az iot ops asset endpoint

  • Preview
  • Reference

Note

This reference is part of the azure-iot-ops extension for the Azure CLI (version 2.46.0 or higher). The extension will automatically install the first time you run an az iot ops asset endpoint command. Learn more about extensions.

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Manage asset endpoint profiles.

Commands

Name Description Type Status
az iot ops asset endpoint certificate

Manage owned certificates in an asset endpoint.

 Extension Preview
az iot ops asset endpoint certificate add

Add an owned certificate to an asset endpoint.

 Extension Preview
az iot ops asset endpoint certificate list

List owned certificates in an asset endpoint.

 Extension Preview
az iot ops asset endpoint certificate remove

Remove an owned certificate in an asset endpoint.

 Extension Preview
az iot ops asset endpoint create

Create an asset endpoint.

 Extension Preview
az iot ops asset endpoint delete

Delete an asset endpoint.

 Extension Preview
az iot ops asset endpoint query

Query the Resource Graph for asset endpoints.

 Extension Preview
az iot ops asset endpoint show

Show an asset endpoint.

 Extension Preview
az iot ops asset endpoint update

Update an asset endpoint.

 Extension Preview

az iot ops asset endpoint create

Preview

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Create an asset endpoint.

Either custom location or cluster name must be provided. This command will check for the existance of the associated custom location and cluster and ensure that both are set up correctly with the microsoft.deviceregistry.assets extension.

Azure IoT OPC UA Broker (preview) uses the same client certificate for all secure channels between itself and the OPC UA servers that it connects to.

az iot ops asset endpoint create --name
                                 --resource-group
                                 --ta
                                 [--ac]
                                 [--cert]
                                 [--cert-ref]
                                 [--cl]
                                 [--clrg]
                                 [--cls]
                                 [--cluster]
                                 [--cluster-resource-group]
                                 [--cluster-subscription]
                                 [--location]
                                 [--password-ref]
                                 [--tags]
                                 [--ur]

Examples

Create an asset endpoint with anonymous user authentication using the given custom location.

az iot ops asset endpoint create --name {asset_endpoint} -g {resource_group} --custom-location {custom_location} --target-address {target_address}

Create an asset endpoint with anonymous user authentication using the given custom location and resource group for the custom location. The resource group must be included if there are multiple custom locations with the same name within a subscription.

az iot ops asset endpoint create --name {asset_endpoint} -g {resource_group} --custom-location {custom_location} --custom-location-resource-group {custom_location_resource_group} --target-address {target_address}

Create an asset endpoint with username-password user authentication and preconfigurated owned certificates with prefilled values.The username and password references are set via the Azure Keyvault Container Storage Interface driver.

az iot ops asset endpoint create --name myAssetEndpoint -g myRG --cluster myCluster --target-address "opc.tcp://opcplc-000000:50000" --username-ref "aio-opc-ua-broker-user-authentication/opc-plc-username" --password-ref "aio-opc-ua-broker-user-authentication/opc-plc-password" --cert secret=aio-opc-ua-broker-client-certificate thumbprint=000000000000000000 password=aio-opc-ua-broker-client-certificate-password

Create an asset endpoint with username-password user authentication and additional configuration with prefilled values (powershell syntax example).

az iot ops asset endpoint create --name myAssetEndpoint -g myRG --cluster myCluster --target-address "opc.tcp://opcplc-000000:50000" --username-ref "aio-opc-ua-broker-user-authentication/opc-plc-username" --password-ref "aio-opc-ua-broker-user-authentication/opc-plc-password" --additional-config '{\"applicationName\": \"opcua-connector\", \"defaults\": { \"publishingIntervalMilliseconds\": 100,  \"samplingIntervalMilliseconds\": 500,  \"queueSize\": 15,}, \"session\": {\"timeout\": 60000}, \"subscription\": {\"maxItems\": 1000}, \"security\": { \"autoAcceptUntrustedServerCertificates\": true}}'

Create an asset endpoint with username-password user authentication and additional configuration with prefilled values (cmd syntax example).

az iot ops asset endpoint create --name myAssetEndpoint -g myRG --cluster myCluster --target-address "opc.tcp://opcplc-000000:50000" --username-ref "aio-opc-ua-broker-user-authentication/opc-plc-username" --password-ref "aio-opc-ua-broker-user-authentication/opc-plc-password" --additional-config "{\"applicationName\": \"opcua-connector\", \"defaults\": { \"publishingIntervalMilliseconds\": 100,  \"samplingIntervalMilliseconds\": 500,  \"queueSize\": 15,}, \"session\": {\"timeout\": 60000}, \"subscription\": {\"maxItems\": 1000}, \"security\": { \"autoAcceptUntrustedServerCertificates\": true}}"

Create an asset endpoint with username-password user authentication and additional configuration with prefilled values (bash syntax example).

az iot ops asset endpoint create --name myAssetEndpoint -g myRG --cluster myCluster --target-address "opc.tcp://opcplc-000000:50000" --username-ref "aio-opc-ua-broker-user-authentication/opc-plc-username" --password-ref "aio-opc-ua-broker-user-authentication/opc-plc-password" --additional-config '{"applicationName": "opcua-connector", "defaults": { "publishingIntervalMilliseconds": 100,  "samplingIntervalMilliseconds": 500,  "queueSize": 15,}, "session": {"timeout": 60000}, "subscription": {"maxItems": 1000}, "security": { "autoAcceptUntrustedServerCertificates": true}}'

Required Parameters

--name -n

Asset Endpoint name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--ta --target-address

Target Address. Must be a valid local address.

Optional Parameters

--ac --additional-config

Additional Configuration for the connectivity type (ex: OPC UA, Modbus, ONVIF).

