Manage IoT Central from Azure CLI or PowerShell

Instead of creating and managing IoT Central applications in the Azure portal, you can use Azure CLI or Azure PowerShell to manage your applications.

If you prefer to use a language such as JavaScript, Python, C#, Ruby, or Go to create, update, list, and delete Azure IoT Central applications, see the Azure IoT Central ARM SDK samples repository.

Prerequisites

Warning

You'll need Contributor access to your Azure Subscription to create an IoT Central app. While there may be alternative access levels to create an app, having Contributor level access to the Subscription is the recommended path.

Create an application

Use the az iot central app create command to create an IoT Central application in your Azure subscription. For example:

# Create a resource group for the IoT Central application
az group create --location "East US" \
    --name "MyIoTCentralResourceGroup"
# Create an IoT Central application
az iot central app create \
  --resource-group "MyIoTCentralResourceGroup" \
  --name "myiotcentralapp" --subdomain "mysubdomain" \
  --sku ST1 --template "iotc-pnp-preview" \
  --display-name "My Custom Display Name"

These commands first create a resource group in the east US region for the application. The following table describes the parameters used with the az iot central app create command:

Parameter Description
resource-group The resource group that contains the application. This resource group must already exist in your subscription.
location By default, this command uses the location from the resource group. Currently, you can create an IoT Central application in the Australia East, Canada Central, Central US, East US, East US 2, Japan East, North Europe, South Central US, Southeast Asia, UK South, West Europe, and West US.
name The name of the application in the Azure portal. Avoid special characters - instead, use lower case letters (a-z), numbers (0-9), and dashes (-).
subdomain The subdomain in the URL of the application. In the example, the application URL is https://mysubdomain.azureiotcentral.com.
sku Currently, you can use either ST1 or ST2. See Azure IoT Central pricing.
template The application template to use. For more information, see the following table.
display-name The name of the application as displayed in the UI.

Application templates

Template ID Name Industry Description
iotc-pnp-preview Custom application N/A Creates an empty application for you to populate with your own device templates and devices.
iotc-condition In-store Analytics – Condition Monitoring Retail Creates an application to connect and monitor a store environment.
iotc-consumption Water Consumption Monitoring Government Creates an application to monitor and control water flow.
iotc-distribution Digital Distribution Center Retail Creates an application to improve warehouse output efficiency by digitizing key assets and actions.
iotc-inventory Smart Inventory Management Retail Creates an application to automate receiving, product movement, cycle counting, and tracking.
iotc-logistics Connected Logistics Retail Creates an application to track your shipments in real time across air, water, and land with location and condition monitoring.
iotc-meter Smart Meter Analytics Energy Creates an application to monitor energy consumption, network status, and identify trends to improve customer support and smart meter management.
iotc-mfc Micro-fulfillment Center Retail Creates an application to digitally connect and manage a fully automated fulfillment center.
iotc-patient Continuous Patient Monitoring Health Creates an application to extend patient care, reduce readmissions, and manage diseases.
iotc-power Solar Power Monitoring Energy Creates an application to monitor solar panel status and energy generation trends.
iotc-quality Water Quality Monitoring Government Creates an application to digitally monitor water quality.
iotc-store In-store Analytics – Checkout Retail Creates an application to monitor and manage the checkout flow inside your store.
iotc-waste Connected Waste Management Government Creates an application to monitor waste bins and dispatch field operators.

If you've created your own application template, you can use it to create a new application. When asked for an application template, enter the app ID shown in the exported app's URL shareable link under the Application template export section of your app.

View applications

Use the az iot central app list command to list your IoT Central applications and view metadata.

Modify an application

Use the az iot central app update command to update the metadata of an IoT Central application. For example, to change the display name of your application:

az iot central app update --name myiotcentralapp \
  --resource-group MyIoTCentralResourceGroup \
  --set displayName="My new display name"

Delete an application

Use the az iot central app delete command to delete an IoT Central application. For example:

az iot central app delete --name myiotcentralapp \
  --resource-group MyIoTCentralResourceGroup

Configure a managed identity

An IoT Central application can use a system assigned managed identity to secure the connection to a data export destination.

To enable the managed identity, use either the Azure portal - Configure a managed identity or the CLI. You can enable the managed identity when you create an IoT Central application:

# Create an IoT Central application with a managed identity
az iot central app create \
  --resource-group "MyIoTCentralResourceGroup" \
  --name "myiotcentralapp" --subdomain "mysubdomain" \
  --sku ST1 --template "iotc-pnp-preview" \
  --display-name "My Custom Display Name" \
  --mi-system-assigned

Alternatively, you can enable a managed identity on an existing IoT Central application:

# Enable a system-assigned managed identity
az iot central app identity assign --name "myiotcentralapp" \
  --resource-group "MyIoTCentralResourceGroup" \
  --system-assigned

After you enable the managed identity, you can use the CLI to configure the role assignments.

Use the az role assignment create command to create a role assignment. For example, the following commands first retrieve the principal ID of the managed identity. The second command assigns the Azure Event Hubs Data Sender role to the principal ID in the scope of the MyIoTCentralResourceGroup resource group:

scope=$(az group show -n "MyIoTCentralResourceGroup" --query "id" --output tsv)
spID=$(az iot central app identity show \
  --name "myiotcentralapp" \
  --resource-group "MyIoTCentralResourceGroup" \
  --query "principalId" --output tsv)
az role assignment create --assignee $spID --role "Azure Event Hubs Data Sender" \
  --scope $scope

To learn more about the role assignments, see:

Next steps

Now that you've learned how to manage Azure IoT Central applications from Azure CLI or PowerShell, here's the suggested next step: