Microsoft.Devices provisioningServices 2020-09-01-preview
Bicep resource definition
The provisioningServices resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Devices/provisioningServices resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Devices/provisioningServices@2020-09-01-preview' = {
etag: 'string'
identity: {
identityType: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
location: 'string'
name: 'string'
properties: {
allocationPolicy: 'string'
authorizationPolicies: [
{
keyName: 'string'
primaryKey: 'string'
rights: 'string'
secondaryKey: 'string'
}
]
encryption: {
identity: {
userAssignedIdentity: 'string'
}
keySource: 'string'
keyVaultProperties: [
{
keyIdentifier: 'string'
}
]
}
iotHubs: [
{
allocationWeight: int
applyAllocationPolicy: bool
connectionString: 'string'
location: 'string'
}
]
ipFilterRules: [
{
action: 'string'
filterName: 'string'
ipMask: 'string'
target: 'string'
}
]
privateEndpointConnections: [
{
properties: {
privateEndpoint: {}
privateLinkServiceConnectionState: {
actionsRequired: 'string'
description: 'string'
status: 'string'
}
}
}
]
provisioningState: 'string'
publicNetworkAccess: 'string'
state: 'string'
}
sku: {
capacity: int
name: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property values
ArmIdentity
Name | Description | Value |
---|---|---|
identityType | Identity type. Only allowed values are SystemAssigned and UserAssigned. Comma separated if both for ex: SystemAssigned,UserAssigned. | string |
userAssignedIdentities | The set of UserAssigned identities associated with the IoT DPS resource. | ArmIdentityUserAssignedIdentities |
ArmIdentityUserAssignedIdentities
Name | Description | Value |
---|
ArmUserIdentity
Name | Description | Value |
---|
EncryptionKeyIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity. | string |
EncryptionPropertiesDescription
Name | Description | Value |
---|---|---|
identity | The identity used to access the encryption key in KeyVault. | EncryptionKeyIdentity |
keySource | The source of the encryption key. Typically, Microsoft.KeyVault | string |
keyVaultProperties | The properties of the encryption key configured in KeyVault. | KeyVaultKeyProperties[] |
IotDpsPropertiesDescription
Name | Description | Value |
---|---|---|
allocationPolicy | Allocation policy to be used by this provisioning service. | 'GeoLatency' 'Hashed' 'Static' |
authorizationPolicies | List of authorization keys for a provisioning service. | SharedAccessSignatureAuthorizationRuleAccessRightsDescription[] |
encryption | The encryption properties for the IoT DPS instance. | EncryptionPropertiesDescription |
iotHubs | List of IoT hubs associated with this provisioning service. | IotHubDefinitionDescription[] |
ipFilterRules | The IP filter rules. | IpFilterRule[] |
privateEndpointConnections | Private endpoint connections created on this IotHub | PrivateEndpointConnection[] |
provisioningState | The ARM provisioning state of the provisioning service. | string |
publicNetworkAccess | Whether requests from Public Network are allowed | 'Disabled' 'Enabled' |
state | Current state of the provisioning service. | 'Activating' 'ActivationFailed' 'Active' 'Deleted' 'Deleting' 'DeletionFailed' 'FailingOver' 'FailoverFailed' 'Resuming' 'Suspended' 'Suspending' 'Transitioning' |
IotDpsSkuInfo
Name | Description | Value |
---|---|---|
capacity | The number of units to provision | int |
name | Sku name. | 'S1' |
IotHubDefinitionDescription
Name | Description | Value |
---|---|---|
allocationWeight | weight to apply for a given iot h. | int |
applyAllocationPolicy | flag for applying allocationPolicy or not for a given iot hub. | bool |
connectionString | Connection string of the IoT hub. | string (required) |
location | ARM region of the IoT hub. | string (required) |
IpFilterRule
Name | Description | Value |
---|---|---|
action | The desired action for requests captured by this rule. | 'Accept' 'Reject' (required) |
filterName | The name of the IP filter rule. | string (required) |
