Connecting Azure Sphere to Azure IoT Edge

by | Mar 31, 2021 | Technology | 0 comments

This article is contributed. See the original author and article here.

Today I wanted to make a “bite-sized” post to walk you through setting up Azure Sphere with Azure IoT Edge.


 


As a refresher, Azure Sphere will perform device authentication and attestation (described here: Azure Sphere Device Authentication and Attestation Service) and if the application has specified an Azure Sphere tenant in the application manifest’s DeviceAuthentication value, it will then receive a client authentication cert which is valid for around a day.


 










DeviceAuthentication

A string that specifies the UUID of the Azure Sphere tenant to use for device authentication.


Example: “DeviceAuthentication”: “77304f1f-9530-4157-8598-30bc1f3d66f0”

 


Why is this important? Because the goal here is to use this “high assurance” client certificate to authenticate the Azure Sphere device to the  Azure IoT Edge server and pass it telemetry or other data. This ensures a secure authentication method as opposed to static hardcoded passwords.


 


A couple of other things to remember for this demo:



  • The Azure Sphere device must be able to communicate to the internet in order to perform DAA, obtain OS updates and other AS3 service communications.

  • The Azure Sphere device must also have an explicit entry in the application manifest in order to communicate with the IoT Edge server:










AllowedConnections

A list of DNS host names or IP addresses (IPv4) to which the application is allowed to connect. If the application uses an Azure IoT Hub, the list must include the IP address or DNS host name for the hub, typically hub-name.azure-devices.net. Port numbers and wildcard characters in names and IP addresses are not accepted.


Example: “AllowedConnections” : [ “my-hub.example.net”, “global.azure-devices-provisioning.net” ]


  • The Azure Sphere device must be a child of the IoT Edge server


The starting point for the lab is:



  1. Azure Sphere


    1. Device is claimed to tenant

    2. Device is in developer mode

    3. Device is connected to Wi-Fi


  2. IoT Edge


    1. IoT Edge runtime is installed and IoT edge server is created for a specific IoT Hub

    2. Deployed the simulated temperature sensor module to test and ensure basic functionality.



With that out of the way, let’s take a look at this video for a walkthrough of basic connectivity from Azure Sphere to an IoT Edge server using the Azure Sphere device certificate!


Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Submit a Comment