az iot ops asset endpoint create
Note
This reference is part of the azure-iot-ops extension for the Azure CLI (version 2.53.0 or higher). The extension will automatically install the first time you run an az iot ops asset endpoint create command. Learn more about extensions.
Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Create asset endpoint profiles.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az iot ops asset endpoint create opcua |
Create an asset endpoint profile with an OPCUA connector. |
Extension | Preview |
az iot ops asset endpoint create opcua
Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Create an asset endpoint profile with an OPCUA connector.
Azure IoT OPC UA Connector (preview) uses the same client certificate for all secure channels between itself and the OPC UA servers that it connects to.
For OPC UA connector arguments, a value of -1 means that parameter will not be used (ex: --session-reconnect-backoff -1 means that no exponential backoff should be used). A value of 0 means use the fastest practical rate (ex: --default-sampling-int 0 means use the fastest sampling interval possible for the server).
For more information on how to create an OPCUA connector, please see aka.ms/opcua-quickstart.
az iot ops asset endpoint create opcua --instance
--name
--resource-group
--ta
[--accept-untrusted-certs {false, true}]
[--app]
[--cert-ref]
[--default-publishing-int]
[--default-queue-size]
[--default-sampling-int]
[--ig]
[--instance-subscription]
[--ka]
[--location]
[--password-ref]
[--rad {false, true}]
[--security-mode {none, sign, signAndEncrypt}]
[--security-policy {Aes128_Sha256_RsaOaep, Aes256_Sha256_RsaPss, Basic128Rsa15, Basic256, Basic256Sha256, none}]
[--session-keep-alive]
[--session-reconnect-backoff]
[--session-reconnect-period]
[--session-timeout]
[--slt]
[--smi]
[--tags]
[--ur]Examples
Create an asset endpoint with anonymous user authentication using the given instance in the same resource group.
az iot ops asset endpoint create opcua --name myprofile -g myresourcegroup --instance myinstance --target-address opc.tcp://opcplc-000000:50000Create an asset endpoint with anonymous user authentication using the given instance in a different resource group but same subscription. Note that the Digital Operations Experience may not display the asset endpoint profile if it is in a different subscription from the instance.
az iot ops asset endpoint create opcua --name myprofile -g myresourcegroup --instance myinstance --instance-resource-group myinstanceresourcegroup --target-address opc.tcp://opcplc-000000:50000Create an asset endpoint with username-password user authentication using the given instance in the same resource group.
az iot ops asset endpoint create opcua --name myprofile -g myresourcegroup --instance myinstance --target-address opc.tcp://opcplc-000000:50000 --username-ref myusername --password-ref mypasswordCreate an asset endpoint with certificate user authentication using the given given instance in the same resource group.
az iot ops asset endpoint create opcua --name myprofile -g myresourcegroup --instance myinstance --target-address opc.tcp://opcplc-000000:50000 --certificate-ref mycertificate.pemCreate an asset endpoint with anonymous user authentication and recommended values for the OPCUA configuration using the given instance in the same resource group. Note that for successfully using the connector, you will need to have the OPC PLC service deployed and the target address must point to the service. If the OPC PLC service is in the same cluster and namespace as IoT Ops, the target address should be formatted as `opc.tcp://{opc-plc-service-name}:{service-port}` If the OPC PLC service is in the same cluster but different namespace as IoT Ops, include the service namespace like so `opc.tcp://{opc-plc-service-name}.{service-namespace}:{service-port}` For more information, please see aka.ms/opcua-quickstart
az iot ops asset endpoint create opcua --name myprofile -g myresourcegroup --instance myinstance --target-address opc.tcp://opcplc-000000:50000 --accept-untrusted-certs --application myopcuaconnector --default-publishing-int 1000 --default-queue-size 1 --default-sampling-int 1000 --keep-alive 10000 --run-asset-discovery --security-mode sign --security-policy Basic256 --session-keep-alive 10000 --session-reconnect-backoff 10000 --session-reconnect-period 2000 --session-timeout 60000 --subscription-life-time 60000 --subscription-max-items 1000Required Parameters
Instance name to associate the created asset with.
Asset Endpoint Profile name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Target Address. Must be a valid local address that follows the opc.tcp protocol.
Optional Parameters
Flag to enable auto accept untrusted server certificates.
Application name. Will be used as the subject for any certificates generated by the connector.
Reference for the certificate used in authentication. This method of user authentication is not supported yet.
Default publishing interval in milliseconds. Minimum: -1. Recommended: 1000.
Default queue size. Minimum: 0. Recommended: 1.
Default sampling interval in milliseconds. Minimum: -1. Recommended: 1000.
Instance resource group. If not provided, asset endpoint profile resource group will be used.
Argument 'instance_subscription' has been deprecated and will be removed in a future release.
Instance subscription id. If not provided, asset endpoint profile subscription id will be used.
Time in milliseconds after which a keep alive publish response is sent. Minimum: 0. Recommended: 10000.
Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.
Reference for the password used in authentication.
Flag to determine if asset discovery should be run.
Security mode.
Security policy.
Time in milliseconds after which a session keep alive challenge is sent to detect connection issues. Minimum: 0. Recommended: 10000.
Session reconnect exponential back off in milliseconds. Minimum: -1. Recommended: 10000.
Session reconnect period in milliseconds. Minimum: 0. Recommended: 2000.
Session timeout in milliseconds. Minimum: 0. Recommended: 60000.
Life time in milliseconds of the items created by the connector for the subscription. Minimum: 0. Recommended: 60000.
Maximum number of items that the connector can create for the subscription. Minimum: 1. Recommended: 1000.
Asset Endpoint Profile resource tags. Property bag in key-value pairs with the following format: a=b c=d.
Reference for the username used in authentication.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
