. The encoding format can be only set at the time the blob storage endpoint is configured. The format cannot be
changed for an endpoint that has already been set up. When using JSON encoding, you must set the contentType to JSON
and the contentEncoding to UTF-8 in the message system properties.
For more detailed information about using a blob storage endpoint, please see guidance on routing to storage.
"routing": {
"endpoints": {
"serviceBusQueues": [
{
"connectionString": "
[Concat('Endpoint=sb://',variables('service_bus_namespace'),'.servicebus.windows.net/;SharedAccessKeyName=',par
ameters('AuthRules_sb_queue'),';SharedAccessKey=',listkeys(variables('queueAuthorizationRuleResourceId'),variab
les('sbVersion')).primaryKey,';EntityPath=',variables('service_bus_queue'))]",
"name": "[parameters('service_bus_queue_endpoint')]",
"subscriptionId": "[parameters('subscriptionId')]",
"resourceGroup": "[resourceGroup().Name]"
}
],
"serviceBusTopics": [],
"eventHubs": [],
"storageContainers": [
{
"connectionString":
"
[Concat('DefaultEndpointsProtocol=https;AccountName=',variables('storageAccountName'),';AccountKey=',listKeys(r
esourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName')), providers('Microsoft.Storage',
'storageAccounts').apiVersions[0]).keys[0].value)]",
"containerName": "[parameters('storageContainerName')]",
"fileNameFormat": "{iothub}/{partition}/{YYYY}/{MM}/{DD}/{HH}/{mm}",
"batchFrequencyInSeconds": 100,
"maxChunkSizeInBytes": 104857600,
"encoding": "avro",
"name": "[parameters('storage_endpoint')]",
"subscriptionId": "[parameters('subscriptionId')]",
"resourceGroup": "[resourceGroup().Name]"
}
]
},
This next section is for the message routes to the endpoints. There is one set up for each endpoint, so there is one
for the Service Bus queue and one for the storage account container.
Remember that the query condition for the messages being routed to storage is level="storage" , and the query
condition for the messages being routed to the Service Bus queue is level="critical" .
"routes": [
{
"name": "contosoStorageRoute",
"source": "DeviceMessages",
"condition": "level=\"storage\"",
"endpointNames": [
"[parameters('storage_endpoint')]"
],
"isEnabled": true
},
{
"name": "contosoSBQueueRoute",
"source": "DeviceMessages",
"condition": "level=\"critical\"",
"endpointNames": [
"[parameters('service_bus_queue_endpoint')]"
],
"isEnabled": true
}
],
This json shows the rest of the IoT Hub section, which contains default information and the SKU for the hub.
"fallbackRoute": {
"name": "$fallback",
"source": "DeviceMessages",
"condition": "true",
"endpointNames": [
"events"
],
"isEnabled": true
}
},
"storageEndpoints": {
"$default": {
"sasTtlAsIso8601": "PT1H",
"connectionString": "",
"containerName": ""
}
},
"messagingEndpoints": {
"fileNotifications": {
"lockDurationAsIso8601": "PT1M",
"ttlAsIso8601": "PT1H",
"maxDeliveryCount": 10
}
},
"enableFileUploadNotifications": false,
"cloudToDevice": {
"maxDeliveryCount": 10,
"defaultTtlAsIso8601": "PT1H",
"feedback": {
"lockDurationAsIso8601": "PT1M",
"ttlAsIso8601": "PT1H",
"maxDeliveryCount": 10
}
}
},
"sku": {
"name": "[parameters('sku_name')]",
"capacity": "[parameters('sku_units')]"
}
}
{
"type": "Microsoft.ServiceBus/namespaces/queues/authorizationRules",
"name": "[concat(variables('service_bus_namespace'), '/', variables('service_bus_queue'), '/',
parameters('AuthRules_sb_queue'))]",
"apiVersion": "[variables('sbVersion')]",
"location": "[parameters('location')]",
"scale": null,
"properties": {
"rights": [
"Send"
]
},
"dependsOn": [
"[resourceId('Microsoft.ServiceBus/namespaces', variables('service_bus_namespace'))]",
"[resourceId('Microsoft.ServiceBus/namespaces/queues', variables('service_bus_namespace'),
variables('service_bus_queue'))]"
]
},
Resources: Consumer group
In this section, you create a Consumer Group for the IoT Hub data to be used by the Azure Stream Analytics in the
second part of this tutorial.
{
"type": "Microsoft.Devices/IotHubs/eventHubEndpoints/ConsumerGroups",
"name": "[concat(variables('iotHubName'), '/events/',parameters('consumer_group'))]",
"apiVersion": "2018-04-01",
"dependsOn": [
"[concat('Microsoft.Devices/IotHubs/', variables('iotHubName'))]"
]
}
Resources: Outputs
If you want to send a value back to the deployment script to be displayed, you use an output section. This part of
the template returns the connection string for the Service Bus queue. Returning a value isn't required, it's included
as an example of how to return results to the calling script.
"outputs": {
"sbq_connectionString": {
"type": "string",
"value": "
[Concat('Endpoint=sb://',variables('service_bus_namespace'),'.servicebus.windows.net/;SharedAccessKeyName=',par
ameters('AuthRules_sb_queue'),';SharedAccessKey=',listkeys(variables('queueAuthorizationRuleResourceId'),variab
les('sbVersion')).primaryKey,';EntityPath=',variables('service_bus_queue'))]"
}
}
Use the File Explorer that pops up to find the files on your local disk and select them, then choose Open.
After the files are uploaded, a results dialog shows something like the following image.
The files are uploaded to the share used by your Cloud Shell instance.
Run the script to perform the deployment. The last line of this script retrieves the variable that was set up to be
returned -- the Service Bus queue connection string.
The script sets and uses these variables:
$RGName is the resource group name to which to deploy the template. This field is created before deploying the
template.
$location is the Azure location to be used for the template, such as "westus".
deploymentname is a name you assign to the deployment to retrieve the returning variable value.
Here's the PowerShell script. Copy this PowerShell script and paste it into the Cloud Shell window, then hit Enter
to run it.
$RGName="ContosoResources"
$location = "westus"
$deploymentname="contoso-routing"
If you have script errors, you can edit the script locally, upload it again to the Cloud Shell, and run the script again.
After the script finishes running successfully, continue to the next step.
On the Message routing screen, select Custom Endpoints to see the endpoints you have defined for the routes.
Next steps
Now that you have all of the resources set up and the message routes are configured, advance to the next tutorial
to learn how to process and display the information about the routed messages.
Part 2 - View the message routing results
Tutorial: Use the Azure CLI to configure IoT Hub
message routing
11/14/2019 • 14 minutes to read • Edit Online
Message routing enables sending telemetry data from your IoT devices to built-in Event Hub-compatible
endpoints or custom endpoints such as blob storage, Service Bus Queues, Service Bus Topics, and Event Hubs. To
configure custom message routing, you create routing queries to customize the route that matches a certain
condition. Once set up, the incoming data is automatically routed to the endpoints by the IoT Hub. If a message
doesn't match any of the defined routing queries, it is routed to the default endpoint.
In this 2-part tutorial, you learn how to set up and use these custom routing queries with IoT Hub. You route
messages from an IoT device to one of multiple endpoints, including blob storage and a Service Bus queue.
Messages to the Service Bus queue are picked up by a Logic App and sent via e-mail. Messages that do not have
custom message routing defined are sent to the default endpoint, then picked up by Azure Stream Analytics and
viewed in a Power BI visualization.
To complete Parts 1 and 2 of this tutorial, you perform the following tasks:
Part I: Create resources, set up message routing
Create the resources -- an IoT hub, a storage account, a Service Bus queue, and a simulated device. This can be
done using the Azure portal, an Azure Resource Manager template, the Azure CLI, or Azure PowerShell.
Configure the endpoints and message routes in IoT Hub for the storage account and Service Bus queue.
Part II: Send messages to the hub, view routed results
Create a Logic App that is triggered and sends e-mail when a message is added to the Service Bus queue.
Download and run an app that simulates an IoT Device sending messages to the hub for the different routing
options.
Create a Power BI visualization for data sent to the default endpoint.
View the results ...
...in the Service Bus queue and e-mails.
...in the storage account.
...in the Power BI visualization.
Prerequisites
For Part 1 of this tutorial:
You must have an Azure subscription. If you don't have an Azure subscription, create a free account
before you begin.
For Part 2 of this tutorial:
You must have completed Part 1 of this tutorial, and have the resources still available.
Install Visual Studio.
Have access to a Power BI account to analyze the default endpoint's stream analytics. (Try Power BI for
free.)
Have an Office 365 account for sending notification e-mails.
Use Azure Cloud Shell
Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. You can
use either Bash or PowerShell with Cloud Shell to work with Azure services. You can use the Cloud Shell
preinstalled commands to run the code in this article without having to install anything on your local environment.
To start Azure Cloud Shell:
OPTION EXAMPLE/LINK
NOTE
You must use an Iot hub in a paid tier to complete this tutorial. The free tier only allows you to set up one endpoint,
and this tutorial requires multiple endpoints.
TIP
A tip about debugging: this script uses the continuation symbol (the backslash \ ) to make the script more readable. If you
have a problem running the script, make sure your Cloud Shell session is running bash and that there are no spaces after
any of the backslashes.
There are several resource names that must be globally unique, such as the IoT Hub name and the storage account
name. To make this easier, those resource names are appended with a random alphanumeric value called
randomValue. The randomValue is generated once at the top of the script and appended to the resource names as
needed throughout the script. If you don't want it to be random, you can set it to an empty string or to a specific
value.
IMPORTANT
The variables set in the initial script are also used by the routing script, so run all of the script in the same Cloud Shell session.
If you open a new session to run the script for setting up the routing, several of the variables will be missing values.
# Concatenate this number onto the resources that have to be globally unique.
# You can set this to "" or to a specific value if you don't want it to be random.
# This retrieves a random value.
randomValue=$RANDOM
# Add a consumer group to the IoT hub for the 'events' endpoint.
az iot hub consumer-group create --hub-name $iotHubName \
--name $iotHubConsumerGroup
# Retrieve the information about the device identity, then copy the primary key to
# Retrieve the information about the device identity, then copy the primary key to
# Notepad. You need this to run the device simulation during the testing phase.
az iot hub device-identity show --device-id $iotDeviceName \
--hub-name $iotHubName
Now that the base resources are set up, you can configure the message routing.
VALUE RESULT
The first step is to set up the endpoint to which the data will be routed. The second step is to set up the message
route that uses that endpoint. After setting up the routing, you can view the endpoints and message routes in the
portal.
To create a routing endpoint, use az iot hub routing-endpoint create. To create the message route for the endpoint,
use az iot hub route create.
Route to a storage account
NOTE
The data can be written to blob storage in either the Apache Avro format, which is the default, or JSON (preview).
The capability to encode JSON format is in preview in all regions in which IoT Hub is available, except East US, West US and
West Europe. The encoding format can be only set at the time the blob storage endpoint is configured. The format cannot be
changed for an endpoint that has already been set up. When using JSON encoding, you must set the contentType to JSON
and the contentEncoding to UTF-8 in the message system properties.
For more detailed information about using a blob storage endpoint, please see guidance on routing to storage.
First, set up the endpoint for the storage account, then set up the route.
These are the variables used by the script that must be set within your Cloud Shell session:
storageConnectionString: This value is retrieved from the storage account set up in the previous script. It is used
by the message routing to access the storage account.
resourceGroup: There are two occurrences of resource group -- set them to your resource group.
endpoint subscriptionID: This field is set to the Azure subscriptionID for the endpoint.
endpointType: This field is the type of endpoint. This value must be set to azurestoragecontainer , eventhub ,
servicebusqueue , or servicebustopic . For your purposes here, set it to azurestoragecontainer .
iotHubName: This field is the name of the hub that will do the routing.
containerName: This field is the name of the container in the storage account to which data will be written.
encoding: This field will be either avro or json . This denotes the format of the stored data.
routeName: This field is the name of the route you are setting up.
endpointName: This field is the name identifying the endpoint.
enabled: This field defaults to true , indicating that the message route should be enabled after being created.
condition: This field is the query used to filter for the messages sent to this endpoint. The query condition for the
messages being routed to storage is level="storage" .
Copy this script and paste it into your Cloud Shell window and run it.
endpointName="ContosoStorageEndpoint"
endpointType="azurestoragecontainer"
routeName="ContosoStorageRoute"
condition='level="storage"'
The next step is to create the routing endpoint for the storage account. You also specify the container in which the
results will be stored. The container was created previously when the storage account was created.
Next, create the route for the storage endpoint. The message route designates where to send the messages that
meet the query specification.
Now use the authorization rule to retrieve the connection string to the Service Bus queue.
Now set up the routing endpoint and the message route for the Service Bus queue. These are the variables used by
the script that must be set within your Cloud Shell session:
endpointName: This field is the name identifying the endpoint.
endpointType: This field is the type of endpoint. This value must be set to azurestoragecontainer , eventhub ,
servicebusqueue , or servicebustopic . For your purposes here, set it to servicebusqueue .
routeName: This field is the name of the route you are setting up.
condition: This field is the query used to filter for the messages sent to this endpoint. The query condition for the
messages being routed to the Service Bus queue is level="critical" .
Here is the Azure CLI for the routing endpoint and the message route for the Service Bus queue.
endpointName="ContosoSBQueueEndpoint"
endpointType="ServiceBusQueue"
routeName="ContosoSBQueueRoute"
condition='level="critical"'
# Set up the message route for the Service Bus queue endpoint.
az iot hub route create --name $routeName \
--hub-name $iotHubName \
--source-type devicemessages \
--resource-group $resourceGroup \
--endpoint-name $endpointName \
--enabled \
--condition $condition
In the options for the IoT Hub, select Message Routing. The routes you have set up successfully are displayed.
On the Message routing screen, select Custom Endpoints to see the endpoints you have defined for the routes.
Next steps
Now that you have the resources set up and the message routes configured, advance to the next tutorial to learn
how to send messages to the IoT hub and see them be routed to the different destinations.
Part 2 - View the message routing results
Tutorial: Use Azure PowerShell to configure IoT Hub
message routing
11/14/2019 • 14 minutes to read • Edit Online
Message routing enables sending telemetry data from your IoT devices to built-in Event Hub-compatible
endpoints or custom endpoints such as blob storage, Service Bus Queues, Service Bus Topics, and Event Hubs. To
configure custom message routing, you create routing queries to customize the route that matches a certain
condition. Once set up, the incoming data is automatically routed to the endpoints by the IoT Hub. If a message
doesn't match any of the defined routing queries, it is routed to the default endpoint.
In this 2-part tutorial, you learn how to set up and use these custom routing queries with IoT Hub. You route
messages from an IoT device to one of multiple endpoints, including blob storage and a Service Bus queue.
Messages to the Service Bus queue are picked up by a Logic App and sent via e-mail. Messages that do not have
custom message routing defined are sent to the default endpoint, then picked up by Azure Stream Analytics and
viewed in a Power BI visualization.
To complete Parts 1 and 2 of this tutorial, you perform the following tasks:
Part I: Create resources, set up message routing
Create the resources -- an IoT hub, a storage account, a Service Bus queue, and a simulated device. This can be
done using the Azure portal, an Azure Resource Manager template, the Azure CLI, or Azure PowerShell.
Configure the endpoints and message routes in IoT Hub for the storage account and Service Bus queue.
Part II: Send messages to the hub, view routed results
Create a Logic App that is triggered and sends e-mail when a message is added to the Service Bus queue.
Download and run an app that simulates an IoT Device sending messages to the hub for the different routing
options.
Create a Power BI visualization for data sent to the default endpoint.
View the results ...
...in the Service Bus queue and e-mails.
...in the storage account.
...in the Power BI visualization.
Prerequisites
For Part 1 of this tutorial:
You must have an Azure subscription. If you don't have an Azure subscription, create a free account
before you begin.
For Part 2 of this tutorial:
You must have completed Part 1 of this tutorial, and have the resources still available.
Install Visual Studio.
Have access to a Power BI account to analyze the default endpoint's stream analytics. (Try Power BI for
free.)
Have an Office 365 account for sending notification e-mails.
Use Azure Cloud Shell
Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. You can
use either Bash or PowerShell with Cloud Shell to work with Azure services. You can use the Cloud Shell
preinstalled commands to run the code in this article without having to install anything on your local environment.
To start Azure Cloud Shell:
OPTION EXAMPLE/LINK
NOTE
You must use an Iot hub in a paid tier to complete this tutorial. The free tier only allows you to set up one endpoint,
and this tutorial requires multiple endpoints.
IMPORTANT
The variables set in the initial script are also used by the routing script, so run all of the script in the same Cloud Shell session.
If you open a new session to run the script for setting up the routing, several of the variables will be missing values.
# Concatenate this number onto the resources that have to be globally unique.
# You can set this to "" or to a specific value if you don't want it to be random.
# This retrieves the first 6 digits of a random value.
$randomValue = "$(Get-Random)".Substring(0,6)
# Set the values for the resource names that don't have to be globally unique.
$location = "West US"
$resourceGroup = "ContosoResources"
$iotHubConsumerGroup = "ContosoConsumers"
$containerName = "contosoresults"
# Add a consumer group to the IoT hub for the 'events' endpoint.
Add-AzIotHubEventHubConsumerGroup -ResourceGroupName $resourceGroup `
-Name $iotHubName `
-EventHubConsumerGroupName $iotHubConsumerGroup `
-EventHubEndpointName "events"
# The storage account name must be globally unique, so add a random value to the end.
$storageAccountName = "contosostorage" + $randomValue
Write-Host "storage account name is " $storageAccountName
Now that the base resources are set up, you can configure the message routing.
VALUE RESULT
The first step is to set up the endpoint to which the data will be routed. The second step is to set up the message
route that uses that endpoint. After setting up the routing, you can view the endpoints and message routes in the
portal.
To create a routing endpoint, use Add-AzIotHubRoutingEndpoint. To create the messaging route for the endpoint,
use Add-AzIotHubRoute.
Route to a storage account
First, set up the endpoint for the storage account, then create the message route.
NOTE
The data can be written to blob storage in either the Apache Avro format, which is the default, or JSON (preview).
The capability to encode JSON format is in preview in all regions in which IoT Hub is available, except East US, West US and
West Europe. The encoding format can be only set at the time the blob storage endpoint is configured. The format cannot be
changed for an endpoint that has already been set up. When using JSON encoding, you must set the contentType to JSON
and the contentEncoding to UTF-8 in the message system properties.
For more detailed information about using a blob storage endpoint, please see guidance on routing to storage.
These are the variables used by the script that must be set within your Cloud Shell session:
resourceGroup: There are two occurrences of this field -- set both of them to your resource group.
name: This field is the name of the IoT Hub to which the routing will apply.
endpointName: This field is the name identifying the endpoint.
endpointType: This field is the type of endpoint. This value must be set to azurestoragecontainer , eventhub ,
servicebusqueue , or servicebustopic . For your purposes here, set it to azurestoragecontainer .
subscriptionID: This field is set to the subscriptionID for your Azure account.
storageConnectionString: This value is retrieved from the storage account set up in the previous script. It is used
by the routing to access the storage account.
containerName: This field is the name of the container in the storage account to which data will be written.
Encoding: Set this field to either AVRO or JSON . This designates the format of the stored data. The default is
AVRO.
routeName: This field is the name of the route you are setting up.
condition: This field is the query used to filter for the messages sent to this endpoint. The query condition for the
messages being routed to storage is level="storage" .
enabled: This field defaults to true , indicating that the message route should be enabled after being created.
Copy this script and paste it into your Cloud Shell window.
$endpointName = "ContosoStorageEndpoint"
$endpointType = "azurestoragecontainer"
$routeName = "ContosoStorageRoute"
$condition = 'level="storage"'
The next step is to create the routing endpoint for the storage account. You also specify the container in which the
results will be stored. The container was created when the storage account was created.
Next, create the message route for the storage endpoint. The message route designates where to send the
messages that meet the query specification.
Now use the authorization rule to retrieve the Service Bus queue key. This authorization rule will be used to
retrieve the connection string later in the script.
$sbqkey = Get-AzServiceBusKey `
-ResourceGroupName $resourceGroup `
-NamespaceName $serviceBusNamespace `
-Queue $servicebusQueueName `
-Name "sbauthrule"
Now set up the routing endpoint and the message route for the Service Bus queue. These are the variables used by
the script that must be set within your Cloud Shell session:
endpointName: This field is the name identifying the endpoint.
endpointType: This field is the type of endpoint. This value must be set to azurestoragecontainer , eventhub ,
servicebusqueue , or servicebustopic . For your purposes here, set it to servicebusqueue .
routeName: This field is the name of the route you are setting up.
condition: This field is the query used to filter for the messages sent to this endpoint. The query condition for the
messages being routed to the Service Bus queue is level="critical" .
Here is the Azure PowerShell for the message routing for the Service Bus queue.
$endpointName = "ContosoSBQueueEndpoint"
$endpointType = "servicebusqueue"
$routeName = "ContosoSBQueueRoute"
$condition = 'level="critical"'
# Add the routing endpoint, using the connection string property from the key.
Add-AzIotHubRoutingEndpoint `
-ResourceGroupName $resourceGroup `
-Name $iotHubName `
-EndpointName $endpointName `
-EndpointType $endpointType `
-EndpointResourceGroup $resourceGroup `
-EndpointSubscriptionId $subscriptionId `
-ConnectionString $sbqkey.PrimaryConnectionString
# Set up the message route for the Service Bus queue endpoint.
Add-AzIotHubRoute `
-ResourceGroupName $resourceGroup `
-Name $iotHubName `
-RouteName $routeName `
-Source DeviceMessages `
-EndpointName $endpointName `
-Condition $condition `
-Enabled
On the Message routing screen, select Custom Endpoints to see the endpoints you have defined for the routes.
Next steps
Now that you have the resources set up and the message routes configured, advance to the next tutorial to learn
how to send messages to the IoT hub and see them be routed to the different destinations.
Part 2 - View the message routing results
Tutorial: Part 2 - View the routed messages
11/8/2019 • 15 minutes to read • Edit Online
Message routing enables sending telemetry data from your IoT devices to built-in Event Hub-compatible
endpoints or custom endpoints such as blob storage, Service Bus Queues, Service Bus Topics, and Event Hubs. To
configure custom message routing, you create routing queries to customize the route that matches a certain
condition. Once set up, the incoming data is automatically routed to the endpoints by the IoT Hub. If a message
doesn't match any of the defined routing queries, it is routed to the default endpoint.
In this 2-part tutorial, you learn how to set up and use these custom routing queries with IoT Hub. You route
messages from an IoT device to one of multiple endpoints, including blob storage and a Service Bus queue.
Messages to the Service Bus queue are picked up by a Logic App and sent via e-mail. Messages that do not have
custom message routing defined are sent to the default endpoint, then picked up by Azure Stream Analytics and
viewed in a Power BI visualization.
To complete Parts 1 and 2 of this tutorial, you perform the following tasks:
Part I: Create resources, set up message routing
Create the resources -- an IoT hub, a storage account, a Service Bus queue, and a simulated device. This can be
done using the Azure portal, an Azure Resource Manager template, the Azure CLI, or Azure PowerShell.
Configure the endpoints and message routes in IoT Hub for the storage account and Service Bus queue.
Part II: Send messages to the hub, view routed results
Create a Logic App that is triggered and sends e-mail when a message is added to the Service Bus queue.
Download and run an app that simulates an IoT Device sending messages to the hub for the different routing
options.
Create a Power BI visualization for data sent to the default endpoint.
View the results ...
...in the Service Bus queue and e-mails.
...in the storage account.
...in the Power BI visualization.
Prerequisites
For Part 1 of this tutorial:
You must have an Azure subscription. If you don't have an Azure subscription, create a free account
before you begin.
For Part 2 of this tutorial:
You must have completed Part 1 of this tutorial, and have the resources still available.
Install Visual Studio.
Have access to a Power BI account to analyze the default endpoint's stream analytics. (Try Power BI for
free.)
Have an Office 365 account for sending notification e-mails.
OPTION EXAMPLE/LINK
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will
continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install Azure
PowerShell.
VALUE RESULT
Now you create the resources to which the messages will be routed, run an app to send messages to the hub, and
see the routing in action.
Select Create. It may take a few minutes for the app to deploy.
2. Now go to the Logic App. The easiest way to get to the Logic App is to select Resource groups, select your
resource group (this tutorial uses ContosoResources), then select the Logic App from the list of resources.
The Logic Apps Designer page appears (you might have to scroll over to the right to see the full page). On
the Logic Apps Designer page, scroll down until you see the tile that says Blank Logic App + and select it.
The default tab is "For You". If this pane is blank, select All to see all of the connectors and triggers
available.
3. Select Service Bus from the list of connectors.
4. A list of triggers is displayed. Select When a message is received in a queue (auto-complete) /
Service Bus.
5. On the next screen, fill in the Connection Name. This tutorial uses ContosoConnection.
Select the Service Bus namespace. This tutorial uses ContosoSBNamespace. When you select the
namespace, the portal queries the Service Bus namespace to retrieve the keys. Select
RootManageSharedAccessKey and select Create.
6. On the next screen, select the name of the queue (this tutorial uses contososbqueue) from the dropdown
list. You can use the defaults for the rest of the fields.
7. Now set up the action to send an e-mail when a message is received in the queue. In the Logic Apps
Designer, select + New step to add a step, then select All to see all of the options available. In the Choose
an action pane, find and select Office 365 Outlook. On the Actions screen, select Send an e-mail /
Office 365 Outlook.
8. Sign in to your Office 365 account to set up the connection. If this times out, just try again. Specify the e-
mail addresses for the recipient(s) of the e-mails. Also specify the subject, and type what message you'd like
the recipient to see in the body. For testing, fill in your own e-mail address as the recipient.
Select Add dynamic content to show the content from the message that you can include. Select Content
-- it will include the message in the e-mail.
3. Select Create to create the job. It may take a few minutes to deploy.
To get back to the job, select Resource groups. This tutorial uses ContosoResources. Select the resource
group, then select the Stream Analytics job in the list of resources.
Add an input to the Stream Analytics job
1. Under Job Topology, select Inputs.
2. In the Inputs pane, select Add stream input and select IoT Hub. On the screen that comes up, fill in the
following fields:
Input alias: This tutorial uses contosoinputs.
Select IoT Hub from your subscription: Select this radio button option.
Subscription: Select the Azure subscription you're using for this tutorial.
IoT Hub: Select the IoT hub. This tutorial uses ContosoTestHub.
Endpoint: Select Messaging. (If you select Operations Monitoring, you get the telemetry data about the
IoT hub rather than the data you're sending through.)
Shared access policy name: Select service. The portal fills in the Shared Access Policy Key for you.
Consumer group: Select the consumer group set up in Part 1 of this tutorial. This tutorial uses
contosoconsumers.
For the rest of the fields, accept the defaults.
3. Select Save.
Add an output to the Stream Analytics job
1. Under Job Topology, select Outputs.
2. In the Outputs pane, select Add, and then select Power BI. On the screen that comes up, fill in the
following fields:
Output alias: The unique alias for the output. This tutorial uses contosooutputs.
Dataset name: Name of the dataset to be used in Power BI. This tutorial uses contosodataset.
Table name: Name of the table to be used in Power BI. This tutorial uses contosotable.
Accept the defaults for the rest of the fields.
3. Select Authorize, and sign in to your Power BI account. (This may take more than one try).
4. Select Save.
Configure the query of the Stream Analytics job
1. Under Job Topology, select Query.
2. Replace [YourInputAlias] with the input alias of the job. This tutorial uses contosoinputs.
3. Replace [YourOutputAlias] with the output alias of the job. This tutorial uses contosooutputs.
4. Select Save.
5. Close the Query pane. You return to the view of the resources in the Resource Group. Select the Stream
Analytics job. This tutorial calls it contosoJob.
Run the Stream Analytics job
In the Stream Analytics job, select Start > Now > Start. Once the job successfully starts, the job status changes
from Stopped to Running.
To set up the Power BI report, you need data, so you'll set up Power BI after creating the device and running the
device simulation application.
7. Select Save to save the report, entering a name for the report if prompted.
You should be able to see data on both charts. This result means the following statements are true:
The routing to the default endpoint is working correctly.
The Azure Stream Analytics job is streaming correctly.
The Power BI Visualization is set up correctly.
You can refresh the charts to see the most recent data by selecting the Refresh button on the top of the Power BI
window.
Clean up resources
If you want to remove all of the Azure resources you've created through both parts of this tutorial, delete the
resource group. This action deletes all resources contained within the group. In this case, it removes the IoT hub,
the Service Bus namespace and queue, the Logic App, the storage account, and the resource group itself. You can
also remove the Power BI resources and clear the emails sent during the tutorial.
Clean up resources in the Power BI visualization
Sign in to your Power BI account. Go to your workspace. This tutorial uses My Workspace. To remove the Power
BI visualization, go to DataSets and select the trash can icon to delete the dataset. This tutorial uses
contosodataset. When you remove the dataset, the report is removed as well.
Use the Azure CLI to clean up resources
To remove the resource group, use the az group delete command. $resourceGroup was set to ContosoResources
back at the beginning of this tutorial.
Next steps
In this 2-part tutorial, you learned how to use message routing to route IoT Hub messages to different
destinations by performing the following tasks.
Part I: Create resources, set up message routing
Create the resources -- an IoT hub, a storage account, a Service Bus queue, and a simulated device.
Configure the endpoints and message routes in IoT Hub for the storage account and Service Bus queue.
Part II: Send messages to the hub, view routed results
Create a Logic App that is triggered and sends e-mail when a message is added to the Service Bus queue.
Download and run an app that simulates an IoT Device sending messages to the hub for the different routing
options.
Create a Power BI visualization for data sent to the default endpoint.
View the results ...
...in the Service Bus queue and e-mails.
...in the storage account.
...in the Power BI visualization.
Advance to the next tutorial to learn how to manage the state of an IoT device.
Set up and use metrics and diagnostics with an IoT Hub
Tutorial: Using Azure IoT Hub message enrichments
12/20/2019 • 16 minutes to read • Edit Online
Message enrichments is the ability of the IoT Hub to stamp messages with additional information before the
messages are sent to the designated endpoint. One reason to use message enrichments is to include data that can
be used to simplify downstream processing. For example, enriching device telemetry messages with a device twin
tag can reduce load on customers to make device twin API calls for this information. For more information, see the
Overview of message enrichments.
In this tutorial, you see two ways to create and configure the resources needed to test the message enrichments for
an IoT Hub. The resources include one storage account with two storage containers -- one to hold the enriched
messages and one to hold the original messages. Also included is an IoT hub to receive the messages and route
them to the appropriate storage container depending on whether they are enriched or not.
The first method is to use the Azure CLI to create the resources and configure the message routing. Then
you define the enrichments manually using the Azure portal.
The second method is to use an Azure Resource Manager template to create both the resources and the
configurations for the message routing and message enrichments.
After the configurations for the message routing and message enrichments are complete, you use an application to
send messages to the IoT Hub, which then routes them to both storage containers. Only the messages sent to the
endpoint for the enriched storage container are enriched.
Here are the tasks you perform to complete this tutorial:
Using IoT Hub message enrichments
First method: manual message enrichments
Create resources and configure message routing using the Azure CLI.
Configure the message enrichments manually using the Azure portal.
Second method: using an RM template
Create resources, configure message routing and message enrichments using an Azure Resource
Manager template.
Run an app that simulates an IoT Device sending messages to the hub.
View the results and verify the message enrichments are working as expected.
Prerequisites
You must have an Azure subscription. If you don't have an Azure subscription, create a free account before
you begin.
Install Visual Studio.
NOTE
All messages are routed to both endpoints, but only the messages going to the endpoint with configured message
enrichments will be enriched.
You can use the script below, or open the script in the /resources folder of the downloaded repository. Here are the
steps the script will perform:
Create an IoT Hub.
Create a storage account.
Create two containers in the storage account -- one for the enriched messages and one for messages that are
not enriched.
Set up routing for the two different storage accounts.
Create an endpoint for each storage account container.
Create a route to each of the storage account container endpoints.
There are several resource names that must be globally unique, such as the IoT Hub name and the storage account
name. To make running the script easier, those resource names are appended with a random alphanumeric value
called randomValue. The randomValue is generated once at the top of the script and appended to the resource
names as needed throughout the script. If you don't want it to be random, you can set it to an empty string or to a
specific value.
If you haven't already done so, open a Cloud Shell window and ensure it is set to Bash. Open the script in the
unzipped repository, use Ctrl-A to select all of it, then Ctrl-C to copy it. Alternately, you can copy the following CLI
script or open it directly in Cloud Shell. Paste the script in the Cloud Shell window by right-clicking on the
command line and selecting Paste. The script runs one statement at a time. After the script stops running, select
Enter to make sure it runs the last command. The following code block shows the script that is used, with
comments explaining what it's doing.
Here are the resources created by the script. Enriched means that resource is for messages with enrichments.
Original means that resource is for messages that are not enriched.
NAME VALUE
resourceGroup ContosoResourcesMsgEn
# Concatenate this number onto the resources that have to be globally unique.
# You can set this to "" or to a specific value if you don't want it to be random.
# You can set this to "" or to a specific value if you don't want it to be random.
# This retrieves a random value.
randomValue=$RANDOM
# Retrieve the information about the device identity, then copy the primary key to
# Notepad. You need this to run the device simulation during the testing phase.
# If you are using Cloud Shell, you can scroll the window back up to retrieve this value.
az iot hub device-identity show --device-id $iotDeviceName \
--hub-name $iotHubName
endpointType="azurestoragecontainer"
endpointName1="ContosoStorageEndpointOriginal"
endpointName2="ContosoStorageEndpointEnriched"
routeName1="ContosoStorageRouteOriginal"
routeName2="ContosoStorageRouteEnriched"
# This is the endpoint for the first container, for endpoint messages that are not enriched.
az iot hub routing-endpoint create \
--connection-string $storageConnectionString \
--endpoint-name $endpointName1 \
--endpoint-resource-group $resourceGroup \
--endpoint-subscription-id $subscriptionID \
--endpoint-type $endpointType \
--hub-name $iotHubName \
--container $containerName1 \
--resource-group $resourceGroup \
--encoding json
# This is the endpoint for the second container, for endpoint messages that are enriched.
az iot hub routing-endpoint create \
--connection-string $storageConnectionString \
--endpoint-name $endpointName2 \
--endpoint-resource-group $resourceGroup \
--endpoint-subscription-id $subscriptionID \
--endpoint-type $endpointType \
--hub-name $iotHubName \
--container $containerName2 \
--resource-group $resourceGroup \
--encoding json
At this point, the resources are all set up and the message routing is configured. You can view the message routing
configuration in the portal and set up the message enrichments for messages going to the enriched storage
container.
Manually configure the message enrichments using the Azure portal
1. Go to your IoT Hub by selecting Resource groups, then select the resource group set up for this tutorial
(ContosoResourcesMsgEn). Find the IoT Hub in the list and select it. Select Message Routing for the Iot
Hub.
The message routing pane has three tabs -- Routes, Custom endpoints, and Enrich messages. You can
browse the first two tabs to see the configuration set up by the script. Use the third tab to add message
enrichments. Let's enrich messages going to the endpoint for the storage container called enriched. Fill in
the name and value, and then select the endpoint ContosoStorageEndpointEnriched from the dropdown
list. Here's an example of setting up an enrichment that adds the IoT Hub name to the message:
2. Add these values to the list for the ContosoStorageEndpointEnriched endpoint.
NOTE
If your device does not have a twin, the value you put in here will be stamped as a string for the value in the
message enrichments. To see the device twin information, go to your hub in the portal, then select IoT devices,
select your device, and then select Device twin at the top of the page.
You can edit the twin information to add tags (such as location) and set it to a specific value if you want to. For more
information, see Understand and use device twins in IoT Hub
3. When you're finished, your pane should look similar to this image:
4. Select Apply to save the changes. Skip to the testing message enrichments section.
NAME VALUE
resourceGroup ContosoResourcesMsgEn
6. Select Save, and the Custom deployment pane is displayed, showing all of the parameters used by the
template. The only field you need to set is the resource group. Either create a new one or select one from
the dropdown list.
Here's the top half of the custom deployment pane. You can see where you fill in the resource group.
7. Here's the bottom half of the custom deployment pane. You can see the rest of the parameters, and the
terms and conditions.
8. Select the checkbox indicating you agree with the terms and conditions, then select Purchase to continue
with the template deployment.
9. Wait for the template to be completely deployed. You can select the bell icon at the top of the screen to
check on the progress. When it's finished, you can continue to testing message enrichments.
The Simulated Device application is one of the applications in the unzipped download. The application sends
messages for each of the different message routing methods in the Routing Tutorial; this includes Azure Storage.
Double-click on the solution file (IoT_SimulatedDevice.sln) to open the code in Visual Studio, then open
Program.cs. Substitute the IoT hub name for the marker {your hub name} . The format of the IoT hub host name is
{your hub name}.azure-devices.net. For this tutorial, the hub host name is ContosoTestHubMsgEn.azure-
devices.net. Next, substitute the device key you saved earlier when running the script to create the resources for
the marker {your device key} .
If you don't have the device key, you can retrieve it from the portal. After logging in, go to Resource groups, select
your resource group, then select your IoT Hub. Look under IoT Devices for your test device and select your
device. Select the copy icon next to Primary key to copy it to the clipboard.
private readonly static string s_myDeviceId = "Contoso-Test-Device";
private readonly static string s_iotHubUri = "ContosoTestHubMsgEn.azure-devices.net";
// This is the primary key for the device. This is in the portal.
// Find your IoT hub in the portal > IoT devices > select your device > copy the key.
private readonly static string s_deviceKey = "{your device key}";
Select BLOB CONTAINERS to see the two containers that can be used.
The messages in the container called enriched have the message enrichments included in the messages. The
messages in the container called original will have the raw messages with no enrichments. Drill down into one of
the containers until you get to the bottom and open the most recent message file, then do the same for the other
container to verify that there are no enrichments added to messages in that container.
When you look at messages that have been enriched, you should see the "my IoT Hub" with the hub name, as well
as the location and the customer ID, like this:
{"EnqueuedTimeUtc":"2019-05-10T06:06:32.7220000Z","Properties":{"level":"storage","my IoT
Hub":"contosotesthubmsgen3276","devicelocation":"$twin.tags.location","customerID":"6ce345b8-1e4a-411e-9398-
d34587459a3a"},"SystemProperties":{"connectionDeviceId":"Contoso-Test-Device","connectionAuthMethod":"
{\"scope\":\"device\",\"type\":\"sas\",\"issuer\":\"iothub\",\"acceptingIpFilterRule\":null}","connectionDevic
eGenerationId":"636930642531278483","enqueuedTime":"2019-05-
10T06:06:32.7220000Z"},"Body":"eyJkZXZpY2VJZCI6IkNvbnRvc28tVGVzdC1EZXZpY2UiLCJ0ZW1wZXJhdHVyZSI6MjkuMjMyMDE2ODQ
4MDQyNjE1LCJodW1pZGl0eSI6NjQuMzA1MzQ5NjkyODQ0NDg3LCJwb2ludEluZm8iOiJUaGlzIGlzIGEgc3RvcmFnZSBtZXNzYWdlLiJ9"}
Here is an unenriched message. "my IoT Hub", "devicelocation", and "customerID" do not show up here, because
these are the fields that would be added by the enrichments, and this endpoint has no enrichments.
{"EnqueuedTimeUtc":"2019-05-10T06:06:32.7220000Z","Properties":{"level":"storage"},"SystemProperties":
{"connectionDeviceId":"Contoso-Test-Device","connectionAuthMethod":"
{\"scope\":\"device\",\"type\":\"sas\",\"issuer\":\"iothub\",\"acceptingIpFilterRule\":null}","connectionDevic
eGenerationId":"636930642531278483","enqueuedTime":"2019-05-
10T06:06:32.7220000Z"},"Body":"eyJkZXZpY2VJZCI6IkNvbnRvc28tVGVzdC1EZXZpY2UiLCJ0ZW1wZXJhdHVyZSI6MjkuMjMyMDE2ODQ
4MDQyNjE1LCJodW1pZGl0eSI6NjQuMzA1MzQ5NjkyODQ0NDg3LCJwb2ludEluZm8iOiJUaGlzIGlzIGEgc3RvcmFnZSBtZXNzYWdlLiJ9"}
Clean up resources
If you want to remove all of the resources you've created in this tutorial, delete the resource group. This action
deletes all resources contained within the group. In this case, it removes the IoT hub, the storage account, and the
resource group itself.
Use the Azure CLI to clean up resources
To remove the resource group, use the az group delete command. $resourceGroup was set to
ContosoResourcesMsgEn back at the beginning of this tutorial.
Next steps
In this tutorial, you configured and tested adding message enrichments to IoT Hub messages using the following
steps:
Using IoT Hub message enrichments
First method
Create resources and configure message routing using the Azure CLI.
Configure the message enrichments manually using the Azure portal.
Second method
Create resources, configure message routing and message enrichments using an Azure Resource
Manager template.
Run an app that simulates an IoT Device sending messages to the hub.
View the results and verify the message enrichments are working as expected.
For more information about message enrichments, see the overview of message enrichments.
For more information about message routing, see these articles:
Use IoT Hub message routing to send device-to-cloud messages to different endpoints
Tutorial: IoT Hub routing
Tutorial: Set up and use metrics and diagnostic logs
with an IoT hub
1/8/2020 • 12 minutes to read • Edit Online
If you have an IoT Hub solution running in production, you want to set up some metrics and enable diagnostic
logs. Then if a problem occurs, you have data to look at that will help you diagnose the problem and fix it more
quickly. In this article, you'll see how to enable the diagnostic logs, and how to check them for errors. You'll also set
up some metrics to watch, and alerts that fire when the metrics hit a certain boundary. For example, you could
have an e-mail sent to you when the number of telemetry messages sent exceeds a specific boundary, or when the
number of messages used gets close to the quota of messages allowed per day for the IoT Hub.
An example use case is a gas station where the pumps are IoT devices that send communicate with an IoT hub.
Credit cards are validated, and the final transaction is written to a data store. If the IoT devices stop connecting to
the hub and sending messages, it is much more difficult to fix if you have no visibility into what's going on.
This tutorial uses the Azure sample from the IoT Hub Routing to send messages to the IoT hub.
In this tutorial, you perform the following tasks:
Using Azure CLI, create an IoT hub, a simulated device, and a storage account.
Enable diagnostic logs.
Enable metrics.
Set up alerts for those metrics.
Download and run an app that simulates an IoT device sending messages to the hub.
Run the app until the alerts begin to fire.
View the metrics results and check the diagnostic logs.
Prerequisites
An Azure subscription. If you don't have an Azure subscription, create a free account before you begin.
Install Visual Studio.
An email account capable of receiving mail.
OPTION EXAMPLE/LINK
Set up resources
For this tutorial, you need an IoT hub, a storage account, and a simulated IoT device. These resources can be
created using Azure CLI or Azure PowerShell. Use the same resource group and location for all of the resources.
Then at the end, you can remove everything in one step by deleting the resource group.
These are the required steps.
1. Create a resource group.
2. Create an IoT hub.
3. Create a standard V1 storage account with Standard_LRS replication.
4. Create a device identity for the simulated device that sends messages to your hub. Save the key for the
testing phase.
Set up resources using Azure CLI
Copy and paste this script into Cloud Shell. Assuming you are already logged in, it runs the script one line at a
time. The new resources are created in the resource group ContosoResources.
The variables that must be globally unique have $RANDOM concatenated to them. When the script is run and the
variables are set, a random numeric string is generated and concatenated to the end of the fixed string, making it
unique.
# This is the IOT Extension for Azure CLI.
# You only need to install this the first time.
# You need it to create the device identity.
az extension add --name azure-cli-iot-ext
# Set the values for the resource names that don't have to be globally unique.
# The resources that have to have unique names are named in the script below
# with a random number concatenated to the name so you can probably just
# run this script, and it will work with no conflicts.
location=westus
resourceGroup=ContosoResources
iotDeviceName=Contoso-Test-Device
# The IoT hub name must be globally unique, so add a random number to the end.
iotHubName=ContosoTestHub$RANDOM
echo "IoT hub name = " $iotHubName
# The storage account name must be globally unique, so add a random number to the end.
storageAccountName=contosostoragemon$RANDOM
echo "Storage account name = " $storageAccountName
# Retrieve the information about the device identity, then copy the primary key to
# Notepad. You need this to run the device simulation during the testing phase.
az iot hub device-identity show --device-id $iotDeviceName \
--hub-name $iotHubName
NOTE
When creating the device identity, you may get the following error: No keys found for policy iothubowner of IoT Hub
ContosoTestHub. To fix this error, update the Azure CLI IoT Extension and then run the last two commands in the script
again.
Here is the command to update the extension. Run this in your Cloud Shell instance.
3. Make sure the subscription and resource group are correct. Under Resource Type, uncheck Select All,
then look for and check IoT Hub. (It puts the checkmark next to Select All again, just ignore it.) Under
Resource, select the hub name. Your screen should look like this image:
4. Now click Turn on diagnostics. The Diagnostics settings pane is displayed. Specify the name of your
diagnostic logs settings as "diags-hub".
5. Check Archive to a storage account.
Click Configure to see the Select a storage account screen, select the right one (contosostoragemon),
and click OK to return to the Diagnostics settings pane.
6. Under LOG, check Connections and Device Telemetry, and set the Retention (days) to 7 days for each.
Your Diagnostic settings screen should now look like this image:
7. Click Save to save the settings. Close the Diagnostics settings pane.
Later, when you look at the diagnostic logs, you'll be able to see the connect and disconnect logging for the device.
Set up metrics
Now set up some metrics to watch for when messages are sent to the hub.
1. In the settings pane for the IoT hub, click on the Metrics option in the Monitoring section.
2. At the top of the screen, click Last 24 hours (Automatic). In the dropdown that appears, select Last 4
hours for Time Range, and set Time Granularity to 1 minute, local time. Click Apply to save these
settings.
3. There is one metric entry by default. Leave the resource group as the default, and the metric namespace. In
the Metric dropdown list, select Telemetry messages sent. Set Aggregation to Sum.
4. Now click Add metric to add another metric to the chart. Select your resource group ( ContosoTestHub).
Under Metric, select Total number of messages used. For Aggregation, select Avg.
Now your screen shows the minimized metric for Telemetry messages sent, plus the new metric for Total
number of messages used.
Click Pin to dashboard. It will pin it to the dashboard of your Azure portal so you can access it again. If you
don't pin it to the dashboard, your settings are not retained.
Set up alerts
Go to the hub in the portal. Click Resource Groups, select ContosoResources, then select IoT Hub
ContosoTestHub.
IoT Hub has not been migrated to the metrics in Azure Monitor yet; you have to use classic alerts.
1. Under Monitoring, click Alerts This shows the main alert screen.
2. To get to the classic alerts from here, click View classic alerts.
Fill in the fields:
Subscription: Leave this field set to your current subscription.
Source: Set this field to Metrics.
Resource group: Set this field to your current resource group, ContosoResources.
Resource type: Set this field to IoT Hub.
Resource: Select your IoT hub, ContosoTestHub.
3. Click Add metric alert (classic) to set up a new alert.
Fill in the fields:
Name: Provide a name for your alert rule, such as telemetry-messages.
Description: Provide a description of your alert, such as alert when there are 1000 telemetry messages
sent.
Source: Set this to Metrics.
Subscription, Resource group, and Resource should be set to the values you selected on the View
classic alerts screen.
Set Metric to Telemetry messages sent.
await Task.Delay(10);
Run the console application. Wait a few minutes (10-15). You can see the messages being sent from the simulated
device to the hub on the console screen of the application.
See the metrics in the portal
Open your metrics from the Dashboard. Change the time values to Last 30 minutes with a time granularity of 1
minute. It shows the telemetry messages sent and the total number of messages used on the chart, with the most
recent numbers at the bottom of the chart.
See the alerts
Go back to alerts. Click Resource groups, select ContosoResources, then select the hub ContosoTestHub. In the
properties page displayed for the hub, select Alerts, then View classic alerts.
When the number of messages sent exceeds the limit, you start getting e-mail alerts. To see if there are any active
alerts, go to your hub and select Alerts. It will show you the alerts that are active, and if there are any warnings.
Click on the alert for telemetry messages. It shows the metric result and a chart with the results. Also, the e-mail
sent to warn you of the alert firing looks like this image:
See the diagnostic logs
You set up your diagnostic logs to be exported to blob storage. Go to your resource group and select your storage
account contosostoragemon. Select Blobs, then open container insights-logs-connections. Drill down until you get
to the current date and select the most recent file.
Click Download to download it and open it. You see the logs of the device connecting and disconnecting as it
sends messages to the hub. Here a sample:
{
"time": "2018-12-17T18:11:25Z",
"resourceId":
"/SUBSCRIPTIONS/your-subscription-
id/RESOURCEGROUPS/CONTOSORESOURCES/PROVIDERS/MICROSOFT.DEVICES/IOTHUBS/CONTOSOTESTHUB",
"operationName": "deviceConnect",
"category": "Connections",
"level": "Information",
"properties":
{"deviceId":"Contoso-Test-Device",
"protocol":"Mqtt",
"authType":null,
"maskedIpAddress":"73.162.215.XXX",
"statusCode":null
},
"location": "westus"
}
{
"time": "2018-12-17T18:19:25Z",
"resourceId":
"/SUBSCRIPTIONS/your-subscription-
id/RESOURCEGROUPS/CONTOSORESOURCES/PROVIDERS/MICROSOFT.DEVICES/IOTHUBS/CONTOSOTESTHUB",
"operationName": "deviceDisconnect",
"category": "Connections",
"level": "Error",
"resultType": "404104",
"resultDescription": "DeviceConnectionClosedRemotely",
"properties":
{"deviceId":"Contoso-Test-Device",
"protocol":"Mqtt",
"authType":null,
"maskedIpAddress":"73.162.215.XXX",
"statusCode":"404"
},
"location": "westus"
}
Clean up resources
To remove all of the resources you've created in this tutorial, delete the resource group. This action deletes all
resources contained within the group. In this case, it removes the IoT hub, the storage account, and the resource
group itself. If you have pinned metrics to the dashboard, you will have to remove those manually by clicking on
the three dots in the upper right-hand corner of each and selecting Remove.
To remove the resource group, use the az group delete command.
Next steps
In this tutorial, you learned how to use metrics and diagnostic logs by performing the following tasks:
Using Azure CLI, create an IoT hub, a simulated device, and a storage account.
Enable diagnostic logs.
Enable metrics.
Set up alerts for those metrics.
Download and run an app that simulates an IoT device sending messages to the hub.
Run the app until the alerts begin to fire.
View the metrics results and check the diagnostic logs.
Advance to the next tutorial to learn how to manage the state of an IoT device.
Configure your devices from a back-end service
Tutorial: Perform manual failover for an IoT hub
11/8/2019 • 4 minutes to read • Edit Online
Manual failover is a feature of the IoT Hub service that allows customers to failover their hub's operations from a
primary region to the corresponding Azure geo-paired region. Manual failover can be done in the event of a
regional disaster or an extended service outage. You can also perform a planned failover to test your disaster
recovery capabilities, although we recommend using a test IoT hub rather than one running in production. The
manual failover feature is offered to customers at no additional cost.
In this tutorial, you perform the following tasks:
Using the Azure portal, create an IoT hub.
Perform a failover.
See the hub running in the secondary location.
Perform a failback to return the IoT hub's operations to the primary location.
Confirm the hub is running correctly in the right location.
Prerequisites
An Azure subscription. If you don't have an Azure subscription, create a free account before you begin.
Click Review + create. (It uses the defaults for size and scale.)
4. Review the information, then click Create to create the IoT hub.
3. On the Manual failover pane, you see the Current location and the Failover location. The current location
always indicates the location in which the hub is currently active. The failover location is the standard Azure
geo-paired region that is paired to the current location. You cannot change the location values. For this
tutorial, the current location is West US 2 and the failover location is West Central US .
While the manual failover process is running, a banner appears to tell you a manual failover is in progress.
If you close the IoT Hub pane and open it again by clicking it on the Resource Group pane, you see a banner
that tells you the hub is in the middle of a manual failover.
After it's finished, the current and failover regions on the Manual Failover page are flipped and the hub is
active again. In this example, the current location is now WestCentralUS and the failover location is now
West US 2 .
The overview page also shows a banner indicating that the failover complete and the IoT Hub is running in
West Central US .
Perform a failback
After you have performed a manual failover, you can switch the hub's operations back to the original primary
region -- this is called a failback. If you have just performed a failover, you have to wait about an hour before you
can request a failback. If you try to perform the failback in a shorter amount of time, an error message is displayed.
A failback is performed just like a manual failover. These are the steps:
1. To perform a failback, return to the Iot Hub pane for your Iot hub.
2. Under Settings on the IoT Hub pane, click Failover.
3. At the top of the Manual failover pane, click Start failover.
4. In the confirmation pane, fill in the name of your IoT hub to confirm it's the one you want to failback. To
then initiate the failback, click OK.
The banners are displayed as explained in the perform a failover section. After the failback is complete, it
again shows West US 2 as the current location and West Central US as the failover location, as set
originally.
Clean up resources
To remove the resources you've created for this tutorial, delete the resource group. This action deletes all resources
contained within the group. In this case, it removes the IoT hub and the resource group itself.
1. Click Resource Groups.
2. Locate and select the resource group ManlFailRG. Click on it to open it.
3. Click Delete resource group. When prompted, enter the name of the resource group and click Delete to
confirm.
Next steps
In this tutorial, you learned how to configure and perform a manual failover, and how to request a failback by
performing the following tasks:
Using the Azure portal, create an IoT hub.
Perform a failover.
See the hub running in the secondary location.
Perform a failback to return the IoT hub's operations to the primary location.
Confirm the hub is running correctly in the right location.
Advance to the next tutorial to learn how to manage the state of an IoT device.
Manage the state of an IoT device
Tutorial: Configure your devices from a back-end
service
11/8/2019 • 13 minutes to read • Edit Online
As well as receiving telemetry from your devices, you may need to configure your devices from your back-end
service. When you send a desired configuration to your devices, you may also want to receive status and
compliance updates from those devices. For example, you might set a target operational temperature range for a
device or collect firmware version information from your devices.
To synchronize state information between a device and an IoT hub, you use device twins. A device twin is a
JSON document, associated with a specific device, and stored by IoT Hub in the cloud where you can query
them. A device twin contains desired properties, reported properties, and tags. A desired property is set by a
back-end application and read by a device. A reported property is set by a device and read by a back-end
application. A tag is set by a back-end application and is never sent to a device. You use tags to organize your
devices. This tutorial shows you how to use desired and reported properties to synchronize state information:
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written using Node.js. You need Node.js v10.x.x or
later on your development machine.
You can download Node.js for multiple platforms from nodejs.org.
You can verify the current version of Node.js on your development machine using the following command:
node --version
# Create your free-tier IoT Hub. You can only have one free IoT Hub per subscription:
az iot hub create --name $hubname --location $location --resource-group tutorial-iot-hub-rg --sku F1
This tutorial uses a simulated device called MyTwinDevice. The following script adds this device to your
identity registry and retrieves its connection string:
{
"fanOn": "true",
"components": {
"system": {
"id": "17",
"units": "farenheit",
"firmwareVersion": "9.75"
},
"wifi" : {
"channel" : "6",
"ssid": "my_network"
},
"climate" : {
"minTemperature": "68",
"maxTemperature": "76"
}
}
}
Create handlers
You can create handlers for desired property updates that respond to updates at different levels in the JSON
hierarchy. For example, this handler sees all desired property changes sent to the device from a back-end
application. The delta variable contains the desired properties sent from the solution back end:
The following handler only reacts to changes made to the fanOn desired property:
The local twin object stores a complete set of desired and reported properties. The delta sent from the back end
might update just a subset of desired properties.
Handle insert, update, and delete operations
The desired properties sent from the back end don't indicate what operation is being performed on a particular
desired property. Your code needs to infer the operation from the current set of desired properties stored locally
and the changes sent from the hub.
The following snippet shows how the simulated device handles insert, update, and delete operations on the list
of components in the desired properties. You can see how to use null values to indicate that a component
should be deleted:
// Keep track of all the components the device knows about
var componentList = {};
} else if (delta[key]) {
if (componentList[key]) {
// The delta contains a component, and the
// device has a record of it.
// Must be an update operation.
console.log(chalk.green('\nUpdating component ' + key + ':'));
console.log(JSON.stringify(delta[key]));
// Store the complete object instead of just the delta
componentList[key] = twin.properties.desired.components[key];
} else {
// The delta contains a component, and the
// device has no record of it.
// Must be an add operation.
console.log(chalk.green('\nAdding component ' + key + ':'));
console.log(JSON.stringify(delta[key]));
// Store the complete object instead of just the delta
componentList[key] = twin.properties.desired.components[key];
}
}
});
}
});
// Get the device twin and send desired property update patches at intervals.
// Print the reported properties after some of the desired property updates.
registry.getTwin(deviceId, async (err, twin) => {
if (err) {
console.error(err.message);
} else {
console.log('Got device twin');
The following snippet shows different desired property patches the back end application sends to the device:
// Turn the fan on
var twinPatchFanOn = {
properties: {
desired: {
patchId: "Switch fan on",
fanOn: "false",
}
}
};
npm install
node SimulatedDevice.js "{your device connection string}"
To run the back-end application, open another shell or command prompt window. Then navigate to the iot-
hub/Tutorials/DeviceTwins folder in the Node.js project you downloaded. Then run the following commands:
npm install
node ServiceClient.js "{your service connection string}"
The following screenshot shows the output from the simulated device application and highlights how it handles
an update to the maxTemperature desired property. You can see how both the top-level handler and the
climate component handlers run:
The following screenshot shows the output from the back-end application and highlights how it sends an update
to the maxTemperature desired property:
The simulated device uses the following function to send the patch that contains the reported properties to the
hub:
npm install
node SimulatedDevice.js "{your device connection string}"
To run the back-end application, open another shell or command prompt window. Then navigate to the iot-
hub/Tutorials/DeviceTwins folder in the Node.js project you downloaded. Then run the following commands:
npm install
node ServiceClient.js "{your service connection string}"
The following screenshot shows the output from the simulated device application and highlights how it sends a
reported property update to your hub:
The following screenshot shows the output from the back-end application and highlights how it receives and
processes a reported property update from a device:
Clean up resources
If you plan to complete the next tutorial, leave the resource group and IoT hub and reuse them later.
If you don't need the IoT hub any longer, delete it and the resource group in the portal. To do so, select the
tutorial-iot-hub-rg resource group that contains your IoT hub and click Delete.
Alternatively, use the CLI:
# Delete your resource group and its contents
az group delete --name tutorial-iot-hub-rg
Next steps
In this tutorial, you learned how to synchronize state information between your devices and your IoT hub.
Advance to the next tutorial to learn how to use device twins to implement a firmware update process.
Implement a device firmware update process
Tutorial: Implement a device firmware update
process
11/8/2019 • 11 minutes to read • Edit Online
You may need to update the firmware on the devices connected to your IoT hub. For example, you might want to
add new features to the firmware or apply security patches. In many IoT scenarios, it's impractical to physically
visit and then manually apply firmware updates to your devices. This tutorial shows how you can start and
monitor the firmware update process remotely through a back-end application connected to your hub.
To create and monitor the firmware update process, the back-end application in this tutorial creates a
configuration in your IoT hub. IoT Hub automatic device management uses this configuration to update a set of
device twin desired properties on all your chiller devices. The desired properties specify the details of the firmware
update that's required. While the chiller devices are running the firmware update process, they report their status
to the back-end application using device twin reported properties. The back-end application can use the
configuration to monitor the reported properties sent from the device and track the firmware update process to
completion:
OPTION EXAMPLE/LINK
Prerequisites
The two sample applications you run in this quickstart are written using Node.js. You need Node.js v10.x.x or later
on your development machine.
You can download Node.js for multiple platforms from nodejs.org.
You can verify the current version of Node.js on your development machine using the following command:
node --version
# Create your free-tier IoT Hub. You can only have one free IoT Hub per subscription
az iot hub create --name $hubname --location $location --resource-group tutorial-iot-hub-rg --sku F1
This tutorial uses a simulated device called MyFirmwareUpdateDevice. The following script adds this device to
your device identity registry, sets a tag value, and retrieves its connection string:
TIP
If you run these commands at a Windows command prompt or Powershell prompt, see the azure-iot-cli-extension tips page
for information about how to quote JSON strings.
The back-end application uses the following code to create the configuration to set the desired properties:
registry.addConfiguration(firmwareConfig, function(err) {
if (err) {
console.log('Add configuration failed: ' + err);
done();
} else {
console.log('Add configuration succeeded');
done();
}
});
};
After it creates the configuration, the application monitors the firmware update:
var monitorConfiguration = function(done) {
console.log('Monitor metrics for configuration: ' + sampleConfigId);
setInterval(function(){
registry.getConfiguration(sampleConfigId, function(err, config) {
if (err) {
console.log('getConfiguration failed: ' + err);
} else {
console.log('System metrics:');
console.log(JSON.stringify(config.systemMetrics.results, null, ' '));
console.log('Custom metrics:');
console.log(JSON.stringify(config.metrics.results, null, ' '));
}
});
}, 20000);
done();
};
if (fwUpdateDesiredProperties.fwVersion == twin.properties.reported.firmware.currentFwVersion) {
sendStatusUpdate('current', 'Firmware already up to date', function (err) {
if (err) {
console.error(chalk.red('Error occured sending status update : ' + err.message));
}
return;
});
}
if (fwUpdateInProgress) {
sendStatusUpdate('current', 'Firmware update already running', function (err) {
if (err) {
console.error(chalk.red('Error occured sending status update : ' + err.message));
}
return;
});
}
if (!fwUpdateDesiredProperties.fwPackageURI.startsWith('https')) {
sendStatusUpdate('error', 'Insecure package URI', function (err) {
if (err) {
console.error(chalk.red('Error occured sending status update : ' + err.message));
}
return;
});
}
fwUpdateInProgress = true;
async.waterfall([
downloadImage,
verifyImage,
applyImage,
reboot
], function(err, result) {
if (err) {
console.error(chalk.red('Error occured firmwareUpdate flow : ' + err.message));
sendStatusUpdate('error', err.message, function (err) {
if (err) {
console.error(chalk.red('Error occured sending status update : ' + err.message));
}
});
setTimeout(function() {
console.log('Simulate rolling back update due to error');
sendStatusUpdate('rolledback', 'Rolled back to: ' + currentVersion, function (err) {
if (err) {
console.error(chalk.red('Error occured sending status update : ' + err.message));
}
});
callback(err, result);
}, 5000);
} else {
callback(null, result);
}
});
}
During the update process, the simulated device reports on progress using reported properties:
The following snippet shows the implementation of the download phase. During the download phase, the
simulated device uses reported properties to send status information to the back-end application:
async.waterfall([
function(callback) {
sendStatusUpdate('downloading', 'Start downloading', function (err) {
if (err) {
console.error(chalk.red('Error occured sending status update : ' + err.message));
}
});
callback(null);
},
function(callback) {
// Simulate a delay downloading the image.
setTimeout(function() {
// Simulate some firmware image data
var imageData = '[Fake firmware image data]';
callback(null, imageData);
}, 30000);
},
function(imageData, callback) {
console.log('Downloaded image data: ' + imageData);
sendStatusUpdate('downloading', 'Finished downloading', function (err) {
if (err) {
console.error(chalk.red('Error occured sending status update : ' + err.message));
}
});
callback(null, imageData);
}
], function (err, result) {
callback(err, result);
});
}
npm install
node SimulatedDevice.js "{your device connection string}"
To run the back-end application, open another shell or command prompt window. Then navigate to the iot-
hub/Tutorials/FirmwareUpdate folder in the Node.js project you downloaded. Then run the following
commands:
npm install
node ServiceClient.js "{your service connection string}"
The following screenshot shows the output from the simulated device application and shows how it responds to
the firmware desired properties update from the back-end application:
The following screenshot shows the output from the back-end application and highlights how it creates the
configuration to update the firmware desired properties:
The following screenshot shows the output from the back-end application and highlights how it monitors the
firmware update metrics from the simulated device:
Because automatic device configurations run at creation time and then every five minutes, you may not see every
status update sent to the back-end application. You can also view the metrics in the portal in the Automatic
device management -> IoT device configuration section of your IoT hub:
Clean up resources
If you plan to complete the next tutorial, leave the resource group and IoT hub and reuse them later.
If you don't need the IoT hub any longer, delete it and the resource group in the portal. To do so, select the
tutorial-iot-hub-rg resource group that contains your IoT hub and click Delete.
Alternatively, use the CLI:
Next steps
In this tutorial, you learned how to implement a firmware update process for your connected devices. Advance to
the next tutorial to learn how to use Azure IoT Hub portal tools and Azure CLI commands to test device
connectivity.
Use a simulated device to test connectivity with your IoT hub
Tutorial: Use a simulated device to test connectivity
with your IoT hub
5/13/2019 • 9 minutes to read • Edit Online
In this tutorial, you use Azure IoT Hub portal tools and Azure CLI commands to test device connectivity. This
tutorial also uses a simple device simulator that you run on your desktop machine.
If you don't have an Azure subscription, create a free account before you begin.
In this tutorial, you learn how to:
Check your device authentication
Check device-to-cloud connectivity
Check cloud-to-device connectivity
Check device twin synchronization
OPTION EXAMPLE/LINK
Prerequisites
The CLI scripts you run in this tutorial use the Microsoft Azure IoT Extension for Azure CLI. To install this
extension, run the following CLI command:
az extension add --name azure-cli-iot-ext
The device simulator application you run in this tutorial is written using Node.js. You need Node.js v10.x.x or later
on your development machine.
You can download Node.js for multiple platforms from nodejs.org.
You can verify the current version of Node.js on your development machine using the following command:
node --version
3. To create your free-tier IoT hub, use the values in the following tables:
SETTING VALUE
Resource group Create new. This tutorial uses the name tutorials-iot-
hub-rg.
Region This tutorial uses West US. You can choose the region
closest to you.
SETTING VALUE
Pricing and scale tier F1 Free. You can only have one free tier hub in a
subscription.
5. Make a note of the IoT hub name you chose. You use this value later in the tutorial.
To register a new device, click + Add, set Device ID to MyTestDevice, and click Save:
To retrieve the connection string for MyTestDevice, click on it in the list of devices and then copy the Connection
string-primary key value. The connection string includes the shared access key for the device.
To simulate MyTestDevice sending telemetry to your IoT hub, run the Node.js simulated device application you
downloaded previously.
In a terminal window on your development machine, navigate to the root folder of the sample Node.js project you
downloaded. Then navigate to the iot-hub\Tutorials\ConnectivityTests folder.
In the terminal window, run the following commands to install the required libraries and run the simulated device
application. Use the device connection string you made a note of when you added the device in the portal.
npm install
node SimulatedDevice-1.js "{your device connection string}"
You've now successfully authenticated from a device using a device key generated by your IoT hub.
Reset keys
In this section, you reset the device key and observe the error when the simulated device tries to connect.
To reset the primary device key for MyTestDevice, run the following commands:
# Generate a new Base64 encoded key using the current date
read key < <(date +%s | sha256sum | base64 | head -c 32)
In the terminal window on your development machine, run the simulated device application again:
npm install
node SimulatedDevice-1.js "{your device connection string}"
This time you see an authentication error when the application tries to connect:
NOTE
The SimulatedDevice-2.js sample includes examples of generating a SAS token both with and without the SDK.
To generate a known-good SAS token using the CLI, run the following command:
Make a note of the full text of the generated SAS token. A SAS token looks like the following:
SharedAccessSignature sr=tutorials-iot-hub.azure-devices.net%2Fdevices%2FMyTestDevice&sig=....&se=1524155307
In a terminal window on your development machine, navigate to the root folder of the sample Node.js project you
downloaded. Then navigate to the iot-hub\Tutorials\ConnectivityTests folder.
In the terminal window, run the following commands to install the required libraries and run the simulated device
application:
npm install
node SimulatedDevice-2.js "{Your SAS token}"
The terminal window displays information as it tries to connect to your hub using the SAS token:
You've now successfully authenticated from a device using a test SAS token generated by a CLI command. The
SimulatedDevice-2.js file includes sample code that shows you how to generate a SAS token in code.
Protocols
A device can use any of the following protocols to connect to your IoT hub:
MQTT 8883
AMQP 5671
HTTPS 443
To run a simulated device that sends messages, navigate to the iot-hub\Tutorials\ConnectivityTests folder in
the code you downloaded.
In the terminal window, run the following commands to install the required libraries and run the simulated device
application:
npm install
node SimulatedDevice-3.js "{your device connection string}"
It takes a few minutes for the metrics to become available after you start the simulated device.
The simulated device prints a message to the console when it receives a direct method call:
When the simulated device successfully receives the direct method call, it sends an acknowledgement back to the
hub:
In the output from the command, you can see the devicelaststarted property in the reported properties section.
This property shows the date and time you last started the simulated device.
To verify that the hub can send desired property values to the device, use the following CLI command:
The simulated device prints a message when it receives a desired property update from the hub:
In addition to receiving desired property changes as they're made, the simulated device automatically checks for
desired properties when it starts up.
Clean up resources
If you don't need the IoT hub any longer, delete it and the resource group in the portal. To do so, select the
tutorials-iot-hub-rg resource group that contains your IoT hub and click Delete.
Next steps
In this tutorial, you've seen how to check your device keys, check device-to-cloud connectivity, check cloud-to-
device connectivity, and check device twin synchronization. To learn more about how to monitor your IoT hub, visit
the how -to article for IoT Hub monitoring.
Monitor with diagnostics
TLS 1.0 and 1.1 deprecation in IoT Hub and Device
Provisioning Service
12/18/2019 • 2 minutes to read • Edit Online
To provide best-in-class encryption, IoT Hub and Device Provisioning Service (DPS ) are moving to Transport Layer
Security (TLS ) 1.2 as the encryption mechanism of choice for IoT devices and services. As such, legacy support for
TLS 1.0 and TLS 1.1 as well as several non-recommended legacy ciphers will be deprecated in July 1, 2020.
Impact
Based on customers' specific circumstances and configurations, deprecation of TLS 1.0 and 1.1 and non-
recommended legacy ciphers can be an impactful change for your IoT devices and services communicating with
IoT Hub or DPS. In some cases, devices and services that are incompatible with these changes will not be able to
connect to the IoT Hub or DPS after the aforementioned cut-off date.
Supported ciphers
Only the following ciphers will be allowed during TLS handshake:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Customer feedback
While the TLS 1.2 enforcement is an industry-wide best-in-class encryption choice and will be enabled as planned,
we still would like to hear from customers regarding their specific deployments and difficulties adopting TLS 1.2.
For this purpose, you can send your comments to [email protected].
Message enrichments for device-to-cloud IoT Hub
messages
12/13/2019 • 4 minutes to read • Edit Online
Message enrichments is the ability of the IoT Hub to stamp messages with additional information before the
messages are sent to the designated endpoint. One reason to use message enrichments is to include data that can
be used to simplify downstream processing. For example, enriching device telemetry messages with a device twin
tag can reduce load on customers to make device twin API calls for this information.
Message Enrichments are added as application properties to messages sent to chosen endpoint(s).
Applying enrichments
The messages can come from any data source supported by IoT Hub message routing, including the following
examples:
device telemetry, such as temperature or pressure
device twin change notifications -- changes in the device twin
device life-cycle events, such as when the device is created or deleted
You can add enrichments to messages that are going to the built-in endpoint of an IoT Hub, or messages that are
being routed to custom endpoints such as Azure Blob storage, a Service Bus queue, or a Service Bus topic.
You can add enrichments to messages that are being published to Event Grid by selecting the endpoint as Event
Grid. We create a default route in IoT Hub to device telemetry, based on your Event Grid subscription. This single
route can handle all of your Event Grid subscriptions. You can configure enrichments for the event grid endpoint
after you have created the event grid subscription to device telemetry. For more information, see Iot Hub and
Event Grid.
Enrichments are applied per endpoint. If you specify five enrichments to be stamped for a specific endpoint, all
messages going to that endpoint are stamped with the same five enrichments.
Enrichments can be configured using the the following methods:
METHOD COMMAND
Limitations
You can add up to 10 enrichments per IoT Hub for those hubs in the standard or basic tier. For IoT Hubs in
the free tier, you can add up to 2 enrichments.
In some cases, if you are applying an enrichment with a value set to a tag or property in the device twin, the
value will be stamped as a string value. For example, if an enrichment value is set to $twin.tags.field, the
messages will be stamped with the string "$twin.tags.field" rather than the value of that field from the twin.
This happens in the following cases:
Your IoT Hub is in the basic tier. Basic tier IoT hubs do not support device twins.
Your IoT Hub is in the standard tier, but the device sending the message has no device twin.
Your IoT Hub is in the standard tier, but the device twin path used for the value of the enrichment
does not exist. For example, if the enrichment value is set to $twin.tags.location, and the device twin
does not have a location property under tags, the message is stamped with the string
"$twin.tags.location".
Updates to a device twin can take up to five minutes to be reflected in the corresponding enrichment value.
The total message size, including the enrichments, can't exceed 256 KB. If a message size exceeds 256 KB,
the IoT Hub will drop the message. You can use IoT Hub metrics to identify and debug errors when
messages are dropped. For example, you can monitor d2c.telemetry.egress.invalid.
Message enrichments don't apply to digital twin change events (part of the IoT Plug and Play public
preview ).
Pricing
Message enrichments are available for no additional charge. Currently, you are charged when you send a message
to an IoT Hub. You are only charged once for that message, even if the message goes to multiple endpoints.
Next steps
Check out these articles for more information about routing messages to an IoT Hub:
Message enrichments tutorial
Use IoT Hub message routing to send device-to-cloud messages to different endpoints
Tutorial: IoT Hub routing
Overview of device management with IoT Hub
10/2/2018 • 5 minutes to read • Edit Online
Azure IoT Hub provides the features and an extensibility model that enable device and back-end developers to
build robust device management solutions. Devices range from constrained sensors and single purpose
microcontrollers, to powerful gateways that route communications for groups of devices. In addition, the use cases
and requirements for IoT operators vary significantly across industries. Despite this variation, device management
with IoT Hub provides the capabilities, patterns, and code libraries to cater to a diverse set of devices and end
users.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
A crucial part of creating a successful enterprise IoT solution is to provide a strategy for how operators handle the
ongoing management of their collection of devices. IoT operators require simple and reliable tools and
applications that enable them to focus on the more strategic aspects of their jobs. This article provides:
A brief overview of Azure IoT Hub approach to device management.
A description of common device management principles.
A description of the device lifecycle.
An overview of common device management patterns.
Scale and automation: IoT solutions require simple tools that can automate routine tasks and enable a
relatively small operations staff to manage millions of devices. Day-to-day, operators expect to handle
device operations remotely, in bulk, and to only be alerted when issues arise that require their direct
attention.
Openness and compatibility: The device ecosystem is extraordinarily diverse. Management tools must be
tailored to accommodate a multitude of device classes, platforms, and protocols. Operators must be able to
support many types of devices, from the most constrained embedded single-process chips, to powerful and
fully functional computers.
Context awareness: IoT environments are dynamic and ever-changing. Service reliability is paramount.
Device management operations must take into account the following factors to ensure that maintenance
downtime doesn't affect critical business operations or create dangerous conditions:
SLA maintenance windows
Network and power states
In-use conditions
Device geolocation
Service many roles: Support for the unique workflows and processes of IoT operations roles is crucial. The
operations staff must work harmoniously with the given constraints of internal IT departments. They must
also find sustainable ways to surface realtime device operations information to supervisors and other
business managerial roles.
Device lifecycle
There is a set of general device management stages that are common to all enterprise IoT projects. In Azure IoT,
there are five stages within the device lifecycle:
Within each of these five stages, there are several device operator requirements that should be fulfilled to provide
a complete solution:
Plan: Enable operators to create a device metadata scheme that enables them to easily and accurately query
for, and target a group of devices for bulk management operations. You can use the device twin to store this
device metadata in the form of tags and properties.
Further reading:
Get started with device twins
Understand device twins
How to use device twin properties
Best practices for device configuration within an IoT solution
Provision: Securely provision new devices to IoT Hub and enable operators to immediately discover device
capabilities. Use the IoT Hub identity registry to create flexible device identities and credentials, and perform
this operation in bulk by using a job. Build devices to report their capabilities and conditions through device
properties in the device twin.
Further reading:
Manage device identities
Bulk management of device identities
How to use device twin properties
Best practices for device configuration within an IoT solution
Azure IoT Hub Device Provisioning Service
Configure: Facilitate bulk configuration changes and firmware updates to devices while maintaining both
health and security. Perform these device management operations in bulk by using desired properties or
with direct methods and broadcast jobs.
Further reading:
How to use device twin properties
Configure and monitor IoT devices at scale
Best practices for device configuration within an IoT solution
Monitor: Monitor overall device collection health, the status of ongoing operations, and alert operators to
issues that might require their attention. Apply the device twin to allow devices to report realtime operating
conditions and status of update operations. Build powerful dashboard reports that surface the most
immediate issues by using device twin queries.
Further reading:
How to use device twin properties
IoT Hub query language for device twins, jobs, and message routing
Configure and monitor IoT devices at scale
Best practices for device configuration within an IoT solution
Retire: Replace or decommission devices after a failure, upgrade cycle, or at the end of the service lifetime.
Use the device twin to maintain device info if the physical device is being replaced, or archived if being
retired. Use the IoT Hub identity registry for securely revoking device identities and credentials.
Further reading:
How to use device twin properties
Manage device identities
Configuration: The back-end app uses the desired properties to configure software running on the device.
The device uses the reported properties to update configuration status of the device.
Firmware Update: The back-end app uses an automatic device management configuration to select the
devices to receive the update, to tell the devices where to find the update, and to monitor the update
process. The device initiates a multistep process to download, verify, and apply the firmware image, and
then reboot the device before reconnecting to the IoT Hub service. Throughout the multistep process, the
device uses the reported properties to update the progress and status of the device.
Reporting progress and status: The solution back end runs device twin queries, across a set of devices, to
report on the status and progress of actions running on the devices.
Next Steps
The capabilities, patterns, and code libraries that IoT Hub provides for device management, enable you to create
IoT applications that fulfill enterprise IoT operator requirements within each device lifecycle stage.
To continue learning about the device management features in IoT Hub, see the Get started with device
management tutorial.
Connecting IoT Devices to Azure: IoT Hub and Event
Hubs
2/22/2019 • 2 minutes to read • Edit Online
Azure provides services specifically developed for diverse types of connectivity and communication to help you
connect your data to the power of the cloud. Both Azure IoT Hub and Azure Event Hubs are cloud services that can
ingest large amounts of data and process or store that data for business insights. The two services are similar in
that they both support ingestion of data with low latency and high reliability, but they are designed for different
purposes. IoT Hub was developed to address the unique requirements of connecting IoT devices to the Azure
cloud while Event Hubs was designed for big data streaming. Microsoft recommends using Azure IoT Hub to
connect IoT devices to Azure
Azure IoT Hub is the cloud gateway that connects IoT devices to gather data and drive business insights and
automation. In addition, IoT Hub includes features that enrich the relationship between your devices and your
backend systems. Bi-directional communication capabilities mean that while you receive data from devices you can
also send commands and policies back to devices. For example, use cloud-to-device messaging to update
properties or invoke device management actions. Cloud-to-device communication also enables you to send cloud
intelligence to your edge devices with Azure IoT Edge. The unique device-level identity provided by IoT Hub helps
better secure your IoT solution from potential attacks.
Azure Event Hubs is the big data streaming service of Azure. It is designed for high throughput data streaming
scenarios where customers may send billions of requests per day. Event Hubs uses a partitioned consumer model
to scale out your stream and is integrated into the big data and analytics services of Azure including Databricks,
Stream Analytics, ADLS, and HDInsight. With features like Event Hubs Capture and Auto-Inflate, this service is
designed to support your big data apps and solutions. Additionally, IoT Hub uses Event Hubs for its telemetry flow
path, so your IoT solution also benefits from the tremendous power of Event Hubs.
To summarize, both solutions are designed for data ingestion at a massive scale. Only IoT Hub provides the rich
IoT-specific capabilities that are designed for you to maximize the business value of connecting your IoT devices to
the Azure cloud. If your IoT journey is just beginning, starting with IoT Hub to support your data ingestion
scenarios will assure that you have instant access to the full-featured IoT capabilities once your business and
technical needs require them.
The following table provides details about how the two tiers of IoT Hub compare to Event Hubs when you're
evaluating them for IoT capabilities. For more information about the standard and basic tiers of IoT Hub, see How
to choose the right IoT Hub tier.
IOT CAPABILITY IOT HUB STANDARD TIER IOT HUB BASIC TIER EVENT HUBS
Device-to-cloud messaging
Per-device identity
IOT CAPABILITY IOT HUB STANDARD TIER IOT HUB BASIC TIER EVENT HUBS
Cloud-to-device messaging
IoT Edge
Even if the only use case is device-to-cloud data ingestion, we highly recommend using IoT Hub as it provides a
service that is designed for IoT device connectivity.
Next steps
To further explore the capabilities of IoT Hub, see the IoT Hub developer guide.
Choose the right IoT Hub tier for your
solution
10/7/2019 • 5 minutes to read • Edit Online
Every IoT solution is different, so Azure IoT Hub offers several options based on pricing and scale.
This article is meant to help you evaluate your IoT Hub needs. For pricing information about IoT
Hub tiers, see IoT Hub pricing.
To decide which IoT Hub tier is right for your solution, ask yourself two questions:
What features do I plan to use?
Azure IoT Hub offers two tiers, basic and standard, that differ in the number of features they
support. If your IoT solution is based around collecting data from devices and analyzing it centrally,
then the basic tier is probably right for you. If you want to use more advanced configurations to
control IoT devices remotely or distribute some of your workloads onto the devices themselves,
then you should consider the standard tier. For a detailed breakdown of which features are included
in each tier continue to Basic and standard tiers.
How much data do I plan to move daily?
Each IoT Hub tier is available in three sizes, based around how much data throughput they can
handle in any given day. These sizes are numerically identified as 1, 2, and 3. For example, each unit
of a level 1 IoT hub can handle 400 thousand messages a day, while a level 3 unit can handle 300
million. For more details about the data guidelines, continue to Message throughput.
IoT Hub also offers a free tier that is meant for testing and evaluation. It has all the capabilities of
the standard tier, but limited messaging allowances. You cannot upgrade from the free tier to either
basic or standard.
Partitions
Azure IoT Hubs contain many core components of Azure Event Hubs, including Partitions. Event
streams for IoT Hubs are generally populated with incoming telemetry data that is reported by
various IoT devices. The partitioning of the event stream is used to reduce contentions that occur
when concurrently reading and writing to event streams.
The partition limit is chosen when IoT Hub is created, and cannot be changed. The maximum
partition limit for basic tier IoT Hub and standard tier IoT Hub is 32. Most IoT hubs only need 4
partitions. For more information on determining the partitions, see the Event Hubs FAQ How
many partitions do I need?
Tier upgrade
Once you create your IoT hub, you can upgrade from the basic tier to the standard tier without
interrupting your existing operations. For more information, see How to upgrade your IoT hub.
The partition configuration remains unchanged when you migrate from basic tier to standard tier.
NOTE
The free tier does not support upgrading to basic or standard.
Send module event AMQP and MQTT only AMQP and MQTT only
Message throughput
The best way to size an IoT Hub solution is to evaluate the traffic on a per-unit basis. In particular,
consider the required peak throughput for the following categories of operations:
Device-to-cloud messages
Cloud-to-device messages
Identity registry operations
Traffic is measured for your IoT hub on a per-unit basis. When you create an IoT hub, you choose
its tier and edition, and set the number of units available. You can purchase up to 200 units for the
B1, B2, S1, or S2 edition, or up to 10 units for the B3 or S3 edition. After your IoT hub is created,
you can change the number of units available within its edition, upgrade or downgrade between
editions within its tier (B1 to B2), or upgrade from the basic to the standard tier (B1 to S1) without
interrupting your existing operations. For more information, see How to upgrade your IoT hub.
As an example of each tier's traffic capabilities, device-to-cloud messages follow these sustained
throughput guidelines:
Device-to-cloud throughput is only one of the metrics you need to consider when designing an IoT
solution. For more comprehensive information, see IoT Hub quotas and throttles.
Identity registry operation throughput
IoT Hub identity registry operations are not supposed to be run-time operations, as they are mostly
related to device provisioning.
For specific burst performance numbers, see IoT Hub quotas and throttles.
Auto-scale
If you are approaching the allowed message limit on your IoT hub, you can use these steps to
automatically scale to increment an IoT Hub unit in the same IoT Hub tier.
Next steps
For more information about IoT Hub capabilities and performance details, see IoT Hub
pricing or IoT Hub quotas and throttles.
To change your IoT Hub tier, follow the steps in Upgrade your IoT hub.
IoT Hub high availability and disaster recovery
11/7/2019 • 10 minutes to read • Edit Online
As a first step towards implementing a resilient IoT solution, architects, developers, and business owners must
define the uptime goals for the solutions they're building. These goals can be defined primarily based on specific
business objectives for each scenario. In this context, the article Azure Business Continuity Technical Guidance
describes a general framework to help you think about business continuity and disaster recovery. The Disaster
recovery and high availability for Azure applications paper provides architecture guidance on strategies for Azure
applications to achieve High Availability (HA) and Disaster Recovery (DR ).
This article discusses the HA and DR features offered specifically by the IoT Hub service. The broad areas
discussed in this article are:
Intra-region HA
Cross region DR
Achieving cross region HA
Depending on the uptime goals you define for your IoT solutions, you should determine which of the options
outlined below best suit your business objectives. Incorporating any of these HA/DR alternatives into your IoT
solution requires a careful evaluation of the trade-offs between the:
Level of resiliency you require
Implementation and maintenance complexity
COGS impact
Intra-region HA
The IoT Hub service provides intra-region HA by implementing redundancies in almost all layers of the service.
The SLA published by the IoT Hub service is achieved by making use of these redundancies. No additional work is
required by the developers of an IoT solution to take advantage of these HA features. Although IoT Hub offers a
reasonably high uptime guarantee, transient failures can still be expected as with any distributed computing
platform. If you're just getting started with migrating your solutions to the cloud from an on-premises solution,
your focus needs to shift from optimizing "mean time between failures" to "mean time to recover". In other words,
transient failures are to be considered normal while operating with the cloud in the mix. Appropriate retry policies
must be built in to the components interacting with a cloud application to deal with transient failures.
NOTE
Some Azure services also provide additional layers of availability within a region by integrating with Availability Zones (AZs).
AZs are currently not supported by the IoT Hub service.
Cross region DR
There could be some rare situations when a datacenter experiences extended outages due to power failures or
other failures involving physical assets. Such events are rare during which the intra region HA capability described
above may not always help. IoT Hub provides multiple solutions for recovering from such extended outages.
The recovery options available to customers in such a situation are Microsoft-initiated failover and manual failover.
The fundamental difference between the two is that Microsoft initiates the former and the user initiates the latter.
Also, manual failover provides a lower recovery time objective (RTO ) compared to the Microsoft-initiated failover
option. The specific RTOs offered with each option are discussed in the sections below. When either of these
options to perform failover of an IoT hub from its primary region is exercised, the hub becomes fully functional in
the corresponding Azure geo-paired region.
Both these failover options offer the following recovery point objectives (RPOs):
1Cloud-to-device messages and parent jobs do not get recovered as a part of manual failover.
Once the failover operation for the IoT hub completes, all operations from the device and back-end applications
are expected to continue working without requiring a manual intervention. This means that your device-to-cloud
messages should continue to work, and the entire device registry is intact. Events emitted via Event Grid can be
consumed via the same subscription(s) configured earlier as long as those Event Grid subscriptions continue to be
available.
Cau t i on
The Event Hub-compatible name and endpoint of the IoT Hub built-in Events endpoint change after failover.
When receiving telemetry messages from the built-in endpoint using either the event hub client or event
processor host, you should use the IoT hub connection string to establish the connection. This ensures that
your back-end applications continue to work without requiring manual intervention post failover. If you use
the Event Hub-compatible name and endpoint in your back-end application directly, you will need to
reconfigure your application by fetching the new Event Hub-compatible name and endpoint after failover to
continue operations.
When routing to storage, we recommend listing the blobs or files and then iterating over them, to ensure all
blobs or files are read without making any assumptions of partition. The partition range could potentially
change during a Microsoft-initiated failover or manual failover. You can use the List Blobs API to enumerate
the list of blobs or List ADLS Gen2 API for the list of files.
Microsoft-initiated failover
Microsoft-initiated failover is exercised by Microsoft in rare situations to failover all the IoT hubs from an affected
region to the corresponding geo-paired region. This process is a default option (no way for users to opt out) and
requires no intervention from the user. Microsoft reserves the right to make a determination of when this option
will be exercised. This mechanism doesn't involve a user consent before the user's hub is failed over. Microsoft-
initiated failover has a recovery time objective (RTO ) of 2-26 hours.
The large RTO is because Microsoft must perform the failover operation on behalf of all the affected customers in
that region. If you are running a less critical IoT solution that can sustain a downtime of roughly a day, it is ok for
you to take a dependency on this option to satisfy the overall disaster recovery goals for your IoT solution. The
total time for runtime operations to become fully operational once this process is triggered, is described in the
"Time to recover" section.
Manual failover
If your business uptime goals aren't satisfied by the RTO that Microsoft initiated failover provides, consider using
manual failover to trigger the failover process yourself. The RTO using this option could be anywhere between 10
minutes to a couple of hours. The RTO is currently a function of the number of devices registered against the IoT
hub instance being failed over. You can expect the RTO for a hub hosting approximately 100,000 devices to be in
the ballpark of 15 minutes. The total time for runtime operations to become fully operational once this process is
triggered, is described in the "Time to recover" section.
The manual failover option is always available for use irrespective of whether the primary region is experiencing
downtime or not. Therefore, this option could potentially be used to perform planned failovers. One example usage
of planned failovers is to perform periodic failover drills. A word of caution though is that a planned failover
operation results in a downtime for the hub for the period defined by the RTO for this option, and also results in a
data loss as defined by the RPO table above. You could consider setting up a test IoT hub instance to exercise the
planned failover option periodically to gain confidence in your ability to get your end-to-end solutions up and
running when a real disaster happens.
IMPORTANT
Test drills should not be performed on IoT hubs that are being used in your production environments.
Manual failover should not be used as a mechanism to permanently migrate your hub between the Azure geo paired
regions. Doing so would cause an increased latency for the operations being performed against the hub from devices
homed in the old primary region.
Failback
Failing back to the old primary region can be achieved by triggering the failover action another time. If the original
failover operation was performed to recover from an extended outage in the original primary region, we
recommended that the hub should be failed back to the original location once that location has recovered from the
outage situation.
IMPORTANT
Users are only allowed to perform 2 successful failover and 2 successful failback operations per day.
Back to back failover/failback operations are not allowed. You must wait for 1 hour between these operations.
Time to recover
While the FQDN (and therefore the connection string) of the IoT hub instance remains the same post failover, the
underlying IP address changes. Therefore the overall time for the runtime operations being performed against
your IoT hub instance to become fully operational after the failover process is triggered can be expressed using the
following function.
Time to recover = RTO [10 min - 2 hours for manual failover | 2 - 26 hours for Microsoft-initiated failover] + DNS
propagation delay + Time taken by the client application to refresh any cached IoT Hub IP address.
IMPORTANT
The IoT SDKs do not cache the IP address of the IoT hub. We recommend that user code interfacing with the SDKs should
not cache the IP address of the IoT hub.
NOTE
IoT hub service is not a supported endpoint type in Azure Traffic Manager. The recommendation is to integrate the
proposed concierge service with Azure traffic manager by making it implement the endpoint health probe API.
Identity registry replication: To be usable, the secondary IoT hub must contain all device identities that
can connect to the solution. The solution should keep geo-replicated backups of device identities, and
upload them to the secondary IoT hub before switching the active endpoint for the devices. The device
identity export functionality of IoT Hub is useful in this context. For more information, see IoT Hub
developer guide - identity registry.
Merging logic: When the primary region becomes available again, all the state and data that have been
created in the secondary site must be migrated back to the primary region. This state and data mostly relate
to device identities and application metadata, which must be merged with the primary IoT hub and any
other application-specific stores in the primary region.
To simplify this step, you should use idempotent operations. Idempotent operations minimize the side-effects from
the eventual consistent distribution of events, and from duplicates or out-of-order delivery of events. In addition,
the application logic should be designed to tolerate potential inconsistencies or slightly out-of-date state. This
situation can occur due to the additional time it takes for the system to heal based on recovery point objectives
(RPO ).
Manual failover 10 min - 2 hours Refer RPO table Yes Very low. You None
above only need to
trigger this
operation from
the portal.
Cross region HA < 1 min Depends on the No High > 1x the cost of 1
replication IoT hub
frequency of your
custom HA
solution
Next steps
What is Azure IoT Hub?
Get started with IoT Hubs (Quickstart)
Tutorial: Perform manual failover for an IoT hub
How to clone an Azure IoT hub to another region
12/16/2019 • 24 minutes to read • Edit Online
This article explores ways to clone an IoT Hub and provides some questions you need to answer before you start.
Here are several reasons you might want to clone an IoT hub:
You are moving your company from one region to another, such as from Europe to North America (or vice
versa), and you want your resources and data to be geographically close to your new location, so you need
to move your hub.
You are setting up a hub for a development versus production environment.
You want to do a custom implementation of multi-hub high availability. For more information, see the How
to achieve cross region HA section of IoT Hub high availability and disaster recovery.
You want to increase the number of partitions configured for your hub. This is set when you first create your
hub, and can't be changed. You can use the information in this article to clone your hub and when the clone
is created, increase the number of partitions.
To clone a hub, you need a subscription with administrative access to the original hub. You can put the new hub in
a new resource group and region, in the same subscription as the original hub, or even in a new subscription. You
just can't use the same name because the hub name has to be globally unique.
NOTE
At this time, there's no feature available for cloning an IoT hub automatically. It's primarily a manual process, and thus is fairly
error-prone. The complexity of cloning a hub is directly proportional to the complexity of the hub. For example, cloning an
IoT hub with no message routing is fairly simple. If you add message routing as just one complexity, cloning the hub
becomes at least an order of magnitude more complicated. If you also move the resources used for routing endpoints, it's
another order of magniture more complicated.
Things to consider
There are several things to consider before cloning an IoT hub.
Make sure that all of the features available in the original location are also available in the new location.
Some services are in preview, and not all features are available everywhere.
Do not remove the original resources before creating and verifying the cloned version. Once you remove a
hub, it's gone forever, and there is no way to recover it to check the settings or data to make sure the hub is
replicated correctly.
Many resources require globally unique names, so you must use different names for the cloned versions.
You also should use a different name for the resource group to which the cloned hub belongs.
Data for the original IoT hub is not migrated. This includes telemetry messages, cloud-to-device (C2D )
commands, and job-related information such as schedules and history. Metrics and logging results are also
not migrated.
For data or messages routed to Azure Storage, you can leave the data in the original storage account,
transfer that data to a new storage account in the new region, or leave the old data in place and create a new
storage account in the new location for the new data. For more information on moving data in Blob storage,
see Get started with AzCopy.
Data for Event Hubs and for Service Bus Topics and Queues can't be migrated. This is point-in-time data
and is not stored after the messages are processed.
You need to schedule downtime for the migration. Cloning the devices to the new hub takes time. If you are
using the Import/Export method, benchmark testing has revealed that it could take around two hours to
move 500,000 devices, and four hours to move a million devices.
You can copy the devices to the new hub without shutting down or changing the devices.
If the devices were originally provisioned using DPS, re-provisioning them updates the connection
information stored in each device.
Otherwise, you have to use the Import/Export method to move the devices, and then the devices
have to be modified to use the new hub. For example, you can set up your device to consume the IoT
Hub host name from the twin desired properties. The device will take that IoT Hub host name,
disconnect the device from the old hub, and reconnect it to the new one.
You need to update any certificates you are using so you can use them with the new resources. Also, you
probably have the hub defined in a DNS table somewhere — you will need to update that DNS information.
Methodology
This is the general method we recommend for moving an IoT hub from one region to another. For message
routing, this assumes the resources are not being moved to the new region. For more information, see the section
on Message Routing.
1. Export the hub and its settings to a Resource Manager template.
2. Make the necessary changes to the template, such as updating all occurrences of the name and the location
for the cloned hub. For any resources in the template used for message routing endpoints, update the key in
the template for that resource.
3. Import the template into a new resource group in the new location. This creates the clone.
4. Debug as needed.
5. Add anything that wasn't exported to the template.
For example, consumer groups are not exported to the template. You need to add the consumer groups to
the template manually or use the Azure portal after the hub is created. There is an example of adding one
consumer group to a template in the article Use an Azure Resource Manager template to configure IoT Hub
message routing.
6. Copy the devices from the original hub to the clone. This is covered in the section Managing the devices
registered to the IoT hub.
4. Select Download to download the template. Save the file somewhere you can find it again.
View the template
1. Go to the Downloads folder (or to whichever folder you used when you exported the template) and find the
zip file. Open the zip file and find the file called template.json . Select it, then select Ctrl+C to copy the
template. Go to a different folder that's not in the zip file and paste the file (Ctrl+V ). Now you can edit it.
The following example is for a generic hub with no routing configuration. It is an S1 tier hub (with 1 unit)
called ContosoTestHub29358 in region westus. Here is the exported template.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"IotHubs_ContosoTestHub29358_name": {
"defaultValue": "ContosoTestHub29358",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('IotHubs_ContosoTestHub29358_name')]",
"location": "westus",
"sku": {
"name": "S1",
"tier": "Standard",
"capacity": 1
},
"properties": {
"operationsMonitoringProperties": {
"events": {
"None": "None",
"Connections": "None",
"DeviceTelemetry": "None",
"C2DCommands": "None",
"DeviceIdentityOperations": "None",
"FileUploadOperations": "None",
"Routes": "None"
}
},
},
"ipFilterRules": [],
"eventHubEndpoints": {
"events": {
"retentionTimeInDays": 1,
"partitionCount": 2,
"partitionIds": [
"0",
"1"
],
"path": "contosotesthub29358",
"endpoint": "sb://iothub-ns-contosotes-2227755-
92aefc8b73.servicebus.windows.net/"
},
"operationsMonitoringEvents": {
"retentionTimeInDays": 1,
"partitionCount": 2,
"partitionIds": [
"0",
"1"
],
"path": "contosotesthub29358-operationmonitoring",
"endpoint": "sb://iothub-ns-contosotes-2227755-
92aefc8b73.servicebus.windows.net/"
}
},
"routing": {
"endpoints": {
"serviceBusQueues": [],
"serviceBusTopics": [],
"eventHubs": [],
"storageContainers": []
},
"routes": [],
"fallbackRoute": {
"name": "$fallback",
"source": "DeviceMessages",
"condition": "true",
"endpointNames": [
"events"
],
"isEnabled": true
}
},
"storageEndpoints": {
"$default": {
"sasTtlAsIso8601": "PT1H",
"connectionString": "",
"containerName": ""
}
},
"messagingEndpoints": {
"fileNotifications": {
"lockDurationAsIso8601": "PT1M",
"ttlAsIso8601": "PT1H",
"maxDeliveryCount": 10
}
},
"enableFileUploadNotifications": false,
"cloudToDevice": {
"maxDeliveryCount": 10,
"defaultTtlAsIso8601": "PT1H",
"feedback": {
"lockDurationAsIso8601": "PT1M",
"ttlAsIso8601": "PT1H",
"maxDeliveryCount": 10
}
},
"features": "None"
}
}
}
]
}
"parameters": {
"IotHubs_ContosoTestHub29358_name": {
"defaultValue": "ContosoTestHub29358",
"type": "String"
}
},
2. Change the name to use the actual (new ) name rather than retrieving it from a parameter (which you
removed in the previous step).
For the new hub, use the name of the original hub plus the string clone to make up the new name. Start by
cleaning up the hub name and location.
Old version:
"name": "[parameters('IotHubs_ContosoTestHub29358_name')]",
"location": "westus",
New version:
"name": "ContosoTestHub29358clone",
"location": "eastus",
Next, you'll find that the values for path contain the old hub name. Change them to use the new one. These
are the path values under eventHubEndpoints called events and OperationsMonitoringEvents.
When you're done, your event hub endpoints section should look like this:
"eventHubEndpoints": {
"events": {
"retentionTimeInDays": 1,
"partitionCount": 2,
"partitionIds": [
"0",
"1"
],
"path": "contosotesthub29358clone",
"endpoint": "sb://iothub-ns-contosotes-2227755-92aefc8b73.servicebus.windows.net/"
},
"operationsMonitoringEvents": {
"retentionTimeInDays": 1,
"partitionCount": 2,
"partitionIds": [
"0",
"1"
],
"path": "contosotesthub29358clone-operationmonitoring",
"endpoint": "sb://iothub-ns-contosotes-2227755-92aefc8b73.servicebus.windows.net/"
}
Update the keys for the routing resources that are not being moved
When you export the Resource Manager template for a hub that has routing configured, you will see that the keys
for those resources are not provided in the exported template -- their placement is denoted by asterisks. You must
fill them in by going to those resources in the portal and retrieving the keys before you import the new hub's
template and create the hub.
1. Retrieve the keys required for any of the routing resources and put them in the template. You can retrieve
the key(s) from the resource in the Azure portal.
For example, if you are routing messages to a storage container, find the storage account in the portal.
Under the Settings section, select Access keys, then copy one of the keys. Here's what the key looks like
when you first export the template:
"connectionString": "DefaultEndpointsProtocol=https;
AccountName=fabrikamstorage1234;AccountKey=****",
"containerName": "fabrikamresults",
2. After you retrieve the account key for the storage account, put it in the template in the clause
AccountKey=**** in the place of the asterisks.
3. For service bus queues, get the Shared Access Key matching the SharedAccessKeyName. Here is the key
and the SharedAccessKeyName in the json:
"connectionString": "Endpoint=sb://fabrikamsbnamespace1234.servicebus.windows.net:5671/;
SharedAccessKeyName=iothubroutes_FabrikamResources;
SharedAccessKey=****;
EntityPath=fabrikamsbqueue1234",
4. The same applies for the Service Bus Topics and Event Hub connections.
Create the new routing resources in the new location
This section only applies if you are moving the resources used by the hub for the routing endpoints.
If you want to move the routing resources, you must manually set up the resources in the new location. You can
create the routing resources using the Azure portal, or by exporting the Resource Manager template for each of
the resources used by the message routing, editing them, and importing them. After the resources are set up, you
can import the hub's template (which includes the routing configuration).
1. Create each resource used by the routing. You can do this manually using the Azure portal, or create the
resources using Resource Manager templates. If you want to use templates, these are the steps to follow:
a. For each resource used by the routing, export it to a Resource Manager template.
b. Update the name and location of the resource.
c. Update any cross-references between the resources. For example, if you create a template for a new
storage account, you need to update the storage account name in that template and any other
template that references it. In most cases, the routing section in the template for the hub is the only
other template that references the resource.
d. Import each of the templates, which deploys each resource.
Once the resources used by the routing are set up and running, you can continue.
2. In the template for the IoT hub, change the name of each of the routing resources to its new name, and
update the location if needed.
Now you have a template that will create a new hub that looks almost exactly like the old hub, depending on how
you decided to handle the routing.
Move -- create the new hub in the new region by loading the template
Create the new hub in the new location using the template. If you have routing resources that are going to move,
the resources should be set up in the new location and the references in the template updated to match. If you are
not moving the routing resources, they should be in the template with the updated keys.
1. Sign into the Azure portal.
2. Select Create a resource.
3. In the search box, put in "template deployment" and select Enter.
4. Select template deployment (deploy using custom templates). This takes you to a screen for the
Template deployment. Select Create. You see this screen:
5. Select Build your own template in the editor, which enables you to upload your template from a file.
6. Select Load file.
7. Browse for the new template you edited and select it, then select Open. It loads your template in the edit
window. Select Save.
8. Fill in the following fields.
Subscription: select the subscription to use.
Resource group: create a new resource group in a new location. If you already have a new one set up, you
can select it instead of creating a new one.
Location: If you selected an existing resource group, this is filled in for you to match the location of the
resource group. If you created a new resource group, this will be its location.
I agree checkbox: this basically says that you agree to pay for the resource(s) you're creating.
9. Select the Purchase button.
The portal now validates your template and deploys your cloned hub. If you have routing configuration data, it will
be included in the new hub, but will point at the resources in the prior location.
// Add 1000 devices, don't copy them to the other hub, or delete them.
// The first argument is true, numToAdd is 50, and the other arguments are false.
dotnet run true 1000 false false false
// Copy the devices you just added to the other hub; don't delete anything.
// The first argument is false, numToAdd is 0, copy-devices is true, and the delete arguments are both
false
dotnet run false 0 true false false
4. For the IoT hub connection strings, go to each hub in the portal. You can search in Resources for the hub. If
you know the Resource Group, you can go to Resource groups, select your resource group, and then select
the hub from the list of assets in that resource group.
5. Select Shared access policies from the Settings for the hub, then select iothubowner and copy one of the
connection strings. Do the same for the destination hub. Add them to the appropriate SET commands.
6. For the storage account connection string, find the storage account in Resources or under its Resource
group and open it.
7. Under the Settings section, select Access keys and copy one of the connection strings. Put the connection
string in your text file for the appropriate SET command.
Now you have the environment variables in a file with the SET commands, and you know what your command-
line arguments are. Let's run the sample.
Running the sample application and using command-line arguments
1. Open a command prompt window. Select Windows and type in command prompt to get the command
prompt window.
2. Copy the commands that set the environment variables, one at a time, and paste them into the command
prompt window and select Enter. When you're finished, type SET in the command prompt window to see
your environment variables and their values. Once you've copied these into the command prompt window,
you don't have to copy them again, unless you open a new command prompt window.
3. In the command prompt window, change directories until you are in ./ImportExportDevicesSample (where
the ImportExportDevicesSample.csproj file exists). Then type the following, and include your command-line
arguments.
The dotnet command builds and runs the application. Because you are passing in the options when you run
the application, you can change the values of them each time you run the application. For example, you may
want to run it once and create new devices, then run it again and copy those devices to a new hub, and so
on. You can also perform all the steps in the same run, although we recommend not deleting any devices
until you are certain you are finished with the cloning. Here is an example that creates 1000 devices and
then copies them to the other hub.
// Add 1000 devices, don't copy them to the other hub or delete them.
dotnet run true 1000 false false false
// Do not add any devices. Copy the ones you just created to the other hub; don't delete anything.
dotnet run false 0 true false false
After you verify that the devices were copied successfully, you can remove the devices from the source hub
like this:
IoTHubServiceSamples.sln
4. Select F5 to run the application. After it finishes running, you can view the results.
View the results
You can view the devices in the Azure portal and verify they are in the new location.
1. Go to the new hub using the Azure portal. Select your hub, then select IoT Devices. You see the devices
you just copied from the old hub to the cloned hub. You can also view the properties for the cloned hub.
2. Check for import/export errors by going to the Azure storage account in the Azure portal and looking in the
devicefiles container for the ImportErrors.log . If this file is empty (the size is 0 ), there were no errors. If
you try to import the same device more than once, it rejects the device the second time and adds an error
message to the log file.
Committing the changes
At this point, you have copied your hub to the new location and migrated the devices to the new clone. Now you
need to make changes so the devices work with the cloned hub.
To commit the changes, here are the steps you need to perform:
Update each device to change the IoT Hub host name to point the IoT Hub host name to the new hub. You
should do this using the same method you used when you first provisioned the device.
Change any applications you have that refer to the old hub to point to the new hub.
After you're finished, the new hub should be up and running. The old hub should have no active devices and
be in a disconnected state.
Rolling back the changes
If you decide to roll back the changes, here are the steps to perform:
Update each device to change the IoT Hub Hostname to point the IoT Hub Hostname for the old hub. You
should do this using the same method you used when you first provisioned the device.
Change any applications you have that refer to the new hub to point to the old hub. For example, if you are
using Azure Analytics, you may need to reconfigure your Azure Stream Analytics input.
Delete the new hub.
If you have routing resources, the configuration on the old hub should still point to the correct routing
configuration, and should work with those resources after the hub is restarted.
Checking the results
To check the results, change your IoT solution to point to your hub in the new location and run it. In other words,
perform the same actions with the new hub that you performed with the previous hub and make sure they work
correctly.
If you have implemented routing, test and make sure your messages are routed to the resources correctly.
Clean-up
Don't clean up until you are really certain the new hub is up and running and the devices are working correctly.
Also be sure to test the routing if you are using that feature. When you're ready, clean up the old resources by
performing these steps:
If you haven't already, delete the old hub. This removes all of the active devices from the hub.
If you have routing resources that you moved to the new location, you can delete the old routing resources.
Next steps
You have cloned an IoT hub into a new hub in a new region, complete with the devices. For more information
about performing bulk operations against the identity registry in an IoT Hub, see Import and export IoT Hub
device identities in bulk.
For more information about IoT Hub and development for the hub, please see the following articles.
IoT Hub developer's guide
IoT Hub routing tutorial
IoT Hub device management overview
If you want to deploy the sample application, please see .NET Core application deployment.
IoT Hub IP addresses
12/31/2019 • 2 minutes to read • Edit Online
The IP address prefixes of IoT Hub public endpoints are published periodically under the AzureIoTHub service tag.
You may use these IP address prefixes to control connectivity between IoT Hub and your devices or network assets
in order to implement a variety of network isolation goals:
Ensure your devices and services Device-to-cloud, and cloud-to-device Use AzureIoTHub and EventHub service
communicate with IoT Hub endpoints messaging, direct methods, device and tags to discover IoT Hub, and Event
only module twins and device streams Hub IP address prefixes and configure
ALLOW rules on your devices' and
services' firewall setting for those IP
address prefixes accordingly; drop traffic
to other destination IP addresses you
do not want the devices or services to
communicate with.
Ensure your IoT Hub device endpoint Device-to-cloud, and cloud-to-device Use IoT Hub IP filter feature to allow
receives connections only from your messaging, direct methods, device and connections from your devices and
devices and network assets module twins and device streams network asset IP addresses (see
limitations section).
Ensure your routes' custom endpoint Message routing Follow your resource's guidance on
resources (storage accounts, service bus restrict connectivity (for example via
and event hubs) are reachable from firewall rules, private links, or service
your network assets only endpoints); use AzureIoTHub service
tags to discover IoT Hub IP address
prefixes and add ALLOW rules for those
IP prefixes on your resource's firewall
configuration (see limitations section).
Best practices
When adding ALLOW rules in your devices' firewall configuration, it is best to provide specific ports used by
applicable protocols.
The IP address prefixes of IoT hub are subject to change. These changes are published periodically via
service tags before taking effect. It is therefore important that you develop processes to regularly retrieve
and use the latest service tags. This process can be automated via the service tags discovery API .
Use the AzureIoTHub.[region name] tag to identify IP prefixes used by IoT hub endpoints in a specific
region. To account for datacenter disaster recovery, or regional failover ensure connectivity to IP prefixes of
your IoT Hub's geo-pair region is also enabled.
Azure IoT Hub natively supports communication over the MQTT, AMQP, and HTTPS protocols. In some cases,
devices or field gateways might not be able to use one of these standard protocols and require protocol
adaptation. In such cases, you can use a custom gateway. A custom gateway enables protocol adaptation for IoT
Hub endpoints by bridging the traffic to and from IoT Hub. You can use the Azure IoT protocol gateway as a
custom gateway to enable protocol adaptation for IoT Hub.
Next steps
To learn more about the Azure IoT protocol gateway and how to use and deploy it as part of your IoT solution, see:
Azure IoT protocol gateway repository on GitHub
Azure IoT protocol gateway developer guide
To learn more about planning your IoT Hub deployment, see:
Compare with Event Hubs
Scaling, high availability, and disaster recovery
IoT Hub developer guide
Compare message routing and Event Grid for IoT
Hub
11/11/2019 • 5 minutes to read • Edit Online
Azure IoT Hub provides the capability to stream data from your connected devices and integrate that data into
your business applications. IoT Hub offers two methods for integrating IoT events into other Azure services or
business applications. This article discusses the two features that provide this capability, so that you can choose
which option is best for your scenario.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
IoT Hub message routing: This IoT Hub feature enables users to route device-to-cloud messages to service
endpoints like Azure Storage containers, Event Hubs, Service Bus queues, and Service Bus topics. Routing also
provides a querying capability to filter the data before routing it to the endpoints. In addition to device telemetry
data, you can also send non-telemetry events that can be used to trigger actions.
IoT Hub integration with Event Grid: Azure Event Grid is a fully managed event routing service that uses a
publish-subscribe model. IoT Hub and Event Grid work together to integrate IoT Hub events into Azure and non-
Azure services, in near-real time. IoT Hub publishes both device events and telemetry events.
Differences
While both message routing and Event Grid enable alert configuration, there are some key differences between
the two. Refer to the following table for details:
FEATURE IOT HUB MESSAGE ROUTING IOT HUB INTEGRATION WITH EVENT GRID
Device messages and events Yes, message routing can be used for Yes, Event Grid can be used for
telemetry data, report device twin telemetry data but can also report
changes, device lifecycle events, and when devices are created, deleted,
digital twin change events (part of the connected, and disconnected from IoT
IoT Plug and Play public preview). Hub
Ordering Yes, ordering of events is maintained. No, order of events is not guaranteed.
Filtering Rich filtering on message application Filtering based on event type, subject
properties, message system properties, type and attributes in each event. For
message body, device twin tags, and examples, see Understand filtering
device twin properties. Filtering isn't events in Event Grid Subscriptions.
applied to digital twin change events. When subscribing to telemetry events,
For examples, see Message Routing you can apply additional filters on the
Query Syntax. data to filter on message properties,
message body and device twin in your
IoT Hub, before publishing to Event
Grid. See how to filter events.
FEATURE IOT HUB MESSAGE ROUTING IOT HUB INTEGRATION WITH EVENT GRID
Cost There is no separate charge for There is no charge from IoT Hub. Event
message routing. Only ingress of Grid offers the first 100,000 operations
telemetry into IoT Hub is charged. For per month for free, and then $0.60 per
example, if you have a message routed million operations afterwards.
to three different endpoints, you are
billed for only one message.
Similarities
IoT Hub message routing and Event Grid have similarities too, some of which are detailed in the following table:
FEATURE IOT HUB MESSAGE ROUTING IOT HUB INTEGRATION WITH EVENT GRID
Reliability High: Delivers each message to the High: Delivers each message to the
endpoint at least once for each route. webhook at least once for each
Expires all messages that are not subscription. Expires all events that are
delivered within one hour. not delivered within 24 hours.
Send to multiple endpoints Yes, send a single message to multiple Yes, send a single message to multiple
endpoints. endpoints.
Security Iot Hub provides per-device identity Event Grid provides validation at three
and revocable access control. For more points: event subscriptions, event
information, see the IoT Hub access publishing, and webhook event delivery.
control. For more information, see Event Grid
security and authentication.
How to choose
IoT Hub message routing and the IoT Hub integration with Event Grid perform different actions to achieve similar
results. They both take information from your IoT Hub solution and pass it on so that other services can react. So
how do you decide which one to use? Consider the following questions to help guide your decision:
What kind of data are you sending to the endpoints?
Use IoT Hub message routing when you have to send telemetry data to other services. Message routing
also enables querying message application and system properties, message body, device twin tags, and
device twin properties.
The IoT Hub integration with Event Grid works with events that occur in the IoT Hub service. These IoT Hub
events include telemetry data, device created, deleted, connected, and disconnected. When subscribing to
telemetry events, you can apply additional filters on the data to filter on message properties, message body
and device twin in your IoT Hub, before publishing to Event Grid. See how to filter events.
What endpoints need to receive this information?
IoT Hub message routing supports limited number of unique endpoints and endpoint types, but you can
build connectors to reroute the data and events to additional endpoints. For a complete list of supported
endpoints, see the table in the previous section.
The IoT Hub integration with Event Grid supports 500 endpoints per IoT Hub and a larger variety of
endpoint types. It natively integrates with Azure Functions, Logic Apps, Storage and Service Bus queues,
and also works with webhooks to extend sending data outside of the Azure service ecosystem and into
third-party business applications.
Does it matter if your data arrives in order?
IoT Hub message routing maintains the order in which messages are sent, so that they arrive in the same
way.
Event Grid does not guarantee that endpoints will receive events in the same order that they occurred. For
those cases in which absolute order of messages is significant and/or in which a consumer needs a
trustworthy unique identifier for messages, we recommend using message routing.
Next steps
Learn more about IoT Hub Message Routing and the IoT Hub endpoints.
Learn more about Azure Event Grid.
To learn how to create Message Routes, see the Process IoT Hub device-to-cloud messages using routes
tutorial.
Try out the Event Grid integration by Sending email notifications about Azure IoT Hub events using Logic Apps.
Best practices for device configuration within an IoT
solution
11/8/2019 • 6 minutes to read • Edit Online
Automatic device management in Azure IoT Hub automates many repetitive and complex tasks of managing large
device fleets over the entirety of their lifecycles. This article defines many of the best practices for the various roles
involved in developing and operating an IoT solution.
IoT hardware manufacturer/integrator: Manufacturers of IoT hardware, integrators assembling
hardware from various manufacturers, or suppliers providing hardware for an IoT deployment
manufactured or integrated by other suppliers. Involved in development and integration of firmware,
embedded operating systems, and embedded software.
IoT solution developer: The development of an IoT solution is typically done by a solution developer.
This developer may be part of an in-house team or a system integrator specializing in this activity. The IoT
solution developer can develop various components of the IoT solution from scratch, integrate various
standard or open-source components, or customize an IoT solution accelerator.
IoT solution operator: After the IoT solution is deployed, it requires long-term operations, monitoring,
upgrades, and maintenance. These tasks can be done by an in-house team that consists of information
technology specialists, hardware operations and maintenance teams, and domain specialists who monitor
the correct behavior of the overall IoT infrastructure.
Next steps
Learn about implementing device twins in Understand and use device twins in IoT Hub.
Walk through the steps to create, update, or delete an automatic device configuration in Configure and
monitor IoT devices at scale.
Implement a firmware update pattern using device twins and automatic device configurations in Tutorial:
Implement a device firmware update process.
Azure IoT Device SDKs Platform Support
11/8/2019 • 5 minutes to read • Edit Online
Microsoft strives to continually expand the universe of Azure IoT Hub capable devices. Microsoft publishes open-
source device SDKs on GitHub to help connect devices to Azure IoT Hub and the Device Provisioning Service. The
device SDKs are available for C, .NET (C#), Java, Node.js, and Python. Microsoft tests each SDK to ensure that it
runs on the supported configurations detailed for it in the Microsoft SDKs and device platform support section.
In addition to the device SDKs, Microsoft provides several other avenues to empower customers and developers to
connect their devices to Azure IoT:
Microsoft collaborates with several partner companies to help them publish development kits, based on the
Azure IoT C SDK, for their hardware platforms.
Microsoft works with Microsoft trusted partners to provide an ever-expanding set of devices that have been
tested and certified for Azure IoT. For a current list of these devices, see the Azure certified for IoT device
catalog.
Microsoft provides a platform abstraction layer (PAL ) in the Azure IoT Hub Device C SDK that helps
developers to easily port the SDK to their platform. To learn more, see the C SDK porting guidance.
This topic provides information about the Microsoft SDKs and the platform configurations they support, as well as
each of the other options listed above.
Python SDK
The Azure IoT Hub Python device SDK is tested with and supports the following configurations.
OS COMPILER
*Only Python version 3.5.3 or later support the asynchronous APIs, we recommend using 3.7 or later.
.NET SDK
The Azure IoT Hub .NET (C#) device SDK is tested with and supports the following configurations.
OS STANDARD
Windows 10 Desktop and Server SKUs .NET Core 2.1, .NET Framework 4.5.1, or .NET Framework 4.7
The .NET SDK can also be used with Windows IoT Core with the Azure Device Agent or a custom NTService that
can use RPC to communicate with UWP applications.
Node.js SDK
The Azure IoT Hub Node.js device SDK is tested with and supports the following configurations.
OS NODE VERSION
Java SDK
The Azure IoT Hub Java device SDK is tested with and supports the following configurations.
OS JAVA VERSION
Qualcomm Qualcomm MDM9206 LTE Qualcomm LTE for IoT SDK Forum
IoT Modem
Texas Instruments CC3220SF LaunchPad Azure IoT Plugin for TI E2E Forum
CC3220S LaunchPad SimpleLink TI E2E Forum for CC3220
CC3235SF LaunchPad TI E2E Forum for MSP432E4
CC3235S LaunchPad
MSP432E4 LaunchPad
Next steps
Device and service SDKs
Porting Guidance
IoT Hub Device Streams (preview)
11/8/2019 • 9 minutes to read • Edit Online
Azure IoT Hub device streams facilitate the creation of secure bi-directional TCP tunnels for a variety of cloud-
to-device communication scenarios. A device stream is mediated by an IoT Hub streaming endpoint which acts
as a proxy between your device and service endpoints. This setup, depicted in the diagram below, is especially
useful when devices are behind a network firewall or reside inside of a private network. As such, IoT Hub
device streams help address customers' need to reach IoT devices in a firewall-friendly manner and without the
need to broadly opening up incoming or outgoing network firewall ports.
Using IoT Hub device streams, devices remain secure and will only need to open up outbound TCP
connections to IoT hub's streaming endpoint over port 443. Once a stream is established, the service-side and
device-side applications will each have programmatic access to a WebSocket client object to send and receive
raw bytes to one another. The reliability and ordering guarantees provided by this tunnel is on par with TCP.
Benefits
IoT Hub device streams provide the following benefits:
Firewall-friendly secure connectivity: IoT devices can be reached from service endpoints without
opening of inbound firewall port at the device or network perimeters (only outbound connectivity to IoT
Hub is needed over port 443).
Authentication: Both device and service sides of the tunnel need to authenticate with IoT Hub using
their corresponding credentials.
Encryption: By default, IoT Hub device streams use TLS -enabled connections. This ensures that the
traffic is always encrypted regardless of whether the application uses encryption or not.
Simplicity of connectivity: In many cases, the use of device streams eliminates the need for complex
setup of Virtual Private Networks to enable connectivity to IoT devices.
Compatibility with TCP/IP stack: IoT Hub device streams can accommodate TCP/IP application
traffic. This means that a wide range of proprietary as well as standards-based protocols can leverage
this feature.
Ease of use in private network setups: Service can communicate with a device by referencing its
device ID, rather than device's IP address. This is useful in situations where a device is located inside a
private network and has a private IP address, or its IP address is assigned dynamically and is unknown
to the service side.
1. The device application registers a callback in advance to be notified of when a new device stream is
initiated to the device. This step typically takes place when the device boots up and connects to IoT Hub.
2. The service-side program initiates a device stream when needed by providing the device ID (not the IP
address).
3. IoT hub notifies the device-side program by invoking the callback registered in step 1. The device may
accept or reject the stream initiation request. This logic can be specific to your application scenario. If the
stream request is rejected by the device, IoT Hub informs the service accordingly; otherwise, the steps
below follow.
4. The device creates a secure outbound TCP connection to the streaming endpoint over port 443 and
upgrades the connection to a WebSocket. The URL of the streaming endpoint as well as the credentials
to use to authenticate are both provided to the device by IoT Hub as part of the request sent in step 3.
5. The service is notified of the result of device accepting the stream and proceeds to create its own
WebSocket client to the streaming endpoint. Similarly, it receives the streaming endpoint URL and
authentication information from IoT Hub.
In the handshake process above:
The handshake process must complete within 60 seconds (step 2 through 5), otherwise the handshake
would fail with a timeout and the service will be notified accordingly.
After the stream creation flow above completes, the streaming endpoint will act as a proxy and will
transfer traffic between the service and the device over their respective WebSockets.
Device and service both need outbound connectivity to IoT Hub's main endpoint as well as the
streaming endpoint over port 443. The URL of these endpoints is available on Overview tab on the IoT
Hub's portal.
The reliability and ordering guarantees of an established stream is on par with TCP.
All connections to IoT Hub and streaming endpoint use TLS and are encrypted.
Termination flow
An established stream terminates when either of the TCP connections to the gateway are disconnected (by the
service or device). This can take place voluntarily by closing the WebSocket on either the device or service
programs, or involuntarily in case of a network connectivity timeout or process failure. Upon termination of
either device or service's connection to the streaming endpoint, the other TCP connection will also be
(forcefully) terminated and the service and device are responsible to re-create the stream, if needed.
Connectivity Requirements
Both the device and the service sides of a device stream must be capable of establishing TLS -enabled
connections to IoT Hub and its streaming endpoint. This requires outbound connectivity over port 443 to these
endpoints. The hostname associated with these endpoints can be found on the Overview tab of IoT Hub, as
shown in the figure below:
Alternatively, the endpoints information can be retrieved using Azure CLI under the hub's properties section,
specifically, property.hostname and property.deviceStreams keys.
The output is a JSON object of all endpoints that your hub's device and service may need to connect to in
order to establish a device stream.
{
"streamingEndpoints": [
"https://<YourIoTHubName>.<region-stamp>.streams.azure-devices.net"
]
}
NOTE
Ensure you have installed Azure CLI version 2.0.57 or newer. You can download the latest version from the Install Azure
CLI page.
Allow outbound connectivity to the device streaming endpoints
As mentioned at the beginning of this article, your device creates an outbound connection to IoT Hub
streaming endpoint during device streams initiation process. Your firewalls on the device or its network must
allow outbound connectivity to the streaming gateway over port 443 (note that communication takes place
over a WebSocket connection that is encrypted using TLS ).
The hostname of device streaming endpoint can be found on the Azure IoT Hub portal under the Overview
tab.
NOTE
Ensure you have installed Azure CLI version 2.0.57 or newer. You can download the latest version from the Install Azure
CLI page.
SDK Availability
Two sides of each stream (on the device and service side) use the IoT Hub SDK to establish the tunnel. During
public preview, customers can choose from the following SDK languages:
The C and C# SDK's support device streams on the device side.
The NodeJS and C# SDK support device streams on the service side.
1. The user runs service-local proxy to initiate a device stream to the device.
2. The device-local proxy accepts the stream initiation request and the tunnel is established to IoT Hub's
streaming endpoint (as discussed above).
3. The device-local proxy connects to the SSH daemon endpoint listening on port 22 on the device.
4. The service-local proxy listens on a designated port awaiting new SSH connections from the user (port
2222 used in the sample, but this can be configured to any other available port). The user points the
SSH client to the service-local proxy port on localhost.
Notes
The above steps complete an end-to-end tunnel between the SSH client (on the right) to the SSH
daemon (on the left). Part of this end-to-end connectivity involves sending traffic over a device stream to
IoT Hub.
The arrows in the figure indicate the direction in which connections are established between endpoints.
Specifically, note that there is no inbound connections going to the device (this is often blocked by a
firewall).
The choice of using port 2222 on the service-local proxy is an arbitrary choice. The proxy can be
configured to use any other available port.
The choice of port 22 is protocol-dependent and specific to SSH in this case. For the case of RDP, the
port 3389 must be used. This can be configured in the provided sample programs.
Use the links below for instructions on how to run the local proxy programs in your language of choice. Similar
to the echo sample, you can run device- and service-local proxy programs in different languages as they are
fully interoperable.
C# service and service program
Node.js service program
C device program
Next steps
Use the links below to learn more about device streams.
Device streams on IoT show (Channel 9)
Azure IoT Hub developer guide
3/5/2019 • 3 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that helps enable reliable and secure bi-directional communications
between millions of devices and a solution back end.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How
to choose the right IoT Hub tier.
When sending information from the device app to the solution back end, IoT Hub exposes three options:
Device-to-cloud messages for time series telemetry and alerts.
Device twin's reported properties for reporting device state information such as available capabilities,
conditions, or the state of long-running workflows. For example, configuration and software updates.
File uploads for media files and large telemetry batches uploaded by intermittently connected devices or
compressed to save bandwidth.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
Scenario Telemetry time series and Available capabilities and Media files. Large (typically
alerts. For example, 256-KB conditions. For example, the compressed) telemetry
sensor data batches sent current device connectivity batches.
every 5 minutes. mode such as cellular or
WiFi. Synchronizing long-
running workflows, such as
configuration and software
updates.
Storage and retrieval Temporarily stored by IoT Stored by IoT Hub in the Stored in user-provided
Hub, up to 7 days. Only device twin. Retrievable Azure Storage account.
sequential reading. using the IoT Hub query
language.
Frequency High. For more information, Medium. For more Low. For more information,
see IoT Hub limits. information, see IoT Hub see IoT Hub limits.
limits.
Protocol Available on all protocols. Available using MQTT or Available when using any
AMQP. protocol, but requires HTTPS
on the device.
An application may need to send information both as a telemetry time series or alert and make it available in the
device twin. In this scenario, you can choose one of the following options:
The device app sends a device-to-cloud message and reports a property change.
The solution back end can store the information in the device twin's tags when it receives the message.
Since device-to-cloud messages enable a much higher throughput than device twin updates, it is sometimes
desirable to avoid updating the device twin for every device-to-cloud message.
Cloud-to-device communications guidance
2/28/2019 • 2 minutes to read • Edit Online
IoT Hub provides three options for device apps to expose functionality to a back-end app:
Direct methods for communications that require immediate confirmation of the result. Direct methods are
often used for interactive control of devices such as turning on a fan.
Twin's desired properties for long-running commands intended to put the device into a certain desired
state. For example, set the telemetry send interval to 30 minutes.
Cloud-to-device messages for one-way notifications to the device app.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Data flow Two-way. The device app One-way. The device app One-way. The device app
can respond to the method receives a notification with receives the message
right away. The solution the property change.
back end receives the
outcome contextually to the
request.
Durability Disconnected devices are Property values are Messages can be retained
not contacted. The solution preserved in the device twin. by IoT Hub for up to 48
back end is notified that the Device will read it at next hours.
device is not connected. reconnection. Property
values are retrievable with
the IoT Hub query
language.
Targets Single device using Single device using Single device by deviceId.
deviceId, or multiple deviceId, or multiple
devices using jobs. devices using jobs.
Frequency High. For more information, Medium. For more Low. For more information,
see IoT Hub limits. information, see IoT Hub see IoT Hub limits.
limits.
DIRECT METHODS TWIN'S DESIRED PROPERTIES CLOUD-TO-DEVICE MESSAGES
Protocol Available using MQTT or Available using MQTT or Available on all protocols.
AMQP. AMQP. Device must poll when using
HTTPS.
Learn how to use direct methods, desired properties, and cloud-to-device messages in the following tutorials:
Use direct methods
Use desired properties to configure devices
Send cloud-to-device messages
Send device-to-cloud and cloud-to-device
messages with IoT Hub
2/28/2019 • 2 minutes to read • Edit Online
IoT Hub allows for bi-directional communication with your devices. Use IoT Hub messaging to communicate
with your devices by sending messages from your devices to your solutions back end and sending commands
from your IoT solutions back end to your devices. Learn more about the IoT Hub message format.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How
to choose the right IoT Hub tier.
Core properties of IoT Hub messaging functionality are the reliability and durability of messages. These
properties enable resilience to intermittent connectivity on the device side, and to load spikes in event
processing on the cloud side. IoT Hub implements at least once delivery guarantees for both device-to-cloud
and cloud-to-device messaging.
Next steps
Learn about IoT Hub message routing.
Learn about IoT Hub cloud-to-device messaging.
Use IoT Hub message routing to send device-to-
cloud messages to different endpoints
11/7/2019 • 9 minutes to read • Edit Online
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management,
are only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers,
see How to choose the right IoT Hub tier.
Message routing enables you to send messages from your devices to cloud services in an automated,
scalable, and reliable manner. Message routing can be used for:
Sending device telemetry messages as well as events namely, device lifecycle events, and device
twin change events to the built-in-endpoint and custom endpoints. Learn about routing endpoints.
Filtering data before routing it to various endpoints by applying rich queries. Message routing
allows you to query on the message properties and message body as well as device twin tags and
device twin properties. Learn more about using queries in message routing.
IoT Hub needs write access to these service endpoints for message routing to work. If you configure your
endpoints through the Azure portal, the necessary permissions are added for you. Make sure you configure
your services to support the expected throughput. For example, if you are using Event Hubs as a custom
endpoint, you must configure the throughput units for that event hub so it can handle the ingress of events
you plan to send via IoT Hub message routing. Similarly, when using a Service Bus Queue as an endpoint,
you must configure the maximum size to ensure the queue can hold all the data ingressed, until it is
egressed by consumers. When you first configure your IoT solution, you may need to monitor your
additional endpoints and make any necessary adjustments for the actual load.
The IoT Hub defines a common format for all device-to-cloud messaging for interoperability across
protocols. If a message matches multiple routes that point to the same endpoint, IoT Hub delivers message
to that endpoint only once. Therefore, you don't need to configure deduplication on your Service Bus queue
or topic. In partitioned queues, partition affinity guarantees message ordering. Use this tutorial to learn how
to configure message routing.
Routing endpoints
An IoT hub has a default built-in-endpoint (messages/events) that is compatible with Event Hubs. You can
create custom endpoints to route messages to by linking other services in your subscription to the IoT Hub.
Each message is routed to all endpoints whose routing queries it matches. In other words, a message can be
routed to multiple endpoints.
IoT Hub currently supports the following services as custom endpoints:
Built-in endpoint
You can use standard Event Hubs integration and SDKs to receive device-to-cloud messages from the built-
in endpoint (messages/events). Once a Route is created, data stops flowing to the built-in-endpoint unless
a Route is created to that endpoint.
Azure Storage
There are two storage services IoT Hub can route messages to -- Azure Blob Storage and Azure Data Lake
Storage Gen2 (ADLS Gen2) accounts. Azure Data Lake Storage accounts are hierarchical namespace-
enabled storage accounts built on top of blob storage. Both of these use blobs for their storage.
IoT Hub supports writing data to Azure Storage in the Apache Avro format as well as in JSON format. The
default is AVRO. The encoding format can be only set when the blob storage endpoint is configured. The
format cannot be edited for an existing endpoint. When using JSON encoding, you must set the contentType
to application/json and contentEncoding to UTF-8 in the message system properties. Both of these values
are case-insensitive. If the content encoding is not set, then IoT Hub will write the messages in base 64
encoded format. You can select the encoding format using the IoT Hub Create or Update REST API,
specifically the RoutingStorageContainerProperties, the Azure portal, Azure CLI, or the Azure Powershell.
The following diagram shows how to select the encoding format in the Azure portal.
IoT Hub batches messages and writes data to storage whenever the batch reaches a certain size or a certain
amount of time has elapsed. IoT Hub defaults to the following file naming convention:
{iothub}/{partition}/{YYYY}/{MM}/{DD}/{HH}/{mm}
You may use any file naming convention, however you must use all listed tokens. IoT Hub will write to an
empty blob if there is no data to write.
We recommend listing the blobs or files and then iterating over them, to ensure all blobs or files are read
without making any assumptions of partition. The partition range could potentially change during a
Microsoft-initiated failover or IoT Hub manual failover. You can use the List Blobs API to enumerate the list
of blobs or List ADLS Gen2 API for the list of files. Please see the following sample as guidance.
To create an Azure Data Lake Gen2-compatible storage account, create a new V2 storage account and select
enabled on the Hierarchical namespace field on the Advanced tab as shown in the following image:
Fallback route
The fallback route sends all the messages that don't satisfy query conditions on any of the existing routes to
the built-in-Event Hubs (messages/events), that is compatible with Event Hubs. If message routing is
turned on, you can enable the fallback route capability. Once a route is created, data stops flowing to the
built-in-endpoint, unless a route is created to that endpoint. If there are no routes to the built-in-endpoint
and a fallback route is enabled, only messages that don't match any query conditions on routes will be sent
to the built-in-endpoint. Also, if all existing routes are deleted, fallback route must be enabled to receive all
data at the built-in-endpoint.
You can enable/disable the fallback route in the Azure portal->Message Routing blade. You can also use
Azure Resource Manager for FallbackRouteProperties to use a custom endpoint for fallback route.
Non-telemetry events
In addition to device telemetry, message routing also enables sending device twin change events, device
lifecycle events, and digital twin change events (in public preview ). For example, if a route is created with data
source set to device twin change events, IoT Hub sends messages to the endpoint that contain the change
in the device twin. Similarly, if a route is created with data source set to device lifecycle events, IoT Hub
sends a message indicating whether the device was deleted or created. Finally, as part of the IoT Plug and
Play public preview, a developer can create routes with data source set to digital twin change events and
IoT Hub sends messages whenever a digital twin property is set or changed, a digital twin is replaced, or
when a change event happens for the underlying device twin.
IoT Hub also integrates with Azure Event Grid to publish device events to support real-time integrations and
automation of workflows based on these events. See key differences between message routing and Event
Grid to learn which works best for your scenario.
Testing routes
When you create a new route or edit an existing route, you should test the route query with a sample
message. You can test individual routes or test all routes at once and no messages are routed to the
endpoints during the test. Azure portal, Azure Resource Manager, Azure PowerShell, and Azure CLI can be
used for testing. Outcomes help identify whether the sample message matched the query, message did not
match the query, or test couldn't run because the sample message or query syntax are incorrect. To learn
more, see Test Route and Test all routes.
Latency
When you route device-to-cloud telemetry messages using built-in endpoints, there is a slight increase in the
end-to-end latency after the creation of the first route.
In most cases, the average increase in latency is less than 500 ms. You can monitor the latency using
Routing: message latency for messages/events or d2c.endpoints.latency.builtIn.events IoT Hub
metric. Creating or deleting any route after the first one does not impact the end-to-end latency.
Next steps
To learn how to create Message Routes, see Process IoT Hub device-to-cloud messages using routes.
How to send device-to-cloud messages
For information about the SDKs you can use to send device-to-cloud messages, see Azure IoT SDKs.
Create and read IoT Hub messages
8/21/2019 • 4 minutes to read • Edit Online
To support seamless interoperability across protocols, IoT Hub defines a common message format for all device-
facing protocols. This message format is used for both device-to-cloud routing and cloud-to-device messages.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
IoT Hub implements device-to-cloud messaging using a streaming messaging pattern. IoT Hub's device-to-cloud
messages are more like Event Hubs events than Service Bus messages in that there is a high volume of events
passing through the service that can be read by multiple readers.
An IoT Hub message consists of:
A predetermined set of system properties as listed below.
A set of application properties. A dictionary of string properties that the application can define and access,
without needing to deserialize the message body. IoT Hub never modifies these properties.
An opaque binary body.
Property names and values can only contain ASCII alphanumeric characters, plus
{'!', '#', '$', '%, '&', ''', '*', '+', '-', '.', '^', '_', '`', '|', '~'} when you send device-to-cloud
messages using the HTTPS protocol or send cloud-to-device messages.
Device-to-cloud messaging with IoT Hub has the following characteristics:
Device-to-cloud messages are durable and retained in an IoT hub's default messages/events endpoint for
up to seven days.
Device-to-cloud messages can be at most 256 KB, and can be grouped in batches to optimize sends.
Batches can be at most 256 KB.
IoT Hub does not allow arbitrary partitioning. Device-to-cloud messages are partitioned based on their
originating deviceId.
As explained in Control access to IoT Hub, IoT Hub enables per-device authentication and access control.
You can stamp messages with information that goes into the application properties. For more information,
please see message enrichments.
For more information about how to encode and decode messages sent using different protocols, see Azure IoT
SDKs.
to A destination specified in No
Cloud-to-Device messages.
Anti-spoofing properties
To avoid device spoofing in device-to-cloud messages, IoT Hub stamps all messages with the following
properties:
iothub-connection-device-id
iothub-connection-auth-generation-id
iothub-connection-auth-method
The first two contain the deviceId and generationId of the originating device, as per Device identity properties.
The iothub-connection-auth-method property contains a JSON serialized object, with the following
properties:
{
"scope": "{ hub | device }",
"type": "{ symkey | sas | x509 }",
"issuer": "iothub"
}
Next steps
For information about message size limits in IoT Hub, see IoT Hub quotas and throttling.
To learn how to create and read IoT Hub messages in various programming languages, see the
Quickstarts.
Read device-to-cloud messages from the built-in
endpoint
8/11/2019 • 3 minutes to read • Edit Online
By default, messages are routed to the built-in service-facing endpoint (messages/events) that is compatible with
Event Hubs. This endpoint is currently only exposed using the AMQP protocol on port 5671. An IoT hub exposes
the following properties to enable you to control the built-in Event Hub-compatible messaging endpoint
messages/events.
PROPERTY DESCRIPTION
Retention time This property specifies how long in days messages are
retained by IoT Hub. The default is one day, but it can be
increased to seven days.
IoT Hub allows data retention in the built-in Event Hubs for a maximum of 7 days. You can set the retention time
during creation of your IoT Hub. Data retention time in IoT Hub depends on your IoT hub tier and unit type. In
terms of size, the built-in Event Hubs can retain messages of the maximum message size up to at least 24 hours of
quota. For example, for 1 S1 unit IoT Hub provides enough storage to retain at least 400K messages of 4k size
each. If your devices are sending smaller messages, they may be retained for longer (up to 7 days) depending on
how much storage is consumed. We guarantee retaining the data for the specified retention time as a minimum.
IoT Hub also enables you to manage consumer groups on the built-in device-to-cloud receive endpoint. You can
have up to 20 consumer groups for each IoT Hub.
If you're using message routing and the fallback route is enabled, all messages that don't match a query on any
route go to the built-in endpoint. If you disable this fallback route, messages that don't match any query are
dropped.
You can modify the retention time, either programmatically using the IoT Hub resource provider REST APIs, or
with the Azure portal.
IoT Hub exposes the messages/events built-in endpoint for your back-end services to read the device-to-cloud
messages received by your hub. This endpoint is Event Hub-compatible, which enables you to use any of the
mechanisms the Event Hubs service supports for reading messages.
In the portal, the Event Hub-compatible endpoint field contains a complete Event Hubs connection string that
looks like:
Endpoint=sb://abcd1234namespace.servicebus.windows.net/;SharedAccessKeyName=iothubowner;Sh
aredAccessKey=keykeykeykeykeykey=;EntityPath=iothub-ehub-abcd-1234-123456. If the SDK you're
using requires other values, then they would be:
NAME VALUE
Endpoint sb://abcd1234namespace.servicebus.windows.net/
Hostname abcd1234namespace.servicebus.windows.net
Namespace abcd1234namespace
You can then use any shared access policy that has the ServiceConnect permissions to connect to the specified
Event Hub.
The SDKs you can use to connect to the built-in Event Hub-compatible endpoint that IoT Hub exposes include:
The product integrations you can use with the built-in Event Hub-compatible endpoint that IoT Hub exposes
include:
Azure Functions. See Processing data from IoT Hub with Azure Functions.
Azure Stream Analytics. See Stream data as input into Stream Analytics.
Time Series Insights. See Add an IoT hub event source to your Time Series Insights environment.
Apache Storm spout. You can view the spout source on GitHub.
Apache Spark integration.
Azure Databricks.
Next steps
For more information about IoT Hub endpoints, see IoT Hub endpoints.
The Quickstarts show you how to send device-to-cloud messages from simulated devices and read the
messages from the built-in endpoint.
For more detail, see the Process IoT Hub device-to-cloud messages using routes tutorial.
If you want to route your device-to-cloud messages to custom endpoints, see Use message routes and custom
endpoints for device-to-cloud messages.
Use message routes and custom endpoints for
device-to-cloud messages
2/28/2019 • 2 minutes to read • Edit Online
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
IoT Hub Message Routing enables users to route device-to-cloud messages to service-facing endpoints. Routing
also provides a querying capability to filter the data before routing it to the endpoints. Each routing query you
configure has the following properties:
PROPERTY DESCRIPTION
Source The origin of the data stream to be acted upon. For example,
device telemetry.
Condition The query expression for the routing query that is run against
the message application properties, system properties,
message body, device twin tags, and device twin properties to
determine if it is a match for the endpoint. For more
information about constructing a query, see the see message
routing query syntax
Endpoint The name of the endpoint where IoT Hub sends messages
that match the query. We recommend that you choose an
endpoint in the same region as your IoT hub.
A single message may match the condition on multiple routing queries, in which case IoT Hub delivers the
message to the endpoint associated with each matched query. IoT Hub also automatically deduplicates message
delivery, so if a message matches multiple queries that have the same destination, it is only written once to that
destination.
For more information about creating custom endpoints in IoT Hub, see IoT Hub endpoints.
For more information about reading from custom endpoints, see:
Reading from Azure Storage containers.
Reading from Event Hubs.
Reading from Service Bus queues.
Reading from Service Bus topics.
Next steps
For more information about IoT Hub endpoints, see IoT Hub endpoints.
For more information about the query language you use to define routing queries, see Message Routing
query syntax.
The Process IoT Hub device-to-cloud messages using routes tutorial shows you how to use routing queries
and custom endpoints.
IoT Hub message routing query syntax
11/8/2019 • 5 minutes to read • Edit Online
Message routing enables users to route different data types namely, device telemetry messages, device lifecycle
events, and device twin change events to various endpoints. You can also apply rich queries to this data before
routing it to receive the data that matters to you. This article describes the IoT Hub message routing query
language, and provides some common query patterns.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How
to choose the right IoT Hub tier.
Message routing allows you to query on the message properties and message body as well as device twin tags
and device twin properties. If the message body is not JSON, message routing can still route the message, but
queries cannot be applied to the message body. Queries are described as Boolean expressions where a Boolean
true makes the query succeed which routes all the incoming data, and Boolean false fails the query and no data
is routed. If the expression evaluates to null or undefined, it is treated as false and an error will be generated in
diagnostic logs in case of a failure. The query syntax must be correct for the route to be saved and evaluated.
{
"message": {
"systemProperties": {
"contentType": "application/json",
"contentEncoding": "UTF-8",
"iothub-message-source": "deviceMessages",
"iothub-enqueuedtime": "2017-05-08T18:55:31.8514657Z"
},
"appProperties": {
"processingPath": "{cold | warm | hot}",
"verbose": "{true, false}",
"severity": 1-5,
"testDevice": "{true | false}"
},
"body": "{\"Weather\":{\"Temperature\":50}}"
}
}
System properties
System properties help identify contents and source of the messages.
PROPERTY TYPE DESCRIPTION
As described in the IoT Hub Messages, there are additional system properties in a message. In addition to
contentType, contentEncoding, and enqueuedTime, the connectionDeviceId and connectionModuleId
can also be queried.
Application properties
Application properties are user-defined strings that can be added to the message. These fields are optional.
Query expressions
A query on message system properties needs to be prefixed with the $ symbol. Queries on application
properties are accessed with their name and should not be prefixed with the $ symbol. If an application
property name begins with $ , then IoT Hub will search for it in the system properties, and it is not found, then
it will look in the application properties. For example:
To query on system property contentEncoding
$contentEncoding = 'UTF-8'
processingPath = 'hot'
To combine these queries, you can use Boolean expressions and functions:
A full list of supported operators and functions is shown in Expression and conditions.
Message routing query based on message body
To enable querying on message body, the message should be in a JSON encoded in either UTF -8, UTF -16 or
UTF -32. The contentType must be set to application/JSON and contentEncoding to one of the supported UTF
encodings in the system property. If these properties are not specified, IoT Hub will not evaluate the query
expression on the message body.
The following example shows how to create a message with a properly formed and encoded JSON body:
Query expressions
A query on message body needs to be prefixed with the $body . You can use a body reference, body array
reference, or multiple body references in the query expression. Your query expression can also combine a body
reference with message system properties, and message application properties reference. For example, the
following are all valid query expressions:
$body.Weather.HistoricalData[0].Month = 'Feb'
$body.Weather.Temperature = 50 AND $body.Weather.IsEnabled
length($body.Weather.Location.State) = 2
{
"tags": {
"deploymentLocation": {
"building": "43",
"floor": "1"
}
},
"properties": {
"desired": {
"telemetryConfig": {
"sendFrequency": "5m"
},
"$metadata" : {...},
"$version": 1
},
"reported": {
"telemetryConfig": {
"sendFrequency": "5m",
"status": "success"
},
"batteryLevel": 55,
"$metadata" : {...},
"$version": 4
}
}
}
Query expressions
A query on message body needs to be prefixed with the $twin . Your query expression can also combine a twin
tag or property reference with a body reference, message system properties, and message application
properties reference. We recommend using unique names in tags and properties as the query is not case-
sensitive. Also refrain from using twin , $twin , body , or $body , as a property names. For example, the
following are all valid query expressions:
$twin.properties.desired.telemetryConfig.sendFrequency = '5m'
$twin.tags.deploymentLocation.floor = 1
Next steps
Learn about message routing.
Try the message routing tutorial.
React to IoT Hub events by using Event Grid to
trigger actions
12/5/2019 • 6 minutes to read • Edit Online
Azure IoT Hub integrates with Azure Event Grid so that you can send event notifications to other services and
trigger downstream processes. Configure your business applications to listen for IoT Hub events so that you can
react to critical events in a reliable, scalable, and secure manner. For example, build an application that updates a
database, creates a work ticket, and delivers an email notification every time a new IoT device is registered to your
IoT hub.
Azure Event Grid is a fully managed event routing service that uses a publish-subscribe model. Event Grid has
built-in support for Azure services like Azure Functions and Azure Logic Apps, and can deliver event alerts to
non-Azure services using webhooks. For a complete list of the event handlers that Event Grid supports, see An
introduction to Azure Event Grid.
Regional availability
The Event Grid integration is available for IoT hubs located in the regions where Event Grid is supported. For the
latest list of regions, see An introduction to Azure Event Grid.
Event types
IoT Hub publishes the following event types:
EVENT TYPE DESCRIPTION
Use either the Azure portal or Azure CLI to configure which events to publish from each IoT hub. For an example,
try the tutorial Send email notifications about Azure IoT Hub events using Logic Apps.
Event schema
IoT Hub events contain all the information you need to respond to changes in your device lifecycle. You can
identify an IoT Hub event by checking that the eventType property starts with Microsoft.Devices. For more
information about how to use Event Grid event properties, see the Event Grid event schema.
Device connected schema
The following example shows the schema of a device connected event:
[{
"id": "f6bbf8f4-d365-520d-a878-17bf7238abd8",
"topic": "/SUBSCRIPTIONS/<subscription ID>/RESOURCEGROUPS/<resource group
name>/PROVIDERS/MICROSOFT.DEVICES/IOTHUBS/<hub name>",
"subject": "devices/LogicAppTestDevice",
"eventType": "Microsoft.Devices.DeviceConnected",
"eventTime": "2018-06-02T19:17:44.4383997Z",
"data": {
"deviceConnectionStateEventInfo": {
"sequenceNumber":
"000000000000000001D4132452F67CE200000002000000000000000000000001"
},
"hubName": "egtesthub1",
"deviceId": "LogicAppTestDevice",
"moduleId" : "DeviceModuleID",
},
"dataVersion": "1",
"metadataVersion": "1"
}]
For a detailed description of each property, see Azure Event Grid event schema for IoT Hub.
Filter events
IoT Hub event subscriptions can filter events based on event type, data content and subject, which is the device
name.
Event Grid enables filtering on event types, subjects and data content. While creating the Event Grid subscription,
you can choose to subscribe to selected IoT events. Subject filters in Event Grid work based on Begins With
(prefix) and Ends With (suffix) matches. The filter uses an AND operator, so events with a subject that match both
the prefix and suffix are delivered to the subscriber.
The subject of IoT Events uses the format:
devices/{deviceId}
Event Grid also allows for filtering on attributes of each event, including the data content. This allows you to
choose what events are delivered based contents of the telemetry message. Please see advanced filtering to view
examples. For filtering on the telemetry message body, you must set the contentType to application/json and
contentEncoding to UTF-8 in the message system properties. Both of these properties are case insensitive.
For non-telemetry events like DeviceConnected, DeviceDisconnected, DeviceCreated and DeviceDeleted, the
Event Grid filtering can be used when creating the subscription. For telemetry events, in addition to the filtering in
Event Grid, users can also filter on device twins, message properties and body through the message routing
query.
When you subscribe to telemetry events via Event Grid, IoT Hub creates a default message route to send data
source type device messages to Event Grid. For more information about message routing, see IoT Hub message
routing. This route will be visible in the portal under IoT Hub > Message Routing. Only one route to Event Grid is
created regardless of the number of EG subscriptions created for telemetry events. So, if you need several
subscriptions with different filters, you can use the OR operator in these queries on the same route. The creation
and deletion of the route is controlled through subscription of telemetry events via Event Grid. You cannot create
or delete a route to Event Grid using IoT Hub Message Routing.
To filter messages before telemetry data is sent, you can update your routing query. Note that routing query can
be applied to the message body only if the body is JSON. You must also set the contentType to application/json
and contentEncoding to UTF-8 in the message system properties.
Next steps
Try the IoT Hub events tutorial
Learn how to order device connected and disconnected events
Learn more about Event Grid
Compare the differences between routing IoT Hub events and messages
Learn how to use IoT telemetry events to implement IoT spatial analytics using Azure Maps
Send cloud-to-device messages from an IoT hub
8/12/2019 • 6 minutes to read • Edit Online
To send one-way notifications to a device app from your solution back end, send cloud-to-device messages from
your IoT hub to your device. For a discussion of other cloud-to-device options supported by Azure IoT Hub, see
Cloud-to-device communications guidance.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
You send cloud-to-device messages through a service-facing endpoint, /messages/devicebound. A device then
receives the messages through a device-specific endpoint, /devices/{deviceId }/messages/devicebound.
To target each cloud-to-device message at a single device, your IoT hub sets the to property to
/devices/{deviceId }/messages/devicebound.
Each device queue holds, at most, 50 cloud-to-device messages. To try to send more messages to the same
device results in an error.
When the IoT hub service sends a message to a device, the service sets the message state to Enqueued. When a
device wants to receive a message, the IoT hub locks the message by setting the state to Invisible. This state
allows other threads on the device to start receiving other messages. When a device thread completes the
processing of a message, it notifies the IoT hub by completing the message. The IoT hub then sets the state to
Completed.
A device can also:
Reject the message, which causes the IoT hub to set it to the Dead lettered state. Devices that connect
over the Message Queuing Telemetry Transport (MQTT) Protocol can't reject cloud-to-device messages.
Abandon the message, which causes the IoT hub to put the message back in the queue, with the state set
to Enqueued. Devices that connect over the MQTT Protocol can't abandon cloud-to-device messages.
A thread could fail to process a message without notifying the IoT hub. In this case, messages automatically
transition from the Invisible state back to the Enqueued state after a visibility time-out (or lock time-out). The
value of this time-out is one minute and cannot be changed.
The max delivery count property on the IoT hub determines the maximum number of times a message can
transition between the Enqueued and Invisible states. After that number of transitions, the IoT hub sets the state
of the message to Dead lettered. Similarly, the IoT hub sets the state of a message to Dead lettered after its
expiration time. For more information, see Time to live.
The How to send cloud-to-device messages with IoT Hub article shows you how to send cloud-to-device
messages from the cloud and receive them on a device.
A device ordinarily completes a cloud-to-device message when the loss of the message doesn't affect the
application logic. An example of this might be when the device has persisted the message content locally or has
successfully executed an operation. The message could also carry transient information, whose loss wouldn't
impact the functionality of the application. Sometimes, for long-running tasks, you can:
Complete the cloud-to-device message after the device has persisted the task description in local storage.
Notify the solution back end with one or more device-to-cloud messages at various stages of progress of
the task.
Message feedback
When you send a cloud-to-device message, the service can request the delivery of per-message feedback about
the final state of that message. You do this by setting the iothub-ack application property in the cloud-to-device
message that's being sent to one of the following four values:
If the Ack value is full, and you don't receive a feedback message, it means that the feedback message has
expired. The service can't know what happened to the original message. In practice, a service should ensure that
it can process the feedback before it expires. The maximum expiration time is two days, which leaves time to get
the service running again if a failure occurs.
As explained in Endpoints, the IoT hub delivers feedback through a service-facing endpoint,
/messages/servicebound/feedback, as messages. The semantics for receiving feedback are the same as for cloud-
to-device messages. Whenever possible, message feedback is batched in a single message, with the following
format:
PROPERTY DESCRIPTION
ContentType application/vnd.microsoft.iothub.feedback.json
The body is a JSON -serialized array of records, each with the following properties:
PROPERTY DESCRIPTION
[
{
"OriginalMessageId": "0987654321",
"EnqueuedTimeUtc": "2015-07-28T16:24:48.789Z",
"StatusCode": 0,
"Description": "Success",
"DeviceId": "123",
"DeviceGenerationId": "abcdefghijklmnopqrstuvwxyz"
},
{
...
},
...
]
For more information about how to set these configuration options, see Create IoT hubs.
Next steps
For information about the SDKs that you can use to receive cloud-to-device messages, see Azure IoT SDKs.
To try out receiving cloud-to-device messages, see the Send cloud-to-device tutorial.
Reference - choose a communication protocol
4/4/2019 • 2 minutes to read • Edit Online
IoT Hub allows devices to use the following protocols for device-side communications:
MQTT
MQTT over WebSockets
AMQP
AMQP over WebSockets
HTTPS
For information about how these protocols support specific IoT Hub features, see Device-to-cloud
communications guidance and Cloud-to-device communications guidance.
The following table provides the high-level recommendations for your choice of protocol:
Consider the following points when you choose your protocol for device-side communications:
Cloud-to-device pattern. HTTPS does not have an efficient way to implement server push. As such, when
you are using HTTPS, devices poll IoT Hub for cloud-to-device messages. This approach is inefficient for
both the device and IoT Hub. Under current HTTPS guidelines, each device should poll for messages every
25 minutes or more. MQTT and AMQP support server push when receiving cloud-to-device messages.
They enable immediate pushes of messages from IoT Hub to the device. If delivery latency is a concern,
MQTT or AMQP are the best protocols to use. For rarely connected devices, HTTPS works as well.
Field gateways. When using MQTT and HTTPS, you cannot connect multiple devices (each with its own
per-device credentials) using the same TLS connection. For Field gateway scenarios that require one TLS
connection between the field gateway and IoT Hub for each connected device, these protocols are
suboptimal.
Low resource devices. The MQTT and HTTPS libraries have a smaller footprint than the AMQP libraries.
As such, if the device has limited resources (for example, less than 1-MB RAM ), these protocols might be
the only protocol implementation available.
Network traversal. The standard AMQP protocol uses port 5671, and MQTT listens on port 8883. USe of
these ports could cause problems in networks that are closed to non-HTTPS protocols. Use MQTT over
WebSockets, AMQP over WebSockets, or HTTPS in this scenario.
Payload size. MQTT and AMQP are binary protocols, which result in more compact payloads than HTTPS.
WARNING
When using HTTPS, each device should poll for cloud-to-device messages every 25 minutes or more. However, during
development, it is acceptable to poll more frequently than every 25 minutes.
Port numbers
Devices can communicate with IoT Hub in Azure using various protocols. Typically, the choice of protocol is driven
by the specific requirements of the solution. The following table lists the outbound ports that must be open for a
device to be able to use a specific protocol:
PROTOCOL PORT
MQTT 8883
AMQP 5671
HTTPS 443
Once you have created an IoT hub in an Azure region, the IoT hub keeps the same IP address for the lifetime of
that IoT hub. However, if Microsoft moves the IoT hub to a different scale unit to maintain quality of service, then
it is assigned a new IP address.
Next steps
To learn more about how IoT Hub implements the MQTT protocol, see Communicate with your IoT hub using the
MQTT protocol.
Upload files with IoT Hub
6/11/2019 • 5 minutes to read • Edit Online
As detailed in the IoT Hub endpoints article, a device can start a file upload by sending a notification through a
device-facing endpoint (/devices/{deviceId}/files). When a device notifies IoT Hub that an upload is complete,
IoT Hub sends a file upload notification message through the /messages/servicebound/filenotifications
service-facing endpoint.
Instead of brokering messages through IoT Hub itself, IoT Hub instead acts as a dispatcher to an associated
Azure Storage account. A device requests a storage token from IoT Hub that is specific to the file the device
wishes to upload. The device uses the SAS URI to upload the file to storage, and when the upload is complete
the device sends a notification of completion to IoT Hub. IoT Hub checks the file upload is complete and then
adds a file upload notification message to the service-facing file notification endpoint.
Before you upload a file to IoT Hub from a device, you must configure your hub by associating an Azure Storage
account to it.
Your device can then initialize an upload and then notify IoT hub when the upload completes. Optionally, when a
device notifies IoT Hub that the upload is complete, the service can generate a notification message.
When to use
Use file upload to send media files and large telemetry batches uploaded by intermittently connected devices or
compressed to save bandwidth.
Refer to Device-to-cloud communication guidance if in doubt between using reported properties, device-to-
cloud messages, or file upload.
NOTE
The Azure IoT SDKs automatically handle retrieving the SAS URI, uploading the file, and notifying IoT Hub of a completed
upload.
IoT Hub returns the following data, which the device uses to upload the file:
{
"correlationId": "somecorrelationid",
"hostName": "yourstorageaccount.blob.core.windows.net",
"containerName": "testcontainer",
"blobName": "test-device1/image.jpg",
"sasToken": "1234asdfSAStoken"
}
NOTE
This section describes deprecated functionality for how to receive a SAS URI from IoT Hub. Use the POST method described
previously.
IoT Hub has two REST endpoints to support file upload, one to get the SAS URI for storage and the other to
notify the IoT hub of a completed upload. The device starts the file upload process by sending a GET to the IoT
hub at {iot hub}.azure-devices.net/devices/{deviceId}/files/{filename} . The IoT hub returns:
A SAS URI specific to the file to be uploaded.
A correlation ID to be used once the upload is completed.
{
"correlationId": "{correlation ID received from the initial request}",
"isSuccess": bool,
"statusCode": XXX,
"statusDescription": "Description of status"
}
The value of isSuccess is a Boolean that indicates whether the file was uploaded successfully. The status code
for statusCode is the status for the upload of the file to storage, and the statusDescription corresponds to the
statusCode .
Reference topics:
The following reference topics provide you with more information about uploading files from a device.
PROPERTY DESCRIPTION
Example. This example shows the body of a file upload notification message.
{
"deviceId":"mydevice",
"blobUri":"https://{storage account}.blob.core.windows.net/{container name}/mydevice/myfile.jpg",
"blobName":"mydevice/myfile.jpg",
"lastUpdatedTime":"2016-06-01T21:22:41+00:00",
"blobSizeInBytes":1234,
"enqueuedTimeUtc":"2016-06-01T21:22:43.7996883Z"
}
fileNotifications.ttlAsIso8601 Default TTL for file upload notifications. ISO_8601 interval up to 48H
(minimum 1 minute). Default: 1 hour.
fileNotifications.lockDuration Lock duration for the file upload 5 to 300 seconds (minimum 5
notifications queue. seconds). Default: 60 seconds.
fileNotifications.maxDeliveryCount Maximum delivery count for the file 1 to 100. Default: 100.
upload notification queue.
Next steps
Now you've learned how to upload files from devices using IoT Hub, you may be interested in the following IoT
Hub developer guide topics:
Manage device identities in IoT Hub
Control access to IoT Hub
Use device twins to synchronize state and configurations
Invoke a direct method on a device
Schedule jobs on multiple devices
To try out some of the concepts described in this article, see the following IoT Hub tutorial:
How to upload files from devices to the cloud with IoT Hub
Understand the identity registry in your IoT hub
2/28/2019 • 11 minutes to read • Edit Online
Every IoT hub has an identity registry that stores information about the devices and modules permitted to
connect to the IoT hub. Before a device or module can connect to an IoT hub, there must be an entry for that
device or module in the IoT hub's identity registry. A device or module must also authenticate with the IoT
hub based on credentials stored in the identity registry.
The device or module ID stored in the identity registry is case-sensitive.
At a high level, the identity registry is a REST-capable collection of device or module identity resources.
When you add an entry in the identity registry, IoT Hub creates a set of per-device resources such as the
queue that contains in-flight cloud-to-device messages.
Use the identity registry when you need to:
Provision devices or modules that connect to your IoT hub.
Control per-device/per-module access to your hub's device or module-facing endpoints.
NOTE
The identity registry does not contain any application-specific metadata.
Module identity and module twin is in public preview. Below feature will be supported on module identity when it's
general available.
IMPORTANT
The only way to retrieve all identities in an IoT hub's identity registry is to use the Export functionality.
IMPORTANT
Only use the identity registry for device management and provisioning operations. High throughput operations at run
time should not depend on performing operations in the identity registry. For example, checking the connection state
of a device before sending a command is not a supported pattern. Make sure to check the throttling rates for the
identity registry, and the device heartbeat pattern.
Disable devices
You can disable devices by updating the status property of an identity in the identity registry. Typically, you
use this property in two scenarios:
During a provisioning orchestration process. For more information, see Device Provisioning.
If, for any reason, you think a device is compromised or has become unauthorized.
This feature is not available for modules.
Device provisioning
The device data that a given IoT solution stores depends on the specific requirements of that solution. But, as
a minimum, a solution must store device identities and authentication keys. Azure IoT Hub includes an
identity registry that can store values for each device such as IDs, authentication keys, and status codes. A
solution can use other Azure services such as table storage, blob storage, or Cosmos DB to store any
additional device data.
Device provisioning is the process of adding the initial device data to the stores in your solution. To enable a
new device to connect to your hub, you must add a device ID and keys to the IoT Hub identity registry. As
part of the provisioning process, you might need to initialize device-specific data in other solution stores. You
can also use the Azure IoT Hub Device Provisioning Service to enable zero-touch, just-in-time provisioning to
one or more IoT hubs without requiring human intervention. To learn more, see the provisioning service
documentation.
Device heartbeat
The IoT Hub identity registry contains a field called connectionState. Only use the connectionState field
during development and debugging. IoT solutions should not query the field at run time. For example, do not
query the connectionState field to check if a device is connected before you send a cloud-to-device
message or an SMS. We recommend subscribing to the device disconnected event on Event Grid to get
alerts and monitor the device connection state. Use this tutorial to learn how to integrate Device Connected
and Device Disconnected events from IoT Hub in your IoT solution.
If your IoT solution needs to know if a device is connected, you can implement the heartbeat pattern. In the
heartbeat pattern, the device sends device-to-cloud messages at least once every fixed amount of time (for
example, at least once every hour). Therefore, even if a device does not have any data to send, it still sends an
empty device-to-cloud message (usually with a property that identifies it as a heartbeat). On the service side,
the solution maintains a map with the last heartbeat received for each device. If the solution does not receive
a heartbeat message within the expected time from the device, it assumes that there is a problem with the
device.
A more complex implementation could include the information from Azure Monitor and Azure Resource
Health to identify devices that are trying to connect or communicate but failing, check Monitor with
diagnostics guide. When you implement the heartbeat pattern, make sure to check IoT Hub Quotas and
Throttles.
NOTE
If an IoT solution uses the connection state solely to determine whether to send cloud-to-device messages, and
messages are not broadcast to large sets of devices, consider using the simpler short expiry time pattern. This pattern
achieves the same result as maintaining a device connection state registry using the heartbeat pattern, while being
more efficient. If you request message acknowledgements, IoT Hub can notify you about which devices are able to
receive messages and which are not.
NAME VALUE
$content-type application/json
$iothub-message-source deviceLifecycleEvents
$content-encoding utf-8
iothub-message-schema deviceLifecycleNotification
Body: This section is in JSON format and represents the twin of the created device identity. For example,
{
"deviceId":"11576-ailn-test-0-67333793211",
"etag":"AAAAAAAAAAE=",
"properties": {
"desired": {
"$metadata": {
"$lastUpdated": "2016-02-30T16:24:48.789Z"
},
"$version": 1
},
"reported": {
"$metadata": {
"$lastUpdated": "2016-02-30T16:24:48.789Z"
},
"$version": 1
}
}
}
NAME VALUE
$content-type application/json
$iothub-message-source moduleLifecycleEvents
$content-encoding utf-8
iothub-message-schema moduleLifecycleNotification
Body: This section is in JSON format and represents the twin of the created module identity. For example,
{
"deviceId":"11576-ailn-test-0-67333793211",
"moduleId":"tempSensor",
"etag":"AAAAAAAAAAE=",
"properties": {
"desired": {
"$metadata": {
"$lastUpdated": "2016-02-30T16:24:48.789Z"
},
"$version": 1
},
"reported": {
"$metadata": {
"$lastUpdated": "2016-02-30T16:24:48.789Z"
},
"$version": 1
}
}
}
NOTE
Connection state can only represent the IoT Hub view of the status of the connection. Updates to this state may be
delayed, depending on network conditions and configurations.
NOTE
Currently the device SDKs do not support using the + and # characters in the deviceId.
NOTE
Currently the device SDKs do not support using the + and # characters in the deviceId and moduleId.
Next steps
Now that you have learned how to use the IoT Hub identity registry, you may be interested in the following
IoT Hub developer guide topics:
Control access to IoT Hub
Use device twins to synchronize state and configurations
Invoke a direct method on a device
Schedule jobs on multiple devices
To try out some of the concepts described in this article, see the following IoT Hub tutorial:
Get started with Azure IoT Hub
To explore using the IoT Hub Device Provisioning Service to enable zero-touch, just-in-time provisioning, see:
Azure IoT Hub Device Provisioning Service
Control access to IoT Hub
12/23/2019 • 17 minutes to read • Edit Online
This article describes the options for securing your IoT hub. IoT Hub uses permissions to grant access to each IoT
hub endpoint. Permissions limit the access to an IoT hub based on functionality.
This article introduces:
The different permissions that you can grant to a device or back-end app to access your IoT hub.
The authentication process and the tokens it uses to verify permissions.
How to scope credentials to limit access to specific resources.
IoT Hub support for X.509 certificates.
Custom device authentication mechanisms that use existing device identity registries or authentication
schemes.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
You must have appropriate permissions to access any of the IoT Hub endpoints. For example, a device must
include a token containing security credentials along with every message it sends to IoT Hub.
Per-Device Security Credentials. Each IoT Hub contains an identity registry For each device in this
identity registry, you can configure security credentials that grant DeviceConnect permissions scoped to
the corresponding device endpoints.
For example, in a typical IoT solution:
The device management component uses the registryReadWrite policy.
The event processor component uses the service policy.
The run-time device business logic component uses the service policy.
Individual devices connect using credentials stored in the IoT hub's identity registry.
NOTE
See permissions for detailed information.
Authentication
Azure IoT Hub grants access to endpoints by verifying a token against the shared access policies and identity
registry security credentials.
Security credentials, such as symmetric keys, are never sent over the wire.
NOTE
The Azure IoT Hub resource provider is secured through your Azure subscription, as are all providers in the Azure Resource
Manager.
For more information about how to construct and use security tokens, see IoT Hub security tokens.
Protocol specifics
Each supported protocol, such as MQTT, AMQP, and HTTPS, transports tokens in different ways.
When using MQTT, the CONNECT packet has the deviceId as the ClientId, {iothubhostname}/{deviceId} in the
Username field, and a SAS token in the Password field. {iothubhostname} should be the full CName of the IoT
hub (for example, contoso.azure-devices.net).
When using AMQP, IoT Hub supports SASL PLAIN and AMQP Claims-Based-Security.
If you use AMQP claims-based-security, the standard specifies how to transmit these tokens.
For SASL PLAIN, the username can be:
{policyName}@sas.root.{iothubName} if using IoT hub-level tokens.
{deviceId}@sas.{iothubname} if using device-scoped tokens.
In both cases, the password field contains the token, as described in IoT Hub security tokens.
HTTPS implements authentication by including a valid token in the Authorization request header.
Example
Username (DeviceId is case-sensitive): iothubname.azure-devices.net/DeviceId
Password (You can generate a SAS token with the device explorer tool, the CLI extension command az iot hub
generate-sas-token, or the Azure IoT Tools for Visual Studio Code):
SharedAccessSignature sr=iothubname.azure-
devices.net%2fdevices%2fDeviceId&sig=kPszxZZZZZZZZZZZZZZZZZAhLT%2bV7o%3d&se=1487709501
NOTE
The Azure IoT SDKs automatically generate tokens when connecting to the service. In some cases, the Azure IoT SDKs do
not support all the protocols or all the authentication methods.
Special considerations for SASL PLAIN
When using SASL PLAIN with AMQP, a client connecting to an IoT hub can use a single token for each TCP
connection. When the token expires, the TCP connection disconnects from the service and triggers a
reconnection. This behavior, while not problematic for a back-end app, is damaging for a device app for the
following reasons:
Gateways usually connect on behalf of many devices. When using SASL PLAIN, they have to create a
distinct TCP connection for each device connecting to an IoT hub. This scenario considerably increases the
consumption of power and networking resources, and increases the latency of each device connection.
Resource-constrained devices are adversely affected by the increased use of resources to reconnect after
each token expiration.
Security tokens
IoT Hub uses security tokens to authenticate devices and services to avoid sending keys on the wire. Additionally,
security tokens are limited in time validity and scope. Azure IoT SDKs automatically generate tokens without
requiring any special configuration. Some scenarios do require you to generate and use security tokens directly.
Such scenarios include:
The direct use of the MQTT, AMQP, or HTTPS surfaces.
The implementation of the token service pattern, as explained in Custom device authentication.
IoT Hub also allows devices to authenticate with IoT Hub using X.509 certificates.
Security token structure
You use security tokens to grant time-bounded access to devices and services to specific functionality in IoT Hub.
To get authorization to connect to IoT Hub, devices and services must send security tokens signed with either a
shared access or symmetric key. These keys are stored with a device identity in the identity registry.
A token signed with a shared access key grants access to all the functionality associated with the shared access
policy permissions. A token signed with a device identity's symmetric key only grants the DeviceConnect
permission for the associated device identity.
The security token has the following format:
SharedAccessSignature sig={signature-string}&se={expiry}&skn={policyName}&sr={URL-encoded-resourceURI}
VALUE DESCRIPTION
VALUE DESCRIPTION
{expiry} UTF8 strings for number of seconds since the epoch 00:00:00
UTC on 1 January 1970.
{policyName} The name of the shared access policy to which this token
refers. Absent if the token refers to device-registry
credentials.
Note on prefix: The URI prefix is computed by segment and not by character. For example /a/b is a prefix for
/a/b/c but not for /a/bc .
The following Node.js snippet shows a function called generateSasToken that computes the token from the
inputs resourceUri, signingKey, policyName, expiresInMins . The next sections detail how to initialize the different
inputs for the different token use cases.
// Use crypto
var hmac = crypto.createHmac('sha256', Buffer.from(signingKey, 'base64'));
hmac.update(toSign);
var base64UriEncoded = encodeURIComponent(hmac.digest('base64'));
rawtoken = {
'sr' : uri,
'sig': signature,
'se' : str(int(ttl))
}
public static string generateSasToken(string resourceUri, string key, string policyName, int expiryInSeconds
= 3600)
{
TimeSpan fromEpochStart = DateTime.UtcNow - new DateTime(1970, 1, 1);
string expiry = Convert.ToString((int)fromEpochStart.TotalSeconds + expiryInSeconds);
if (!String.IsNullOrEmpty(policyName))
{
token += "&skn=" + policyName;
}
return token;
}
NOTE
Since the time validity of the token is validated on IoT Hub machines, the drift on the clock of the machine that generates
the token must be minimal.
IMPORTANT
The only way that IoT Hub authenticates a specific device is using the device identity symmetric key. In cases when a shared
access policy is used to access device functionality, the solution must consider the component issuing the security token as
a trusted subcomponent.
ENDPOINT FUNCTIONALITY
The result, which grants access to all functionality for device1, would be:
SharedAccessSignature sr=myhub.azure-
devices.net%2fdevices%2fdevice1&sig=13y8ejUk2z7PLmvtwR5RqlGBOVwiq7rQR3WZ5xZX3N4%3D&se=1456971697
NOTE
It's possible to generate a SAS token with the device explorer tool, the CLI extension command az iot hub generate-sas-
token, or the Azure IoT Tools for Visual Studio Code.
The result, which grants access to all functionality for device1, would be:
SharedAccessSignature sr=myhub.azure-
devices.net%2fdevices%2fdevice1&sig=13y8ejUk2z7PLmvtwR5RqlGBOVwiq7rQR3WZ5xZX3N4%3D&se=1456971697&skn=device
A protocol gateway could use the same token for all devices simply setting the resource URI to
myhub.azure-devices.net/devices .
ENDPOINT FUNCTIONALITY
{iot hub host name}/devices Create, update, retrieve, and delete device identities.
As an example, a service generating using the pre-created shared access policy called registryRead would create
a token with the following parameters:
resource URI: {IoT hub name}.azure-devices.net/devices ,
signing key: one of the keys of the registryRead policy,
policy name: registryRead ,
any expiration time.
The result, which would grant access to read all device identities, would be:
SharedAccessSignature sr=myhub.azure-
devices.net%2fdevices&sig=JdyscqTpXdEJs49elIUCcohw2DlFDR3zfH5KqGJo4r4%3D&se=1456973447&skn=registryRead
NOTE
You can use the .NET class SharedAccessSignatureBuilder or the Java class IotHubServiceSasToken to create a token in your
token service.
The token service can set the token expiration as desired. When the token expires, the IoT hub severs the
device/module connection. Then, the device/module must request a new token from the token service. A short
expiry time increases the load on both the device/module and the token service.
For a device/module to connect to your hub, you must still add it to the IoT Hub identity registry — even though
it is using a token and not a key to connect. Therefore, you can continue to use per-device/per-module access
control by enabling or disabling device/module identities in the identity registry. This approach mitigates the
risks of using tokens with long expiry times.
Comparison with a custom gateway
The token service pattern is the recommended way to implement a custom identity registry/authentication
scheme with IoT Hub. This pattern is recommended because IoT Hub continues to handle most of the solution
traffic. However, if the custom authentication scheme is so intertwined with the protocol, you may require a
custom gateway to process all the traffic. An example of such a scenario is using Transport Layer Security (TLS )
and pre-shared keys (PSKs). For more information, see the protocol gateway article.
Reference topics:
The following reference topics provide you with more information about controlling access to your IoT hub.
PERMISSION NOTES
RegistryReadWrite Grants read and write access to the identity registry. For
more information, see Identity registry.
This permission is used by back-end cloud services.
PERMISSION NOTES
Next steps
Now that you have learned how to control access IoT Hub, you may be interested in the following IoT Hub
developer guide topics:
Use device twins to synchronize state and configurations
Invoke a direct method on a device
Schedule jobs on multiple devices
If you would like to try out some of the concepts described in this article, see the following IoT Hub tutorials:
Get started with Azure IoT Hub
How to send cloud-to-device messages with IoT Hub
How to process IoT Hub device-to-cloud messages
Understand and use device twins in IoT Hub
12/4/2019 • 11 minutes to read • Edit Online
Device twins are JSON documents that store device state information including metadata, configurations,
and conditions. Azure IoT Hub maintains a device twin for each device that you connect to IoT Hub.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about
the basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Device twins
Device twins store device-related information that:
Device and back ends can use to synchronize device conditions and configuration.
The solution back end can use to query and target long-running operations.
The lifecycle of a device twin is linked to the corresponding device identity. Device twins are implicitly
created and deleted when a device identity is created or deleted in IoT Hub.
A device twin is a JSON document that includes:
Tags. A section of the JSON document that the solution back end can read from and write to. Tags
are not visible to device apps.
Desired properties. Used along with reported properties to synchronize device configuration or
conditions. The solution back end can set desired properties, and the device app can read them.
The device app can also receive notifications of changes in the desired properties.
Reported properties. Used along with desired properties to synchronize device configuration or
conditions. The device app can set reported properties, and the solution back end can read and
query them.
Device identity properties. The root of the device twin JSON document contains the read-only
properties from the corresponding device identity stored in the identity registry.
In the root object are the device identity properties, and container objects for tags and both reported
and desired properties. The properties container contains some read-only elements ( $metadata ,
$etag , and $version ) described in the Device twin metadata and Optimistic concurrency sections.
NOTE
Reported properties simplify scenarios where the solution back end is interested in the last known value of a
property. Use device-to-cloud messages if the solution back end needs to process device telemetry in the form of
sequences of timestamped events, such as time series.
"desired": {
"telemetryConfig": {
"sendFrequency": "5m"
},
...
},
2. The device app is notified of the change immediately if connected, or at the first reconnect. The
device app then reports the updated configuration (or an error condition using the status
property). Here is the portion of the reported properties:
"reported": {
"telemetryConfig": {
"sendFrequency": "5m",
"status": "success"
}
...
}
3. The solution back end can track the results of the configuration operation across many devices by
querying device twins.
NOTE
The preceding snippets are examples, optimized for readability, of one way to encode a device configuration and its
status. IoT Hub does not impose a specific schema for the device twin desired and reported properties in the
device twins.
You can use twins to synchronize long-running operations such as firmware updates. For more
information on how to use properties to synchronize and track a long running operation across devices,
see Use desired properties to configure devices.
Back-end operations
The solution back end operates on the device twin using the following atomic operations, exposed
through HTTPS:
Retrieve device twin by ID. This operation returns the device twin document, including tags and
desired and reported system properties.
Partially update device twin. This operation enables the solution back end to partially update
the tags or desired properties in a device twin. The partial update is expressed as a JSON
document that adds or updates any property. Properties set to null are removed. The following
example creates a new desired property with value {"newProperty": "newValue"} , overwrites the
existing value of existingProperty with "otherNewValue" , and removes otherOldProperty . No
other changes are made to existing desired properties or tags:
{
"properties": {
"desired": {
"newProperty": {
"nestedProperty": "newValue"
},
"existingProperty": "otherNewValue",
"otherOldProperty": null
}
}
}
Replace desired properties. This operation enables the solution back end to completely
overwrite all existing desired properties and substitute a new JSON document for
properties/desired .
Replace tags. This operation enables the solution back end to completely overwrite all existing
tags and substitute a new JSON document for tags .
Receive twin notifications. This operation allows the solution back end to be notified when the
twin is modified. To do so, your IoT solution needs to create a route and to set the Data Source
equal to twinChangeEvents. By default, no such routes pre-exist, so no twin notifications are sent. If
the rate of change is too high, or for other reasons such as internal failures, the IoT Hub might send
only one notification that contains all changes. Therefore, if your application needs reliable auditing
and logging of all intermediate states, you should use device-to-cloud messages. The twin
notification message includes properties and body.
Properties
NAME VALUE
$content-type application/json
$iothub-message-source twinChangeEvents
$content-encoding utf-8
iothub-message-schema twinChangeNotification
All the preceding operations support Optimistic concurrency and require the ServiceConnect
permission, as defined in Control access to IoT Hub.
In addition to these operations, the solution back end can:
Query the device twins using the SQL -like IoT Hub query language.
Perform operations on large sets of device twins using jobs.
Device operations
The device app operates on the device twin using the following atomic operations:
Retrieve device twin. This operation returns the device twin document (including desired and
reported system properties) for the currently connected device. (Tags are not visible to device
apps.)
Partially update reported properties. This operation enables the partial update of the reported
properties of the currently connected device. This operation uses the same JSON update format
that the solution back end uses for a partial update of desired properties.
Observe desired properties. The currently connected device can choose to be notified of updates
to the desired properties when they happen. The device receives the same form of update (partial
or full replacement) executed by the solution back end.
All the preceding operations require the DeviceConnect permission, as defined in Control Access to IoT
Hub.
The Azure IoT device SDKs make it easy to use the preceding operations from many languages and
platforms. For more information on the details of IoT Hub primitives for desired properties
synchronization, see Device reconnection flow.
{
...
"tags": {
"one": {
"two": {
"three": {
"four": {
"five": {
"six": {
"seven": {
"eight": {
"nine": {
"ten": {
"property": "value"
}
}
}
}
}
}
}
}
}
}
},
...
}
The size is computed by counting all characters, excluding UNICODE control characters (segments C0
and C1) and spaces that are outside of string constants.
IoT Hub rejects with an error all operations that would increase the size of those documents above the
limit.
For example:
{
...
"properties": {
"desired": {
"telemetryConfig": {
"sendFrequency": "5m"
},
"$metadata": {
"telemetryConfig": {
"sendFrequency": {
"$lastUpdated": "2016-03-30T16:24:48.789Z"
},
"$lastUpdated": "2016-03-30T16:24:48.789Z"
},
"$lastUpdated": "2016-03-30T16:24:48.789Z"
},
"$version": 23
},
"reported": {
"telemetryConfig": {
"sendFrequency": "5m",
"status": "success"
},
"batteryLevel": "55%",
"$metadata": {
"telemetryConfig": {
"sendFrequency": "5m",
"status": {
"$lastUpdated": "2016-03-31T16:35:48.789Z"
},
"$lastUpdated": "2016-03-31T16:35:48.789Z"
},
"batteryLevel": {
"$lastUpdated": "2016-04-01T16:35:48.789Z"
},
"$lastUpdated": "2016-04-01T16:24:48.789Z"
},
"$version": 123
}
}
...
}
This information is kept at every level (not just the leaves of the JSON structure) to preserve updates that
remove object keys.
Optimistic concurrency
Tags, desired, and reported properties all support optimistic concurrency. Tags have an ETag, as per
RFC7232, that represents the tag's JSON representation. You can use ETags in conditional update
operations from the solution back end to ensure consistency.
Device twin desired and reported properties do not have ETags, but have a $version value that is
guaranteed to be incremental. Similarly to an ETag, the version can be used by the updating party to
enforce consistency of updates. For example, a device app for a reported property or the solution back
end for a desired property.
Versions are also useful when an observing agent (such as the device app observing the desired
properties) must reconcile races between the result of a retrieve operation and an update notification. The
Device reconnection flow section provides more information.
Device reconnection flow
IoT Hub does not preserve desired properties update notifications for disconnected devices. It follows
that a device that is connecting must retrieve the full desired properties document, in addition to
subscribing for update notifications. Given the possibility of races between update notifications and full
retrieval, the following flow must be ensured:
1. Device app connects to an IoT hub.
2. Device app subscribes for desired properties update notifications.
3. Device app retrieves the full document for desired properties.
The device app can ignore all notifications with $version less or equal than the version of the full
retrieved document. This approach is possible because IoT Hub guarantees that versions always
increment.
NOTE
This logic is already implemented in the Azure IoT device SDKs. This description is useful only if the device app
cannot use any of Azure IoT device SDKs and must program the MQTT interface directly.
Next steps
Now you have learned about device twins, you may be interested in the following IoT Hub developer
guide topics:
Understand and use module twins in IoT Hub
Invoke a direct method on a device
Schedule jobs on multiple devices
To try out some of the concepts described in this article, see the following IoT Hub tutorials:
How to use the device twin
How to use device twin properties
Device management with Azure IoT Tools for VS Code
Understand and use module twins in IoT Hub
12/4/2019 • 10 minutes to read • Edit Online
This article assumes you've read Understand and use device twins in IoT Hub first. In IoT Hub, under each device
identity, you can create up to 20 module identities. Each module identity implicitly generates a module twin.
Similar to device twins, module twins are JSON documents that store module state information including
metadata, configurations, and conditions. Azure IoT Hub maintains a module twin for each module that you
connect to IoT Hub.
On the device side, the IoT Hub device SDKs enable you to create modules where each one opens an
independent connection to IoT Hub. This functionality enables you to use separate namespaces for different
components on your device. For example, you have a vending machine that has three different sensors. Each
sensor is controlled by different departments in your company. You can create a module for each sensor. This
way, each department is only able to send jobs or direct methods to the sensor that they control, avoiding
conflicts and user errors.
Module identity and module twin provide the same capabilities as device identity and device twin but at a finer
granularity. This finer granularity enables capable devices, such as operating system-based devices or firmware
devices managing multiple components, to isolate configuration and conditions for each of those components.
Module identity and module twins provide a management separation of concerns when working with IoT
devices that have modular software components. We aim at supporting all the device twin functionality at
module twin level by module twin general availability.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Module twins
Module twins store module-related information that:
Modules on the device and IoT Hub can use to synchronize module conditions and configuration.
The solution back end can use to query and target long-running operations.
The lifecycle of a module twin is linked to the corresponding module identity. Modules twins are implicitly
created and deleted when a module identity is created or deleted in IoT Hub.
A module twin is a JSON document that includes:
Tags. A section of the JSON document that the solution back end can read from and write to. Tags are not
visible to modules on the device. Tags are set for querying purpose.
Desired properties. Used along with reported properties to synchronize module configuration or
conditions. The solution back end can set desired properties, and the module app can read them. The
module app can also receive notifications of changes in the desired properties.
Reported properties. Used along with desired properties to synchronize module configuration or
conditions. The module app can set reported properties, and the solution back end can read and query
them.
Module identity properties. The root of the module twin JSON document contains the read-only
properties from the corresponding module identity stored in the identity registry.
In the root object are the module identity properties, and container objects for tags and both reported and
desired properties. The properties container contains some read-only elements ( $metadata , $etag , and
$version ) described in the Module twin metadata and Optimistic concurrency sections.
NOTE
Reported properties simplify scenarios where the solution back end is interested in the last known value of a property. Use
device-to-cloud messages if the solution back end needs to process module telemetry in the form of sequences of
timestamped events, such as time series.
...
"desired": {
"telemetryConfig": {
"sendFrequency": "5m"
},
...
},
...
2. The module app is notified of the change immediately if connected, or at the first reconnect. The module
app then reports the updated configuration (or an error condition using the status property). Here is the
portion of the reported properties:
"reported": {
"telemetryConfig": {
"sendFrequency": "5m",
"status": "success"
}
...
}
3. The solution back end can track the results of the configuration operation across many modules, by
querying module twins.
NOTE
The preceding snippets are examples, optimized for readability, of one way to encode a module configuration and its status.
IoT Hub does not impose a specific schema for the module twin desired and reported properties in the module twins.
Back-end operations
The solution back end operates on the module twin using the following atomic operations, exposed through
HTTPS:
Retrieve module twin by ID. This operation returns the module twin document, including tags and
desired and reported system properties.
Partially update module twin. This operation enables the solution back end to partially update the tags
or desired properties in a module twin. The partial update is expressed as a JSON document that adds or
updates any property. Properties set to null are removed. The following example creates a new desired
property with value {"newProperty": "newValue"} , overwrites the existing value of existingProperty with
"otherNewValue" , and removes otherOldProperty . No other changes are made to existing desired
properties or tags:
{
"properties": {
"desired": {
"newProperty": {
"nestedProperty": "newValue"
},
"existingProperty": "otherNewValue",
"otherOldProperty": null
}
}
}
Replace desired properties. This operation enables the solution back end to completely overwrite all
existing desired properties and substitute a new JSON document for properties/desired .
Replace tags. This operation enables the solution back end to completely overwrite all existing tags and
substitute a new JSON document for tags .
Receive twin notifications. This operation allows the solution back end to be notified when the twin is
modified. To do so, your IoT solution needs to create a route and to set the Data Source equal to
twinChangeEvents. By default, no twin notifications are sent, that is, no such routes pre-exist. If the rate of
change is too high, or for other reasons such as internal failures, the IoT Hub might send only one
notification that contains all changes. Therefore, if your application needs reliable auditing and logging of
all intermediate states, you should use device-to-cloud messages. The twin notification message includes
properties and body.
Properties
NAME VALUE
$content-type application/json
$iothub-message-source twinChangeEvents
$content-encoding utf-8
iothub-message-schema twinChangeNotification
{
"properties": {
"desired": {
"$metadata": {
"$lastUpdated": "2016-02-30T16:24:48.789Z"
},
"$version": 1
},
"reported": {
"$metadata": {
"$lastUpdated": "2016-02-30T16:24:48.789Z"
},
"$version": 1
}
}
}
All the preceding operations support Optimistic concurrency and require the ServiceConnect permission, as
defined in the Control Access to IoT Hub article.
In addition to these operations, the solution back end can query the module twins using the SQL -like IoT Hub
query language.
Module operations
The module app operates on the module twin using the following atomic operations:
Retrieve module twin. This operation returns the module twin document (including tags and desired
and reported system properties) for the currently connected module.
Partially update reported properties. This operation enables the partial update of the reported
properties of the currently connected module. This operation uses the same JSON update format that the
solution back end uses for a partial update of desired properties.
Observe desired properties. The currently connected module can choose to be notified of updates to the
desired properties when they happen. The module receives the same form of update (partial or full
replacement) executed by the solution back end.
All the preceding operations require the ModuleConnect permission, as defined in the Control Access to IoT
Hub article.
The Azure IoT device SDKs make it easy to use the preceding operations from many languages and platforms.
The size is computed by counting all characters, excluding UNICODE control characters (segments C0 and C1)
and spaces that are outside of string constants.
IoT Hub rejects with an error all operations that would increase the size of those documents above the limit.
This information is kept at every level (not just the leaves of the JSON structure) to preserve updates that
remove object keys.
Optimistic concurrency
Tags, desired, and reported properties all support optimistic concurrency. Tags have an ETag, as per RFC7232,
that represents the tag's JSON representation. You can use ETags in conditional update operations from the
solution back end to ensure consistency.
Module twin desired and reported properties do not have ETags, but have a $version value that is guaranteed
to be incremental. Similarly to an ETag, the version can be used by the updating party to enforce consistency of
updates. For example, a module app for a reported property or the solution back end for a desired property.
Versions are also useful when an observing agent (such as the module app observing the desired properties)
must reconcile races between the result of a retrieve operation and an update notification. The section Device
reconnection flow provides more information.
Next steps
To try out some of the concepts described in this article, see the following IoT Hub tutorials:
Get started with IoT Hub module identity and module twin using .NET back end and .NET device
Understand and invoke direct methods from IoT
Hub
12/18/2019 • 5 minutes to read • Edit Online
IoT Hub gives you the ability to invoke direct methods on devices from the cloud. Direct methods represent a
request-reply interaction with a device similar to an HTTP call in that they succeed or fail immediately (after a
user-specified timeout). This approach is useful for scenarios where the course of immediate action is different
depending on whether the device was able to respond.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Each device method targets a single device. Schedule jobs on multiple devices shows how to provide a way to
invoke direct methods on multiple devices, and schedule method invocation for disconnected devices.
Anyone with service connect permissions on IoT Hub may invoke a method on a device.
Direct methods follow a request-response pattern and are meant for communications that require immediate
confirmation of their result. For example, interactive control of the device, such as turning on a fan.
Refer to Cloud-to-device communication guidance if in doubt between using desired properties, direct
methods, or cloud-to-device messages.
Method lifecycle
Direct methods are implemented on the device and may require zero or more inputs in the method payload to
correctly instantiate. You invoke a direct method through a service-facing URI (
{iot hub}/twins/{device id}/methods/ ). A device receives direct methods through a device-specific MQTT topic
( $iothub/methods/POST/{method name}/ ) or through AMQP links (the IoThub-methodname and IoThub-status
application properties).
NOTE
When you invoke a direct method on a device, property names and values can only contain US-ASCII printable
alphanumeric, except any in the following set:
{'$', '(', ')', '<', '>', '@', ',', ';', ':', '\', '"', '/', '[', ']', '?', '=', '{', '}', SP, HT}
Direct methods are synchronous and either succeed or fail after the timeout period (default: 30 seconds,
settable up to 300 seconds). Direct methods are useful in interactive scenarios where you want a device to act if
and only if the device is online and receiving commands. For example, turning on a light from a phone. In these
scenarios, you want to see an immediate success or failure so the cloud service can act on the result as soon as
possible. The device may return some message body as a result of the method, but it isn't required for the
method to do so. There is no guarantee on ordering or any concurrency semantics on method calls.
Direct methods are HTTPS -only from the cloud side, and MQTT or AMQP from the device side.
The payload for method requests and responses is a JSON document up to 128 KB.
Invoke a direct method from a back-end app
Now, invoke a direct method from a back-end app.
Method invocation
Direct method invocations on a device are HTTPS calls that are made up of the following items:
The request URI specific to the device along with the API version:
https://fully-qualified-iothubname.azure-devices.net/twins/{deviceId}/methods?api-version=2018-06-30
{
"methodName": "reboot",
"responseTimeoutInSeconds": 200,
"payload": {
"input1": "someInput",
"input2": "anotherInput"
}
}
curl -X POST \
https://iothubname.azure-devices.net/twins/myfirstdevice/methods?api-version=2018-06-30 \
-H 'Authorization: SharedAccessSignature sr=iothubname.azure-devices.net&sig=x&se=x&skn=iothubowner' \
-H 'Content-Type: application/json' \
-d '{
"methodName": "reboot",
"responseTimeoutInSeconds": 200,
"payload": {
"input1": "someInput",
"input2": "anotherInput"
}
}'
Response
The back-end app receives a response that is made up of the following items:
HTTP status code, which is used for errors coming from the IoT Hub, including a 404 error for devices
not currently connected.
Headers that contain the ETag, request ID, content type, and content encoding.
A JSON body in the following format:
{
"status" : 201,
"payload" : {...}
}
Both status and body are provided by the device and used to respond with the device's own status
code and/or description.
Method invocation for IoT Edge modules
Invoking direct methods using a module ID is supported in the IoT Service Client C# SDK.
For this purpose, use the ServiceClient.InvokeDeviceMethodAsync() method and pass in the deviceId and
moduleId as parameters.
{
"input1": "someInput",
"input2": "anotherInput"
}
The AMQP message arrives on the receive link that represents the method request. It contains the following
sections:
The correlation ID property, which contains a request ID that should be passed back with the
corresponding method response.
An application property named IoThub-methodname , which contains the name of the method being
invoked.
The AMQP message body containing the method payload as JSON.
Response
The device creates a sending link to return the method response on address
amqps://{hostname}:5671/devices/{deviceId}/methods/deviceBound .
The method’s response is returned on the sending link and is structured as follows:
The correlation ID property, which contains the request ID passed in the method’s request message.
An application property named IoThub-status , which contains the user supplied method status.
The AMQP message body containing the method response as JSON.
Next steps
Now you have learned how to use direct methods, you may be interested in the following IoT Hub developer
guide article:
Schedule jobs on multiple devices
If you would like to try out some of the concepts described in this article, you may be interested in the
following IoT Hub tutorial:
Use direct methods
Device management with Azure IoT Tools for VS Code
Schedule jobs on multiple devices
5/7/2019 • 4 minutes to read • Edit Online
Azure IoT Hub enables a number of building blocks like device twin properties and tags and direct methods.
Typically, back-end apps enable device administrators and operators to update and interact with IoT devices in
bulk and at a scheduled time. Jobs execute device twin updates and direct methods against a set of devices at a
scheduled time. For example, an operator would use a back-end app that initiates and tracks a job to reboot a
set of devices in building 43 and floor 3 at a time that would not be disruptive to the operations of the building.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Consider using jobs when you need to schedule and track progress any of the following activities on a set of
devices:
Update desired properties
Update tags
Invoke direct methods
Job lifecycle
Jobs are initiated by the solution back end and maintained by IoT Hub. You can initiate a job through a service-
facing URI ( PUT https://<iot hub>/jobs/v2/<jobID>?api-version=2018-06-30 ) and query for progress on an
executing job through a service-facing URI ( GET https://<iot hub>/jobs/v2/<jobID?api-version=2018-06-30 ). To
refresh the status of running jobs once a job is initiated, run a job query.
NOTE
When you initiate a job, property names and values can only contain US-ASCII printable alphanumeric, except any in the
following set: $ ( ) < > @ , ; : \ " / [ ] ? = { } SP HT
Authorization: <config.sharedAccessSignature>
Content-Type: application/json; charset=utf-8
{
"jobId": "<jobId>",
"type": "scheduleDeviceMethod",
"cloudToDeviceMethod": {
"methodName": "<methodName>",
"payload": <payload>,
"responseTimeoutInSeconds": methodTimeoutInSeconds
},
"queryCondition": "<queryOrDevices>", // query condition
"startTime": <jobStartTime>, // as an ISO-8601 date string
"maxExecutionTimeInSeconds": <maxExecutionTimeInSeconds>
}
The query condition can also be on a single device ID or on a list of device IDs as shown in the following
examples:
IoT Hub Query Language covers IoT Hub query language in additional detail.
The following snippet shows the request and response for a job scheduled to call a direct method named
testMethod on all devices on contoso-hub-1:
{
"jobId": "job01",
"type": "scheduleDeviceMethod",
"cloudToDeviceMethod": {
"methodName": "testMethod",
"payload": {},
"responseTimeoutInSeconds": 30
},
"queryCondition": "*",
"startTime": "2019-05-04T15:53:00.077Z",
"maxExecutionTimeInSeconds": 20
}
HTTP/1.1 200 OK
Content-Length: 65
Content-Type: application/json; charset=utf-8
Vary: Origin
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 03 May 2019 01:46:18 GMT
{"jobId":"job01","type":"scheduleDeviceMethod","status":"queued"}
PUT /jobs/v2/<jobId>?api-version=2018-06-30
Authorization: <config.sharedAccessSignature>
Content-Type: application/json; charset=utf-8
{
"jobId": "<jobId>",
"type": "scheduleUpdateTwin",
"updateTwin": <patch> // Valid JSON object
"queryCondition": "<queryOrDevices>", // query condition
"startTime": <jobStartTime>, // as an ISO-8601 date string
"maxExecutionTimeInSeconds": <maxExecutionTimeInSeconds>
}
NOTE
The updateTwin property requires a valid etag match; for example, etag="*" .
The following snippet shows the request and response for a job scheduled to update device twin properties for
test-device on contoso-hub-1:
{
"jobId": "job02",
"type": "scheduleUpdateTwin",
"updateTwin": {
"properties": {
"desired": {
"test1": "value1"
}
},
"etag": "*"
},
"queryCondition": "deviceId = 'test-device'",
"startTime": "2019-05-08T12:19:56.868Z",
"maxExecutionTimeInSeconds": 20
}
HTTP/1.1 200 OK
Content-Length: 63
Content-Type: application/json; charset=utf-8
Vary: Origin
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 03 May 2019 22:45:13 GMT
{"jobId":"job02","type":"scheduleUpdateTwin","status":"queued"}
Authorization: <config.sharedAccessSignature>
Content-Type: application/json; charset=utf-8
Jobs Properties
The following list shows the properties and corresponding descriptions, which can be used when querying for
jobs or job results.
PROPERTY DESCRIPTION
endTime IoT Hub provided date (ISO-8601) for when the job
completed. Valid only after the job reaches the 'completed'
state.
deviceJobStatistics properties:
PROPERTY DESCRIPTION
Next steps
To try out some of the concepts described in this article, see the following IoT Hub tutorial:
Schedule and broadcast jobs
Reference - IoT Hub endpoints
12/23/2019 • 4 minutes to read • Edit Online
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management,
are only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see
How to choose the right IoT Hub tier.
Custom endpoints
You can link existing Azure services in your subscription to your IoT hub to act as endpoints for message
routing. These endpoints act as service endpoints and are used as sinks for message routes. Devices cannot
write directly to the additional endpoints. Learn more about message routing.
IoT Hub currently supports the following Azure services as additional endpoints:
Azure Storage containers
Event Hubs
Service Bus Queues
Service Bus Topics
For the limits on the number of endpoints you can add, see Quotas and throttling.
You can use the REST API Get Endpoint Health to get health status of the endpoints. We recommend using
the IoT Hub metrics related to routing message latency to identify and debug errors when endpoint health is
dead or unhealthy, as we expect latency to be higher when the endpoint is in one of those states.
Field gateways
In an IoT solution, a field gateway sits between your devices and your IoT Hub endpoints. It is typically
located close to your devices. Your devices communicate directly with the field gateway by using a protocol
supported by the devices. The field gateway connects to an IoT Hub endpoint using a protocol that is
supported by IoT Hub. A field gateway might be a dedicated hardware device or a low -power computer
running custom gateway software.
You can use Azure IoT Edge to implement a field gateway. IoT Edge offers functionality such as multiplexing
communications from multiple devices onto the same IoT Hub connection.
Next steps
Other reference topics in this IoT Hub developer guide include:
IoT Hub query language for device twins, jobs, and message routing
Quotas and throttling
IoT Hub MQTT support
Understand your IoT hub IP address
IoT Hub query language for device and module
twins, jobs, and message routing
6/27/2019 • 12 minutes to read • Edit Online
IoT Hub provides a powerful SQL -like language to retrieve information regarding device twins, module
twins, jobs, and message routing. This article presents:
An introduction to the major features of the IoT Hub query language, and
The detailed description of the language. For details on query language for message routing, see queries
in message routing.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management,
are only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers,
see How to choose the right IoT Hub tier.
NOTE
Azure IoT SDKs support paging of large results.
IoT Hub allows you to retrieve device twins filtering with arbitrary conditions. For instance, to receive device
twins where the location.region tag is set to US use the following query:
SELECT * FROM devices
WHERE tags.location.region = 'US'
Boolean operators and arithmetic comparisons are supported as well. For example, to retrieve device twins
located in the US and configured to send telemetry less than every minute, use the following query:
As a convenience, it is also possible to use array constants with the IN and NIN (not in) operators. For
instance, to retrieve device twins that report WiFi or wired connectivity use the following query:
It is often necessary to identify all device twins that contain a specific property. IoT Hub supports the function
is_defined() for this purpose. For instance, to retrieve device twins that define the connectivity property
use the following query:
Refer to the WHERE clause section for the full reference of the filtering capabilities.
Grouping and aggregations are also supported. For instance, to find the count of devices in each telemetry
configuration status, use the following query:
This grouping query would return a result similar to the following example:
[
{
"numberOfDevices": 3,
"status": "Success"
},
{
"numberOfDevices": 2,
"status": "Pending"
},
{
"numberOfDevices": 1,
"status": "Error"
}
]
In this example, three devices reported successful configuration, two are still applying the configuration, and
one reported an error.
Projection queries allow developers to return only the properties they care about. For example, to retrieve
the last activity time of all disconnected devices use the following query:
SELECT LastActivityTime FROM devices WHERE status = 'enabled'
We don't allow join between the devices and devices.modules collections. If you want to query module twins
across devices, you do it based on tags. This query will return all module twins across all devices with the
scanning status:
This query will return all module twins with the scanning status, but only on the specified subset of devices:
C# example
The query functionality is exposed by the C# service SDK in the RegistryManager class.
Here is an example of a simple query:
The query object is instantiated with a page size (up to 100). Then multiple pages are retrieved by calling the
GetNextAsTwinAsync methods multiple times.
The query object exposes multiple Next values, depending on the deserialization option required by the
query. For example, device twin or job objects, or plain JSON when using projections.
Node.js example
The query functionality is exposed by the Azure IoT service SDK for Node.js in the Registry object.
Here is an example of a simple query:
var query = registry.createQuery('SELECT * FROM devices', 100);
var onResults = function(err, results) {
if (err) {
console.error('Failed to fetch the results: ' + err.message);
} else {
// Do something with the results
results.forEach(function(twin) {
console.log(twin.deviceId);
});
if (query.hasMoreResults) {
query.nextAsTwin(onResults);
}
}
};
query.nextAsTwin(onResults);
The query object is instantiated with a page size (up to 100). Then multiple pages are retrieved by calling the
nextAsTwin method multiple times.
The query object exposes multiple Next values, depending on the deserialization option required by the
query. For example, device twin or job objects, or plain JSON when using projections.
Limitations
IMPORTANT
Query results can have a few minutes of delay with respect to the latest values in device twins. If querying individual
device twins by ID, use the retrieve device twin API. This API always contains the latest values and has higher throttling
limits.
Currently, comparisons are supported only between primitive types (no objects), for instance
... WHERE properties.desired.config = properties.reported.config is supported only if those properties have
primitive values.
Currently, this collection is queryable as devices.jobs in the IoT Hub query language.
IMPORTANT
Currently, the jobs property is never returned when querying device twins. That is, queries that contain 'FROM
devices'. The jobs property can only be accessed directly with queries using FROM devices.jobs .
For instance, to get all jobs (past and scheduled) that affect a single device, you can use the following query:
Note how this query provides the device-specific status (and possibly the direct method response) of each
job returned.
It is also possible to filter with arbitrary Boolean conditions on all object properties in the devices.jobs
collection.
For instance, to retrieve all completed device twin update jobs that were created after September 2016 for a
specific device, use the following query:
Limitations
Currently, queries on devices.jobs do not support:
Projections, therefore only SELECT * is possible.
Conditions that refer to the device twin in addition to job properties (see the preceding section).
Performing aggregations, such as count, avg, group by.
SELECT <select_list>
FROM <from_specification>
[WHERE <filter_condition>]
[GROUP BY <group_specification>]
FROM clause
The FROM <from_specification> clause can assume only three values: FROM devices to query device
twins, FROM devices.modules to query module twins, or FROM devices.jobs to query job per-device
details.
WHERE clause
The WHERE <filter_condition> clause is optional. It specifies one or more conditions that the JSON
documents in the FROM collection must satisfy to be included as part of the result. Any JSON document
must evaluate the specified conditions to "true" to be included in the result.
The allowed conditions are described in section Expressions and conditions.
SELECT clause
The SELECT <select_list> is mandatory and specifies what values are retrieved from the query. It specifies
the JSON values to be used to generate new JSON objects. For each element of the filtered (and optionally
grouped) subset of the FROM collection, the projection phase generates a new JSON object. This object is
constructed with the values specified in the SELECT clause.
Following is the grammar of the SELECT clause:
SELECT [TOP <max number>] <projection list>
<projection_list> ::=
'*'
| <projection_element> AS alias [, <projection_element> AS alias]+
<projection_element> :==
attribute_name
| <projection_element> '.' attribute_name
| <aggregate>
<aggregate> :==
count()
| avg(<projection_element>)
| sum(<projection_element>)
| min(<projection_element>)
| max(<projection_element>)
Attribute_name refers to any property of the JSON document in the FROM collection. Some examples of
SELECT clauses can be found in the Getting started with device twin queries section.
Currently, selection clauses different than SELECT* are only supported in aggregate queries on device twins.
GROUP BY clause
The GROUP BY <group_specification> clause is an optional step that executes after the filter specified in
the WHERE clause, and before the projection specified in the SELECT. It groups documents based on the
value of an attribute. These groups are used to generate aggregated values as specified in the SELECT clause.
An example of a query using GROUP BY is:
GROUP BY <group_by_element>
<group_by_element> :==
attribute_name
| < group_by_element > '.' attribute_name
Attribute_name refers to any property of the JSON document in the FROM collection.
Currently, the GROUP BY clause is only supported when querying device twins.
IMPORTANT
The term group is currently treated as a special keyword in queries. In case, you use group as your property name,
consider surrounding it with double brackets to avoid errors, e.g.,
SELECT * FROM devices WHERE tags.[[group]].name = 'some_value' .
<expression> ::=
<constant> |
attribute_name |
<function_call> |
<expression> binary_operator <expression> |
<create_array_expression> |
'(' <expression> ')'
<function_call> ::=
<function_name> '(' expression ')'
<constant> ::=
<undefined_constant>
| <null_constant>
| <number_constant>
| <string_constant>
| <array_constant>
To understand what each symbol in the expressions syntax stands for, refer to the following table:
SYMBOL DEFINITION
Operators
The following operators are supported:
FAMILY OPERATORS
Arithmetic +, -, *, /, %
Functions
When querying twins and jobs the only supported function is:
FUNCTION DESCRIPTION
FUNCTION DESCRIPTION
SIGN(x) Returns the positive (+1), zero (0), or negative (-1) sign of
the specified numeric expression.
In routes conditions, the following type checking and casting functions are supported:
FUNCTION DESCRIPTION
FUNCTION DESCRIPTION
SUBSTRING(string, start [, length]) Returns part of a string expression starting at the specified
character zero-based position and continues to the
specified length, or to the end of the string.
INDEX_OF(string, fragment) Returns the starting position of the first occurrence of the
second string expression within the first specified string
expression, or -1 if the string is not found.
This article explains the quotas for an IoT Hub, and provides information to help you understand how
throttling works.
Operation throttles
Operation throttles are rate limitations that are applied in minute ranges and are intended to prevent abuse.
They're also subject to traffic shaping.
The following table shows the enforced throttles. Values refer to an individual hub.
File upload 1.67 file upload 1.67 file upload 83.33 file upload
initiations/sec/unit initiations/sec/unit initiations/sec/unit
(100/min/unit) (100/min/unit) (5,000/min/unit)
Maximum number of 50 50 50
concurrently connected
device streams1
THROTTLE FREE, B1, AND S1 B2 AND S2 B3 AND S3
1This feature is not available in the basic tier of IoT Hub. For more information, see How to choose the right
IoT Hub.
2Throttling meter size is 4 KB.
Throttling Details
The meter size determines at what increments your throttling limit is consumed. If your direct call's
payload is between 0 and 4 KB, it is counted as 4 KB. You can make up to 40 calls per second per unit
before hitting the limit of 160 KB/sec/unit.
Similarly, if your payload is between 4 KB and 8 KB, each call accounts for 8 KB and you can make up
to 20 calls per second per unit before hitting the max limit.
Finally, if your payload size is between 156KB and 160 KB, you'll be able to make only 1 call per
second per unit in your hub before hitting the limit of 160 KB/sec/unit.
For Jobs device operations (update twin, invoke direct method ) for tier S2, 50/sec/unit only applies to
when you invoke methods using jobs. If you invoke direct methods directly, the original throttling
limit of 24 MB/sec/unit (for S2) applies.
Quota is the aggregate number of messages you can send in your hub per day. You can find your
hub's quota limit under the column Total number of messages /day on the IoT Hub pricing page.
Your cloud-to-device and device-to-cloud throttles determine the maximum rate at which you can
send messages -- number of messages irrespective of 4 KB chunks. Each message can be up to 256
KB which is the maximum message size.
It's a good practice to throttle your calls so that you don't hit/exceed the throttling limits. If you do hit
the limit, IoT Hub responds with error code 429 and the client should back-off and retry. These limits
are per hub (or in some cases per hub/unit). For more information, refer to Manage connectivity and
reliable messaging/Retry patterns.
Traffic shaping
To accommodate burst traffic, IoT Hub accepts requests above the throttle for a limited time. The first few of
these requests are processed immediately. However, if the number of requests continues violate the throttle,
IoT Hub starts placing the requests in a queue and processed at the limit rate. This effect is called traffic
shaping. Furthermore, the size of this queue is limited. If the throttle violation continues, eventually the
queue fills up, and IoT Hub starts rejecting requests with 429 ThrottlingException .
For example, you use a simulated device to send 200 device-to-cloud messages per second to your S1 IoT
Hub (which has a limit of 100/sec D2C sends). For the first minute or two, the messages are processed
immediately. However, since the device continues to send more messages than the throttle limit, IoT Hub
begins to only process 100 messages per second and puts the rest in a queue. You start noticing increased
latency. Eventually, you start getting 429 ThrottlingException as the queue fills up, and the "number of
throttle errors" in IoT Hub's metrics starts increasing.
Identity registry operations throttle
Device identity registry operations are intended for run-time use in device management and provisioning
scenarios. Reading or updating a large number of device identities is supported through import and export
jobs.
Device connections throttle
The device connections throttle governs the rate at which new device connections can be established with an
IoT hub. The device connections throttle does not govern the maximum number of simultaneously
connected devices. The device connections rate throttle depends on the number of units that are provisioned
for the IoT hub.
For example, if you buy a single S1 unit, you get a throttle of 100 connections per second. Therefore, to
connect 100,000 devices, it takes at least 1,000 seconds (approximately 16 minutes). However, you can have
as many simultaneously connected devices as you have devices registered in your identity registry.
Other limits
IoT Hub enforces other operational limits:
OPERATION LIMIT
Jobs1 Maximum concurrent jobs is 1 (for Free and S1), 5 (for S2),
and 10 (for S3). However, the max concurrent device
import/export jobs is 1 for all tiers.
Job history is retained up to 30 days.
Additional endpoints Paid SKU hubs may have 10 additional endpoints. Free
SKU hubs may have one additional endpoint.
Message routing queries Paid SKU hubs may have 100 routing queries. Free SKU
hubs may have five routing queries.
Automatic device and module configurations1 100 configurations per paid SKU hub. 20 configurations
per free SKU hub.
