Azure Messaging Iothub Route
This page shows how to write Terraform and Azure Resource Manager for Messaging Iothub Route and write them securely.
azurerm_iothub_route (Terraform)
The Iothub Route in Messaging can be configured in Terraform with the resource name azurerm_iothub_route
. The following sections describe 3 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_iothub_route" "route" {
resource_group_name = var.resource_group_name
iothub_name = var.iothub_name
name = var.iothub_route_name
source = var.iothub_route_source
condition = var.iothub_route_condition
resource "azurerm_iothub_route" "this" {
condition = var.condition
enabled = var.enabled
endpoint_names = var.endpoint_names
iothub_name = var.iothub_name
name = var.name
resource "azurerm_iothub_route" "this" {
condition = var.condition
enabled = var.enabled
endpoint_names = var.endpoint_names
iothub_name = var.iothub_name
name = var.name
Parameters
-
condition
optional - string -
enabled
required - bool -
endpoint_names
required - list of string -
id
optional computed - string -
iothub_name
required - string -
name
required - string -
resource_group_name
required - string -
source
required - string -
timeouts
single block
Explanation in Terraform Registry
Manages an IotHub Route
NOTE: Routes can be defined either directly on the
azurerm_iothub
resource, or using theazurerm_iothub_route
resourcs - but the two cannot be used together. If both are used against the same IoTHub, spurious changes will occur.
Microsoft.Devices/IotHubs (Azure Resource Manager)
The IotHubs in Microsoft.Devices can be configured in Azure Resource Manager with the resource name Microsoft.Devices/IotHubs
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2020-03-01",
"name": "[variables('CameraIotHubName')]",
"location": "[parameters('Region')]",
"sku": {
"name": "S1",
"type": "Microsoft.Devices/IotHubs",
"name": "[parameters('hubName')]",
"location": "North Europe",
"sku": {
"name": "S1",
"tier": "Standard",
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2020-03-01",
"name": "[variables('CameraIotHubName')]",
"location": "[parameters('Region')]",
"sku": {
"name": "S1",
"type": "Microsoft.Devices/IotHubs",
"name": "[parameters('iotHubName')]",
"location": "[parameters('azureLocation')]",
"sku": {
"name": "S1",
"tier": "Standard",
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
"type": "Microsoft.Devices/IotHubs",
"name": "[parameters('resourceName')]",
"location": "[resourceGroup().location]",
"properties": {
"eventHubEndpoints": {
"events": {
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
"type": "Microsoft.Devices/IotHubs",
"name": "[variables('hubName')]",
"location": "[variables('location')]",
"sku": {
"name": "S1",
"tier": "Standard",
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
Parameters
apiVersion
required - stringetag
optional - stringThe Etag field is not required. If it is provided in the response body, it must also be provided as a header per the normal ETag convention.
identity
optionaltype
optional - stringThe type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the service.
userAssignedIdentities
optional - undefined
location
required - stringThe resource location.
name
required - stringThe name of the IoT hub.
properties
requiredallowedFqdnList
optional - arrayList of allowed FQDNs(Fully Qualified Domain Name) for egress from Iot Hub.
authorizationPolicies
optional arraykeyName
required - stringThe name of the shared access policy.
primaryKey
optional - stringThe primary key.
rights
required - stringThe permissions assigned to the shared access policy.
secondaryKey
optional - stringThe secondary key.
cloudToDevice
optionaldefaultTtlAsIso8601
optional - stringThe default time to live for cloud-to-device messages in the device queue. See: https://docs.microsoft.com/azure/iot-hub/iot-hub-devguide-messaging#cloud-to-device-messages.
feedback
optionallockDurationAsIso8601
optional - stringThe lock duration for the feedback queue. See: https://docs.microsoft.com/azure/iot-hub/iot-hub-devguide-messaging#cloud-to-device-messages.
maxDeliveryCount
optional - integerThe number of times the IoT hub attempts to deliver a message on the feedback queue. See: https://docs.microsoft.com/azure/iot-hub/iot-hub-devguide-messaging#cloud-to-device-messages.
ttlAsIso8601
optional - stringThe period of time for which a message is available to consume before it is expired by the IoT hub. See: https://docs.microsoft.com/azure/iot-hub/iot-hub-devguide-messaging#cloud-to-device-messages.
maxDeliveryCount
optional - integerThe max delivery count for cloud-to-device messages in the device queue. See: https://docs.microsoft.com/azure/iot-hub/iot-hub-devguide-messaging#cloud-to-device-messages.
comments
optional - stringIoT hub comments.
