Azure IoT Device lifecycle events

The Azure IoT Hub is the main gateway for Azure IoT-related device connectivity.

It features several useful features to make your IoT developer life easy.

It offers a registry for devices so each device has its own credentials. Each device is capable to ingest device-to-cloud telemetry data into Azure and the IoT Hub also offers several ways for cloud-to-device communication (e.g. desired properties and direct methods).

The IoT Hub is also capable to report any device change event during the lifecycle of that device:

It can generate messages when a device is created or deleted. It also generated messages when the device twin is changed. It even generates a message when the ‘digital twin’ is updated.

Note: The digital twin update is related to Azure IoT Plug and Play. This is out of scope for this post. Though, an example of the digital twin change event is seen here.

In this post, we will look at the format of these messages.

Doorgaan met het lezen van “Azure IoT Device lifecycle events”

Jump box part 2: Azure VNet connection with a point-to-site VPN Gateway

Azure IoT devices send telemetry to the cloud in a secure and reliable way. Although these devices are designed to be robust and probably are configurable in a zero-touch manner, sometimes it is still needed to log in to these devices using e.g. an RDP or SSH session.

For this, we do not want to create an inbound port in the firewall offering a public inbound session; this makes the devices vulnerable to attacks from the outside world.

This blog is part two of a series about setting up a jump box in Azure to access local devices from the cloud. Part one ended with a private VM in the cloud which was accessible using a secure Azure Bastion connection:

In this blog post, we will discover how to connect local devices (both running Windows or Ubuntu) from the cloud in a secure way, making use of the already existing VNet and the Bastion connection:

We will dive into creating a point-to-site VPN connection, generating certificates to secure the communication, and attaching various VPN clients, including one running on OpenVPN.

Doorgaan met het lezen van “Jump box part 2: Azure VNet connection with a point-to-site VPN Gateway”

Jump box part 1: Secure access to private cloud VM using Azure Bastion

When you work with Azure and Azure IoT, at some point you have to think about a jump box (aka jump server).

This is a device in your network that supports access to other devices in a secure way.

Yes, you can probably access devices in some sort of secure way already using device-specific credentials. Think about an RDP session or using an SSH connection. Still, credentials once remembered by a user, are hard to forget.

The trick with a jump box is to work with multiple layers of security.

First, you have to log in to one device. From there, you ‘jump’ to the next one:

The jump box should be made accessible using other credentials apart from the other connection.

Even better, if these credentials are put in AAD so the login credentials are related to the user logging in, access can be revoked once people are not part of that trusted group of users anymore (e.g. when someone is resigning or fired).

Last year, I wrote this blog post about Azure Bastion already because it is a service that we can use for exactly this:

Diagram showing Azure Bastion architecture.

Using Azure Bastion, only people having access to the Azure portal can make use of that service to access other specific Azure resources (living in the same virtual network, on one or more subnets).

The opposite is true. Azure Bastion only works while using the Azure portal.

Let’s set up a jump box in Azure in a number of blog posts. Let’s start with Azure Bastion. Later on, we look at securing connections to the next device.

Doorgaan met het lezen van “Jump box part 1: Secure access to private cloud VM using Azure Bastion”

Creating an Azure Stream Analytics job using VS Code

Azure Stream Analytics is often the centerpiece of our IoT solutions.

It acts like a rule engine where data streams from multiple sources can be combined together, even enriched with static reference data.

Azure Stream Analytics does not come cheap if you only want to do some simple aggregations. For that, probably Azure Functions can help you out.

But, when it comes to more elaborate rules using multiple inputs, multiple outputs, time windowing, custom functions, and Machine learning integration, Azure Stream Analytics (and many more capabilities) should be your first choice:

Normally, I demonstrate Azure Stream Analytics using the Azure Portal.

There, it offers me a convenient browser experience where I can show how inputs, outputs, and user-defined functions are created. I can also copy/paste a (basic) query and demonstrate how it can be tested and run in a simple manner:

For people new to Azure Stream Analytics, this is a perfect starting point.

Still, this is for demonstration purposes only!

The Azure portal lacks (professional) abilities like source control/versioning, superior user-defined functions, and diagnostics.

If you plan to use Azure Stream Analytics in your projects, please consider starting using the VS Code project template.

In this blog, we will see how to start with the Visual Studio Code project for Stream Analytics.

Doorgaan met het lezen van “Creating an Azure Stream Analytics job using VS Code”

FutureTech 2022 announced, CFP open

The Dutch FutureTech is a one-day event in The Netherlands. In 2022 it will take place on March 17, 2022 at the Jaarbeurs Utrecht.

This event is the Microsoft Technologies and .Net conference for the Netherlands showing the latests innovations using Microsoft technology.

Expect the best national & international speakers delivering quality content about the hottest IT topics, of course with the overall theme: Microsoft technologies.

Doorgaan met het lezen van “FutureTech 2022 announced, CFP open”

Azure Time Series Insights introduction

Just this week, I was part of the Microsoft Tech Days: Flight into IoT event.

With a whole team of MVPs, we all explained different parts of Azure IoT using a simulation of an airplane flight from London to Budapest.

I myself talked about the pros and cons of Azure Time Series Insights:

Because I only had twenty minutes for explaining what TSI is and for demonstrating how it works, I had to skip some topics.

In this blog, I give an overview of what I demonstrated plus I add some extra goodies and in-depth information because there luckily is no time limit to this blog 🙂

Doorgaan met het lezen van “Azure Time Series Insights introduction”

Connecting Advantech ICR to Azure IoT using NodeRed

In the past, I have written about that perfect NodeRed node for Azure IoT. Using this node, you can connect to eg. Azure IoT and Azure IoT Central from any NodeRed solution.

I came across the Advantech ICR devices which offer cellular (4G) router connectivity in a ruggedized format and you can add your own custom logic:

You can either put C or Python apps on them and you also can use NodeRed on the V3 and V4 platforms.

Let’s dive into this NodeRed support and have an ICR connected to Azure:

Doorgaan met het lezen van “Connecting Advantech ICR to Azure IoT using NodeRed”

IoT on Microsoft Ignite, November 2021

Update: Videos of various sessions are now available (if applicable).

November 2-4 2021, there is another Microsoft Ignite. Again, this is a virtual events. So, all event sessions are online and Microsoft offers free registration and access.

Join us November 2–4, 2021 to explore the latest tools, training sessions, technical expertise, networking opportunities, and more.

As always, here is a list of IoT related sessions.

Microsoft Ignite: Guide to November 2021 edition aka What to watch / join,  how to connect with people and also to have fun – Vesa Nopanen – My Teams &  Microsoft 365 Day
Doorgaan met het lezen van “IoT on Microsoft Ignite, November 2021”

Get on board for a Flight into Azure IoT

Update: It was a blizz! The airplane in Budapest after a successful flight. landed The recording is available here:

On Monday, November 15th a great team of MVPs will walk you through the simple process of setting up an Azure IoT solution.


What to expect?

We will take you through an end-to-end solution from real flight tracking data like speed, altitude and location from a flight departing London. During the event we’ll track the flight’s progress to its destination and show how to get that data from an IoT device at the edge into Microsoft Azure IoT and the cloud where it can be processed for display on a dashboard or stored for later processing. We won’t be able to teach you how to become an IoT expert in the 2.5 hours we have – but what we can do is show you how to build on your current developer skills to integrate IoT into your business applications (and passion projects!) and set you up on your journey to become certified in IoT with the Microsoft AZ220 qualification.

I myself will show the power of Time Series Insights to capture data, let you understand how that data can support business objectives, and show how to surface that data from an engineer’s perspective.

The interactive, online, event takes place at 10:00-12:45 GMT (UTC±0).

I hope to see you there!

Please register at

Set up an Azure IoT Edge runtime in a minute

Azure IoT Edge runs on both Windows 10 and Linux, let’s talk about how to set up that Azure IoT Edge runtime.

The current LTS 1.1.* version of Azure IoT Edge still supports Windows containers on Windows devices.

The newest version of Azure IoT Edge, the 1.2.* version supports running only Linux containers on Windows. This is called EFLOW (Edge for Linux on Windows).

So, Microsoft supports both Linux containers on Linux and Windows too. Technically, you have to write only one solution running on both operating systems.

Still, you have to build and push separate container versions of the same logic based on the processor architecture.

Azure IoT Edge runs on most flavors of (Linux) operating systems that can run containers; however, not all of these systems are equally supported. There is documentation available with an up-to-date list of supported operating systems. Check out if your operating system gets either Tier 1 or Tier 2 support.

As an example, Ubuntu 20.04LTS is currently not officially supported in Tier 1.

Update 21-10-2021: During the recent Azure IoT Edge Summit – Technical Track it is announced Ubuntu 20.04 is on the product team near term roadmap and coming soon.

Still, the Azure IoT Edge runtime can be installed and is considered compatible.

That runtime is built up in a few parts:

  1. A daemon (process) that secures the runtime and start the local part of an Azure IoT Edge solution
  2. The open-source Moby container runtime where the modules will be hosted in
  3. A local directory structure for configuration

Regarding the installation of the runtime, you can follow the original documentation.

This guide does not point you to a simple installation. You need to have technical skills to roll out the runtime. And the rollout is done by hand.

Now, a script is provided and maintained by the Microsoft product team that can be used to automate the roll out of the runtime, including support for DPS.

Let’s check this out.

Doorgaan met het lezen van “Set up an Azure IoT Edge runtime in a minute”