Show Menu

Azure IoT Edge & IoT Hub Cheat Sheet by

It brings a compute capability closer to the source of the data to edge devices.

What is IoT Edge?

Azure IoT Edge is a combin­ation of a cloud service running in the cloud and a runtime that runs on the device. IoT Edge is managed by the IoT Hub
Azure IoT Hub enables secure and reliable commun­ication between your IoT solution and the devices it manages. IoT Hub provides a cloud-­hosted solution backend to connect devices with per-device authen­tic­ation, device manage­ment, and scaled provis­ioning

IoT Edge enables you to:

React in near real time to local changes and it is reliable to operate in offline or interm­ittent mode.
Manage edge devices and data to reduce costs.
Deploy using containers and secure and certified hardware.
Distr­ibute AI and analytics workloads to the edge.
Use existing developer skillsets and code: IoT Edge code supports languages such as C, C#, Java, Node.js, and Python.
Provide security for edge deploy­ments and ensures a privacy for IoT deploy­ments.
Act as a gateway: IoT Edge can function as a protocol gateway and thus provide connec­tivity and edge analytics to IoT devices that would otherwise not have these capabi­lities.
Avail­ability of third-­party modules: Users can use third-­party modules from the Azure market­place to reduce time to market and enhance the robustness of software solution at the edge.

Azure IoT Edge comprises three compon­ents:

1. IoT Edge modules
The units of execution are implem­ented as Docker compatible contai­ners. IoT Edge modules can run Azure services, third-­party services, or user's own code and it can also run business logic in IoT Edge devices. The execution can run offline if needed by the users; can configure modules to commun­icate with each other to create a pipeline for data processing locally.
2. IoT Edge runtime
It manages the runtime and commun­ication for the modules deployed to each device and ensures that the modules are always running and report module health to the cloud.
3. IoT Edge cloud interf­ace
It enables users to monitor and manage IoT Edge devices remotely. Its cloud interface allows you to manage this overall lifecycle at scale for a diverse set of devices, which could be geogra­phi­cally scattered.

When to use IoT Edge?

Decision criteria
Near real-time response to local changes
Does your applic­ation need to react quickly to local changes in near real time? IoT Edge can run modules locally on IoT Edge devices to enable faster response to local changes.
Deploy and manage using Containers to IoT Edge devices
Does your applic­ation need to be deployed in docker compatible containers to IoT Edge devices? IoT Edge enables you to use containers to run your logic at the IoT Edge. Containers help to manage software depend­encies such as runtimes and libraries, ensuring that the applic­ation runs consis­tently wherever it's deployed.
Security for IoT Edge deploy­ments
The lack of security for IoT devices is a signif­icant barrier to entry for many enterp­rises. IoT Edge provides security in several ways. These include integr­ating with Azure Security Center and by making use of any hardware security modules to provide strong authen­ticated connec­tions for confid­ential computing.
Offline or interm­ittent mode operat­ion
Does your applic­ation need to operate with interm­ittent of offline connec­tivity? IoT Edge devices automa­tically synchr­onize the latest state of your devices once they've reconn­ected to the cloud to ensure seamless operat­ions.
Do you need to run machine learning algorithms on IoT Edge devices? IoT Edge enables you to deploy models built and trained in the cloud and run them on IoT Edge devices.
AI and analytics workloads to the IoT Edge
Optimize data costs
Management of costs in the deployment of Cloud resources is essential. You can design your system in such a way that data sent to the cloud is reduced by pre-pr­oce­ssing on the IoT Edge devices.
Privacy for IoT Edge deploy­ments
Do you need to ensure compliance for Privacy regula­tions? IoT Edge can protect personally identi­fiable data and keep data on-pre­mises in that way improving compli­ance.

Azure IoT Hub

Azure IoT Hub enables secure and reliable commun­ication between your IoT solution and the devices it manages. IoT Hub provides a cloud-­hosted solution backend to connect devices with per-device authen­tic­ation, device manage­ment, and scaled provis­ioning.

How IoT Hub works

Azure IoT Hub is the main Azure PaaS (Platform as a Service) which enables bidire­ctional commun­ica­tions between IoT devices and a cloud solution. IoT Hub is the starting point for any IoT solution, and it implements some essential functions that are common to IoT deploy­ments. These include networ­king, compute, storage capabi­lities and security.

