You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/iot-hub/iot-hub-understand-ip-address.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,7 @@ ms.date: 11/21/2019
15
15
The IP address prefixes of IoT Hub public endpoints are published periodically under the _AzureIoTHub_[service tag](../virtual-network/service-tags-overview.md).
16
16
17
17
> [!NOTE]
18
-
> For devices that are deployed inside of on-premises networks, Azure IoT Hub supports VNET connectivity integration with private endpoints. See [IoT Hub support for VNET's](./virtual-network-support.md#ingress-connectivity-to-iot-hub-using-private-endpoints) for more information.
18
+
> For devices that are deployed inside of on-premises networks, Azure IoT Hub supports VNET connectivity integration with private endpoints. See [IoT Hub support for VNet](./virtual-network-support.md) for more information.
19
19
20
20
21
21
You may use these IP address prefixes to control connectivity between IoT Hub and your devices or network assets in order to implement a variety of network isolation goals:
Copy file name to clipboardExpand all lines: articles/iot-hub/virtual-network-support.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -90,11 +90,11 @@ To allow other services to find your IoT hub as a trusted Microsoft service, it
90
90
91
91
### Pricing for managed identity
92
92
93
-
Trusted Microsoft first party services exception feature is free of charge in IoT Hubs in the [supported regions](#regional-availability-trusted-microsoft-first-party-services). Charges for the provisioned storage accounts, event hubs, or service bus resources apply separately.
93
+
Trusted Microsoft first party services exception feature is free of charge. Charges for the provisioned storage accounts, event hubs, or service bus resources apply separately.
94
94
95
95
### Egress connectivity to storage account endpoints for routing
96
96
97
-
IoT Hub can route messages to a customer-owned storage account. To allow the routing functionality to access a storage account while firewall restrictions are in place, your IoT Hub needs to have a [managed identity](#turn-on-managed-service-identity-for-iot-hub). Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your storage account.
97
+
IoT Hub can route messages to a customer-owned storage account. To allow the routing functionality to access a storage account while firewall restrictions are in place, your IoT Hub needs to have a [managed identity](#turn-on-managed-identity-for-iot-hub). Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your storage account.
98
98
99
99
1. In the Azure portal, navigate to your storage account's **Access control (IAM)** tab and click **Add** under the **Add a role assignment** section.
100
100
@@ -112,7 +112,7 @@ Now your custom storage endpoint is set up to use your hub's system assigned ide
112
112
113
113
### Egress connectivity to event hubs endpoints for routing
114
114
115
-
IoT Hub can be configured to route messages to a customer-owned event hubs namespace. To allow the routing functionality to access an event hubs resource while firewall restrictions are in place, your IoT Hub needs to have a managed identity (see how to [create a hub with managed identity](#create-an-iot-hub-with-managed-service-identity)). Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your event hubs.
115
+
IoT Hub can be configured to route messages to a customer-owned event hubs namespace. To allow the routing functionality to access an event hubs resource while firewall restrictions are in place, your IoT Hub needs to have a managed identity. Once a managed identity is created, follow the steps below to give RBAC permission to your hub's resource identity to access your event hubs.
116
116
117
117
1. In the Azure portal, navigate to your event hubs **Access control (IAM)** tab and click **Add** under the **Add a role assignment** section.
118
118
@@ -130,7 +130,7 @@ Now your custom event hubs endpoint is set up to use your hub's system assigned
130
130
131
131
### Egress connectivity to service bus endpoints for routing
132
132
133
-
IoT Hub can be configured to route messages to a customer-owned service bus namespace. To allow the routing functionality to access a service bus resource while firewall restrictions are in place, your IoT Hub needs to have a managed identity (see how to [create a hub with managed identity](#create-an-iot-hub-with-managed-service-identity)). Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your service bus.
133
+
IoT Hub can be configured to route messages to a customer-owned service bus namespace. To allow the routing functionality to access a service bus resource while firewall restrictions are in place, your IoT Hub needs to have a managed identity. Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your service bus.
134
134
135
135
1. In the Azure portal, navigate to your service bus' **Access control (IAM)** tab and click **Add** under the **Add a role assignment** section.
136
136
@@ -148,7 +148,7 @@ Now your custom service bus endpoint is set up to use your hub's system assigned
148
148
149
149
### Egress connectivity to storage accounts for file upload
150
150
151
-
IoT Hub's file upload feature allows devices to upload files to a customer-owned storage account. To allow the file upload to function, both devices and IoT Hub need to have connectivity to the storage account. If firewall restrictions are in place on the storage account, your devices need to use any of the supported storage account's mechanism (including [private endpoints](../private-link/create-private-endpoint-storage-portal.md), [service endpoints](../virtual-network/virtual-network-service-endpoints-overview.md), or [direct firewall configuration](../storage/common/storage-network-security.md)) to gain connectivity. Similarly, if firewall restrictions are in place on the storage account, IoT Hub needs to be configured to access the storage resource via the trusted Microsoft services exception. For this purpose, your IoT Hub must have a managed identity (see how to [create a hub with managed identity](#create-an-iot-hub-with-managed-service-identity)). Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your storage account.
151
+
IoT Hub's file upload feature allows devices to upload files to a customer-owned storage account. To allow the file upload to function, both devices and IoT Hub need to have connectivity to the storage account. If firewall restrictions are in place on the storage account, your devices need to use any of the supported storage account's mechanism (including [private endpoints](../private-link/create-private-endpoint-storage-portal.md), [service endpoints](../virtual-network/virtual-network-service-endpoints-overview.md), or [direct firewall configuration](../storage/common/storage-network-security.md)) to gain connectivity. Similarly, if firewall restrictions are in place on the storage account, IoT Hub needs to be configured to access the storage resource via the trusted Microsoft services exception. For this purpose, your IoT Hub must have a managed identity. Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your storage account.
152
152
153
153
1. In the Azure portal, navigate to your storage account's **Access control (IAM)** tab and click **Add** under the **Add a role assignment** section.
154
154
@@ -166,7 +166,7 @@ Now your storage endpoint for file upload is set up to use your hub's system ass
166
166
167
167
IoT Hub supports the functionality to [import/export](./iot-hub-bulk-identity-mgmt.md) devices' information in bulk from/to a customer-provided storage blob. To allow bulk import/export feature to function, both devices and IoT Hub need to have connectivity to the storage account.
168
168
169
-
This functionality requires connectivity from IoT Hub to the storage account. To access a service bus resource while firewall restrictions are in place, your IoT Hub needs to have a managed identity (see how to [create a hub with managed identity](#create-an-iot-hub-with-managed-service-identity)). Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your service bus.
169
+
This functionality requires connectivity from IoT Hub to the storage account. To access a service bus resource while firewall restrictions are in place, your IoT Hub needs to have a managed identity. Once a managed identity is provisioned, follow the steps below to give RBAC permission to your hub's resource identity to access your service bus.
170
170
171
171
1. In the Azure portal, navigate to your storage account's **Access control (IAM)** tab and click **Add** under the **Add a role assignment** section.
0 commit comments