disableDeviceSAS
optional - booleanIf true, all device(including Edge devices but excluding modules) scoped SAS keys cannot be used for authentication.
disableLocalAuth
optional - booleanIf true, SAS tokens with Iot hub scoped SAS keys cannot be used for authentication.
disableModuleSAS
optional - booleanIf true, all module scoped SAS keys cannot be used for authentication.
enableDataResidency
optional - booleanThis property when set to true, will enable data residency, thus, disabling disaster recovery.
enableFileUploadNotifications
optional - booleanIf True, file upload notifications are enabled.
eventHubEndpoints
optional - undefinedThe Event Hub-compatible endpoint properties. The only possible keys to this dictionary is events. This key has to be present in the dictionary while making create or update calls for the IoT hub.
features
optional - stringThe capabilities and features enabled for the IoT hub.
ipFilterRules
optional arrayaction
required - stringThe desired action for requests captured by this rule.
filterName
required - stringThe name of the IP filter rule.
ipMask
required - stringA string that contains the IP address range in CIDR notation for the rule.
messagingEndpoints
optional - undefinedThe messaging endpoint properties for the file upload notification queue.
minTlsVersion
optional - stringSpecifies the minimum TLS version to support for this hub. Can be set to "1.2" to have clients that use a TLS version below 1.2 to be rejected.
networkRuleSets
optionalapplyToBuiltInEventHubEndpoint
required - booleanIf True, then Network Rule Set is also applied to BuiltIn EventHub EndPoint of IotHub
defaultAction
optional - stringDefault Action for Network Rule Set.
ipRules
required arrayaction
optional - stringIP Filter Action.
filterName
required - stringName of the IP filter rule.
ipMask
required - stringA string that contains the IP address range in CIDR notation for the rule.
privateEndpointConnections
optional arrayproperties
requiredprivateEndpoint
optionalprivateLinkServiceConnectionState
requiredactionsRequired
optional - stringActions required for a private endpoint connection
description
required - stringThe description for the current state of a private endpoint connection
status
required - stringThe status of a private endpoint connection.
publicNetworkAccess
optional - stringWhether requests from Public Network are allowed.
restrictOutboundNetworkAccess
optional - booleanIf true, egress from IotHub will be restricted to only the allowed FQDNs that are configured via allowedFqdnList.
routing
optionalendpoints
optionaleventHubs
optional arrayauthenticationType
optional - stringMethod used to authenticate against the event hub endpoint.
connectionString
optional - stringThe connection string of the event hub endpoint.
endpointUri
optional - stringThe url of the event hub endpoint. It must include the protocol sb://
entityPath
optional - stringEvent hub name on the event hub namespace
id
optional - stringId of the event hub endpoint
identity
optionaluserAssignedIdentity
optional - stringThe user assigned identity.
name
required - stringThe name that identifies this endpoint. The name can only include alphanumeric characters, periods, underscores, hyphens and has a maximum length of 64 characters. The following names are reserved: events, fileNotifications, $default. Endpoint names must be unique across endpoint types.
resourceGroup
optional - stringThe name of the resource group of the event hub endpoint.
subscriptionId
optional - stringThe subscription identifier of the event hub endpoint.
serviceBusQueues
optional arrayauthenticationType
optional - stringMethod used to authenticate against the service bus queue endpoint.
connectionString
optional - stringThe connection string of the service bus queue endpoint.
endpointUri
optional - stringThe url of the service bus queue endpoint. It must include the protocol sb://
entityPath
optional - stringQueue name on the service bus namespace
id
optional - stringId of the service bus queue endpoint
identity
optionaluserAssignedIdentity
optional - stringThe user assigned identity.
name
required - stringThe name that identifies this endpoint. The name can only include alphanumeric characters, periods, underscores, hyphens and has a maximum length of 64 characters. The following names are reserved: events, fileNotifications, $default. Endpoint names must be unique across endpoint types. The name need not be the same as the actual queue name.
resourceGroup
optional - stringThe name of the resource group of the service bus queue endpoint.
subscriptionId
optional - stringThe subscription identifier of the service bus queue endpoint.
serviceBusTopics
optional arrayauthenticationType
optional - stringMethod used to authenticate against the service bus topic endpoint.
connectionString
optional - stringThe connection string of the service bus topic endpoint.
endpointUri
optional - stringThe url of the service bus topic endpoint. It must include the protocol sb://
entityPath
optional - stringQueue name on the service bus topic
id
optional - stringId of the service bus topic endpoint
identity
optionaluserAssignedIdentity
optional - stringThe user assigned identity.