ipMask | A string that contains the IP address range in CIDR notation for the rule. | string (required) |
target | Target for requests captured by this rule. | 'all' 'deviceApi' 'serviceApi' |
KeyVaultKeyProperties
Name | Description | Value |
---|---|---|
keyIdentifier | The identifier of the key. | string |
Microsoft.Devices/provisioningServices
Name | Description | Value |
---|---|---|
etag | The Etag field is not required. If it is provided in the response body, it must also be provided as a header per the normal ETag convention. | string |
identity | The managed identities for the IotDps instance. | ArmIdentity |
location | The resource location. | string (required) |
name | The resource name | string (required) |
properties | Service specific properties for a provisioning service | IotDpsPropertiesDescription (required) |
sku | Sku info for a provisioning Service. | IotDpsSkuInfo (required) |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
PrivateEndpoint
Name | Description | Value |
---|
PrivateEndpointConnection
Name | Description | Value |
---|---|---|
properties | The properties of a private endpoint connection | PrivateEndpointConnectionProperties (required) |
PrivateEndpointConnectionProperties
Name | Description | Value |
---|---|---|
privateEndpoint | The private endpoint property of a private endpoint connection | PrivateEndpoint |
privateLinkServiceConnectionState | The current state of a private endpoint connection | PrivateLinkServiceConnectionState (required) |
PrivateLinkServiceConnectionState
Name | Description | Value |
---|---|---|
actionsRequired | Actions required for a private endpoint connection | string |
description | The description for the current state of a private endpoint connection | string (required) |
status | The status of a private endpoint connection | 'Approved' 'Disconnected' 'Pending' 'Rejected' (required) |
ResourceTags
Name | Description | Value |
---|
SharedAccessSignatureAuthorizationRuleAccessRightsDescription
Name | Description | Value |
---|---|---|
keyName | Name of the key. | string (required) |
primaryKey | Primary SAS key value. | string |
rights | Rights that this key has. | 'DeviceConnect' 'EnrollmentRead' 'EnrollmentWrite' 'RegistrationStatusRead' 'RegistrationStatusWrite' 'ServiceConfig' (required) |
secondaryKey | Secondary SAS key value. | string |
Quickstart samples
The following quickstart samples deploy this resource type.
Bicep File | Description |
---|---|
Create an IoT Hub Device Provisioning Service | This template enables you to create an IoT hub and an IoT Hub Device Provisioning Service, and link the two services together. |
ARM template resource definition
The provisioningServices resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Devices/provisioningServices resource, add the following JSON to your template.
{
"type": "Microsoft.Devices/provisioningServices",
"apiVersion": "2020-09-01-preview",
"name": "string",
"etag": "string",
"identity": {
"identityType": "string",
"userAssignedIdentities": {
"{customized property}": {
}
}
},
"location": "string",
"properties": {
"allocationPolicy": "string",
"authorizationPolicies": [
{
"keyName": "string",
"primaryKey": "string",
"rights": "string",
"secondaryKey": "string"
}
],
"encryption": {
"identity": {
"userAssignedIdentity": "string"
},
"keySource": "string",
"keyVaultProperties": [
{
"keyIdentifier": "string"
}
]
},
"iotHubs": [
{
"allocationWeight": "int",
"applyAllocationPolicy": "bool",
"connectionString": "string",
"location": "string"
}
],
"ipFilterRules": [
{
"action": "string",
"filterName": "string",
"ipMask": "string",
"target": "string"
}
],
"privateEndpointConnections": [
{
"properties": {
"privateEndpoint": {
},
"privateLinkServiceConnectionState": {
"actionsRequired": "string",
"description": "string",
"status": "string"
}
}
}
],
"provisioningState": "string",
"publicNetworkAccess": "string",
"state": "string"
},
"sku": {
"capacity": "int",
"name": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property values