IoT Edge automatic deployments1 20 modules per deployment. 100 deployments (including
layered deployments) per paid SKU hub. 10 deployments
per free SKU hub.
1This feature is not available in the basic tier of IoT Hub. For more information, see How to choose the right
IoT Hub.
Latency
IoT Hub strives to provide low latency for all operations. However, due to network conditions and other
unpredictable factors it cannot guarantee a certain latency. When designing your solution, you should:
Avoid making any assumptions about the maximum latency of any IoT Hub operation.
Provision your IoT hub in the Azure region closest to your devices.
Consider using Azure IoT Edge to perform latency-sensitive operations on the device or on a gateway
close to the device.
Multiple IoT Hub units affect throttling as described previously, but do not provide any additional latency
benefits or guarantees.
If you see unexpected increases in operation latency, contact Microsoft Support.
Next steps
For an in-depth discussion of IoT Hub throttling behavior, see the blog post IoT Hub throttling and you.
Other reference topics in this IoT Hub developer guide include:
IoT Hub endpoints
Azure IoT Hub pricing information
4/4/2019 • 3 minutes to read • Edit Online
Azure IoT Hub pricing provides the general information on different SKUs and pricing for IoT Hub. This article
contains additional details on how the various IoT Hub functionalities are metered as messages by IoT Hub.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
Cloud-to-device messages Successfully sent messages are charged in 4-KB chunks, for
example a 6-KB message is charged 2 messages.
File uploads File transfer to Azure Storage is not metered by IoT Hub. File
transfer initiation and completion messages are charged as
messaged metered in 4-KB increments. For example,
transferring a 10-MB file is charged as two messages in
addition to the Azure Storage cost.
Direct methods Successful method requests are charged in 4-KB chunks, and
responses are charged in 4-KB chunks as additional messages.
Requests to disconnected devices are charged as messages in
4-KB chunks. For example, a method with a 4-KB body that
results in a response with no body from the device is charged
as two messages. A method with a 6-KB body that results in a
1-KB response from the device is charged as two messages for
the request plus another message for the response.
Device and module twin reads Twin reads from the device or module and from the solution
back end are charged as messages in 512-byte chunks. For
example, reading a 6-KB twin is charged as 12 messages.
Device and module twin updates (tags and properties) Twin updates from the device or module and from the
solution back end are charged as messages in 512-byte
chunks. For example, reading a 6-KB twin is charged as 12
messages.
Device and module twin queries Queries are charged as messages depending on the result size
in 512-byte chunks.
OPERATION BILLING INFORMATION
Jobs per-device operations Jobs operations (such as twin updates, and methods) are
charged as normal. For example, a job resulting in 1000
method calls with 1-KB requests and empty-body responses is
charged 1000 messages.
NOTE
All sizes are computed considering the payload size in bytes (protocol framing is ignored). For messages, which have
properties and body, the size is computed in a protocol-agnostic way. For more information, see IoT Hub message format.
Example #1
A device sends one 1-KB device-to-cloud message per minute to IoT Hub, which is then read by Azure Stream
Analytics. The solution back end invokes a method (with a 512-byte payload) on the device every 10 minutes to
trigger a specific action. The device responds to the method with a result of 200 bytes.
The device consumes:
One message * 60 minutes * 24 hours = 1440 messages per day for the device-to-cloud messages.
Two request plus response * 6 times per hour * 24 hours = 288 messages for the methods.
This calculation gives a total of 1728 messages per day.
Example #2
A device sends one 100-KB device-to-cloud message every hour. It also updates its device twin with 1-KB payloads
every four hours. The solution back end, once per day, reads the 14-KB device twin and updates it with 512-byte
payloads to change configurations.
The device consumes:
25 (100 KB / 4 KB ) messages * 24 hours for device-to-cloud messages.
Two messages (1 KB / 0.5 KB ) * six times per day for device twin updates.
This calculation gives a total of 612 messages per day.
The solution back end consumes 28 messages (14 KB / 0.5 KB ) to read the device twin, plus one message to
update it, for a total of 29 messages.
In total, the device and the solution back end consume 641 messages per day.
Understand and use Azure IoT Hub SDKs
11/10/2019 • 4 minutes to read • Edit Online
There are two categories of software development kits (SDKs) for working with IoT Hub:
IoT Hub Device SDKs enable you to build apps that run on your IoT devices using device client or module
client. These apps send telemetry to your IoT hub, and optionally receive messages, job, method, or twin
updates from your IoT hub. You can also use module client to author modules for Azure IoT Edge runtime.
IoT Hub Service SDKs enable you to build backend applications to manage your IoT hub, and optionally
send messages, schedule jobs, invoke direct methods, or send desired property updates to your IoT devices
or modules.
In addition, we also provide a set of SDKs for working with the Device Provisioning Service.
Provisioning Device SDKs enable you to build apps that run on your IoT devices to communicate with the
Device Provisioning Service.
Provisioning Service SDKs enable you to build backend applications to manage your enrollments in the
Device Provisioning Service.
Learn about the benefits of developing using Azure IoT SDKs.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are only
available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to choose
the right IoT Hub tier.
NOTE
See the readme files in the GitHub repositories for information about using language and platform-specific package managers
to install binaries and dependencies on your development machine.
IoT Hub enables devices to communicate with the IoT Hub device endpoints using:
MQTT v3.1.1 on port 8883
MQTT v3.1.1 over WebSocket on port 443.
IoT Hub is not a full-featured MQTT broker and does not support all the behaviors specified in the MQTT v3.1.1
standard. This article describes how devices can use supported MQTT behaviors to communicate with IoT Hub.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How
to choose the right IoT Hub tier.
All device communication with IoT Hub must be secured using TLS/SSL. Therefore, IoT Hub doesn’t support
non-secure connections over port 1883.
Node.js azure-iot-device-mqtt
Java IotHubClientProtocol.MQTT
C MQTT_Protocol
C# TransportType.Mqtt
LANGUAGE PROTOCOL PARAMETER
For example, if the name of your IoT hub is contoso.azure-devices.net and if the name of your device is
MyDevice01, the full Username field should contain:
contoso.azure-devices.net/MyDevice01/?api-version=2018-06-30
For the Password field, use a SAS token. The format of the SAS token is the same as for both the HTTPS
and AMQP protocols:
SharedAccessSignature sig={signature-string}&se={expiry}&sr={URL-encoded-resourceURI}
NOTE
If you use X.509 certificate authentication, SAS token passwords are not required. For more information, see Set
up X.509 security in your Azure IoT Hub and follow code instructions below.
For more information about how to generate SAS tokens, see the device section of Using IoT Hub
security tokens.
When testing, you can also use the cross-platform Azure IoT Tools for Visual Studio Code or the Device
Explorer tool to quickly generate a SAS token that you can copy and paste into your own code:
For Azure IoT Tools
1. Expand the AZURE IOT HUB DEVICES tab in the bottom left corner of Visual Studio Code.
2. Right-click your device and select Generate SAS Token for Device.
3. Set expiration time and press 'Enter'.
4. The SAS token is created and copied to clipboard.
For Device Explorer
1. Go to the Management tab in Device Explorer.
2. Click SAS Token (top right).
3. On SASTokenForm, select your device in the DeviceID drop down. Set your TTL.
4. Click Generate to create your token.
The SAS token that's generated has the following structure:
HostName={your hub name}.azure-
devices.net;DeviceId=javadevice;SharedAccessSignature=SharedAccessSignature sr={your hub name}.azure-
devices.net%2Fdevices%2FMyDevice01%2Fapi-version%3D2016-11-14&sig=vSgHBMUG.....Ntg%3d&se=1456481802
The part of this token to use as the Password field to connect using MQTT is:
SharedAccessSignature sr={your hub name}.azure-devices.net%2Fdevices%2FMyDevice01%2Fapi-
version%3D2016-11-14&sig=vSgHBMUG.....Ntg%3d&se=1456481802
For MQTT connect and disconnect packets, IoT Hub issues an event on the Operations Monitoring channel.
This event has additional information that can help you to troubleshoot connectivity issues.
The device app can specify a Will message in the CONNECT packet. The device app should use
devices/{device_id}/messages/events/ or devices/{device_id}/messages/events/{property_bag} as the Will topic
name to define Will messages to be forwarded as a telemetry message. In this case, if the network connection is
closed, but a DISCONNECT packet was not previously received from the device, then IoT Hub sends the Will
message supplied in the CONNECT packet to the telemetry channel. The telemetry channel can be either the
default Events endpoint or a custom endpoint defined by IoT Hub routing. The message has the iothub-
MessageType property with a value of Will assigned to it.
An example of C code using MQTT without Azure IoT C SDK
In this repository, you'll find a couple of C/C++ demo projects showing how to send telemetry messages,
receive events with an IoT hub without using the Azure IoT C SDK.
These samples use the Eclipse Mosquitto library to send message to the MQTT Broker implemented in the IoT
hub.
This repository contains:
For Windows:
• TelemetryMQTTWin32: contains code to send a telemetry message to an Azure IoT hub, built and run on a
Windows machine.
• SubscribeMQTTWin32: contains code to subscribe to events of a given IoT hub on a Windows machine.
• DeviceTwinMQTTWin32: contains code to query and subscribe to the device twin events of a device in the
Azure IoT hub on a Windows machine.
• PnPMQTTWin32: contains code to send a telemetry message with IoT Plug & Play preview Device capabilities
to an Azure IoT hub, built and run on a Windows machine. More on IoT Plug & Play here
For Linux:
• MQTTLinux: contains code and build script to run on Linux (WSL, Ubuntu and Raspbian have been tested so
far).
• LinuxConsoleVS2019: contains the same code but in a VS2019 project targeting WSL (Windows Linux sub
system). This project allows you to debug the code running on Linux step by step from Visual Studio.
For mosquito_pub:
• This folder contains two samples commands used with mosquitto_pub utility tool provided by Mosquitto.org.
Mosquitto_sendmessage: to send a simple text message to an Azure IoT hub acting as a device.
Mosquitto_subscribe: to see events occurring in an Azure IoT hub.
TLS/SSL configuration
To use the MQTT protocol directly, your client must connect over TLS/SSL. Attempts to skip this step fail with
connection errors.
In order to establish a TLS connection, you may need to download and reference the DigiCert Baltimore Root
Certificate. This certificate is the one that Azure uses to secure the connection. You can find this certificate in the
Azure-iot-sdk-c repository. More information about these certificates can be found on Digicert's website.
An example of how to implement this using the Python version of the Paho MQTT library by the Eclipse
Foundation might look like the following.
First, install the Paho library from your command-line environment:
Then, implement the client in a Python script. Replace the placeholders as follows:
<local path to digicert.cer> is the path to a local file that contains the DigiCert Baltimore Root
certificate. You can create this file by copying the certificate information from certs.c in the Azure IoT SDK
for C. Include the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- , remove the "
marks at the beginning and end of every line, and remove the \r\n characters at the end of every line.
<device id from device registry> is the ID of a device you added to your IoT hub.
<generated SAS token> is a SAS token for the device created as described previously in this article.
<iot hub name> the name of your IoT hub.
from paho.mqtt import client as mqtt
import ssl
client.on_connect = on_connect
client.on_disconnect = on_disconnect
client.on_publish = on_publish
client.username_pw_set(username=iot_hub_name+".azure-devices.net/" +
device_id + "/?api-version=2018-06-30", password=sas_token)
client.connect(iot_hub_name+".azure-devices.net", port=8883)
To authenticate using a device certificate, update the code snippet above with the following changes (see How to
get an X.509 CA certificate on how to prepare for certificate-based authentication):
# Create the client as before
# ...
# Connect as before
client.connect(iot_hub_name+".azure-devices.net", port=8883)
NOTE
This {property_bag} element uses the same encoding as query strings in the HTTPS protocol.
Request ID can be any valid value for a message property value, as per IoT Hub messaging developer's guide,
and status is validated as an integer.
The response body contains the properties section of the device twin, as shown in the following response
example:
{
"desired": {
"telemetrySendFrequency": "5m",
"$version": 12
},
"reported": {
"telemetrySendFrequency": "5m",
"batteryLevel": 55,
"$version": 123
}
}
STATUS DESCRIPTION
{
"telemetrySendFrequency": "35m",
"batteryLevel": 60
}
STATUS DESCRIPTION
200 Success
The python code snippet below, demonstrates the twin reported properties update process over MQTT (using
Paho MQTT client):
client.subscribe("$iothub/twin/res/#")
rid = "1"
twin_reported_property_patch = "{\"firmware_version\": \"v1.1\"}"
client.publish("$iothub/twin/PATCH/properties/reported/?$rid=" +
rid, twin_reported_property_patch, qos=0)
Upon success of twin reported properties update operation above, the publication message from IoT Hub will
have the following topic: $iothub/twin/res/204/?$rid=1&$version=6 , where 204 is the status code indicating
success, $rid=1 corresponds to the request ID provided by the device in the code, and $version corresponds
to the version of reported properties section of device twins after the update.
For more information, see Device twins developer's guide.
{
"telemetrySendFrequency": "5m",
"route": null,
"$version": 8
}
As for property updates, null values means that the JSON object member is being deleted. Also, note that
$version indicates the new version of the desired properties section of the twin.
IMPORTANT
IoT Hub generates change notifications only when devices are connected. Make sure to implement the device
reconnection flow to keep the desired properties synchronized between IoT Hub and the device app.
To respond, the device sends a message with a valid JSON or empty body to the topic
$iothub/methods/res/{status}/?$rid={request id} . In this message, the request ID must match the one in the
request message, and status must be an integer.
For more information, see Direct method developer's guide.
Additional considerations
As a final consideration, if you need to customize the MQTT protocol behavior on the cloud side, you should
review the Azure IoT protocol gateway. This software enables you to deploy a high-performance custom
protocol gateway that interfaces directly with IoT Hub. The Azure IoT protocol gateway enables you to
customize the device protocol to accommodate brownfield MQTT deployments or other custom protocols. This
approach does require, however, that you run and operate a custom protocol gateway.
Next steps
To learn more about the MQTT protocol, see the MQTT documentation.
To learn more about planning your IoT Hub deployment, see:
Azure Certified for IoT device catalog
Support additional protocols
Compare with Event Hubs
Scaling, HA, and DR
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
Communicate with your IoT hub by using the AMQP
Protocol
10/11/2019 • 9 minutes to read • Edit Online
Azure IoT Hub supports OASIS Advanced Message Queuing Protocol (AMQP ) version 1.0 to deliver a variety of
functionalities through device-facing and service-facing endpoints. This document describes the use of AMQP clients to
connect to an IoT hub to use IoT Hub functionality.
Service client
Connect and authenticate to an IoT hub (service client)
To connect to an IoT hub by using AMQP, a client can use the claims-based security (CBS ) or Simple Authentication and
Security Layer (SASL ) authentication.
The following information is required for the service client:
INFORMATION VALUE
Access key A primary or secondary key that's associated with the service
Shared access signature A short-lived shared access signature in the following format:
SharedAccessSignature sig={signature-string}&se=
{expiry}&skn={policyName}&sr={URL-encoded-resourceURI}
. To get the code for generating this signature, see Control access
to IoT Hub.
The following code snippet uses the uAMQP library in Python to connect to an IoT hub via a sender link.
import uamqp
import urllib
import time
iot_hub_name = '<iot-hub-name>'
hostname = '{iot_hub_name}.azure-devices.net'.format(iot_hub_name=iot_hub_name)
policy_name = 'service'
access_key = '<primary-or-secondary-key>'
operation = '<operation-link-name>' # example: '/messages/devicebound'
username = '{policy_name}@sas.root.{iot_hub_name}'.format(
iot_hub_name=iot_hub_name, policy_name=policy_name)
sas_token = generate_sas_token(hostname, access_key, policy_name)
uri = 'amqps://{}:{}@{}{}'.format(urllib.quote_plus(username),
urllib.quote_plus(sas_token), hostname, operation)
The following code snippet demonstrates how to create a cloud-to-device message and send it to a device by using the
uAMQP library in Python.
import uuid
# Create a message and set message property 'To' to the device-bound link on device
msg_id = str(uuid.uuid4())
msg_content = b"Message content goes here!"
device_id = '<device-id>'
to = '/devices/{device_id}/messages/devicebound'.format(device_id=device_id)
ack = 'full' # Alternative values are 'positive', 'negative', and 'none'
app_props = {'iothub-ack': ack}
msg_props = uamqp.message.MessageProperties(message_id=msg_id, to=to)
msg = uamqp.Message(msg_content, properties=msg_props,
application_properties=app_props)
# Send the message by using the send client that you created and connected to the IoT hub earlier
send_client.queue_message(msg)
results = send_client.send_all_messages()
To receive feedback, the service client creates a receiver link. The following code snippet demonstrates how to create a link
by using the uAMQP library in Python:
import json
operation = '/messages/serviceBound/feedback'
# ...
# Re-create the URI by using the preceding feedback path and authenticate it
uri = 'amqps://{}:{}@{}{}'.format(urllib.quote_plus(username),
urllib.quote_plus(sas_token), hostname, operation)
As shown in the preceding code, a cloud-to-device feedback message has a content type of
application/vnd.microsoft.iothub.feedback.json. You can use the properties in the message's JSON body to infer the
delivery status of the original message:
Key statusCode in the feedback body has one of the following values: Success, Expired, DeliveryCountExceeded,
Rejected, or Purged.
Key deviceId in the feedback body has the ID of the target device.
Key originalMessageId in the feedback body has the ID of the original cloud-to-device message that was sent by the
service. You can use this delivery status to correlate feedback to cloud-to-device messages.
Receive telemetry messages (service client)
By default, your IoT hub stores ingested device telemetry messages in a built-in event hub. Your service client can use the
AMQP Protocol to receive the stored events.
For this purpose, the service client first needs to connect to the IoT hub endpoint and receive a redirection address to the
built-in event hubs. The service client then uses the provided address to connect to the built-in event hub.
In each step, the client needs to present the following pieces of information:
Valid service credentials (service shared access signature token).
A well-formatted path to the consumer group partition that it intends to retrieve messages from. For a given
consumer group and partition ID, the path has the following format:
/messages/events/ConsumerGroups/<consumer_group>/Partitions/<partition_id> (the default consumer group is
$Default ).
An optional filtering predicate to designate a starting point in the partition. This predicate can be in the form of a
sequence number, offset, or enqueued timestamp.
The following code snippet uses the uAMQP library in Python to demonstrate the preceding steps:
import json
import uamqp
import urllib
import time
iot_hub_name = '<iot-hub-name>'
hostname = '{iot_hub_name}.azure-devices.net'.format(iot_hub_name=iot_hub_name)
policy_name = 'service'
access_key = '<primary-or-secondary-key>'
operation = '/messages/events/ConsumerGroups/{consumer_group}/Partitions/{p_id}'.format(
consumer_group='$Default', p_id=0)
username = '{policy_name}@sas.root.{iot_hub_name}'.format(
policy_name=policy_name, iot_hub_name=iot_hub_name)
sas_token = generate_sas_token(hostname, access_key, policy_name)
uri = 'amqps://{}:{}@{}{}'.format(urllib.quote_plus(username),
urllib.quote_plus(sas_token), hostname, operation)
receive_client = uamqp.ReceiveClient(
set_endpoint_filter(uri, endpoint_filter), debug=True)
try:
batch = receive_client.receive_message_batch(max_batch_size=5)
except uamqp.errors.LinkRedirect as redirect:
# Once a redirect error is received, close the original client and recreate a new one to the re-directed address
receive_client.close()
sas_auth = uamqp.authentication.SASTokenAuth.from_shared_access_key(
redirect.address, policy_name, access_key)
receive_client = uamqp.ReceiveClient(set_endpoint_filter(
redirect.address, endpoint_filter), auth=sas_auth, debug=True)
For a given device ID, the IoT hub uses a hash of the device ID to determine which partition to store its messages in. The
preceding code snippet demonstrates how events are received from a single such partition. However, note that a typical
application often needs to retrieve events that are stored in all event hub partitions.
Device client
Connect and authenticate to an IoT hub (device client)
To connect to an IoT hub by using AMQP, a device can use claims based security (CBS ) or Simple Authentication and
Security Layer (SASL ) authentication.
The following information is required for the device client:
INFORMATION VALUE
Access key A primary or secondary key that's associated with the device
Shared access signature A short-lived shared access signature in the following format:
SharedAccessSignature sig={signature-string}&se=
{expiry}&skn={policyName}&sr={URL-encoded-resourceURI}
. To get the code for generating this signature, see Control access
to IoT Hub.
The following code snippet uses the uAMQP library in Python to connect to an IoT hub via a sender link.
import uamqp
import urllib
import uuid
iot_hub_name = '<iot-hub-name>'
hostname = '{iot_hub_name}.azure-devices.net'.format(iot_hub_name=iot_hub_name)
device_id = '<device-id>'
access_key = '<primary-or-secondary-key>'
username = '{device_id}@sas.{iot_hub_name}'.format(
device_id=device_id, iot_hub_name=iot_hub_name)
sas_token = generate_sas_token('{hostname}/devices/{device_id}'.format(
hostname=hostname, device_id=device_id), access_key, None)
# e.g., '/devices/{device_id}/messages/devicebound'
operation = '<operation-link-name>'
uri = 'amqps://{}:{}@{}{}'.format(urllib.quote_plus(username),
urllib.quote_plus(sas_token), hostname, operation)
# ...
# Create a receive client for the cloud-to-device receive link on the device
operation = '/devices/{device_id}/messages/devicebound'.format(
device_id=device_id)
uri = 'amqps://{}:{}@{}{}'.format(urllib.quote_plus(username),
urllib.quote_plus(sas_token), hostname, operation)
# Create message
msg_data = b"Your message payload goes here"
message = uamqp.Message(msg_data, properties=msg_props, application_properties=application_properties)
send_client.queue_message(message)
results = send_client.send_all_messages()
Additional notes
The AMQP connections might be disrupted because of a network glitch or the expiration of the authentication token
(generated in the code). The service client must handle these circumstances and reestablish the connection and links,
if needed. If an authentication token expires, the client can avoid a connection drop by proactively renewing the
token prior to its expiration.
Your client must occasionally be able to handle link redirections correctly. To understand such an operation, see your
AMQP client documentation.
Next steps
To learn more about the AMQP Protocol, see the AMQP v1.0 specification.
To learn more about IoT Hub messaging, see:
Cloud-to-device messages
Support for additional protocols
Support for the Message Queuing Telemetry Transport (MQTT) Protocol
Glossary of IoT Hub terms
12/23/2019 • 20 minutes to read • Edit Online
This article lists some of the common terms used in the IoT Hub articles.
Azure CLI
The Azure CLI is a cross-platform, open-source, shell-based, command tool for creating and managing resources
in Microsoft Azure.
Azure PowerShell
Azure PowerShell is a collection of cmdlets you can use to manage Azure with Windows PowerShell. You can use
the cmdlets to create, test, deploy, and manage solutions and services delivered through the Azure platform.
Azure Storage
Azure Storage is a cloud storage solution. It includes the Blob Storage service that you can use to store
unstructured object data. Some IoT Hub tutorials use blob storage.
Back-end app
In the context of IoT Hub, a back-end app is an app that connects to one of the service-facing endpoints on an IoT
hub. For example, a back-end app might retrieve device-to-cloud messages or manage the identity registry.
Typically, a back-end app runs in the cloud, but in many of the tutorials the back-end apps are console apps
running on your local development machine.
Built-in endpoints
Every IoT hub includes a built-in endpoint that is Event Hub-compatible. You can use any mechanism that works
with Event Hubs to read device-to-cloud messages from this endpoint.
Cloud gateway
A cloud gateway enables connectivity for devices that cannot connect directly to IoT Hub. A cloud gateway is
hosted in the cloud in contrast to a field gateway that runs local to your devices. A typical use case for a cloud
gateway is to implement protocol translation for your devices.
Cloud-to-device
Refers to messages sent from an IoT hub to a connected device. Often, these messages are commands that instruct
the device to take an action. For more information, see Send and receive messages with IoT Hub.
Configuration
In the context of automatic device configuration, a configuration within IoT Hub defines the desired configuration
for a set of devices twins and provides a set of metrics to report status and progress.
Connection string
You use connection strings in your app code to encapsulate the information required to connect to an endpoint. A
connection string typically includes the address of the endpoint and security information, but connection string
formats vary across services. There are two types of connection string associated with the IoT Hub service:
Device connection strings enable devices to connect to the device-facing endpoints on an IoT hub.
IoT Hub connection strings enable back-end apps to connect to the service-facing endpoints on an IoT hub.
Custom endpoints
You can create custom endpoints on an IoT hub to deliver messages dispatched by a routing rule. Custom
endpoints connect directly to an Event hub, a Service Bus queue, or a Service Bus topic.
Custom gateway
A gateway enables connectivity for devices that cannot connect directly to IoT Hub. You can use Azure IoT Edge to
build custom gateways that implement custom logic to handle messages, custom protocol conversions, and other
processing on the edge.
Data-point message
A data-point message is a device-to-cloud message that contains telemetry data such as wind speed or
temperature.
Desired configuration
In the context of a device twin, desired configuration refers to the complete set of properties and metadata in the
device twin that should be synchronized with the device.
Desired properties
In the context of a device twin, desired properties is a subsection of the device twin that is used with reported
properties to synchronize device configuration or condition. Desired properties can only be set by a back-end app
and are observed by the device app.
Device-to-cloud
Refers to messages sent from a connected device to IoT Hub. These messages may be data-point or interactive
messages. For more information, see Send and receive messages with IoT Hub.
Device
In the context of IoT, a device is typically a small-scale, standalone computing device that may collect data or
control other devices. For example, a device might be an environmental monitoring device, or a controller for the
watering and ventilation systems in a greenhouse. The device catalog provides a list of hardware devices certified
to work with IoT Hub.
Device app
A device app runs on your device and handles the communication with your IoT hub. Typically, you use one of the
Azure IoT device SDKs when you implement a device app. In many of the IoT tutorials, you use a simulated device
for convenience.
Device condition
Refers to device state information, such as the connectivity method currently in use, as reported by a device app.
Device apps can also report their capabilities. You can query for condition and capability information using device
twins.
Device data
Device data refers to the per-device data stored in the IoT Hub identity registry. It is possible to import and export
this data.
Device explorer
The device explorer is a tool that runs on Windows and enables you to manage your devices in the identity
registry.The tool can also send and receive messages to your devices.
Device identity
The device identity is the unique identifier assigned to every device registered in the identity registry.
Device management
Device management encompasses the full lifecycle associated with managing the devices in your IoT solution
including planning, provisioning, configuring, monitoring, and retiring.
Device provisioning
Device provisioning is the process of adding the initial device data to the stores in your solution. To enable a new
device to connect to your hub, you must add a device ID and keys to the IoT Hub identity registry. As part of the
provisioning process, you might need to initialize device-specific data in other solution stores.
Device twin
A device twin is JSON document that stores device state information such as metadata, configurations, and
conditions. IoT Hub persists a device twin for each device that you provision in your IoT hub. Device twins enable
you to synchronize device conditions and configurations between the device and the solution back end. You can
query device twins to locate specific devices and query the status of long-running operations.
Direct method
A direct method is a way for you to trigger a method to execute on a device by invoking an API on your IoT hub.
Endpoint
An IoT hub exposes multiple endpoints that enable your apps to connect to the IoT hub. There are device-facing
endpoints that enable devices to perform operations such as sending device-to-cloud messages and receiving
cloud-to-device messages. There are service-facing management endpoints that enable back-end apps to perform
operations such as device identity management and device twin management. There are service-facing built-in
endpoints for reading device-to-cloud messages. You can create custom endpoints to receive device-to-cloud
messages dispatched by a routing rule.
Field gateway
A field gateway enables connectivity for devices that cannot connect directly to IoT Hub and is typically deployed
locally with your devices. For more information, see What is Azure IoT Hub?
Free account
You can create a free Azure account to complete the IoT Hub tutorials and experiment with the IoT Hub service
(and other Azure services).
Gateway
A gateway enables connectivity for devices that cannot connect directly to IoT Hub. See also Field Gateway, Cloud
Gateway, and Custom Gateway.
Identity registry
The identity registry is the built-in component of an IoT hub that stores information about the individual devices
permitted to connect to an IoT hub.
Interactive message
An interactive message is a cloud-to-device message that triggers an immediate action in the solution back end.
For example, a device might send an alarm about a failure that should be automatically logged in to a CRM
system.
IoT Hub
IoT Hub is a fully managed Azure service that enables reliable and secure bidirectional communications between
millions of devices and a solution back end. For more information, see What is Azure IoT Hub? Using your Azure
subscription, you can create IoT hubs to handle your IoT messaging workloads.
Job
Your solution back end can use jobs to schedule and track activities on a set of devices registered with your IoT
hub. Activities include updating device twin desired properties, updating device twin tags, and invoking direct
methods. IoT Hub also uses to import to and export from the identity registry.
Modules
On the device side, the IoT Hub device SDKs enable you to create modules where each one opens an independent
connection to IoT Hub. This functionality enables you to use separate namespaces for different components on
your device.
Module identity and module twin provide the same capabilities as device identity and device twin but at a finer
granularity. This finer granularity enables capable devices, such as operating system-based devices or firmware
devices managing multiple components, to isolate configuration and conditions for each of those components.
Module identity
The module identity is the unique identifier assigned to every module that belong to a device. Module identity is
also registered in the identity registry.
Module twin
Similar to device twin, a module twin is JSON document that stores module state information such as metadata,
configurations, and conditions. IoT Hub persists a module twin for each module identity that you provision under a
device identity in your IoT hub. Module twins enable you to synchronize module conditions and configurations
between the module and the solution back end. You can query module twins to locate specific modules and query
the status of long-running operations.
MQTT
MQTT is one of the messaging protocols that IoT Hub supports for communicating with devices. For more
information about the messaging protocols that IoT Hub supports, see Send and receive messages with IoT Hub.
Operations monitoring
IoT Hub operations monitoring enables you to monitor the status of operations on your IoT hub in real time. IoT
Hub tracks events across several categories of operations. You can opt into sending events from one or more
categories to an IoT Hub endpoint for processing. You can monitor the data for errors or set up more complex
processing based on data patterns.
Physical device
A physical device is a real device such as a Raspberry Pi that connects to an IoT hub. For convenience, many of the
IoT Hub tutorials use simulated devices to enable you to run samples on your local machine.
Protocol gateway
A protocol gateway is typically deployed in the cloud and provides protocol translation services for devices
connecting to IoT Hub. For more information, see What is Azure IoT Hub?
Reported configuration
In the context of a device twin, reported configuration refers to the complete set of properties and metadata in the
device twin that should be reported to the solution back end.
Reported properties
In the context of a device twin, reported properties is a subsection of the device twin used with desired properties
to synchronize device configuration or condition. Reported properties can only be set by the device app and can be
read and queried by a back-end app.
Resource group
Azure Resource Manager uses resource groups to group related resources together. You can use a resource group
to perform operations on all the resources on the group simultaneously.
Retry policy
You use a retry policy to handle transient errors when you connect to a cloud service.
Routing rules
You configure routing rules in your IoT hub to route device-to-cloud messages to a built-in endpoint or to custom
endpoints for processing by your solution back end.
SASL PLAIN
SASL PLAIN is a protocol that the AMQP protocol uses to transfer security tokens.
Simulated device
For convenience, many of the IoT Hub tutorials use simulated devices to enable you to run samples on your local
machine. In contrast, a physical device is a real device such as a Raspberry Pi that connects to an IoT hub.
Solution
A solution can refer to a Visual Studio solution that includes one or more projects. A solution might also refer to an
IoT solution that includes elements such as devices, device apps, an IoT hub, other Azure services, and back-end
apps.
Subscription
An Azure subscription is where billing takes place. Each Azure resource you create or Azure service you use is
associated with a single subscription. Many quotas also apply at the level of a subscription.
System properties
In the context of a device twin, system properties are read-only and include information regarding the device
usage such as last activity time and connection state.
Tags
In the context of a device twin, tags are device metadata stored and retrieved by the solution back end in the form
of a JSON document. Tags are not visible to apps on a device.
Telemetry
Devices collect telemetry data, such as wind speed or temperature, and use data-point messages to send the
telemetry to an IoT hub.
Token service
You can use a token service to implement an authentication mechanism for your devices. It uses an IoT Hub shared
access policy with DeviceConnect permissions to create device-scoped tokens. These tokens enable a device to
connect to your IoT hub. A device uses a custom authentication mechanism to authenticate with the token service.
IF the device authenticates successfully, the token service issues a SAS token for the device to use to access your
IoT hub.
Twin queries
Device and module twin queries use the SQL -like IoT Hub query language to retrieve information from your
device twins or module twins. You can use the same IoT Hub query language to retrieve information about
running in your IoT hub.
Twin synchronization
Twin synchronization uses the desired properties in your device twins or module twins to configure your devices
or modules and retrieve reported properties from them to store in the twin.
This article describes how to use X.509 Certificate Authority (CA) certificates to authenticate devices connecting
IoT Hub. In this article you will learn:
How to get an X.509 CA certificate
How to register the X.509 CA certificate to IoT Hub
How to sign devices using X.509 CA certificates
How devices signed with X.509 CA are authenticated
Overview
The X.509 CA feature enables device authentication to IoT Hub using a Certificate Authority (CA). It greatly
simplifies initial device enrollment process, and supply chain logistics during device manufacturing. Learn more in
this scenario article about the value of using X.509 CA certificates for device authentication. We encourage you to
read this scenario article before proceeding as it explains why the steps that follow exist.
Prerequisite
Using the X.509 CA feature requires that you have an IoT Hub account. Learn how to create an IoT Hub instance if
you don't already have one.
Next Steps
Learn about the value of X.509 CA authentication in IoT.
Get started with IoT Hub Device Provisioning Service.
Conceptual understanding of X.509 CA certificates in
the IoT industry
4/15/2019 • 11 minutes to read • Edit Online
This article describes the value of using X.509 certificate authority (CA) certificates in IoT device manufacturing
and authentication to IoT Hub. It includes information about supply chain setup and highlight advantages.
This article describes:
What X.509 CA certificates are and how to get them
How to register your X.509 CA certificate to IoT Hub
How to set up a manufacturing supply chain for X.509 CA-based authentication
How devices signed with X.509 CA connect to IoT Hub
Overview
X.509 Certificate Authority (CA) authentication is an approach for authenticating devices to IoT Hub using a
method that dramatically simplifies device identity creation and life-cycle management in the supply chain.
A distinguishing attribute of the X.509 CA authentication is a one-to-many relationship a CA certificate has with its
downstream devices. This relationship enables registration of any number of devices into IoT Hub by registering
an X.509 CA certificate once, otherwise device unique certificates must be pre-registered for every device before a
device can connect. This one-to-many relationship also simplifies device certificates life-cycle management
operations.
Another important attribute of the X.509 CA authentication is simplification of supply chain logistics. Secure
authentication of devices requires that each device holds a unique secret like a key as basis for trust. In certificates-
based authentication, this secret is a private key. A typical device manufacturing flow involves multiple steps and
custodians. Securely managing device private keys across multiple custodians and maintaining trust is difficult and
expensive. Using certificate authorities solves this problem by signing each custodian into a cryptographic chain of
trust rather than entrusting them with device private keys. Each custodian in turn signs devices at their respective
process step of the manufacturing flow. The overall result is an optimal supply chain with built-in accountability
through use of the cryptographic chain of trust. It is worth noting that this process yields the most security when
devices protect their unique private keys. To this end, we urge the use of Hardware Secure Modules (HSM )
capable of internally generating private keys that will never see the light of day.
This article offers an end-to-end view of using the X.509 CA authentication, from supply chain setup to device
connection, while making use of a real world example to solidify understanding.
Introduction
The X.509 CA certificate is a digital certificate whose holder can sign other certificates. This digital certificate is
X.509 because it conforms to a certificate formatting standard prescribed by IETF's RFC 5280 standard, and is a
certificate authority (CA) because its holder can sign other certificates.
The use of X.509 CA is best understood in relation to a concrete example. Consider Company-X, a maker of
Smart-X-Widgets designed for professional installation. Company-X outsources both manufacturing and
installation. It contracts manufacturer Factory-Y to manufacture the Smart-X-Widgets, and service provider
Technician-Z to install. Company-X desires that Smart-X-Widget directly ships from Factory-Y to Technician-Z for
installation and that it connects directly to Company-X's instance of IoT Hub after installation without further
intervention from Company-X. To make this happen, Company-X need to complete a few one-time setup
operations to prime Smart-X-Widget for automatic connection. With the end-to-end scenario in mind, the rest of
this article is structured as follows:
Acquire the X.509 CA certificate
Register X.509 CA certificate to IoT Hub
Sign devices into a certificate chain of trust
Device connection
Details on how to accomplish these steps differ with various service providers.
Purchasing an X.509 CA certificate
Purchasing a CA certificate has the benefit of having a well-known root CA act as a trusted third party to vouch for
the legitimacy of IoT devices when the devices connect. Company-X would choose this option if they intend
Smart-X-Widget to interact with third party products or services after initial connection to IoT Hub.
To purchase an X.509 CA certificate, Company-X would choose a root certificates services provider. An internet
search for the phrase 'Root CA' will yield good leads. The root CA will guide Company-X on how to create the
public/private key pair and how to generate a Certificate Signing Request (CSR ) for their services. A CSR is the
formal process of applying for a certificate from a certificate authority. The outcome of this purchase is a certificate
for use as an authority certificate. Given the ubiquity of X.509 certificates, the certificate is likely to have been
properly formatted to IETF's RFC 5280 standard.
Creating a Self-Signed X.509 CA certificate
The process to create a Self-Signed X.509 CA certificate is similar to purchasing with the exception of involving a
third party signer like the root certificate authority. In our example, Company-X will sign its authority certificate
instead of a root certificate authority. Company-X may choose this option for testing until they're ready to
purchase an authority certificate. Company-X may also use a self-signed X.509 CA certificate in production, if
Smart-X-Widget is not intended to connect to any third party services outside of the IoT Hub.
Above cascade of certificates in the chain presents the logical hand-off of authority. Many supply chains follow this
logical hand-off whereby each intermediate CA gets signed into the chain while receiving all upstream CA
certificates, and the last intermediate CA finally signs each device and inject all the authority certificates from the
chain into the device. This is common when the contract manufacturing company with a hierarchy of factories
commissions a particular factory to do the manufacturing. While the hierarchy may be several levels deep (for
example, by geography/product type/manufacturing line), only the factory at the end gets to interact with the
device but the chain is maintained from the top of the hierarchy.
Alternate chains may have different intermediate CA interact with the device in which case the CA interacting with
the device injects certificate chain content at that point. Hybrid models are also possible where only some of the
CA has physical interaction with the device.
In our example, both Factory-Y and Technician-Z interact with the Smart-X-Widget. While Company-X owns
Smart-X-Widget, it actually does not physically interact with it in the entire supply chain. The certificate chain of
trust for Smart-X-Widget therefore comprise Company-X signing Factory-Y which in turn signs Technician-Z that
will then provide final signature to Smart-X-Widget. The manufacture and installation of Smart-X-Widget
comprise Factory-Y and Technician-Z using their respective intermediate CA certificates to sign each and every
Smart-X-Widgets. The end result of this entire process is Smart-X-Widgets with unique device certificates and
certificate chain of trust going up to Company-X CA certificate.
This is a good point to review the value of the X.509 CA method. Instead of pre-generating and handing off
certificates for every Smart-X-Widget into the supply chain, Company-X only had to sign Factory-Y once. Instead
of having to track every device throughout the device's life-cycle, Company-X may now track and manage devices
through groups that naturally emerge from the supply chain process, for example, devices installed by Technician-
Z after July of some year.
Last but not least, the CA method of authentication infuses secure accountability into the device manufacturing
supply chain. Because of the certificate chain process, the actions of every member in the chain is
cryptographically recorded and verifiable.
This process relies on certain assumptions that must be surfaced for completeness. It requires independent
creation of device unique public/private key pair and that the private key be protected within the device.
Fortunately, secure silicon chips in the form of Hardware Secure Modules (HSM ) capable of internally generating
keys and protecting private keys exist. Company-X only need to add one of such chips into Smart-X-Widget's
component bill of materials.
Device Connection
Previous sections above have been building up to device connection. By simply registering an X.509 CA certificate
to IoT Hub one time, how do potentially millions of devices connect and get authenticated from the first time?
Simple; through the same certificate upload and proof-of-possession flow we earlier encountered with registering
the X.509 CA certificate.
Devices manufactured for X.509 CA authentication are equipped with device unique certificates and a certificate
chain from their respective manufacturing supply chain. Device connection, even for the very first time, happens in
a two-step process: certificate chain upload and proof-of-possession.
During the certificate chain upload, the device uploads its device unique certificate together with the certificate
chain installed within it to IoT Hub. Using the pre-registered X.509 CA certificate, IoT Hub can cryptographically
validate a couple of things, that the uploaded certificate chain is internally consistent, and that the chain was
originated by the valid owner of the X.509 CA certificate. Just was with the X.509 CA registration process, IoT Hub
would initiate a proof-of-possession challenge-response process to ascertain that the chain and hence device
certificate actually belongs to the device uploading it. It does so by generating a random challenge to be signed by
the device using its private key for validation by IoT Hub. A successful response triggers IoT Hub to accept the
device as authentic and grant it connection.
In our example, each Smart-X-Widget would upload its device unique certificate together with Factory-Y and
Technician-Z X.509 CA certificates and then respond to the proof-of-possession challenge from IoT Hub.
Notice that the foundation of trust rests in protecting private keys including device private keys. We therefore
cannot stress enough the importance of secure silicon chips in the form of Hardware Secure Modules (HSM ) for
protecting device private keys, and the overall best practice of never sharing any private keys, like one factory
entrusting another with its private key.
Understand and use Azure IoT Hub SDKs
11/10/2019 • 4 minutes to read • Edit Online
There are two categories of software development kits (SDKs) for working with IoT Hub:
IoT Hub Device SDKs enable you to build apps that run on your IoT devices using device client
or module client. These apps send telemetry to your IoT hub, and optionally receive messages, job,
method, or twin updates from your IoT hub. You can also use module client to author modules for
Azure IoT Edge runtime.
IoT Hub Service SDKs enable you to build backend applications to manage your IoT hub, and
optionally send messages, schedule jobs, invoke direct methods, or send desired property updates
to your IoT devices or modules.
In addition, we also provide a set of SDKs for working with the Device Provisioning Service.
Provisioning Device SDKs enable you to build apps that run on your IoT devices to
communicate with the Device Provisioning Service.
Provisioning Service SDKs enable you to build backend applications to manage your
enrollments in the Device Provisioning Service.
Learn about the benefits of developing using Azure IoT SDKs.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device
management, are only available in the standard tier of IoT Hub. For more information about the basic and
standard IoT Hub tiers, see How to choose the right IoT Hub tier.
NOTE
See the readme files in the GitHub repositories for information about using language and platform-specific
package managers to install binaries and dependencies on your development machine.
Microsoft strives to continually expand the universe of Azure IoT Hub capable devices. Microsoft publishes open-
source device SDKs on GitHub to help connect devices to Azure IoT Hub and the Device Provisioning Service.
The device SDKs are available for C, .NET (C#), Java, Node.js, and Python. Microsoft tests each SDK to ensure
that it runs on the supported configurations detailed for it in the Microsoft SDKs and device platform support
section.
In addition to the device SDKs, Microsoft provides several other avenues to empower customers and developers
to connect their devices to Azure IoT:
Microsoft collaborates with several partner companies to help them publish development kits, based on
the Azure IoT C SDK, for their hardware platforms.
Microsoft works with Microsoft trusted partners to provide an ever-expanding set of devices that have
been tested and certified for Azure IoT. For a current list of these devices, see the Azure certified for IoT
device catalog.
Microsoft provides a platform abstraction layer (PAL ) in the Azure IoT Hub Device C SDK that helps
developers to easily port the SDK to their platform. To learn more, see the C SDK porting guidance.
This topic provides information about the Microsoft SDKs and the platform configurations they support, as well
as each of the other options listed above.
Python SDK
The Azure IoT Hub Python device SDK is tested with and supports the following configurations.
OS COMPILER
*Only Python version 3.5.3 or later support the asynchronous APIs, we recommend using 3.7 or later.
.NET SDK
The Azure IoT Hub .NET (C#) device SDK is tested with and supports the following configurations.
OS STANDARD
Windows 10 Desktop and Server SKUs .NET Core 2.1, .NET Framework 4.5.1, or .NET Framework 4.7
The .NET SDK can also be used with Windows IoT Core with the Azure Device Agent or a custom NTService that
can use RPC to communicate with UWP applications.
Node.js SDK
The Azure IoT Hub Node.js device SDK is tested with and supports the following configurations.
OS NODE VERSION
Java SDK
The Azure IoT Hub Java device SDK is tested with and supports the following configurations.
OS JAVA VERSION
Qualcomm Qualcomm MDM9206 LTE Qualcomm LTE for IoT SDK Forum
IoT Modem
Texas Instruments CC3220SF LaunchPad Azure IoT Plugin for TI E2E Forum
CC3220S LaunchPad SimpleLink TI E2E Forum for CC3220
CC3235SF LaunchPad TI E2E Forum for MSP432E4
CC3235S LaunchPad
MSP432E4 LaunchPad
Next steps
Device and service SDKs
Porting Guidance
Azure IoT device SDK for C
9/9/2019 • 17 minutes to read • Edit Online
The Azure IoT device SDK is a set of libraries designed to simplify the process of sending messages to and
receiving messages from the Azure IoT Hub service. There are different variations of the SDK, each targeting a
specific platform, but this article describes the Azure IoT device SDK for C.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How
to choose the right IoT Hub tier.
The Azure IoT device SDK for C is written in ANSI C (C99) to maximize portability. This feature makes the
libraries well-suited to operate on multiple platforms and devices, especially where minimizing disk and
memory footprint is a priority.
There are a broad range of platforms on which the SDK has been tested (see the Azure Certified for IoT device
catalog for details). Although this article includes walkthroughs of sample code running on the Windows
platform, the code described in this article is identical across the range of supported platforms.
The following video presents an overview of the Azure IoT SDK for C:
This article introduces you to the architecture of the Azure IoT device SDK for C. It demonstrates how to
initialize the device library, send data to IoT Hub, and receive messages from it. The information in this article
should be enough to get started using the SDK, but also provides pointers to additional information about the
libraries.
SDK architecture
You can find the Azure IoT device SDK for C GitHub repository and view details of the API in the C API
reference.
The latest version of the libraries can be found in the master branch of the repository:
The core implementation of the SDK is in the iothub_client folder that contains the implementation of
the lowest API layer in the SDK: the IoTHubClient library. The IoTHubClient library contains APIs
implementing raw messaging for sending messages to IoT Hub and receiving messages from IoT Hub.
When using this library, you are responsible for implementing message serialization, but other details of
communicating with IoT Hub are handled for you.
The serializer folder contains helper functions and samples that show you how to serialize data before
sending to Azure IoT Hub using the client library. The use of the serializer is not mandatory and is
provided as a convenience. To use the serializer library, you define a model that specifies the data to
send to IoT Hub and the messages you expect to receive from it. Once the model is defined, the SDK
provides you with an API surface that enables you to easily work with device-to-cloud and cloud-to-
device messages without worrying about the serialization details. The library depends on other open
source libraries that implement transport using protocols such as MQTT and AMQP.
The IoTHubClient library depends on other open source libraries:
The Azure C shared utility library, which provides common functionality for basic tasks (such as
strings, list manipulation, and IO ) needed across several Azure-related C SDKs.
The Azure uAMQP library, which is a client-side implementation of AMQP optimized for resource
constrained devices.
The Azure uMQTT library, which is a general-purpose library implementing the MQTT protocol
and optimized for resource constrained devices.
Use of these libraries is easier to understand by looking at example code. The following sections walk you
through several of the sample applications that are included in the SDK. This walkthrough should give you a
good feel for the various capabilities of the architectural layers of the SDK and an introduction to how the APIs
work.
2. When the device is created, the Devices list updates with all the registered devices, including the one you
just created. If you right-click your new device, you see this menu:
3. If you choose Copy connection string for selected device, the device connection string is copied to
the clipboard. Keep a copy of the device connection string. You need it when running the sample
applications described in the following sections.
When you've completed the steps above, you're ready to start running some code. Most samples have a
constant at the top of the main source file that enables you to enter a connection string. For example, the
corresponding line from the iothub_client_samples_iothub_convenience_sample application appears as
follows.
NOTE
If Visual Studio asks you to retarget the project to the latest version, accept the prompt.
This solution contains a single project. There are four NuGet packages installed in this solution:
Microsoft.Azure.C.SharedUtility
Microsoft.Azure.IoTHub.MqttTransport
Microsoft.Azure.IoTHub.IoTHubClient
Microsoft.Azure.umqtt
You always need the Microsoft.Azure.C.SharedUtility package when you are working with the SDK. This
sample uses the MQTT protocol, therefore you must include the Microsoft.Azure.umqtt and
Microsoft.Azure.IoTHub.MqttTransport packages (there are equivalent packages for AMQP and HTTPS ).
Because the sample uses the IoTHubClient library, you must also include the
Microsoft.Azure.IoTHub.IoTHubClient package in your solution.
You can find the implementation for the sample application in the
iothub_client_samples_iothub_convenience_sample source file.
The following steps use this sample application to walk you through what's required to use the IoTHubClient
library.
Initialize the library
NOTE
Before you start working with the libraries, you may need to perform some platform-specific initialization. For example, if
you plan to use AMQP on Linux you must initialize the OpenSSL library. The samples in the GitHub repository call the
utility function platform_init when the client starts and call the platform_deinit function before exiting. These functions
are declared in the platform.h header file. Examine the definitions of these functions for your target platform in the
repository to determine whether you need to include any platform-specific initialization code in your client.
To start working with the libraries, first allocate an IoT Hub client handle:
if ((iotHubClientHandle =
IoTHubClient_LL_CreateFromConnectionString(connectionString, MQTT_Protocol)) == NULL)
{
(void)printf("ERROR: iotHubClientHandle is NULL!\r\n");
}
else
{
...
You pass a copy of the device connection string you obtained from the device explorer tool to this function. You
also designate the communications protocol to use. This example uses MQTT, but AMQP and HTTPS are also
options.
When you have a valid IOTHUB_CLIENT_HANDLE, you can start calling the APIs to send and receive
messages to and from IoT Hub.
Send messages
The sample application sets up a loop to send messages to your IoT hub. The following snippet:
Creates a message.
Adds a property to the message.
Sends a message.
First, create a message:
size_t iterator = 0;
do
{
if (iterator < MESSAGE_COUNT)
{
sprintf_s(msgText, sizeof(msgText), "{\"deviceId\":\"myFirstDevice\",\"windSpeed\":%.2f}",
avgWindSpeed + (rand() % 4 + 2));
if ((messages[iterator].messageHandle = IoTHubMessage_CreateFromByteArray((const unsigned
char*)msgText, strlen(msgText))) == NULL)
{
(void)printf("ERROR: iotHubMessageHandle is NULL!\r\n");
}
else
{
messages[iterator].messageTrackingId = iterator;
MAP_HANDLE propMap = IoTHubMessage_Properties(messages[iterator].messageHandle);
(void)sprintf_s(propText, sizeof(propText), "PropMsg_%zu", iterator);
if (Map_AddOrUpdate(propMap, "PropName", propText) != MAP_OK)
{
(void)printf("ERROR: Map_AddOrUpdate Failed!\r\n");
}
if (IoTHubClient_LL_SendEventAsync(iotHubClientHandle, messages[iterator].messageHandle,
SendConfirmationCallback, &messages[iterator]) != IOTHUB_CLIENT_OK)
{
(void)printf("ERROR: IoTHubClient_LL_SendEventAsync..........FAILED!\r\n");
}
else
{
(void)printf("IoTHubClient_LL_SendEventAsync accepted message [%d] for transmission to IoT
Hub.\r\n", (int)iterator);
}
}
}
IoTHubClient_LL_DoWork(iotHubClientHandle);
ThreadAPI_Sleep(1);
iterator++;
} while (g_continueRunning);
Every time you send a message, you specify a reference to a callback function that's invoked when the data is
sent. In this example, the callback function is called SendConfirmationCallback. The following snippet shows
this callback function:
Note the call to the IoTHubMessage_Destroy function when you're done with the message. This function
frees the resources allocated when you created the message.
Receive messages
Receiving a message is an asynchronous operation. First, you register the callback to invoke when the device
receives a message:
if (IoTHubClient_LL_SetMessageCallback(iotHubClientHandle, ReceiveMessageCallback, &receiveContext) !=
IOTHUB_CLIENT_OK)
{
(void)printf("ERROR: IoTHubClient_LL_SetMessageCallback..........FAILED!\r\n");
}
else
{
(void)printf("IoTHubClient_LL_SetMessageCallback...successful.\r\n");
...
The last parameter is a void pointer to whatever you want. In the sample, it's a pointer to an integer but it could
be a pointer to a more complex data structure. This parameter enables the callback function to operate on
shared state with the caller of this function.
When the device receives a message, the registered callback function is invoked. This callback function retrieves:
The message id and correlation id from the message.
The message content.
Any custom properties from the message.
static IOTHUBMESSAGE_DISPOSITION_RESULT ReceiveMessageCallback(IOTHUB_MESSAGE_HANDLE message, void*
userContextCallback)
{
int* counter = (int*)userContextCallback;
const char* buffer;
size_t size;
MAP_HANDLE mapProperties;
const char* messageId;
const char* correlationId;
// Message properties
if ((messageId = IoTHubMessage_GetMessageId(message)) == NULL)
{
messageId = "<null>";
}
// Message content
if (IoTHubMessage_GetByteArray(message, (const unsigned char**)&buffer, &size) != IOTHUB_MESSAGE_OK)
{
(void)printf("unable to retrieve the message data\r\n");
}
else
{
(void)printf("Received Message [%d]\r\n Message ID: %s\r\n Correlation ID: %s\r\n Data: <<<%.*s>>>
& Size=%d\r\n", *counter, messageId, correlationId, (int)size, buffer, (int)size);
// If we receive the work 'quit' then we stop running
if (size == (strlen("quit") * sizeof(char)) && memcmp(buffer, "quit", size) == 0)
{
g_continueRunning = false;
}
}
Use the IoTHubMessage_GetByteArray function to retrieve the message, which in this example is a string.
Uninitialize the library
When you're done sending events and receiving messages, you can uninitialize the IoT library. To do so, issue
the following function call:
IoTHubClient_LL_Destroy(iotHubClientHandle);
NOTE
If Visual Studio asks you to retarget the project to the latest version, accept the prompt.
As with the previous sample, this one includes several NuGet packages:
Microsoft.Azure.C.SharedUtility
Microsoft.Azure.IoTHub.MqttTransport
Microsoft.Azure.IoTHub.IoTHubClient
Microsoft.Azure.IoTHub.Serializer
Microsoft.Azure.umqtt
You've seen most of these packages in the previous sample, but Microsoft.Azure.IoTHub.Serializer is new.
This package is required when you use the serializer library.
You can find the implementation of the sample application in the
iothub_client_samples_iothub_convenience_sample file.
The following sections walk you through the key parts of this sample.
Initialize the library
To start working with the serializer library, call the initialization APIs:
if (serializer_init(NULL) != SERIALIZER_OK)
{
(void)printf("Failed on serializer_init\r\n");
}
else
{
IOTHUB_CLIENT_LL_HANDLE iotHubClientHandle =
IoTHubClient_LL_CreateFromConnectionString(connectionString, MQTT_Protocol);
srand((unsigned int)time(NULL));
int avgWindSpeed = 10;
if (iotHubClientHandle == NULL)
{
(void)printf("Failed on IoTHubClient_LL_Create\r\n");
}
else
{
ContosoAnemometer* myWeather = CREATE_MODEL_INSTANCE(WeatherStation, ContosoAnemometer);
if (myWeather == NULL)
{
(void)printf("Failed on CREATE_MODEL_INSTANCE\r\n");
}
else
{
...
The call to the serializer_init function is a one-time call and initializes the underlying library. Then, you call the
IoTHubClient_LL_CreateFromConnectionString function, which is the same API as in the IoTHubClient
sample. This call sets your device connection string (this call is also where you choose the protocol you want to
use). This sample uses MQTT as the transport, but could use AMQP or HTTPS.
Finally, call the CREATE_MODEL_INSTANCE function. WeatherStation is the namespace of the model and
ContosoAnemometer is the name of the model. Once the model instance is created, you can use it to start
sending and receiving messages. However, it's important to understand what a model is.
Define the model
A model in the serializer library defines the messages that your device can send to IoT Hub and the messages,
called actions in the modeling language, which it can receive. You define a model using a set of C macros as in
the iothub_client_samples_iothub_convenience_sample sample application:
BEGIN_NAMESPACE(WeatherStation);
DECLARE_MODEL(ContosoAnemometer,
WITH_DATA(ascii_char_ptr, DeviceId),
WITH_DATA(int, WindSpeed),
WITH_ACTION(TurnFanOn),
WITH_ACTION(TurnFanOff),
WITH_ACTION(SetAirResistance, int, Position)
);
END_NAMESPACE(WeatherStation);
The BEGIN_NAMESPACE and END_NAMESPACE macros both take the namespace of the model as an
argument. It's expected that anything between these macros is the definition of your model or models, and the
data structures that the models use.
In this example, there is a single model called ContosoAnemometer. This model defines two pieces of data
that your device can send to IoT Hub: DeviceId and WindSpeed. It also defines three actions (messages) that
your device can receive: TurnFanOn, TurnFanOff, and SetAirResistance. Each data element has a type, and
each action has a name (and optionally a set of parameters).
The data and actions defined in the model define an API surface that you can use to send messages to IoT Hub,
and respond to messages sent to the device. Use of this model is best understood through an example.
Send messages
The model defines the data you can send to IoT Hub. In this example, that means one of the two data items
defined using the WITH_DATA macro. There are several steps required to send DeviceId and WindSpeed
values to an IoT hub. The first is to set the data you want to send:
myWeather->DeviceId = "myFirstDevice";
myWeather->WindSpeed = avgWindSpeed + (rand() % 4 + 2);
The model you defined earlier enables you to set the values by setting members of a struct. Next, serialize the
message you want to send:
This code serializes the device-to-cloud to a buffer (referenced by destination). The code then invokes the
sendMessage function to send the message to IoT Hub:
static void sendMessage(IOTHUB_CLIENT_LL_HANDLE iotHubClientHandle, const unsigned char* buffer, size_t
size)
{
static unsigned int messageTrackingId;
IOTHUB_MESSAGE_HANDLE messageHandle = IoTHubMessage_CreateFromByteArray(buffer, size);
if (messageHandle == NULL)
{
printf("unable to create a new IoTHubMessage\r\n");
}
else
{
if (IoTHubClient_LL_SendEventAsync(iotHubClientHandle, messageHandle, sendCallback, (void*)
(uintptr_t)messageTrackingId) != IOTHUB_CLIENT_OK)
{
printf("failed to hand over the message to IoTHubClient");
}
else
{
printf("IoTHubClient accepted the message for delivery\r\n");
}
IoTHubMessage_Destroy(messageHandle);
}
messageTrackingId++;
}
The second parameter is a pointer to user context; the same pointer passed to
IoTHubClient_LL_SendEventAsync. In this case, the context is a simple counter, but it can be anything you
want.
That's all there is to sending device-to-cloud messages. The only thing left to cover is how to receive messages.
Receive messages
Receiving a message works similarly to the way messages work in the IoTHubClient library. First, you register
a message callback function:
if (IoTHubClient_LL_SetMessageCallback(iotHubClientHandle,
IoTHubMessage, myWeather) != IOTHUB_CLIENT_OK)
{
printf("unable to IoTHubClient_SetMessageCallback\r\n");
}
else
{
...
Then, you write the callback function that's invoked when a message is received:
static IOTHUBMESSAGE_DISPOSITION_RESULT IoTHubMessage(IOTHUB_MESSAGE_HANDLE message, void*
userContextCallback)
{
IOTHUBMESSAGE_DISPOSITION_RESULT result;
const unsigned char* buffer;
size_t size;
if (IoTHubMessage_GetByteArray(message, &buffer, &size) != IOTHUB_MESSAGE_OK)
{
printf("unable to IoTHubMessage_GetByteArray\r\n");
result = IOTHUBMESSAGE_ABANDONED;
}
else
{
/*buffer is not zero terminated*/
char* temp = malloc(size + 1);
if (temp == NULL)
{
printf("failed to malloc\r\n");
result = IOTHUBMESSAGE_ABANDONED;
}
else
{
(void)memcpy(temp, buffer, size);
temp[size] = '\0';
EXECUTE_COMMAND_RESULT executeCommandResult = EXECUTE_COMMAND(userContextCallback, temp);
result =
(executeCommandResult == EXECUTE_COMMAND_ERROR) ? IOTHUBMESSAGE_ABANDONED :
(executeCommandResult == EXECUTE_COMMAND_SUCCESS) ? IOTHUBMESSAGE_ACCEPTED :
IOTHUBMESSAGE_REJECTED;
free(temp);
}
}
return result;
}
This code is boilerplate -- it's the same for any solution. This function receives the message and takes care of
routing it to the appropriate function through the call to EXECUTE_COMMAND. The function called at this
point depends on the definition of the actions in your model.
When you define an action in your model, you're required to implement a function that's called when your
device receives the corresponding message. For example, if your model defines this action:
Note how the name of the function matches the name of the action in the model and that the parameters of the
function match the parameters specified for the action. The first parameter is always required and contains a
pointer to the instance of your model.
When the device receives a message that matches this signature, the corresponding function is called.
Therefore, aside from having to include the boilerplate code from IoTHubMessage, receiving messages is just
a matter of defining a simple function for each action defined in your model.
Uninitialize the library
When you're done sending data and receiving messages, you can uninitialize the IoT library:
...
DESTROY_MODEL_INSTANCE(myWeather);
}
IoTHubClient_LL_Destroy(iotHubClientHandle);
}
serializer_deinit();
Each of these three functions aligns with the three initialization functions described previously. Calling these
APIs ensures that you free previously allocated resources.
Next Steps
This article covered the basics of using the libraries in the Azure IoT device SDK for C. It provided you with
enough information to understand what's included in the SDK, its architecture, and how to get started working
with the Windows samples. The next article continues the description of the SDK by explaining more about the
IoTHubClient library.
To learn more about developing for IoT Hub, see the Azure IoT SDKs.
To further explore the capabilities of IoT Hub, see:
Deploying AI to edge devices with Azure IoT Edge
Azure IoT device SDK for C – more about
IoTHubClient
8/8/2019 • 13 minutes to read • Edit Online
Azure IoT device SDK for C is the first article in this series introducing the Azure IoT device SDK for C. That
article explained that there are two architectural layers in SDK. At the base is the IoTHubClient library that
directly manages communication with IoT Hub. There's also the serializer library that builds on top of that to
provide serialization services. In this article, we'll provide additional detail on the IoTHubClient library.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
The previous article described how to use the IoTHubClient library to send events to IoT Hub and receive
messages. This article extends that discussion by explaining how to more precisely manage when you send and
receive data, introducing you to the lower-level APIs. We'll also explain how to attach properties to events (and
retrieve them from messages) using the property handling features in the IoTHubClient library. Finally, we'll
provide additional explanation of different ways to handle messages received from IoT Hub.
The article concludes by covering a couple of miscellaneous topics, including more about device credentials and
how to change the behavior of the IoTHubClient through configuration options.
We'll use the IoTHubClient SDK samples to explain these topics. If you want to follow along, see the
iothub_client_sample_http and iothub_client_sample_amqp applications that are included in the Azure IoT
device SDK for C. Everything described in the following sections is demonstrated in these samples.
You can find the Azure IoT device SDK for C GitHub repository and view details of the API in the C API
reference.
IOTHUB_CLIENT_HANDLE iotHubClientHandle;
iotHubClientHandle = IoTHubClient_CreateFromConnectionString(connectionString, AMQP_Protocol);
The article also described how to receive messages by registering a callback function.
int receiveContext = 0;
IoTHubClient_SetMessageCallback(iotHubClientHandle, ReceiveMessageCallback, &receiveContext);
The article also showed how to free resources using code such as the following.
IoTHubClient_Destroy(iotHubClientHandle);
EVENT_INSTANCE message;
sprintf_s(msgText, sizeof(msgText), "Message_%d_From_IoTHubClient_LL_Over_HTTP", i);
message.messageHandle = IoTHubMessage_CreateFromByteArray((const unsigned char*)msgText, strlen(msgText));
The first three lines create the message, and the last line sends the event. However, as mentioned previously,
sending the event means that the data is simply placed in a buffer. Nothing is transmitted on the network when we
call IoTHubClient_LL_SendEventAsync. In order to actually ingress the data to IoT Hub, you must call
IoTHubClient_LL_DoWork, as in this example:
while (1)
{
IoTHubClient_LL_DoWork(iotHubClientHandle);
ThreadAPI_Sleep(100);
}
This code (from the iothub_client_sample_http application) repeatedly calls IoTHubClient_LL_DoWork. Each
time IoTHubClient_LL_DoWork is called, it sends some events from the buffer to IoT Hub and it retrieves a
queued message being sent to the device. The latter case means that if we registered a callback function for
messages, then the callback is invoked (assuming any messages are queued up). We would have registered such a
callback function with code such as the following:
The reason that IoTHubClient_LL_DoWork is often called in a loop is that each time it’s called, it sends some
buffered events to IoT Hub and retrieves the next message queued up for the device. Each call isn’t guaranteed to
send all buffered events or to retrieve all queued messages. If you want to send all events in the buffer and then
continue on with other processing you can replace this loop with code such as the following:
IOTHUB_CLIENT_STATUS status;
This code calls IoTHubClient_LL_DoWork until all events in the buffer have been sent to IoT Hub. Note this
does not also imply that all queued messages have been received. Part of the reason for this is that checking for
"all" messages isn’t as deterministic an action. What happens if you retrieve "all" of the messages, but then
another one is sent to the device immediately after? A better way to deal with that is with a programmed timeout.
For example, the message callback function could reset a timer every time it’s invoked. You can then write logic to
continue processing if, for example, no messages have been received in the last X seconds.
When you’re finished ingressing events and receiving messages, be sure to call the corresponding function to
clean up resources.
IoTHubClient_LL_Destroy(iotHubClientHandle);
Basically there’s only one set of APIs to send and receive data with a background thread and another set of APIs
that does the same thing without the background thread. A lot of developers may prefer the non-LL APIs, but the
lower-level APIs are useful when the developer wants explicit control over network transmissions. For example,
some devices collect data over time and only ingress events at specified intervals (for example, once an hour or
once a day). The lower-level APIs give you the ability to explicitly control when you send and receive data from IoT
Hub. Others will simply prefer the simplicity that the lower-level APIs provide. Everything happens on the main
thread rather than some work happening in the background.
Whichever model you choose, be sure to be consistent in which APIs you use. If you start by calling
IoTHubClient_LL_CreateFromConnectionString, be sure you only use the corresponding lower-level APIs for
any follow -up work:
IoTHubClient_LL_SendEventAsync
IoTHubClient_LL_SetMessageCallback
IoTHubClient_LL_Destroy
IoTHubClient_LL_DoWork
The opposite is true as well. If you start with IoTHubClient_CreateFromConnectionString, then use the non-
LL APIs for any additional processing.
In the Azure IoT device SDK for C, see the iothub_client_sample_http application for a complete example of the
lower-level APIs. The iothub_client_sample_amqp application can be referenced for a full example of the non-
LL APIs.
Property handling
So far when we've described sending data, we've been referring to the body of the message. For example, consider
this code:
EVENT_INSTANCE message;
sprintf_s(msgText, sizeof(msgText), "Hello World");
message.messageHandle = IoTHubMessage_CreateFromByteArray((const unsigned char*)msgText, strlen(msgText));
IoTHubClient_LL_SendEventAsync(iotHubClientHandle, message.messageHandle, SendConfirmationCallback, &message)
This example sends a message to IoT Hub with the text "Hello World." However, IoT Hub also allows properties to
be attached to each message. Properties are name/value pairs that can be attached to the message. For example,
we can modify the previous code to attach a property to the message:
We start by calling IoTHubMessage_Properties and passing it the handle of our message. What we get back is a
MAP_HANDLE reference that enables us to start adding properties. The latter is accomplished by calling
Map_AddOrUpdate, which takes a reference to a MAP_HANDLE, the property name, and the property value.
With this API we can add as many properties as we like.
When the event is read from Event Hubs, the receiver can enumerate the properties and retrieve their
corresponding values. For example, in .NET this would be accomplished by accessing the Properties collection on
the EventData object.
In the previous example, we’re attaching properties to an event that we send to IoT Hub. Properties can also be
attached to messages received from IoT Hub. If we want to retrieve properties from a message, we can use code
such as the following in our message callback function:
static IOTHUBMESSAGE_DISPOSITION_RESULT ReceiveMessageCallback(IOTHUB_MESSAGE_HANDLE message, void*
userContextCallback)
{
. . .
. . .
}
The call to IoTHubMessage_Properties returns the MAP_HANDLE reference. We then pass that reference to
Map_GetInternals to obtain a reference to an array of the name/value pairs (as well as a count of the properties).
At that point it's a simple matter of enumerating the properties to get to the values we want.
You don't have to use properties in your application. However, if you need to set them on events or retrieve them
from messages, the IoTHubClient library makes it easy.
Message handling
As stated previously, when messages arrive from IoT Hub the IoTHubClient library responds by invoking a
registered callback function. There is a return parameter of this function that deserves some additional
explanation. Here’s an excerpt of the callback function in the iothub_client_sample_http sample application:
Note that the return type is IOTHUBMESSAGE_DISPOSITION_RESULT and in this particular case we return
IOTHUBMESSAGE_ACCEPTED. There are other values we can return from this function that change how the
IoTHubClient library reacts to the message callback. Here are the options.
IOTHUBMESSAGE_ACCEPTED – The message has been processed successfully. The IoTHubClient
library will not invoke the callback function again with the same message.
IOTHUBMESSAGE_REJECTED – The message was not processed and there is no desire to do so in the
future. The IoTHubClient library should not invoke the callback function again with the same message.
IOTHUBMESSAGE_ABANDONED – The message was not processed successfully, but the
IoTHubClient library should invoke the callback function again with the same message.
For the first two return codes, the IoTHubClient library sends a message to IoT Hub indicating that the message
should be deleted from the device queue and not delivered again. The net effect is the same (the message is
deleted from the device queue), but whether the message was accepted or rejected is still recorded. Recording this
distinction is useful to senders of the message who can listen for feedback and find out if a device has accepted or
rejected a particular message.
In the last case a message is also sent to IoT Hub, but it indicates that the message should be redelivered. Typically
you’ll abandon a message if you encounter some error but want to try to process the message again. In contrast,
rejecting a message is appropriate when you encounter an unrecoverable error (or if you simply decide you don’t
want to process the message).
In any case, be aware of the different return codes so that you can elicit the behavior you want from the
IoTHubClient library.
IOTHUB_CLIENT_HANDLE iotHubClientHandle;
iotHubClientHandle = IoTHubClient_CreateFromConnectionString(connectionString, AMQP_Protocol);
HostName=IOTHUBNAME.IOTHUBSUFFIX;DeviceId=DEVICEID;SharedAccessKey=SHAREDACCESSKEY
There are four pieces of information in this string: IoT Hub name, IoT Hub suffix, device ID, and shared access key.
You obtain the fully qualified domain name (FQDN ) of an IoT hub when you create your IoT hub instance in the
Azure portal — this gives you the IoT hub name (the first part of the FQDN ) and the IoT hub suffix (the rest of the
FQDN ). You get the device ID and the shared access key when you register your device with IoT Hub (as
described in the previous article).
