azure_rm_iothub – Manage Azure IoT hub¶
New in version 2.9.
Requirements¶
The below requirements are needed on the host that executes this module.
- python >= 2.7
- azure >= 2.0.0
Parameters¶
| Parameter | Choices/Defaults | Comments | |
|---|---|---|---|
| ad_user 
                    string
                                                                 | Active Directory username. Use when authenticating with an Active Directory user rather than service principal. | ||
| adfs_authority_url 
                    string
                                                                 added in 2.6 | Azure AD authority url. Use when authenticating with Username/password, and has your own ADFS authority. | ||
| api_profile 
                    string
                                                                 added in 2.5 | Default: "latest" | Selects an API profile to use when communicating with Azure services. Default value of  latestis appropriate for public clouds; future values will allow use with Azure Stack. | |
| append_tags 
                    boolean
                                                                 | 
 | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. | |
| auth_source 
                    string
                                                                 added in 2.5 | 
 | Controls the source of the credentials to use for authentication. If not specified, ANSIBLE_AZURE_AUTH_SOURCE environment variable will be used and default to  autoif variable is not defined.autowill follow the default precedence of module parameters -> environment variables -> default profile in credential file~/.azure/credentials.When set to  cli, the credentials will be sources from the default Azure CLI profile.Can also be set via the  ANSIBLE_AZURE_AUTH_SOURCEenvironment variable.When set to  msi, the host machine must be an azure resource with an enabled MSI extension.subscription_idor the environment variableAZURE_SUBSCRIPTION_IDcan be used to identify the subscription ID if the resource is granted access to more than one subscription, otherwise the first subscription is chosen.The  msiwas added in Ansible 2.6. | |
| cert_validation_mode 
                    string
                                                                 added in 2.5 | 
 | Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing  ignore. Can also be set via credential file profile or theAZURE_CERT_VALIDATIONenvironment variable. | |
| client_id 
                    string
                                                                 | Azure client ID. Use when authenticating with a Service Principal. | ||
| cloud_environment 
                    string
                                                                 added in 2.4 | Default: "AzureCloud" | For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg,  AzureChinaCloud,AzureUSGovernment), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or theAZURE_CLOUD_ENVIRONMENTenvironment variable. | |
| enable_file_upload_notifications 
                    boolean
                                                                 | 
 | File upload notifications are enabled if set to  True. | |
| event_endpoint 
                    dictionary
                                                                 | The Event Hub-compatible endpoint property. | ||
| partition_count 
                    integer
                                                                 | The number of partitions for receiving device-to-cloud messages in the Event Hub-compatible endpoint. Default is  2. | ||
| retention_time_in_days 
                    integer
                                                                 | The retention time for device-to-cloud messages in days. Default is  1. | ||
| ip_filters 
                    list
                                                                 | Configure rules for rejecting or accepting traffic from specific IPv4 addresses. | ||
| action 
                    string
                                             / required                     | 
 | The desired action for requests captured by this rule. | |
| ip_mask 
                    string
                                             / required                     | A string that contains the IP address range in CIDR notation for the rule. | ||
| name 
                    string
                                             / required                     | Name of the filter. | ||
| location 
                    string
                                                                 | Location of the IoT hub. | ||
| name 
                    string
                                             / required                     | Name of the IoT hub. | ||
| password 
                    string
                                                                 | Active Directory user password. Use when authenticating with an Active Directory user rather than service principal. | ||
| profile 
                    string
                                                                 | Security profile found in ~/.azure/credentials file. | ||
| resource_group 
                    string
                                             / required                     | Name of resource group. | ||
| routes 
                    list
                                                                 | Route device-to-cloud messages to service-facing endpoints. | ||
| condition 
                    string
                                                                 | The query expression for the routing query that is run against the message application properties, system properties, message body, device twin tags, and device twin properties to determine if it is a match for the endpoint. For more information about constructing a query, see https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-routing-query-syntax | ||
| enabled 
                    boolean
                                             / required                     | 
 | Whether to enable the route. | |
| endpoint_name 
                    string
                                             / required                     | The name of the endpoint in routing_endpoints where IoT Hub sends messages that match the query. | ||
| name 
                    string
                                             / required                     | Name of the route. | ||
| source 
                    string
                                             / required                     | 
 | The origin of the data stream to be acted upon. | |
| routing_endpoints 
                    list
                                                                 | Custom endpoints. | ||
| connection_string 
                    string
                                             / required                     | Connection string of the custom endpoint. The connection string should have send privilege. | ||
| container 
                    string
                                                                 | Container name of the custom endpoint when resource_type=storage. | ||
| encoding 
                    string
                                                                 | Encoding of the message when resource_type=storage. | ||
| name 
                    string
                                             / required                     | Name of the custom endpoint. | ||
| resource_group 
                    string
                                                                 | Resource group of the endpoint. Default is the same as resource_group. | ||
| resource_type 
                    string
                                             / required                     | 
 | Resource type of the custom endpoint. | |
| subscription 
                    string
                                                                 | Subscription id of the endpoint. Default is the same as subscription. | ||
| secret 
                    string
                                                                 | Azure client secret. Use when authenticating with a Service Principal. | ||
| sku 
                    string
                                                                 | 
 | Pricing tier for Azure IoT Hub. Note that only one free IoT hub instance is allowed in each subscription. Exception will be thrown if free instances exceed one. Default is  s1when creation. | |
| state 
                    string
                                                                 | 
 | State of the IoT hub. Use  presentto create or update an IoT hub andabsentto delete an IoT hub. | |
| subscription_id 
                    string
                                                                 | Your Azure subscription Id. | ||
| tags 
                    dictionary
                                                                 | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | ||
| tenant 
                    string
                                                                 | Azure tenant ID. Use when authenticating with a Service Principal. | ||
| unit 
                    integer
                                                                 | Units in your IoT Hub. Default is  1. | ||
Notes¶
Note
- For authentication with Azure you can pass parameters, set environment variables, use a profile stored in ~/.azure/credentials, or log in before you run your tasks or playbook with az login.
- Authentication is also possible using a service principal or Active Directory user.
- To authenticate via service principal, pass subscription_id, client_id, secret and tenant or set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT.
- To authenticate via Active Directory user, pass ad_user and password, or set AZURE_AD_USER and AZURE_PASSWORD in the environment.
- Alternatively, credentials can be stored in ~/.azure/credentials. This is an ini file containing a [default] section and the following keys: subscription_id, client_id, secret and tenant or subscription_id, ad_user and password. It is also possible to add additional profiles. Specify the profile by passing profile or setting AZURE_PROFILE in the environment.
See Also¶
See also
- Sign in with Azure CLI
- How to authenticate using the az logincommand.
Examples¶
- name: Create a simplest IoT hub
  azure_rm_iothub:
    name: Testing
    resource_group: myResourceGroup
- name: Create an IoT hub with route
  azure_rm_iothub:
    resource_group: myResourceGroup
    name: Testing
    routing_endpoints:
        - connection_string: "Endpoint=sb://qux.servicebus.windows.net/;SharedAccessKeyName=quux;SharedAccessKey=****;EntityPath=myQueue"
          name: foo
          resource_type: queue
          resource_group: myResourceGroup1
    routes:
        - name: bar
          source: device_messages
          endpoint_name: foo
          enabled: yes
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Yuwei Zhou (@yuwzho)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
