az iot ops broker authz
Note
This reference is part of the azure-iot-ops extension for the Azure CLI (version 2.62.0 or higher). The extension will automatically install the first time you run an az iot ops broker authz command. Learn more about extensions.
Mqtt broker authorization management.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az iot ops broker authz apply |
Create or replace an mqtt broker authorization resource. |
Extension | GA |
| az iot ops broker authz delete |
Delete an mqtt broker authorization resource. |
Extension | GA |
| az iot ops broker authz list |
List mqtt broker authorization resources associated with a broker. |
Extension | GA |
| az iot ops broker authz show |
Show details of an mqtt broker authorization resource. |
Extension | GA |
az iot ops broker authz apply
Create or replace an mqtt broker authorization resource.
An example of the config file format is as follows:
{
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"principals": {
"clientIds": [
"temperature-sensor",
"humidity-sensor"
],
"attributes": [
{
"city": "seattle",
"organization": "contoso"
}
]
},
"brokerResources": [
{
"method": "Connect"
},
{
"method": "Publish",
"topics": [
"/telemetry/{principal.clientId}",
"/telemetry/{principal.attributes.organization}"
]
},
{
"method": "Subscribe",
"topics": [
"/commands/{principal.attributes.organization}"
]
}
]
}
]
}
}
When used with apply the above content will create or replace a target authorization resource configured with a single authz rule.
az iot ops broker authz apply --config-file
--instance
--name
--resource-group
[--broker]Examples
Create or replace an authorization resource for the default broker using a config file.
az iot ops broker authz apply -n authz --in myinstance -g myresourcegroup --config-file /path/to/authz/config.jsonRequired Parameters
Path to a config file containing resource properties in json format. The config file should contain an object with properties compatible with the ARM representation of the resource. The object correlates directly with 'properties:{}' of the ARM resource.
IoT Operations instance name.
Mqtt broker authorization resource name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Mqtt broker name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az iot ops broker authz delete
Delete an mqtt broker authorization resource.
az iot ops broker authz delete --instance
--name
--resource-group
[--broker]
[--yes {false, true}]Examples
Delete the mqtt broker authorization resource called 'authz' associated with the default broker.
az iot ops broker authz delete -n authz --in myinstance -g myresourcegroupSame as prior example but skipping the confirmation prompt.
az iot ops broker authz delete -n authz --in myinstance -g myresourcegroup -yRequired Parameters
IoT Operations instance name.
Mqtt broker authorization resource name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Mqtt broker name.
Confirm [y]es without a prompt. Useful for CI and automation scenarios.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az iot ops broker authz list
List mqtt broker authorization resources associated with a broker.
az iot ops broker authz list --instance
--resource-group
[--broker]Examples
Enumerate all mqtt broker authorization resources associated with the default broker.
az iot ops broker authz list --in myinstance -g myresourcegroupRequired Parameters
IoT Operations instance name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Mqtt broker name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az iot ops broker authz show
Show details of an mqtt broker authorization resource.
az iot ops broker authz show --instance
--name
--resource-group
[--broker]Examples
Show details of the default authorization resource associated with the default broker.
az iot ops broker authz show -n authz --in myinstance -g myresourcegroupRequired Parameters
IoT Operations instance name.
Mqtt broker authorization resource name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Mqtt broker name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