IoTHubClient_CreateFromConnectionString gives you one way to initialize the library. If you prefer, you can
create a new IOTHUB_CLIENT_HANDLE by using these individual parameters rather than the device
connection string. This is achieved with the following code:
IOTHUB_CLIENT_CONFIG iotHubClientConfig;
iotHubClientConfig.iotHubName = "";
iotHubClientConfig.deviceId = "";
iotHubClientConfig.deviceKey = "";
iotHubClientConfig.iotHubSuffix = "";
iotHubClientConfig.protocol = HTTP_Protocol;
IOTHUB_CLIENT_HANDLE iotHubClientHandle = IoTHubClient_LL_Create(&iotHubClientConfig);
Configuration options
So far everything described about the way the IoTHubClient library works reflects its default behavior. However,
there are a few options that you can set to change how the library works. This is accomplished by leveraging the
IoTHubClient_LL_SetOption API. Consider this example:
Next steps
This article describes in detail the behavior of the IoTHubClient library found in the Azure IoT device SDK for
C. With this information, you should have a good understanding of the capabilities of the IoTHubClient library.
The second article in this series is Azure IoT device SDK for C - Serializer, which provides similar detail on the
serializer library.
To learn more about developing for IoT Hub, see the Azure IoT SDKs.
To further explore the capabilities of IoT Hub, see Deploying AI to edge devices with Azure IoT Edge.
Azure IoT device SDK for C – more about serializer
12/20/2019 • 21 minutes to read • Edit Online
The first article in this series introduced the Introduction to Azure IoT device SDK for C. The next article provided a
more detailed description of the Azure IoT device SDK for C -- IoTHubClient. This article completes coverage of
the SDK by providing a more detailed description of the remaining component: the serializer library.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
The introductory article described how to use the serializer library to send events to and receive messages from
IoT Hub. In this article, we extend that discussion by providing a more complete explanation of how to model your
data with the serializer macro language. The article also includes more detail about how the library serializes
messages (and in some cases how you can control the serialization behavior). We'll also describe some parameters
you can modify that determine the size of the models you create.
Finally, the article revisits some topics covered in previous articles such as message and property handling. As
we'll find out, those features work in the same way using the serializer library as they do with the IoTHubClient
library.
Everything described in this article is based on the serializer SDK samples. If you want to follow along, see the
simplesample_amqp and simplesample_http applications included in the Azure IoT device SDK for C.
You can find the Azure IoT device SDK for C GitHub repository and view details of the API in the C API
reference.
BEGIN_NAMESPACE(WeatherStation);
DECLARE_MODEL(ContosoAnemometer,
WITH_DATA(ascii_char_ptr, DeviceId),
WITH_DATA(double, WindSpeed),
WITH_ACTION(TurnFanOn),
WITH_ACTION(TurnFanOff),
WITH_ACTION(SetAirResistance, int, Position)
);
END_NAMESPACE(WeatherStation);
As you can see, the modeling language is based on C macros. You always begin your definition with
BEGIN_NAMESPACE and always end with END_NAMESPACE. It's common to name the namespace for your
company or, as in this example, the project that you're working on.
What goes inside the namespace are model definitions. In this case, there is a single model for an anemometer.
Once again, the model can be named anything, but typically the model is named for the device or type of data you
want to exchange with IoT Hub.
Models contain a definition of the events you can ingress to IoT Hub (the data) as well as the messages you can
receive from IoT Hub (the actions). As you can see from the example, events have a type and a name; actions have
a name and optional parameters (each with a type).
What’s not demonstrated in this sample are additional data types that are supported by the SDK. We'll cover that
next.
NOTE
IoT Hub refers to the data a device sends to it as events, while the modeling language refers to it as data (defined using
WITH_DATA). Likewise, IoT Hub refers to the data you send to devices as messages, while the modeling language refers to it
as actions (defined using WITH_ACTION). Be aware that these terms may be used interchangeably in this article.
TYPE DESCRIPTION
bool boolean
EDM_GUID GUID
EDM_BINARY binary
Let’s start with the last data type. The DECLARE_STRUCT allows you to define complex data types, which are
groupings of the other primitive types. These groupings allow us to define a model that looks like this:
DECLARE_STRUCT(TestType,
double, aDouble,
int, aInt,
float, aFloat,
long, aLong,
int8_t, aInt8,
uint8_t, auInt8,
int16_t, aInt16,
int32_t, aInt32,
int64_t, aInt64,
bool, aBool,
ascii_char_ptr, aAsciiCharPtr,
EDM_DATE_TIME_OFFSET, aDateTimeOffset,
EDM_GUID, aGuid,
EDM_BINARY, aBinary
);
DECLARE_MODEL(TestModel,
WITH_DATA(TestType, Test)
);
Our model contains a single data event of type TestType. TestType is a complex type that includes several
members, which collectively demonstrate the primitive types supported by the serializer modeling language.
With a model like this, we can write code to send data to IoT Hub that appears as follows:
testModel->Test.aDouble = 1.1;
testModel->Test.aInt = 2;
testModel->Test.aFloat = 3.0f;
testModel->Test.aLong = 4;
testModel->Test.aInt8 = 5;
testModel->Test.auInt8 = 6;
testModel->Test.aInt16 = 7;
testModel->Test.aInt32 = 8;
testModel->Test.aInt64 = 9;
testModel->Test.aBool = true;
testModel->Test.aAsciiCharPtr = "ascii string 1";
time_t now;
time(&now);
testModel->Test.aDateTimeOffset = GetDateTimeOffset(now);
EDM_GUID guid = { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
0x0F } };
testModel->Test.aGuid = guid;
Basically, we’re assigning a value to every member of the Test structure and then calling SendAsync to send the
Test data event to the cloud. SendAsync is a helper function that sends a single data event to IoT Hub:
void SendAsync(IOTHUB_CLIENT_LL_HANDLE iotHubClientHandle, const void *dataEvent)
{
unsigned char* destination;
size_t destinationSize;
if (SERIALIZE(&destination, &destinationSize, *(const unsigned char*)dataEvent) ==
{
// null terminate the string
char* destinationAsString = (char*)malloc(destinationSize + 1);
if (destinationAsString != NULL)
{
memcpy(destinationAsString, destination, destinationSize);
destinationAsString[destinationSize] = '\0';
IOTHUB_MESSAGE_HANDLE messageHandle = IoTHubMessage_CreateFromString(destinationAsString);
if (messageHandle != NULL)
{
IoTHubClient_SendEventAsync(iotHubClientHandle, messageHandle, sendCallback, (void*)0);
IoTHubMessage_Destroy(messageHandle);
}
free(destinationAsString);
}
free(destination);
}
}
This function serializes the given data event and sends it to IoT Hub using IoTHubClient_SendEventAsync. This
is the same code discussed in previous articles (SendAsync encapsulates the logic into a convenient function).
One other helper function used in the previous code is GetDateTimeOffset. This function transforms the given
time into a value of type EDM_DATE_TIME_OFFSET:
If you run this code, the following message is sent to IoT Hub:
Note that the serialization is in JSON, which is the format generated by the serializer library. Also note that each
member of the serialized JSON object matches the members of the TestType that we defined in our model. The
values also exactly match those used in the code. However, note that the binary data is base64-encoded: "AQID" is
the base64 encoding of {0x01, 0x02, 0x03}.
This example demonstrates the advantage of using the serializer library -- it enables us to send JSON to the
cloud, without having to explicitly deal with serialization in our application. All we have to worry about is setting
the values of the data events in our model and then calling simple APIs to send those events to the cloud.
With this information, we can define models that include the range of supported data types, including complex
types (we could even include complex types within other complex types). However, the serialized JSON generated
by the example above brings up an important point. How we send data with the serializer library determines
exactly how the JSON is formed. That particular point is what we'll cover next.
BEGIN_NAMESPACE(Contoso);
DECLARE_STRUCT(TemperatureEvent,
int, Temperature,
EDM_DATE_TIME_OFFSET, Time);
DECLARE_STRUCT(HumidityEvent,
int, Humidity,
EDM_DATE_TIME_OFFSET, Time);
DECLARE_MODEL(Thermostat,
WITH_DATA(TemperatureEvent, Temperature),
WITH_DATA(HumidityEvent, Humidity)
);
END_NAMESPACE(Contoso);
Note that the model includes two data events: Temperature and Humidity. Unlike previous examples, the type of
each event is a structure defined using DECLARE_STRUCT. TemperatureEvent includes a temperature
measurement and a timestamp; HumidityEvent contains a humidity measurement and a timestamp. This model
gives us a natural way to model the data for the scenario described above. When we send an event to the cloud,
we'll either send a temperature/timestamp or a humidity/timestamp pair.
We can send a temperature event to the cloud using code such as the following:
time_t now;
time(&now);
thermostat->Temperature.Temperature = 75;
thermostat->Temperature.Time = GetDateTimeOffset(now);
We'll use hard-coded values for temperature and humidity in the sample code, but imagine that we’re actually
retrieving these values by sampling the corresponding sensors on the thermostat.
The code above uses the GetDateTimeOffset helper that was introduced previously. For reasons that will become
clear later, this code explicitly separates the task of serializing and sending the event. The previous code serializes
the temperature event into a buffer. Then, sendMessage is a helper function (included in simplesample_amqp)
that sends the event to IoT Hub:
static void sendMessage(IOTHUB_CLIENT_HANDLE iotHubClientHandle, const unsigned char* buffer, size_t size)
{
static unsigned int messageTrackingId;
IOTHUB_MESSAGE_HANDLE messageHandle = IoTHubMessage_CreateFromByteArray(buffer, size);
if (messageHandle != NULL)
{
IoTHubClient_SendEventAsync(iotHubClientHandle, messageHandle, sendCallback, (void*)
(uintptr_t)messageTrackingId);
IoTHubMessage_Destroy(messageHandle);
}
free((void*)buffer);
}
This code is a subset of the SendAsync helper described in the previous section, so we won’t go over it again here.
When we run the previous code to send the Temperature event, this serialized form of the event is sent to IoT Hub:
{"Temperature":75, "Time":"2015-09-17T18:45:56Z"}
We're sending a temperature, which is of type TemperatureEvent, and that struct contains a Temperature and
Time member. This is directly reflected in the serialized data.
Similarly, we can send a humidity event with this code:
thermostat->Humidity.Humidity = 45;
thermostat->Humidity.Time = GetDateTimeOffset(now);
if (SERIALIZE(&destination, &destinationSize, thermostat->Humidity) == IOT_AGENT_OK)
{
sendMessage(iotHubClientHandle, destination, destinationSize);
}
{"Humidity":45, "Time":"2015-09-17T18:45:56Z"}
DECLARE_MODEL(Thermostat,
WITH_DATA(int, Temperature),
WITH_DATA(int, Humidity),
WITH_DATA(EDM_DATE_TIME_OFFSET, Time)
);
In this case, we've eliminated the DECLARE_STRUCT macros and are simply defining the data items from our
scenario using simple types from the modeling language.
Just for the moment, ignore the Time event. With that aside, here’s the code to ingress Temperature:
time_t now;
time(&now);
thermostat->Temperature = 75;
{"Temperature":75}
And the code for sending the Humidity event appears as follows:
thermostat->Humidity = 45;
if (SERIALIZE(&destination, &destinationSize, thermostat->Humidity) == IOT_AGENT_OK)
{
sendMessage(iotHubClientHandle, destination, destinationSize);
}
{"Humidity":45}
So far there are still no surprises. Now let's change how we use the SERIALIZE macro.
The SERIALIZE macro can take multiple data events as arguments. This enables us to serialize the Temperature
and Humidity event together and send them to IoT Hub in one call:
DECLARE_MODEL(Thermostat,
WITH_DATA(int, Temperature),
WITH_DATA(int, Humidity),
WITH_DATA(EDM_DATE_TIME_OFFSET, Time)
);
More to the point, we didn’t model these events where Temperature and Humidity are in the same structure:
DECLARE_STRUCT(TemperatureAndHumidityEvent,
int, Temperature,
int, Humidity,
);
DECLARE_MODEL(Thermostat,
WITH_DATA(TemperatureAndHumidityEvent, TemperatureAndHumidity),
);
If we used this model, it would be easier to understand how Temperature and Humidity would be sent in the
same serialized message. However it may not be clear why it works that way when you pass both data events to
SERIALIZE using model 2.
This behavior is easier to understand if you know the assumptions that the serializer library is making. To make
sense of this, let’s go back to our model:
DECLARE_MODEL(Thermostat,
WITH_DATA(int, Temperature),
WITH_DATA(int, Humidity),
WITH_DATA(EDM_DATE_TIME_OFFSET, Time)
);
Think of this model in object-oriented terms. In this case, we’re modeling a physical device (a thermostat) and that
device includes attributes like Temperature and Humidity.
We can send the entire state of our model with code such as the following:
Assuming the values of Temperature, Humidity and Time are set, we would see an event like this sent to IoT Hub:
{"Temperature":75, "Time":"2015-09-17T18:45:56Z"}
This generates exactly the same serialized event as if we had defined a TemperatureEvent with a Temperature
and Time member, just as we did with model 1. In this case, we were able to generate exactly the same serialized
event by using a different model (model 2) because we called SERIALIZE in a different way.
The important point is that if you pass multiple data events to SERIALIZE, then it assumes each event is a
property in a single JSON object.
The best approach depends on you and how you think about your model. If you’re sending "events" to the cloud
and each event contains a defined set of properties, then the first approach makes a lot of sense. In that case you
would use DECLARE_STRUCT to define the structure of each event and then include them in your model with
the WITH_DATA macro. Then you send each event as we did in the first example above. In this approach, you
would only pass a single data event to SERIALIZER.
If you think about your model in an object-oriented fashion, then the second approach may suit you. In this case,
the elements defined using WITH_DATA are the "properties" of your object. You pass whatever subset of events
to SERIALIZE that you like, depending on how much of your "object’s" state you want to send to the cloud.
Nether approach is right or wrong. Just be aware of how the serializer library works, and pick the modeling
approach that best fits your needs.
Message handling
So far this article has only discussed sending events to IoT Hub, and hasn't addressed receiving messages. The
reason for this is that what we need to know about receiving messages has largely been covered in the article
Azure IoT device SDK for C. Recall from that article that you process messages by registering a message callback
function:
You then write the callback function that’s invoked when a message is received:
static IOTHUBMESSAGE_DISPOSITION_RESULT IoTHubMessage(IOTHUB_MESSAGE_HANDLE message, void*
userContextCallback)
{
IOTHUBMESSAGE_DISPOSITION_RESULT result;
const unsigned char* buffer;
size_t size;
if (IoTHubMessage_GetByteArray(message, &buffer, &size) != IOTHUB_MESSAGE_OK)
{
printf("unable to IoTHubMessage_GetByteArray\r\n");
result = EXECUTE_COMMAND_ERROR;
}
else
{
/*buffer is not zero terminated*/
char* temp = malloc(size + 1);
if (temp == NULL)
{
printf("failed to malloc\r\n");
result = EXECUTE_COMMAND_ERROR;
}
else
{
memcpy(temp, buffer, size);
temp[size] = '\0';
EXECUTE_COMMAND_RESULT executeCommandResult = EXECUTE_COMMAND(userContextCallback, temp);
result =
(executeCommandResult == EXECUTE_COMMAND_ERROR) ? IOTHUBMESSAGE_ABANDONED :
(executeCommandResult == EXECUTE_COMMAND_SUCCESS) ? IOTHUBMESSAGE_ACCEPTED :
IOTHUBMESSAGE_REJECTED;
free(temp);
}
}
return result;
}
This implementation of IoTHubMessage calls the specific function for each action in your model. For example, if
your model defines this action:
The action name must exactly match an action defined in your model. The parameter names must match as well.
Also note case sensitivity. Name and Parameters are always uppercase. Make sure to match the case of your
action name and parameters in your model. In this example, the action name is "SetAirResistance" and not
"setairresistance".
The two other actions TurnFanOn and TurnFanOff can be invoked by sending these messages to a device:
This section described everything you need to know when sending events and receiving messages with the
serializer library. Before moving on, let's cover some parameters you can configure that control how large your
model is.
Macro configuration
If you’re using the Serializer library an important part of the SDK to be aware of is found in the azure-c-shared-
utility library.
If you have cloned the Azure-iot-sdk-c repository from GitHub and issued the git submodule update --init
command, then you will find this shared utility library here:
.\\c-utility
If you have not cloned the library, you can find it here.
Within the shared utility library, you will find the following folder:
azure-c-shared-utility\\macro\_utils\_h\_generator.
The program in this solution generates the macro_utils.h file. There’s a default macro_utils.h file included with the
SDK. This solution allows you to modify some parameters and then recreate the header file based on these
parameters.
The two key parameters to be concerned with are nArithmetic and nMacroParameters, which are defined in
these two lines found in macro_utils.tt:
<#int nArithmetic=1024;#>
<#int nMacroParameters=124;/*127 parameters in one macro definition in C99 in chapter 5.2.4.1 Translation
limits*/#>
These values are the default parameters included with the SDK. Each parameter has the following meaning:
nMacroParameters – Controls how many parameters you can have in one DECLARE_MODEL macro definition.
nArithmetic – Controls the total number of members allowed in a model.
The reason these parameters are important is because they control how large your model can be. For example,
consider this model definition:
DECLARE_MODEL(MyModel,
WITH_DATA(int, MyData)
);
As mentioned previously, DECLARE_MODEL is just a C macro. The names of the model and the WITH_DATA
statement (yet another macro) are parameters of DECLARE_MODEL. nMacroParameters defines how many
parameters can be included in DECLARE_MODEL. Effectively, this defines how many data event and action
declarations you can have. As such, with the default limit of 124 this means that you can define a model with a
combination of about 60 actions and data events. If you try to exceed this limit, you'll receive compiler errors that
look similar to this:
The nArithmetic parameter is more about the internal workings of the macro language than your application. It
controls the total number of members you can have in your model, including DECLARE_STRUCT macros. If you
start seeing compiler errors such as this, then you should try increasing nArithmetic:
If you want to change these parameters, modify the values in the macro_utils.tt file, recompile the
macro_utils_h_generator.sln solution, and run the compiled program. When you do so, a new macro_utils.h file is
generated and placed in the .\common\inc directory.
In order to use the new version of macro_utils.h, remove the serializer NuGet package from your solution and in
its place include the serializer Visual Studio project. This enables your code to compile against the source code of
the serializer library. This includes the updated macro_utils.h. If you want to do this for simplesample_amqp, start
by removing the NuGet package for the serializer library from the solution:
Then add this project to your Visual Studio solution:
.\c\serializer\build\windows\serializer.vcxproj
Now when you compile your solution, the updated macro_utils.h is included in your binary.
Note that increasing these values high enough can exceed compiler limits. To this point, the nMacroParameters is
the main parameter with which to be concerned. The C99 spec specifies that a minimum of 127 parameters are
allowed in a macro definition. The Microsoft compiler follows the spec exactly (and has a limit of 127), so you won't
be able to increase nMacroParameters beyond the default. Other compilers might allow you to do so (for
example, the GNU compiler supports a higher limit).
So far we've covered just about everything you need to know about how to write code with the serializer library.
Before concluding, let's revisit some topics from previous articles that you may be wondering about.
Additional topics
A few other topics worth mentioning again are property handling, using alternate device credentials, and
configuration options. These are all topics covered in a previous article. The main point is that all of these features
work in the same way with the serializer library as they do with the IoTHubClient library. For example, if you
want to attach properties to an event from your model, you use IoTHubMessage_Properties and
Map_AddorUpdate, the same way as described previously:
Whether the event was generated from the serializer library or created manually using the IoTHubClient library
does not matter.
For the alternate device credentials, using IoTHubClient_LL_Create works just as well as
IoTHubClient_CreateFromConnectionString for allocating an IOTHUB_CLIENT_HANDLE.
Finally, if you're using the serializer library, you can set configuration options with IoTHubClient_LL_SetOption
just as you did when using the IoTHubClient library.
A feature that is unique to the serializer library are the initialization APIs. Before you can start working with the
library, you must call serializer_init:
serializer_init(NULL);
This is done just before you call IoTHubClient_CreateFromConnectionString.
Similarly, when you're done working with the library, the last call you’ll make is to serializer_deinit:
serializer_deinit();
Otherwise, all of the other features listed above work the same in the serializer library as they do in the
IoTHubClient library. For more information about any of these topics, see the previous article in this series.
Next steps
This article describes in detail the unique aspects of the serializer library contained in the Azure IoT device SDK
for C. With the information provided you should have a good understanding of how to use models to send events
and receive messages from IoT Hub.
This also concludes the three-part series on how to develop applications with the Azure IoT device SDK for C.
This should be enough information to not only get you started but give you a thorough understanding of how the
APIs work. For additional information, there are a few samples in the SDK not covered here. Otherwise, the Azure
IoT SDK documentation is a good resource for additional information.
To learn more about developing for IoT Hub, see the Azure IoT SDKs.
To further explore the capabilities of IoT Hub, see Deploying AI to edge devices with Azure IoT Edge.
Develop for constrained devices using Azure IoT C
SDK
11/12/2019 • 3 minutes to read • Edit Online
Azure IoT Hub C SDK is written in ANSI C (C99), which makes it well-suited to operate a variety of platforms with
small disk and memory footprint. The recommended RAM is at least 64 KB, but the exact memory footprint
depends on the protocol used, the number of connections opened, as well as the platform targeted.
NOTE
Azure IoT C SDK regularly publishes resource consumption information to help with development. Please visit our GitHub
repository and review the latest benchmark.
C SDK is available in package form from apt-get, NuGet, and MBED. To target constrained devices, you may want
to build the SDK locally for your target platform. This documentation demonstrates how to remove certain
features to shrink the footprint of the C SDK using cmake. In addition, this documentation discusses the best
practice programming models for working with constrained devices.
strip -s <Path_to_executable>
Next steps
To learn more about Azure IoT C SDK architecture:
Azure IoT C SDK source code
Azure IoT device SDK for C introduction
Develop for mobile devices using Azure IoT SDKs
8/8/2019 • 2 minutes to read • Edit Online
Things in the Internet of Things may refer to a wide range of devices with varying capability: sensors,
microcontrollers, smart devices, industrial gateways, and even mobile devices. A mobile device can be an IoT
device, where it is sending device-to-cloud telemetry and managed by the cloud. It can also be the device running
a back-end service application, which manages other IoT devices. In both cases, Azure IoT Hub SDKs can be used
to develop applications that work for mobile devices.
Next steps
IoT Hub REST API reference
Azure IoT C SDK source code
Manage connectivity and reliable messaging by using
Azure IoT Hub device SDKs
11/12/2019 • 4 minutes to read • Edit Online
This article provides high-level guidance to help you design device applications that are more resilient. It shows
you how to take advantage of the connectivity and reliable messaging features in Azure IoT device SDKs. The goal
of this guide is to help you manage the following scenarios:
Fixing a dropped network connection
Switching between different network connections
Reconnecting because of service transient connection errors
Implementation details may vary by language. For more information, see the API documentation or specific SDK:
C/iOS SDK
.NET SDK
Java SDK
Node SDK
Python SDK (Reliability not yet implemented)
To avoid high CPU usage, the retries are throttled if the code fails immediately. For example, when there's no
network or route to the destination. The minimum time to execute the next retry is 1 second.
If the service responds with a throttling error, the retry policy is different and can't be changed via public API:
The retry mechanism stops after DefaultOperationTimeoutInMilliseconds , which is currently set at 4 minutes.
Other languages implementation guidance
For code samples in other languages, review the following implementation documents. The repository contains
samples that demonstrate the use of retry policy APIs.
C/iOS SDK
.NET SDK
Java SDK
Node SDK
Python SDK
Next steps
Use device and service SDKs
Use the IoT device SDK for C
Develop for constrained devices
Develop for mobile devices
Troubleshoot device disconnects
Develop for Android Things platform using Azure IoT
SDKs
8/8/2019 • 7 minutes to read • Edit Online
Azure IoT Hub SDKs provide first tier support for popular platforms such as Windows, Linux, OSX, MBED, and
mobile platforms like Android and iOS. As part of our commitment to enable greater choice and flexibility in IoT
deployments, the Java SDK also supports Android Things platform. Developers can leverage the benefits of
Android Things operating system on the device side, while using Azure IoT Hub as the central message hub that
scales to millions of simultaneously connected devices.
This tutorial outlines the steps to build a device side application on Android Things using the Azure IoT Java SDK.
Prerequisites
An Android Things supported hardware with Android Things OS running. You can follow Android Things
documentation on how to flash Android Things OS. Make sure your Android Things device is connected to
the internet with essential peripherals such as keyboard, display, and mouse attached. This tutorial uses
Raspberry Pi 3.
Latest version of Android Studio
Latest version of Git
OPTION EXAMPLE/LINK
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
Register a device
A device must be registered with your IoT hub before it can connect. In this quickstart, you use the Azure Cloud
Shell to register a simulated device.
1. Run the following commands in Azure Cloud Shell to add the IoT Hub CLI extension and to create the
device identity.
YourIoTHubName : Replace this placeholder below with the name you choose for your IoT hub.
MyAndroidThingsDevice : This is the name given for the registered device. Use MyAndroidThingsDevice
as shown. If you choose a different name for your device, you will also need to use that name throughout
this article, and update the device name in the sample applications before you run them.
2. Run the following commands in Azure Cloud Shell to get the device connection string for the device you just
registered. Replace YourIoTHubName below with the name you choose for your IoT hub.
adb devices
3. Download our sample for Android/Android Things from this repository or use Git.
Clean up resources
If you will be continuing to the next recommended article, you can keep the resources you've already created and
reuse them.
Otherwise, you can delete the Azure resources created in this article to avoid charges.
IMPORTANT
Deleting a resource group is irreversible. The resource group and all the resources contained in it are permanently deleted.
Make sure that you do not accidentally delete the wrong resource group or resources. If you created the IoT Hub inside an
existing resource group that contains resources you want to keep, only delete the IoT Hub resource itself instead of deleting
the resource group.
4. You will be asked to confirm the deletion of the resource group. Type the name of your resource group again
to confirm, and then select Delete. After a few moments, the resource group and all of its contained
resources are deleted.
Next steps
Learn about how to manage connectivity and reliable messaging using the IoT Hub SDKs.
Learn about how to develop for mobile platforms such as iOS and Android.
Azure IoT SDK platform support
Query Avro data by using Azure Data Lake Analytics
11/4/2019 • 4 minutes to read • Edit Online
This article discusses how to query Avro data to efficiently route messages from Azure IoT Hub to Azure services.
Message Routing allows you to filter data using rich queries based on message properties, message body, device
twin tags, and device twin properties. To learn more about the querying capabilities in Message Routing, see the
article about message routing query syntax.
The challenge has been that when Azure IoT Hub routes messages to Azure Blob storage, by default IoT Hub
writes the content in Avro format, which has both a message body property and a message property. The Avro
format is not used for any other endpoints. Although the Avro format is great for data and message preservation,
it's a challenge to use it to query data. In comparison, JSON or CSV format is much easier for querying data. IoT
Hub now supports writing data to Blob storage in JSON as well as AVRO.
For more information, see Using Azure Storage as a routing endpoint.
To address non-relational big-data needs and formats and overcome this challenge, you can use many of the big-
data patterns for both transforming and scaling data. One of the patterns, "pay per query", is Azure Data Lake
Analytics, which is the focus of this article. Although you can easily execute the query in Hadoop or other solutions,
Data Lake Analytics is often better suited for this "pay per query" approach.
There is an "extractor" for Avro in U -SQL. For more information, see U -SQL Avro example.
3. Set up an Azure Data Lake Store instance and a Data Lake Analytics instance. Azure IoT Hub does not route
to a Data Lake Store instance, but a Data Lake Analytics instance requires one.
4. In Data Lake Analytics, configure Azure Blob storage as an additional store, the same Blob storage that
Azure IoT Hub routes data to.
5. As discussed in the U -SQL Avro example, you need four DLL files. Upload these files to a location in your
Data Lake Store instance.
@rs =
EXTRACT
EnqueuedTimeUtc string,
Body byte[]
FROM @input_file
@cnt =
SELECT EnqueuedTimeUtc AS time, Encoding.UTF8.GetString(Body) AS jsonmessage
FROM @rs;
It took Data Lake Analytics five minutes to run the following script, which was limited to 10 analytic units
and processed 177 files. The result is shown in the CSV -file output that's displayed in the following image:
/*
@cnt =
SELECT EnqueuedTimeUtc AS time, Encoding.UTF8.GetString(Body) AS jsonmessage
FROM @rs;
@cnt =
SELECT message["message"] AS iotmessage,
message["event"] AS msgevent,
message["object"] AS msgobject,
message["status"] AS msgstatus,
message["host"] AS msghost
FROM @jsonify;
The output displays a column for each item in the SELECT command.
Next steps
In this tutorial, you learned how to query Avro data to efficiently route messages from Azure IoT Hub to Azure
services.
For examples of complete end-to-end solutions that use IoT Hub, see the Azure IoT Solution Accelerators
Documentation.
To learn more about developing solutions with IoT Hub, see the IoT Hub developer guide.
To learn more about message routing in IoT Hub, see Send and receive messages with IoT Hub.
Order device connection events from Azure IoT Hub
using Azure Cosmos DB
11/12/2019 • 9 minutes to read • Edit Online
Azure Event Grid helps you build event-based applications and easily integrate IoT events in your business
solutions. This article walks you through a setup which can be used to track and store the latest device connection
state in Cosmos DB. We will use the sequence number available in the Device Connected and Device
Disconnected events and store the latest state in Cosmos DB. We are going to use a stored procedure, which is an
application logic that is executed against a collection in Cosmos DB.
The sequence number is a string representation of a hexadecimal number. You can use string compare to identify
the larger number. If you are converting the string to hex, then the number will be a 256-bit number. The sequence
number is strictly increasing, and the latest event will have a higher number than other events. This is useful if you
have frequent device connects and disconnects, and want to ensure only the latest event is used to trigger a
downstream action, as Azure Event Grid doesn’t support ordering of events.
Prerequisites
An active Azure account. If you don't have one, you can create a free account.
An active Azure Cosmos DB SQL API account. If you haven't created one yet, see Create a database
account for a walkthrough.
A collection in your database. See Add a collection for a walkthrough. When you create your collection, use
/id for the partition key.
An IoT Hub in Azure. If you haven't created one yet, see Get started with IoT Hub for a walkthrough.
2. Enter LatestDeviceConnectionState for the stored procedure ID and paste the following in the Stored
Procedure body. Note that this code should replace any existing code in the stored procedure body. This
code maintains one row per device ID and records the latest connection state of that device ID by
identifying the highest sequence number.
function replaceDocument(document) {
console.log(
'Old Seq :' +
document.sequenceNumber +
' New Seq: ' +
sequenceNumber +
' - '
);
if (sequenceNumber > document.sequenceNumber) {
document.connectionState = connectionState;
document.connectionStateUpdatedTime = connectionStateUpdatedTime;
document.sequenceNumber = sequenceNumber;
4. In the Logic App Designer, scroll to the right until you see common triggers. Under Templates, choose
Blank Logic App so that you can build your logic app from scratch.
Select a trigger
A trigger is a specific event that starts your logic app. For this tutorial, the trigger that sets off the workflow is
receiving a request over HTTP.
1. In the connectors and triggers search bar, type HTTP and hit Enter.
2. Select Request - When an HTTP request is received as the trigger.
[{
"id": "fbfd8ee1-cf78-74c6-dbcf-e1c58638ccbd",
"topic":
"/SUBSCRIPTIONS/DEMO5CDD-8DAB-4CF4-9B2F-
C22E8A755472/RESOURCEGROUPS/EGTESTRG/PROVIDERS/MICROSOFT.DEVICES/IOTHUBS/MYIOTHUB",
"subject": "devices/Demo-Device-1",
"eventType": "Microsoft.Devices.DeviceConnected",
"eventTime": "2018-07-03T23:20:11.6921933+00:00",
"data": {
"deviceConnectionStateEventInfo": {
"sequenceNumber":
"000000000000000001D4132452F67CE200000002000000000000000000000001"
},
"hubName": "MYIOTHUB",
"deviceId": "48e44e11-1437-4907-83b1-4a8d7e89859e",
"moduleId": ""
},
"dataVersion": "1",
"metadataVersion": "1"
}]
5. You may receive a pop-up notification that says, Remember to include a Content-Type header set to
application/json in your request. You can safely ignore this suggestion, and move on to the next section.
Create a condition
In your logic app workflow, conditions help run specific actions after passing that specific condition. Once the
condition is met, a desired action can be defined. For this tutorial, the condition is to check whether eventType is
device connected or device disconnected. The action will be to execute the stored procedure in your database.
1. Select + New step then Built-in, then find and select Condition. Click in Choose a value and a box will
pop up showing the Dynamic content -- the fields that can be selected. Fill in the fields as shown below to
only execute this for Device Connected and Device Disconnected events:
Choose a value: eventType -- select this from the fields in the dynamic content that appear when
you click on this field.
Change "is equal to" to ends with.
Choose a value: nected.
3. Search for Cosmos DB and select Azure Cosmos DB - Execute stored procedure
4. Fill in cosmosdb-connection for the Connection Name and select the entry in the table, then select
Create. You see the Execute stored procedure panel. Enter the values for the fields:
Database ID: ToDoList
Collection ID: Items
Sproc ID: LatestDeviceConnectionState
5. Select Add new parameter. In the dropdown that appears, check the boxes next to Partition key and
Parameters for the stored procedure, then click anywhere else on the screen; it adds a field for partition
key value and a field for parameters for the stored procedure.
6. Now enter the partition key value and parameters as shown below. Be sure to put in the brackets and
double-quotes as shown. You may have to click Add dynamic content to get the valid values you can use
here.
7. At the top of the pane where it says For Each, under Select an output from previous steps, make sure it
Body is selected.
4. Fill in Event Subscription Details: Provide a descriptive name and select Event Grid Schema.
5. Fill in the Event Types fields. In the dropdown list, select only Device Connected and Device
Disconnected from the menu. Click anywhere else on the screen to close the list and save your selections.
6. For Endpoint Details, select Endpoint Type as Web Hook and click on select endpoint and paste the URL
that you copied from your logic app and confirm selection.
Observe events
Now that your event subscription is set up, let's test by connecting a device.
Register a device in IoT Hub
1. From your IoT hub, select IoT Devices.
2. Select +Add at the top of the pane.
3. For Device ID, enter Demo-Device-1 .
4. Select Save.
5. You can add multiple devices with different device IDs.
6. Click on the device again; now the connection strings and keys will be filled in. Copy the Connection
string -- primary key for later use.
Click Stop to stop the simulator and trigger a Device Disconnected event.
You have now run a sample application to collect sensor data and send it to your IoT hub.
Observe events in Cosmos DB
You can see results of the executed stored procedure in your Cosmos DB document. Here's what it looks like. Each
row contains the latest device connection state per device.
Clean up resources
This tutorial used resources that incur charges on your Azure subscription. When you're finished trying out the
tutorial and testing your results, disable or delete resources that you don't want to keep.
If you don't want to lose the work on your logic app, disable it instead of deleting it.
1. Navigate to your logic app.
2. On the Overview blade, select Delete or Disable.
Each subscription can have one free IoT hub. If you created a free hub for this tutorial, then you don't need
to delete it to prevent charges.
3. Navigate to your IoT hub.
4. On the Overview blade, select Delete.
Even if you keep your IoT hub, you may want to delete the event subscription that you created.
5. In your IoT hub, select Event Grid.
6. Select the event subscription that you want to remove.
7. Select Delete.
To remove an Azure Cosmos DB account from the Azure portal, right-click the account name and click Delete
account. See detailed instructions for deleting an Azure Cosmos DB account.
Next steps
Learn more about Reacting to IoT Hub events by using Event Grid to trigger actions
Try the IoT Hub events tutorial
Learn about what else you can do with Event Grid
Send messages from the cloud to your device with
IoT Hub (.NET)
8/29/2019 • 7 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that helps enable reliable and secure bi-directional communications
between millions of devices and a solution back end. The Send telemetry from a device to an IoT hub quickstart
shows how to create an IoT hub, provision a device identity in it, and code a device app that sends device-to-
cloud messages.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
This tutorial builds on Send telemetry from a device to an IoT hub. It shows you how to do the following tasks:
From your solution back end, send cloud-to-device messages to a single device through IoT Hub.
Receive cloud-to-device messages on a device.
From your solution back end, request delivery acknowledgment ( feedback) for messages sent to a device
from IoT Hub.
You can find more information on cloud-to-device messages in D2C and C2D Messaging with IoT Hub.
At the end of this tutorial, you run two .NET console apps.
SimulatedDevice. This app connects to your IoT hub and receives cloud-to-device messages. This app is
a modified version of the app created in Send telemetry from a device to an IoT hub.
SendCloudToDevice. This app sends a cloud-to-device message to the device app through IoT Hub, and
then receives its delivery acknowledgment.
NOTE
IoT Hub has SDK support for many device platforms and languages, including C, Java, Python, and Javascript, through
Azure IoT device SDKs. For step-by-step instructions on how to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the IoT Hub developer guide.
Prerequisites
Visual Studio
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("Received message: {0}",
Encoding.ASCII.GetString(receivedMessage.GetBytes()));
Console.ResetColor();
await s_deviceClient.CompleteAsync(receivedMessage);
}
}
2. Add the following method in the Main method, right before the Console.ReadLine() line:
ReceiveC2dAsync();
The ReceiveAsync method asynchronously returns the received message at the time that it is received by the
device. It returns null after a specifiable timeout period. In this example, the default of one minute is used. When
the app receives a null, it should continue to wait for new messages. This requirement is the reason for the
if (receivedMessage == null) continue line.
The call to CompleteAsync() notifies IoT Hub that the message has been successfully processed. The message can
be safely removed from the device queue. If something happened that prevented the device app from completing
the processing of the message, IoT Hub delivers it again. The message processing logic in the device app must be
idempotent, so that receiving the same message multiple times produces the same result.
An application can also temporarily abandon a message, which results in IoT hub retaining the message in the
queue for future consumption. Or the application can reject a message, which permanently removes the message
from the queue. For more information about the cloud-to-device message lifecycle, see D2C and C2D messaging
with IoT Hub.
NOTE
When using HTTPS instead of MQTT or AMQP as a transport, the ReceiveAsync method returns immediately. The
supported pattern for cloud-to-device messages with HTTPS is intermittently connected devices that check for messages
infrequently (less than every 25 minutes). Issuing more HTTPS receives results in IoT Hub throttling the requests. For more
information about the differences between MQTT, AMQP and HTTPS support, and IoT Hub throttling, see D2C and C2D
messaging with IoT Hub.
For more information about IoT Hub shared access policies and permissions, see Access control and
permissions.
using Microsoft.Azure.Devices;
6. Add the following fields to the Program class. Replace the placeholder value with the IoT hub connection
string you copied previously in Get the IoT hub connection string.
7. Add the following method to the Program class. Set the device name to what you used when defining the
device in Send telemetry from a device to an IoT hub.
This method sends a new cloud-to-device message to the device with the ID, myFirstDevice . Change this
parameter only if you modified it from the one used in Send telemetry from a device to an IoT hub.
8. Finally, add the following lines to the Main method.
Console.WriteLine("Send Cloud-to-Device message\n");
serviceClient = ServiceClient.CreateFromConnectionString(connectionString);
9. In Solutions Explorer, right-click your solution, and select Set StartUp Projects.
10. In Common Properties > Startup Project, select Multiple startup projects, then select the Start
action for ReadDeviceToCloudMessages, SimulatedDevice, and SendCloudToDevice. Select OK to
save your changes.
11. Press F5. All three applications should start. Select the SendCloudToDevice windows, and press Enter.
You should see the message being received by the device app.
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("Received feedback: {0}",
string.Join(", ", feedbackBatch.Records.Select(f => f.StatusCode)));
Console.ResetColor();
await feedbackReceiver.CompleteAsync(feedbackBatch);
}
}
Note this receive pattern is the same one used to receive cloud-to-device messages from the device app.
2. Add the following line in the Main method, right after
serviceClient = ServiceClient.CreateFromConnectionString(connectionString) .
ReceiveFeedbackAsync();
3. To request feedback for the delivery of your cloud-to-device message, you have to specify a property in
the SendCloudToDeviceMessageAsync method. Add the following line, right after the
var commandMessage = new Message(...); line.
commandMessage.Ack = DeliveryAcknowledgement.Full;
4. Run the apps by pressing F5. You should see all three applications start. Select the SendCloudToDevice
windows, and press Enter. You should see the message being received by the device app, and after a few
seconds, the feedback message being received by your SendCloudToDevice application.
NOTE
For simplicity, this tutorial does not implement any retry policy. In production code, you should implement retry policies,
such as exponential backoff, as suggested in Transient fault handling.
Next steps
In this how -to, you learned how to send and receive cloud-to-device messages.
To see examples of complete end-to-end solutions that use IoT Hub, see Azure IoT Remote Monitoring solution
accelerator.
To learn more about developing solutions with IoT Hub, see the IoT Hub developer guide.
Send cloud-to-device messages with IoT Hub (Java)
8/29/2019 • 6 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that helps enable reliable and secure bi-directional communications
between millions of devices and a solution back end. The Send telemetry from a device to an IoT hub quickstart
shows how to create an IoT hub, provision a device identity in it, and code a simulated device app that sends
device-to-cloud messages.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
This tutorial builds on Send telemetry from a device to an IoT hub. It shows you how to do the following:
From your solution back end, send cloud-to-device messages to a single device through IoT Hub.
Receive cloud-to-device messages on a device.
From your solution back end, request delivery acknowledgment ( feedback) for messages sent to a device
from IoT Hub.
You can find more information on cloud-to-device messages in the IoT Hub developer guide.
At the end of this tutorial, you run two Java console apps:
simulated-device, a modified version of the app created in Send telemetry from a device to an IoT hub,
which connects to your IoT hub and receives cloud-to-device messages.
send-c2d-messages, which sends a cloud-to-device message to the simulated device app through IoT
Hub, and then receives its delivery acknowledgment.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Python, and Javascript) through
Azure IoT device SDKs. For step-by-step instructions on how to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Developer Center.
Prerequisites
A complete working version of the Send telemetry from a device to an IoT hub quickstart or the Configure
message routing with IoT Hub tutorial.
Java SE Development Kit 8. Make sure you select Java 8 under Long-term support to get to downloads
for JDK 8.
Maven 3
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
return IotHubMessageResult.COMPLETE;
}
}
3. Modify the main method to create an AppMessageCallback instance and call the setMessageCallback
method before it opens the client as follows:
NOTE
If you use HTTPS instead of MQTT or AMQP as the transport, the DeviceClient instance checks for messages from
IoT Hub infrequently (less than every 25 minutes). For more information about the differences between MQTT,
AMQP and HTTPS support, and IoT Hub throttling, see the messaging section of the IoT Hub developer guide.
4. To build the simulated-device app using Maven, execute the following command at the command prompt
in the simulated-device folder:
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-service-client</artifactId>
<version>1.7.23</version>
</dependency>
NOTE
You can check for the latest version of iot-service-client using Maven search.
7. Add the following class-level variables to the App class, replacing {yourhubconnectionstring} and
{yourdeviceid} with the values you noted earlier:
8. Replace the main method with the following code. This code connects to your IoT hub, sends a message to
your device, and then waits for an acknowledgment that the device received and processed the message:
if (serviceClient != null) {
serviceClient.open();
FeedbackReceiver feedbackReceiver = serviceClient
.getFeedbackReceiver();
if (feedbackReceiver != null) feedbackReceiver.open();
serviceClient.send(deviceId, messageToSend);
System.out.println("Message sent to device");
NOTE
For simplicity, this tutorial does not implement any retry policy. In production code, you should implement retry
policies (such as exponential backoff), as suggested in the article, Transient Fault Handling.
9. To build the simulated-device app using Maven, execute the following command at the command prompt
in the simulated-device folder:
2. At a command prompt in the send-c2d-messages folder, run the following command to send a cloud-to-
device message and wait for a feedback acknowledgment:
Next steps
In this tutorial, you learned how to send and receive cloud-to-device messages.
To see examples of complete end-to-end solutions that use IoT Hub, see Azure IoT Solution Accelerators.
To learn more about developing solutions with IoT Hub, see the IoT Hub developer guide.
Send cloud-to-device messages with IoT Hub
(Node.js)
8/29/2019 • 6 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that helps enable reliable and secure bi-directional communications
between millions of devices and a solution back end. The Send telemetry from a device to an IoT hub quickstart
shows how to create an IoT hub, provision a device identity in it, and code a simulated device app that sends
device-to-cloud messages.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
This tutorial builds on Send telemetry from a device to an IoT hub. It shows you how to:
From your solution back end, send cloud-to-device messages to a single device through IoT Hub.
Receive cloud-to-device messages on a device.
From your solution back end, request delivery acknowledgment ( feedback) for messages sent to a device from
IoT Hub.
You can find more information on cloud-to-device messages in the IoT Hub developer guide.
At the end of this tutorial, you run two Node.js console apps:
SimulatedDevice, a modified version of the app created in Send telemetry from a device to an IoT hub,
which connects to your IoT hub and receives cloud-to-device messages.
SendCloudToDeviceMessage, which sends a cloud-to-device message to the simulated device app
through IoT Hub, and then receives its delivery acknowledgment.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Python, and Javascript) through
Azure IoT device SDKs. For step-by-step instructions on how to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Developer Center.
Prerequisites
Node.js version 10.0.x or later. Prepare your development environment describes how to install Node.js for
this tutorial on either Windows or Linux.
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
In this example, the device invokes the complete function to notify IoT Hub that it has processed the
message. The call to complete is not required if you are using MQTT transport and can be omitted. It is
required for HTTPS and AMQP.
NOTE
If you use HTTPS instead of MQTT or AMQP as the transport, the DeviceClient instance checks for messages from
IoT Hub infrequently (less than every 25 minutes). For more information about the differences between MQTT,
AMQP and HTTPS support, and IoT Hub throttling, see the IoT Hub developer guide.
npm init
2. At your command prompt in the sendcloudtodevicemessage folder, run the following command to
install the azure-iothub package:
'use strict';
5. Add the following code to SendCloudToDeviceMessage.js file. Replace the "{iot hub connection string}"
and "{device id}" placeholder values with the IoT hub connection string and device ID you noted previously:
function printResultFor(op) {
return function printResult(err, res) {
if (err) console.log(op + ' error: ' + err.toString());
if (res) console.log(op + ' status: ' + res.constructor.name);
};
}
7. Add the following function to print delivery feedback messages to the console:
8. Add the following code to send a message to your device and handle the feedback message when the
device acknowledges the cloud-to-device message:
serviceClient.open(function (err) {
if (err) {
console.error('Could not connect: ' + err.message);
} else {
console.log('Service client connected');
serviceClient.getFeedbackReceiver(receiveFeedback);
var message = new Message('Cloud to device message.');
message.ack = 'full';
message.messageId = "My Message ID";
console.log('Sending message: ' + message.getData());
serviceClient.send(targetDevice, message, printResultFor('send'));
}
});
node SimulatedDevice.js
2. At a command prompt in the sendcloudtodevicemessage folder, run the following command to send a
cloud-to-device message and wait for the acknowledgment feedback:
node SendCloudToDeviceMessage.js
NOTE
For simplicity, this tutorial does not implement any retry policy. In production code, you should implement retry
policies (such as exponential backoff), as suggested in the article, Transient Fault Handling.
Next steps
In this tutorial, you learned how to send and receive cloud-to-device messages.
To see examples of complete end-to-end solutions that use IoT Hub, see Azure IoT Remote Monitoring solution
accelerator.
To learn more about developing solutions with IoT Hub, see the IoT Hub developer guide.
Send cloud-to-device messages with IoT Hub
(Python)
9/15/2019 • 6 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that helps enable reliable and secure bi-directional communications
between millions of devices and a solution back end. The Send telemetry from a device to an IoT hub quickstart
shows how to create an IoT hub, provision a device identity in it, and code a simulated device app that sends
device-to-cloud messages.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
This tutorial builds on Send telemetry from a device to an IoT hub. It shows you how to:
From your solution back end, send cloud-to-device messages to a single device through IoT Hub.
Receive cloud-to-device messages on a device.
From your solution back end, request delivery acknowledgment ( feedback) for messages sent to a device
from IoT Hub.
You can find more information on cloud-to-device messages in the IoT Hub developer guide.
At the end of this tutorial, you run two Python console apps:
SimulatedDevice.py, a modified version of the app created in Send telemetry from a device to an IoT
hub, which connects to your IoT hub and receives cloud-to-device messages.
SendCloudToDeviceMessage.py, which sends a cloud-to-device message to the simulated device app
through IoT Hub, and then receives its delivery acknowledgment.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Javascript, and Python) through
Azure IoT device SDKs. For instructions on how to use Python to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Python SDK.
Prerequisites
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
Python 2.x or 3.x. Make sure to use the 32-bit or 64-bit installation as required by your setup. When
prompted during the installation, make sure to add Python to your platform-specific environment variable.
If you are using Python 2.x, you may need to install or upgrade pip, the Python package management
system.
If needed, install the azure-iot-device package, using the command pip install azure-iot-device
import threading
from azure.iot.device import IoTHubDeviceClient
RECEIVED_MESSAGES = 0
3. Add the following code to SimulatedDevice.py file. Replace the "{deviceConnectionString}" placeholder
value with the device connection string for the device you created in the Send telemetry from a device to an
IoT hub quickstart:
CONNECTION_STRING = "{deviceConnectionString}"
def message_listener(client):
global RECEIVED_MESSAGES
while True:
message = client.receive_message()
RECEIVED_MESSAGES += 1
print("Message received")
print( " Data: <<{}>>".format(message.data) )
print( " Properties: {}".format(message.custom_properties))
print( " Total calls received: {}".format(RECEIVED_MESSAGES))
5. Add the following code to initialize the client and wait to receive the cloud-to-device message:
def iothub_client_sample_run():
try:
client = iothub_client_init()
while True:
time.sleep(1000)
except KeyboardInterrupt:
print ( "IoTHubDeviceClient sample stopped" )
if __name__ == '__main__':
print ( "Starting the IoT Hub Python sample..." )
print ( "IoTHubDeviceClient waiting for commands, press Ctrl-C to exit" )
iothub_client_sample_run()
7. Save and close SimulatedDevice.py file.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
OPEN_CONTEXT = 0
FEEDBACK_CONTEXT = 1
MESSAGE_COUNT = 1
AVG_WIND_SPEED = 10.0
MSG_TXT = "{\"service client sent a message\": %.2f}"
3. Add the following code to SendCloudToDeviceMessage.py file. Replace the "{iot hub connection string}"
and "{device id}" placeholder values with the IoT hub connection string and device ID you noted previously:
CONNECTION_STRING = "{IoTHubConnectionString}"
DEVICE_ID = "{deviceId}"
def open_complete_callback(context):
print ( 'open_complete_callback called with context: {0}'.format(context) )
5. Add the following code to send a message to your device and handle the feedback message when the
device acknowledges the cloud-to-device message:
def iothub_messaging_sample_run():
try:
iothub_messaging = IoTHubMessaging(CONNECTION_STRING)
iothub_messaging.open(open_complete_callback, OPEN_CONTEXT)
try:
# Try Python 2.xx first
raw_input("Press Enter to continue...\n")
except:
pass
# Use Python 3.xx in the case of exception
input("Press Enter to continue...\n")
iothub_messaging.close()
if __name__ == '__main__':
print ( "Starting the IoT Hub Service Client Messaging Python sample..." )
print ( " Connection string = {0}".format(CONNECTION_STRING) )
print ( " Device ID = {0}".format(DEVICE_ID) )
iothub_messaging_sample_run()
2. At the command prompt, run the following command to listen for cloud-to-device messages:
python SimulatedDevice.py
3. Open a new command prompt and install the Azure IoT Hub Service SDK for Python.
4. At a command prompt, run the following command to send a cloud-to-device message and wait for the
message feedback:
python SendCloudToDeviceMessage.py
Next steps
In this tutorial, you learned how to send and receive cloud-to-device messages.
To see examples of complete end-to-end solutions that use IoT Hub, see Azure IoT Remote Monitoring solution
accelerator.
To learn more about developing solutions with IoT Hub, see the IoT Hub developer guide.
Send cloud-to-device messages with IoT Hub (iOS)
8/29/2019 • 6 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that helps enable reliable and secure bi-directional communications
between millions of devices and a solution back end. The Send telemetry from a device to an IoT hub quickstart
shows how to create an IoT hub, provision a device identity in it, and code a simulated device app that sends
device-to-cloud messages.
This tutorial shows you how to:
From your solution back end, send cloud-to-device messages to a single device through IoT Hub.
Receive cloud-to-device messages on a device.
From your solution back end, request delivery acknowledgment ( feedback) for messages sent to a device
from IoT Hub.
You can find more information on cloud-to-device messages in the messaging section of the IoT Hub developer
guide.
At the end of this article, you run two Swift iOS projects:
sample-device, the same app created in Send telemetry from a device to an IoT hub, which connects to
your IoT hub and receives cloud-to-device messages.
sample-service, which sends a cloud-to-device message to the simulated device app through IoT Hub,
and then receives its delivery acknowledgment.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Python, and Javascript) through
Azure IoT device SDKs. For step-by-step instructions on how to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Developer Center.
Prerequisites
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
An active IoT hub in Azure.
The code sample from Azure samples.
The latest version of XCode, running the latest version of the iOS SDK. This quickstart was tested with
XCode 9.3 and iOS 11.3.
The latest version of CocoaPods.
cd quickstart/sample-device
Make sure that XCode is closed, then run the following command to install the CocoaPods that are declared in the
podfile file:
pod install
Along with installing the pods required for your project, the installation command also created an XCode
workspace file that is already configured to use the pods for dependencies.
Run the sample device application
1. Retrieve the connection string for your device. You can copy this string from the Azure portal in the device
details blade, or retrieve it with the following CLI command:
3. Expand the MQTT Client Sample project and then folder of the same name.
4. Open ViewController.swift for editing in XCode.
5. Search for the connectionString variable and update the value with the device connection string that you
copied in the first step.
6. Save your changes.
7. Run the project in the device emulator with the Build and run button or the key combo command + r.
Get the IoT hub connection string
In this article you create a backend service to send cloud-to-device messages through the IoT hub you created in
Send telemetry from a device to an IoT hub. To send cloud-to-device messages, your service needs the service
connect permission. By default, every IoT Hub is created with a shared access policy named service that grants
this permission.
To get the IoT Hub connection string for the service policy, follow these steps:
1. In the Azure portal, select Resource groups. Select the resource group where your hub is located, and
then select your hub from the list of resources.
2. On the left-side pane of your IoT hub, select Shared access policies.
3. From the list of policies, select the service policy.
4. Under Shared access keys, select the copy icon for the Connection string -- primary key and save the
value.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Simulate a service device
In this section, you simulate a second iOS device with a Swift app that sends cloud-to-device messages through
the IoT hub. This configuration is useful for IoT scenarios where there is one iPhone or iPad functioning as a
controller for other iOS devices connected to an IoT hub.
Install CocoaPods
CocoaPods manage dependencies for iOS projects that use third-party libraries.
Navigate to the Azure IoT iOS Samples folder that you downloaded in the prerequisites. Then, navigate to the
sample service project:
cd quickstart/sample-service
Make sure that XCode is closed, then run the following command to install the CocoaPods that are declared in the
podfile file:
pod install
Along with installing the pods required for your project, the installation command also created an XCode
workspace file that is already configured to use the pods for dependencies.
Run the sample service application
1. Open the sample workspace in XCode.
open AzureIoTServiceSample.xcworkspace
2. Expand the AzureIoTServiceSample project and then expand the folder of the same name.
3. Open ViewController.swift for editing in XCode.
4. Search for the connectionString variable and update the value with the service connection string that you
copied previously in Get the IoT hub connection string.
5. Save your changes.
6. In Xcode, change the emulator settings to a different iOS device than you used to run the IoT device.
XCode cannot run multiple emulators of the same type.
7. Run the project in the device emulator with the Build and run button or the key combo Command + r.
This tutorial builds on the code in the Send cloud-to-device messages with IoT Hub tutorial to show you how to
use the file upload capabilities of IoT Hub. It shows you how to:
Securely provide a device with an Azure blob URI for uploading a file.
Use the IoT Hub file upload notifications to trigger processing the file in your app back end.
The Send telemetry from a device to an IoT hub quickstart and Send cloud-to-device messages with IoT Hub
tutorial show the basic device-to-cloud and cloud-to-device messaging functionality of IoT Hub. The Configure
Message Routing with IoT Hub tutorial describes a way to reliably store device-to-cloud messages in Microsoft
Azure Blob storage. However, in some scenarios you can't easily map the data your devices send into the relatively
small device-to-cloud messages that IoT Hub accepts. For example:
Large files that contain images
Videos
Vibration data sampled at high frequency
Some form of preprocessed data
These files are typically batch processed in the cloud using tools such as Azure Data Factory or the Hadoop stack.
When you need to upload files from a device, you can still use the security and reliability of IoT Hub.
At the end of this tutorial you run two .NET console apps:
SimulatedDevice. This app uploads a file to storage using a SAS URI provided by your IoT hub. It is a
modified version of the app created in the Send cloud-to-device messages with IoT Hub tutorial.
ReadFileUploadNotification. This app receives file upload notifications from your IoT hub.
NOTE
IoT Hub supports many device platforms and languages, including C, Java, Python, and Javascript, through Azure IoT device
SDKs. Refer to the Azure IoT Developer Center for step-by-step instructions on how to connect your device to Azure IoT
Hub.
Prerequisites
Visual Studio
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
3. In the Program.cs file, add the following statements at the top of the file:
using System.IO;
watch.Stop();
Console.WriteLine("Time to upload file: {0}ms\n", watch.ElapsedMilliseconds);
}
The UploadToBlobAsync method takes in the file name and stream source of the file to be uploaded and
handles the upload to storage. The console app displays the time it takes to upload the file.
5. Add the following line in the Main method, right before Console.ReadLine() :
SendToBlobAsync();
NOTE
For simplicity's sake, this tutorial does not implement any retry policy. In production code, you should implement retry
policies, such as exponential backoff, as suggested in Transient fault handling.
3. In Solution Explorer, right-click the ReadFileUploadNotification project, and select Manage NuGet
Packages.
4. In NuGet Package Manager, select Browse. Search for and select Microsoft.Azure.Devices, and then
select Install.
This step downloads, installs, and adds a reference to the Azure IoT service SDK NuGet package in the
ReadFileUploadNotification project.
5. In the Program.cs file for this project, add the following statement at the top of the file:
using Microsoft.Azure.Devices;
6. Add the following fields to the Program class. Replace the {iot hub connection string} placeholder value
with the IoT hub connection string that you copied previously in Get the IoT hub connection string:
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("Received file upload notification: {0}",
string.Join(", ", fileUploadNotification.BlobName));
Console.ResetColor();
await notificationReceiver.CompleteAsync(fileUploadNotification);
}
}
Note this receive pattern is the same one used to receive cloud-to-device messages from the device app.
8. Finally, add the following lines to the Main method:
This tutorial builds on the code in the Send cloud-to-device messages with IoT Hub tutorial to show you how to
use the file upload capabilities of IoT Hub to upload a file to Azure blob storage. The tutorial shows you how to:
Securely provide a device with an Azure blob URI for uploading a file.
Use the IoT Hub file upload notifications to trigger processing the file in your app back end.
The Send telemetry from a device to an IoT hub quickstart and Send cloud-to-device messages with IoT Hub
tutorial show the basic device-to-cloud and cloud-to-device messaging functionality of IoT Hub. The Configure
message routing with IoT Hub tutorial describes a way to reliably store device-to-cloud messages in Azure blob
storage. However, in some scenarios you cannot easily map the data your devices send into the relatively small
device-to-cloud messages that IoT Hub accepts. For example:
Large files that contain images
Videos
Vibration data sampled at high frequency
Some form of preprocessed data.
These files are typically batch processed in the cloud using tools such as Azure Data Factory or the Hadoop stack.
When you need to upland files from a device, you can still use the security and reliability of IoT Hub.
At the end of this tutorial you run two Java console apps:
simulated-device, a modified version of the app created in the [Send cloud-to-device messages with IoT
Hub] tutorial. This app uploads a file to storage using a SAS URI provided by your IoT hub.
read-file-upload-notification, which receives file upload notifications from your IoT hub.
NOTE
IoT Hub supports many device platforms and languages (including C, .NET, and Javascript) through Azure IoT device SDKs.
Refer to the Azure IoT Developer Center for step-by-step instructions on how to connect your device to Azure IoT Hub.
Prerequisites
Java SE Development Kit 8. Make sure you select Java 8 under Long-term support to get to downloads
for JDK 8.
Maven 3
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
4. To process file upload status callback messages, add the following nested class to the App class:
5. To upload images to IoT Hub, add the following method to the App class to upload images to IoT Hub:
// Use IoT Hub to upload a file asynchronously to Azure blob storage.
private static void uploadFile(String fullFileName) throws FileNotFoundException, IOException
{
File file = new File(fullFileName);
InputStream inputStream = new FileInputStream(file);
long streamLength = file.length();
6. Modify the main method to call the uploadFile method as shown in the following snippet:
client.open();
try
{
// Get the filename and start the upload.
String fullFileName = System.getProperty("user.dir") + File.separator + fileName;
uploadFile(fullFileName);
System.out.println("File upload started with success");
}
catch (Exception e)
{
System.out.println("Exception uploading file: " + e.getCause() + " \nERROR: " + e.getMessage());
}
7. Use the following command to build the simulated-device app and check for errors:
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-service-client</artifactId>
<version>1.7.23</version>
</dependency>
NOTE
You can check for the latest version of iot-service-client using Maven search.
7. Add the following class-level variables to the App class. Replace the {Your IoT Hub connection string}
placeholder value with the IoT hub connection string that you copied previously in Get the IoT hub
connection string:
private static final String connectionString = "{Your IoT Hub connection string}";
private static final IotHubServiceClientProtocol protocol = IotHubServiceClientProtocol.AMQPS;
private static FileUploadNotificationReceiver fileUploadNotificationReceiver = null;
8. To print information about the file upload to the console, add the following nested class to the App class:
9. To start the thread that listens for file upload notifications, add the following code to the main method:
public static void main(String[] args) throws IOException, URISyntaxException, Exception {
ServiceClient serviceClient = ServiceClient.createFromConnectionString(connectionString, protocol);
if (serviceClient != null) {
serviceClient.open();
The following screenshot shows the output from the simulated-device app:
The following screenshot shows the output from the read-file-upload-notification app:
You can use the portal to view the uploaded file in the storage container you configured:
Next steps
In this tutorial, you learned how to use the file upload capabilities of IoT Hub to simplify file uploads from devices.
You can continue to explore IoT hub features and scenarios with the following articles:
Create an IoT hub programmatically
Introduction to C SDK
Azure IoT SDKs
To further explore the capabilities of IoT Hub, see:
Simulating a device with IoT Edge
Upload files from your device to the cloud with IoT
Hub (Node.js)
8/29/2019 • 6 minutes to read • Edit Online
This tutorial builds on the code in the Send cloud-to-device messages with IoT Hub tutorial to show you how to
use the file upload capabilities of IoT Hub to upload a file to Azure blob storage. The tutorial shows you how to:
Securely provide a device with an Azure blob URI for uploading a file.
Use the IoT Hub file upload notifications to trigger processing the file in your app back end.
The Send telemetry from a device to an IoT hub quickstart demonstrates the basic device-to-cloud messaging
functionality of IoT Hub. However, in some scenarios you cannot easily map the data your devices send into the
relatively small device-to-cloud messages that IoT Hub accepts. For example:
Large files that contain images
Videos
Vibration data sampled at high frequency
Some form of pre-processed data.
These files are typically batch processed in the cloud using tools such as Azure Data Factory or the Hadoop stack.
When you need to upland files from a device, you can still use the security and reliability of IoT Hub.
At the end of this tutorial you run two Node.js console apps:
SimulatedDevice.js, which uploads a file to storage using a SAS URI provided by your IoT hub.
ReadFileUploadNotification.js, which receives file upload notifications from your IoT hub.
NOTE
IoT Hub supports many device platforms and languages (including C, .NET, Javascript, Python, and Java) through Azure IoT
device SDKs. Refer to the [Azure IoT Developer Center] for step-by-step instructions on how to connect your device to Azure
IoT Hub.
Prerequisites
Node.js version 10.0.x or later. Prepare your development environment describes how to install Node.js for
this tutorial on either Windows or Linux.
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
npm init
2. At your command prompt in the simulateddevice folder, run the following command to install the azure-
iot-device Device SDK package and azure-iot-device-mqtt package:
'use strict';
var fs = require('fs');
var mqtt = require('azure-iot-device-mqtt').Mqtt;
var clientFromConnectionString = require('azure-iot-device-mqtt').clientFromConnectionString;
NOTE
For the sake of simplicity the connection string is included in the code: this is not a recommended practice and
depending on your use-case and architecture you may want to consider more secure ways of storing this secret.
7. Create a callback and use the uploadToBlob function to upload the file.
npm init
2. At your command prompt in the fileuploadnotification folder, run the following command to install the
azure-iothub SDK package:
'use strict';
5. Add a iothubconnectionstring variable and use it to create a Client instance. Replace the
{iothubconnectionstring} placeholder value with the IoT hub connection string that you copied previously
in Get the IoT hub connection string:
7. Open the client and use the getFileNotificationReceiver function to receive status updates.
serviceClient.open(function (err) {
if (err) {
console.error('Could not connect: ' + err.message);
} else {
console.log('Service client connected');
serviceClient.getFileNotificationReceiver(function receiveFileUploadNotification(err, receiver){
if (err) {
console.error('error getting the file notification receiver: ' + err.toString());
} else {
receiver.on('message', function (msg) {
console.log('File upload from device:')
console.log(msg.getData().toString('utf-8'));
});
}
});
}
});
node FileUploadNotification.js
node SimulatedDevice.js
The following screenshot shows the output from the SimulatedDevice app:
The following screenshot shows the output from the FileUploadNotification app:
You can use the portal to view the uploaded file in the storage container you configured:
Next steps
In this tutorial, you learned how to use the file upload capabilities of IoT Hub to simplify file uploads from devices.
You can continue to explore IoT hub features and scenarios with the following articles:
Create an IoT hub programmatically
Introduction to C SDK
Azure IoT SDKs
Upload files from your device to the cloud with IoT
Hub (Python)
9/15/2019 • 4 minutes to read • Edit Online
This article shows how to use the file upload capabilities of IoT Hub to upload a file to Azure blob storage. The
tutorial shows you how to:
Securely provide a storage container for uploading a file.
Use the Python client to upload a file through your IoT hub.
The Send telemetry from a device to an IoT hub quickstart demonstrates the basic device-to-cloud messaging
functionality of IoT Hub. However, in some scenarios you cannot easily map the data your devices send into the
relatively small device-to-cloud messages that IoT Hub accepts. When you need to upland files from a device, you
can still use the security and reliability of IoT Hub.
NOTE
IoT Hub Python SDK currently only supports uploading character-based files such as .txt files.
At the end of this tutorial you run the Python console app:
FileUpload.py, which uploads a file to storage using the Python Device SDK.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Javascript, and Python) through
Azure IoT device SDKs. For instructions on how to use Python to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Python SDK.
NOTE
This guide uses the deprecated V1 Python SDK, as the File Upload feature has not yet been implemented in the new V2
SDK.
Prerequisites
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
Python 2.x or 3.x. Make sure to use the 32-bit or 64-bit installation as required by your setup. When
prompted during the installation, make sure to add Python to your platform-specific environment variable.
If you are using Python 2.x, you may need to install or upgrade pip, the Python package management
system.
If needed, install the azure-iot-device package, using the command pip install azure-iot-device
2. Using a text editor, create a test file that you will upload to blob storage.
NOTE
IoT Hub Python SDK currently only supports uploading character-based files such as .txt files.
5. In your file, replace [Device Connection String]with the connection string of your IoT hub device. Replace
[Full path to file] with the path to the test file that you created, or any file on your device that you want
to upload. Replace [File name for storage] with the name that you want to give to your file after it's
uploaded to blob storage.
6. Create a callback for the upload_blob function:
7. Add the following code to connect the client and upload the file. Also include the main routine:
def iothub_file_upload_sample_run():
try:
print ( "IoT Hub file upload sample, press Ctrl-C to exit" )
f = open(PATHTOFILE, "r")
content = f.read()
print ( "" )
print ( "File upload initiated..." )
while True:
time.sleep(30)
if __name__ == '__main__':
print ( "Simulating a file upload using the Azure IoT Hub Device SDK for Python" )
print ( " Protocol %s" % PROTOCOL )
print ( " Connection string=%s" % CONNECTION_STRING )
iothub_file_upload_sample_run()
python FileUpload.py
2. The following screenshot shows the output from the FileUpload app:
3. You can use the portal to view the uploaded file in the storage container you configured:
Next steps
In this tutorial, you learned how to use the file upload capabilities of IoT Hub to simplify file uploads from devices.
You can continue to explore IoT hub features and scenarios with the following articles:
Create an IoT hub programmatically
Introduction to C SDK
Azure IoT SDKs
Get started with device twins (Node.js)
8/27/2019 • 11 minutes to read • Edit Online
Device twins are JSON documents that store device state information, including metadata, configurations, and
conditions. IoT Hub persists a device twin for each device that connects to it.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
NOTE
The article Azure IoT SDKs provides information about the Azure IoT SDKs that you can use to build both device and back-
end apps.
Prerequisites
To complete this tutorial, you need:
Node.js version 10.0.x or later.
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
3. Create a new device identity called myDeviceId and retrieve the device connection string with these
commands:
az iot hub device-identity create --device-id myDeviceId --hub-name {Your IoT Hub name}
az iot hub device-identity show-connection-string --device-id myDeviceId --hub-name {Your IoT Hub
name} -o table
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
Make a note of the device connection string from the result. This device connection string is used by the device
app to connect to your IoT Hub as a device.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Create the service app
In this section, you create a Node.js console app that adds location metadata to the device twin associated with
myDeviceId. It then queries the device twins stored in the IoT hub selecting the devices located in the US, and
then the ones that are reporting a cellular connection.
1. Create a new empty folder called addtagsandqueryapp. In the addtagsandqueryapp folder, create a
new package.json file using the following command at your command prompt. The --yes parameter
accepts all the defaults.
2. At your command prompt in the addtagsandqueryapp folder, run the following command to install the
azure-iothub package:
3. Using a text editor, create a new AddTagsAndQuery.js file in the addtagsandqueryapp folder.
4. Add the following code to the AddTagsAndQuery.js file. Replace {iot hub connection string} with the
IoT Hub connection string you copied in Get the IoT hub connection string.
'use strict';
var iothub = require('azure-iothub');
var connectionString = '{iot hub connection string}';
var registry = iothub.Registry.fromConnectionString(connectionString);
twin.update(patch, function(err) {
if (err) {
console.error('Could not update twin: ' + err.constructor.name + ': ' + err.message);
} else {
console.log(twin.deviceId + ' twin updated successfully');
queryTwins();
}
});
}
});
The Registry object exposes all the methods required to interact with device twins from the service. The
previous code first initializes the Registry object, then retrieves the device twin for myDeviceId, and
finally updates its tags with the desired location information.
After updating the tags it calls the queryTwins function.
5. Add the following code at the end of AddTagsAndQuery.js to implement the queryTwins function:
var queryTwins = function() {
var query = registry.createQuery("SELECT * FROM devices WHERE tags.location.plant =
'Redmond43'", 100);
query.nextAsTwin(function(err, results) {
if (err) {
console.error('Failed to fetch the results: ' + err.message);
} else {
console.log("Devices in Redmond43: " + results.map(function(twin) {return
twin.deviceId}).join(','));
}
});
The previous code executes two queries: the first selects only the device twins of devices located in the
Redmond43 plant, and the second refines the query to select only the devices that are also connected
through cellular network.
When the code creates the query object, it specifies the maximum number of returned documents in the
second parameter. The query object contains a hasMoreResults boolean property that you can use to
invoke the nextAsTwin methods multiple times to retrieve all results. A method called next is available
for results that are not device twins, for example, the results of aggregation queries.
6. Run the application with:
node AddTagsAndQuery.js
You should see one device in the results for the query asking for all devices located in Redmond43 and
none for the query that restricts the results to devices that use a cellular network.
In the next section, you create a device app that reports the connectivity information and changes the result of the
query in the previous section.
3. Using a text editor, create a new ReportConnectivity.js file in the reportconnectivity folder.
4. Add the following code to the ReportConnectivity.js file. Replace {device connection string} with the
device connection string you copied when you created the myDeviceId device identity in Register a new
device in the IoT hub.
