Not
Bu sayfaya erişim yetkilendirme gerektiriyor. Oturum açmayı veya dizinleri değiştirmeyi deneyebilirsiniz.
Bu sayfaya erişim yetkilendirme gerektiriyor. Dizinleri değiştirmeyi deneyebilirsiniz.
Bicep resource definition
The instances/brokers/listeners resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.IoTOperations/instances/brokers/listeners resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.IoTOperations/instances/brokers/listeners@2025-04-01' = {
parent: resourceSymbolicName
extendedLocation: {
name: 'string'
type: 'string'
}
name: 'string'
properties: {
ports: [
{
authenticationRef: 'string'
authorizationRef: 'string'
nodePort: int
port: int
protocol: 'string'
tls: {
certManagerCertificateSpec: {
duration: 'string'
issuerRef: {
group: 'string'
kind: 'string'
name: 'string'
}
privateKey: {
algorithm: 'string'
rotationPolicy: 'string'
}
renewBefore: 'string'
san: {
dns: [
'string'
]
ip: [
'string'
]
}
secretName: 'string'
}
manual: {
secretRef: 'string'
}
mode: 'string'
}
}
]
serviceName: 'string'
serviceType: 'string'
}
}
Property Values
BrokerListenerProperties
| Name | Description | Value |
|---|---|---|
| ports | Ports on which this listener accepts client connections. | ListenerPort[] (required) |
| serviceName | Kubernetes Service name of this listener. | string |
| serviceType | Kubernetes Service type of this listener. | 'ClusterIp' 'LoadBalancer' 'NodePort' |
CertManagerCertificateSpec
| Name | Description | Value | ||
|---|---|---|---|---|
| duration | Lifetime of certificate. Must be specified using a Go time.Duration format (h | m | s). E.g. 240h for 240 hours and 45m for 45 minutes. | string |
| issuerRef | cert-manager issuerRef. | CertManagerIssuerRef (required) | ||
| privateKey | Type of certificate private key. | CertManagerPrivateKey | ||
| renewBefore | When to begin renewing certificate. Must be specified using a Go time.Duration format (h | m | s). E.g. 240h for 240 hours and 45m for 45 minutes. | string |
| san | Additional Subject Alternative Names (SANs) to include in the certificate. | SanForCert | ||
| secretName | Secret for storing server certificate. Any existing data will be overwritten. This is a reference to the secret through an identifying name, not the secret itself. | string |
CertManagerIssuerRef
| Name | Description | Value |
|---|---|---|
| group | group of issuer. | string (required) |
| kind | kind of issuer (Issuer or ClusterIssuer). | 'ClusterIssuer' 'Issuer' (required) |
| name | name of issuer. | string (required) |
CertManagerPrivateKey
| Name | Description | Value |
|---|---|---|
| algorithm | algorithm for private key. | 'Ec256' 'Ec384' 'Ec521' 'Ed25519' 'Rsa2048' 'Rsa4096' 'Rsa8192' (required) |
| rotationPolicy | cert-manager private key rotationPolicy. | 'Always' 'Never' (required) |
ExtendedLocation
| Name | Description | Value |
|---|---|---|
| name | The name of the extended location. | string (required) |
| type | Type of ExtendedLocation. | 'CustomLocation' (required) |
ListenerPort
| Name | Description | Value |
|---|---|---|
| authenticationRef | Reference to client authentication settings. Omit to disable authentication. | string |
| authorizationRef | Reference to client authorization settings. Omit to disable authorization. | string |
| nodePort | Kubernetes node port. Only relevant when this port is associated with a NodePort listener. |
int Constraints: Min value = 0 Max value = 65535 |
| port | TCP port for accepting client connections. | int Constraints: Min value = 0 Max value = 65535 (required) |
| protocol | Protocol to use for client connections. | 'Mqtt' 'WebSockets' |
| tls | TLS server certificate settings for this port. Omit to disable TLS. | TlsCertMethod |
Microsoft.IoTOperations/instances/brokers/listeners
| Name | Description | Value |
|---|---|---|
| extendedLocation | Edge location of the resource. | ExtendedLocation (required) |
| name | The resource name | string Constraints: Min length = 3 Max length = 63 Pattern = ^[a-z0-9][a-z0-9-]*[a-z0-9]$ (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: instances/brokers |
| properties | The resource-specific properties for this resource. | BrokerListenerProperties |
SanForCert
| Name | Description | Value |
|---|---|---|
| dns | DNS SANs. | string[] (required) |
| ip | IP address SANs. | string[] (required) |
TlsCertMethod
| Name | Description | Value |
|---|---|---|
| certManagerCertificateSpec | Option 1 - Automatic TLS server certificate management with cert-manager. | CertManagerCertificateSpec |
| manual | Option 2 - Manual TLS server certificate management through a defined secret. | X509ManualCertificate |
| mode | Mode of TLS server certificate management. | 'Automatic' 'Manual' (required) |
X509ManualCertificate
| Name | Description | Value |
|---|---|---|
| secretRef | Kubernetes secret containing an X.509 client certificate. This is a reference to the secret through an identifying name, not the secret itself. | string (required) |
ARM template resource definition
The instances/brokers/listeners resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.IoTOperations/instances/brokers/listeners resource, add the following JSON to your template.
{
"type": "Microsoft.IoTOperations/instances/brokers/listeners",
"apiVersion": "2025-04-01",
"name": "string",
"extendedLocation": {
"name": "string",
"type": "string"
},
"properties": {
"ports": [
{
"authenticationRef": "string",
"authorizationRef": "string",
"nodePort": "int",
"port": "int",
"protocol": "string",
"tls": {
"certManagerCertificateSpec": {
"duration": "string",
"issuerRef": {
"group": "string",
"kind": "string",
"name": "string"
},
"privateKey": {
"algorithm": "string",
"rotationPolicy": "string"
},
"renewBefore": "string",
"san": {
"dns": [ "string" ],
"ip": [ "string" ]
},
"secretName": "string"
},
"manual": {
"secretRef": "string"
},
"mode": "string"
}
}
],
"serviceName": "string",
"serviceType": "string"
}
}
Property Values
BrokerListenerProperties
| Name | Description | Value |
|---|---|---|
| ports | Ports on which this listener accepts client connections. | ListenerPort[] (required) |
| serviceName | Kubernetes Service name of this listener. | string |
| serviceType | Kubernetes Service type of this listener. | 'ClusterIp' 'LoadBalancer' 'NodePort' |
CertManagerCertificateSpec
| Name | Description | Value | ||
|---|---|---|---|---|
| duration | Lifetime of certificate. Must be specified using a Go time.Duration format (h | m | s). E.g. 240h for 240 hours and 45m for 45 minutes. | string |
| issuerRef | cert-manager issuerRef. | CertManagerIssuerRef (required) | ||
| privateKey | Type of certificate private key. | CertManagerPrivateKey | ||
| renewBefore | When to begin renewing certificate. Must be specified using a Go time.Duration format (h | m | s). E.g. 240h for 240 hours and 45m for 45 minutes. | string |
| san | Additional Subject Alternative Names (SANs) to include in the certificate. | SanForCert | ||
| secretName | Secret for storing server certificate. Any existing data will be overwritten. This is a reference to the secret through an identifying name, not the secret itself. | string |
CertManagerIssuerRef
| Name | Description | Value |
|---|---|---|
| group | group of issuer. | string (required) |
| kind | kind of issuer (Issuer or ClusterIssuer). | 'ClusterIssuer' 'Issuer' (required) |
| name | name of issuer. | string (required) |
CertManagerPrivateKey
| Name | Description | Value |
|---|---|---|
| algorithm | algorithm for private key. | 'Ec256' 'Ec384' 'Ec521' 'Ed25519' 'Rsa2048' 'Rsa4096' 'Rsa8192' (required) |
| rotationPolicy | cert-manager private key rotationPolicy. | 'Always' 'Never' (required) |
ExtendedLocation
| Name | Description | Value |
|---|---|---|
| name | The name of the extended location. | string (required) |
| type | Type of ExtendedLocation. | 'CustomLocation' (required) |
ListenerPort
| Name | Description | Value |
|---|---|---|
| authenticationRef | Reference to client authentication settings. Omit to disable authentication. | string |
| authorizationRef | Reference to client authorization settings. Omit to disable authorization. | string |
| nodePort | Kubernetes node port. Only relevant when this port is associated with a NodePort listener. |
int Constraints: Min value = 0 Max value = 65535 |
| port | TCP port for accepting client connections. | int Constraints: Min value = 0 Max value = 65535 (required) |
| protocol | Protocol to use for client connections. | 'Mqtt' 'WebSockets' |
| tls | TLS server certificate settings for this port. Omit to disable TLS. | TlsCertMethod |
Microsoft.IoTOperations/instances/brokers/listeners
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2025-04-01' |
| extendedLocation | Edge location of the resource. | ExtendedLocation (required) |
| name | The resource name | string Constraints: Min length = 3 Max length = 63 Pattern = ^[a-z0-9][a-z0-9-]*[a-z0-9]$ (required) |
| properties | The resource-specific properties for this resource. | BrokerListenerProperties |
| type | The resource type | 'Microsoft.IoTOperations/instances/brokers/listeners' |
SanForCert
| Name | Description | Value |
|---|---|---|
| dns | DNS SANs. | string[] (required) |
| ip | IP address SANs. | string[] (required) |
TlsCertMethod
| Name | Description | Value |
|---|---|---|
| certManagerCertificateSpec | Option 1 - Automatic TLS server certificate management with cert-manager. | CertManagerCertificateSpec |
| manual | Option 2 - Manual TLS server certificate management through a defined secret. | X509ManualCertificate |
| mode | Mode of TLS server certificate management. | 'Automatic' 'Manual' (required) |
X509ManualCertificate
| Name | Description | Value |
|---|---|---|
| secretRef | Kubernetes secret containing an X.509 client certificate. This is a reference to the secret through an identifying name, not the secret itself. | string (required) |
Kullanım Örnekleri
Terraform (AzAPI provider) resource definition
The instances/brokers/listeners resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.IoTOperations/instances/brokers/listeners resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.IoTOperations/instances/brokers/listeners@2025-04-01"
name = "string"
body = {
extendedLocation = {
name = "string"
type = "string"
}
properties = {
ports = [
{
authenticationRef = "string"
authorizationRef = "string"
nodePort = int
port = int
protocol = "string"
tls = {
certManagerCertificateSpec = {
duration = "string"
issuerRef = {
group = "string"
kind = "string"
name = "string"
}
privateKey = {
algorithm = "string"
rotationPolicy = "string"
}
renewBefore = "string"
san = {
dns = [
"string"
]
ip = [
"string"
]
}
secretName = "string"
}
manual = {
secretRef = "string"
}
mode = "string"
}
}
]
serviceName = "string"
serviceType = "string"
}
}
}
Property Values
BrokerListenerProperties
| Name | Description | Value |
|---|---|---|
| ports | Ports on which this listener accepts client connections. | ListenerPort[] (required) |
| serviceName | Kubernetes Service name of this listener. | string |
| serviceType | Kubernetes Service type of this listener. | 'ClusterIp' 'LoadBalancer' 'NodePort' |
CertManagerCertificateSpec
| Name | Description | Value | ||
|---|---|---|---|---|
| duration | Lifetime of certificate. Must be specified using a Go time.Duration format (h | m | s). E.g. 240h for 240 hours and 45m for 45 minutes. | string |
| issuerRef | cert-manager issuerRef. | CertManagerIssuerRef (required) | ||
| privateKey | Type of certificate private key. | CertManagerPrivateKey | ||
| renewBefore | When to begin renewing certificate. Must be specified using a Go time.Duration format (h | m | s). E.g. 240h for 240 hours and 45m for 45 minutes. | string |
| san | Additional Subject Alternative Names (SANs) to include in the certificate. | SanForCert | ||
| secretName | Secret for storing server certificate. Any existing data will be overwritten. This is a reference to the secret through an identifying name, not the secret itself. | string |
CertManagerIssuerRef
| Name | Description | Value |
|---|---|---|
| group | group of issuer. | string (required) |
| kind | kind of issuer (Issuer or ClusterIssuer). | 'ClusterIssuer' 'Issuer' (required) |
| name | name of issuer. | string (required) |
CertManagerPrivateKey
| Name | Description | Value |
|---|---|---|
| algorithm | algorithm for private key. | 'Ec256' 'Ec384' 'Ec521' 'Ed25519' 'Rsa2048' 'Rsa4096' 'Rsa8192' (required) |
| rotationPolicy | cert-manager private key rotationPolicy. | 'Always' 'Never' (required) |
ExtendedLocation
| Name | Description | Value |
|---|---|---|
| name | The name of the extended location. | string (required) |
| type | Type of ExtendedLocation. | 'CustomLocation' (required) |
ListenerPort
| Name | Description | Value |
|---|---|---|
| authenticationRef | Reference to client authentication settings. Omit to disable authentication. | string |
| authorizationRef | Reference to client authorization settings. Omit to disable authorization. | string |
| nodePort | Kubernetes node port. Only relevant when this port is associated with a NodePort listener. |
int Constraints: Min value = 0 Max value = 65535 |
| port | TCP port for accepting client connections. | int Constraints: Min value = 0 Max value = 65535 (required) |
| protocol | Protocol to use for client connections. | 'Mqtt' 'WebSockets' |
| tls | TLS server certificate settings for this port. Omit to disable TLS. | TlsCertMethod |
Microsoft.IoTOperations/instances/brokers/listeners
| Name | Description | Value |
|---|---|---|
| extendedLocation | Edge location of the resource. | ExtendedLocation (required) |
| name | The resource name | string Constraints: Min length = 3 Max length = 63 Pattern = ^[a-z0-9][a-z0-9-]*[a-z0-9]$ (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: instances/brokers |
| properties | The resource-specific properties for this resource. | BrokerListenerProperties |
| type | The resource type | "Microsoft.IoTOperations/instances/brokers/listeners@2025-04-01" |
SanForCert
| Name | Description | Value |
|---|---|---|
| dns | DNS SANs. | string[] (required) |
| ip | IP address SANs. | string[] (required) |
TlsCertMethod
| Name | Description | Value |
|---|---|---|
| certManagerCertificateSpec | Option 1 - Automatic TLS server certificate management with cert-manager. | CertManagerCertificateSpec |
| manual | Option 2 - Manual TLS server certificate management through a defined secret. | X509ManualCertificate |
| mode | Mode of TLS server certificate management. | 'Automatic' 'Manual' (required) |
X509ManualCertificate
| Name | Description | Value |
|---|---|---|
| secretRef | Kubernetes secret containing an X.509 client certificate. This is a reference to the secret through an identifying name, not the secret itself. | string (required) |