name
required - stringThe name that identifies this endpoint. The name can only include alphanumeric characters, periods, underscores, hyphens and has a maximum length of 64 characters. The following names are reserved: events, fileNotifications, $default. Endpoint names must be unique across endpoint types. The name need not be the same as the actual topic name.
resourceGroup
optional - stringThe name of the resource group of the service bus topic endpoint.
subscriptionId
optional - stringThe subscription identifier of the service bus topic endpoint.
storageContainers
optional arrayauthenticationType
optional - stringMethod used to authenticate against the storage endpoint.
batchFrequencyInSeconds
optional - integerTime interval at which blobs are written to storage. Value should be between 60 and 720 seconds. Default value is 300 seconds.
connectionString
optional - stringThe connection string of the storage account.
containerName
required - stringThe name of storage container in the storage account.
encoding
optional - stringEncoding that is used to serialize messages to blobs. Supported values are 'avro', 'avrodeflate', and 'JSON'. Default value is 'avro'.
endpointUri
optional - stringThe url of the storage endpoint. It must include the protocol https://
fileNameFormat
optional - stringFile name format for the blob. Default format is {iothub}/{partition}/{YYYY}/{MM}/{DD}/{HH}/{mm}. All parameters are mandatory but can be reordered.
id
optional - stringId of the storage container endpoint
identity
optionaluserAssignedIdentity
optional - stringThe user assigned identity.
maxChunkSizeInBytes
optional - integerMaximum number of bytes for each blob written to storage. Value should be between 10485760(10MB) and 524288000(500MB). Default value is 314572800(300MB).
name
required - stringThe name that identifies this endpoint. The name can only include alphanumeric characters, periods, underscores, hyphens and has a maximum length of 64 characters. The following names are reserved: events, fileNotifications, $default. Endpoint names must be unique across endpoint types.
resourceGroup
optional - stringThe name of the resource group of the storage account.
subscriptionId
optional - stringThe subscription identifier of the storage account.
enrichments
optional arrayendpointNames
required - arrayThe list of endpoints for which the enrichment is applied to the message.
key
required - stringThe key or name for the enrichment property.
value
required - stringThe value for the enrichment property.
fallbackRoute
optionalcondition
optional - stringThe condition which is evaluated in order to apply the fallback route. If the condition is not provided it will evaluate to true by default. For grammar, See: https://docs.microsoft.com/azure/iot-hub/iot-hub-devguide-query-language
endpointNames
required - arrayThe list of endpoints to which the messages that satisfy the condition are routed to. Currently only 1 endpoint is allowed.
isEnabled
required - booleanUsed to specify whether the fallback route is enabled.
name
optional - stringThe name of the route. The name can only include alphanumeric characters, periods, underscores, hyphens, has a maximum length of 64 characters, and must be unique.
source
required - stringThe source to which the routing rule is to be applied to. For example, DeviceMessages.
routes
optional arraycondition
optional - stringThe condition that is evaluated to apply the routing rule. If no condition is provided, it evaluates to true by default. For grammar, see: https://docs.microsoft.com/azure/iot-hub/iot-hub-devguide-query-language
endpointNames
required - arrayThe list of endpoints to which messages that satisfy the condition are routed. Currently only one endpoint is allowed.
isEnabled
required - booleanUsed to specify whether a route is enabled.
name
required - stringThe name of the route. The name can only include alphanumeric characters, periods, underscores, hyphens, has a maximum length of 64 characters, and must be unique.
source
required - stringThe source that the routing rule is to be applied to, such as DeviceMessages.
storageEndpoints
optional - undefinedThe list of Azure Storage endpoints where you can upload files. Currently you can configure only one Azure Storage account and that MUST have its key as $default. Specifying more than one storage account causes an error to be thrown. Not specifying a value for this property when the enableFileUploadNotifications property is set to True, causes an error to be thrown.
sku
requiredcapacity
optional - integerThe number of provisioned IoT Hub units. See: https://docs.microsoft.com/azure/azure-subscription-service-limits#iot-hub-limits.
name
required - stringThe name of the SKU.
tags
optional - stringThe resource tags.
type
required - string
Frequently asked questions
What is Azure Messaging Iothub Route?
Azure Messaging Iothub Route is a resource for Messaging of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure Messaging Iothub Route?
For Terraform, the FabLabGent/InfrastructureFabLabGent, kevinhead/azurerm and niveklabs/azurerm source code examples are useful. See the Terraform Example section for further details.
For Azure Resource Manager, the solliancenet/azure-synapse-in-a-day-demos, niallermoran/SmartHVACDemo and Moisesjoel/Primer-proyecto source code examples are useful. See the Azure Resource Manager Example section for further details.