Mender supports preparing devices to use Azure IoT Hub. After installing Mender on the device it is automatically created in Azure IoT Hub, and applications running on the device get access to the Azure IoT connection string. With Mender in place, you can simply start writing your Azure IoT application by reading the connection string from a well-defined place on the device. Secondly, the Device Twin from the Azure IoT Hub becomes available to manage from Mender.
This integration is available in all Mender plans, as well as Mender Open Source.
You need Mender Configure to distribute the Azure IoT device connection strings to the devices.
It is currently possible to have one Azure IoT Hub integration configured per Mender Organization (aka. tenant).
After you enable the integration you can create devices in the Azure IoT Hub automatically through simply accepting them in the Mender UI. Existing devices (in both systems) are left unchanged.
You need a device integrated with Mender, see the Get started guide.
To connect your devices to Azure IoT Hub, you need to enter a connection string. Open the Mender UI and navigate to
Choose the Azure IoT Hub integration and enter your IoT Hub connection string:
You can find your connection string under the
Shared access policies menu in your IoT Hub after selecting desired access policy:
iothubowner policy has the required permissions, but you can also use a more limited account if desired. Mender needs the
Shared access policy with
Registry Write and
Service Connect permissions.
Go to the
Devices tab in Mender and accept a device. After it gets authorized in Mender, it will also show up in your Azure IoT Hub:
Both Mender and Azure IoT Hub use the same Device ID. This makes it easy to cross-reference your devices between Mender and Azure IoT Hub.
From now on, your device can send data to Azure IoT Hub!
In sum, the lifecycle of an Azure IoT Hub integrated device is:
/var/lib/mender-configure/device-config.json) on the device. We recommend to create a Mender configuration script to reconfigure the Azure IoT application and restart it with its new connection string.
dismissedin Mender, it is automatically set to
Disabledstate in Azure IoT Hub.
decommissioned, it is automatically
Deletedfrom Azure IoT Hub.
As an additional integration point, the Mender server obtains the Device Twin of the devices from the Azure IoT Hub. This means you can see and manage the Device Twin directly from Mender, together with everything else about the device.
The Device Twin is available through the Mender APIs and UI.
Mender strips away the
$version keys from the Azure Device Twin
because they are not indended to be changed by users. Thus these keys are not visible
in the Mender UI nor API responses. They still exist in Azure IoT Hub, however.
Role Based Access Control is only available in the Mender Enterprise plan. See the Mender features page for an overview of all Mender plans and features.
Admin permission is required to set up the integraiton, i.e. set the connection string of the Azure IoT Hub in Mender's Settings.
Role Based Access Control is also enforced for the Device Twin:
© 2023 Northern.tech AS