Working with the Azure IoT Device Provisioning Service

1. Use Azure Cloud Shell to create the Device Provisioning Service.

2. Choose the Bash environment.

3. Select Show advanced settings.

4. Use the existing storage account that resides in the resource group location and the existing cloudshell file share name.

5. Once in the shell, enter the following to create the IoT hub:

   az iot dps create --name IoTDPS-XXXXX --resource-group <TAB> --location westus
   

   XXXXX is the five-character suffix for the lab resources and <TAB> is the Tab key. Press it there to automatically populate the resource group name.

While many tutorials state that the DPS can use the iothubowner shared access policy to link to an IoT Hub, best practice is to configure a new shared access policy with only the permissions required to link the Hub.

In the Azure Portal, navigate to iothub-XXXXX (where XXXXX is the five-character suffix for the lab resources) and create a new shared access policy by clicking on Shared access policy, then + Add. Create the policy with the name dps and set the following permissions:

• Registry read
• Registry write
• Service connect

Repeat this procedure for iothub2-XXXXX.

In order to assign devices to IoT Hubs, they must be linked to the DPS.

1. In the Azure Portal, navigate to the DPS created in the first objective.
2. Click on Linked IoT hubs in the DPS pane.
3. Click + Add and select iothub-XXXXX from the drop-down. Click Save.
4. Repeat step 3 for iothub2-XXXXX.

Our final requirement is to configure the DPS to assign devices to the IoT Hubs based on lowest latency.

1. In the Azure Portal, navigate to the DPS created in the first objective.
2. Click on Manage allocation policy in the DPS pane.
3. Under Select how you want to assign devices to hubs, select Lowest latency, then click Save.