Manage asset configurations remotely

Important

Azure IoT Operations Preview – enabled by Azure Arc is currently in PREVIEW. You shouldn't use this preview software in production environments.

See the Supplemental Terms of Use for Microsoft Azure Previews for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

An asset in Azure IoT Operations Preview is a logical entity that you create to represent a real asset. An Azure IoT Operations asset can have properties, tags, and events that describe its behavior and characteristics.

OPC UA servers are software applications that communicate with assets. OPC UA servers expose OPC UA tags that represent data points. OPC UA tags provide real-time or historical data about the status, performance, quality, or condition of assets.

An asset endpoint is a custom resource in your Kubernetes cluster that connects OPC UA servers to OPC UA connector modules. This connection enables an OPC UA connector to access an asset's data points. Without an asset endpoint, data can't flow from an OPC UA server to the Azure IoT OPC UA Broker Preview instance and Azure IoT MQ Preview instance. After you configure the custom resources in your cluster, a connection is established to the downstream OPC UA server and the server forwards telemetry to the OPC UA Broker instance.

A site is a collection of Azure IoT Operations instances. Sites help you organize your instances and manage access control. Your IT administrator creates sites, assigns instances to them, and grants access to OT users in your organization.

In the Azure IoT Operations (preview) portal, an instance represents an Azure IoT Operations cluster. An instance can have one or more asset endpoints.

This article describes how to use the Azure IoT Operations (preview) portal and the Azure CLI to:

• Define asset endpoints
• Add assets, and define tags and events

These assets, tags, and events map inbound data from OPC UA servers to friendly names that you can use in the MQ broker and Azure IoT Data Processor Preview pipelines.

Prerequisites

To configure an assets endpoint, you need a running instance of Azure IoT Operations.

Sign in

Azure IoT Operations portal

To sign in to the Azure IoT Operations (preview) portal, navigate to the Azure IoT Operations (preview) portal in your browser and sign in by using your Microsoft Entra ID credentials.

Select your site

After you sign in, the portal displays a list of sites that you have access to. Each site is a collection of Azure IoT Operations instances where you can configure your assets. Your IT administrator is responsible for organizing instances in to sites and granting access to OT users in your organization. Instances that aren't part of a site appear in the Unassigned instances node. Select the site that you want to use:

Tip

You can use the filter box to search for sites.

If you don't see any sites, you might not be in the right Azure Active Directory tenant. You can change the tenant from the top right menu in the portal. If you still don't see any sites that means you aren't added to any yet. Reach out to your IT administrator to request access.

Select your instance

After you select a site, the portal displays a list of the Azure IoT Operations instances that are part of the site. Select the instance that you want to use:

Tip

You can use the filter box to search for instances.

Azure CLI

Before you use the az iot ops asset commands, sign in to the subscription that contains your Azure IoT Operations deployment:

az login

Create an asset endpoint

By default, an Azure IoT Operations deployment includes a built-in OPC PLC simulator. To create an asset endpoint that uses the built-in OPC PLC simulator:

Azure IoT Operations portal

1. Select Asset endpoints and then Create asset endpoint:

   

   Tip

   You can use the filter box to search for asset endpoints.

2. Enter the following endpoint information:

   Field	Value
   Name	opc-ua-connector-0
   OPC UA Broker URL	opc.tcp://opcplc-000000:50000
   User authentication	Anonymous
   Transport authentication	Do not use transport authentication certificate

3. To save the definition, select Create.

Azure CLI

Run the following command:

az iot ops asset endpoint create --name opc-ua-connector-0 --target-address opc.tcp://opcplc-000000:50000 -g {your resource group name} --cluster {your cluster name} 

Tip

Use az connectedk8s list to list the clusters you have access to.

To learn more, see az iot ops asset endpoint.

This configuration deploys a new assetendpointprofile resource called opc-ua-connector-0 to the cluster. After you define an asset, an OPC UA connector pod discovers it. The pod uses the asset endpoint that you specify in the asset definition to connect to an OPC UA server.

When the OPC PLC simulator is running, data flows from the simulator, to the connector, to the OPC UA broker, and finally to the MQ broker.

Configure an asset endpoint to use a username and password

The previous example uses the Anonymous authentication mode. This mode doesn't require a username or password.

Azure IoT Operations portal

To use the UsernamePassword authentication mode, complete the following steps:

1. Follow the steps in Configure OPC UA user authentication with username and password to add secrets for username and password in Azure Key Vault, and project them into Kubernetes cluster.
2. In the Azure IoT Operations (preview) portal, select Username & password for the User authentication field to configure the asset endpoint to use these secrets. Then enter the following values for the Username reference and Password reference fields:

Field	Value
Username reference	aio-opc-ua-broker-user-authentication/username
Password reference	aio-opc-ua-broker-user-authentication/password

Azure CLI

To use the UsernamePassword authentication mode, complete the following steps:

1. Follow the steps in Configure OPC UA user authentication with username and password to add secrets for username and password in Azure Key Vault, and project them into Kubernetes cluster.

