Create a BrokerAuthenticationResource
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.IoTOperations/instances/{instanceName}/brokers/{brokerName}/authentications/{authenticationName}?api-version=2024-11-01
URI Parameters
| Name |
In |
Required |
Type |
Description |
|
authenticationName
|
path |
True
|
string
|
Name of Instance broker authentication resource
Regex pattern: ^[a-z0-9][a-z0-9-]*[a-z0-9]$
|
|
brokerName
|
path |
True
|
string
|
Name of broker.
Regex pattern: ^[a-z0-9][a-z0-9-]*[a-z0-9]$
|
|
instanceName
|
path |
True
|
string
|
Name of instance.
Regex pattern: ^[a-z0-9][a-z0-9-]*[a-z0-9]$
|
|
resourceGroupName
|
path |
True
|
string
|
The name of the resource group. The name is case insensitive.
|
|
subscriptionId
|
path |
True
|
string
uuid
|
The ID of the target subscription. The value must be an UUID.
|
|
api-version
|
query |
True
|
string
|
The API version to use for this operation.
|
Request Body
Responses
| Name |
Type |
Description |
|
200 OK
|
BrokerAuthenticationResource
|
Resource 'BrokerAuthenticationResource' update operation succeeded
|
|
201 Created
|
BrokerAuthenticationResource
|
Resource 'BrokerAuthenticationResource' create operation succeeded
Headers
- Azure-AsyncOperation: string
- Retry-After: integer
|
|
Other Status Codes
|
ErrorResponse
|
An unexpected error response.
|
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name |
Description |
|
user_impersonation
|
impersonate your user account
|
Examples
BrokerAuthentication_CreateOrUpdate
Sample request
PUT https://management.azure.com/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123?api-version=2024-11-01
{
"properties": {
"authenticationMethods": [
{
"method": "Custom",
"customSettings": {
"auth": {
"x509": {
"secretRef": "secret-name"
}
},
"caCertConfigMap": "pdecudefqyolvncbus",
"endpoint": "https://www.example.com",
"headers": {
"key8518": "bwityjy"
}
},
"serviceAccountTokenSettings": {
"audiences": [
"jqyhyqatuydg"
]
},
"x509Settings": {
"authorizationAttributes": {
"key3384": {
"attributes": {
"key186": "ucpajramsz"
},
"subject": "jpgwctfeixitptfgfnqhua"
}
},
"trustedClientCaCert": "vlctsqddl"
}
}
]
},
"extendedLocation": {
"name": "qmbrfwcpwwhggszhrdjv",
"type": "CustomLocation"
}
}
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticationMethod;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticationProperties;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorCustomAuth;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethodCustom;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethodSat;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethodX509;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethodX509Attributes;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethods;
import com.azure.resourcemanager.iotoperations.models.ExtendedLocation;
import com.azure.resourcemanager.iotoperations.models.ExtendedLocationType;
import com.azure.resourcemanager.iotoperations.models.X509ManualCertificate;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for BrokerAuthentication CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: 2024-11-01/BrokerAuthentication_CreateOrUpdate_MaximumSet_Gen.json
*/
/**
* Sample code: BrokerAuthentication_CreateOrUpdate.
*
* @param manager Entry point to IoTOperationsManager.
*/
public static void
brokerAuthenticationCreateOrUpdate(com.azure.resourcemanager.iotoperations.IoTOperationsManager manager) {
manager.brokerAuthentications().define("resource-name123")
.withExistingBroker("rgiotoperations", "resource-name123", "resource-name123")
.withExtendedLocation(new ExtendedLocation().withName("qmbrfwcpwwhggszhrdjv")
.withType(ExtendedLocationType.CUSTOM_LOCATION))
.withProperties(
new BrokerAuthenticationProperties()
.withAuthenticationMethods(
Arrays
.asList(
new BrokerAuthenticatorMethods().withMethod(BrokerAuthenticationMethod.CUSTOM)
.withCustomSettings(
new BrokerAuthenticatorMethodCustom()
.withAuth(new BrokerAuthenticatorCustomAuth().withX509(
new X509ManualCertificate().withSecretRef("fakeTokenPlaceholder")))
.withCaCertConfigMap("pdecudefqyolvncbus")
.withEndpoint("https://www.example.com").withHeaders(mapOf("key8518",
"fakeTokenPlaceholder")))
.withServiceAccountTokenSettings(
new BrokerAuthenticatorMethodSat().withAudiences(Arrays.asList("jqyhyqatuydg")))
.withX509Settings(new BrokerAuthenticatorMethodX509()
.withAuthorizationAttributes(mapOf("key3384",
new BrokerAuthenticatorMethodX509Attributes()
.withAttributes(mapOf("key186", "fakeTokenPlaceholder"))
.withSubject("jpgwctfeixitptfgfnqhua")))
.withTrustedClientCaCert("vlctsqddl")))))
.create();
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.iotoperations import IoTOperationsMgmtClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-iotoperations
# USAGE
python broker_authentication_create_or_update_maximum_set_gen.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = IoTOperationsMgmtClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.broker_authentication.begin_create_or_update(
resource_group_name="rgiotoperations",
instance_name="resource-name123",
broker_name="resource-name123",
authentication_name="resource-name123",
resource={
"extendedLocation": {"name": "qmbrfwcpwwhggszhrdjv", "type": "CustomLocation"},
"properties": {
"authenticationMethods": [
{
"customSettings": {
"auth": {"x509": {"secretRef": "secret-name"}},
"caCertConfigMap": "pdecudefqyolvncbus",
"endpoint": "https://www.example.com",
"headers": {"key8518": "bwityjy"},
},
"method": "Custom",
"serviceAccountTokenSettings": {"audiences": ["jqyhyqatuydg"]},
"x509Settings": {
"authorizationAttributes": {
"key3384": {"attributes": {"key186": "ucpajramsz"}, "subject": "jpgwctfeixitptfgfnqhua"}
},
"trustedClientCaCert": "vlctsqddl",
},
}
]
},
},
).result()
print(response)
# x-ms-original-file: 2024-11-01/BrokerAuthentication_CreateOrUpdate_MaximumSet_Gen.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armiotoperations_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/iotoperations/armiotoperations"
)
// Generated from example definition: 2024-11-01/BrokerAuthentication_CreateOrUpdate_MaximumSet_Gen.json
func ExampleBrokerAuthenticationClient_BeginCreateOrUpdate_brokerAuthenticationCreateOrUpdate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armiotoperations.NewClientFactory("F8C729F9-DF9C-4743-848F-96EE433D8E53", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewBrokerAuthenticationClient().BeginCreateOrUpdate(ctx, "rgiotoperations", "resource-name123", "resource-name123", "resource-name123", armiotoperations.BrokerAuthenticationResource{
Properties: &armiotoperations.BrokerAuthenticationProperties{
AuthenticationMethods: []*armiotoperations.BrokerAuthenticatorMethods{
{
Method: to.Ptr(armiotoperations.BrokerAuthenticationMethodCustom),
CustomSettings: &armiotoperations.BrokerAuthenticatorMethodCustom{
Auth: &armiotoperations.BrokerAuthenticatorCustomAuth{
X509: &armiotoperations.X509ManualCertificate{
SecretRef: to.Ptr("secret-name"),
},
},
CaCertConfigMap: to.Ptr("pdecudefqyolvncbus"),
Endpoint: to.Ptr("https://www.example.com"),
Headers: map[string]*string{
"key8518": to.Ptr("bwityjy"),
},
},
ServiceAccountTokenSettings: &armiotoperations.BrokerAuthenticatorMethodSat{
Audiences: []*string{
to.Ptr("jqyhyqatuydg"),
},
},
X509Settings: &armiotoperations.BrokerAuthenticatorMethodX509{
AuthorizationAttributes: map[string]*armiotoperations.BrokerAuthenticatorMethodX509Attributes{
"key3384": {
Attributes: map[string]*string{
"key186": to.Ptr("ucpajramsz"),
},
Subject: to.Ptr("jpgwctfeixitptfgfnqhua"),
},
},
TrustedClientCaCert: to.Ptr("vlctsqddl"),
},
},
},
},
ExtendedLocation: &armiotoperations.ExtendedLocation{
Name: to.Ptr("qmbrfwcpwwhggszhrdjv"),
Type: to.Ptr(armiotoperations.ExtendedLocationTypeCustomLocation),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armiotoperations.BrokerAuthenticationClientCreateOrUpdateResponse{
// BrokerAuthenticationResource: &armiotoperations.BrokerAuthenticationResource{
// Properties: &armiotoperations.BrokerAuthenticationProperties{
// AuthenticationMethods: []*armiotoperations.BrokerAuthenticatorMethods{
// {
// Method: to.Ptr(armiotoperations.BrokerAuthenticationMethodCustom),
// CustomSettings: &armiotoperations.BrokerAuthenticatorMethodCustom{
// Auth: &armiotoperations.BrokerAuthenticatorCustomAuth{
// X509: &armiotoperations.X509ManualCertificate{
// SecretRef: to.Ptr("secret-name"),
// },
// },
// CaCertConfigMap: to.Ptr("pdecudefqyolvncbus"),
// Endpoint: to.Ptr("https://www.example.com"),
// Headers: map[string]*string{
// "key8518": to.Ptr("bwityjy"),
// },
// },
// ServiceAccountTokenSettings: &armiotoperations.BrokerAuthenticatorMethodSat{
// Audiences: []*string{
// to.Ptr("jqyhyqatuydg"),
// },
// },
// X509Settings: &armiotoperations.BrokerAuthenticatorMethodX509{
// AuthorizationAttributes: map[string]*armiotoperations.BrokerAuthenticatorMethodX509Attributes{
// "key3384": &armiotoperations.BrokerAuthenticatorMethodX509Attributes{
// Attributes: map[string]*string{
// "key186": to.Ptr("ucpajramsz"),
// },
// Subject: to.Ptr("jpgwctfeixitptfgfnqhua"),
// },
// },
// TrustedClientCaCert: to.Ptr("vlctsqddl"),
// },
// },
// },
// ProvisioningState: to.Ptr(armiotoperations.ProvisioningStateSucceeded),
// },
// ExtendedLocation: &armiotoperations.ExtendedLocation{
// Name: to.Ptr("qmbrfwcpwwhggszhrdjv"),
// Type: to.Ptr(armiotoperations.ExtendedLocationTypeCustomLocation),
// },
// ID: to.Ptr("/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123"),
// Name: to.Ptr("lwucizfvtsdpx"),
// Type: to.Ptr("kvtilkgcxanlfozrd"),
// SystemData: &armiotoperations.SystemData{
// CreatedBy: to.Ptr("ssvaslsmudloholronopqyxjcu"),
// CreatedByType: to.Ptr(armiotoperations.CreatedByTypeUser),
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2024-08-09T18:13:29.389Z"); return t}()),
// LastModifiedBy: to.Ptr("gnicpuszwd"),
// LastModifiedByType: to.Ptr(armiotoperations.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2024-08-09T18:13:29.389Z"); return t}()),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.IotOperations.Models;
using Azure.ResourceManager.IotOperations;
// Generated from example definition: 2024-11-01/BrokerAuthentication_CreateOrUpdate_MaximumSet_Gen.json
// this example is just showing the usage of "BrokerAuthenticationResource_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this IotOperationsBrokerAuthenticationResource created on azure
// for more information of creating IotOperationsBrokerAuthenticationResource, please refer to the document of IotOperationsBrokerAuthenticationResource
string subscriptionId = "F8C729F9-DF9C-4743-848F-96EE433D8E53";
string resourceGroupName = "rgiotoperations";
string instanceName = "resource-name123";
string brokerName = "resource-name123";
string authenticationName = "resource-name123";
ResourceIdentifier iotOperationsBrokerAuthenticationResourceId = IotOperationsBrokerAuthenticationResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, instanceName, brokerName, authenticationName);
IotOperationsBrokerAuthenticationResource iotOperationsBrokerAuthentication = client.GetIotOperationsBrokerAuthenticationResource(iotOperationsBrokerAuthenticationResourceId);
// invoke the operation
IotOperationsBrokerAuthenticationData data = new IotOperationsBrokerAuthenticationData(new IotOperationsExtendedLocation("qmbrfwcpwwhggszhrdjv", IotOperationsExtendedLocationType.CustomLocation))
{
Properties = new IotOperationsBrokerAuthenticationProperties(new BrokerAuthenticatorMethods[]
{
new BrokerAuthenticatorMethods(BrokerAuthenticationMethod.Custom)
{
CustomSettings = new BrokerAuthenticatorMethodCustom(new Uri("https://www.example.com"))
{
X509SecretRef = "secret-name",
CaCertConfigMap = "pdecudefqyolvncbus",
Headers =
{
["key8518"] = "bwityjy"
},
},
ServiceAccountTokenAudiences = {"jqyhyqatuydg"},
X509Settings = new BrokerAuthenticatorMethodX509
{
AuthorizationAttributes =
{
["key3384"] = new BrokerAuthenticatorMethodX509Attributes(new Dictionary<string, string>
{
["key186"] = "ucpajramsz"
}, "jpgwctfeixitptfgfnqhua")
},
TrustedClientCaCert = "vlctsqddl",
},
}
}),
};
ArmOperation<IotOperationsBrokerAuthenticationResource> lro = await iotOperationsBrokerAuthentication.UpdateAsync(WaitUntil.Completed, data);
IotOperationsBrokerAuthenticationResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
IotOperationsBrokerAuthenticationData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample response
{
"properties": {
"authenticationMethods": [
{
"method": "Custom",
"customSettings": {
"auth": {
"x509": {
"secretRef": "secret-name"
}
},
"caCertConfigMap": "pdecudefqyolvncbus",
"endpoint": "https://www.example.com",
"headers": {
"key8518": "bwityjy"
}
},
"serviceAccountTokenSettings": {
"audiences": [
"jqyhyqatuydg"
]
},
"x509Settings": {
"authorizationAttributes": {
"key3384": {
"attributes": {
"key186": "ucpajramsz"
},
"subject": "jpgwctfeixitptfgfnqhua"
}
},
"trustedClientCaCert": "vlctsqddl"
}
}
],
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "qmbrfwcpwwhggszhrdjv",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123",
"name": "lwucizfvtsdpx",
"type": "kvtilkgcxanlfozrd",
"systemData": {
"createdBy": "ssvaslsmudloholronopqyxjcu",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "gnicpuszwd",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}
Azure-AsyncOperation: https://contoso.com/operationstatus
{
"properties": {
"authenticationMethods": [
{
"method": "Custom",
"customSettings": {
"auth": {
"x509": {
"secretRef": "secret-name"
}
},
"caCertConfigMap": "pdecudefqyolvncbus",
"endpoint": "https://www.example.com",
"headers": {
"key8518": "bwityjy"
}
},
"serviceAccountTokenSettings": {
"audiences": [
"jqyhyqatuydg"
]
},
"x509Settings": {
"authorizationAttributes": {
"key3384": {
"attributes": {
"key186": "ucpajramsz"
},
"subject": "jpgwctfeixitptfgfnqhua"
}
},
"trustedClientCaCert": "vlctsqddl"
}
}
],
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "qmbrfwcpwwhggszhrdjv",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123",
"name": "lwucizfvtsdpx",
"type": "kvtilkgcxanlfozrd",
"systemData": {
"createdBy": "ssvaslsmudloholronopqyxjcu",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "gnicpuszwd",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}
BrokerAuthentication_CreateOrUpdate_Complex
Sample request
PUT https://management.azure.com/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123?api-version=2024-11-01
{
"properties": {
"authenticationMethods": [
{
"method": "ServiceAccountToken",
"serviceAccountTokenSettings": {
"audiences": [
"aio-internal"
]
}
},
{
"method": "X509",
"x509Settings": {
"trustedClientCaCert": "my-ca",
"authorizationAttributes": {
"root": {
"subject": "CN = Contoso Root CA Cert, OU = Engineering, C = US",
"attributes": {
"organization": "contoso"
}
},
"intermediate": {
"subject": "CN = Contoso Intermediate CA",
"attributes": {
"city": "seattle",
"foo": "bar"
}
},
"smart-fan": {
"subject": "CN = smart-fan",
"attributes": {
"building": "17"
}
}
}
}
}
]
},
"extendedLocation": {
"name": "qmbrfwcpwwhggszhrdjv",
"type": "CustomLocation"
}
}
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticationMethod;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticationProperties;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethodSat;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethodX509;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethodX509Attributes;
import com.azure.resourcemanager.iotoperations.models.BrokerAuthenticatorMethods;
import com.azure.resourcemanager.iotoperations.models.ExtendedLocation;
import com.azure.resourcemanager.iotoperations.models.ExtendedLocationType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for BrokerAuthentication CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file: 2024-11-01/BrokerAuthentication_CreateOrUpdate_Complex.json
*/
/**
* Sample code: BrokerAuthentication_CreateOrUpdate_Complex.
*
* @param manager Entry point to IoTOperationsManager.
*/
public static void brokerAuthenticationCreateOrUpdateComplex(
com.azure.resourcemanager.iotoperations.IoTOperationsManager manager) {
manager.brokerAuthentications().define("resource-name123")
.withExistingBroker("rgiotoperations", "resource-name123", "resource-name123")
.withExtendedLocation(new ExtendedLocation().withName("qmbrfwcpwwhggszhrdjv")
.withType(ExtendedLocationType.CUSTOM_LOCATION))
.withProperties(
new BrokerAuthenticationProperties()
.withAuthenticationMethods(
Arrays
.asList(
new BrokerAuthenticatorMethods()
.withMethod(BrokerAuthenticationMethod.SERVICE_ACCOUNT_TOKEN)
.withServiceAccountTokenSettings(new BrokerAuthenticatorMethodSat()
.withAudiences(Arrays.asList("aio-internal"))),
new BrokerAuthenticatorMethods().withMethod(BrokerAuthenticationMethod.X509)
.withX509Settings(new BrokerAuthenticatorMethodX509()
.withAuthorizationAttributes(mapOf("root",
new BrokerAuthenticatorMethodX509Attributes()
.withAttributes(mapOf("organization", "contoso"))
.withSubject("CN = Contoso Root CA Cert, OU = Engineering, C = US"),
"intermediate",
new BrokerAuthenticatorMethodX509Attributes()
.withAttributes(mapOf("city", "seattle", "foo", "bar"))
.withSubject("CN = Contoso Intermediate CA"),
"smart-fan",
new BrokerAuthenticatorMethodX509Attributes()
.withAttributes(mapOf("building", "17")).withSubject("CN = smart-fan")))
.withTrustedClientCaCert("my-ca")))))
.create();
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.iotoperations import IoTOperationsMgmtClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-iotoperations
# USAGE
python broker_authentication_create_or_update_complex.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = IoTOperationsMgmtClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.broker_authentication.begin_create_or_update(
resource_group_name="rgiotoperations",
instance_name="resource-name123",
broker_name="resource-name123",
authentication_name="resource-name123",
resource={
"extendedLocation": {"name": "qmbrfwcpwwhggszhrdjv", "type": "CustomLocation"},
"properties": {
"authenticationMethods": [
{"method": "ServiceAccountToken", "serviceAccountTokenSettings": {"audiences": ["aio-internal"]}},
{
"method": "X509",
"x509Settings": {
"authorizationAttributes": {
"intermediate": {
"attributes": {"city": "seattle", "foo": "bar"},
"subject": "CN = Contoso Intermediate CA",
},
"root": {
"attributes": {"organization": "contoso"},
"subject": "CN = Contoso Root CA Cert, OU = Engineering, C = US",
},
"smart-fan": {"attributes": {"building": "17"}, "subject": "CN = smart-fan"},
},
"trustedClientCaCert": "my-ca",
},
},
]
},
},
).result()
print(response)
# x-ms-original-file: 2024-11-01/BrokerAuthentication_CreateOrUpdate_Complex.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armiotoperations_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/iotoperations/armiotoperations"
)
// Generated from example definition: 2024-11-01/BrokerAuthentication_CreateOrUpdate_Complex.json
func ExampleBrokerAuthenticationClient_BeginCreateOrUpdate_brokerAuthenticationCreateOrUpdateComplex() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armiotoperations.NewClientFactory("F8C729F9-DF9C-4743-848F-96EE433D8E53", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewBrokerAuthenticationClient().BeginCreateOrUpdate(ctx, "rgiotoperations", "resource-name123", "resource-name123", "resource-name123", armiotoperations.BrokerAuthenticationResource{
Properties: &armiotoperations.BrokerAuthenticationProperties{
AuthenticationMethods: []*armiotoperations.BrokerAuthenticatorMethods{
{
Method: to.Ptr(armiotoperations.BrokerAuthenticationMethodServiceAccountToken),
ServiceAccountTokenSettings: &armiotoperations.BrokerAuthenticatorMethodSat{
Audiences: []*string{
to.Ptr("aio-internal"),
},
},
},
{
Method: to.Ptr(armiotoperations.BrokerAuthenticationMethodX509),
X509Settings: &armiotoperations.BrokerAuthenticatorMethodX509{
TrustedClientCaCert: to.Ptr("my-ca"),
AuthorizationAttributes: map[string]*armiotoperations.BrokerAuthenticatorMethodX509Attributes{
"root": {
Subject: to.Ptr("CN = Contoso Root CA Cert, OU = Engineering, C = US"),
Attributes: map[string]*string{
"organization": to.Ptr("contoso"),
},
},
"intermediate": {
Subject: to.Ptr("CN = Contoso Intermediate CA"),
Attributes: map[string]*string{
"city": to.Ptr("seattle"),
"foo": to.Ptr("bar"),
},
},
"smart-fan": {
Subject: to.Ptr("CN = smart-fan"),
Attributes: map[string]*string{
"building": to.Ptr("17"),
},
},
},
},
},
},
},
ExtendedLocation: &armiotoperations.ExtendedLocation{
Name: to.Ptr("qmbrfwcpwwhggszhrdjv"),
Type: to.Ptr(armiotoperations.ExtendedLocationTypeCustomLocation),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res = armiotoperations.BrokerAuthenticationClientCreateOrUpdateResponse{
// BrokerAuthenticationResource: &armiotoperations.BrokerAuthenticationResource{
// Properties: &armiotoperations.BrokerAuthenticationProperties{
// AuthenticationMethods: []*armiotoperations.BrokerAuthenticatorMethods{
// {
// Method: to.Ptr(armiotoperations.BrokerAuthenticationMethodServiceAccountToken),
// ServiceAccountTokenSettings: &armiotoperations.BrokerAuthenticatorMethodSat{
// Audiences: []*string{
// to.Ptr("aio-internal"),
// },
// },
// },
// {
// Method: to.Ptr(armiotoperations.BrokerAuthenticationMethodX509),
// X509Settings: &armiotoperations.BrokerAuthenticatorMethodX509{
// TrustedClientCaCert: to.Ptr("my-ca"),
// AuthorizationAttributes: map[string]*armiotoperations.BrokerAuthenticatorMethodX509Attributes{
// "root": &armiotoperations.BrokerAuthenticatorMethodX509Attributes{
// Subject: to.Ptr("CN = Contoso Root CA Cert, OU = Engineering, C = US"),
// Attributes: map[string]*string{
// "organization": to.Ptr("contoso"),
// },
// },
// "intermediate": &armiotoperations.BrokerAuthenticatorMethodX509Attributes{
// Subject: to.Ptr("CN = Contoso Intermediate CA"),
// Attributes: map[string]*string{
// "city": to.Ptr("seattle"),
// "foo": to.Ptr("bar"),
// },
// },
// "smart-fan": &armiotoperations.BrokerAuthenticatorMethodX509Attributes{
// Subject: to.Ptr("CN = smart-fan"),
// Attributes: map[string]*string{
// "building": to.Ptr("17"),
// },
// },
// },
// },
// },
// },
// ProvisioningState: to.Ptr(armiotoperations.ProvisioningStateSucceeded),
// },
// ExtendedLocation: &armiotoperations.ExtendedLocation{
// Name: to.Ptr("qmbrfwcpwwhggszhrdjv"),
// Type: to.Ptr(armiotoperations.ExtendedLocationTypeCustomLocation),
// },
// ID: to.Ptr("/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123"),
// Name: to.Ptr("lwucizfvtsdpx"),
// Type: to.Ptr("kvtilkgcxanlfozrd"),
// SystemData: &armiotoperations.SystemData{
// CreatedBy: to.Ptr("ssvaslsmudloholronopqyxjcu"),
// CreatedByType: to.Ptr(armiotoperations.CreatedByTypeUser),
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2024-08-09T18:13:29.389Z"); return t}()),
// LastModifiedBy: to.Ptr("gnicpuszwd"),
// LastModifiedByType: to.Ptr(armiotoperations.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2024-08-09T18:13:29.389Z"); return t}()),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.IotOperations.Models;
using Azure.ResourceManager.IotOperations;
// Generated from example definition: 2024-11-01/BrokerAuthentication_CreateOrUpdate_Complex.json
// this example is just showing the usage of "BrokerAuthenticationResource_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this IotOperationsBrokerAuthenticationResource created on azure
// for more information of creating IotOperationsBrokerAuthenticationResource, please refer to the document of IotOperationsBrokerAuthenticationResource
string subscriptionId = "F8C729F9-DF9C-4743-848F-96EE433D8E53";
string resourceGroupName = "rgiotoperations";
string instanceName = "resource-name123";
string brokerName = "resource-name123";
string authenticationName = "resource-name123";
ResourceIdentifier iotOperationsBrokerAuthenticationResourceId = IotOperationsBrokerAuthenticationResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, instanceName, brokerName, authenticationName);
IotOperationsBrokerAuthenticationResource iotOperationsBrokerAuthentication = client.GetIotOperationsBrokerAuthenticationResource(iotOperationsBrokerAuthenticationResourceId);
// invoke the operation
IotOperationsBrokerAuthenticationData data = new IotOperationsBrokerAuthenticationData(new IotOperationsExtendedLocation("qmbrfwcpwwhggszhrdjv", IotOperationsExtendedLocationType.CustomLocation))
{
Properties = new IotOperationsBrokerAuthenticationProperties(new BrokerAuthenticatorMethods[]
{
new BrokerAuthenticatorMethods(BrokerAuthenticationMethod.ServiceAccountToken)
{
ServiceAccountTokenAudiences = {"aio-internal"},
},
new BrokerAuthenticatorMethods(BrokerAuthenticationMethod.X509)
{
X509Settings = new BrokerAuthenticatorMethodX509
{
AuthorizationAttributes =
{
["root"] = new BrokerAuthenticatorMethodX509Attributes(new Dictionary<string, string>
{
["organization"] = "contoso"
}, "CN = Contoso Root CA Cert, OU = Engineering, C = US"),
["intermediate"] = new BrokerAuthenticatorMethodX509Attributes(new Dictionary<string, string>
{
["city"] = "seattle",
["foo"] = "bar"
}, "CN = Contoso Intermediate CA"),
["smart-fan"] = new BrokerAuthenticatorMethodX509Attributes(new Dictionary<string, string>
{
["building"] = "17"
}, "CN = smart-fan")
},
TrustedClientCaCert = "my-ca",
},
}
}),
};
ArmOperation<IotOperationsBrokerAuthenticationResource> lro = await iotOperationsBrokerAuthentication.UpdateAsync(WaitUntil.Completed, data);
IotOperationsBrokerAuthenticationResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
IotOperationsBrokerAuthenticationData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample response
{
"properties": {
"authenticationMethods": [
{
"method": "ServiceAccountToken",
"serviceAccountTokenSettings": {
"audiences": [
"aio-internal"
]
}
},
{
"method": "X509",
"x509Settings": {
"trustedClientCaCert": "my-ca",
"authorizationAttributes": {
"root": {
"subject": "CN = Contoso Root CA Cert, OU = Engineering, C = US",
"attributes": {
"organization": "contoso"
}
},
"intermediate": {
"subject": "CN = Contoso Intermediate CA",
"attributes": {
"city": "seattle",
"foo": "bar"
}
},
"smart-fan": {
"subject": "CN = smart-fan",
"attributes": {
"building": "17"
}
}
}
}
}
],
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "qmbrfwcpwwhggszhrdjv",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123",
"name": "lwucizfvtsdpx",
"type": "kvtilkgcxanlfozrd",
"systemData": {
"createdBy": "ssvaslsmudloholronopqyxjcu",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "gnicpuszwd",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}
Azure-AsyncOperation: https://contoso.com/operationstatus
{
"properties": {
"authenticationMethods": [
{
"method": "ServiceAccountToken",
"serviceAccountTokenSettings": {
"audiences": [
"aio-internal"
]
}
},
{
"method": "X509",
"x509Settings": {
"trustedClientCaCert": "my-ca",
"authorizationAttributes": {
"root": {
"subject": "CN = Contoso Root CA Cert, OU = Engineering, C = US",
"attributes": {
"organization": "contoso"
}
},
"intermediate": {
"subject": "CN = Contoso Intermediate CA",
"attributes": {
"city": "seattle",
"foo": "bar"
}
},
"smart-fan": {
"subject": "CN = smart-fan",
"attributes": {
"building": "17"
}
}
}
}
}
],
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "qmbrfwcpwwhggszhrdjv",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authentications/resource-name123",
"name": "lwucizfvtsdpx",
"type": "kvtilkgcxanlfozrd",
"systemData": {
"createdBy": "ssvaslsmudloholronopqyxjcu",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "gnicpuszwd",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}
Definitions
BrokerAuthenticationMethod
Broker Authentication Mode
| Name |
Type |
Description |
|
Custom
|
string
|
Custom authentication configuration.
|
|
ServiceAccountToken
|
string
|
ServiceAccountToken authentication configuration.
|
|
X509
|
string
|
X.509 authentication configuration.
|
BrokerAuthenticationProperties
BrokerAuthentication Resource properties
| Name |
Type |
Description |
|
authenticationMethods
|
BrokerAuthenticatorMethods[]
|
Defines a set of Broker authentication methods to be used on BrokerListeners. For each array element one authenticator type supported.
|
|
provisioningState
|
ProvisioningState
|
The status of the last operation.
|
BrokerAuthenticationResource
Instance broker authentication resource
| Name |
Type |
Description |
|
extendedLocation
|
ExtendedLocation
|
Edge location of the resource.
|
|
id
|
string
|
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
|
|
name
|
string
|
The name of the resource
|
|
properties
|
BrokerAuthenticationProperties
|
The resource-specific properties for this resource.
|
|
systemData
|
systemData
|
Azure Resource Manager metadata containing createdBy and modifiedBy information.
|
|
type
|
string
|
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
|
BrokerAuthenticatorCustomAuth
Custom Authentication properties
BrokerAuthenticatorMethodCustom
Custom method for BrokerAuthentication
| Name |
Type |
Description |
|
auth
|
BrokerAuthenticatorCustomAuth
|
Optional authentication needed for authenticating with the custom authentication server.
|
|
caCertConfigMap
|
string
|
Optional CA certificate for validating the custom authentication server's certificate.
|
|
endpoint
|
string
|
Endpoint of the custom authentication server. Must be an HTTPS endpoint.
|
|
headers
|
object
|
Additional HTTP headers to pass to the custom authentication server.
|
BrokerAuthenticatorMethods
Set of broker authentication policies. Only one method is supported for each entry.
BrokerAuthenticatorMethodSat
Service Account Token for BrokerAuthentication
| Name |
Type |
Description |
|
audiences
|
string[]
|
List of allowed audience.
|
BrokerAuthenticatorMethodX509
X509 for BrokerAuthentication.
| Name |
Type |
Default value |
Description |
|
authorizationAttributes
|
<string,
BrokerAuthenticatorMethodX509Attributes>
|
|
X509 authorization attributes properties.
|
|
trustedClientCaCert
|
string
|
client-ca
|
Name of the trusted client ca cert resource.
|
BrokerAuthenticatorMethodX509Attributes
BrokerAuthenticatorMethodX509Attributes properties.
| Name |
Type |
Description |
|
attributes
|
object
|
Attributes object.
|
|
subject
|
string
|
Subject of the X509 attribute.
|
createdByType
The type of identity that created the resource.
| Name |
Type |
Description |
|
Application
|
string
|
|
|
Key
|
string
|
|
|
ManagedIdentity
|
string
|
|
|
User
|
string
|
|
ErrorAdditionalInfo
The resource management error additional info.
| Name |
Type |
Description |
|
info
|
object
|
The additional info.
|
|
type
|
string
|
The additional info type.
|
ErrorDetail
The error detail.
| Name |
Type |
Description |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
The error additional info.
|
|
code
|
string
|
The error code.
|
|
details
|
ErrorDetail[]
|
The error details.
|
|
message
|
string
|
The error message.
|
|
target
|
string
|
The error target.
|
ErrorResponse
Error response
| Name |
Type |
Description |
|
error
|
ErrorDetail
|
The error object.
|
ExtendedLocation
Extended location is an extension of Azure locations. They provide a way to use their Azure ARC enabled Kubernetes clusters as target locations for deploying Azure services instances.
| Name |
Type |
Description |
|
name
|
string
|
The name of the extended location.
|
|
type
|
ExtendedLocationType
|
Type of ExtendedLocation.
|
ExtendedLocationType
The enum defining type of ExtendedLocation accepted.
| Name |
Type |
Description |
|
CustomLocation
|
string
|
CustomLocation type
|
ProvisioningState
The enum defining status of resource.
| Name |
Type |
Description |
|
Accepted
|
string
|
Resource has been Accepted.
|
|
Canceled
|
string
|
Resource creation was canceled.
|
|
Deleting
|
string
|
Resource is Deleting.
|
|
Failed
|
string
|
Resource creation failed.
|
|
Provisioning
|
string
|
Resource is getting provisioned.
|
|
Succeeded
|
string
|
Resource has been created.
|
|
Updating
|
string
|
Resource is Updating.
|
systemData
Metadata pertaining to creation and last modification of the resource.
| Name |
Type |
Description |
|
createdAt
|
string
|
The timestamp of resource creation (UTC).
|
|
createdBy
|
string
|
The identity that created the resource.
|
|
createdByType
|
createdByType
|
The type of identity that created the resource.
|
|
lastModifiedAt
|
string
|
The timestamp of resource last modification (UTC)
|
|
lastModifiedBy
|
string
|
The identity that last modified the resource.
|
|
lastModifiedByType
|
createdByType
|
The type of identity that last modified the resource.
|
X509ManualCertificate
X509 Certificate Authentication properties.
| Name |
Type |
Description |
|
secretRef
|
string
|
Kubernetes secret containing an X.509 client certificate. This is a reference to the secret through an identifying name, not the secret itself.
|