| title | description | author | ms.service | services | ms.topic | ms.date | ms.author | ms.custom |
|---|---|---|---|---|---|---|---|---|
Use the Azure PowerShell to configure file upload | Microsoft Docs |
How to use the Azure PowerShell cmdlets to configure your IoT hub to enable file uploads from connected devices. Includes information about configuring the destination Azure storage account. |
kgremban |
iot-hub |
iot-hub |
conceptual |
07/20/2021 |
kgremban |
devx-track-azurepowershell |
[!INCLUDE iot-hub-file-upload-selector]
This article shows you how to configure file uploads on your IoT hub using PowerShell.
To use the file upload functionality in IoT Hub, you must first associate an Azure storage account and blob container with your IoT hub. IoT Hub automatically generates SAS URIs with write permissions to this blob container for devices to use when they upload files. In addition to the storage account and blob container, you can set the time-to-live for the SAS URI and configure settings for the optional file upload notifications that IoT Hub can deliver to backend services.
[!INCLUDE updated-for-az]
-
An active Azure account. If you don't have an account, you can create a free account in just a couple of minutes.
-
An Azure IoT hub. If you don't have an IoT hub, you can use the New-AzIoTHub cmdlet to create one or use the portal to Create an IoT hub.
-
An Azure storage account. If you don't have an Azure storage account, you can use the Azure Storage PowerShell cmdlets to create one or use the portal to Create a storage account
-
Use the PowerShell environment in Azure Cloud Shell.
-
If you prefer, install PowerShell locally.
- Install the Azure Az PowerShell module. (The module is installed by default in the Azure Cloud Shell PowerShell environment.)
- Sign in to PowerShell by using the Connect-AzAccount command. To finish the authentication process, follow the steps displayed in your terminal. For additional sign-in options, see Sign in with Azure PowerShell.
Sign in to your Azure account and select your subscription. If you're using Azure Cloud Shell, you should be signed in already; however, you still might need to select your Azure subscription if you have multiple subscriptions.
-
At the PowerShell prompt, run the Connect-AzAccount cmdlet:
Connect-AzAccount -
If you have multiple Azure subscriptions, signing in to Azure grants you access to all the Azure subscriptions associated with your credentials. Use the Get-AzSubscription command to list the Azure subscriptions available for you to use:
Get-AzSubscriptionUse the following command to select the subscription that you want to use to run the commands to manage your IoT hub. You can use either the subscription name or ID from the output of the previous command:
Select-AzSubscription ` -Name "{your subscription name}"
[!NOTE] The Select-AzSubscription command is an alias of the Select-AzContext that allows you to use the subscription name (Name) or subscription ID (Id) returned by the Get-AzSubscription command rather than the more complex context name required for the Select-AzContext command.
The following steps assume that you created your storage account using the Resource Manager deployment model, and not the Classic deployment model.
To configure file uploads from your devices, you need the connection string for an Azure storage account. The storage account must be in the same subscription as your IoT hub. You also need the name of a blob container in the storage account. Use the Get-AzStorageAccountKey command to retrieve your storage account keys:
Get-AzStorageAccountKey `
-Name {your storage account name} `
-ResourceGroupName {your storage account resource group}Make a note of the key1 storage account key value. You need it in the following steps.
You can either use an existing blob container for your file uploads or create new one:
-
To list the existing blob containers in your storage account, use the New-AzStorageContext and Get-AzStorageContainer commands:
$ctx = New-AzStorageContext ` -StorageAccountName {your storage account name} ` -StorageAccountKey {your storage account key} Get-AzStorageContainer -Context $ctx
-
To create a blob container in your storage account, use the New-AzStorageContext and New-AzStorageContainer commands:
$ctx = New-AzStorageContext ` -StorageAccountName {your storage account name} ` -StorageAccountKey {your storage account key} New-AzStorageContainer ` -Name {your new container name} ` -Permission Off ` -Context $ctx
You can now configure your IoT hub to upload files to the IoT hub using your storage account details.
The configuration requires the following values:
-
Storage container: A blob container in an Azure storage account in your current Azure subscription to associate with your IoT hub. You retrieved the necessary storage account information in the preceding section. IoT Hub automatically generates SAS URIs with write permissions to this blob container for devices to use when they upload files.
-
Receive notifications for uploaded files: Enable or disable file upload notifications.
-
SAS TTL: This setting is the time-to-live of the SAS URIs returned to the device by IoT Hub. Set to one hour by default.
-
File notification settings default TTL: The time-to-live of a file upload notification before it's expired. Set to one day by default.
-
File notification maximum delivery count: The number of times the IoT Hub attempts to deliver a file upload notification. Set to 10 by default.
Use the Set-AzIotHub command to configure the file upload settings on your IoT hub:
Set-AzIotHub `
-ResourceGroupName "{your iot hub resource group}" `
-Name "{your iot hub name}" `
-FileUploadNotificationTtl "01:00:00" `
-FileUploadSasUriTtl "01:00:00" `
-EnableFileUploadNotifications $true `
-FileUploadStorageConnectionString "DefaultEndpointsProtocol=https;AccountName={your storage account name};AccountKey={your storage account key};EndpointSuffix=core.windows.net" `
-FileUploadContainerName "{your blob container name}" `
-FileUploadNotificationMaxDeliveryCount 10Note
By default, IoT Hub authenticates with Azure Storage using the account key in the connection string. Authentication using either system-assigned or user-assigned managed identities is also available. Managed identities provide Azure services with an automatically managed identity in Azure AD in a secure manner. To learn more, see IoT Hub support for managed identities. Currently, there are not parameters on the Set-AzIotHub command to set the authentication type. Instead, you can use either the Azure portal or Azure CLI.