Skip to content

Files

Latest commit

eshashah-msfteshashah-msft
Update create-device-update-account.md
Jan 19, 2022
3a6e8f5 · Jan 19, 2022

History

History
106 lines (65 loc) · 5.9 KB

create-device-update-account.md

File metadata and controls

106 lines (65 loc) · 5.9 KB
title description author ms.author ms.date ms.topic ms.service ms.custom
Create a device update account in Device Update for Azure IoT Hub | Microsoft Docs
Create a device update account in Device Update for Azure IoT Hub.
vimeht
vimeht
2/11/2021
how-to
iot-hub-device-update
subject-rbac-steps

Device Update for IoT Hub Resource Management

To get started with Device Update you'll need to create a Device Update account, instance and set access control roles.

Prerequisites

  • Access to an IoT Hub. It is recommended that you use a S1 (Standard) tier or above.
  • Supported browsers:

Create a device update account and instance

  1. Go to Azure portal

  2. Click Create a Resource and search for "Device Update for IoT Hub"

    :::image type="content" source="media/create-device-update-account/device-update-marketplace.png" alt-text="Screenshot of Device Update for IoT Hub resource." lightbox="media/create-device-update-account/device-update-marketplace.png":::

  3. Click Create -> Device Update for IoT Hub

  4. Specify the Azure Subscription to be associated with your Device Update Account and Resource Group. Specify a Name and Location for your Device Update Account

    :::image type="content" source="media/create-device-update-account/account-details.png" alt-text="Screenshot of account details." lightbox="media/create-device-update-account/account-details.png":::

Note

You can go to Azure Products-by-region page to discover the regions where Device Update for IoT Hub is available. If Device Update for IoT Hub is not available in your region you can choose to create an account in an available region closest to you.

  1. Optionally, you can check the box to assign the Device Update administrator role to yourself. You can also use the steps listed in the "Configure access control roles" section to provide a combination of roles to users and applications for the right level of access.

  2. Click Next: Instance

    An instance of Device Update is associated with a single IoT hub. Select the IoT hub that will be used with Device Update. We will create a new Shared Access policy during this step to ensure Device Update uses only the required permissions to work with IoT Hub (registry write and service connect). This policy ensures that access is only limited to Device Update.

  3. Specify an instance name and select your IoT Hub

    :::image type="content" source="media/create-device-update-account/instance-details.png" alt-text="Screenshot of instance details." lightbox="media/create-device-update-account/instance-details.png":::

    [!NOTE] The IoT Hub you link to your Device Update resource, doesn't need to be in the same region as your Device Update Account. However, for better performance it is recommended that your IoT Hub be in a region same as or close to the region of your Device Update account.

  4. Click Next: Review + Create. After validation, click on Create.

    :::image type="content" source="media/create-device-update-account/account-review.png" alt-text="Screenshot of account review." lightbox="media/create-device-update-account/account-review.png":::

  5. You will see your deployment is in progress. The deployment status will change to "complete" in a few minutes. Click Go to resource

    :::image type="content" source="media/create-device-update-account/account-complete.png" alt-text="Screenshot of account deployment complete." lightbox="media/create-device-update-account/account-complete.png":::

Configure access control roles

In order for other users to have access to Device Update, users must be granted access to this resource. You can skip this step if you assigned the Device Update administrator role to yourself during account creation and don't need to provide access to additional users or applications.

  1. Go to Access control (IAM) within the Device Update account

    :::image type="content" source="media/create-device-update-account/account-access-control.png" alt-text="Screenshot of access Control within Device Update account." lightbox="media/create-device-update-account/account-access-control.png":::

  2. Click Add role assignments

  3. Under Role tab, select a Device Update role from the given options

    • Device Update Administrator
    • Device Update Reader
    • Device Update Content Administrator
    • Device Update Content Reader
    • Device Update Deployments Administrator
    • Device Update Deployments Reader

    :::image type="content" source="media/create-device-update-account/role-assignment.png" alt-text="Screenshot of access Control role assignments within Device Update account." lightbox="media/create-device-update-account/role-assignment.png":::

    Learn about Role-based access control in Device Update for IoT Hub

  4. Click Next

  5. Assign access to a user or Azure AD group

  6. Select members

    :::image type="content" source="media/create-device-update-account/role-assignment-2.png" alt-text="Screenshot of access Control member selection within Device Update account." lightbox="media/create-device-update-account/role-assignment-2.png":::

  7. Click Review + assign

  8. Review the new role assignments and click Review + assign again

  9. You are now ready to use the Device Update experience from within your IoT Hub

Next steps

Try updating a device using one of the following quick tutorials:

Learn about Device update account and instance.

Learn about Device update access control roles.