Can I use Device Provisioning Service (DPS) to provision the downstream devices using edge module? For Identity translated Gateway scenario, should the Edge gateway have the connection string for all downstream devices with it or it can use DPS service to get the connection string?
1
votes
2 Answers
1
votes
You can have a custom module which will do a work of a provisioning through DPS. AS of 1.6 release of Edge Runtime there is no built in provisioning of child devices. Nothing stopping you to write a module which will proxy a dps calls from your child devices or implement your custom hand shake if you doing protocol translation.
Here is a call structure of DPS device registration:
const registrationOptions = {
url: `https://${dpsEndpoint}/${idScope}/registrations/${deviceId}/register?api-version=${dpsVersion}`,
method: 'PUT',
json: true,
insecure: true,
rejectUnauthorized: false,
headers: { Authorization: sasToken },
body: bodyJson,
};
Your device can either register itself through edge module or edge module can register device if you are using protocol translation. You can find following github repo useful to understand how gateway can register child devices. https://github.com/Azure/iotc-device-bridge
1
votes
Device provisioning service currently does not work through IoT Edge at all in the scenarios with downstream devices.
From my experience, you would have to set up the provisioning of each downstream devices individually and have the mechanism that will assign parent device(IoT Edge device) to the downstream device if you are using x.509 certificates. (currently, I think that this is in the preview, the property name is called deviceScope that you need to set).
Also the documentation says: "Identity translation - Devices that cannot connect to IoT Hub can connect to a gateway device.." This means that in Identity translation case your downstream device is not visible to IoT Hub, therefore also to DPS but it is potentially in the same network as your IoT Edge appliance.
Now, depending on the business case, and if your downstream device does not have a connection and visibility to IoT Hub at all, another way is that you do not register the downstream device as a device at all. You can try to push data to RabittMQ server for example and have a module on IoT Edge that subscribes, gets the data and sends to the IoT Hub. Or if your downstream device has only local network access, set up some kind of an endpoint in one of the IoT Edge modules, and send data from the downstream device to that endpoint.