ArmIdentity
Name | Description | Value |
---|---|---|
identityType | Identity type. Only allowed values are SystemAssigned and UserAssigned. Comma separated if both for ex: SystemAssigned,UserAssigned. | string |
userAssignedIdentities | The set of UserAssigned identities associated with the IoT DPS resource. | ArmIdentityUserAssignedIdentities |
ArmIdentityUserAssignedIdentities
Name | Description | Value |
---|
ArmUserIdentity
Name | Description | Value |
---|
EncryptionKeyIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity. | string |
EncryptionPropertiesDescription
Name | Description | Value |
---|---|---|
identity | The identity used to access the encryption key in KeyVault. | EncryptionKeyIdentity |
keySource | The source of the encryption key. Typically, Microsoft.KeyVault | string |
keyVaultProperties | The properties of the encryption key configured in KeyVault. | KeyVaultKeyProperties[] |
IotDpsPropertiesDescription
Name | Description | Value |
---|---|---|
allocationPolicy | Allocation policy to be used by this provisioning service. | 'GeoLatency' 'Hashed' 'Static' |
authorizationPolicies | List of authorization keys for a provisioning service. | SharedAccessSignatureAuthorizationRuleAccessRightsDescription[] |
encryption | The encryption properties for the IoT DPS instance. | EncryptionPropertiesDescription |
iotHubs | List of IoT hubs associated with this provisioning service. | IotHubDefinitionDescription[] |
ipFilterRules | The IP filter rules. | IpFilterRule[] |
privateEndpointConnections | Private endpoint connections created on this IotHub | PrivateEndpointConnection[] |
provisioningState | The ARM provisioning state of the provisioning service. | string |
publicNetworkAccess | Whether requests from Public Network are allowed | 'Disabled' 'Enabled' |
state | Current state of the provisioning service. | 'Activating' 'ActivationFailed' 'Active' 'Deleted' 'Deleting' 'DeletionFailed' 'FailingOver' 'FailoverFailed' 'Resuming' 'Suspended' 'Suspending' 'Transitioning' |
IotDpsSkuInfo
Name | Description | Value |
---|---|---|
capacity | The number of units to provision | int |
name | Sku name. | 'S1' |
IotHubDefinitionDescription
Name | Description | Value |
---|---|---|
allocationWeight | weight to apply for a given iot h. | int |
applyAllocationPolicy | flag for applying allocationPolicy or not for a given iot hub. | bool |
connectionString | Connection string of the IoT hub. | string (required) |
location | ARM region of the IoT hub. | string (required) |
IpFilterRule
Name | Description | Value |
---|---|---|
action | The desired action for requests captured by this rule. | 'Accept' 'Reject' (required) |
filterName | The name of the IP filter rule. | string (required) |
ipMask | A string that contains the IP address range in CIDR notation for the rule. | string (required) |
target | Target for requests captured by this rule. | 'all' 'deviceApi' 'serviceApi' |
KeyVaultKeyProperties
Name | Description | Value |
---|---|---|
keyIdentifier | The identifier of the key. | string |
Microsoft.Devices/provisioningServices
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2020-09-01-preview' |
etag | The Etag field is not required. If it is provided in the response body, it must also be provided as a header per the normal ETag convention. | string |
identity | The managed identities for the IotDps instance. | ArmIdentity |
location | The resource location. | string (required) |
name | The resource name | string (required) |
properties | Service specific properties for a provisioning service | IotDpsPropertiesDescription (required) |
sku | Sku info for a provisioning Service. | IotDpsSkuInfo (required) |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
type | The resource type | 'Microsoft.Devices/provisioningServices' |
PrivateEndpoint
Name | Description | Value |
---|
PrivateEndpointConnection
Name | Description | Value |
---|---|---|
properties | The properties of a private endpoint connection | PrivateEndpointConnectionProperties (required) |
