Create an IoT hub
This section describes how to create an IoT hub using the Azure portal.
- Sign in to the Azure portal.
- From the Azure homepage, select the + Create a resource button, and then enter IoT Hub in the Search the Marketplace field.
- Select IoT Hub from the search results, and then select Create.
- On the Basics tab, complete the fields as follows:
- Subscription: Select the subscription to use for your hub.
- Resource Group: Select a resource group or create a new one. To create a new one, select Create new and fill in the name you want to use. To use an existing resource group, select that resource group. For more information, see Manage Azure Resource Manager resource groups.
- Region: Select the region in which you want your hub to be located. Select the location closest to you.
- IoT Hub Name: Enter a name for your hub. This name must be globally unique. If the name you enter is available, a green check mark appears.
This screen allows you to set the following values:
- Pricing and scale tier: Your selected tier. You can choose from several tiers, depending on how many features you want and how many messages you send through your solution per day. The free tier is intended for testing and evaluation. It allows 500 devices to be connected to the hub and up to 8,000 messages per day. Each Azure subscription can create one IoT hub in the free tier.
- IoT Hub units: The number of messages allowed per unit per day depends on your hub’s pricing tier. For example, if you want the hub to support ingress of 700,000 messages, you choose two S1 tier units. For details about the other tier options, see Choosing the right IoT Hub tier.
- Azure Security Center: Turn this on to add an extra layer of threat protection to IoT and your devices. This option is not available for hubs in the free tier. For more information about this feature, see Azure Security Center for IoT.
- Advanced Settings > Device-to-cloud partitions: This property relates the device-to-cloud messages to the number of simultaneous readers of the messages. Most hubs need only four partitions.
For this article, accept the default choices, and then select Next: Tags to move to the next screen.
Select Next: Review + create to review your choices. You see something similar to this screen.
Change the settings of the IoT hub
You can change the settings of an existing IoT hub after it’s created from the IoT Hub pane.
Here are some of the properties you can set for an IoT hub:
Pricing and scale: You can use this property to migrate to a different tier or set the number of IoT Hub units.
Operations monitoring: Turn the different monitoring categories on or off, such as logging for events related to device-to-cloud messages or cloud-to-device messages.
IP Filter: Specify a range of IP addresses that will be accepted or rejected by the IoT hub.
Properties: Provides the list of properties that you can copy and use elsewhere, such as the resource ID, resource group, location, and so on.
Shared access policies
You can also view or modify the list of shared access policies by clicking Shared access policies in the Settings section. These policies define the permissions for devices and services to connect to IoT Hub.
Click Add to open the Add a shared access policy blade. You can enter the new policy name and the permissions that you want to associate with this policy, as shown in the following figure:
- The Registry read and Registry write policies grant read and write access rights to the identity registry. These permissions are used by back-end cloud services to manage device identities. Choosing the write option automatically chooses the read option.
- The Service connect policy grants permission to access service endpoints. This permission is used by back-end cloud services to send and receive messages from devices as well as to update and read device twin and module twin data.
- The Device connect policy grants permissions for sending and receiving messages using the IoT Hub device-side endpoints. This permission is used by devices to send and receive messages from an IoT hub, update and read device twin and module twin data, and perform file uploads.
Click Create to add this newly created policy to the existing list.
Register a new device in the IoT hub
In this section, you create a device identity in the identity registry in your IoT hub. A device cannot connect to a hub unless it has an entry in the identity registry.
In your IoT hub navigation menu, open IoT Devices, then select New to add a device in your IoT hub.
In Create a device, provide a name for your new device, such as myDeviceId, and select Save. This action creates a device identity for your IoT hub.
After the device is created, open the device from the list in the IoT devices pane. Copy the Primary Connection String to use later.
The IoT Hub identity registry only stores device identities to enable secure access to the IoT hub. It stores device IDs and keys to use as security credentials, and an enabled/disabled flag that you can use to disable access for an individual device. If your application needs to store other device-specific metadata, it should use an application-specific store
Message Routing for an IoT hub
Click Message Routing under Messaging to see the Message Routing pane, where you define routes and custom endpoints for the hub.
Routes is the first tab on the Message Routing pane. To add a new route, click +Add. You see the following screen.
Name your hub. The name must be unique within the list of routes for that hub.
For Endpoint, you can select one from the dropdown list, or add a new one. In this example, a storage account and container are already available. To add them as an endpoint, click +Add next to the Endpoint dropdown and select Blob Storage. The following screen shows where the storage account and container are specified.
Click Pick a container to select the storage account and container. When you have selected those fields, it returns to the Endpoint pane. Use the defaults for the rest of the fields and Create to create the endpoint for the storage account and add it to the routing rules.
For Data source, select Device Telemetry Messages.
Next, add a routing query. In this example, the messages that have an application property called
level with a value equal to
critical are routed to the storage account.
Click Save to save the routing rule. You return to the Message Routing pane, and your new routing rule is displayed.
Find a specific IoT hub
Here are two ways to find a specific IoT hub in your subscription:
- If you know the resource group to which the IoT hub belongs, click Resource groups, then select the resource group from the list. The resource group screen shows all of the resources in that group, including the IoT hubs. Click on the hub for which you’re looking.
- Click All resources. On the All resources pane, there is a dropdown list that defaults to
All types. Click on the dropdown list, uncheck
Select all. Find
IoT Huband check it. Click on the dropdown list box to close it, and the entries will be filtered, showing only your IoT hubs.
Delete the IoT hub
To delete an Iot hub, find the IoT hub you want to delete, then click the Delete button below the IoT hub name.