You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/iot-hub-device-update/device-update-resources.md
+11-9Lines changed: 11 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@ title: Understand Device Update for Azure IoT Hub resources | Microsoft Docs
3
3
description: Understand Device Update for Azure IoT Hub resources
4
4
author: vimeht
5
5
ms.author: vimeht
6
-
ms.date: 06/14/2022
6
+
ms.date: 11/02/2022
7
7
ms.topic: conceptual
8
8
ms.service: iot-hub-device-update
9
9
---
@@ -27,7 +27,7 @@ During public preview, two Device update accounts can be created per subscriptio
27
27
28
28
## Configure the linked IoT hub
29
29
30
-
In order for Device Update to receive change notifications from IoT Hub, Device Update integrates with the built-in Event Hubs. Clicking the "Configure IoT Hub" button within your instance configures the required message routes, consumer groups, and access policy required to communicate with IoT devices.
30
+
In order for Device Update to receive change notifications from IoT Hub, Device Update integrates with the built-in Event Hubs. The IoT Hub will be configured automatically as part of the resource creation process with the required message routes, consumer groups, and access policy required to communicate with IoT devices.
31
31
32
32
### Message Routing
33
33
@@ -45,19 +45,21 @@ The following Message Routes are automatically configured in your linked IoT hub
45
45
46
46
### Consumer group
47
47
48
-
Configuring the IoT hub also creates an event hub consumer group called **adum** that is required by the Device Update management services.
48
+
The IoT hub also creates an event hub consumer group called **adum** that is required by the Device Update management services. This should be added automatically as part of the resource creation process.
49
49
50
50
:::image type="content" source="media/device-update-resources/consumer-group.png" alt-text="Screenshot of consumer groups." lightbox="media/device-update-resources/consumer-group.png":::
51
51
52
-
### Access policy
52
+
### Configuring access for Azure Device Update service principal in the IoT Hub
53
53
54
-
A shared access policy named **deviceupdateservice** is used by the Device Update Management services to query for update-capable devices. The **deviceupdateservice** policy is created and given the following permissions as part of configuring the IoT Hub:
54
+
Device Update for IoT Hub communicates with the IoT Hub for deployments and manage updates at scale. In order to enable Device Update to do this, users need to set IoT Hub Data Contributor access for Azure Device Update Service Principal in the IoT Hub permissions.
55
55
56
-
- Registry read
57
-
- Service connect
58
-
- Device connect
56
+
Deployment, device and update management and diagnostic actions will not be allowed if these permissions are not set. Operations that will be blocked will include:
57
+
* Create Deployment
58
+
* Cancel Deployment
59
+
* Retry Deployment
60
+
* Get Device
59
61
60
-
:::image type="content" source="media/device-update-resources/access-policy.png" alt-text="Screenshot of access policy." lightbox="media/device-update-resources/access-policy.png":::
62
+
The permission can be set from IoT Hub Access Control (IAM). Refer to [Configure Access for Azure Device update service principal in linked IoT hub](configure-access-control-device-update.md#configure-access-for-azure-device-update-service-principal-in-linked-iot-hub)
0 commit comments