![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 98%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Azure IoT Edge
An Azure service that is used to deploy cloud workloads to run on internet of things (IoT) edge devices via standard containers.
598 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 74%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Hello @Satyam Chauhan ,
It is a best practice to follow the principle of least privilege in any solution. Therefore, different shared access policies exist, one for the iothubowner (think about "root" or admin), one for services to consume messages from the built-in service endpoints, one for devices to connect and communicate through the device facing endpoints and special policies for device management solutions like registryRead to list the device registry contents, registryReadWrite to read and create new entries in the device registry (create new devices) and a special deviceupdateservice policy what combines device, service and registryRead.
There is a great documentation on how to control and secure access to IoT Hub. I recommend reading Control access with Azure AD for service APIs as it simplifies management compared to security tokens.
----------
Please don't forget to click on "best answer" or "upvote" button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer.