Is it possible to provision leaf device through iot edge device? - iot

I have implemented Azure IoT edge transparent gateway use case and was able to register/provision my leaf device through DPS(x509).
But I want to register my leaf device on IoT Hub through IoT edge as my leaf devices doesn't have any Internet connection thus they can't access IoT Hub interface.
Or I'm open for other solutions too for my use case.

Right now IoT Edge does not support proxying DPS requests. you would need to provision your device "manually"

Related

Access device connection string in IoT Edge module via Device Provisioning Services

We're moving our Azure IoT Edge devices from manual provisioning to DPS with symmetric key. One of the modules deployed to our devices needs to manage the Device Twin - we have been using this for state properties that persist across updates to modules. To connect to the device twin, I've been creating a DeviceClient from connection string which is loaded as an environment variable on a per device basis. This is using the C SDK.
Now I want to request the device credentials during provisioning so that the symmetric key is the only secret pre installed on the device.
A number of posts suggest that this isn't possible with best practices, most succinctly:
Access IoT Edge Device Twin from Edge Module when using X.509 Authentication
Is this still the case? If so, what is the intended use for the device twin on IoT Edge, if user modules aren't supposed to access it in a production setting?
A number of posts suggest that this isn't possible with best practices, most succinctly: Access IoT Edge Device Twin from Edge Module when using X.509 Authentication. Is this still the case?
This is still the case. Modules accessing device twin information is not supported or recommended. There are other ways to achieve what is desired - like one you described in your comment.
what is the intended use for the device twin on IoT Edge, if user modules aren't supposed to access it in a production setting?
The use case for device twins in IoT Edge is ADM deployments.
You create a deployment manifest and then define which devices it applies to based on tags in the device twin.
Ref: Understand IoT Edge automatic deployments for single devices or at scale

connect securely to IoT Edge devices

I want to secure the connection between the devices and the IoT Edge Device to the secure for example my app running on the iPad access the IoT Edge Device at http://: but I want to access it over https. I am new to IoT, How can I achieve it?
You could run a proxy module like outlined here: https://github.com/Azure/iotedge/tree/master/edge-modules/edgehub-proxy

How to handle multiple device clients provisioned through DPS(Group Symmetric key) to IoT Central from a gateway device

We have a gateway device(not running IoT edge runtime). We want to connect multiple BLE or Zigbee sensors to the gateway and provision/register them through our gateway device to IoT Central as different devices using group symmetric key approach.
We have seen multiple sample codes for the provisioning and registering the devices using group symmetric key to generate device-specific SAS key. But these don't have an approach for handling multiple device clients after registering and connecting to IoT Central
python sdk provisioning with group symmetric key
iot_central_python_sample
After connecting the device we need to use device client of the SDK to send telemetry and receive commands to/from IoT Central.
Consider if we want to use the same code for multiple sensors, we need to have multiple device clients(threads) running.
Please suggest a better approach to handle multiple devices for sending telemetry and receiving commands to/from IoT Central
This might help with your use case: https://github.com/Larouex/IoTCNanoBLE33

How can I connect a real device only accepting MQTT / TCP connection to azure IoT hub?

Context:
I have a real device that only uses MQTT and only accepts a TCP connection (The only things I can modify in the real device are the cloud address, cloud ID (username), cloud password, machine cloud ID and cloud port).
Question:
How can I connect this device to the azure IoT hub?
Can I use azure IoT edge runtime w/ transparent gateway?
In case if you want to try connectivity with IoT hub and if there is no feasibility for usage of device SDK in your device, you can try the option of using MQTT protocol directly (as a device), using which the device can still connect to the public device endpoints using the MQTT protocol on port 8883.
However, for using the MQTT protocol directly, the device must connect over TLS/SSL. Since your device has constraints in using TLS/SSL or installing certificate, the best option is usage of gateway.
In a typical IoT system, gateways are used to overcome the limitations of device capabilities. You may need to decide the suitable deployment type based on these three patterns of using IoT Edge device as a gateway as per your device capabilities and requirement in hand.
There is a scenario where you don't have to use the device SDK and connect your MQTT device directly to the IoT Hub. It is documented here. Azure IoT Hub is not a full-featured MQTT broker though, so results may vary. As per your suggestion, yes you can use a transparent gateway for this if you don't want your device to connect directly to the IoT Hub. But it's not a prerequisite.
In the case that your device needs more MQTT features than IoT Hub (or Edge for that matter) can offer, you can also consider creating an Edge module with an MQTT broker inside.

What IoT protocol would I use to for devices on the international space station?

I am creating a few function app samples and one use case is updating software for a device on the international space station. Anyone know what protocol is used?
Azure IoT Hub supports three protocols: AMQP, MQTT, and HTTPs.
Choose AMQP or MQTT except for the device only support HTTPs.
Choose AMQP if that require connecting multiple devices over the same TLS connection.
Choose MQTT if the device has limited resources (for example, less than 1-MB RAM) because it has a smaller footprint than the AMQP libraries.
It depends on your concern.
Reference - choose a communication protocol
I'm assuming your devices are connected through IoT Hub.
You can follow the device management patterns: https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-device-management-overview
Specifically: Firmware Update. Which should be similar to updating software.
Device Twin should be used for IoT devices regarding management since devices can't guarantee "always online" connection. In the case of device twin, a state cache is stored in IoT Hub, when the device reconnects it can retrieve the updated state from cloud and update the device accordingly.

Resources