PrivateEndpointConnectionProperties
Name | Description | Value |
---|---|---|
privateEndpoint | The private endpoint property of a private endpoint connection | PrivateEndpoint |
privateLinkServiceConnectionState | The current state of a private endpoint connection | PrivateLinkServiceConnectionState (required) |
PrivateLinkServiceConnectionState
Name | Description | Value |
---|---|---|
actionsRequired | Actions required for a private endpoint connection | string |
description | The description for the current state of a private endpoint connection | string (required) |
status | The status of a private endpoint connection | 'Approved' 'Disconnected' 'Pending' 'Rejected' (required) |
ResourceTags
Name | Description | Value |
---|
SharedAccessSignatureAuthorizationRuleAccessRightsDescription
Name | Description | Value |
---|---|---|
keyName | Name of the key. | string (required) |
primaryKey | Primary SAS key value. | string |
rights | Rights that this key has. | 'DeviceConnect' 'EnrollmentRead' 'EnrollmentWrite' 'RegistrationStatusRead' 'RegistrationStatusWrite' 'ServiceConfig' (required) |
secondaryKey | Secondary SAS key value. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Create an IOT Hub and Ubuntu edge simulator |
This template creates an IOT Hub and Virtual Machine Ubuntu edge simulator. |
Create an IoT Hub Device Provisioning Service |
This template enables you to create an IoT hub and an IoT Hub Device Provisioning Service, and link the two services together. |
Terraform (AzAPI provider) resource definition
The provisioningServices resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Devices/provisioningServices resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Devices/provisioningServices@2020-09-01-preview"
name = "string"
etag = "string"
identity = {
identityType = "string"
userAssignedIdentities = {
{customized property} = {
}
}
}
location = "string"
sku = {
capacity = int
name = "string"
}
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
allocationPolicy = "string"
authorizationPolicies = [
{
keyName = "string"
primaryKey = "string"
rights = "string"
secondaryKey = "string"
}
]
encryption = {
identity = {
userAssignedIdentity = "string"
}
keySource = "string"
keyVaultProperties = [
{
keyIdentifier = "string"
}
]
}
iotHubs = [
{
allocationWeight = int
applyAllocationPolicy = bool
connectionString = "string"
location = "string"
}
]
ipFilterRules = [
{
action = "string"
filterName = "string"
ipMask = "string"
target = "string"
}
]
privateEndpointConnections = [
{
properties = {
privateEndpoint = {
}
privateLinkServiceConnectionState = {
actionsRequired = "string"
description = "string"
status = "string"
}
}
}
]
provisioningState = "string"
publicNetworkAccess = "string"
state = "string"
}
})
}
Property values
ArmIdentity
Name | Description | Value |
---|---|---|
identityType | Identity type. Only allowed values are SystemAssigned and UserAssigned. Comma separated if both for ex: SystemAssigned,UserAssigned. | string |
userAssignedIdentities | The set of UserAssigned identities associated with the IoT DPS resource. | ArmIdentityUserAssignedIdentities |
ArmIdentityUserAssignedIdentities
Name | Description | Value |
---|
ArmUserIdentity
Name | Description | Value |
---|
EncryptionKeyIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity. | string |
EncryptionPropertiesDescription
Name | Description | Value |
---|---|---|
identity | The identity used to access the encryption key in KeyVault. | EncryptionKeyIdentity |
keySource | The source of the encryption key. Typically, Microsoft.KeyVault | string |
keyVaultProperties | The properties of the encryption key configured in KeyVault. | KeyVaultKeyProperties[] |
IotDpsPropertiesDescription
Name | Description | Value |
---|---|---|
allocationPolicy | Allocation policy to be used by this provisioning service. | 'GeoLatency' 'Hashed' 'Static' |
authorizationPolicies | List of authorization keys for a provisioning service. | SharedAccessSignatureAuthorizationRuleAccessRightsDescription[] |
encryption | The encryption properties for the IoT DPS instance. | EncryptionPropertiesDescription |
iotHubs | List of IoT hubs associated with this provisioning service. | IotHubDefinitionDescription[] |
ipFilterRules | The IP filter rules. | IpFilterRule[] |
privateEndpointConnections | Private endpoint connections created on this IotHub | PrivateEndpointConnection[] |
provisioningState | The ARM provisioning state of the provisioning service. | string |
publicNetworkAccess | Whether requests from Public Network are allowed | 'Disabled' 'Enabled' |
state | Current state of the provisioning service. | 'Activating' 'ActivationFailed' 'Active' 'Deleted' 'Deleting' 'DeletionFailed' 'FailingOver' 'FailoverFailed' 'Resuming' 'Suspended' 'Suspending' 'Transitioning' |
IotDpsSkuInfo
Name | Description | Value |
---|---|---|
capacity | The number of units to provision | int |
name | Sku name. | 'S1' |
IotHubDefinitionDescription
Name | Description | Value |
---|---|---|
allocationWeight | weight to apply for a given iot h. | int |
applyAllocationPolicy | flag for applying allocationPolicy or not for a given iot hub. | bool |
connectionString | Connection string of the IoT hub. | string (required) |
location | ARM region of the IoT hub. | string (required) |
IpFilterRule
Name | Description | Value |
---|---|---|
action | The desired action for requests captured by this rule. | 'Accept' 'Reject' (required) |
filterName | The name of the IP filter rule. | string (required) |
ipMask | A string that contains the IP address range in CIDR notation for the rule. | string (required) |
target | Target for requests captured by this rule. | 'all' 'deviceApi' 'serviceApi' |
KeyVaultKeyProperties
Name | Description | Value |
---|---|---|
keyIdentifier | The identifier of the key. | string |
Microsoft.Devices/provisioningServices
Name | Description | Value |
---|---|---|
etag | The Etag field is not required. If it is provided in the response body, it must also be provided as a header per the normal ETag convention. | string |
identity | The managed identities for the IotDps instance. | ArmIdentity |
location | The resource location. | string (required) |
name | The resource name | string (required) |
properties | Service specific properties for a provisioning service | IotDpsPropertiesDescription (required) |
sku | Sku info for a provisioning Service. | IotDpsSkuInfo (required) |
tags | Resource tags | Dictionary of tag names and values. |
type | The resource type | "Microsoft.Devices/provisioningServices@2020-09-01-preview" |
PrivateEndpoint
Name | Description | Value |
---|
PrivateEndpointConnection
Name | Description | Value |
---|---|---|
properties | The properties of a private endpoint connection | PrivateEndpointConnectionProperties (required) |
PrivateEndpointConnectionProperties
Name | Description | Value |
---|---|---|
privateEndpoint | The private endpoint property of a private endpoint connection | PrivateEndpoint |
privateLinkServiceConnectionState | The current state of a private endpoint connection | PrivateLinkServiceConnectionState (required) |
PrivateLinkServiceConnectionState
Name | Description | Value |
---|---|---|
actionsRequired | Actions required for a private endpoint connection | string |
description | The description for the current state of a private endpoint connection | string (required) |
status | The status of a private endpoint connection | 'Approved' 'Disconnected' 'Pending' 'Rejected' (required) |
ResourceTags
Name | Description | Value |
---|
SharedAccessSignatureAuthorizationRuleAccessRightsDescription
Name | Description | Value |
---|---|---|
keyName | Name of the key. | string (required) |
primaryKey | Primary SAS key value. | string |
rights | Rights that this key has. | 'DeviceConnect' 'EnrollmentRead' 'EnrollmentWrite' 'RegistrationStatusRead' 'RegistrationStatusWrite' 'ServiceConfig' (required) |
secondaryKey | Secondary SAS key value. | string |