Edit

Quickstart: Set up the IoT Hub Device Provisioning Service (DPS) with Bicep

  • Article

You can use a Bicep file to programmatically set up the Azure cloud resources necessary for provisioning your devices. These steps show how to create an IoT hub and a new IoT Hub Device Provisioning Service instance with a Bicep file. The IoT Hub is also linked to the DPS resource using the Bicep file. This linking allows the DPS resource to assign devices to the hub based on allocation policies you configure.

Bicep is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. Bicep offers the best authoring experience for your infrastructure-as-code solutions in Azure.

This quickstart uses Azure PowerShell, and the Azure CLI to perform the programmatic steps necessary to create a resource group and deploy the Bicep file, but you can easily use .NET, Ruby, or other programming languages to perform these steps and deploy your Bicep file.

Prerequisites

If you don't have an Azure subscription, create an Azure free account before you begin.

Review the Bicep file

The Bicep file used in this quickstart is from Azure Quickstart Templates.

Note

Currently there is no Bicep file support for creating enrollments with new DPS resources. This is a common and understood request that is being considered for implementation.

@description('Specify the name of the Iot hub.')
param iotHubName string

@description('Specify the name of the provisioning service.')
param provisioningServiceName string

@description('Specify the location of the resources.')
param location string = resourceGroup().location

@description('The SKU to use for the IoT Hub.')
param skuName string = 'S1'

@description('The number of IoT Hub units.')
param skuUnits int = 1

var iotHubKey = 'iothubowner'

resource iotHub 'Microsoft.Devices/IotHubs@2021-07-02' = {
  name: iotHubName
  location: location
  sku: {
    name: skuName
    capacity: skuUnits
  }
  properties: {}
}

resource provisioningService 'Microsoft.Devices/provisioningServices@2022-02-05' = {
  name: provisioningServiceName
  location: location
  sku: {
    name: skuName
    capacity: skuUnits
  }
  properties: {
    iotHubs: [
      {
        connectionString: 'HostName=${iotHub.properties.hostName};SharedAccessKeyName=${iotHubKey};SharedAccessKey=${iotHub.listkeys().value[0].primaryKey}'
        location: location
      }
    ]
  }
}

Two Azure resources are defined in the Bicep file above:

Save a copy of the Bicep file locally as main.bicep.

Deploy the Bicep file

Sign in to your Azure account and select your subscription.

  1. Sign in to Azure at the command prompt:

    az login

    Follow the instructions to authenticate using the code and sign in to your Azure account through a web browser.

  2. If you have multiple Azure subscriptions, signing in to Azure grants you access to all the Azure accounts associated with your credentials.

    az account list -o table

    Use the following command to select the subscription that you want to use to run the commands to create your IoT hub and DPS resources. You can use either the subscription name or ID from the output of the previous command:

    az account set --subscription {your subscription name or id}

  3. Deploy the Bicep file with the following commands.

    Tip

    The commands will prompt for a resource group location. You can view a list of available locations by first running the command:

    az account list-locations -o table

    az group create --name exampleRG --location eastus
az deployment group create --resource-group exampleRG --template-file main.bicep --parameters iotHubName={IoT-Hub-name} provisioningServiceName={DPS-name}

    Replace {IoT-Hub-name} with a globally unique IoT Hub name, replace {DPS-name} with a globally unique Device Provisioning Service (DPS) resource name.

    It takes a few moments to create the resources.

Review deployed resources

  1. To verify the deployment, run the following command and look for the new provisioning service and IoT hub in the output:

     az resource list -g exampleRg

  2. To verify that the hub is already linked to the DPS resource, run the following command.

    az iot dps show --name <Your provisioningServiceName>

Clean up resources

Other quickstarts in this collection build upon this quickstart. If you plan to continue on to work with subsequent quickstarts or with the tutorials, don't clean up the resources created in this quickstart. If you don't plan to continue, you can use Azure PowerShell or Azure CLI to delete the resource group and all of its resources.

To delete a resource group and all its resources from the Azure portal, just open the resource group and select Delete resource group and the top.

To delete the resource group deployed:

az group delete --name exampleRG

You can also delete resource groups and individual resources using the Azure portal, PowerShell, or REST APIs, or with supported platform SDKs.

Next steps

In this quickstart, you deployed an IoT hub and a Device Provisioning Service instance, and linked the two resources. To learn how to use this setup to provision a device, continue to the quickstart for creating a device.

Quickstart: Provision a simulated symmetric key device