'use strict';
var Client = require('azure-iot-device').Client;
var Protocol = require('azure-iot-device-mqtt').Mqtt;
client.open(function(err) {
if (err) {
console.error('could not open IotHub client');
} else {
console.log('client opened');
client.getTwin(function(err, twin) {
if (err) {
console.error('could not get twin');
} else {
var patch = {
connectivity: {
type: 'cellular'
}
};
twin.properties.reported.update(patch, function(err) {
if (err) {
console.error('could not update twin');
} else {
console.log('twin state reported');
process.exit();
}
});
}
});
}
});
The Client object exposes all the methods you require to interact with device twins from the device. The
previous code, after it initializes the Client object, retrieves the device twin for myDeviceId and updates
its reported property with the connectivity information.
5. Run the device app
node ReportConnectivity.js
Next steps
In this tutorial, you configured a new IoT hub in the Azure portal, and then created a device identity in the IoT
hub's identity registry. You added device metadata as tags from a back-end app, and wrote a simulated device app
to report device connectivity information in the device twin. You also learned how to query this information using
the SQL -like IoT Hub query language.
Use the following resources to learn how to:
send telemetry from devices with the Get started with IoT Hub tutorial,
configure devices using device twin's desired properties with the Use desired properties to configure
devices tutorial,
control devices interactively (such as turning on a fan from a user-controlled app), with the Use direct
methods tutorial.
Get started with device twins (.NET)
8/29/2019 • 12 minutes to read • Edit Online
Device twins are JSON documents that store device state information, including metadata, configurations, and
conditions. IoT Hub persists a device twin for each device that connects to it.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
NOTE
The article Azure IoT SDKs provides information about the Azure IoT SDKs that you can use to build both device and back-
end apps.
Prerequisites
Visual Studio.
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This
action creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
3. In Solution Explorer, right-click the AddTagsAndQuery project, and then select Manage NuGet
Packages.
4. Select Browse and search for and select Microsoft.Azure.Devices. Select Install.
This step downloads, installs, and adds a reference to the Azure IoT service SDK NuGet package and its
dependencies.
5. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices;
6. Add the following fields to the Program class. Replace {iot hub connection string} with the IoT Hub
connection string that you copied in Get the IoT hub connection string.
The RegistryManager class exposes all the methods required to interact with device twins from the
service. The previous code first initializes the registryManager object, then retrieves the device twin for
myDeviceId, and finally updates its tags with the desired location information.
After updating, it executes two queries: the first selects only the device twins of devices located in the
Redmond43 plant, and the second refines the query to select only the devices that are also connected
through cellular network.
The previous code, when it creates the query object, specifies a maximum number of returned documents.
The query object contains a HasMoreResults boolean property that you can use to invoke the
GetNextAsTwinAsync methods multiple times to retrieve all results. A method called GetNextAsJson is
available for results that are not device twins, for example, results of aggregation queries.
8. Finally, add the following lines to the Main method:
registryManager = RegistryManager.CreateFromConnectionString(connectionString);
AddTagsAndQuery().Wait();
Console.WriteLine("Press Enter to exit.");
Console.ReadLine();
9. Run this application by right-clicking on the AddTagsAndQuery project and selecting Debug, followed by
Start new instance. You should see one device in the results for the query asking for all devices located in
Redmond43 and none for the query that restricts the results to devices that use a cellular network.
In the next section, you create a device app that reports the connectivity information and changes the result of the
query in the previous section.
using Microsoft.Azure.Devices.Client;
using Microsoft.Azure.Devices.Shared;
using Newtonsoft.Json;
6. Add the following fields to the Program class. Replace {device connection string} with the device
connection string that you noted in Register a new device in the IoT hub.
static string DeviceConnectionString = "HostName=<yourIotHubName>.azure-devices.net;DeviceId=
<yourIotDeviceName>;SharedAccessKey=<yourIotDeviceAccessKey>";
static DeviceClient Client = null;
The Client object exposes all the methods you require to interact with device twins from the device. The
code shown above initializes the Client object, and then retrieves the device twin for myDeviceId.
8. Add the following method to the Program class:
The code above updates the reported property of myDeviceId with the connectivity information.
9. Finally, add the following lines to the Main method:
try
{
InitClient();
ReportConnectivity();
}
catch (Exception ex)
{
Console.WriteLine();
Console.WriteLine("Error in sample: {0}", ex.Message);
}
Console.WriteLine("Press Enter to exit.");
Console.ReadLine();
10. In Solution Explorer, right-click on your solution, and select Set StartUp Projects.
11. In Common Properties > Startup Project, select Multiple startup projects. For ReportConnectivity,
select Start as the Action. Select OK to save your changes.
12. Run this app by right-clicking the ReportConnectivity project and selecting Debug, then Start new
instance. You should see the app getting the twin information, and then sending connectivity as a reported
property.
After the device reported its connectivity information, it should appear in both queries.
13. Right-click the AddTagsAndQuery project and select Debug > Start new instance to run the queries
again. This time, myDeviceId should appear in both query results.
Next steps
In this tutorial, you configured a new IoT hub in the Azure portal, and then created a device identity in the IoT
hub's identity registry. You added device metadata as tags from a back-end app, and wrote a simulated device app
to report device connectivity information in the device twin. You also learned how to query this information using
the SQL -like IoT Hub query language.
You can learn more from the following resources:
To learn how to send telemetry from devices, see the Send telemetry from a device to an IoT hub tutorial.
To learn how to configure devices using device twin's desired properties, see the Use desired properties to
configure devices tutorial.
To learn how to control devices interactively, such as turning on a fan from a user-controlled app, see the
Use direct methods tutorial.
Get started with device twins (Java)
8/29/2019 • 14 minutes to read • Edit Online
Device twins are JSON documents that store device state information, including metadata, configurations, and
conditions. IoT Hub persists a device twin for each device that connects to it.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
NOTE
The article Azure IoT SDKs provides information about the Azure IoT SDKs that you can use to build both device and back-
end apps.
Prerequisites
Java SE Development Kit 8. Make sure you select Java 8 under Long-term support to get to downloads
for JDK 8.
Maven 3
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This
action creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-service-client</artifactId>
<version>1.17.1</version>
<type>jar</type>
</dependency>
NOTE
You can check for the latest version of iot-service-client using Maven search.
5. Add the following build node after the dependencies node. This configuration instructs Maven to use
Java 1.8 to build the app.
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
import com.microsoft.azure.sdk.iot.service.devicetwin.*;
import com.microsoft.azure.sdk.iot.service.exceptions.IotHubException;
import java.io.IOException;
import java.util.HashSet;
import java.util.Set;
9. Add the following class-level variables to the App class. Replace {youriothubconnectionstring} with the IoT
hub connection string you copied in Get the IoT hub connection string.
10. Update the main method signature to include the following throws clause:
11. Replace the code in the main method with the following code to create the DeviceTwin and
DeviceTwinDevice objects. The DeviceTwin object handles the communication with your IoT hub. The
DeviceTwinDevice object represents the device twin with its properties and tags:
13. To update the region and plant device twin tags in your device twin, add the following code in the try
block:
// Retrieve the device twin with the tag values from IoT Hub
System.out.println("Device twin after update:");
twinClient.getTwin(device);
System.out.println(device);
14. To query the device twins in IoT hub, add the following code to the try block after the code you added in
the previous step. The code runs two queries. Each query returns a maximum of 100 devices.
// Query the device twins in IoT Hub
System.out.println("Devices in Redmond:");
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-device-client</artifactId>
<version>1.17.5</version>
</dependency>
NOTE
You can check for the latest version of iot-device-client using Maven search.
4. Add the following dependency to the dependencies node. This dependency configures a NOP for the
Apache SLF4J logging facade, which is used by the device client SDK to implement logging. This
configuration is optional, but, if you omit it, you may see a warning in the console when you run the app.
For more information about logging in the device client SDK, see Logging in the Samples for the Azure IoT
device SDK for Java readme file.
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-nop</artifactId>
<version>1.7.28</version>
</dependency>
5. Add the following build node after the dependencies node. This configuration instructs Maven to use
Java 1.8 to build the app:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
import com.microsoft.azure.sdk.iot.device.*;
import com.microsoft.azure.sdk.iot.device.DeviceTwin.*;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Scanner;
9. Add the following class-level variables to the App class. Replace {yourdeviceconnectionstring} with the
device connection string you copied in Register a new device in the IoT hub.
This sample app uses the protocol variable when it instantiates a DeviceClient object.
10. Add the following method to the App class to print information about twin updates:
protected static class DeviceTwinStatusCallBack implements IotHubEventCallback {
@Override
public void execute(IotHubStatusCode status, Object context) {
System.out.println("IoT Hub responded to device twin operation with status " + status.name());
}
}
11. Replace the code in the main method with the following code to:
Create a device client to communicate with IoT Hub.
Create a Device object to store the device twin properties.
12. Add the following code to the main method to create a connectivityType reported property and send it
to IoT Hub:
try {
// Open the DeviceClient and start the device twin services.
client.open();
client.startDeviceTwin(new DeviceTwinStatusCallBack(), null, dataCollector, null);
13. Add the following code to the end of the main method. Waiting for the Enter key allows time for IoT Hub
to report the status of the device twin operations.
dataCollector.clean();
client.close();
14. Modify the signature of the main method to include the exceptions as follows:
You can see the plant and region tags added to the device twin. The first query returns your device, but the
second does not.
2. At a command prompt in the simulated-device folder, run the following command to add the
connectivityType reported property to the device twin:
Now that your device has sent the connectivityType property to IoT Hub, the second query returns your
device.
Next steps
In this tutorial, you configured a new IoT hub in the Azure portal, and then created a device identity in the IoT
hub's identity registry. You added device metadata as tags from a back-end app, and wrote a device app to report
device connectivity information in the device twin. You also learned how to query the device twin information
using the SQL -like IoT Hub query language.
Use the following resources to learn how to:
Send telemetry from devices with the Get started with IoT Hub tutorial.
Control devices interactively (such as turning on a fan from a user-controlled app) with the Use direct
methods tutorial.
Get started with device twins (Python)
11/27/2019 • 11 minutes to read • Edit Online
Device twins are JSON documents that store device state information, including metadata, configurations, and
conditions. IoT Hub persists a device twin for each device that connects to it.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Javascript, and Python) through
Azure IoT device SDKs. For instructions on how to use Python to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Python SDK.
Prerequisites
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
Python 2.x or 3.x. Make sure to use the 32-bit or 64-bit installation as required by your setup. When
prompted during the installation, make sure to add Python to your platform-specific environment variable.
If you are using Python 2.x, you may need to install or upgrade pip, the Python package management
system.
If needed, install the azure-iot-device package, using the command pip install azure-iot-device
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This
action creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
NOTE
The pip package for azure-iothub-service-client is currently available only for Windows OS. For Linux/Mac OS, please
refer to the Linux and Mac OS-specific sections on the Prepare your development environment for Python post.
import sys
import iothub_service_client
from iothub_service_client import IoTHubRegistryManager, IoTHubRegistryManagerAuthMethod
from iothub_service_client import IoTHubDeviceTwin, IoTHubError
4. Add the following code. Replace [IoTHub Connection String] with the IoT hub connection string you copied
in Get the IoT hub connection string. Replace [Device Id] with the device ID you registered in Register a
new device in the IoT hub.
CONNECTION_STRING = "[IoTHub Connection String]"
DEVICE_ID = "[Device Id]"
UPDATE_JSON = "{\"properties\":{\"desired\":{\"location\":\"Redmond\"}}}"
UPDATE_JSON_SEARCH = "\"location\":\"Redmond\""
UPDATE_JSON_CLIENT_SEARCH = "\"connectivity\":\"cellular\""
def iothub_service_sample_run():
try:
iothub_registry_manager = IoTHubRegistryManager(CONNECTION_STRING)
iothub_registry_statistics = iothub_registry_manager.get_statistics()
print ( "Total device count :
{0}".format(iothub_registry_statistics.totalDeviceCount) )
print ( "Enabled device count :
{0}".format(iothub_registry_statistics.enabledDeviceCount) )
print ( "Disabled device count :
{0}".format(iothub_registry_statistics.disabledDeviceCount) )
print ( "" )
number_of_devices = iothub_registry_statistics.totalDeviceCount
dev_list = iothub_registry_manager.get_device_list(number_of_devices)
iothub_twin_method = IoTHubDeviceTwin(CONNECTION_STRING)
print ( "" )
The Registry object exposes all the methods required to interact with device twins from the service. The
code first initializes the Registry object, then updates the device twin for deviceId, and finally runs two
queries. The first selects only the device twins of devices located in the Redmond43 plant, and the second
refines the query to select only the devices that are also connected through cellular network.
6. Add the following code at the end of AddTagsAndQuery.py to implement the
iothub_service_sample_run function:
if __name__ == '__main__':
print ( "Starting the IoT Hub Device Twins Python service sample..." )
iothub_service_sample_run()
python AddTagsAndQuery.py
You should see one device in the results for the query asking for all devices located in Redmond43 and
none for the query that restricts the results to devices that use a cellular network.
In the next section, you create a device app that reports the connectivity information and changes the result of the
query in the previous section.
import time
import threading
from azure.iot.device import IoTHubModuleClient
4. Add the following code. Replace the [IoTHub Device Connection String] placeholder value with the device
connection string you copied in Register a new device in the IoT hub.
5. Add the following code to the ReportConnectivity.py file to implement the device twins functionality:
def twin_update_listener(client):
while True:
patch = client.receive_twin_desired_properties_patch() # blocking call
print("Twin patch received:")
print(patch)
def iothub_client_init():
client = IoTHubModuleClient.create_from_connection_string(CONNECTION_STRING)
return client
def iothub_client_sample_run():
try:
client = iothub_client_init()
# Send reported
print ( "Sending data as reported property..." )
reported_patch = {"connectivity": "cellular"}
client.patch_twin_reported_properties(reported_patch)
print ( "Reported properties updated" )
while True:
time.sleep(1000000)
except KeyboardInterrupt:
print ( "IoTHubClient sample stopped" )
The Client object exposes all the methods you require to interact with device twins from the device. The
previous code, after it initializes the Client object, retrieves the device twin for your device and updates its
reported property with the connectivity information.
6. Add the following code at the end of ReportConnectivity.py to implement the
iothub_client_sample_run function:
if __name__ == '__main__':
print ( "Starting the IoT Hub Device Twins Python client sample..." )
print ( "IoTHubModuleClient waiting for commands, press Ctrl-C to exit" )
iothub_client_sample_run()
python ReportConnectivity.py
python AddTagsAndQuery.py
Next steps
In this tutorial, you configured a new IoT hub in the Azure portal, and then created a device identity in the IoT
hub's identity registry. You added device metadata as tags from a back-end app, and wrote a simulated device app
to report device connectivity information in the device twin. You also learned how to query this information using
the registry.
Use the following resources to learn how to:
Send telemetry from devices with the Get started with IoT Hub tutorial.
Configure devices using device twin's desired properties with the Use desired properties to configure
devices tutorial.
Control devices interactively (such as turning on a fan from a user-controlled app), with the Use direct
methods tutorial.
Get started with IoT Hub module identity and
module twin using the portal and .NET device
11/12/2019 • 7 minutes to read • Edit Online
NOTE
Module identities and module twins are similar to Azure IoT Hub device identity and device twin, but provide finer
granularity. While Azure IoT Hub device identity and device twin enable the back-end application to configure a device and
provide visibility on the device’s conditions, a module identity and module twin provide these capabilities for individual
components of a device. On capable devices with multiple components, such as operating system based devices or firmware
devices, module identities and module twins allow for isolated configuration and conditions for each component.
NOTE
For information about the Azure IoT SDKs that you can use to build both applications to run on devices and your solution
back end, see Azure IoT SDKs.
Prerequisites
Visual Studio.
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
Create a hub
This section describes how to create an IoT hub using the Azure portal.
1. Sign in to the Azure portal.
2. From the Azure homepage, select the + Create a resource button, and then enter IoT Hub in the Search
the Marketplace field.
3. Select IoT Hub from the search results, and then select Create.
4. On the Basics tab, complete the fields as follows:
Subscription: Select the subscription to use for your hub.
Resource Group: Select a resource group or create a new one. To create a new one, select Create
new and fill in the name you want to use. To use an existing resource group, select that resource
group. For more information, see Manage Azure Resource Manager resource groups.
Region: Select the region in which you want your hub to be located. Select the location closest to
you.
IoT Hub Name: Enter a name for your hub. This name must be globally unique. If the name you
enter is available, a green check mark appears.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This action
creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
Your new module identity appears at the bottom of the screen. Select it to see module identity details.
Save the Connect string - primary key. You use it in the next section to you set up your module on the device.
using Microsoft.Azure.Devices.Client;
using Microsoft.Azure.Devices.Shared;
using Newtonsoft.Json;
2. Add the following fields to the Program class. Replace the placeholder value with the module connection
string.
await Client.UpdateReportedPropertiesAsync(reportedProperties).ConfigureAwait(false);
}
try
{
Client = ModuleClient.CreateFromConnectionString(ModuleConnectionString, transport);
Client.SetConnectionStatusChangesHandler(ConnectionStatusChangeHandler);
Client.SetDesiredPropertyUpdateCallbackAsync(OnDesiredPropertyChanged, null).Wait();
Console.WriteLine("Retrieving twin");
var twinTask = Client.GetTwinAsync();
twinTask.Wait();
var twin = twinTask.Result;
Console.WriteLine(JsonConvert.SerializeObject(twin));
Client.UpdateReportedPropertiesAsync(reportedProperties);
}
catch (AggregateException ex)
{
Console.WriteLine("Error in sample: {0}", ex);
}
Next steps
To continue getting started with IoT Hub and to explore other IoT scenarios, see:
Get started with IoT Hub module identity and module twin using .NET backup and .NET device
Getting started with IoT Edge
Get started with IoT Hub module identity and
module twin (.NET)
11/12/2019 • 9 minutes to read • Edit Online
NOTE
Module identities and module twins are similar to Azure IoT Hub device identity and device twin, but provide finer
granularity. While Azure IoT Hub device identity and device twin enable the back-end application to configure a device and
provide visibility on the device’s conditions, a module identity and module twin provide these capabilities for individual
components of a device. On capable devices with multiple components, such as operating system based devices or firmware
devices, module identities and module twins allow for isolated configuration and conditions for each component.
At the end of this tutorial, you have two .NET console apps:
CreateIdentities. This app creates a device identity, a module identity, and associated security key to
connect your device and module clients.
UpdateModuleTwinReportedProperties. This app sends updated module twin reported properties to
your IoT hub.
NOTE
For information about the Azure IoT SDKs that you can use to build both applications to run on devices, and your solution
back end, see Azure IoT SDKs.
Prerequisites
Visual Studio.
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
Create a hub
This section describes how to create an IoT hub using the Azure portal.
1. Sign in to the Azure portal.
2. From the Azure homepage, select the + Create a resource button, and then enter IoT Hub in the Search
the Marketplace field.
3. Select IoT Hub from the search results, and then select Create.
4. On the Basics tab, complete the fields as follows:
Subscription: Select the subscription to use for your hub.
Resource Group: Select a resource group or create a new one. To create a new one, select Create
new and fill in the name you want to use. To use an existing resource group, select that resource
group. For more information, see Manage Azure Resource Manager resource groups.
Region: Select the region in which you want your hub to be located. Select the location closest to
you.
IoT Hub Name: Enter a name for your hub. This name must be globally unique. If the name you
enter is available, a green check mark appears.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Create a module identity
In this section, you create a .NET console app that creates a device identity and a module identity in the identity
registry in your hub. A device or module can't connect to hub unless it has an entry in the identity registry. For
more information, see the Identity Registry section of the IoT Hub developer guide.
When you run this console app, it generates a unique ID and key for both device and module. Your device and
module use these values to identify themselves when it sends device-to-cloud messages to IoT Hub. The IDs are
case-sensitive.
1. Open Visual Studio, and select Create a new project.
2. In Create a new project, select Console App (.NET Framework).
3. Select Next to open Configure your new project. Name the project CreateIdentities and name the
solution IoTHubGetStarted. Make sure the .NET Framework version is 4.6.1 or later.
4. In Visual Studio, open Tools > NuGet Package Manager > Manage NuGet Packages for Solution.
Select the Browse tab.
5. Search for Microsoft.Azure.Devices. Select it and then select Install.
6. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices;
using Microsoft.Azure.Devices.Common.Exceptions;
7. Add the following fields to the Program class. Replace the placeholder value with the IoT Hub connection
string for the hub that you created in the previous section.
try
{
device = await registryManager.AddDeviceAsync(new Device(deviceID));
}
catch (DeviceAlreadyExistsException)
{
device = await registryManager.GetDeviceAsync(deviceID);
}
try
{
module =
await registryManager.AddModuleAsync(new Module(deviceID, moduleID));
}
catch (ModuleAlreadyExistsException)
{
module = await registryManager.GetModuleAsync(deviceID, moduleID);
}
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
10. Run this app, and make a note of the device key and module key.
NOTE
The IoT Hub identity registry only stores device and module identities to enable secure access to the hub. The identity
registry stores device IDs and keys to use as security credentials. The identity registry also stores an enabled/disabled flag
for each device that you can use to disable access for that device. If your app needs to store other device-specific metadata,
it should use an application-specific store. There is no enabled/disabled flag for module identities. For more information, see
IoT Hub developer guide.
1. In Visual Studio, add a new project to your solution by selecting File > New > Project. In Create a new
project, select Console App (.NET Framework), and select Next.
2. Name the project UpdateModuleTwinReportedProperties. For Solution, select Add to solution. Make
sure the .NET Framework version is 4.6.1 or later.
3. Select Create to create your project.
4. In Visual Studio, open Tools > NuGet Package Manager > Manage NuGet Packages for Solution.
Select the Browse tab.
5. Search for and select Microsoft.Azure.Devices.Client, and then select Install.
6. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices.Client;
using Microsoft.Azure.Devices.Shared;
using System.Threading.Tasks;
using Newtonsoft.Json;
7. Add the following fields to the Program class. Replace the placeholder value with the module connection
string.
private const string ModuleConnectionString = "<Your module connection string>";
private static ModuleClient Client = null;
static void ConnectionStatusChangeHandler(ConnectionStatus status,
ConnectionStatusChangeReason reason)
{
Console.WriteLine("Connection Status Changed to {0}; the reason is {1}",
status, reason);
}
await Client.UpdateReportedPropertiesAsync(reportedProperties).ConfigureAwait(false);
}
try
{
Client =
ModuleClient.CreateFromConnectionString(ModuleConnectionString, transport);
Client.SetConnectionStatusChangesHandler(ConnectionStatusChangeHandler);
Client.SetDesiredPropertyUpdateCallbackAsync(OnDesiredPropertyChanged, null).Wait();
Console.WriteLine("Retrieving twin");
var twinTask = Client.GetTwinAsync();
twinTask.Wait();
var twin = twinTask.Result;
Console.WriteLine(JsonConvert.SerializeObject(twin.Properties));
Client.UpdateReportedPropertiesAsync(reportedProperties);
}
catch (AggregateException ex)
{
Console.WriteLine("Error in sample: {0}", ex);
}
This code sample shows you how to retrieve the module twin and update reported properties with AMQP
protocol. In public preview, we only support AMQP for module twin operations.
10. Optionally, you can add these statements to the Main method to send an event to IoT Hub from your
module. Place these lines below the try catch block.
Next steps
To continue getting started with IoT Hub and to explore other IoT scenarios, see:
Getting started with device management
Getting started with IoT Edge
Get started with IoT Hub module identity and
module twin (Python)
11/12/2019 • 7 minutes to read • Edit Online
NOTE
Module identities and module twins are similar to Azure IoT Hub device identity and device twin, but provide finer
granularity. While Azure IoT Hub device identity and device twin enable the back-end application to configure a device and
provides visibility on the device’s conditions, a module identity and module twin provide these capabilities for individual
components of a device. On capable devices with multiple components, such as operating system based devices or firmware
devices, it allows for isolated configuration and conditions for each component.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Javascript, and Python) through
Azure IoT device SDKs. For instructions on how to use Python to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Python SDK.
Prerequisites
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
Python 2.x or 3.x. Make sure to use the 32-bit or 64-bit installation as required by your setup. When
prompted during the installation, make sure to add Python to your platform-specific environment variable.
If you are using Python 2.x, you may need to install or upgrade pip, the Python package management
system.
If needed, install the azure-iot-device package, using the command pip install azure-iot-device
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Create a device identity and a module identity in IoT Hub
In this section, you create a Python app that creates a device identity and a module identity in the identity registry
in your IoT hub. A device or module cannot connect to IoT hub unless it has an entry in the identity registry. For
more information, see the "Identity registry" section of the IoT Hub developer guide. When you run this console
app, it generates a unique ID and key for both device and module. Your device and module use these values to
identify itself when it sends device-to-cloud messages to IoT Hub. The IDs are case-sensitive.
Add the following code to your Python file:
import sys
import iothub_service_client
from iothub_service_client import IoTHubRegistryManager, IoTHubRegistryManagerAuthMethod, IoTHubError
CONNECTION_STRING = "YourConnString"
DEVICE_ID = "myFirstDevice"
MODULE_ID = "myFirstModule"
try:
# RegistryManager
iothub_registry_manager = IoTHubRegistryManager(CONNECTION_STRING)
# CreateDevice
primary_key = ""
secondary_key = ""
auth_method = IoTHubRegistryManagerAuthMethod.SHARED_PRIVATE_KEY
new_device = iothub_registry_manager.create_device(
DEVICE_ID, primary_key, secondary_key, auth_method)
print("new_device <" + DEVICE_ID +
"> has primary key = " + new_device.primaryKey)
# CreateModule
new_module = iothub_registry_manager.create_module(
DEVICE_ID, primary_key, secondary_key, MODULE_ID, auth_method)
print("device/new_module <" + DEVICE_ID + "/" + MODULE_ID +
"> has primary key = " + new_module.primaryKey)
This app creates a device identity with ID myFirstDevice and a module identity with ID myFirstModule under
device myFirstDevice. (If that module ID already exists in the identity registry, the code simply retrieves the
existing module information.) The app then displays the primary key for that identity. You use this key in the
simulated module app to connect to your IoT hub.
NOTE
The IoT Hub identity registry only stores device and module identities to enable secure access to the IoT hub. The identity
registry stores device IDs and keys to use as security credentials. The identity registry also stores an enabled/disabled flag
for each device that you can use to disable access for that device. If your application needs to store other device-specific
metadata, it should use an application-specific store. There is no enabled/disabled flag for module identities. For more
information, see IoT Hub developer guide.
import sys
import iothub_service_client
from iothub_service_client import IoTHubRegistryManager, IoTHubRegistryManagerAuthMethod,
IoTHubDeviceTwin, IoTHubError
UPDATE_JSON = "{\"properties\":{\"desired\":{\"telemetryInterval\":122}}}"
try:
iothub_twin = IoTHubDeviceTwin(CONNECTION_STRING)
This code sample shows you how to retrieve the module twin and update reported properties with AMQP
protocol.
CONNECTION_STRING = "{deviceConnectionString}"
def twin_update_listener(client):
while True:
patch = client.receive_twin_desired_properties_patch() # blocking call
print("")
print("Twin desired properties patch received:")
print(patch)
def iothub_client_sample_run():
try:
module_client = IoTHubModuleClient.create_from_connection_string(CONNECTION_STRING)
while True:
time.sleep(1000000)
except KeyboardInterrupt:
print("IoTHubModuleClient sample stopped")
if __name__ == '__main__':
print ( "Starting the IoT Hub Python sample..." )
print ( "IoTHubModuleClient waiting for commands, press Ctrl-C to exit" )
iothub_client_sample_run()
Next steps
To continue getting started with IoT Hub and to explore other IoT scenarios, see:
Getting started with device management
Getting started with IoT Edge
Get started with IoT Hub module identity and
module twin (C)
12/2/2019 • 9 minutes to read • Edit Online
NOTE
Module identities and module twins are similar to Azure IoT Hub device identity and device twin, but provide finer
granularity. While Azure IoT Hub device identity and device twin enable the back-end application to configure a device and
provides visibility on the device’s conditions, a module identity and module twin provide these capabilities for individual
components of a device. On capable devices with multiple components, such as operating system based devices or firmware
devices, it allows for isolated configuration and conditions for each component.
NOTE
For information about the Azure IoT SDKs that you can use to build both applications to run on devices, and your solution
backend, see Azure IoT SDKs.
Prerequisites
An active Azure account. (If you don't have an account, you can create an Azure free account in just a
couple of minutes.)
The latest Azure IoT C SDK.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Create a device identity and a module identity in IoT Hub
In this section, you create a C app that creates a device identity and a module identity in the identity registry in
your IoT hub. A device or module cannot connect to IoT hub unless it has an entry in the identity registry. For
more information, see the Identity registry section of the IoT Hub developer guide. When you run this console
app, it generates a unique ID and key for both device and module. Your device and module use these values to
identify itself when it sends device-to-cloud messages to IoT Hub. The IDs are case-sensitive.
Add the following code to your C file:
#include <stdio.h>
#include <stdlib.h>
#include "azure_c_shared_utility/crt_abstractions.h"
#include "azure_c_shared_utility/threadapi.h"
#include "azure_c_shared_utility/platform.h"
#include "iothub_service_client_auth.h"
#include "iothub_registrymanager.h"
(void)memset(&deviceCreateInfo, 0, sizeof(deviceCreateInfo));
deviceCreateInfo.version = 1;
deviceCreateInfo.deviceId = deviceId;
deviceCreateInfo.primaryKey = "";
deviceCreateInfo.secondaryKey = "";
deviceCreateInfo.authMethod = IOTHUB_REGISTRYMANAGER_AUTH_SPK;
IOTHUB_DEVICE_EX deviceInfoEx;
memset(&deviceInfoEx, 0, sizeof(deviceInfoEx));
deviceInfoEx.version = 1;
// Create device
result = IoTHubRegistryManager_CreateDevice_Ex(iotHubRegistryManagerHandle,
&deviceCreateInfo, &deviceInfoEx);
if (result == IOTHUB_REGISTRYMANAGER_OK)
{
(void)printf("IoTHubRegistryManager_CreateDevice: Device has been created successfully: deviceId=%s,
primaryKey=%s\n", deviceInfoEx.deviceId, deviceInfoEx.primaryKey);
}
else if (result == IOTHUB_REGISTRYMANAGER_DEVICE_EXIST)
{
(void)printf("IoTHubRegistryManager_CreateDevice: Device already exists\n");
}
else if (result == IOTHUB_REGISTRYMANAGER_ERROR)
{
(void)printf("IoTHubRegistryManager_CreateDevice failed\n");
}
// You will need to Free the returned device information after it was created
IoTHubRegistryManager_FreeDeviceExMembers(&deviceInfoEx);
}
(void)memset(&moduleCreateInfo, 0, sizeof(moduleCreateInfo));
moduleCreateInfo.version = 1;
moduleCreateInfo.deviceId = deviceId;
moduleCreateInfo.moduleId = moduleId;
moduleCreateInfo.primaryKey = "";
moduleCreateInfo.secondaryKey = "";
moduleCreateInfo.authMethod = IOTHUB_REGISTRYMANAGER_AUTH_SPK;
IOTHUB_MODULE moduleInfo;
memset(&moduleInfo, 0, sizeof(moduleInfo));
moduleInfo.version = 1;
// Create module
result = IoTHubRegistryManager_CreateModule(iotHubRegistryManagerHandle, &moduleCreateInfo, &moduleInfo);
if (result == IOTHUB_REGISTRYMANAGER_OK)
{
(void)printf("IoTHubRegistryManager_CreateModule: Module has been created successfully: deviceId=%s,
moduleId=%s, primaryKey=%s\n", moduleInfo.deviceId, moduleInfo.moduleId, moduleInfo.primaryKey);
}
else if (result == IOTHUB_REGISTRYMANAGER_DEVICE_EXIST)
{
(void)printf("IoTHubRegistryManager_CreateModule: Module already exists\n");
}
else if (result == IOTHUB_REGISTRYMANAGER_ERROR)
{
(void)printf("IoTHubRegistryManager_CreateModule failed\n");
}
// You will need to Free the returned module information after it was created
IoTHubRegistryManager_FreeModuleMembers(&moduleInfo);
}
int main(void)
{
(void)platform_init();
if ((iotHubServiceClientHandle = IoTHubServiceClientAuth_CreateFromConnectionString(hubConnectionString))
== NULL)
{
(void)printf("IoTHubServiceClientAuth_CreateFromConnectionString failed\n");
}
else if ((iotHubRegistryManagerHandle = IoTHubRegistryManager_Create(iotHubServiceClientHandle)) == NULL)
{
(void)printf("IoTHubServiceClientAuth_CreateFromConnectionString failed\n");
}
else
{
createDevice(iotHubRegistryManagerHandle, deviceId);
createModule(iotHubRegistryManagerHandle, deviceId, moduleId);
}
if (iotHubRegistryManagerHandle != NULL)
{
(void)printf("Calling IoTHubRegistryManager_Destroy...\n");
IoTHubRegistryManager_Destroy(iotHubRegistryManagerHandle);
}
if (iotHubServiceClientHandle != NULL)
{
(void)printf("Calling IoTHubServiceClientAuth_Destroy...\n");
IoTHubServiceClientAuth_Destroy(iotHubServiceClientHandle);
}
platform_deinit();
return 0;
}
}
This app creates a device identity with ID myFirstDevice and a module identity with ID myFirstModule under
device myFirstDevice. (If that module ID already exists in the identity registry, the code simply retrieves the
existing module information.) The app then displays the primary key for that identity. You use this key in the
simulated module app to connect to your IoT hub.
NOTE
The IoT Hub identity registry only stores device and module identities to enable secure access to the IoT hub. The identity
registry stores device IDs and keys to use as security credentials. The identity registry also stores an enabled/disabled flag
for each device that you can use to disable access for that device. If your application needs to store other device-specific
metadata, it should use an application-specific store. There is no enabled/disabled flag for module identities. For more
information, see IoT Hub developer guide.
#include "azure_c_shared_utility/crt_abstractions.h"
#include "azure_c_shared_utility/threadapi.h"
#include "azure_c_shared_utility/platform.h"
#include "iothub_service_client_auth.h"
#include "iothub_devicetwin.h"
int main(void)
{
(void)platform_init();
if ((iotHubServiceClientHandle =
IoTHubServiceClientAuth_CreateFromConnectionString(moduleConnectionString)) == NULL)
{
(void)printf("IoTHubServiceClientAuth_CreateFromConnectionString failed\n");
}
else if ((iothubDeviceTwinHandle = IoTHubDeviceTwin_Create(iotHubServiceClientHandle)) == NULL)
{
(void)printf("IoTHubServiceClientAuth_CreateFromConnectionString failed\n");
}
else
{
char *result = IoTHubDeviceTwin_UpdateModuleTwin(iothubDeviceTwinHandle, deviceId, moduleId,
testJson);
printf("IoTHubDeviceTwin_UpdateModuleTwin returned %s\n", result);
}
if (iothubDeviceTwinHandle != NULL)
{
(void)printf("Calling IoTHubDeviceTwin_Destroy...\n");
IoTHubDeviceTwin_Destroy(iothubDeviceTwinHandle);
}
if (iotHubServiceClientHandle != NULL)
{
(void)printf("Calling IoTHubServiceClientAuth_Destroy...\n");
IoTHubServiceClientAuth_Destroy(iotHubServiceClientHandle);
}
platform_deinit();
return 0;
}
This code sample shows you how to retrieve the module twin and update reported properties.
#include <stdio.h>
#include <stdlib.h>
#include "azure_c_shared_utility/crt_abstractions.h"
#include "azure_c_shared_utility/crt_abstractions.h"
#include "azure_c_shared_utility/macro_utils.h"
#include "azure_c_shared_utility/threadapi.h"
#include "azure_c_shared_utility/platform.h"
#include "iothub_module_client_ll.h"
#include "iothub_client_options.h"
#include "iothub_message.h"
#ifdef SAMPLE_MQTT
#include "iothubtransportmqtt.h"
#endif // SAMPLE_MQTT
#ifdef SAMPLE_MQTT_OVER_WEBSOCKETS
#include "iothubtransportmqtt_websockets.h"
#endif // SAMPLE_MQTT_OVER_WEBSOCKETS
#ifdef SAMPLE_AMQP
#include "iothubtransportamqp.h"
#endif // SAMPLE_AMQP
#ifdef SAMPLE_AMQP_OVER_WEBSOCKETS
#include "iothubtransportamqp_websockets.h"
#endif // SAMPLE_AMQP_OVER_WEBSOCKETS
#ifdef SAMPLE_HTTP
#include "iothubtransporthttp.h"
#endif // SAMPLE_HTTP
g_continueRunning = false;
}
void iothub_module_client_sample_device_twin_run(void)
{
IOTHUB_CLIENT_TRANSPORT_PROVIDER protocol;
IOTHUB_MODULE_CLIENT_LL_HANDLE iotHubModuleClientHandle;
g_continueRunning = true;
if (platform_init() != 0)
{
(void)printf("Failed to initialize the platform.\r\n");
}
else
{
if ((iotHubModuleClientHandle = IoTHubModuleClient_LL_CreateFromConnectionString(connectionString,
protocol)) == NULL)
{
(void)printf("ERROR: iotHubModuleClientHandle is NULL!\r\n");
}
else
{
bool traceOn = true;
const char* reportedState = "{ 'device_property': 'new_value'}";
size_t reportedStateSize = strlen(reportedState);
// Check the return of all API calls when developing your solution. Return checks ommited for
sample simplification.
(void)IoTHubModuleClient_LL_SetModuleTwinCallback(iotHubModuleClientHandle, deviceTwinCallback,
iotHubModuleClientHandle);
(void)IoTHubModuleClient_LL_SendReportedState(iotHubModuleClientHandle, (const unsigned
char*)reportedState, reportedStateSize, reportedStateCallback, iotHubModuleClientHandle);
do
{
IoTHubModuleClient_LL_DoWork(iotHubModuleClientHandle);
ThreadAPI_Sleep(1);
} while (g_continueRunning);
IoTHubModuleClient_LL_Destroy(iotHubModuleClientHandle);
}
platform_deinit();
}
}
int main(void)
{
iothub_module_client_sample_device_twin_run();
return 0;
}
Next steps
To continue getting started with IoT Hub and to explore other IoT scenarios, see:
Getting started with device management
Getting started with IoT Edge
Get started with IoT Hub module identity and
module twin (Node.js)
11/12/2019 • 8 minutes to read • Edit Online
NOTE
Module identities and module twins are similar to Azure IoT Hub device identity and device twin, but provide finer
granularity. While Azure IoT Hub device identity and device twin enable the back-end application to configure a device and
provides visibility on the device’s conditions, a module identity and module twin provide these capabilities for individual
components of a device. On capable devices with multiple components, such as operating system based devices or firmware
devices, it allows for isolated configuration and conditions for each component.
NOTE
For information about the Azure IoT SDKs that you can use to build both applications to run on devices, and your solution
back end, see Azure IoT SDKs.
Prerequisites
Node.js version 10.0.x or later. Prepare your development environment describes how to install Node.js for
this tutorial on either Windows or Linux.
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Create a device identity and a module identity in IoT Hub
In this section, you create a Node.js app that creates a device identity and a module identity in the identity registry
in your IoT hub. A device or module cannot connect to IoT hub unless it has an entry in the identity registry. For
more information, see the "Identity registry" section of the IoT Hub developer guide. When you run this console
app, it generates a unique ID and key for both device and module. Your device and module use these values to
identify itself when it sends device-to-cloud messages to IoT Hub. The IDs are case-sensitive.
1. Create a directory to hold your code.
2. Inside of that directory, first run npm init -y to create an empty package.json with defaults. This is the
project file for your code.
3. Run npm install -S azure-iothub@modules-preview to install the service SDK inside the
node_modules subdirectory.
NOTE
The subdirectory name node_modules uses the word module to mean "a node library". The term here has nothing
to do with IoT Hub modules.
4. Create the following .js file in your directory. Call it add.js. Copy and paste your hub connection string and
hub name.
var Registry = require('azure-iothub').Registry;
var uuid = require('uuid');
// Copy/paste your connection string and hub name here
var serviceConnectionString = '<hub connection string from portal>';
var hubName = '<hub name>.azure-devices.net';
// Create an instance of the IoTHub registry
var registry = Registry.fromConnectionString(serviceConnectionString);
// Insert your device ID and moduleId here.
var deviceId = 'myFirstDevice';
var moduleId = 'myFirstModule';
// Create your device as a SAS authentication device
var primaryKey = new Buffer(uuid.v4()).toString('base64');
var secondaryKey = new Buffer(uuid.v4()).toString('base64');
var deviceDescription = {
deviceId: deviceId,
status: 'enabled',
authentication: {
type: 'sas',
symmetricKey: {
primaryKey: primaryKey,
secondaryKey: secondaryKey
}
}
};
// Finally, retrieve the module details from the hub so we can construct the connection string
registry.getModule(deviceId, moduleId, function(err, foundModule) {
if (err) {
console.log('Error getting module back from hub: ' + err);
process.exit(1);
}
console.log('module connection string = "HostName=' + hubName + ';DeviceId=' +
foundModule.deviceId + ';ModuleId='+foundModule.moduleId+';SharedAccessKey=' +
foundModule.authentication.symmetricKey.primaryKey + '"');
process.exit(0);
});
});
});
This app creates a device identity with ID myFirstDevice and a module identity with ID myFirstModule under
device myFirstDevice. (If that module ID already exists in the identity registry, the code simply retrieves the
existing module information.) The app then displays the primary key for that identity. You use this key in the
simulated module app to connect to your IoT hub.
Run this using node add.js. It will give you a connection string for your device identity and another one for your
module identity.
NOTE
The IoT Hub identity registry only stores device and module identities to enable secure access to the IoT hub. The identity
registry stores device IDs and keys to use as security credentials. The identity registry also stores an enabled/disabled flag
for each device that you can use to disable access for that device. If your application needs to store other device-specific
metadata, it should use an application-specific store. There is no enabled/disabled flag for module identities. For more
information, see IoT Hub developer guide.
2. Similar to you did in the step above, create a directory for your device code and use NPM to initialize it and
install the device SDK (npm install -S azure-iot-device-amqp@modules-preview).
NOTE
The npm install command may feel slow. Be patient, it's pulling down lots of code from the package repository.
NOTE
If you see an error that says npm ERR! registry error parsing json, this is safe to ignore. If you see an error that says
npm ERR! registry error parsing json, this is safe to ignore.
3. Create a file called twin.js. Copy and paste your module identity string.
var Client = require('azure-iot-device').Client;
var Protocol = require('azure-iot-device-amqp').Amqp;
// Copy/paste your module connection string here.
var connectionString = '<insert module connection string here>';
// Create a client using the Amqp protocol.
var client = Client.fromConnectionString(connectionString, Protocol);
client.on('error', function (err) {
console.error(err.message);
});
// connect to the hub
client.open(function(err) {
if (err) {
console.error('error connecting to hub: ' + err);
process.exit(1);
}
console.log('client opened');
// Create device Twin
client.getTwin(function(err, twin) {
if (err) {
console.error('error getting twin: ' + err);
process.exit(1);
}
// Output the current properties
console.log('twin contents:');
console.log(twin.properties);
// Add a handler for desired property changes
twin.on('properties.desired', function(delta) {
console.log('new desired properties received:');
console.log(JSON.stringify(delta));
});
// create a patch to send to the hub
var patch = {
updateTime: new Date().toString(),
firmwareVersion:'1.2.1',
weather:{
temperature: 72,
humidity: 17
}
};
// send the patch
twin.properties.reported.update(patch, function(err) {
if (err) throw err;
console.log('twin state reported');
});
});
});
F:\temp\module_twin>node twin.js
client opened
twin contents:
{ reported: { update: [Function: update], '$version': 1 },
desired: { '$version': 1 } }
new desired properties received:
{"$version":1}
twin state reported
Next steps
To continue getting started with IoT Hub and to explore other IoT scenarios, see:
Getting started with device management
Getting started with IoT Edge
Get started with device management (Node.js)
8/29/2019 • 10 minutes to read • Edit Online
Back-end apps can use Azure IoT Hub primitives, such as device twin and direct methods, to remotely start and
monitor device management actions on devices. This tutorial shows you how a back-end app and a device app
can work together to initiate and monitor a remote device reboot using IoT Hub.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Use a direct method to initiate device management actions (such as reboot, factory reset, and firmware update)
from a back-end app in the cloud. The device is responsible for:
Handling the method request sent from IoT Hub.
Initiating the corresponding device-specific action on the device.
Providing status updates through reported properties to IoT Hub.
You can use a back-end app in the cloud to run device twin queries to report on the progress of your device
management actions.
This tutorial shows you how to:
Use the Azure portal to create an IoT Hub and create a device identity in your IoT hub.
Create a simulated device app that contains a direct method that reboots that device. Direct methods are
invoked from the cloud.
Create a Node.js console app that calls the reboot direct method in the simulated device app through your
IoT hub.
At the end of this tutorial, you have two Node.js console apps:
dmpatterns_getstarted_device.js, which connects to your IoT hub with the device identity created
earlier, receives a reboot direct method, simulates a physical reboot, and reports the time for the last
reboot.
dmpatterns_getstarted_service.js, which calls a direct method in the simulated device app, displays the
response, and displays the updated reported properties.
Prerequisites
Node.js version 10.0.x or later. Prepare your development environment describes how to install Node.js
for this tutorial on either Windows or Linux.
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
3. Create a new device identity called myDeviceId and retrieve the device connection string with these
commands:
az iot hub device-identity create --device-id myDeviceId --hub-name {Your IoT Hub name}
az iot hub device-identity show-connection-string --device-id myDeviceId --hub-name {Your IoT Hub
name} -o table
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
Make a note of the device connection string from the result. This device connection string is used by the device
app to connect to your IoT Hub as a device.
npm init
2. At your command prompt in the manageddevice folder, run the following command to install the azure-
iot-device Device SDK package and azure-iot-device-mqtt package:
'use strict';
5. Add a connectionString variable and use it to create a Client instance. Replace the
{yourdeviceconnectionstring} placeholder value with the device connection string you copied previously
in Register a new device in the IoT hub.
6. Add the following function to implement the direct method on the device
var onReboot = function(request, response) {
7. Open the connection to your IoT hub and start the direct method listener:
client.open(function(err) {
if (err) {
console.error('Could not open IotHub client');
} else {
console.log('Client opened. Waiting for reboot method.');
client.onDeviceMethod('reboot', onReboot);
}
});
NOTE
To keep things simple, this tutorial does not implement any retry policy. In production code, you should implement retry
policies (such as an exponential backoff), as suggested in the article, Transient Fault Handling.
For more information about IoT Hub shared access policies and permissions, see Access control and
permissions.
npm init
2. At your command prompt in the triggerrebootondevice folder, run the following command to install the
azure-iothub Device SDK package and azure-iot-device-mqtt package:
'use strict';
6. Add the following function to invoke the device method to reboot the target device:
var methodParams = {
methodName: methodName,
payload: null,
timeoutInSeconds: 30
};
7. Add the following function to query for the device and get the last reboot time:
if (twin.properties.reported.iothubDM != null)
{
if (err) {
console.error('Could not query twins: ' + err.constructor.name + ': ' + err.message);
} else {
var lastRebootTime = twin.properties.reported.iothubDM.reboot.lastReboot;
console.log('Last reboot time: ' + JSON.stringify(lastRebootTime, null, 2));
}
} else
console.log('Waiting for device to report last reboot time.');
});
};
8. Add the following code to call the functions that trigger the reboot direct method and query for the last
reboot time:
startRebootDevice();
setInterval(queryTwinLastReboot, 2000);
node dmpatterns_getstarted_device.js
2. At the command prompt in the triggerrebootondevice folder, run the following command to trigger the
remote reboot and query for the device twin to find the last reboot time.
node dmpatterns_getstarted_service.js
3. You see the device response to the reboot direct method and the reboot status in the console.
The following shows the device response to the reboot direct method sent by the service:
The following shows the service triggering the reboot and polling the device twin for the last reboot time:
Next steps
In this tutorial, you used a direct method to trigger a remote reboot on a device. You used the reported
properties to report the last reboot time from the device, and queried the device twin to discover the last reboot
time of the device from the cloud.
To continue getting started with IoT Hub and device management patterns such as remote over the air firmware
update, see How to do a firmware update.
To learn how to extend your IoT solution and schedule method calls on multiple devices, see Schedule and
broadcast jobs.
Get started with device management (.NET)
8/29/2019 • 11 minutes to read • Edit Online
Back-end apps can use Azure IoT Hub primitives, such as device twin and direct methods, to remotely start and
monitor device management actions on devices. This tutorial shows you how a back-end app and a device app can
work together to initiate and monitor a remote device reboot using IoT Hub.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Use a direct method to initiate device management actions (such as reboot, factory reset, and firmware update)
from a back-end app in the cloud. The device is responsible for:
Handling the method request sent from IoT Hub.
Initiating the corresponding device-specific action on the device.
Providing status updates through reported properties to IoT Hub.
You can use a back-end app in the cloud to run device twin queries to report on the progress of your device
management actions.
This tutorial shows you how to:
Use the Azure portal to create an IoT hub and create a device identity in your IoT hub.
Create a simulated device app that contains a direct method that reboots that device. Direct methods are
invoked from the cloud.
Create a .NET console app that calls the reboot direct method in the simulated device app through your IoT
hub.
At the end of this tutorial, you have two .NET console apps:
SimulateManagedDevice. This app connects to your IoT hub with the device identity created earlier,
receives a reboot direct method, simulates a physical reboot, and reports the time for the last reboot.
TriggerReboot. This app calls a direct method in the simulated device app, displays the response, and
displays the updated reported properties.
Prerequisites
Visual Studio.
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This action
creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
This step downloads, installs, and adds a reference to the Azure IoT service SDK NuGet package and its
dependencies.
6. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices;
using Microsoft.Azure.Devices.Shared;
7. Add the following fields to the Program class. Replace the {iot hub connection string} placeholder value
with the IoT Hub connection string you copied previously in Get the IoT hub connection string.
9. Add the following method to the Program class. This code initiates the reboot on the device using a direct
method.
registryManager = RegistryManager.CreateFromConnectionString(connString);
StartReboot().Wait();
QueryTwinRebootReported().Wait();
Console.WriteLine("Press ENTER to exit.");
Console.ReadLine();
NOTE
This tutorial performs only a single query for the device's reported properties. In production code, we recommend polling to
detect changes in the reported properties.
3. In Solution Explorer, right-click the new SimulateManagedDevice project, and then select Manage
NuGet Packages.
4. Select Browse, then search for and select Microsoft.Azure.Devices.Client. Select Install.
This step downloads, installs, and adds a reference to the Azure IoT device SDK NuGet package and its
dependencies.
5. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices.Client;
using Microsoft.Azure.Devices.Shared;
6. Add the following fields to the Program class. Replace the {device connection string} placeholder value
with the device connection string that you noted previously in Register a new device in the IoT hub.
8. Finally, add the following code to the Main method to open the connection to your IoT hub and initialize
the method listener:
try
{
Console.WriteLine("Connecting to hub");
Client = DeviceClient.CreateFromConnectionString(DeviceConnectionString,
TransportType.Mqtt);
Console.WriteLine("Exiting...");
9. In Solution Explorer, right-click your solution, and then select Set StartUp Projects.
10. For Common Properties > Startup Project, Select Single startup project, and then select the
SimulateManagedDevice project. Select OK to save your changes.
11. Select Build > Build Solution.
NOTE
To keep things simple, this tutorial does not implement any retry policy. In production code, you should implement retry
policies (such as an exponential backoff), as suggested in Transient fault handling.
Next steps
In this tutorial, you used a direct method to trigger a remote reboot on a device. You used the reported properties
to report the last reboot time from the device, and queried the device twin to discover the last reboot time of the
device from the cloud.
To continue getting started with IoT Hub and device management patterns such as remote over the air firmware
update, see How to do a firmware update.
To learn how to extend your IoT solution and schedule method calls on multiple devices, see Schedule and
broadcast jobs.
Get started with device management (Java)
8/29/2019 • 14 minutes to read • Edit Online
Back-end apps can use Azure IoT Hub primitives, such as device twin and direct methods, to remotely start and
monitor device management actions on devices. This tutorial shows you how a back-end app and a device app can
work together to initiate and monitor a remote device reboot using IoT Hub.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Use a direct method to initiate device management actions (such as reboot, factory reset, and firmware update)
from a back-end app in the cloud. The device is responsible for:
Handling the method request sent from IoT Hub.
Initiating the corresponding device-specific action on the device.
Providing status updates through reported properties to IoT Hub.
You can use a back-end app in the cloud to run device twin queries to report on the progress of your device
management actions.
This tutorial shows you how to:
Use the Azure portal to create an IoT Hub and create a device identity in your IoT hub.
Create a simulated device app that implements a direct method to reboot the device. Direct methods are
invoked from the cloud.
Create an app that invokes the reboot direct method in the simulated device app through your IoT hub.
This app then monitors the reported properties from the device to see when the reboot operation is
complete.
At the end of this tutorial, you have two Java console apps:
simulated-device. This app:
Connects to your IoT hub with the device identity created earlier.
Receives a reboot direct method call.
Simulates a physical reboot.
Reports the time of the last reboot through a reported property.
trigger-reboot. This app:
Calls a direct method in the simulated device app.
Displays the response to the direct method call sent by the simulated device.
Displays the updated reported properties.
NOTE
For information about the SDKs that you can use to build applications to run on devices and your solution back end, see
Azure IoT SDKs.
Prerequisites
Java SE Development Kit 8. Make sure you select Java 8 under Long-term support to get to downloads
for JDK 8.
Maven 3
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
3. Create a new device identity called myDeviceId and retrieve the device connection string with these
commands:
az iot hub device-identity create --device-id myDeviceId --hub-name {Your IoT Hub name}
az iot hub device-identity show-connection-string --device-id myDeviceId --hub-name {Your IoT Hub name}
-o table
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
Make a note of the device connection string from the result. This device connection string is used by the device
app to connect to your IoT Hub as a device.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-service-client</artifactId>
<version>1.17.1</version>
<type>jar</type>
</dependency>
NOTE
You can check for the latest version of iot-service-client using Maven search.
5. Add the following build node after the dependencies node. This configuration instructs Maven to use
Java 1.8 to build the app:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
import java.io.IOException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.Executors;
import java.util.concurrent.ExecutorService;
9. Add the following class-level variables to the App class. Replace {youriothubconnectionstring} with the IoT
Hub connection string you copied previously in Get the IoT hub connection string:
10. To implement a thread that reads the reported properties from the device twin every 10 seconds, add the
following nested class to the App class:
11. Modify the signature of the main method to throw the following exception:
12. To invoke the reboot direct method on the simulated device, replace the code in the main method with the
following code:
System.out.println("Starting sample...");
DeviceMethod methodClient = DeviceMethod.createFromConnectionString(iotHubConnectionString);
try
{
System.out.println("Invoke reboot direct method");
MethodResult result = methodClient.invoke(deviceId, methodName, responseTimeout, connectTimeout,
null);
if(result == null)
{
throw new IOException("Invoke direct method reboot returns null");
}
System.out.println("Invoked reboot on device");
System.out.println("Status for device: " + result.getStatus());
System.out.println("Message from device: " + result.getPayload());
}
catch (IotHubException e)
{
System.out.println(e.getMessage());
}
13. To start the thread to poll the reported properties from the simulated device, add the following code to the
main method:
14. To enable you to stop the app, add the following code to the main method:
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-device-client</artifactId>
<version>1.17.5</version>
</dependency>
NOTE
You can check for the latest version of iot-device-client using Maven search.
4. Add the following dependency to the dependencies node. This dependency configures a NOP for the
Apache SLF4J logging facade, which is used by the device client SDK to implement logging. This
configuration is optional, but, if you omit it, you may see a warning in the console when you run the app.
For more information about logging in the device client SDK, see Logging in the Samples for the Azure IoT
device SDK for Java readme file.
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-nop</artifactId>
<version>1.7.28</version>
</dependency>
5. Add the following build node after the dependencies node. This configuration instructs Maven to use
Java 1.8 to build the app:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
import java.io.IOException;
import java.net.URISyntaxException;
import java.time.LocalDateTime;
import java.util.Scanner;
import java.util.Set;
import java.util.HashSet;
9. Add the following class-level variables to the App class. Replace {yourdeviceconnectionstring} with the
device connection string you noted in the Register a new device in the IoT hub section:
10. To implement a callback handler for direct method status events, add the following nested class to the App
class:
11. To implement a callback handler for device twin status events, add the following nested class to the App
class:
12. To implement a callback handler for property events, add the following nested class to the App class:
13. To implement a thread to simulate the device reboot, add the following nested class to the App class. The
thread sleeps for five seconds and then sets the lastReboot reported property:
protected static class RebootDeviceThread implements Runnable {
public void run() {
try {
System.out.println("Rebooting...");
Thread.sleep(5000);
Property property = new Property("lastReboot", LocalDateTime.now());
Set<Property> properties = new HashSet<Property>();
properties.add(property);
client.sendReportedProperties(properties);
System.out.println("Rebooted");
}
catch (Exception ex) {
System.out.println("Exception in reboot thread: " + ex.getMessage());
}
}
}
14. To implement the direct method on the device, add the following nested class to the App class. When the
simulated app receives a call to the reboot direct method, it returns an acknowledgment to the caller and
then starts a thread to process the reboot:
15. Modify the signature of the main method to throw the following exceptions:
16. To instantiate a DeviceClient, replace the code in the main method with the following code:
17. To start listening for direct method calls, add the following code to the main method:
try
{
client.open();
client.subscribeToDeviceMethod(new DirectMethodCallback(), null, new DirectMethodStatusCallback(),
null);
client.startDeviceTwin(new DeviceTwinStatusCallback(), null, new PropertyCallback(), null);
System.out.println("Subscribed to direct methods and polling for reported properties. Waiting...");
}
catch (Exception e)
{
System.out.println("On exception, shutting down \n" + " Cause: " + e.getCause() + " \n" +
e.getMessage());
client.close();
System.out.println("Shutting down...");
}
18. To shut down the device simulator, add the following code to the main method:
2. At a command prompt in the trigger-reboot folder, run the following command to call the reboot method
on your simulated device from your IoT hub:
mvn exec:java -Dexec.mainClass="com.mycompany.app.App"
Next steps
In this tutorial, you used a direct method to trigger a remote reboot on a device. You used the reported properties
to report the last reboot time from the device, and queried the device twin to discover the last reboot time of the
device from the cloud.
To continue getting started with IoT Hub and device management patterns such as remote over the air firmware
update, see How to do a firmware update.
To learn how to extend your IoT solution and schedule method calls on multiple devices, see Schedule and
broadcast jobs.
Get started with device management (Python)
11/27/2019 • 11 minutes to read • Edit Online
Back-end apps can use Azure IoT Hub primitives, such as device twin and direct methods, to remotely start and
monitor device management actions on devices. This tutorial shows you how a back-end app and a device app can
work together to initiate and monitor a remote device reboot using IoT Hub.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Use a direct method to initiate device management actions (such as reboot, factory reset, and firmware update)
from a back-end app in the cloud. The device is responsible for:
Handling the method request sent from IoT Hub.
Initiating the corresponding device-specific action on the device.
Providing status updates through reported properties to IoT Hub.
You can use a back-end app in the cloud to run device twin queries to report on the progress of your device
management actions.
This tutorial shows you how to:
Use the Azure portal to create an IoT Hub and create a device identity in your IoT hub.
Create a simulated device app that contains a direct method that reboots that device. Direct methods are
invoked from the cloud.
Create a Python console app that calls the reboot direct method in the simulated device app through your
IoT hub.
At the end of this tutorial, you have two Python console apps:
dmpatterns_getstarted_device.py, which connects to your IoT hub with the device identity created
earlier, receives a reboot direct method, simulates a physical reboot, and reports the time for the last reboot.
dmpatterns_getstarted_service.py, which calls a direct method in the simulated device app, displays the
response, and displays the updated reported properties.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Javascript, and Python) through
Azure IoT device SDKs. For instructions on how to use Python to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Python SDK.
Prerequisites
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
Python 2.x or 3.x. Make sure to use the 32-bit or 64-bit installation as required by your setup. When
prompted during the installation, make sure to add Python to your platform-specific environment variable.
If you are using Python 2.x, you may need to install or upgrade pip, the Python package management
system.
If needed, install the azure-iot-device package, using the command pip install azure-iot-device
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
3. Create a new device identity called myDeviceId and retrieve the device connection string with these
commands:
az iot hub device-identity create --device-id myDeviceId --hub-name {Your IoT Hub name}
az iot hub device-identity show-connection-string --device-id myDeviceId --hub-name {Your IoT Hub name}
-o table
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
Make a note of the device connection string from the result. This device connection string is used by the device
app to connect to your IoT Hub as a device.
2. Using a text editor, create a file named dmpatterns_getstarted_device.py in your working directory.
3. Add the following import statements at the start of the dmpatterns_getstarted_device.py file.
import threading
import time
import datetime
from azure.iot.device import IoTHubDeviceClient, MethodResponse
4. Add the CONNECTION_STRING variable. Replace the {deviceConnectionString} placeholder value with
your device connection string. You copied this connection string previously in Register a new device in the
IoT hub.
CONNECTION_STRING = "{deviceConnectionString}"
5. Add the following function callbacks to implement the direct method on the device.
def reboot_listener(client):
while True:
# Receive the direct method request
method_request = client.receive_method_request("rebootDevice") # blocking call
def iothub_client_init():
client = IoTHubDeviceClient.create_from_connection_string(CONNECTION_STRING)
return client
def iothub_client_sample_run():
try:
client = iothub_client_init()
while True:
time.sleep(1000)
except KeyboardInterrupt:
print ( "IoTHubDeviceClient sample stopped" )
if __name__ == '__main__':
print ( "Starting the IoT Hub Python sample..." )
print ( "IoTHubDeviceClient waiting for commands, press Ctrl-C to exit" )
iothub_client_sample_run()
NOTE
To keep things simple, this tutorial does not implement any retry policy. In production code, you should implement retry
policies (such as an exponential backoff), as suggested in the article, Transient Fault Handling.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
NOTE
The pip package for azure-iothub-service-client is currently available only for Windows OS. For Linux/Mac OS, please
refer to the Linux and Mac OS-specific sections on the Prepare your development environment for Python post.
2. Using a text editor, create a file named dmpatterns_getstarted_service.py in your working directory.
3. Add the following import statements at the start of the dmpatterns_getstarted_service.py file.
4. Add the following variable declarations. Replace the {IoTHubConnectionString} placeholder value with the
IoT hub connection string you copied previously in Get the IoT hub connection string. Replace the
{deviceId} placeholder value with the device ID you registered in Register a new device in the IoT hub.
CONNECTION_STRING = "{IoTHubConnectionString}"
DEVICE_ID = "{deviceId}"
METHOD_NAME = "rebootDevice"
METHOD_PAYLOAD = "{\"method_number\":\"42\"}"
TIMEOUT = 60
WAIT_COUNT = 10
5. Add the following function to invoke the device method to reboot the target device, then query for the
device twins and get the last reboot time.
def iothub_devicemethod_sample_run():
try:
iothub_twin_method = IoTHubDeviceTwin(CONNECTION_STRING)
iothub_device_method = IoTHubDeviceMethod(CONNECTION_STRING)
print ( "" )
print ( "Invoking device to reboot..." )
print ( "" )
print ( "Successfully invoked the device to reboot." )
print ( "" )
print ( response.payload )
while True:
print ( "" )
print ( "IoTHubClient waiting for commands, press Ctrl-C to exit" )
status_counter = 0
while status_counter <= WAIT_COUNT:
twin_info = iothub_twin_method.get_twin(DEVICE_ID)
if twin_info.find("rebootTime") != -1:
print ( "Last reboot time: " +
twin_info[twin_info.find("rebootTime")+11:twin_info.find("rebootTime")+37])
else:
print ("Waiting for device to report last reboot time...")
time.sleep(5)
status_counter += 1
if __name__ == '__main__':
print ( "Starting the IoT Hub Service Client DeviceManagement Python sample..." )
print ( " Connection string = {0}".format(CONNECTION_STRING) )
print ( " Device ID = {0}".format(DEVICE_ID) )
iothub_devicemethod_sample_run()
python dmpatterns_getstarted_device.py
2. At another command prompt, run the following command to trigger the remote reboot and query for the
device twin to find the last reboot time.
python dmpatterns_getstarted_service.py
3. You see the device response to the direct method in the console.
The following shows the device response to the reboot direct method:
The following shows the service calling the reboot direct method and polling the device twin for status:
Next steps
In this tutorial, you used a direct method to trigger a remote reboot on a device. You used the reported properties
to report the last reboot time from the device, and queried the device twin to discover the last reboot time of the
device from the cloud.
To continue getting started with IoT Hub and device management patterns such as remote over the air firmware
update, see How to do a firmware update.
To learn how to extend your IoT solution and schedule method calls on multiple devices, see Schedule and
broadcast jobs.
Schedule and broadcast jobs (Node.js)
8/29/2019 • 10 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that enables a back-end app to create and track jobs that schedule and
update millions of devices. Jobs can be used for the following actions:
Update desired properties
Update tags
Invoke direct methods
Conceptually, a job wraps one of these actions and tracks the progress of execution against a set of devices,
which is defined by a device twin query. For example, a back-end app can use a job to invoke a reboot method on
10,000 devices, specified by a device twin query and scheduled at a future time. That application can then track
progress as each of those devices receive and execute the reboot method.
Learn more about each of these capabilities in these articles:
Device twin and properties: Get started with device twins and Tutorial: How to use device twin properties
Direct methods: IoT Hub developer guide - direct methods and Tutorial: direct methods
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Prerequisites
Node.js version 10.0.x or later. Prepare your development environment describes how to install Node.js for
this tutorial on either Windows or Linux.
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
3. Create a new device identity called myDeviceId and retrieve the device connection string with these
commands:
az iot hub device-identity create --device-id myDeviceId --hub-name {Your IoT Hub name}
az iot hub device-identity show-connection-string --device-id myDeviceId --hub-name {Your IoT Hub
name} -o table
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
Make a note of the device connection string from the result. This device connection string is used by the device
app to connect to your IoT Hub as a device.
npm init
2. At your command prompt in the simDevice folder, run the following command to install the azure-iot-
device Device SDK package and azure-iot-device-mqtt package:
3. Using a text editor, create a new simDevice.js file in the simDevice folder.
4. Add the following 'require' statements at the start of the simDevice.js file:
'use strict';
5. Add a connectionString variable and use it to create a Client instance. Replace the
{yourDeviceConnectionString} placeholder value with the device connection string you copied previously.
console.log('Locking Door!');
};
7. Add the following code to register the handler for the lockDoor method.
client.open(function(err) {
if (err) {
console.error('Could not connect to IotHub client.');
} else {
console.log('Client connected to IoT Hub. Register handler for lockDoor direct method.');
client.onDeviceMethod('lockDoor', onLockDoor);
}
});
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Schedule jobs for calling a direct method and updating a device twin's
properties
In this section, you create a Node.js console app that initiates a remote lockDoor on a device using a direct
method and update the device twin's properties.
1. Create a new empty folder called scheduleJobService. In the scheduleJobService folder, create a
package.json file using the following command at your command prompt. Accept all the defaults:
npm init
2. At your command prompt in the scheduleJobService folder, run the following command to install the
azure-iothub Device SDK package and azure-iot-device-mqtt package:
npm install azure-iothub uuid --save
3. Using a text editor, create a new scheduleJobService.js file in the scheduleJobService folder.
4. Add the following 'require' statements at the start of the scheduleJobService.js file:
'use strict';
5. Add the following variable declarations. Replace the {iothubconnectionstring} placeholder value with the
value you copied in Get the IoT hub connection string. If you registered a device different than
myDeviceId, be sure to change it in the query condition.
6. Add the following function that is used to monitor the execution of the job:
7. Add the following code to schedule the job that calls the device method:
var methodParams = {
methodName: 'lockDoor',
payload: null,
responseTimeoutInSeconds: 15 // Timeout after 15 seconds if device is unable to process method
};
8. Add the following code to schedule the job to update the device twin:
var twinPatch = {
etag: '*',
properties: {
desired: {
building: '43',
floor: 3
}
}
};
node simDevice.js
2. At the command prompt in the scheduleJobService folder, run the following command to trigger the
jobs to lock the door and update the twin
node scheduleJobService.js
3. You see the device response to the direct method and the job status in the console.
The following shows the device response to the direct method:
The following shows the service scheduling jobs for the direct method and device twin update, and the
jobs running to completion:
Next steps
In this tutorial, you used a job to schedule a direct method to a device and the update of the device twin's
properties.
To continue getting started with IoT Hub and device management patterns such as remote over the air firmware
update, see Tutorial: How to do a firmware update.
To continue getting started with IoT Hub, see Getting started with Azure IoT Edge.
Schedule and broadcast jobs (.NET)
8/29/2019 • 10 minutes to read • Edit Online
Use Azure IoT Hub to schedule and track jobs that update millions of devices. Use jobs to:
Update desired properties
Update tags
Invoke direct methods
A job wraps one of these actions and tracks the execution against a set of devices that is defined by a device twin
query. For example, a back-end app can use a job to invoke a direct method on 10,000 devices that reboots the
devices. You specify the set of devices with a device twin query and schedule the job to run at a future time. The
job tracks progress as each of the devices receive and execute the reboot direct method.
To learn more about each of these capabilities, see:
Device twin and properties: Get started with device twins and Tutorial: How to use device twin properties
Direct methods: IoT Hub developer guide - direct methods and Tutorial: Use direct methods
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Prerequisites
Visual Studio.
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This action
creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
3. In Solution Explorer, right-click the SimulateDeviceMethods project, and then select Manage NuGet
Packages.
4. In NuGet Package Manager, select Browse and search for and choose
Microsoft.Azure.Devices.Client. Select Install.
This step downloads, installs, and adds a reference to the Azure IoT device SDK NuGet package and its
dependencies.
5. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices.Client;
using Microsoft.Azure.Devices.Shared;
using Newtonsoft.Json;
6. Add the following fields to the Program class. Replace the placeholder value with the device connection
string that you noted in the previous section:
7. Add the following code to implement the direct method on the device:
8. Add the following method to implement the device twins listener on the device:
9. Finally, add the following code to the Main method to open the connection to your IoT hub and initialize
the method listener:
try
{
Console.WriteLine("Connecting to hub");
Client = DeviceClient.CreateFromConnectionString(DeviceConnectionString,
TransportType.Mqtt);
Console.WriteLine("Waiting for direct method call and device twin update\n Press enter to exit.");
Console.ReadLine();
Console.WriteLine("Exiting...");
NOTE
To keep things simple, this tutorial does not implement any retry policies. In production code, you should implement retry
policies (such as connection retry), as suggested in Transient fault handling.
Schedule jobs for calling a direct method and sending device twin
updates
In this section, you create a .NET console app (using C#) that uses jobs to call the LockDoor direct method and
send desired property updates to multiple devices.
1. In Visual Studio, select File > New > Project. In Create a new project, choose Console App (.NET
Framework), and then select Next.
2. In Configure your new project, name the project ScheduleJob. For Solution, choose Add to solution,
and then select Create.
3. In Solution Explorer, right-click the ScheduleJob project, and then select Manage NuGet Packages.
4. In the NuGet Package Manager, select Browse, search for and choose Microsoft.Azure.Devices, then
select Install.
This step downloads, installs, and adds a reference to the Azure IoT service SDK NuGet package and its
dependencies.
5. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices;
using Microsoft.Azure.Devices.Shared;
6. Add the following using statement if not already present in the default statements.
using System.Threading;
using System.Threading.Tasks;
7. Add the following fields to the Program class. Replace the placeholders with the IoT Hub connection string
that you copied previously in Get the IoT hub connection string and the name of your device.
twin.Properties.Desired["LocationUpdate"] = DateTime.UtcNow;
NOTE
For more information about query syntax, see IoT Hub query language.
jobClient = JobClient.CreateFromConnectionString(connString);
StartMethodJob(methodJobId);
MonitorJob(methodJobId).Wait();
Console.WriteLine("Press ENTER to run the next job.");
Console.ReadLine();
StartTwinUpdateJob(twinUpdateJobId);
MonitorJob(twinUpdateJobId).Wait();
Console.WriteLine("Press ENTER to exit.");
Console.ReadLine();
Use Azure IoT Hub to schedule and track jobs that update millions of devices. Use jobs to:
Update desired properties
Update tags
Invoke direct methods
A job wraps one of these actions and tracks the execution against a set of devices. A device twin query defines the
set of devices the job executes against. For example, a back-end app can use a job to invoke a direct method on
10,000 devices that reboots the devices. You specify the set of devices with a device twin query and schedule the
job to run at a future time. The job tracks progress as each of the devices receive and execute the reboot direct
method.
To learn more about each of these capabilities, see:
Device twin and properties: Get started with device twins
Direct methods: IoT Hub developer guide - direct methods and Tutorial: Use direct methods
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
NOTE
The article Azure IoT SDKs provides information about the Azure IoT SDKs that you can use to build both device and back-
end apps.
Prerequisites
Java SE Development Kit 8. Make sure you select Java 8 under Long-term support to get to downloads
for JDK 8.
Maven 3
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This
action creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
You can also use the IoT extension for Azure CLI tool to add a device to your IoT hub.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-service-client</artifactId>
<version>1.17.1</version>
<type>jar</type>
</dependency>
NOTE
You can check for the latest version of iot-service-client using Maven search.
5. Add the following build node after the dependencies node. This configuration instructs Maven to use
Java 1.8 to build the app:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
import com.microsoft.azure.sdk.iot.service.devicetwin.DeviceTwinDevice;
import com.microsoft.azure.sdk.iot.service.devicetwin.Pair;
import com.microsoft.azure.sdk.iot.service.devicetwin.Query;
import com.microsoft.azure.sdk.iot.service.devicetwin.SqlQuery;
import com.microsoft.azure.sdk.iot.service.jobs.JobClient;
import com.microsoft.azure.sdk.iot.service.jobs.JobResult;
import com.microsoft.azure.sdk.iot.service.jobs.JobStatus;
import java.util.Date;
import java.time.Instant;
import java.util.HashSet;
import java.util.Set;
import java.util.UUID;
9. Add the following class-level variables to the App class. Replace {youriothubconnectionstring} with your
IoT hub connection string that you copied previously in Get the IoT hub connection string:
10. Add the following method to the App class to schedule a job to update the Building and Floor desired
properties in the device twin:
11. To schedule a job to call the lockDoor method, add the following method to the App class:
12. To monitor a job, add the following method to the App class:
private static void monitorJob(JobClient jobClient, String jobId) {
try {
JobResult jobResult = jobClient.getJob(jobId);
if(jobResult == null)
{
System.out.println("No JobResult for: " + jobId);
return;
}
// Check the job result until it's completed
while(jobResult.getJobStatus() != JobStatus.completed)
{
Thread.sleep(100);
jobResult = jobClient.getJob(jobId);
System.out.println("Status " + jobResult.getJobStatus() + " for job " + jobId);
}
System.out.println("Final status " + jobResult.getJobStatus() + " for job " + jobId);
} catch (Exception e) {
System.out.println("Exception monitoring job: " + jobId);
System.out.println(e.getMessage());
return;
}
}
13. To query for the details of the jobs you ran, add the following method:
14. Update the main method signature to include the following throws clause:
15. To run and monitor two jobs sequentially, replace the code in the main method with the following code:
// Record the start time
String start = Instant.now().toString();
// Create JobClient
JobClient jobClient = JobClient.createFromConnectionString(iotHubConnectionString);
System.out.println("JobClient created with success");
<dependency>
<groupId>com.microsoft.azure.sdk.iot</groupId>
<artifactId>iot-device-client</artifactId>
<version>1.17.5</version>
</dependency>
NOTE
You can check for the latest version of iot-device-client using Maven search.
4. Add the following dependency to the dependencies node. This dependency configures a NOP for the
Apache SLF4J logging facade, which is used by the device client SDK to implement logging. This
configuration is optional, but if you omit it, you may see a warning in the console when you run the app.
For more information about logging in the device client SDK, see Loggingin the Samples for the Azure IoT
device SDK for Java readme file.
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-nop</artifactId>
<version>1.7.28</version>
</dependency>
5. Add the following build node after the dependencies node. This configuration instructs Maven to use
Java 1.8 to build the app:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
import com.microsoft.azure.sdk.iot.device.*;
import com.microsoft.azure.sdk.iot.device.DeviceTwin.*;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Scanner;
9. Add the following class-level variables to the App class. Replace {yourdeviceconnectionstring} with the
device connection string you copied previously in the Register a new device in the IoT hub section:
This sample app uses the protocol variable when it instantiates a DeviceClient object.
10. To print device twin notifications to the console, add the following nested class to the App class:
// Handler for device twin operation notifications from IoT Hub
protected static class DeviceTwinStatusCallBack implements IotHubEventCallback {
public void execute(IotHubStatusCode status, Object context) {
System.out.println("IoT Hub responded to device twin operation with status " + status.name());
}
}
11. To print direct method notifications to the console, add the following nested class to the App class:
12. To handle direct method calls from IoT Hub, add the following nested class to the App class:
13. Update the main method signature to include the following throws clause:
14. Replace the code in the main method with the following code to:
Create a device client to communicate with IoT Hub.
Create a Device object to store the device twin properties.
// Create a device client
DeviceClient client = new DeviceClient(connString, protocol);
15. To start the device client services, add the following code to the main method:
try {
// Open the DeviceClient
// Start the device twin services
// Subscribe to direct method calls
client.open();
client.startDeviceTwin(new DeviceTwinStatusCallBack(), null, dataCollector, null);
client.subscribeToDeviceMethod(new DirectMethodCallback(), null, new DirectMethodStatusCallback(),
null);
} catch (Exception e) {
System.out.println("Exception, shutting down \n" + " Cause: " + e.getCause() + " \n" +
e.getMessage());
dataCollector.clean();
client.closeNow();
System.out.println("Shutting down...");
}
16. To wait for the user to press the Enter key before shutting down, add the following code to the end of the
main method:
3. The device app handles the desired property change and the direct method call:
Next steps
In this tutorial, you used a job to schedule a direct method to a device and the update of the device twin's
properties.
Use the following resources to learn how to:
Send telemetry from devices with the Get started with IoT Hub tutorial.
Control devices interactively (such as turning on a fan from a user-controlled app) with the Use direct
methods tutorial.s
Schedule and broadcast jobs (Python)
11/27/2019 • 11 minutes to read • Edit Online
Azure IoT Hub is a fully managed service that enables a back-end app to create and track jobs that schedule and
update millions of devices. Jobs can be used for the following actions:
Update desired properties
Update tags
Invoke direct methods
Conceptually, a job wraps one of these actions and tracks the progress of execution against a set of devices, which
is defined by a device twin query. For example, a back-end app can use a job to invoke a reboot method on 10,000
devices, specified by a device twin query and scheduled at a future time. That application can then track progress
as each of those devices receive and execute the reboot method.
Learn more about each of these capabilities in these articles:
Device twin and properties: Get started with device twins and Tutorial: How to use device twin properties
Direct methods: IoT Hub developer guide - direct methods and Tutorial: direct methods
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
NOTE
The Azure IoT SDK for Python does not directly support Jobs functionality. Instead this tutorial offers an alternate solution
utilizing asynchronous threads and timers. For further updates, see the Service Client SDK feature list on the Azure IoT
SDK for Python page.
NOTE
IoT Hub has SDK support for many device platforms and languages (including C, Java, Javascript, and Python) through
Azure IoT device SDKs. For instructions on how to use Python to connect your device to this tutorial's code, and generally to
Azure IoT Hub, see the Azure IoT Python SDK.
Prerequisites
An active Azure account. (If you don't have an account, you can create a free account in just a couple of
minutes.)
Python 2.x or 3.x. Make sure to use the 32-bit or 64-bit installation as required by your setup. When
prompted during the installation, make sure to add Python to your platform-specific environment variable.
If you are using Python 2.x, you may need to install or upgrade pip, the Python package management
system.
If needed, install the azure-iot-device package, using the command pip install azure-iot-device
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
2. Using a text editor, create a new simDevice.py file in your working directory.
3. Add the following import statements and variables at the start of the simDevice.py file. Replace
deviceConnectionString with the connection string of the device you created above:
import threading
import time
from azure.iot.device import IoTHubDeviceClient, MethodResponse
CONNECTION_STRING = "{deviceConnectionString}"
resp_status = 200
resp_payload = {"Response": "lockDoor called successfully"}
method_response = MethodResponse(method_request.request_id, resp_status, resp_payload)
client.send_method_response(method_response)
def twin_update_listener(client):
while True:
patch = client.receive_twin_desired_properties_patch() # blocking call
print ("")
print ("Twin desired properties patch received:")
print (patch)
6. Add the following code to register the handler for the lockDoor method. Also include the main routine:
def iothub_jobs_sample_run():
try:
client = IoTHubDeviceClient.create_from_connection_string(CONNECTION_STRING)
while True:
time.sleep(1000)
except KeyboardInterrupt:
print ( "IoTHubDeviceClient sample stopped" )
if __name__ == '__main__':
print ( "Starting the IoT Hub Python jobs sample..." )
print ( "IoTHubDeviceClient waiting for commands, press Ctrl-C to exit" )
iothub_jobs_sample_run()
NOTE
To keep things simple, this tutorial does not implement any retry policy. In production code, you should implement retry
policies (such as an exponential backoff), as suggested in the article, Transient Fault Handling.
5. Back on the Shared access policies pane, select your new policy from the list of policies.
6. Under Shared access keys, select the copy icon for the Connection string -- primary key and save the
value.
For more information about IoT Hub shared access policies and permissions, see Access control and permissions.
Schedule jobs for calling a direct method and updating a device twin's
properties
In this section, you create a Python console app that initiates a remote lockDoor on a device using a direct
method and update the device twin's properties.
1. At your command prompt, run the following command to install the azure-iot-service-client package:
NOTE
The pip package for azure-iothub-service-client is currently available only for Windows OS. For Linux/Mac OS, please
refer to the Linux and Mac OS-specific sections on the Prepare your development environment for Python post.
2. Using a text editor, create a new scheduleJobService.py file in your working directory.
3. Add the following import statements and variables at the start of the scheduleJobService.py file.
Replace the {IoTHubConnectionString} placeholder with the IoT hub connection string you copied
previously in Get the IoT hub connection string. Replace the {deviceId} placeholder with the device ID you
registered in Register a new device in the IoT hub:
import sys
import time
import threading
import uuid
import iothub_service_client
from iothub_service_client import IoTHubRegistryManager, IoTHubRegistryManagerAuthMethod
from iothub_service_client import IoTHubDeviceTwin, IoTHubDeviceMethod, IoTHubError
CONNECTION_STRING = "{IoTHubConnectionString}"
DEVICE_ID = "{deviceId}"
METHOD_NAME = "lockDoor"
METHOD_PAYLOAD = "{\"lockTime\":\"10m\"}"
UPDATE_JSON = "{\"properties\":{\"desired\":{\"building\":43,\"floor\":3}}}"
TIMEOUT = 60
WAIT_COUNT = 5
def query_condition(device_id):
iothub_registry_manager = IoTHubRegistryManager(CONNECTION_STRING)
number_of_devices = 10
dev_list = iothub_registry_manager.get_device_list(number_of_devices)
5. Add the following methods to run the jobs that call the direct method and device twin:
if query_condition(device_id):
iothub_device_method = IoTHubDeviceMethod(CONNECTION_STRING)
print ( "" )
print ( "Direct method " + METHOD_NAME + " called." )
if query_condition(device_id):
iothub_twin_method = IoTHubDeviceTwin(CONNECTION_STRING)
print ( "" )
print ( "Device twin updated." )
6. Add the following code to schedule the jobs and update job status. Also include the main routine:
def iothub_jobs_sample_run():
try:
method_thr_id = uuid.uuid4()
method_thr = threading.Thread(target=device_method_job, args=(method_thr_id, DEVICE_ID, 20,
TIMEOUT), kwargs={})
method_thr.start()
print ( "" )
print ( "Direct method called with Job Id: " + str(method_thr_id) )
twin_thr_id = uuid.uuid4()
twin_thr = threading.Thread(target=device_twin_job, args=(twin_thr_id, DEVICE_ID, 10, TIMEOUT),
kwargs={})
twin_thr.start()
print ( "" )
print ( "Device twin called with Job Id: " + str(twin_thr_id) )
while True:
print ( "" )
if method_thr.is_alive():
print ( "...job " + str(method_thr_id) + " still running." )
else:
print ( "...job " + str(method_thr_id) + " complete." )
if twin_thr.is_alive():
print ( "...job " + str(twin_thr_id) + " still running." )
else:
print ( "...job " + str(twin_thr_id) + " complete." )
status_counter = 0
while status_counter <= WAIT_COUNT:
time.sleep(1)
status_counter += 1
if __name__ == '__main__':
print ( "Starting the IoT Hub jobs Python sample..." )
print ( " Connection string = {0}".format(CONNECTION_STRING) )
print ( " Device ID = {0}".format(DEVICE_ID) )
iothub_jobs_sample_run()
python simDevice.py
2. At another command prompt in your working directory, run the following command to trigger the jobs to
lock the door and update the twin:
python scheduleJobService.py
3. You see the device responses to the direct method and device twins update in the console.
Next steps
In this tutorial, you used a job to schedule a direct method to a device and the update of the device twin's
properties.
To continue getting started with IoT Hub and device management patterns such as remote over the air firmware
update, see How to do a firmware update.
Create an IoT hub using the Azure portal
6/27/2019 • 6 minutes to read • Edit Online
This article describes how to create and manage IoT hubs using the Azure portal.
To use the steps in this tutorial, you need an Azure subscription. If you don't have an Azure subscription, create a
free account before you begin.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
Name your hub. The name must be unique within the list of routes for that hub.
For Endpoint, you can select one from the dropdown list, or add a new one. In this example, a storage account
and container are already available. To add them as an endpoint, click +Add next to the Endpoint dropdown and
select Blob Storage. The following screen shows where the storage account and container are specified.
Click Pick a container to select the storage account and container. When you have selected those fields, it
returns to the Endpoint pane. Use the defaults for the rest of the fields and Create to create the endpoint for the
storage account and add it to the routing rules.
For Data source, select Device Telemetry Messages.
Next, add a routing query. In this example, the messages that have an application property called level with a
value equal to critical are routed to the storage account.
Click Save to save the routing rule. You return to the Message Routing pane, and your new routing rule is
displayed.
Custom endpoints
Click the Custom endpoints tab. You see any custom endpoints already created. From here, you can add new
endpoints or delete existing endpoints.
NOTE
If you delete a route, it does not delete the endpoints assigned to that route. To delete an endpoint, click the Custom
endpoints tab, select the endpoint you want to delete, and click Delete.
You can read more about custom endpoints in Reference - IoT hub endpoints.
You can define up to 10 custom endpoints for an IoT hub.
To see a full example of how to use custom endpoints with routing, see Message routing with IoT Hub.
Next steps
Follow these links to learn more about managing Azure IoT Hub:
Message routing with IoT Hub
IoT Hub metrics
Operations monitoring
Create an IoT hub using the Azure IoT Tools for
Visual Studio Code
11/8/2019 • 2 minutes to read • Edit Online
This article shows you how to use the Azure IoT Tools for Visual Studio Code to create an Azure IoT hub.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will
continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install Azure
PowerShell.
3. Click on the ... in the Azure IoT Hub Devices section header. If you don't see the ellipsis, hover over the
header.
4. Choose Create IoT Hub.
5. A pop-up will show in the bottom right corner to let you sign in to Azure for the first time.
6. Select Azure subscription.
7. Select resource group.
8. Select location.
9. Select pricing tier.
10. Enter a globally unique name for your IoT Hub.
11. Wait a few minutes until the IoT Hub is created.
Next steps
Now you have deployed an IoT hub using the Azure IoT Tools for Visual Studio Code. To explore further, check
out the following articles:
Use the Azure IoT Tools for Visual Studio Code to send and receive messages between your device and an
IoT Hub.
Use the Azure IoT Tools for Visual Studio Code for Azure IoT Hub device management
See the Azure IoT Hub Toolkit wiki page.
Create an IoT hub using the New-AzIotHub cmdlet
11/8/2019 • 3 minutes to read • Edit Online
Introduction
You can use Azure PowerShell cmdlets to create and manage Azure IoT hubs. This tutorial shows you how to
create an IoT hub with PowerShell.
To complete this how -to, you need an Azure subscription. If you don't have an Azure subscription, create a free
account before you begin.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will
continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install Azure
PowerShell.
OPTION EXAMPLE/LINK
New-AzIotHub `
-ResourceGroupName MyIoTRG1 `
-Name MyTestIoTHub `
-SkuName S1 -Units 1 `
-Location "East US"
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or personally
identifiable information when you name it.
You can list all the IoT hubs in your subscription using the Get-AzIotHub command:
Get-AzIotHub
This example shows the S1 Standard IoT Hub you created in the previous step.
You can delete the IoT hub using the Remove-AzIotHub command:
Remove-AzIotHub `
-ResourceGroupName MyIoTRG1 `
-Name MyTestIoTHub
Alternatively, you can remove a resource group and all the resources it contains using the Remove-
AzResourceGroup command:
This article shows you how to create an IoT hub using Azure CLI.
Prerequisites
To complete this how -to, you need an Azure subscription. If you don't have an Azure subscription, create a free
account before you begin.
OPTION EXAMPLE/LINK
az login
Follow the instructions to authenticate using the code and sign in to your Azure account through a web browser.
Create an IoT Hub
Use the Azure CLI to create a resource group and then add an IoT hub.
1. When you create an IoT hub, you must create it in a resource group. Either use an existing resource group,
or run the following command to create a resource group:
TIP
The previous example creates the resource group in the West US location. You can view a list of available locations
by running this command:
2. Run the following command to create an IoT hub in your resource group, using a globally unique name for
your IoT hub:
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
The previous command creates an IoT hub in the S1 pricing tier for which you are billed. For more information,
see Azure IoT Hub pricing.
To delete a resource group and all its resources, run the following command:
Next steps
To learn more about using an IoT hub, see the following articles:
IoT Hub developer guide
Using the Azure portal to manage IoT Hub
Create an IoT hub using the resource provider REST
API (.NET)
12/23/2019 • 7 minutes to read • Edit Online
You can use the IoT Hub resource provider REST API to create and manage Azure IoT hubs programmatically.
This tutorial shows you how to use the IoT Hub resource provider REST API to create an IoT hub from a C#
program.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will
continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install Azure
PowerShell.
Connect-AzAccount
2. If you have multiple Azure subscriptions, signing in to Azure grants you access to all the Azure
subscriptions associated with your credentials. Use the following command to list the Azure subscriptions
available for you to use:
Get-AzSubscription
Use the following command to select subscription that you want to use to run the commands to manage
your IoT hub. You can use either the subscription name or ID from the output of the previous command:
Select-AzSubscription `
-SubscriptionName "{your subscription name}"
3. Make a note of your TenantId and SubscriptionId. You need them later.
4. Create a new Azure Active Directory application using the following command, replacing the place holders:
{Display name}: a display name for your application such as MySampleApp
{Home page URL }: the URL of the home page of your app such as http://mysampleapp/home.
This URL does not need to point to a real application.
{Application identifier}: A unique identifier such as http://mysampleapp. This URL does not
need to point to a real application.
{Password}: A password that you use to authenticate with your app.
5. Make a note of the ApplicationId of the application you created. You need this later.
6. Create a new service principal using the following command, replacing {MyApplicationId} with the
ApplicationId from the previous step:
7. Set up a role assignment using the following command, replacing {MyApplicationId} with your
ApplicationId.
You have now finished creating the Azure AD application that enables you to authenticate from your custom C#
application. You need the following values later in this tutorial:
TenantId
SubscriptionId
ApplicationId
Password
6. In Program.cs, add the following static variables replacing the placeholder values. You made a note of
ApplicationId, SubscriptionId, TenantId, and Password earlier in this tutorial. Resource group name
is the name of the resource group you use when you create the IoT hub. You can use a pre-existing or a
new resource group. IoT Hub name is the name of the IoT Hub you create, such as MyIoTHub. The
name of your IoT hub must be globally unique. Deployment name is a name for the deployment, such as
Deployment_01.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
if (token == null)
{
Console.WriteLine("Failed to obtain the token");
return;
}
2. Create a ResourceManagementClient object that uses the token by adding the following code to the end
of the Main method:
var creds = new TokenCredentials(token.AccessToken);
var client = new ResourceManagementClient(creds);
client.SubscriptionId = subscriptionId;
3. Create, or obtain a reference to, the resource group you are using:
2. Add the following code to the CreateIoTHub method. This code creates an HttpClient object with the
authentication token in the headers:
3. Add the following code to the CreateIoTHub method. This code describes the IoT hub to create and
generates a JSON representation. For the current list of locations that support IoT Hub see Azure Status:
4. Add the following code to the CreateIoTHub method. This code submits the REST request to Azure. The
code then checks the response and retrieves the URL you can use to monitor the state of the deployment
task:
var content = new StringContent(JsonConvert.SerializeObject(description), Encoding.UTF8,
"application/json");
var requestUri =
string.Format("https://management.azure.com/subscriptions/{0}/resourcegroups/{1}/providers/Microsoft.de
vices/IotHubs/{2}?api-version=2016-02-03", subscriptionId, rgName, iotHubName);
var result = client.PutAsync(requestUri, content).Result;
if (!result.IsSuccessStatusCode)
{
Console.WriteLine("Failed {0}", result.Content.ReadAsStringAsync().Result);
return;
}
5. Add the following code to the end of the CreateIoTHub method. This code uses the asyncStatusUri
address retrieved in the previous step to wait for the deployment to complete:
string body;
do
{
Thread.Sleep(10000);
HttpResponseMessage deploymentstatus = client.GetAsync(asyncStatusUri).Result;
body = deploymentstatus.Content.ReadAsStringAsync().Result;
} while (body == "{\"status\":\"Running\"}");
6. Add the following code to the end of the CreateIoTHub method. This code retrieves the keys of the IoT
hub you created and prints them to the console:
var listKeysUri =
string.Format("https://management.azure.com/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.De
vices/IotHubs/{2}/IoTHubKeys/listkeys?api-version=2016-02-03", subscriptionId, rgName, iotHubName);
var keysresults = client.PostAsync(listKeysUri, null).Result;
CreateIoTHub(token.AccessToken);
Console.ReadLine();
Next steps
Now you have deployed an IoT hub using the resource provider REST API, you may want to explore further:
Read about the capabilities of the IoT Hub resource provider REST API.
Read Azure Resource Manager overview to learn more about the capabilities of Azure Resource Manager.
To learn more about developing for IoT Hub, see the following articles:
Introduction to C SDK
Azure IoT SDKs
To further explore the capabilities of IoT Hub, see:
Deploying AI to edge devices with Azure IoT Edge
Create an IoT hub using Azure Resource Manager
template (PowerShell)
12/23/2019 • 2 minutes to read • Edit Online
Learn how to use an Azure Resource Manager template to create an IoT Hub and a consumer group. Resource
Manager templates are JSON files that define the resources you need to deploy for your solution. For more
information about developing Resource Manager templates, see Azure Resource Manager documentation.
If you don't have an Azure subscription, create a free account before you begin.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"iotHubName": {
"type": "string",
"minLength": 3,
"metadata": {
"description": "Specifies the name of the IoT Hub."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"skuName": {
"type": "string",
"defaultValue": "F1",
"metadata": {
"description": "Specifies the IotHub SKU."
}
},
"capacityUnits": {
"type": "int",
"minValue": 1,
"maxValue": 1,
"defaultValue": 1,
"metadata": {
"description": "Specifies the number of provisioned IoT Hub units. Restricted to 1 unit for the F1
SKU. Can be set up to maximum number allowed for subscription."
}
}
},
"variables": {
"consumerGroupName": "[concat(parameters('iotHubName'), '/events/cg1')]"
},
"resources": [
{
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
"events": {
"retentionTimeInDays": 1,
"partitionCount": 2
}
},
"cloudToDevice": {
"defaultTtlAsIso8601": "PT1H",
"maxDeliveryCount": 10,
"feedback": {
"ttlAsIso8601": "PT1H",
"lockDurationAsIso8601": "PT60S",
"maxDeliveryCount": 10
}
},
"messagingEndpoints": {
"fileNotifications": {
"ttlAsIso8601": "PT1H",
"lockDurationAsIso8601": "PT1M",
"maxDeliveryCount": 10
}
}
},
"sku": {
"name": "[parameters('skuName')]",
"capacity": "[parameters('capacityUnits')]"
}
},
{
"type": "Microsoft.Devices/iotHubs/eventhubEndpoints/ConsumerGroups",
"apiVersion": "2018-04-01",
"name": "[variables('consumerGroupName')]",
"dependsOn": [
"[resourceId('Microsoft.Devices/IotHubs', parameters('iotHubName'))]"
]
}
]
}
The template creates an Azure Iot hub with three endpoints (eventhub, cloud-to-device, and messaging), and a
consumer group. For more template samples, see Azure Quickstart templates. The Iot Hub template schema can
be found here.
There are several methods for deploying a template. You use Azure PowerShell in this tutorial.
To run the PowerShell script, Select Try it to open the Azure Cloud shell. To paste the script, right-click the shell,
and then select Paste:
As you can see from the PowerShell script, the template used is from Azure Quickstart templates. To use your
own, you need to first upload the template file to the Cloud shell, and then use the -TemplateFile switch to
specify the file name. For an example, see Deploy the template.
Next steps
Now you have deployed an IoT hub by using an Azure Resource Manager template, you may want to explore
further:
Read about the capabilities of the IoT Hub resource provider REST API.
Read Azure Resource Manager overview to learn more about the capabilities of Azure Resource Manager.
For the JSON syntax and properties to use in templates, see Microsoft.Devices resource types.
To learn more about developing for IoT Hub, see the following articles:
Introduction to C SDK
Azure IoT SDKs
To further explore the capabilities of IoT Hub, see:
Deploying AI to edge devices with Azure IoT Edge
Create an IoT hub using Azure Resource Manager
template (.NET)
12/23/2019 • 8 minutes to read • Edit Online
You can use Azure Resource Manager to create and manage Azure IoT hubs programmatically. This tutorial
shows you how to use an Azure Resource Manager template to create an IoT hub from a C# program.
NOTE
Azure has two different deployment models for creating and working with resources: Azure Resource Manager and classic.
This article covers using the Azure Resource Manager deployment model.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will
continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install
Azure PowerShell.
Connect-AzAccount
2. If you have multiple Azure subscriptions, signing in to Azure grants you access to all the Azure
subscriptions associated with your credentials. Use the following command to list the Azure subscriptions
available for you to use:
Get-AzSubscription
Use the following command to select subscription that you want to use to run the commands to manage
your IoT hub. You can use either the subscription name or ID from the output of the previous command:
Select-AzSubscription `
-SubscriptionName "{your subscription name}"
3. Make a note of your TenantId and SubscriptionId. You need them later.
4. Create a new Azure Active Directory application using the following command, replacing the place
holders:
{Display name}: a display name for your application such as MySampleApp
{Home page URL }: the URL of the home page of your app such as http://mysampleapp/home.
This URL does not need to point to a real application.
{Application identifier}: A unique identifier such as http://mysampleapp. This URL does not
need to point to a real application.
{Password}: A password that you use to authenticate with your app.
5. Make a note of the ApplicationId of the application you created. You need this later.
6. Create a new service principal using the following command, replacing {MyApplicationId} with the
ApplicationId from the previous step:
7. Set up a role assignment using the following command, replacing {MyApplicationId} with your
ApplicationId.
You have now finished creating the Azure AD application that enables you to authenticate from your custom C#
application. You need the following values later in this tutorial:
TenantId
SubscriptionId
ApplicationId
Password
using System;
using Microsoft.Azure.Management.ResourceManager;
using Microsoft.Azure.Management.ResourceManager.Models;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using Microsoft.Rest;
6. In Program.cs, add the following static variables replacing the placeholder values. You made a note of
ApplicationId, SubscriptionId, TenantId, and Password earlier in this tutorial. Your Azure Storage
account name is the name of the Azure Storage account where you store your Azure Resource Manager
template files. Resource group name is the name of the resource group you use when you create the IoT
hub. The name can be a pre-existing or new resource group. Deployment name is a name for the
deployment, such as Deployment_01.
if (token == null)
{
Console.WriteLine("Failed to obtain the token");
return;
}
2. Create a ResourceManagementClient object that uses the token by adding the following code to the
end of the Main method:
3. Create, or obtain a reference to, the resource group you are using:
var rgResponse = client.ResourceGroups.CreateOrUpdate(rgName,
new ResourceGroup("East US"));
if (rgResponse.Properties.ProvisioningState != "Succeeded")
{
Console.WriteLine("Problem creating resource group");
return;
}
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"hubName": {
"type": "string"
}
},
"resources": [
{
"apiVersion": "2016-02-03",
"type": "Microsoft.Devices/IotHubs",
"name": "[parameters('hubName')]",
"location": "East US",
"sku": {
"name": "S1",
"tier": "Standard",
"capacity": 1
},
"properties": {
"location": "East US"
}
}
],
"outputs": {
"hubKeys": {
"value": "[listKeys(resourceId('Microsoft.Devices/IotHubs', parameters('hubName')), '2016-02-
03')]",
"type": "object"
}
}
}
3. In Solution Explorer, right-click on your project, click Add, and then click New Item. Add a JSON file
called parameters.json to your project.
4. Replace the contents of parameters.json with the following parameter information that sets a name for
the new IoT hub such as {your initials}mynewiothub. The IoT hub name must be globally unique so it
should include your name or initials:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"hubName": { "value": "mynewiothub" }
}
}
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. In Server Explorer, connect to your Azure subscription, and in your Azure Storage account create a
container called templates. In the Properties panel, set the Public Read Access permissions for the
templates container to Blob.
6. In Server Explorer, right-click on the templates container and then click View Blob Container. Click
the Upload Blob button, select the two files, parameters.json and templates.json, and then click Open
to upload the JSON files to the templates container. The URLs of the blobs containing the JSON data are:
8. Add the following code to the CreateIoTHub method to submit the template and parameter files to the
Azure Resource Manager:
9. Add the following code to the CreateIoTHub method that displays the status and the keys for the new
IoT hub:
string state = createResponse.Properties.ProvisioningState;
Console.WriteLine("Deployment state: {0}", state);
if (state != "Succeeded")
{
Console.WriteLine("Failed to create iothub");
}
Console.WriteLine(createResponse.Properties.Outputs);
CreateIoTHub(client);
Console.ReadLine();
NOTE
This example application adds an S1 Standard IoT Hub for which you are billed. You can delete the IoT hub through the
Azure portal or by using the Remove-AzResource PowerShell cmdlet when you are finished.
Next steps
Now you have deployed an IoT hub using an Azure Resource Manager template with a C# program, you may
want to explore further:
Read about the capabilities of the IoT Hub resource provider REST API.
Read Azure Resource Manager overview to learn more about the capabilities of Azure Resource Manager.
For the JSON syntax and properties to use in templates, see Microsoft.Devices resource types.
To learn more about developing for IoT Hub, see the following articles:
Introduction to C SDK
Azure IoT SDKs
To further explore the capabilities of IoT Hub, see:
Deploying AI to edge devices with Azure IoT Edge
Configure IoT Hub file uploads using the Azure
portal
4/4/2019 • 2 minutes to read • Edit Online
File upload
To use the file upload functionality in IoT Hub, you must first associate an Azure Storage account with your hub.
Select File upload to display a list of file upload properties for the IoT hub that is being modified.
Storage container: Use the Azure portal to select a blob container in an Azure Storage account in your
current Azure subscription to associate with your IoT Hub. If necessary, you can create an Azure Storage
account on the Storage accounts blade and blob container on the Containers blade. IoT Hub
automatically generates SAS URIs with write permissions to this blob container for devices to use when
they upload files.
Receive notifications for uploaded files: Enable or disable file upload notifications via the toggle.
SAS TTL: This setting is the time-to-live of the SAS URIs returned to the device by IoT Hub. Set to one
hour by default but can be customized to other values using the slider.
File notification settings default TTL: The time-to-live of a file upload notification before it is expired.
Set to one day by default but can be customized to other values using the slider.
File notification maximum delivery count: The number of times the IoT Hub attempts to deliver a file
upload notification. Set to 10 by default but can be customized to other values using the slider.
Next steps
For more information about the file upload capabilities of IoT Hub, see Upload files from a device in the IoT Hub
developer guide.
Follow these links to learn more about managing Azure IoT Hub:
Bulk manage IoT devices
IoT Hub metrics
Operations monitoring
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
Secure your IoT solution from the ground up
Configure IoT Hub file uploads using PowerShell
4/4/2019 • 3 minutes to read • Edit Online
To use the file upload functionality in IoT Hub, you must first associate an Azure storage account with your IoT
hub. You can use an existing storage account or create a new one.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will
continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install Azure
PowerShell.
Connect-AzAccount
2. If you have multiple Azure subscriptions, signing in to Azure grants you access to all the Azure
subscriptions associated with your credentials. Use the following command to list the Azure subscriptions
available for you to use:
Get-AzSubscription
Use the following command to select the subscription that you want to use to run the commands to
manage your IoT hub. You can use either the subscription name or ID from the output of the previous
command:
Select-AzSubscription `
-SubscriptionName "{your subscription name}"
Get-AzStorageAccountKey `
-Name {your storage account name} `
-ResourceGroupName {your storage account resource group}
Make a note of the key1 storage account key value. You need it in the following steps.
You can either use an existing blob container for your file uploads or create new one:
To list the existing blob containers in your storage account, use the following commands:
$ctx = New-AzStorageContext `
-StorageAccountName {your storage account name} `
-StorageAccountKey {your storage account key}
Get-AzStorageContainer -Context $ctx
To create a blob container in your storage account, use the following commands:
$ctx = New-AzStorageContext `
-StorageAccountName {your storage account name} `
-StorageAccountKey {your storage account key}
New-AzStorageContainer `
-Name {your new container name} `
-Permission Off `
-Context $ctx
Next steps
For more information about the file upload capabilities of IoT Hub, see Upload files from a device.
Follow these links to learn more about managing Azure IoT Hub:
Bulk manage IoT devices
IoT Hub metrics
Operations monitoring
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
Secure your IoT solution from the ground up
Configure IoT Hub file uploads using Azure CLI
4/4/2019 • 4 minutes to read • Edit Online
To upload files from a device, you must first associate an Azure Storage account with your IoT hub. You can use an
existing storage account or create a new one.
To complete this tutorial, you need the following:
An active Azure account. If you don't have an account, you can create a free account in just a couple of
minutes.
Azure CLI.
An Azure IoT hub. If you don't have an IoT hub, you can use the az iot hub create command to create one
or Create an IoT hub using the portal.
An Azure Storage account. If you don't have an Azure Storage account, you can use the Azure CLI -
Manage storage accounts to create one or use the portal to Create a storage account.
az login
Follow the instructions to authenticate using the code and sign in to your Azure account through a web
browser.
2. If you have multiple Azure subscriptions, signing in to Azure grants you access to all the Azure accounts
associated with your credentials. Use the following command to list the Azure accounts available for you to
use:
az account list
Use the following command to select the subscription that you want to use to run the commands to create
your IoT hub. You can use either the subscription name or ID from the output of the previous command:
Make a note of the connectionString value. You need it in the following steps.
You can either use an existing blob container for your file uploads or create a new one:
To list the existing blob containers in your storage account, use the following command:
To create a blob container in your storage account, use the following command:
File upload
You can now configure your IoT hub to enable the ability to upload files to the IoT hub using your storage account
details.
The configuration requires the following values:
Storage container: A blob container in an Azure storage account in your current Azure subscription to
associate with your IoT hub. You retrieved the necessary storage account information in the preceding
section. IoT Hub automatically generates SAS URIs with write permissions to this blob container for
devices to use when they upload files.
Receive notifications for uploaded files: Enable or disable file upload notifications.
SAS TTL: This setting is the time-to-live of the SAS URIs returned to the device by IoT Hub. Set to one
hour by default.
File notification settings default TTL: The time-to-live of a file upload notification before it is expired.
Set to one day by default.
File notification maximum delivery count: The number of times the IoT Hub attempts to deliver a file
upload notification. Set to 10 by default.
Use the following Azure CLI commands to configure the file upload settings on your IoT hub:
In a bash shell, use:
az iot hub update --name {your iot hub name} \
--set properties.storageEndpoints.'$default'.connectionString="{your storage account connection string}"
You can review the file upload configuration on your IoT hub using the following command:
Next steps
For more information about the file upload capabilities of IoT Hub, see Upload files from a device.
Follow these links to learn more about managing Azure IoT Hub:
Bulk manage IoT devices
IoT Hub metrics
Operations monitoring
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
Secure your IoT solution from the ground up
Understand IoT Hub metrics
12/20/2019 • 8 minutes to read • Edit Online
IoT Hub metrics give you better data about the state of the Azure IoT resources in your Azure subscription. IoT
Hub metrics enable you to assess the overall health of the IoT Hub service and the devices connected to it.
User-facing statistics are important because they help you see what is going on with your IoT hub and help
root-cause issues without needing to contact Azure support.
Metrics are enabled by default. You can view IoT Hub metrics from the Azure portal.
NOTE
You can use IoT Hub metrics to view information about IoT Plug and Play devices connected to your IoT Hub. IoT Plug
and Play devices are part of the IoT Plug and Play public preview.
3. From the metrics blade, you can view the metrics for your IoT hub and create custom views of your
metrics.
4. You can choose to send your metrics data to an Event Hubs endpoint or an Azure Storage account by
clicking Diagnostics settings, then Add diagnostic setting
d2c.twin.read.fail Failed twin reads Count Total The count of all None
ure from devices failed device-
initiated twin
reads.
c2d.twin.read.fail Failed twin reads Count Total The count of all None
ure from back end failed back-end-
initiated twin
reads.
jobs.listJobs.failur Failed calls to list Count Total The count of all None
e jobs failed calls to list
jobs.
Next steps
Now that you’ve seen an overview of IoT Hub metrics, follow this link to learn more about managing Azure IoT
Hub:
Operations monitoring
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
Monitor the health of Azure IoT Hub and diagnose
problems quickly
11/12/2019 • 11 minutes to read • Edit Online
Businesses that implement Azure IoT Hub expect reliable performance from their resources. To help you
maintain a close watch on your operations, IoT Hub is fully integrated with Azure Monitor and Azure Resource
Health. These two services work to provide you with the data you need to keep your IoT solutions up and
running in a healthy state.
Azure Monitor is a single source of monitoring and logging for all your Azure services. You can send the
diagnostic logs that Azure Monitor generates to Azure Monitor logs, Event Hubs, or Azure Storage for custom
processing. Azure Monitor's metrics and diagnostics settings give you visibility into the performance of your
resources. Continue reading this article to learn how to Use Azure Monitor with your IoT hub.
IMPORTANT
The events emitted by the IoT Hub service using Azure Monitor diagnostic logs are not guaranteed to be reliable or
ordered. Some events might be lost or delivered out of order. Diagnostic logs also aren't meant to be real-time, and it may
take several minutes for events to be logged to your choice of destination.
Azure Resource Health helps you diagnose and get support when an Azure issue impacts your resources. A
dashboard provides current and past health status for each of your IoT hubs. Continue to the section at the
bottom of this article to learn how to Use Azure Resource Health with your IoT hub.
IoT Hub also provides its own metrics that you can use to understand the state of your IoT resources. To learn
more, see Understand IoT Hub metrics.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which
will continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install
Azure PowerShell.
Connect-AzAccount
Select-AzSubscription -SubscriptionName <subscription that includes your IoT Hub>
Set-AzDiagnosticSetting -ResourceId <your resource Id> -ServiceBusRuleId <your service bus rule Id> -Enabled
$true
New settings take effect in about 10 minutes. After that, logs appear in the configured archival target on the
Diagnostics settings blade. For more information about configuring diagnostics, see Collect and consume log
data from your azure resources.
Understand the logs
Azure Monitor tracks different operations that occur in IoT Hub. Each category has a schema that defines how
events in that category are reported.
Connections
The connections category tracks device connect and disconnect events from an IoT hub as well as errors. This
category is useful for identifying unauthorized connection attempts and or alerting when you lose connection to
devices.
NOTE
For reliable connection status of devices check Device heartbeat.
{
"records":
[
{
"time": " UTC timestamp",
"resourceId": "Resource Id",
"operationName": "deviceConnect",
"category": "Connections",
"level": "Information",
"properties": "{\"deviceId\":\"<deviceId>\",\"protocol\":\"<protocol>\",\"authType\":\"
{\\\"scope\\\":\\\"device\\\",\\\"type\\\":\\\"sas\\\",\\\"issuer\\\":\\\"iothub\\\",\\\"acceptingIpFilterRul
e\\\":null}\",\"maskedIpAddress\":\"<maskedIpAddress>\"}",
"location": "Resource location"
}
]
}
Cloud-to-device commands
The cloud-to-device commands category tracks errors that occur at the IoT hub and are related to the cloud-to-
device message pipeline. This category includes errors that occur from:
Sending cloud-to-device messages (like unauthorized sender errors),
Receiving cloud-to-device messages (like delivery count exceeded errors), and
Receiving cloud-to-device message feedback (like feedback expired errors).
This category does not catch errors when the cloud-to-device message is delivered successfully but then
improperly handled by the device.
{
"records":
[
{
"time": " UTC timestamp",
"resourceId": "Resource Id",
"operationName": "messageExpired",
"category": "C2DCommands",
"level": "Error",
"resultType": "Event status",
"resultDescription": "MessageDescription",
"properties": "{\"deviceId\":\"<deviceId>\",\"messageId\":\"
<messageId>\",\"messageSizeInBytes\":\"<messageSize>\",\"protocol\":\"Amqp\",\"deliveryAcknowledgement\":\"
<None, NegativeOnly, PositiveOnly, Full>\",\"deliveryCount\":\"0\",\"expiryTime\":\"
<timestamp>\",\"timeInSystem\":\"<timeInSystem>\",\"ttl\":<ttl>, \"EventProcessedUtcTime\":\"<UTC
timestamp>\",\"EventEnqueuedUtcTime\":\"<UTC timestamp>\", \"maskedIpAddress\": \"<maskedIpAddress>\",
\"statusCode\": \"4XX\"}",
"location": "Resource location"
}
]
}
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "get",
"category": "DeviceIdentityOperations",
"level": "Error",
"resultType": "Event status",
"resultDescription": "MessageDescription",
"properties": "{\"maskedIpAddress\":\"<maskedIpAddress>\",\"deviceId\":\"<deviceId>\",
\"statusCode\":\"4XX\"}",
"location": "Resource location"
}
]
}
Routes
The message routing category tracks errors that occur during message route evaluation and endpoint health as
perceived by IoT Hub. This category includes events such as:
A rule evaluates to "undefined",
IoT Hub marks an endpoint as dead, or
Any errors received from an endpoint.
This category does not include specific errors about the messages themselves (like device throttling errors),
which are reported under the "device telemetry" category.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "endpointUnhealthy",
"category": "Routes",
"level": "Error",
"properties": "{\"deviceId\": \"<deviceId>\",\"endpointName\":\"<endpointName>\",\"messageId\":
<messageId>,\"details\":\"<errorDetails>\",\"routeName\": \"<routeName>\"}",
"location": "Resource location"
}
]
}
Device telemetry
The device telemetry category tracks errors that occur at the IoT hub and are related to the telemetry pipeline.
This category includes errors that occur when sending telemetry events (such as throttling) and receiving
telemetry events (such as unauthorized reader). This category cannot catch errors caused by code running on the
device itself.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "ingress",
"category": "DeviceTelemetry",
"level": "Error",
"resultType": "Event status",
"resultDescription": "MessageDescription",
"properties": "{\"deviceId\":\"<deviceId>\",\"batching\":\"0\",\"messageSizeInBytes\":\"
<messageSizeInBytes>\",\"EventProcessedUtcTime\":\"<UTC timestamp>\",\"EventEnqueuedUtcTime\":\"<UTC
timestamp>\",\"partitionId\":\"1\"}",
"location": "Resource location"
}
]
}
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "read",
"category": "C2DTwinOperations",
"level": "Information",
"durationMs": "1",
"properties": "{\"deviceId\":\"<deviceId>\",\"sdkVersion\":\"<sdkVersion>\",\"messageSize\":\"
<messageSize>\"}",
"location": "Resource location"
}
]
}
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "update",
"category": "D2CTwinOperations",
"level": "Information",
"durationMs": "1",
"properties": "{\"deviceId\":\"<deviceId>\",\"protocol\":\"<protocol>\",\"authenticationType\":\"
{\\\"scope\\\":\\\"device\\\",\\\"type\\\":\\\"sas\\\",\\\"issuer\\\":\\\"iothub\\\",\\\"acceptingIpFilterRul
e\\\":null}\"}",
"location": "Resource location"
}
]
}
Twin queries
The twin queries category reports on query requests for device twins that are initiated in the cloud.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "query",
"category": "TwinQueries",
"level": "Information",
"durationMs": "1",
"properties": "{\"query\":\"<twin query>\",\"sdkVersion\":\"<sdkVersion>\",\"messageSize\":\"
<messageSize>\",\"pageSize\":\"<pageSize>\", \"continuation\":\"<true, false>\", \"resultSize\":\"
<resultSize>\"}",
"location": "Resource location"
}
]
}
Jobs operations
The jobs operations category reports on job requests to update device twins or invoke direct methods on
multiple devices. These requests are initiated in the cloud.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "jobCompleted",
"category": "JobsOperations",
"level": "Information",
"durationMs": "1",
"properties": "{\"jobId\":\"<jobId>\", \"sdkVersion\": \"<sdkVersion>\",\"messageSize\":
<messageSize>,\"filter\":\"DeviceId IN ['1414ded9-b445-414d-89b9-
e48e8c6285d5']\",\"startTimeUtc\":\"Wednesday, September 13, 2017\",\"duration\":\"0\"}",
"location": "Resource location"
}
]
}
Direct Methods
The direct methods category tracks request-response interactions sent to individual devices. These requests are
initiated in the cloud.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "send",
"category": "DirectMethods",
"level": "Information",
"durationMs": "1",
"properties": "{\"deviceId\":<messageSize>, \"RequestSize\": 1, \"ResponseSize\": 1,
\"sdkVersion\": \"2017-07-11\"}",
"location": "Resource location"
}
]
}
I o T H u b D 2 C (d e v i c e - t o - c l o u d ) l o g s
IoT Hub records this log when a message containing valid trace properties arrives at IoT Hub.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "DiagnosticIoTHubD2C",
"category": "DistributedTracing",
"correlationId": "00-8cd869a412459a25f5b4f31311223344-0144d2590aacd909-01",
"level": "Information",
"resultType": "Success",
"resultDescription":"Receive message success",
"durationMs": "",
"properties": "{\"messageSize\": 1, \"deviceId\":\"<deviceId>\", \"callerLocalTimeUtc\": :
\"2017-02-22T03:27:28.633Z\", \"calleeLocalTimeUtc\": \"2017-02-22T03:27:28.687Z\"}",
"location": "Resource location"
}
]
}
Here, durationMs is not calculated as IoT Hub's clock might not be in sync with the device clock, and thus a
duration calculation can be misleading. We recommend writing logic using the timestamps in the properties
section to capture spikes in device-to-cloud latency.
I o T H u b i n g r e ss l o g s
IoT Hub records this log when message containing valid trace properties writes to internal or built-in Event Hub.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "DiagnosticIoTHubIngress",
"category": "DistributedTracing",
"correlationId": "00-8cd869a412459a25f5b4f31311223344-349810a9bbd28730-01",
"level": "Information",
"resultType": "Success",
"resultDescription":"Ingress message success",
"durationMs": "10",
"properties": "{\"isRoutingEnabled\": \"true\", \"parentSpanId\":\"0144d2590aacd909\"}",
"location": "Resource location"
}
]
}
In the properties section, this log contains additional information about message ingress.
I o T H u b e g r e ss l o g s
IoT Hub records this log when routing is enabled and the message is written to an endpoint. If routing is not
enabled, IoT Hub doesn't record this log.
{
"records":
[
{
"time": "UTC timestamp",
"resourceId": "Resource Id",
"operationName": "DiagnosticIoTHubEgress",
"category": "DistributedTracing",
"correlationId": "00-8cd869a412459a25f5b4f31311223344-98ac3578922acd26-01",
"level": "Information",
"resultType": "Success",
"resultDescription":"Egress message success",
"durationMs": "10",
"properties": "{\"endpointType\": \"EventHub\", \"endpointName\": \"myEventHub\",
\"parentSpanId\":\"349810a9bbd28730\"}",
"location": "Resource location"
}
]
}
In the properties section, this log contains additional information about message ingress.
Configurations
IoT Hub configuration logs tracks events and error for the Automatic Device Management feature set.
{
"records":
[
{
"time": "2019-09-24T17:21:52Z",
"resourceId": "Resource Id",
"operationName": "ReadManyConfigurations",
"category": "Configurations",
"resultType": "",
"resultDescription": "",
"level": "Information",
"durationMs": "17",
"properties": "{\"configurationId\":\"\",\"sdkVersion\":\"2018-06-
30\",\"messageSize\":\"0\",\"statusCode\":null}",
"location": "southcentralus"
}
]
}
Next steps
Understand IoT Hub metrics
IoT remote monitoring and notifications with Azure Logic Apps connecting your IoT hub and mailbox
Set up X.509 security in your Azure IoT hub
12/11/2019 • 6 minutes to read • Edit Online
This tutorial shows the steps you need to secure your Azure IoT hub using the X.509 Certificate Authentication.
For the purpose of illustration, we use the open-source tool OpenSSL to create certificates locally on your
Windows machine. We recommend that you use this tutorial for test purposes only. For production environment,
you should purchase the certificates from a root certificate authority (CA ).
Prerequisites
This tutorial requires that you have the following resources ready:
You have created an IoT hub with your Azure subscription. See Create an IoT hub through portal for
detailed steps.
You have Visual Studio 2017 or Visual Studio 2019 installed.
This step downloads, installs, and adds a reference to the Azure IoT device SDK NuGet package and its
dependencies.
5. Add the following using statements at the top of the Program.cs file:
using Microsoft.Azure.Devices.Client;
using Microsoft.Azure.Devices.Shared;
using System.Security.Cryptography.X509Certificates;
Use the friendly device name you used in the preceding section in place of <your_device_id>.
7. Add the following function to create random numbers for temperature and humidity and send these values
to the hub:
await deviceClient.SendEventAsync(eventMessage);
}
}
8. Finally, add the following lines of code to the Main function, replacing the placeholders device-id, your-iot-
hub -name, and absolute-path-to -your-device-pfx-file as required by your setup.
try
{
var cert = new X509Certificate2(@"<absolute-path-to-your-device-pfx-file>", "1234");
var auth = new DeviceAuthenticationWithX509Certificate("<device-id>", cert);
var deviceClient = DeviceClient.Create("<your-iot-hub-name>.azure-devices.net", auth,
TransportType.Amqp_Tcp_Only);
if (deviceClient == null)
{
Console.WriteLine("Failed to create DeviceClient!");
}
else
{
Console.WriteLine("Successfully created DeviceClient!");
SendEvent(deviceClient).Wait();
}
Console.WriteLine("Exiting...\n");
}
catch (Exception ex)
{
Console.WriteLine("Error in sample: {0}", ex.Message);
}
This code connects to your IoT hub by creating the connection string for your X.509 device. Once
successfully connected, it then sends temperature and humidity events to the hub, and waits for its
response.
9. Run the app. Because this application accesses a .pfx file, you may need to run this app as an administrator.
a. Build the Visual Studio solution.
b. Open a new Command Prompt window by using Run as administrator.
c. Navigate to the folder that contains your solution, then navigate to the bin/Debug path within the
solution folder.
d. Run the application SimulateX509Device.exe from the command prompt.
You should see your device successfully connecting to the hub and sending the events.
Next steps
To learn more about securing your IoT solution, see:
IoT Security Best Practices
IoT Security Architecture
Secure your IoT deployment
To further explore the capabilities of IoT Hub, see:
Deploying AI to edge devices with Azure IoT Edge
How to upgrade your IoT hub
4/15/2019 • 2 minutes to read • Edit Online
As your IoT solution grows, Azure IoT Hub is ready to help you scale up. Azure IoT Hub offers two tiers, basic (B )
and standard (S ), to accommodate customers that want to use different features. Within each tier are three sizes
(1, 2, and 3) that determine the number of messages that can be sent each day.
When you have more devices and need more capabilities, there are three ways to adjust your IoT hub to suit your
needs:
Add units within the IoT hub. For example, each additional unit in a B1 IoT hub allows for an additional
400,000 messages per day.
Change the size of the IoT hub. For example, migrate from the B1 tier to the B2 tier to increase the number
of messages that each unit can support per day.
Upgrade to a higher tier. For example, upgrade from the B1 tier to the S1 tier for access to advanced
features with the same messaging capacity.
These changes can all occur without interrupting existing operations.
If you want to downgrade your IoT hub, you can remove units and reduce the size of the IoT hub but you cannot
downgrade to a lower tier. For example, you can move from the S2 tier to the S1 tier, but not from the S2 tier to
the B1 tier. Only one type of Iot Hub edition within a tier can be chosen per IoT Hub. For example, you can create
an IoT Hub with multiple units of S1, but not with a mix of units from different editions, such as S1 and B3, or S1
and S2.
These examples are meant to help you understand how to adjust your IoT hub as your solution changes. For
specific information about each tier's capabilities, you should always refer to Azure IoT Hub pricing.
4. To change the number of units in your hub, enter a new value under IoT Hub units.
5. Select Save to save your changes.
Your IoT hub is now adjusted, and your configurations are unchanged.
The maximum partition limit for basic tier IoT Hub and standard tier IoT Hub is 32. Most IoT Hubs only need 4
partitions. The partition limit is chosen when IoT Hub is created, and relates the device-to-cloud messages to the
number of simultaneous readers of these messages. This value remains unchanged when you migrate from basic
tier to standard tier.
Next steps
Get more details about How to choose the right IoT Hub tier.
Trace Azure IoT device-to-cloud messages with
distributed tracing (preview)
12/20/2019 • 11 minutes to read • Edit Online
Microsoft Azure IoT Hub currently supports distributed tracing as a preview feature.
IoT Hub is one of the first Azure services to support distributed tracing. As more Azure services support
distributed tracing, you'll be able trace IoT messages throughout the Azure services involved in your solution. For a
background on distributed tracing, see Distributed Tracing.
Enabling distributed tracing for IoT Hub gives you the ability to:
Precisely monitor the flow of each message through IoT Hub using trace context. This trace context includes
correlation IDs that allow you to correlate events from one component with events from another component. It
can be applied for a subset or all IoT device messages using device twin.
Automatically log the trace context to Azure Monitor diagnostic logs.
Measure and understand message flow and latency from devices to IoT Hub and routing endpoints.
Start considering how you want to implement distributed tracing for the non-Azure services in your IoT
solution.
In this article, you use the Azure IoT device SDK for C with distributed tracing. Distributed tracing support is still in
progress for the other SDKs.
Prerequisites
The preview of distributed tracing is currently only supported for IoT Hubs created in the following regions:
North Europe
Southeast Asia
West US 2
This article assumes that you're familiar with sending telemetry messages to your IoT hub. Make sure
you've completed the Send telemetry C Quickstart.
Register a device with your IoT hub (steps available in each Quickstart) and note down the connection
string.
Install the latest version of Git.
Set up device
In this section, you prepare a development environment for use with the Azure IoT C SDK. Then, you modify one
of samples to enable distributed tracing on your device's telemetry messages.
These instructions are for building the sample on Windows. For other environments, see Compile the C SDK or
Prepackaged C SDK for Platform Specific Development.
Clone the source code and initialize
1. Install "Desktop development with C++" workload for Visual Studio 2019. Visual Studio 2017 and 2015 are
also supported.
2. Install CMake. Make sure it is in your PATH by typing cmake -version from a command prompt.
3. Open a command prompt or Git Bash shell. Run the following commands to clone the latest release of the
Azure IoT C SDK GitHub repository:
mkdir cmake
cd cmake
cmake ..
If cmake can't find your C++ compiler, you might get build errors while running the above command. If that
happens, try running this command in the Visual Studio command prompt.
Once the build succeeds, the last few output lines will look similar to the following output:
$ cmake ..
-- Building for: Visual Studio 15 2017
-- Selecting Windows SDK version 10.0.16299.0 to target Windows 10.0.17134.
-- The C compiler identification is MSVC 19.12.25835.0
-- The CXX compiler identification is MSVC 19.12.25835.0
...
-- Configuring done
-- Generating done
-- Build files have been written to: E:/IoT Testing/azure-iot-sdk-c/cmake
Replace the value of the connectionString constant with the device connection string you made a note of in
the register a device section of the Send telemetry C Quickstart.
3. Change the MESSAGE_COUNT define to 5000 :
do
{
if (messages_sent < MESSAGE_COUNT)
IoTHubDeviceClient_LL_DoWork(device_ll_handle);
ThreadAPI_Sleep(1000);
} while (g_continueRunning);
cd iothub_client/samples/iothub_ll_telemetry_sample
cmake --build . --target iothub_ll_telemetry_sample --config Debug
2. Run the application. The device sends telemetry supporting distributed tracing.
Debug/iothub_ll_telemetry_sample.exe
3. Keep the app running. Optionally observe the message being sent to IoT Hub by looking at the console
window.
Workaround for third-party clients
It's not trivial to preview the distributed tracing feature without using the C SDK. Thus, this approach is not
recommended.
First, you must implement all the IoT Hub protocol primitives in your messages by following the dev guide Create
and read IoT Hub messages. Then, edit the protocol properties in the MQTT/AMQP messages to add tracestate
as system property. Specifically,
For MQTT, add %24.tracestate=timestamp%3d1539243209 to the message topic, where 1539243209 should be
replaced with the creation time of the message in the unix timestamp format. As an example, refer to the
implementation in the C SDK
For AMQP, add key("tracestate") and value("timestamp=1539243209") as message annotation. For a reference
implementation, see here.
To control the percentage of messages containing this property, implement logic to listen to cloud-initiated events
such as twin updates.
4. In the popup window, select Enable, then press Enter to confirm 100 as sampling rate.
{
"properties": {
"desired": {
"azureiot*com^dtracing^1": {
"sampling_mode": 1,
"sampling_rate": 100
}
}
}
}
To understand the different types of logs, see Azure IoT Hub diagnostic logs.
Application Map
To visualize the flow of IoT messages, set up the Application Map sample app. The sample app sends the
distributed tracing logs to Application Map using an Azure Function and an Event Hub.
G E T THE SA M P L E ON
G IT H U B
This image below shows distributed tracing in App Map with three routing endpoints:
Next steps
To learn more about the general distributed tracing pattern in microservices, see Microservice architecture
pattern: distributed tracing.
To set up configuration to apply distributed tracing settings to a large number of devices, see Configure and
monitor IoT devices at scale.
To learn more about Azure Monitor, see What is Azure Monitor?.
Use IP filters
7/23/2019 • 4 minutes to read • Edit Online
Security is an important aspect of any IoT solution based on Azure IoT Hub. Sometimes you need to explicitly
specify the IP addresses from which devices can connect as part of your security configuration. The IP filter feature
enables you to configure rules for rejecting or accepting traffic from specific IPv4 addresses.
When to use
There are two specific use-cases when it is useful to block the IoT Hub endpoints for certain IP addresses:
Your IoT hub should receive traffic only from a specified range of IP addresses and reject everything else.
For example, you are using your IoT hub with Azure Express Route to create private connections between
an IoT hub and your on-premises infrastructure.
You need to reject traffic from IP addresses that have been identified as suspicious by the IoT hub
administrator.
Default setting
By default, the IP Filter grid in the portal for an IoT hub is empty. This default setting means that your hub accepts
connections from any IP address. This default setting is equivalent to a rule that accepts the 0.0.0.0/0 IP address
range.
Provide a name for the IP Filter rule. This must be a unique, case-insensitive, alphanumeric string up to 128
characters long. Only the ASCII 7-bit alphanumeric characters plus
{'-', ':', '/', '\', '.', '+', '%', '_', '#', '*', '?', '!', '(', ')', ',', '=', '@', ';', '''} are
accepted.
Provide a single IPv4 address or a block of IP addresses in CIDR notation. For example, in CIDR notation
192.168.100.0/22 represents the 1024 IPv4 addresses from 192.168.100.0 to 192.168.103.255.
Select Allow or Block as the action for the IP filter rule.
After filling in the fields, select Save to save the rule. You see an alert notifying you that the update is in progress.
The Add option is disabled when you reach the maximum of 10 IP filter rules.
To edit an existing rule, select the data you want to change, make the change, then select Save to save your edit.
NOTE
Rejecting IP addresses can prevent other Azure Services (such as Azure Stream Analytics, Azure Virtual Machines, or the
Device Explorer in the portal) from interacting with the IoT hub.
WARNING
If you use Azure Stream Analytics (ASA) to read messages from an IoT hub with IP filtering enabled, use the Event Hub-
compatible name and endpoint of your IoT Hub in the ASA connection string.
This will return a JSON object where your existing IP filters are listed under the properties.ipFilterRules key:
{
...
"properties": {
"ipFilterRules": [
{
"action": "Reject",
"filterName": "MaliciousIP",
"ipMask": "6.6.6.6/6"
},
{
"action": "Allow",
"filterName": "GoodIP",
"ipMask": "131.107.160.200"
},
...
],
},
...
}
Note that <ipFilterIndexToRemove> must correspond to the ordering of IP filters in your IoT Hub's
properties.ipFilterRules .
Your IoT Hub's IP filters can be retrieved and set through Azure PowerShell.
# Get your IoT Hub resource using its name and its resource group name
$iothubResource = Get-AzResource -ResourceGroupName <resourceGroupNmae> -ResourceName <iotHubName> -
ExpandProperties
Next steps
To further explore the capabilities of IoT Hub, see:
Operations monitoring
IoT Hub metrics
Automatic IoT device and module management using
the Azure portal
12/17/2019 • 8 minutes to read • Edit Online
Automatic device management in Azure IoT Hub automates many of the repetitive and complex tasks of managing
large device fleets. With automatic device management, you can target a set of devices based on their properties,
define a desired configuration, and then let IoT Hub update the devices when they come into scope. This update is
done using an automatic device configuration or automatic module configuration, which lets you summarize
completion and compliance, handle merging and conflicts, and roll out configurations in a phased approach.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Automatic device management works by updating a set of device twins or module twins with desired properties
and reporting a summary that's based on twin reported properties. It introduces a new class and JSON document
called a Configuration that has three parts:
The target condition defines the scope of device twins or module twins to be updated. The target condition
is specified as a query on twin tags and/or reported properties.
The target content defines the desired properties to be added or updated in the targeted device twins or
module twins. The content includes a path to the section of desired properties to be changed.
The metrics define the summary counts of various configuration states such as Success, In Progress, and
Error. Custom metrics are specified as queries on twin reported properties. System metrics are the default
metrics that measure twin update status, such as the number of twins that are targeted and the number of
twins that have been successfully updated.
Automatic configurations run for the first time shortly after the configuration is created and then at five minute
intervals. Metrics queries run each time the automatic configuration runs.
Implement twins
Automatic device configurations require the use of device twins to synchronize state between the cloud and
devices. For more information, see Understand and use device twins in IoT Hub.
Automatic module configurations require the use of module twins to synchronize state between the cloud and
modules. For more information, see Understand and use module twins in IoT Hub.
Create a configuration
1. In the Azure portal, go to your IoT hub.
2. Select IoT device configuration.
3. Select Add device configuration or Add module configuration.
There are five steps to create a configuration. The following sections walk through each one.
Name and Label
1. Give your configuration a unique name that is up to 128 lowercase letters. Avoid spaces and the following
invalid characters: & ^ [ ] { } \ | " < > / .
2. Add labels to help track your configurations. Labels are Name, Value pairs that describe your configuration.
For example, HostPlatform, Linux or Version, 3.0.1 .
3. Select Next to move to the next step.
Specify Settings
This section defines the content to be set in targeted device or module twins. There are two inputs for each set of
settings. The first is the twin path, which is the path to the JSON section within the twin desired properties that will
be set. The second is the JSON content to be inserted in that section.
For example, you could set the twin path to properties.desired.chiller-water and then provide the following
JSON content:
{
"temperature": 66,
"pressure": 28
}
You can also set individual settings by specifying the entire twin path and providing the value with no brackets. For
example, with the twin path properties.desired.chiller-water.temperature , set the content to 66 . Then create a
new twin setting for the pressure property.
If two or more configurations target the same twin path, the content from the highest priority configuration will
apply (priority is defined in step 4).
If you wish to remove an existing property, specify the property value to null .
You can add additional settings by selecting Add Device Twin Setting or Add Module Twin Setting.
Specify Metrics (optional)
Metrics provide summary counts of the various states that a device or module may report back after applying
configuration content. For example, you may create a metric for pending settings changes, a metric for errors, and a
metric for successful settings changes.
Each configuration can have up to five custom metrics.
1. Enter a name for Metric Name.
2. Enter a query for Metric Criteria. The query is based on device twin reported properties. The metric
represents the number of rows returned by the query.
For example:
You can include a clause that the configuration was applied, for example:
/* Include the double brackets. */
SELECT deviceId FROM devices
WHERE configurations.[[yourconfigname]].status='Applied'
If you're building a metric to report on configured modules, select moduleId from devices.modules . For example:
Target Devices
Use the tags property from your twins to target the specific devices or modules that should receive this
configuration. You can also target twin reported properties.
Automatic device configurations can only target device twin tags, and automatic module configurations can only
target module twin tags.
Since multiple configurations may target the same device or module, each configuration needs a priority number. If
there's ever a conflict, the configuration with the highest priority wins.
1. Enter a positive integer for the configuration Priority. The highest numerical value is considered the highest
priority. If two configurations have the same priority number, the one that was created most recently wins.
2. Enter a Target condition to determine which devices or modules will be targeted with this configuration.
The condition is based on twin tags or twin reported properties and should match the expression format.
For automatic device configuration, you can specify just the tag or reported property to target. For example,
tags.environment='test' or properties.reported.chillerProperties.model='4000x' . You can specify * to
target all devices.
For automatic module configuration, use a query to specify tags or reported properties from the modules
registered to the IoT hub. For example, from devices.modules where tags.environment='test' or
from devices.modules where properties.reported.chillerProperties.model='4000x' . The wildcard cannot be
used to target all modules.
3. Select Next to move on to the final step.
Review Configuration
Review your configuration information, then select Submit.
Monitor a configuration
To view the details of a configuration and monitor the devices running it, use the following steps:
1. In the Azure portal, go to your IoT hub.
2. Select IoT device configuration.
3. Inspect the configuration list. For each configuration, you can view the following details:
ID - the name of the configuration.
Target condition - the query used to define targeted devices or modules.
Priority - the priority number assigned to the configuration.
Creation time - the timestamp from when the configuration was created. This timestamp is used to
break ties when two configurations have the same priority.
System metrics - metrics that are calculated by IoT Hub and cannot be customized by developers.
Targeted specifies the number of device twins that match the target condition. Applies specified the
number of device twins that have been modified by the configuration, which can include partial
modifications in the event that a separate, higher priority configuration also made changes.
Custom metrics - metrics that have been specified by the developer as queries against twin reported
properties. Up to five custom metrics can be defined per configuration.
4. Select the configuration that you want to monitor.
5. Inspect the configuration details. You can use tabs to view specific details about the devices that received the
configuration.
Target Condition - the devices or modules that match the target condition.
Metrics - a list of system metrics and custom metrics. You can view a list of devices or modules that
are counted for each metric by selecting the metric in the drop-down and then selecting View
Devices or View Modules.
Device Twin Settings or Module Twin Settings - the twin settings that are set by the
configuration.
Configuration Labels - key-value pairs used to describe a configuration. Labels have no impact on
functionality.
Modify a configuration
When you modify a configuration, the changes immediately replicate to all targeted devices or modules.
If you update the target condition, the following updates occur:
If a twin didn't meet the old target condition, but meets the new target condition and this configuration is the
highest priority for that twin, then this configuration is applied.
If a twin currently running this configuration no longer meets the target condition, the settings from the
configuration will be removed and the twin will be modified by the next highest priority configuration.
If a twin currently running this configuration no longer meets the target condition and doesn't meet the
target condition of any other configurations, then the settings from the configuration will be removed and
no other changes will be made on the twin.
To modify a configuration, use the following steps:
1. In the Azure portal, go to your IoT hub.
2. Select IoT device configuration.
3. Select the configuration that you want to modify.
4. Make updates to the following fields:
Target condition
Labels
Priority
Metrics
5. Select Save.
6. Follow the steps in Monitor a configuration to watch the changes roll out.
Delete a configuration
When you delete a configuration, any device twins take on their next highest priority configuration. If device twins
don't meet the target condition of any other configuration, then no other settings are applied.
1. In the Azure portal, go to your IoT hub.
2. Select IoT device configuration.
3. Use the checkbox to select the configuration that you want to delete.
4. Select Delete.
5. A prompt will ask you to confirm.
Next steps
In this article, you learned how to configure and monitor IoT devices at scale. Follow these links to learn more
about managing Azure IoT Hub:
Manage your IoT Hub device identities in bulk
IoT Hub metrics
Operations monitoring
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
To explore using the IoT Hub Device Provisioning Service to enable zero-touch, just-in-time provisioning, see:
Azure IoT Hub Device Provisioning Service
Automatic IoT device and module management using
the Azure CLI
12/17/2019 • 8 minutes to read • Edit Online
Automatic device management in Azure IoT Hub automates many of the repetitive and complex tasks of managing
large device fleets. With automatic device management, you can target a set of devices based on their properties,
define a desired configuration, and then let IoT Hub update the devices when they come into scope. This update is
done using an automatic device configuration or automatic module configuration, which lets you summarize
completion and compliance, handle merging and conflicts, and roll out configurations in a phased approach.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Automatic device management works by updating a set of device twins or module twins with desired properties
and reporting a summary that's based on twin reported properties. It introduces a new class and JSON document
called a Configuration that has three parts:
The target condition defines the scope of device twins or module twins to be updated. The target condition
is specified as a query on device twin tags and/or reported properties.
The target content defines the desired properties to be added or updated in the targeted device twins or
module twins. The content includes a path to the section of desired properties to be changed.
The metrics define the summary counts of various configuration states such as Success, In Progress, and
Error. Custom metrics are specified as queries on twin reported properties. System metrics are the default
metrics that measure twin update status, such as the number of twins that are targeted and the number of
twins that have been successfully updated.
Automatic configurations run for the first time shortly after the configuration is created and then at five minute
intervals. Metrics queries run each time the automatic configuration runs.
CLI prerequisites
An IoT hub in your Azure subscription.
Azure CLI in your environment. At a minimum, your Azure CLI version must be 2.0.24 or above. Use
az –-version to validate. This version supports az extension commands and introduces the Knack command
framework.
The IoT extension for Azure CLI.
Implement twins
Automatic device configurations require the use of device twins to synchronize state between the cloud and
devices. For more information, see Understand and use device twins in IoT Hub.
Automatic module configurations require the use of module twins to synchronize state between the cloud and
modules. For more information, see Understand and use module twins in IoT Hub.
Use tags to target twins
Before you create a configuration, you must specify which devices or modules you want to affect. Azure IoT Hub
identifies devices and using tags in the device twin, and identifies modules using tags in the module twin. Each
device or modules can have multiple tags, and you can define them any way that makes sense for your solution.
For example, if you manage devices in different locations, add the following tags to a device twin:
"tags": {
"location": {
"state": "Washington",
"city": "Tacoma"
}
},
{
"content": {
"deviceContent": {
"properties.desired.chillerWaterSettings": {
"temperature": 38,
"pressure": 78
}
}
}
Automatic module configurations behave very similarly, but you target moduleContent instead of deviceContent .