IoT Hub features

Prot­ocols suppor­ted:
IoT Hub allows devices to use the following protocols for device­-side commun­ica­tions: MQTT, MQTT over WebSoc­kets, AMQP, AMQP over WebSockets and HTTPS
Device Identity Regist­ry:
IoT Hub maintains an identity registry. The identity registry stores inform­ation about the devices and modules permitted to connect to the IoT Hub.A device or module must also authen­ticate with the IoT Hub based on creden­tials stored in the identity registry.
Azure IoT Hub grants access to endpoints by verifying a token against the shared access policies and identity registry security creden­tials.
Device twins:
Azure IoT Hub maintains a device twin for each device that you connect to IoT Hub. Device twins store device­-re­lated inform­ation that Device and back ends can use to synchr­onize device conditions and config­ura­tion.
Endp­oints that IoT Hub exposes:
For each device in the identity registry, IoT Hub exposes a set of endpoints: Send device­-to­-cloud messages; Receive cloud-­to-­device messages; Initiate file uploads; Retrieve and update device twin proper­ties; Receive direct method requests.
Prov­isi­oning devices with Azure IoT Hub Device Provis­ioning Service:
The device provis­ioning service enables zero-t­ouch, just-i­n-time provis­ioning to the right IoT Hub without requiring human interv­ention, allowing the customers to provision millions of devices in a secure and scalable manner.
Addi­tional Features
The telemetry function is the essential component of the IoT Hub. The telemetry function involves recording and transm­itting values received by an IoT device. However, IoT Hub is much more than the basic telemetry function.
The scaling feature of the IoT Hub allows you to ramp up (or down) the scope of the solution. The ability to scale a solution depends on two consid­era­tions: the features you plan to use and the amount of data you plan to move daily. Once you plan to deploy devices at scale, you need to manage these devices.
The prov­isi­oning function of IoT hub enables you to manage devices across the lifecycle of a device. Provis­ioning also establ­ishes the security protocols for the device, its access rights, and privil­eges.
The security requir­ements can be seen as part of a security functi­on, which manages the per-device authen­tic­ation and access requir­ements with multiple authen­tic­ation types. Based on the security functions, the routing function determines the message flow and the recipients of the message. Finally, you can connect to external devices natively using the SDK functi­ona­lity and integrate with other services using the service integr­ation functi­ona­lity.

IoT Hub Decision criteria

Appl­ication comple­xity
Azure IoT Hub offers two tiers. If your IoT solution is based around collecting data from devices and analyzing it centrally, then choose the basic tier. The basic tier enables a subset of the features and is intended for IoT solutions that only need uni-di­rec­tional commun­ication from devices to the cloud. For more advanced config­ura­tions or to use distri­buted proces­sing, use the standard tier. The standard tier of IoT Hub enables all features and is required for any IoT solutions that want to make use of the bi-dir­ect­ional commun­ication capabi­lities. Both tiers offer the same security and authen­tic­ation features.
Data throug­hput
It depends on how much data you plan to move daily. Each IoT Hub tier is available in three sizes - numeri­cally identified as 1, 2, and 3. Each unit of a level 1 IoT hub can handle 400 thousand messages a day, and a level 3 unit can handle 300 million.
Securing solution end to end allowing for per-device authen­tic­ation
IoT Hub uses permis­sions to grant access to each IoT hub endpoint. Permis­sions limit the access to an IoT Hub based on functi­ona­lity.
Bi-d­ire­ctional commun­ica­tion
Azure IoT Hub can be used to establish bidire­ctional commun­ication with billions of IoT devices.In cloud-­to-­device messages, reliably send commands and notifi­cations to your connected devices – and track message delivery with acknow­led­gement receipts. Automa­tically resend device messages as needed to accomm­odate interm­ittent connec­tivity.
More compre­hensive list of consid­era­tions includ­es:
Does your solution need only basic telemetry services?
Geog­raphic coverage
Does your solution need compre­hensive geographic coverage?
Support for devices
Do you need to support a range of devices for your solution?
Manage a range of devices
Does your solution need only basic telemetry services?
Comm­uni­cation protoc­ols
Does your solution need to connect over different kinds of commun­ication protocols?
Message routing
How do you ensure that only the right devices talk to each other?
How do you secure the solution?


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Structure and Syntax of ARM Templates Cheat Sheet
          Azure ExpressRoute Cheat Sheet
          Microsoft Azure SKUs Cheat Sheet