--cert

Space-separated key=value pairs corresponding to certificates associated with the endpoint. The following key values are supported: secret (required), thumbprint (required), password.--cert can be used 1 or more times. Review help examples for full parameter usage.

--cert-ref --certificate-ref --cr

Reference for the certificate used in authentication. This method of user authentication is not supported yet.

--cl --custom-location

Custom location used to associate asset endpoint with cluster.

--clrg --custom-location-resource-group

Resource group for custom location.

--cls --custom-location-subscription

Subscription Id for custom location.

--cluster -c

Cluster to associate the asset with.

--cluster-resource-group --crg

Resource group for cluster.

--cluster-subscription --cs

Subscription Id for cluster.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--password-ref --pr

Reference for the password used in authentication.

--tags

Asset Endpoint resource tags. Property bag in key-value pairs with the following format: a=b c=d.

--ur --username-reference

Reference for the username used in authentication.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc
default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot ops asset endpoint delete

Preview

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Delete an asset endpoint.

az iot ops asset endpoint delete --name
                                 --resource-group

Examples

Delete an asset endpoint.

az iot ops asset endpoint delete --name {asset_endpoint} -g {resource_group}

Required Parameters

--name -n

Asset Endpoint name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc
default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot ops asset endpoint query

Preview

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Query the Resource Graph for asset endpoints.

az iot ops asset endpoint query [--ac]
                                [--am]
                                [--cl]
                                [--location]
                                [--resource-group]
                                [--ta]

Examples

Query for asset endpoints that hae anonymous authentication.

az iot ops asset endpoint query --authentication-mode Anonymous

Query for asset endpoints that have the given target address and custom location.

az iot ops asset endpoint query --target-address {target_address} --custom-location {custom_location}

Optional Parameters

--ac --additional-config

Additional Configuration for the connectivity type (ex: OPC UA, Modbus, ONVIF).

--am --authentication-mode

Authentication Mode.

--cl --custom-location

Custom location used to associate asset endpoint with cluster.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--ta --target-address

Target Address. Must be a valid local address.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc
default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot ops asset endpoint show

Preview

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Show an asset endpoint.

az iot ops asset endpoint show --name
                               --resource-group

Examples

Show the details of an asset endpoint.

az iot ops asset endpoint show --name {asset_endpoint} -g {resource_group}

Required Parameters

--name -n

Asset Endpoint name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc
default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot ops asset endpoint update

Preview

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Update an asset endpoint.

To update owned certificates, please use the command group az iot ops asset endpoint certificate.

az iot ops asset endpoint update --name
                                 --resource-group
                                 [--ac]
                                 [--am]
                                 [--cert-ref]
                                 [--password-ref]
                                 [--ta]
                                 [--tags]
                                 [--ur]

Examples

Update an asset endpoint's authentication mode to use anonymous user authentication.

az iot ops asset endpoint update --name {asset_endpoint} -g {resource_group} --authentication-mode Anonymous

Update an asset endpoint's username and password reference with prefilled values. This will transform the authentication mode to username-password if it is not so already.

az iot ops asset endpoint update --name myAssetEndpoint -g myRG --username-ref "aio-opc-ua-broker-user-authentication/opc-plc-username" --password-ref "aio-opc-ua-broker-user-authentication/opc-plc-password"

Update an asset endpoint's target address and additional configuration with prefilled values (powershell syntax example).

az iot ops asset endpoint update --name myAssetEndpoint -g myRG --target-address "opc.tcp://opcplc-000000:50000" --additional-config '{\"applicationName\": \"opcua-connector\", \"defaults\": { \"publishingIntervalMilliseconds\": 100,  \"samplingIntervalMilliseconds\": 500,  \"queueSize\": 15,}, \"session\": {\"timeout\": 60000}, \"subscription\": {\"maxItems\": 1000}, \"security\": { \"autoAcceptUntrustedServerCertificates\": true}}'

Update an asset endpoint's target address and additional configuration with prefilled values (cmd syntax example).

az iot ops asset endpoint update --name myAssetEndpoint -g myRG --target-address "opc.tcp://opcplc-000000:50000" --additional-config "{\"applicationName\": \"opcua-connector\", \"defaults\": { \"publishingIntervalMilliseconds\": 100,  \"samplingIntervalMilliseconds\": 500,  \"queueSize\": 15,}, \"session\": {\"timeout\": 60000}, \"subscription\": {\"maxItems\": 1000}, \"security\": { \"autoAcceptUntrustedServerCertificates\": true}}"

Update an asset endpoint's target address and additional configuration with prefilled values (bash syntax example).

az iot ops asset endpoint update --name myAssetEndpoint -g myRG --target-address "opc.tcp://opcplc-000000:50000" --additional-config '{"applicationName": "opcua-connector", "defaults": { "publishingIntervalMilliseconds": 100,  "samplingIntervalMilliseconds": 500,  "queueSize": 15,}, "session": {"timeout": 60000}, "subscription": {"maxItems": 1000}, "security": { "autoAcceptUntrustedServerCertificates": true}}'

Required Parameters

--name -n

Asset Endpoint name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--ac --additional-config

Additional Configuration for the connectivity type (ex: OPC UA, Modbus, ONVIF).

--am --authentication-mode

Authentication Mode.

--cert-ref --certificate-ref --cr

Reference for the certificate used in authentication. This method of user authentication is not supported yet.

--password-ref --pr

Reference for the password used in authentication.

--ta --target-address

Target Address. Must be a valid local address.

--tags

Asset Endpoint resource tags. Property bag in key-value pairs with the following format: a=b c=d.

--ur --username-reference

Reference for the username used in authentication.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc
default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.