Configure access control roles for Device Update resources
In order for users to have access to Device Update, they must be granted access to the Device Update account, Instance and set the required access to the linked IoT hub.
Configure access control for Device Update account
In your Device Update account, select Access control (IAM) from the navigation menu.
Select Add role assignments.
On the Role tab, select a Device Update role from the available options:
- Device Update Administrator
- Device Update Reader
- Device Update Content Administrator
- Device Update Content Reader
- Device Update Deployments Administrator
- Device Update Deployments Reader
For more information, Learn about Role-based access control in Device Update for IoT Hub.
On the Members tab, select the users or groups that you want to assign the role to.
Select Review + assign
Review the new role assignments and select Review + assign again
You're now ready to use Device Update from within your IoT Hub
Configure access for Azure Device Update service principal in linked IoT hub
Device Update for IoT Hub communicates with IoT Hub to manage deployments and updates and to get information about devices. To enable the access, you need to give the Azure Device Update service principal access with the IoT Hub Data Contributor role.
In the Azure portal, navigate to the IoT hub connected to your Device Update instance.
Select Access Control(IAM) from the navigation menu. Select Add > Add role assignment.
In the Role tab, select IoT Hub Data Contributor. Select Next.
For Assign access to, select User, group, or service principal. Select Select Members and search for 'Azure Device Update'
Select Next > Review + Assign
To validate that you've set permissions correctly:
- In the Azure portal, navigate to the IoT hub connected to your Device Update instance.
- Select Access Control(IAM) from the navigation menu.
- Select Check access.
- Select User, group, or service principal and search for 'Azure Device Update'
- After clicking on Azure Device Update, verify that the IoT Hub Data Contributor role is listed under Role assignments
Try updating a device using one of the following quick tutorials: