Configure IoT Hub file uploads using the Azure portal

This article shows you how to configure file uploads on your IoT hub using the Azure portal.

To use the file upload functionality in IoT Hub, you must first associate an Azure storage account and blob container with your IoT hub. IoT Hub automatically generates SAS URIs with write permissions to this blob container for devices to use when they upload files. In addition to the storage account and blob container, you can set the time-to-live for the SAS URI and the type of authentication that IoT Hub uses with Azure storage. You can also configure settings for the optional file upload notifications that IoT Hub can deliver to backend services.

Prerequisites

Configure your IoT hub

  1. In the Azure portal, navigate to your IoT hub and select File upload to display the file upload properties. Then select Azure Storage Container under Storage container settings.

    Screenshot that shows how to configure file upload settings in the portal.

  2. Select an Azure Storage account and blob container in your current subscription to associate with your IoT hub. If necessary, you can create an Azure Storage account on the Storage accounts pane and create a blob container on the Containers pane.

    Screenshot showing how to view storage containers for file upload.

  3. After you've selected an Azure Storage account and blob container, configure the rest of the file upload properties.

    • Receive notifications for uploaded files: Enable or disable file upload notifications via the toggle.

    • SAS TTL: This setting is the time-to-live of the SAS URIs returned to the device by IoT Hub. Set to one hour by default but can be customized to other values using the slider.

    • File notification settings default TTL: The time-to-live of a file upload notification before it's expired. Set to one day by default but can be customized to other values using the slider.

    • File notification maximum delivery count: The number of times the IoT Hub attempts to deliver a file upload notification. Set to 10 by default but can be customized to other values using the slider.

    • Authentication type: By default, Azure IoT Hub uses key-based authentication to connect and authorize with Azure Storage. You can also configure user-assigned or system-assigned managed identities to authenticate Azure IoT Hub with Azure Storage. Managed identities provide Azure services with an automatically managed identity in Microsoft Entra ID in a secure manner. To learn how to configure managed identities, see IoT Hub support for managed identities. After you've configured one or more managed identities on your Azure Storage account and IoT hub, you can select one for authentication with Azure storage with the System-assigned or User-assigned buttons.

      Note

      The authentication type setting configures how your IoT hub authenticates with your Azure Storage account. Devices always authenticate with Azure Storage using the SAS URI that they get from the IoT hub.

  4. Select Save to save your settings. Be sure to check the confirmation for successful completion. Some selections, like Authentication type, are validated only after you save your settings.

Next steps