{
"content": {
"moduleContent": {
"properties.desired.chillerWaterSettings": {
"temperature": 38,
"pressure": 78
}
}
}
{
"queries": {
"Compliant": "select deviceId from devices where configurations.[[chillerdevicesettingswashington]].status
= 'Applied' AND properties.reported.chillerWaterSettings.status='current'",
"Error": "select deviceId from devices where configurations.[[chillerdevicesettingswashington]].status =
'Applied' AND properties.reported.chillerWaterSettings.status='error'",
"Pending": "select deviceId from devices where configurations.[[chillerdevicesettingswashington]].status =
'Applied' AND properties.reported.chillerWaterSettings.status='pending'"
}
}
Metric queries for modules are also similar to queries for devices, but you select for moduleId from
devices.modules . For example:
{
"queries": {
"Compliant": "select deviceId, moduleId from devices.module where configurations.
[[chillermodulesettingswashington]].status = 'Applied' AND
properties.reported.chillerWaterSettings.status='current'"
}
}
Create a configuration
You configure target devices by creating a configuration that consists of the target content and metrics.
Use the following command to create a configuration:
--config-id - The name of the configuration that will be created in the IoT hub. Give your configuration a
unique name that is up to 128 lowercase letters. Avoid spaces and the following invalid characters:
& ^ [ ] { } \ | " < > / .
--labels - Add labels to help track your configuration. Labels are Name, Value pairs that describe your
deployment. For example, HostPlatform, Linux or Version, 3.0.1
--content - Inline JSON or file path to the target content to be set as twin desired properties.
--hub-name - Name of the IoT hub in which the configuration will be created. The hub must be in the
current subscription. Switch to the desired subscription with the command
az account set -s [subscription name]
--target-condition - Enter a target condition to determine which devices or modules will be targeted with
this configuration. For automatic device configuration, the condition is based on device twin tags or device
twin desired properties and should match the expression format. For example, tags.environment='test' or
properties.desired.devicemodel='4000x' . For automatic module configuration, the condition is based on
module twin tags or module twin desired properties.. For example,
from devices.modules where tags.environment='test' or
from devices.modules where properties.reported.chillerProperties.model='4000x' .
--priority - A positive integer. In the event that two or more configurations are targeted at the same device
or module, the configuration with the highest numerical value for Priority will apply.
--metrics - Filepath to the metric queries. Metrics provide summary counts of the various states that a
device or module may report back after applying configuration content. For example, you may create a
metric for pending settings changes, a metric for errors, and a metric for successful settings changes.
Monitor a configuration
Use the following command to display the contents of a configuration:
az iot hub configuration show --config-id [configuration id] \
--hub-name [hub name]
--config-id - The name of the configuration that exists in the IoT hub.
--hub-name - Name of the IoT hub in which the configuration exists. The hub must be in the current
subscription. Switch to the desired subscription with the command az account set -s [subscription name]
Inspect the configuration in the command window. The metrics property lists a count for each metric that is
evaluated by each hub:
targetedCount - A system metric that specifies the number of device twins or module twins in IoT Hub that
match the targeting condition.
appliedCount - A system metric specifies the number of devices or modules that have had the target
content applied.
Your custom metric - Any metrics you've defined are user metrics.
You can show a list of device IDs, module IDs, or objects for each of the metrics by using the following command:
--config-id - The name of the deployment that exists in the IoT hub.
--metric-id - The name of the metric for which you want to see the list of device IDs or module IDs, for
example appliedCount .
--hub-name - Name of the IoT hub in which the deployment exists. The hub must be in the current
subscription. Switch to the desired subscription with the command az account set -s [subscription name] .
--metric-type - Metric type can be system or user . System metrics are targetedCount and appliedCount .
All other metrics are user metrics.
Modify a configuration
When you modify a configuration, the changes immediately replicate to all targeted devices.
If you update the target condition, the following updates occur:
If a twin didn't meet the old target condition, but meets the new target condition and this configuration is the
highest priority for that twin, then this configuration is applied.
If a twin currently running this configuration no longer meets the target condition, the settings from the
configuration will be removed and the twin will be modified by the next highest priority configuration.
If a twin currently running this configuration no longer meets the target condition and doesn't meet the
target condition of any other configurations, then the settings from the configuration will be removed and
no other changes will be made on the twin.
Use the following command to update a configuration:
--config-id - The name of the configuration that exists in the IoT hub.
--hub-name - Name of the IoT hub in which the configuration exists. The hub must be in the current
subscription. Switch to the desired subscription with the command az account set -s [subscription name] .
--set - Update a property in the configuration. You can update the following properties:
targetCondition - for example targetCondition=tags.location.state='Oregon'
labels
priority
Delete a configuration
When you delete a configuration, any device twins or module twins take on their next highest priority
configuration. If twins don't meet the target condition of any other configuration, then no other settings are applied.
Use the following command to delete a configuration:
--config-id - The name of the configuration that exists in the IoT hub.
--hub-name - Name of the IoT hub in which the configuration exists. The hub must be in the current
subscription. Switch to the desired subscription with the command az account set -s [subscription name] .
Next steps
In this article, you learned how to configure and monitor IoT devices at scale. Follow these links to learn more
about managing Azure IoT Hub:
Manage your IoT Hub device identities in bulk
IoT Hub metrics
Operations monitoring
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
To explore using the IoT Hub Device Provisioning Service to enable zero-touch, just-in-time provisioning, see:
Azure IoT Hub Device Provisioning Service
Import and export IoT Hub device identities in bulk
12/13/2019 • 12 minutes to read • Edit Online
Each IoT hub has an identity registry you can use to create per-device resources in the service. The identity
registry also enables you to control access to the device-facing endpoints. This article describes how to import
and export device identities in bulk to and from an identity registry. To see a working sample in C# and learn
how you can use this capability when cloning a hub to a different region, see How to Clone an IoT Hub.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Import and export operations take place in the context of Jobs that enable you to execute bulk service operations
against an IoT hub.
The RegistryManager class includes the ExportDevicesAsync and ImportDevicesAsync methods that use
the Job framework. These methods enable you to export, import, and synchronize the entirety of an IoT hub
identity registry.
This topic discusses using the RegistryManager class and Job system to perform bulk imports and exports of
devices to and from an IoT hub’s identity registry. You can also use the Azure IoT Hub Device Provisioning
Service to enable zero-touch, just-in-time provisioning to one or more IoT hubs without requiring human
intervention. To learn more, see the provisioning service documentation.
NOTE
To use the RegistryManager class in your C# code, add the Microsoft.Azure.Devices NuGet package to your project.
The RegistryManager class is in the Microsoft.Azure.Devices namespace.
You can use the RegistryManager class to query the state of the Job using the returned JobProperties
metadata. To create an instance of the RegistryManager class, use the CreateFromConnectionString method.
RegistryManager registryManager =
RegistryManager.CreateFromConnectionString("{your IoT Hub connection string}");
To find the connection string for your IoT hub, in the Azure portal:
Navigate to your IoT hub.
Select Shared access policies.
Select a policy, taking into account the permissions you need.
Copy the connectionstring from the panel on the right-hand side of the screen.
The following C# code snippet shows how to poll every five seconds to see if the job has finished executing:
await Task.Delay(TimeSpan.FromSeconds(5));
}
Export devices
Use the ExportDevicesAsync method to export the entirety of an IoT hub identity registry to an Azure Storage
blob container using a shared access signature (SAS ). For more information about shared access signatures, see
Grant limited access to Azure Storage resources using shared access signatures (SAS ).
This method enables you to create reliable backups of your device information in a blob container that you
control.
The ExportDevicesAsync method requires two parameters:
A string that contains a URI of a blob container. This URI must contain a SAS token that grants write
access to the container. The job creates a block blob in this container to store the serialized export device
data. The SAS token must include these permissions:
SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Read
| SharedAccessBlobPermissions.Delete
A boolean that indicates if you want to exclude authentication keys from your export data. If false,
authentication keys are included in export output. Otherwise, keys are exported as null.
The following C# code snippet shows how to initiate an export job that includes device authentication keys in the
export data and then poll for completion:
// Call an export job on the IoT Hub to retrieve all devices
JobProperties exportJob =
await registryManager.ExportDevicesAsync(containerSasUri, false);
await Task.Delay(TimeSpan.FromSeconds(5));
}
The job stores its output in the provided blob container as a block blob with the name devices.txt. The output
data consists of JSON serialized device data, with one device per line.
The following example shows the output data:
{"id":"Device1","eTag":"MA==","status":"enabled","authentication":{"symmetricKey":
{"primaryKey":"abc=","secondaryKey":"def="}}}
{"id":"Device2","eTag":"MA==","status":"enabled","authentication":{"symmetricKey":
{"primaryKey":"abc=","secondaryKey":"def="}}}
{"id":"Device3","eTag":"MA==","status":"disabled","authentication":{"symmetricKey":
{"primaryKey":"abc=","secondaryKey":"def="}}}
{"id":"Device4","eTag":"MA==","status":"disabled","authentication":{"symmetricKey":
{"primaryKey":"abc=","secondaryKey":"def="}}}
{"id":"Device5","eTag":"MA==","status":"enabled","authentication":{"symmetricKey":
{"primaryKey":"abc=","secondaryKey":"def="}}}
If a device has twin data, then the twin data is also exported together with the device data. The following example
shows this format. All data from the "twinETag" line until the end is twin data.
{
"id":"export-6d84f075-0",
"eTag":"MQ==",
"status":"enabled",
"statusReason":"firstUpdate",
"authentication":null,
"twinETag":"AAAAAAAAAAI=",
"tags":{
"Location":"LivingRoom"
},
"properties":{
"desired":{
"Thermostat":{
"Temperature":75.1,
"Unit":"F"
},
"$metadata":{
"$lastUpdated":"2017-03-09T18:30:52.3167248Z",
"$lastUpdatedVersion":2,
"Thermostat":{
"$lastUpdated":"2017-03-09T18:30:52.3167248Z",
"$lastUpdatedVersion":2,
"Temperature":{
"$lastUpdated":"2017-03-09T18:30:52.3167248Z",
"$lastUpdatedVersion":2
},
"Unit":{
"$lastUpdated":"2017-03-09T18:30:52.3167248Z",
"$lastUpdatedVersion":2
}
}
},
"$version":2
},
"reported":{
"$metadata":{
"$lastUpdated":"2017-03-09T18:30:51.1309437Z"
},
"$version":1
}
}
}
If you need access to this data in code, you can easily deserialize this data using the ExportImportDevice class.
The following C# code snippet shows how to read device information that was previously exported to a block
blob:
Import devices
The ImportDevicesAsync method in the RegistryManager class enables you to perform bulk import and
synchronization operations in an IoT hub identity registry. Like the ExportDevicesAsync method, the
ImportDevicesAsync method uses the Job framework.
Take care using the ImportDevicesAsync method because in addition to provisioning new devices in your
identity registry, it can also update and delete existing devices.
WARNING
An import operation cannot be undone. Always back up your existing data using the ExportDevicesAsync method to
another blob container before you make bulk changes to your identity registry.
SharedAccessBlobPermissions.Read
A string that contains a URI of an Azure Storage blob container to use as output from the job. The job
creates a block blob in this container to store any error information from the completed import Job. The
SAS token must include these permissions:
SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Read
| SharedAccessBlobPermissions.Delete
NOTE
The two parameters can point to the same blob container. The separate parameters simply enable more control over your
data as the output container requires additional permissions.
JobProperties importJob =
await registryManager.ImportDevicesAsync(containerSasUri, containerSasUri);
This method can also be used to import the data for the device twin. The format for the data input is the same as
the format shown in the ExportDevicesAsync section. In this way, you can reimport the exported data. The
$metadata is optional.
Import behavior
You can use the ImportDevicesAsync method to perform the following bulk operations in your identity
registry:
Bulk registration of new devices
Bulk deletions of existing devices
Bulk status changes (enable or disable devices)
Bulk assignment of new device authentication keys
Bulk auto-regeneration of device authentication keys
Bulk update of twin data
You can perform any combination of the preceding operations within a single ImportDevicesAsync call. For
example, you can register new devices and delete or update existing devices at the same time. When used along
with the ExportDevicesAsync method, you can completely migrate all your devices from one IoT hub to
another.
If the import file includes twin metadata, then this metadata overwrites the existing twin metadata. If the import
file does not include twin metadata, then only the lastUpdateTime metadata is updated using the current time.
Use the optional importMode property in the import serialization data for each device to control the import
process per-device. The importMode property has the following options:
IMPORTMODE DESCRIPTION
createOrUpdate If a device does not exist with the specified ID, it is newly
registered.
If the device already exists, existing information is overwritten
with the provided input data without regard to the ETag
value.
The user can optionally specify twin data along with the
device data. The twin’s etag, if specified, is processed
independently from the device’s etag. If there is a mismatch
with the existing twin’s etag, an error is written to the log file.
create If a device does not exist with the specified ID, it is newly
registered.
If the device already exists, an error is written to the log file.
The user can optionally specify twin data along with the
device data. The twin’s etag, if specified, is processed
independently from the device’s etag. If there is a mismatch
with the existing twin’s etag, an error is written to the log file.
createOrUpdateIfMatchETag If a device does not exist with the specified ID, it is newly
registered.
If the device already exists, existing information is overwritten
with the provided input data only if there is an ETag match.
If there is an ETag mismatch, an error is written to the log
file.
The user can optionally specify twin data along with the
device data. The twin’s etag, if specified, is processed
independently from the device’s etag. If there is a mismatch
with the existing twin’s etag, an error is written to the log file.
NOTE
If the serialization data does not explicitly define an importMode flag for a device, it defaults to createOrUpdate during
the import operation.
await Task.Delay(TimeSpan.FromSeconds(5));
}
// Update property
device.ImportMode = ImportMode.Delete;
// Re-serialize
sb.AppendLine(JsonConvert.SerializeObject(device));
});
// Step 2: Write the new import data back to the block blob
await blob.DeleteIfExistsAsync();
using (CloudBlobStream stream = await blob.OpenWriteAsync())
{
byte[] bytes = Encoding.UTF8.GetBytes(sb.ToString());
for (var i = 0; i < bytes.Length; i += 500)
{
int length = Math.Min(bytes.Length - i, 500);
await stream.WriteAsync(bytes, i, length);
}
}
// Step 3: Call import using the same blob to delete all devices
importJob = await registryManager.ImportDevicesAsync(containerSasUri, containerSasUri);
await Task.Delay(TimeSpan.FromSeconds(5));
}
Next steps
In this article, you learned how to perform bulk operations against the identity registry in an IoT hub. Many of
these operations, including how to move devices from one hub to another, are used in the Managing devices
registered to the IoT hub section of How to Clone an IoT Hub.
The cloning article has a working sample associated with it, which is located in the IoT C# samples on this page:
Azure IoT Samples for C#, with the project being ImportExportDevicesSample. You can download the sample
and try it out; there are instructions in the How to Clone an IoT Hub article.
To learn more about managing Azure IoT Hub, check out the following articles:
IoT Hub metrics
IoT Hub logs
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
To explore using the IoT Hub Device Provisioning Service to enable zero-touch, just-in-time provisioning, see:
Azure IoT Hub Device Provisioning Service
Connect Raspberry Pi online simulator to Azure IoT
Hub (Node.js)
11/12/2019 • 6 minutes to read • Edit Online
In this tutorial, you begin by learning the basics of working with Raspberry Pi online simulator. You then learn
how to seamlessly connect the Pi simulator to the cloud by using Azure IoT Hub.
If you have physical devices, visit Connect Raspberry Pi to Azure IoT Hub to get started.
What you do
Learn the basics of Raspberry Pi online simulator.
Create an IoT hub.
Register a device for Pi in your IoT hub.
Run a sample application on Pi to send simulated sensor data to your IoT hub.
Connect simulated Raspberry Pi to an IoT hub that you create. Then you run a sample application with the
simulator to generate sensor data. Finally, you send the sensor data to your IoT hub.
NOTE
The Raspberry Pi web simulator is now available in preview version. We'd like to hear your voice in the Gitter Chatroom.
The source code is public on GitHub.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
2. In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This
action creates a device identity for your IoT hub.
IMPORTANT
The device ID may be visible in the logs collected for customer support and troubleshooting, so make sure to avoid
any sensitive information while naming it.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device.
If your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
2.
3. Select Run or type npm start to run the application.
You should see the following output that shows the sensor data and the messages that are sent to your IoT hub
Next steps
You’ve run a sample application to collect sensor data and send it to your IoT hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Azure IoT Hub get started with physical devices
tutorials
8/20/2019 • 2 minutes to read • Edit Online
These tutorials introduce you to Azure IoT Hub and the device SDKs. The tutorials cover common IoT scenarios to
demonstrate the capabilities of IoT Hub. The tutorials also illustrate how to combine IoT Hub with other Azure
services and tools to build more powerful IoT solutions. The tutorials listed in the following table show you how to
create physical IoT devices.
Raspberry Pi Node.js, C
Manage IoT Hub messages VS Code Azure IoT Hub Toolkit extension
Manage your IoT device Azure CLI and the IoT extension
Manage your IoT device VS Code Azure IoT Hub Toolkit extension
Next steps
When you have completed these tutorials, you can further explore the capabilities of IoT Hub in the Developer
guide.
Connect Raspberry Pi to Azure IoT Hub (Node.js)
12/18/2019 • 10 minutes to read • Edit Online
In this tutorial, you begin by learning the basics of working with Raspberry Pi that's running Raspbian. You then
learn how to seamlessly connect your devices to the cloud by using Azure IoT Hub. For Windows 10 IoT Core
samples, go to the Windows Dev Center.
Don't have a kit yet? Try Raspberry Pi online simulator. Or buy a new kit here.
What you do
Create an IoT hub.
Register a device for Pi in your IoT hub.
Set up Raspberry Pi.
Run a sample application on Pi to send sensor data to your IoT hub.
NOTE
If you don't have the optional items, you can use simulated sensor data.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device.
If your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
Set up Raspberry Pi
Install the Raspbian operating system for Pi
Prepare the microSD card for installation of the Raspbian image.
1. Download Raspbian.
a. Raspbian Buster with desktop (the .zip file).
b. Extract the Raspbian image to a folder on your computer.
2. Install Raspbian to the microSD card.
a. Download and install the Etcher SD card burner utility.
b. Run Etcher and select the Raspbian image that you extracted in step 1.
c. Select the microSD card drive. Etcher may have already selected the correct drive.
d. Click Flash to install Raspbian to the microSD card.
e. Remove the microSD card from your computer when installation is complete. It's safe to remove the
microSD card directly because Etcher automatically ejects or unmounts the microSD card upon
completion.
f. Insert the microSD card into Pi.
Enable SSH and I2C
1. Connect Pi to the monitor, keyboard, and mouse.
2. Start Pi and then sign into Raspbian by using pi as the user name and raspberry as the password.
3. Click the Raspberry icon > Preferences > Raspberry Pi Configuration.
4. On the Interfaces tab, set I2C and SSH to Enable, and then click OK. If you don't have physical sensors
and want to use simulated sensor data, this step is optional.
NOTE
To enable SSH and I2C, you can find more reference documents on raspberrypi.org and Adafruit.com.
NOTE
The default username is pi and the password is raspberry .
node -v
If the version is lower than 10.x, or if there is no Node.js on your Pi, install the latest version.
4. Install all packages for the sample. The installation includes Azure IoT device SDK, BME280 Sensor
library, and Wiring Pi library.
cd iot-hub-node-raspberrypi-client-app
npm install
NOTE
It might take several minutes to finish this installation process depending on your network connection.
nano config.json
There are two items in this file you can configure. The first one is interval , which defines the time
interval (in milliseconds) between messages sent to the cloud. The second one is simulatedData , which is
a Boolean value for whether to use simulated sensor data or not.
If you don't have the sensor, set the simulatedData value to true to make the sample application
create and use simulated sensor data.
Note: The i2c address used in this tutorial is 0x77 by default. Depending on your configuration it might
also be 0x76: if you encounter an i2c error, try to change the value to 118 and see if that works better. To
see what address is used by your sensor, run sudo i2cdetect -y 1 in a shell on the raspberry pi
2. Save and exit by typing Control-O > Enter > Control-X.
Run the sample application
Run the sample application by running the following command:
sudo node index.js '<YOUR AZURE IOT HUB DEVICE CONNECTION STRING>'
NOTE
Make sure you copy-paste the device connection string into the single quotes.
You should see the following output that shows the sensor data and the messages that are sent to your IoT hub.
Next steps
You’ve run a sample application to collect sensor data and send it to your IoT hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Connect Raspberry Pi to Azure IoT Hub (C)
7/11/2019 • 9 minutes to read • Edit Online
In this tutorial, you begin by learning the basics of working with Raspberry Pi that's running Raspbian. You then
learn how to seamlessly connect your devices to the cloud by using Azure IoT Hub. For Windows 10 IoT Core
samples, go to the Windows Dev Center.
Don't have a kit yet? Try Raspberry Pi online simulator. Or buy a new kit here.
What you do
Create an IoT hub.
Register a device for Pi in your IoT hub.
Setup Raspberry Pi.
Run a sample application on Pi to send sensor data to your IoT hub.
Connect Raspberry Pi to an IoT hub that you create. Then you run a sample application on Pi to collect
temperature and humidity data from a BME280 sensor. Finally, you send the sensor data to your IoT hub.
NOTE
These items are optional because the code sample supports simulated sensor data.
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
5. Select Next: Size and scale to continue creating your hub.
7. Select Create to create your new hub. Creating the hub takes a few minutes.
3. After the device is created, open the device from the list in the IoT devices pane. Copy the Primary
Connection String to use later.
NOTE
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and
keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If
your application needs to store other device-specific metadata, it should use an application-specific store. For more
information, see IoT Hub developer guide.
Set up Raspberry Pi
Now set up the Raspberry Pi.
Install the Raspbian operating system for Pi
Prepare the microSD card for installation of the Raspbian image.
1. Download Raspbian.
a. Download Raspbian Stretch with Desktop (the .zip file).
b. Extract the Raspbian image to a folder on your computer.
2. Install Raspbian to the microSD card.
a. Download and install the Etcher SD card burner utility.
b. Run Etcher and select the Raspbian image that you extracted in step 1.
c. Select the microSD card drive. Note that Etcher may have already selected the correct drive.
d. Click Flash to install Raspbian to the microSD card.
e. Remove the microSD card from your computer when installation is complete. It's safe to remove the
microSD card directly because Etcher automatically ejects or unmounts the microSD card upon
completion.
f. Insert the microSD card into Pi.
Enable SSH and SPI
1. Connect Pi to the monitor, keyboard and mouse, start Pi and then sign in to Raspbian by using pi as the
user name and raspberry as the password.
2. Click the Raspberry icon > Preferences > Raspberry Pi Configuration.
3. On the Interfaces tab, set SPI and SSH to Enable, and then click OK. If you don't have physical sensors
and want to use simulated sensor data, this step is optional.
NOTE
To enable SSH and SPI, you can find more reference documents on raspberrypi.org and RASPI-CONFIG.
NOTE
The default username is pi , and the password is raspberry .
cd ./iot-hub-c-raspberrypi-client-app
sudo chmod u+x setup.sh
sudo ./setup.sh
NOTE
If you don't have a physical BME280, you can use '--simulated-data' as command line parameter to simulate
temperature&humidity data. sudo ./setup.sh --simulated-data
NOTE
Make sure you copy-paste the device connection string into the single quotes.
You should see the following output that shows the sensor data and the messages that are sent to your IoT hub.
Read the messages received by your hub
One way to monitor messages received by your IoT hub from your device is to use the Azure IoT Tools for Visual
Studio Code. To learn more, see Use Azure IoT Tools for Visual Studio Code to send and receive messages
between your device and IoT Hub.
For more ways to process data sent by your device, continue on to the next section.
Next steps
You’ve run a sample application to collect sensor data and send it to your IoT hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Connect IoT DevKit AZ3166 to Azure IoT Hub
11/12/2019 • 12 minutes to read • Edit Online
You can use the MXChip IoT DevKit to develop and prototype Internet of Things (IoT) solutions that take
advantage of Microsoft Azure services. It includes an Arduino-compatible board with rich peripherals and
sensors, an open-source board package, and a rich sample gallery.
OPTION EXAMPLE/LINK
IMPORTANT
Because the IoT hub will be publicly discoverable as a DNS endpoint, be sure to avoid entering any sensitive or
personally identifiable information when you name it.
NOTE
If you get an error running device-identity , install the Azure IOT Extension for Azure CLI for more details.
2. Run the following commands in Azure Cloud Shell to get the device connection string for the device you
just registered:
YourIoTHubName: Replace this placeholder below with the name you choose for your IoT hub.
3. Drag and drop the firmware just downloaded into the mass storage device and it will flash automatically.
4. On the DevKit, Hold down button B, push and release the Reset button, and then release button B. Your
DevKit enters AP mode. To confirm, the screen displays the service set identifier (SSID ) of the DevKit and
the configuration portal IP address.
5. Use a Web browser on a different Wi-Fi enabled device (computer or mobile phone) to connect to the IoT
DevKit SSID displayed in the previous step. If it asks for a password, leave it empty.
6. Open 192.168.0.1 in the browser. Select the Wi-Fi that you want the IoT DevKit connect to, type the Wi-Fi
password, then paste the device connection string you made note of previously. Then click Save.
NOTE
The IoT DevKit only supports 2.4GHz network. Check FAQ for more details.
7. The WiFi information and device connection string will be stored into the IoT DevKit when you see the
result page.
NOTE
After Wi-Fi is configured, your credentials will persist on the device for that connection, even if the device is
unplugged.
8. The IoT DevKit reboots in a few seconds. On the DevKit screen, you see the IP address for the DevKit
follows by the telemetry data including temperature and humidity value with message count send to Azure
IoT Hub.
9. To verify the telemetry data sent to Azure, run the following command in Azure Cloud Shell:
NOTE
The Azure IoT Tools extension pack contains the Azure IoT Device Workbench which is used to develop and debug
on various IoT devkit devices. The Azure IoT Hub Toolkit, also included with the Azure IoT Tools extension pack, is
used to manage and interact with Azure IoT Hubs.
macOS:
"arduino.path": "/Applications",
"arduino.additionalUrls":
"https://raw.githubusercontent.com/VSChina/azureiotdevkit_tools/master/package_azureboard_index.
json"
Ubuntu:
Replace the {username} placeholder below with your username.
"arduino.path": "/home/{username}/Downloads/arduino-1.8.8",
"arduino.additionalUrls":
"https://raw.githubusercontent.com/VSChina/azureiotdevkit_tools/master/package_azureboard_index.
json"
6. Click F1 to open the command palette, type and select Arduino: Board Manager. Search for AZ3166
and install the latest version.
Install ST -Link drivers
ST-Link/V2 is the USB interface that IoT DevKit uses to communicate with your development machine. You need
to install it on Windows to flash the compiled device code to the DevKit. Follow the OS -specific steps to allow the
machine access to your device.
Windows: Download and install USB driver from STMicroelectronics website.
macOS: No driver is required for macOS.
Ubuntu: Run the commands in terminal and sign out and sign in for the group change to take effect:
# Copy the default rules. This grants permission to the group 'plugdev'
sudo cp ~/.arduino15/packages/AZ3166/tools/openocd/0.10.0/linux/contrib/60-openocd.rules
/etc/udev/rules.d/
sudo udevadm control --reload-rules
Now you are all set with preparing and configuring your development environment. Let us build the GetStarted
sample you just ran.
NOTE
If you have not signed in Azure. Follow the pop-up notification for signing in.
5. In the output window, you will see the Azure IoT Hub provisioned.
2. Click F1 to open the command palette, type and select Azure IoT Device Workbench: Configure
Device Settings..., then select Config Device Connection String > Select IoT Hub Device
Connection String.
3. On DevKit, hold down button A, push and release the reset button, and then release button A. Your
DevKit enters configuration mode and saves the connection string.
4. Click F1 again, type and select Azure IoT Device Workbench: Upload Device Code. It starts compile
and upload the code to DevKit.
The DevKit reboots and starts running the code.
NOTE
If there is any errors or interruptions, you can always recover by running the command again.
The sample application is running successfully when you see the following results:
The Serial Monitor displays the message sent to the IoT Hub.
The LED on the MXChip IoT DevKit is blinking.
View the telemetry received by Azure IoT Hub
You can use Azure IoT Tools to monitor device-to-cloud (D2C ) messages in IoT Hub.
1. Sign in Azure portal, find the IoT Hub you created.
2. In the Shared access policies pane, click the iothubowner policy, and write down the Connection string
of your IoT hub.
3. In VS Code, click F1 , type and select Azure IoT Hub: Set IoT Hub Connection String. Copy the
connection string into it.
4. Expand the AZURE IOT HUB DEVICES pane on the right, right click on the device name you created and
select Start Monitoring Built-in Event Endpoint.
5. In OUTPUT pane, you can see the incoming D2C messages to the IoT Hub.
Review the code
The GetStarted.ino is the main Arduino sketch file.
To see how device telemetry is sent to the Azure IoT Hub, open the utility.cpp file in the same folder. View API
Reference to learn how to use sensors and peripherals on IoT DevKit.
The DevKitMQTTClient used is a wrapper of the iothub_client from the Microsoft Azure IoT SDKs and libraries
for C to interact with Azure IoT Hub.
Next steps
You have successfully connected an MXChip IoT DevKit to your IoT hub, and you have sent the captured sensor
data to your IoT hub.
To continue to get started with Azure IoT Hub and to explore other IoT scenarios using IoT DevKit, see the
following:
Connect IoT DevKit to your Azure IoT Central application
Connect IoT DevKit to Azure IoT Remote Monitoring solution accelerator
Translate voice message with Azure Cognitive Services
Retrieve a Twitter message with Azure Functions
Send messages to an MQTT server using Eclipse Paho APIs
Monitor the magnetic sensor and send email notifications with Azure Functions
Use IoT DevKit AZ3166 with Azure Functions and
Cognitive Services to make a language translator
11/12/2019 • 3 minutes to read • Edit Online
In this article, you learn how to make IoT DevKit as a language translator by using Azure Cognitive Services. It
records your voice and translates it to English text shown on the DevKit screen.
The MXChip IoT DevKit is an all-in-one Arduino compatible board with rich peripherals and sensors. You can
develop for it using Azure IoT Device Workbench or Azure IoT Tools extension pack in Visual Studio Code. The
projects catalog contains sample applications to help you prototype IoT solutions.
2. Go to the Speech service you just created, click Keys section to copy and note down the Key1 for DevKit
accessing to it.
2. Follow the steps to finish provisioning of Azure IoT Hub and Azure Functions.
Take a note of the Azure IoT Hub device name you created.
3. Open Functions\DevKitTranslatorFunction.cs and update the following lines of code with the device name
and Speech Service key you noted down.
// Subscription Key of Speech Service
const string speechSubscriptionKey = "";
// Device ID
const string deviceName = "";
4. Click F1 , type and select Azure IoT Device Workbench: Deploy to Azure.... If VS Code asks for
confirmation for redeployment, click Yes.
6. In Azure portal, go to Functions Apps section, find the Azure Function app just created. Click
devkit_translator , then click </> Get Function URL to copy the URL.
2. Click F1 , type and select Azure IoT Device Workbench: Configure Device Settings... > Config
Device Connection String. Select Select IoT Hub Device Connection String to configure it to the
DevKit.
3. You will see the notification once it's done successfully.
4. Click F1 again, type and select Azure IoT Device Workbench: Upload Device Code. It starts compile
and upload the code to DevKit.
How it works
The IoT DevKit records your voice then posts an HTTP request to trigger Azure Functions. Azure Functions calls
the cognitive service speech translator API to do the translation. After Azure Functions gets the translation text, it
sends a C2D message to the device. Then the translation is displayed on the screen.
Next steps
You have learned how to use the IoT DevKit as a translator by using Azure Functions and Cognitive Services. In
this how -to, you learned how to:
Use Visual Studio Code task to automate cloud provisions
Configure Azure IoT device connection string
Deploy the Azure Function
Test the voice message translation
Advance to the other tutorials to learn:
Connect IoT DevKit AZ3166 to Azure IoT Remote Monitoring solution accelerator
Shake, Shake for a Tweet -- Retrieve a Twitter
message with Azure Functions
3/15/2019 • 5 minutes to read • Edit Online
In this project, you learn how to use the motion sensor to trigger an event using Azure Functions. The app
retrieves a random tweet with a #hashtag you configure in your Arduino sketch. The tweet displays on the DevKit
screen.
NOTE
When launching VS Code, you may receive an error message that the Arduino IDE or related board package can't be
found. If this error occurs, close VS Code and launch the Arduino IDE again. VS Code should now locate the Arduino
IDE path correctly.
Replace the string iot within the curly braces with your preferred hashtag. The DevKit later retrieves a random
tweet that includes the hashtag you specify in this step.
NOTE
Occasionally, the Azure Function may not work properly. To resolve this issue when it occurs, check the "compilation error"
section of the IoT DevKit FAQ.
Ready to shake...
Processing...
Press B to read...
Display a random tweet...
How it works
The Arduino sketch sends an event to the Azure IoT Hub. This event triggers the Azure Functions app. The Azure
Functions app contains the logic to connect to Twitter's API and retrieve a tweet. It then wraps the tweet text into a
C2D (Cloud-to-device) message and sends it back to the device.
5. Update the code for run.csx within Functions > shakeshake-cs with your own token:
Feedback
If you experience other problems, refer to the IoT DevKit FAQ or contact us using the following channels:
Gitter.im
Stack Overflow
Next steps
Now that you have learned how to connect a DevKit device to your Azure IoT Remote Monitoring solution
accelerator and retrieve a tweet, here are the suggested next steps:
Azure IoT Remote Monitoring solution accelerator overview
Send messages to an MQTT server
11/12/2019 • 2 minutes to read • Edit Online
Internet of Things (IoT) systems often deal with intermittent, poor quality, or slow internet connections. MQTT is a
machine-to-machine (M2M ) connectivity protocol, which was developed with such challenges in mind.
The MQTT client library used here is part of the Eclipse Paho project, which provides APIs for using MQTT over
multiple means of transport.
NOTE
You can also open example from command palette. Use Ctrl+Shift+P (macOS: Cmd+Shift+P ) to open the command
palette, type Arduino, and then find and select Arduino: Examples.
2. Click the power plug icon on the status bar to open the Serial Monitor:
3. On the status bar, click the number that represents the Baud Rate and set it to 115200 :
The Serial Monitor displays all the messages sent by the sample sketch. The sketch connects the DevKit to Wi-Fi.
Once the Wi-Fi connection is successful, the sketch sends a message to the MQTT broker. After that, the sample
repeatedly sends two "iot.eclipse.org" messages using QoS 0 and QoS 1, respectively.
Next steps
Now that you have learned how to configure your MXChip Iot DevKit as an MQTT client and use the MQTT Client
library to send messages to an MQTT broker, here are the suggested next steps:
Azure IoT Remote Monitoring solution accelerator overview
Connect an MXChip IoT DevKit device to your Azure IoT Central application
Door Monitor -- Using Azure Functions and
SendGrid, send email when a door is opened
11/12/2019 • 5 minutes to read • Edit Online
The MXChip IoT DevKit contains a built-in magnetic sensor. In this project, you detect the presence or absence of a
nearby strong magnetic field -- in this case, coming from a small, permanent magnet.
NOTE
For a practical use of this project, perform the following tasks:
Mount a magnet to the edge of a door.
Mount the DevKit on the door jamb close to the magnet. Opening or closing the door will trigger the sensor, resulting in
your receiving an email notification of the event.
NOTE
If you have already deployed a SendGrid service, you may proceed directly to Deploy IoT Hub in Azure.
SendGrid Deployment
To provision Azure services, use the Deploy to Azure button. This button enables quick and easy deployment of
your open-source projects to Microsoft Azure.
Click the Deploy to Azure button below.
If you are not already signed into your Azure account, sign in now.
You now see the SendGrid sign-up form.
On the Create API Key page, input the API Key Name and click Create & View.
Your API key is displayed only one time. Be sure to copy and store it safely, as it is used in the next step.
You can also open the example app from the command palette. Use Ctrl+Shift+P (macOS: Cmd+Shift+P ) to open
the command palette, type Arduino, and then find and select Arduino: Examples.
Provision Azure services
In the solution window, run the cloud provisioning task:
Type Ctrl+P (macOS: Cmd+P ).
Enter task cloud-provision in the provided text box.
In the VS Code terminal, an interactive command line guides you through provisioning the required Azure
services. Select all of the same items from the prompted list that you previously provisioned in Deploy IoT Hub in
Azure.
NOTE
If the page hangs in the loading status when trying to sign in to Azure, refer to the "page hanges when logging in" section of
the IoT DevKit FAQ to resolve this issue.
NOTE
Occasionally, you may receive an "Error: AZ3166: Unknown package" error message. This error occurs when the board
package index is not refreshed correctly. To resolve this error, refer to the development section of the IoT DevKit FAQ.
Azure IoT Tools is a useful Visual Studio Code extension that makes IoT Hub management and IoT application
development easier. This article focuses on how to use Azure IoT Tools for Visual Studio Code to send and
receive messages between your device and your IoT hub.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How
to choose the right IoT Hub tier.
NOTE
You can also complete the set up by choosing Set IoT Hub Connection String. Enter the iothubowner policy
connection string for the IoT hub that your IoT device connects to in the pop-up window.
Next steps
You’ve learned how to monitor device-to-cloud messages and send cloud-to-device messages between your
IoT device and Azure IoT Hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Use Cloud Explorer for Visual Studio to send and
receive messages between your device and IoT Hub
11/14/2019 • 2 minutes to read • Edit Online
Cloud Explorer is a useful Visual Studio extension that enables you to view your Azure resources, inspect their
properties and perform key developer actions from within Visual Studio. This article focuses on how to use Cloud
Explorer to send and receive messages between your device and your hub.
NOTE
Some of the features mentioned in this article, like cloud-to-device messaging, device twins, and device management, are
only available in the standard tier of IoT Hub. For more information about the basic and standard IoT Hub tiers, see How to
choose the right IoT Hub tier.
What you do
In this article, you do the following tasks:
Use Cloud Explorer for Visual Studio to monitor device-to-cloud messages.
Use Cloud Explorer for Visual Studio to send cloud-to-device messages.
3. If you are signed in to Azure, your accounts appear. To sign into Azure for the first time, choose Add an
account.
4. Select the Azure subscriptions you want to use and choose Apply.
5. Expand your subscription, then expand IoT Hubs. Under each hub, you can see your devices for that hub.
3. To stop monitoring, right-click on any IoT Hub or device and select Stop Monitoring D2C Message.
Next steps
You’ve learned how to monitor device-to-cloud messages and send cloud-to-device messages between your IoT
device and Azure IoT Hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Visualize real-time sensor data from Azure IoT Hub
using Power BI
11/12/2019 • 5 minutes to read • Edit Online
NOTE
Before you start this tutorial, complete the Raspberry Pi online simulator tutorial or one of the device tutorials; for
example, Raspberry Pi with node.js. In these articles, you set up your Azure IoT device and IoT hub, and you deploy a
sample application to run on your device. The application sends collected sensor data to your IoT hub.
What you do
Get your IoT hub ready for data access by adding a consumer group.
Create, configure, and run a Stream Analytics job for data transfer from your IoT hub to your Power BI
account.
Create and publish a Power BI report to visualize the data.
4. Select Save.
Run the Stream Analytics job
In the Stream Analytics job, select Overview, then select Start > Now > Start. Once the job successfully starts,
the job status changes from Stopped to Running.
Create and publish a Power BI report to visualize the data
1. Ensure the sample application is running on your device. If not, you can refer to the tutorials under Setup
your device.
2. Sign in to your Power BI account.
3. Select the workspace you used, My Workspace.
4. Select Datasets.
You should see the dataset that you specified when you created the output for the Stream Analytics job.
5. For the dataset you created, select Add Report (the first icon to the right of the dataset name).
7. Create another line chart to show real-time humidity over time. To do this, follow the same steps above
and place EventEnqueuedUtcTime on the x-axis and humidity on the y-axis.
Next steps
You’ve successfully used Power BI to visualize real-time sensor data from your Azure IoT hub.
For another way to visualize data from Azure IoT Hub, see Use a web app to visualize real-time sensor data
from Azure IoT Hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Visualize real-time sensor data from your Azure IoT
hub in a web application
11/12/2019 • 12 minutes to read • Edit Online
NOTE
Before you start this tutorial, complete the Raspberry Pi online simulator tutorial or one of the device tutorials; for
example, Raspberry Pi with node.js. In these articles, you set up your Azure IoT device and IoT hub, and you deploy a
sample application to run on your device. The application sends collected sensor data to your IoT hub.
What you do
Add a consumer group to your IoT hub that the web application will use to read sensor data
Download the web app code from GitHub
Examine the web app code
Configure environment variables to hold the IoT Hub artifacts needed by your web app
Run the web app on your development machine
Open a web page to see real-time temperature and humidity data from your IoT hub
(Optional) Use Azure CLI to host your web app in Azure App Service
OPTION EXAMPLE/LINK
Note down the name you choose, you'll need it later in this tutorial.
"HostName={YourIotHubName}.azure-devices.net;SharedAccessKeyName=service;SharedAccessKey=
{YourSharedAccessKey}"
Note down the service connection string, you'll need it later in this tutorial.
Set the environment variables in your command window with the following commands. Replace the
placeholder values with the service connection string for your IoT hub and the name of the consumer group
you created previously. Don't quote the strings.
set IotHubConnectionString=YourIoTHubConnectionString
set EventHubConsumerGroup=YourConsumerGroupName
npm install
npm start
3. You should see output in the console that indicates that the web app has successfully connected to your
IoT hub and is listening on port 3000:
You should also see output in the console that shows the messages that your web app is broadcasting to the
browser client:
2. Now provision a web app in your App Service plan. The --deployment-local-git parameter enables the
web app code to be uploaded and deployed from a Git repository on your local machine. Your web app
name must be globally unique and can contain upper and lower case letters, numbers, and hyphens.
az webapp create -n <your web app name> -g <your resource group name> -p <your app service plan name>
--deployment-local-git
3. Now add Application Settings for the environment variables that specify the IoT hub connection string
and the Event hub consumer group. Individual settings are space delimited in the -settings parameter.
Use the service connection string for your IoT hub and the consumer group you created previously in
this tutorial. Don't quote the values.
az webapp config appsettings set -n <your web app name> -g <your resource group name> --settings
EventHubConsumerGroup=<your consumer group> IotHubConnectionString=<your IoT hub connection string>
4. Enable the Web Sockets protocol for the web app and set the web app to receive HTTPS requests only
(HTTP requests are redirected to HTTPS ).
az webapp config set -n <your web app name> -g <your resource group name> --web-sockets-enabled true
az webapp update -n <your web app name> -g <your resource group name> --https-only true
5. To deploy the code to App Service, you'll use your user-level deployment credentials. Your user-level
deployment credentials are different from your Azure credentials and are used for Git local and FTP
deployments to a web app. Once set, they're valid across all of your App Service apps in all subscriptions
in your Azure account. If you've previously set user-level deployment credentials, you can use them.
If you haven't previously set user-level deployment credentials or you can't remember your password,
run the following command. Your deployment user name must be unique within Azure, and it must not
contain the ‘@’ symbol for local Git pushes. When you're prompted, enter and confirm your new
password. The password must be at least eight characters long, with two of the following three elements:
letters, numbers, and symbols.
6. Get the Git URL to use to push your code up to App Service.
az webapp deployment source config-local-git -n <your web app name> -g <your resource group name>
7. Add a remote to your clone that references the Git repository for the web app in App Service. For <Git
clone URL>, use the URL returned in the previous step. Run the following command in your command
window.
8. To deploy the code to App Service, enter the following command in your command window. If you are
prompted for credentials, enter the user-level deployment credentials that you created in step 5. Make
sure that you push to the master branch of the App Service remote.
git push webapp master:master
9. The progress of the deployment will update in your command window. A successful deployment will end
with lines similar to the following output:
remote:
remote: Finished successfully.
remote: Running post deployment command(s)...
remote: Deployment successful.
To https://contoso-web-app-3.scm.azurewebsites.net/contoso-web-app-3.git
6b132dd..7cbc994 master -> master
10. Run the following command to query the state of your web app and make sure it is running:
az webapp show -n <your web app name> -g <your resource group name> --query state
11. Navigate to https://<your web app name>.azurewebsites.net in a browser. A web page similar to the one
you saw when you ran the web app locally displays. Assuming that your device is running and sending
data, you should see a running plot of the 50 most recent temperature and humidity readings sent by the
device.
Troubleshooting
If you come across any issues with this sample, try the steps in the following sections. If you still have problems,
send us feedback at the bottom of this topic.
Client issues
If a device does not appear in the list, or no graph is being drawn, make sure the device code is running
on your device.
In the browser, open the developer tools (in many browsers the F12 key will open it), and find the
console. Look for any warnings or errors printed there.
You can debug client-side script in /js/chat-device-data.js.
Local website issues
Watch the output in the window where you launched node for console output.
Debug the server code, specifically server.js and /scripts/event-hub-reader.js.
Azure App Service issues
In Azure portal, go to your web app. Under Monitoring in the left pane, select App Service logs. Turn
Application Logging (File System ) to on, set Level to Error, and then select Save. Then open Log
stream (under Monitoring).
From your web app in Azure portal, under Development Tools select Console and validate node and
npm versions with node -v and npm -v .
If you see an error about not finding a package, you may have run the steps out of order. When the site is
deployed (with git push ) the app service runs npm install , which runs based on the current version of
node it has configured. If that is changed in configuration later, you'll need to make a meaningless change
to the code and push again.
Next steps
You've successfully used your web app to visualize real-time sensor data from your IoT hub.
For another way to visualize data from Azure IoT Hub, see Use Power BI to visualize real-time sensor data from
your IoT hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Weather forecast using the sensor data from your
IoT hub in Azure Machine Learning
12/9/2019 • 6 minutes to read • Edit Online
NOTE
Before you start this tutorial, complete the Raspberry Pi online simulator tutorial or one of the device tutorials; for
example, Raspberry Pi with node.js. In these articles, you set up your Azure IoT device and IoT hub, and you deploy a
sample application to run on your device. The application sends collected sensor data to your IoT hub.
Machine learning is a technique of data science that helps computers learn from existing data to forecast future
behaviors, outcomes, and trends. Azure Machine Learning is a cloud predictive analytics service that makes it
possible to quickly create and deploy predictive models as analytics solutions.
What you do
Deploy the weather prediction model as a web service.
Get your IoT hub ready for data access by adding a consumer group.
Create a Stream Analytics job and configure the job to:
Read temperature and humidity data from your IoT hub.
Call the web service to get the rain chance.
Save the result to an Azure blob storage.
Use Microsoft Azure Storage Explorer to view the weather forecast.
3. Click Run to validate the steps in the model. This step might take 2 minutes to complete.
NOTE
Ensure that you download the Excel 2010 or earlier workbook even if you are running a later version of Excel
on your computer.
10. Open the Excel workbook, make a note of the WEB SERVICE URL and ACCESS KEY.
3. Click Create.
Add an input to the Stream Analytics job
1. Open the Stream Analytics job.
2. Under Job Topology, click Inputs.
3. In the Inputs pane, click Add, and then enter the following information:
Input alias: The unique alias for the input.
Source: Select IoT hub.
Consumer group: Select the consumer group you created.
4. Click Create.
Add an output to the Stream Analytics job
1. Under Job Topology, click Outputs.
2. In the Outputs pane, click Add, and then enter the following information:
Output alias: The unique alias for the output.
Sink: Select Blob Storage.
Storage account: The storage account for your blob storage. You can create a storage account or use an
existing one.
Container: The container where the blob is saved. You can create a container or use an existing one.
Event serialization format: Select CSV.
3. Click Create.
Add a function to the Stream Analytics job to call the web service you deployed
1. Under Job Topology, click Functions > Add.
2. Enter the following information:
Function Alias: Enter machinelearning .
Function Type: Select Azure ML.
Import option: Select Import from a different subscription.
URL: Enter the WEB SERVICE URL that you noted down from the Excel workbook.
Key: Enter the ACCESS KEY that you noted down from the Excel workbook.
3. Click Create.
Configure the query of the Stream Analytics job
1. Under Job Topology, click Query.
2. Replace the existing code with the following code:
WITH machinelearning AS (
SELECT EventEnqueuedUtcTime, temperature, humidity, machinelearning(temperature, humidity) as
result from [YourInputAlias]
)
Select System.Timestamp time, CAST (result.[temperature] AS FLOAT) AS temperature, CAST (result.
[humidity] AS FLOAT) AS humidity, CAST (result.[Scored Probabilities] AS FLOAT ) AS 'probabalities of
rain'
Into [YourOutputAlias]
From machinelearning
Summary
You’ve successfully used Azure Machine Learning to produce the chance of rain based on the temperature and
humidity data that your IoT hub receives.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Use Azure IoT Tools for Visual Studio Code for
Azure IoT Hub device management
11/12/2019 • 3 minutes to read • Edit Online
Azure IoT Tools is a useful Visual Studio Code extension that makes IoT Hub management and IoT application
development easier. It comes with management options that you can use to perform various tasks.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the
basic and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Read device twin Get the reported state of a device. For example, the device
reports the LED is blinking now.
Update device twin Put a device into certain states, such as setting an LED to
green or setting the telemetry send interval to 30 minutes.
Cloud-to-device messages Send notifications to a device. For example, "It is very likely
to rain today. Don't forget to bring an umbrella."
For more detailed explanation on the differences and guidance on using these options, see Device-to-cloud
communication guidance and Cloud-to-device communication guidance.
Device twins are JSON documents that store device state information (metadata, configurations, and
conditions). IoT Hub persists a device twin for each device that connects to it. For more information about
device twins, see Get started with device twins.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which
will continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install
Azure PowerShell.
What you learn
You learn using Azure IoT Tools for Visual Studio Code with various management options on your
development machine.
What you do
Run Azure IoT Tools for Visual Studio Code with various management options.
NOTE
You can also complete the set up by choosing Set IoT Hub Connection String. Enter the iothubowner policy
connection string for the IoT hub that your IoT device connects to in the pop-up window.
Direct methods
1. Right-click your device and select Invoke Direct Method.
2. Enter the method name and payload in input box.
3. Results will be shown in OUTPUT > Azure IoT Hub Toolkit view.
Next steps
You've learned how to use Azure IoT Tools extension for Visual Studio Code with various management options.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Use Cloud Explorer for Visual Studio for Azure IoT
Hub device management
11/12/2019 • 3 minutes to read • Edit Online
Cloud Explorer is a useful Visual Studio extension that enables you to view your Azure resources, inspect their
properties and perform key developer actions from within Visual Studio. It comes with management options that
you can use to perform various tasks.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Read device twin Get the reported state of a device. For example, the device
reports the LED is blinking now.
Update device twin Put a device into certain states, such as setting an LED to
green or setting the telemetry send interval to 30 minutes.
Cloud-to-device messages Send notifications to a device. For example, "It is very likely to
rain today. Don't forget to bring an umbrella."
For more detailed explanation on the differences and guidance on using these options, see Device-to-cloud
communication guidance and Cloud-to-device communication guidance.
Device twins are JSON documents that store device state information, including metadata, configurations, and
conditions. IoT Hub persists a device twin for each device that connects to it. For more information about device
twins, see Get started with device twins.
3. If you are signed in to Azure, your accounts appear. To sign into Azure for the first time, choose Add an
account.
4. Select the Azure subscriptions you want to use and choose Apply.
5. Expand your subscription, then expand IoT Hubs. Under each hub, you can see your devices for that hub.
Right-click one device to access the management options.
Direct methods
To use direct methods, do the following steps:
1. Right-click your device and select Invoke Device Direct Method.
2. Enter the method name and payload in Invoke Direct Method, and then select OK.
Results appear in Output.
Next steps
You've learned how to use Cloud Explorer for Visual Studio with various management options.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Use the IoT extension for Azure CLI for Azure IoT
Hub device management
7/30/2019 • 4 minutes to read • Edit Online
NOTE
Before you start this tutorial, complete the Raspberry Pi online simulator tutorial or one of the device tutorials; for example,
Raspberry Pi with node.js. In these articles, you set up your Azure IoT device and IoT hub, and you deploy a sample
application to run on your device. The application sends collected sensor data to your IoT hub.
The IoT extension for Azure CLI is a new open-source IoT extension that adds to the capabilities of the Azure CLI.
The Azure CLI includes commands for interacting with Azure Resource Manager and management endpoints. For
example, you can use Azure CLI to create an Azure VM or an IoT hub. A CLI extension enables an Azure service to
augment the Azure CLI giving you access to additional service-specific capabilities. The IoT extension gives IoT
developers command-line access to all IoT Hub, IoT Edge, and IoT Hub Device Provisioning Service capabilities.
NOTE
The features described in this article are available only in the standard tier of IoT Hub. For more information about the basic
and standard IoT Hub tiers, see Choose the right IoT Hub tier.
Twin desired properties Put a device into certain states, such as setting an LED to
green or setting the telemetry send interval to 30 minutes.
Twin reported properties Get the reported state of a device. For example, the device
reports the LED is blinking now.
Twin tags Store device-specific metadata in the cloud. For example, the
deployment location of a vending machine.
Device twin queries Query all device twins to retrieve those twins with arbitrary
conditions, such as identifying the devices that are available
for use.
For more detailed explanation on the differences and guidance on using these options, see Device-to-cloud
communication guidance and Cloud-to-device communication guidance.
Device twins are JSON documents that store device state information (metadata, configurations, and conditions).
IoT Hub persists a device twin for each device that connects to it. For more information about device twins, see Get
started with device twins.
What you do
Run Azure CLI and the IoT extension for Azure CLI with various management options.
az login
Direct methods
az iot hub invoke-device-method --device-id <your device id> \
--hub-name <your hub name> \
--method-name <the method name> \
--method-payload <the method payload>
az iot hub device-twin show -n <your hub name> -d <your device id>
One of the twin reported properties is $metadata.$lastUpdated, which shows the last time the device app updated
its reported property set.
az iot hub device-twin show --hub-name <your hub name> --device-id <your device id>
Add a field role = temperature&humidity to the device by running the following command:
Query all devices except those with a tag of role = 'temperature&humidity' by running the following command:
Next steps
You’ve learned how to monitor device-to-cloud messages and send cloud-to-device messages between your IoT
device and Azure IoT Hub.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
IoT remote monitoring and notifications with Azure
Logic Apps connecting your IoT hub and mailbox
7/22/2019 • 8 minutes to read • Edit Online
NOTE
Before you start this tutorial, complete the Raspberry Pi online simulator tutorial or one of the device tutorials; for
example, Raspberry Pi with node.js. In these articles, you set up your Azure IoT device and IoT hub, and you deploy a
sample application to run on your device. The application sends collected sensor data to your IoT hub.
Azure Logic Apps can help you orchestrate workflows across on-premises and cloud services, one or more
enterprises, and across various protocols. A logic app begins with a trigger, which is then followed by one or
more actions that can be sequenced using built-in controls, such as conditions and iterators. This flexibility
makes Logic Apps an ideal IoT solution for IoT monitoring scenarios. For example, the arrival of telemetry data
from a device at an IoT Hub endpoint can initiate logic app workflows to warehouse the data in an Azure
Storage blob, send email alerts to warn of data anomalies, schedule a technician visit if a device reports a
failure, and so on.
{
"body": {
"messageId": 18,
"deviceId": "Raspberry Pi Web Client",
"temperature": 27.796111770668457,
"humidity": 66.77637926438427
},
"applicationProperties": {
"temperatureAlert": "false"
}
}
To learn more about IoT Hub message format, see Create and read IoT Hub messages.
In this topic, you set up routing on your IoT hub to send messages in which the temperatureAlert property is
true to a Service Bus endpoint. You then set up a logic app that triggers on the messages arriving at the
Service Bus endpoint and sends you an email notification.
What you do
Create a Service Bus namespace and add a Service Bus queue to it.
Add a custom endpoint and a routing rule to your IoT hub to route messages that contain a temperature
alert to the Service Bus queue.
Create, configure, and test a logic app to consume messages from your Service Bus queue and send
notification emails to a desired recipient.
4. Back on the Service Bus Namespace pane, under Entities, select Queues. Open the Service Bus
queue from the list, and then select Shared access policies > + Add.
5. Enter a name for the policy, check Manage, and then select Create.
Add a custom endpoint and routing rule to your IoT hub
Add a custom endpoint for the Service Bus queue to your IoT hub and create a message routing rule to direct
messages that contain a temperature alert to that endpoint, where they will be picked up by your logic app. The
routing rule uses a routing query, temperatureAlert = "true" , to forward messages based on the value of the
temperatureAlert application property set by the client code running on the device. To learn more, see Message
routing query based on message properties.
Add a custom endpoint
1. Open your IoT hub. The easiest way to get to the IoT hub is to select Resource groups from the
resource pane, select your resource group, then select your IoT hub from the list of resources.
2. Under Messaging, select Message routing. On the Message routing pane, select the Custom
endpoints tab and then select + Add. From the drop-down list, select Service bus queue.
3. On the Add a service bus endpoint pane, enter the following information:
Endpoint name: The name of the endpoint.
Service bus namespace: Select the namespace you created.
Service bus queue: Select the queue you created.
4. Select Create. After the endpoint is successfully created, proceed to the next step.
Add a routing rule
1. Back on the Message routing pane, select the Routes tab and then select + Add.
2. On the Add a route pane, enter the following information:
Name: The name of the routing rule.
Endpoint: Select the endpoint you created.
Data source: Select Device Telemetry Messages.
Routing query: Enter temperatureAlert = "true" .
3. Select Save. You can close the Message routing pane.
c. On the final screen, for Queue name, select the queue that you created from the drop-down.
Enter 175 for Maximum message count.
d. Select Save on the menu at the top of the Logic Apps Designer to save your changes.
Configure the logic app action
1. Create an SMTP service connection.
a. Select New step. In Choose an action, select the All tab.
b. Type smtp in the search box, select the SMTP service in the search result, and then select Send
Email.
c. Enter the SMTP information for your mailbox, and then select Create.
Get the SMTP information for Hotmail/Outlook.com, Gmail, and Yahoo Mail.
NOTE
You may need to disable SSL to establish the connection. If this is the case and you want to re-enable SSL
after the connection has been established, see the optional step at the end of this section.
d. From the Add new parameter drop-down on the Send Email step, select From, To, Subject
and Body. Click or tap anywhere on the screen to close the selection box.
e. Enter your email address for From and To, and High temperature detected for Subject and
Body. If the Add dynamic content from the apps and connectors used in this flow dialog
opens, select Hide to close it. You do not use dynamic content in this tutorial.
f. Select Save to save the SMTP connection.
2. (Optional) If you had to disable SSL to establish a connection with your email provider and want to re-
enable it, follow these steps:
a. On the Logic app pane, under Development Tools, select API connections.
b. From the list of API connections, select the SMTP connection.
c. On the smtp API Connection pane, under General, select Edit API connection.
d. On the Edit API Connection pane, select Enable SSL?, re-enter the password for your email
account, and select Save.
Your logic app is now ready to process temperature alerts from the Service Bus queue and send notifications to
your email account.
NOTE
Your email service provider may need to verify the sender identity to make sure it is you who sends the email.
Next steps
You have successfully created a logic app that connects your IoT hub and your mailbox for temperature
monitoring and notifications.
To continue to get started with Azure IoT Hub and to explore all extended IoT scenarios, see the following:
Manage cloud device messaging with Azure IoT Hub Toolkit extension for Visual Studio Code
Manage devices with Azure IoT Hub Toolkit extension for Visual Studio Code
Set up message routing
Use Power BI to visualize real-time sensor data from your IoT hub
Use a web app to visualize real-time sensor data from your IoT hub
Forecast weather by using the sensor data from your IoT hub in Azure Machine Learning
Use Logic Apps for remote monitoring and notifications
Detect and troubleshoot disconnects with Azure IoT
Hub
9/8/2019 • 4 minutes to read • Edit Online
Connectivity issues for IoT devices can be difficult to troubleshoot because there are many possible points of
failure. Device-side application logic, physical networks, protocols, hardware, and Azure IoT Hub can all cause
problems. This article provides recommendations on how to detect and troubleshoot device connectivity issues
from the cloud side (as opposed to device side).
To learn more, see Monitor the health of Azure IoT Hub and diagnose problems quickly.
Set up alerts for the connected devices count metric
To get alerts when devices disconnect, configure alerts on the connected devices (preview) metric.
1. Sign in to the Azure portal.
2. Browse to your IoT hub.
3. Select Alerts.
4. Select New alert rule.
5. Select Add condition, then select "Connected devices (preview )".
6. Finish setting up your desired thresholds and alerting options by following prompts.
To learn more, see What are classic alerts in Microsoft Azure?.
search *
| where ( Type == "AzureDiagnostics" and ResourceType == "IOTHUBS")
| where ( Category == "Connections" and Level == "Error")
4. If there are results, look for OperationName , ResultType (error code), and ResultDescription (error
message) to get more detail on the error.
5. Use this table to understand and resolve common errors.
404104 The connection was closed by the Make sure the device can connect to
DeviceConnectionClosedRemotely device, but IoT Hub doesn't know IoT Hub by testing the connection. If
why. Common causes include the connection is fine, but the device
MQTT/AMQP timeout and internet disconnects intermittently, make sure
connectivity loss. to implement proper keep alive
device logic for your choice of
protocol (MQTT/AMPQ).
401003 IoTHubUnauthorized IoT Hub couldn't authenticate the Make sure that the SAS or other
connection. security token you use isn't expired.
Azure IoT SDKs automatically
generate tokens without requiring
special configuration.
ERROR ROOT CAUSE RESOLUTION
409002 LinkCreationConflict A device has more than one In the most common case, a device
connection. When a new connection detects a disconnect and tries to
request comes for a device, IoT Hub reestablish the connection, but IoT
closes the previous one with this Hub still considers the device
error. connected. IoT Hub closes the
previous connection and logs this
error. This error usually appears as a
side effect of a different, transient
issue, so look for other errors in the
logs to troubleshoot further.
Otherwise, make sure to issue a new
connection request only if the
connection drops.
500001 ServerError IoT Hub ran into a server-side issue. To mitigate the transient fault, issue a
Most likely, the issue is transient. retry from the device. To
While the IoT Hub team works hard automatically manage retries, make
to maintain the SLA, small subsets of sure you use the latest version of the
IoT Hub nodes can occasionally Azure IoT SDKs.
experience transient faults. When
your device tries to connect to a For best practice on transient fault
node that's having issues, you receive handling and retries, see Transient
this error. fault handling.
500008 GenericTimeout IoT Hub couldn't complete the Follow troubleshooting steps for a
connection request before timing 500001 ServerError to the root cause
out. Like a 500001 ServerError, this and resolve this error.
error is likely transient.
Next steps
To learn more about resolving transient issues, see Transient fault handling.
To learn more about Azure IoT SDK and managing retries, see How to manage connectivity and reliable
messaging using Azure IoT Hub device SDKs.
IoT Hub operations monitoring (deprecated)
4/8/2019 • 6 minutes to read • Edit Online
IoT Hub operations monitoring enables you to monitor the status of operations on your IoT hub in real time. IoT
Hub tracks events across several categories of operations. You can opt into sending events from one or more
categories to an endpoint of your IoT hub for processing. You can monitor the data for errors or set up more
complex processing based on data patterns.
NOTE
IoT Hub operations monitoring is deprecated and has been removed from IoT Hub on March 10, 2019. For
monitoring the operations and health of IoT Hub, see Monitor the health of Azure IoT Hub and diagnose problems
quickly. For more information about the deprecation timeline, see Monitor your Azure IoT solutions with Azure Monitor
and Azure Resource Health.
IMPORTANT
IoT Hub operations monitoring does not guarantee reliable or ordered delivery of events. Depending on IoT Hub
underlying infrastructure, some events might be lost or delivered out of order. Use operations monitoring to generate
alerts based on error signals such as failed connection attempts, or high-frequency disconnections for specific devices. You
should not rely on operations monitoring events to create a consistent store for device state, e.g. a store tracking
connected or disconnected state of a device.
{
"time": "UTC timestamp",
"operationName": "create",
"category": "DeviceIdentityOperations",
"level": "Error",
"statusCode": 4XX,
"statusDescription": "MessageDescription",
"deviceId": "device-ID",
"durationMs": 1234,
"userAgent": "userAgent",
"sharedAccessPolicy": "accessPolicy"
}
Device telemetry
The device telemetry category tracks errors that occur at the IoT hub and are related to the telemetry pipeline.
This category includes errors that occur when sending telemetry events (such as throttling) and receiving
telemetry events (such as unauthorized reader). This category cannot catch errors caused by code running on
the device itself.
{
"messageSizeInBytes": 1234,
"batching": 0,
"protocol": "Amqp",
"authType": "{\"scope\":\"device\",\"type\":\"sas\",\"issuer\":\"iothub\"}",
"time": "UTC timestamp",
"operationName": "ingress",
"category": "DeviceTelemetry",
"level": "Error",
"statusCode": 4XX,
"statusType": 4XX001,
"statusDescription": "MessageDescription",
"deviceId": "device-ID",
"EventProcessedUtcTime": "UTC timestamp",
"PartitionId": 1,
"EventEnqueuedUtcTime": "UTC timestamp"
}
Connections
The connections category tracks errors that occur when devices connect or disconnect from an IoT hub. Tracking
this category is useful for identifying unauthorized connection attempts and for tracking when a connection is
lost for devices in areas of poor connectivity.
{
"durationMs": 1234,
"authType": "{\"scope\":\"hub\",\"type\":\"sas\",\"issuer\":\"iothub\"}",
"protocol": "Amqp",
"time": " UTC timestamp",
"operationName": "deviceConnect",
"category": "Connections",
"level": "Error",
"statusCode": 4XX,
"statusType": 4XX001,
"statusDescription": "MessageDescription",
"deviceId": "device-ID"
}
File uploads
The file upload category tracks errors that occur at the IoT hub and are related to file upload functionality. This
category includes:
Errors that occur with the SAS URI, such as when it expires before a device notifies the hub of a
completed upload.
Failed uploads reported by the device.
Errors that occur when a file is not found in storage during IoT Hub notification message creation.
This category cannot catch errors that directly occur while the device is uploading a file to storage.
{
"authType": "{\"scope\":\"hub\",\"type\":\"sas\",\"issuer\":\"iothub\"}",
"protocol": "HTTP",
"time": " UTC timestamp",
"operationName": "ingress",
"category": "fileUpload",
"level": "Error",
"statusCode": 4XX,
"statusType": 4XX001,
"statusDescription": "MessageDescription",
"deviceId": "device-ID",
"blobUri": "http//bloburi.com",
"durationMs": 1234
}
Message routing
The message routing category tracks errors that occur during message route evaluation and endpoint health as
perceived by IoT Hub. This category includes events such as when a rule evaluates to "undefined", when IoT
Hub marks an endpoint as dead, and any other errors received from an endpoint. This category does not include
specific errors about the messages themselves (such as device throttling errors), which are reported under the
"device telemetry" category.
{
"messageSizeInBytes": 1234,
"time": "UTC timestamp",
"operationName": "ingress",
"category": "routes",
"level": "Error",
"deviceId": "device-ID",
"messageId": "ID of message",
"routeName": "myroute",
"endpointName": "myendpoint",
"details": "ExternalEndpointDisabled"
}
The following C# code sample is taken from a Visual Studio Windows Classic Desktop C# console app. The
project has the WindowsAzure.ServiceBus NuGet package installed.
Replace the connection string placeholder with a connection string that uses the Event Hub-compatible
endpoint and service Primary key values you noted previously as shown in the following example:
Replace the monitoring endpoint name placeholder with the Event Hub-compatible name value you
noted previously.
class Program
{
static string connectionString = "{your monitoring endpoint connection string}";
static string monitoringEndpointName = "{your monitoring endpoint name}";
static EventHubClient eventHubClient;
eventHubClient = EventHubClient.CreateFromConnectionString(connectionString,
monitoringEndpointName);
var d2cPartitions = eventHubClient.GetRuntimeInformation().PartitionIds;
CancellationTokenSource cts = new CancellationTokenSource();
var tasks = new List<Task>();
Console.ReadLine();
Console.WriteLine("Exiting...");
cts.Cancel();
Task.WaitAll(tasks.ToArray());
}
if (eventData != null)
{
string data = Encoding.UTF8.GetString(eventData.GetBytes());
Console.WriteLine("Message received. Partition: {0} Data: '{1}'", partition, data);
}
}
}
}
Next steps
To further explore the capabilities of IoT Hub, see:
IoT Hub developer guide
Deploying AI to edge devices with Azure IoT Edge
Migrate your IoT Hub from operations monitoring to
diagnostics settings
1/8/2020 • 3 minutes to read • Edit Online
Customers using operations monitoring to track the status of operations in IoT Hub can migrate that workflow to
Azure diagnostics settings, a feature of Azure Monitor. Diagnostics settings supply resource-level diagnostic
information for many Azure services.
The operations monitoring functionality of IoT Hub is deprecated, and has been removed from the portal.
This article provides steps to move your workloads from operations monitoring to diagnostics settings. For more
information about the deprecation timeline, see Monitor your Azure IoT solutions with Azure Monitor and Azure
Resource Health.
NOTE
This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will
continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM
compatibility, see Introducing the new Azure PowerShell Az module. For Az module installation instructions, see Install Azure
PowerShell.
Connect-AzAccount
Select-AzSubscription -SubscriptionName <subscription that includes your IoT Hub>
Set-AzDiagnosticSetting -ResourceId <your resource Id> -ServiceBusRuleId <your service bus rule Id> -Enabled
$true
New settings take effect in about 10 minutes. After that, logs appear in the configured archival target on the
Diagnostics settings blade. For more information about configuring diagnostics, see Collect and consume log
data from your azure resources.
Turn off operations monitoring
NOTE
As of March 11, 2019, the operations monitoring feature is removed from IoT Hub's Azure portal interface. The steps below
no longer apply. To migrate, make sure that the correct categories are turned on in Azure Monitor diagnostic settings above.
Once you test the new diagnostics settings in your workflow, you can turn off the operations monitoring feature.
1. In your IoT Hub menu, select Operations monitoring.
2. Under each monitoring category, select None.
3. Save the operations monitoring changes.
Next steps
Monitor the health of Azure IoT Hub and diagnose problems quickly
Summary of customer data request features
11/8/2019 • 2 minutes to read • Edit Online
The Azure IoT Hub is a REST API-based cloud service targeted at enterprise customers that enables secure, bi-
directional communication between millions of devices and a partitioned Azure service.
NOTE
This article provides steps for how to delete personal data from the device or service and can be used to support your
obligations under the GDPR. If you’re looking for general info about GDPR, see the GDPR section of the Service Trust portal.
Individual devices are assigned a device identifier (device ID ) by a tenant administrator. Device data is based on the
assigned device ID. Microsoft maintains no information and has no access to data that would allow device ID to
user correlation.
Many of the devices managed in Azure IoT Hub are not personal devices, for example an office thermostat or
factory robot. Customers may, however, consider some devices to be personally identifiable and at their discretion
may maintain their own asset or inventory tracking methods that tie devices to individuals. Azure IoT Hub
manages and stores all data associated with devices as if it were personal data.
Tenant administrators can use either the Azure portal or the service's REST APIs to fulfill information requests by
exporting or deleting data associated with a device ID.
If you use the routing feature of the Azure IoT Hub service to forward device messages to other services, then data
requests must be performed by the tenant admin for each routing endpoint in order to complete a full request for a
given device. For more details, see the reference documentation for each endpoint. For more information about
supported endpoints, see Reference - IoT Hub endpoints.
If you use the Azure Event Grid integration feature of the Azure IoT Hub service, then data requests must be
performed by the tenant admin for each subscriber of these events. For more information, see React to IoT Hub
events by using Event Grid.
If you use the Azure Monitor integration feature of the Azure IoT Hub service to create diagnostic logs, then data
requests must be performed by the tenant admin against the stored logs. For more information, see Monitor the
health of Azure IoT Hub.