2. Use a command like the following example to create your asset endpoint:

   az iot ops asset endpoint create --name opc-ua-connector-0 --target-address opc.tcp://opcplc-000000:50000 -g {your resource group name} --cluster {your cluster name} --username-ref "aio-opc-ua-broker-user-authentication/username" --password-ref "aio-opc-ua-broker-user-authentication/password"
   

Configure an asset endpoint to use a transport authentication certificate

To configure the asset endpoint to use a transport authentication certificate, complete the following steps:

Azure IoT Operations portal

1. Follow the steps in configure mutual trust to add a transport certificate and private key to Azure Key Vault, and project them into Kubernetes cluster.
2. In the Azure IoT Operations (preview) portal, select Use transport authentication certificate for the Transport authentication field and enter the certificate thumbprint.

Azure CLI

1. Follow the steps in configure mutual trust to add a transport certificate and private key to Azure Key Vault, and project them into Kubernetes cluster.

2. Use a command like the following example to create your asset endpoint:

   az iot ops asset endpoint create --name opc-ua-connector-0 --target-address opc.tcp://opcplc-000000:50000 -g {your resource group name} --cluster {your cluster name} --username-ref "aio-opc-ua-broker-user-authentication/username" --password-ref "aio-opc-ua-broker-user-authentication/password"
   

To learn more, see az iot ops asset.

Add an asset, tags, and events

Azure IoT Operations portal

To add an asset in the Azure IoT Operations (preview) portal:

1. Select the Assets tab. Before you create any assets, you see the following screen:

   

   Tip

   You can use the filter box to search for assets.

   Select Create asset.

2. On the asset details screen, enter the following asset information:

   • Asset name
   • Asset endpoint. Select your asset endpoint from the list.
   • Description

   

3. Configure the set of properties that you want to associate with the asset. You can accept the default list of properties or add your own. The following properties are available by default:

   • Manufacturer
   • Manufacturer URI
   • Model
   • Product code
   • Hardware version
   • Software version
   • Serial number
   • Documentation URI

4. Select Next to go to the Add tags page.

Add individual tags to an asset

Now you can define the tags associated with the asset. To add OPC UA tags:

1. Select Add tag or CSV > Add tag.

2. Enter your tag details:

   • Node ID. This value is the node ID from the OPC UA server.
   • Tag name (Optional). This value is the friendly name that you want to use for the tag. If you don't specify a tag name, the node ID is used as the tag name.
   • Observability mode (Optional) with following choices:
     • None
     • Gauge
     • Counter
     • Histogram
     • Log
   • Sampling Interval (milliseconds). You can override the default value for this tag.
   • Queue size. You can override the default value for this tag.

   

   The following table shows some example tag values that you can use with the built-in OPC PLC simulator:

   Node ID	Tag name	Observability mode
   ns=3;s=FastUInt10	temperature	none
   ns=3;s=FastUInt100	Tag 10	none

3. Select Manage default settings to configure default telemetry settings for the asset. These settings apply to all the OPC UA tags that belong to the asset. You can override these settings for each tag that you add. Default telemetry settings include:

   • Sampling interval (milliseconds): The sampling interval indicates the fastest rate at which the OPC UA Server should sample its underlying source for data changes.
   • Publishing interval (milliseconds): The rate at which OPC UA Server should publish data.
   • Queue size: The depth of the queue to hold the sampling data before publishing it.

Add tags in bulk to an asset

You can import up to 1000 OPC UA tags at a time from a CSV file:

1. Create a CSV file that looks like the following example:

   NodeID	TagName	Sampling Interval Milliseconds	QueueSize	ObservabilityMode
   ns=3;s=FastUInt1000	Tag 1000	1000	5	none
   ns=3;s=FastUInt1001	Tag 1001	1000	5	none
   ns=3;s=FastUInt1002	Tag 1002	5000	10	none

2. Select Add tag or CSV > Import CSV (.csv) file. Select the CSV file you created and select Open. The tags defined in the CSV file are imported:

   

   If you import a CSV file that contains tags that are duplicates of existing tags, the Azure IoT Operations (preview) portal displays the following message:

   

   You can either replace the duplicate tags and add new tags from the import file, or you can cancel the import.

3. To export all the tags from an asset to a CSV file, select Export all and choose a location for the file:

   

4. On the Tags page, select Next to go to the Add events page.

Tip

You can use the filter box to search for tags.

Azure CLI

Use the following command to add a "thermostat" asset by using the Azure CLI. The command adds two tags to the asset by using the --data parameter:

az iot ops asset create --name thermostat -g {your resource group name} --cluster {your cluster name} --endpoint opc-ua-connector-0 --description 'A simulated thermostat asset' --data  data_source='ns=3;s=FastUInt10', name=temperature --data data_source='ns=3;s=FastUInt100', name='Tag 10'

When you create an asset by using the Azure CLI, you can define:

• Multiple tags by using the --data parameter multiple times.
• Multiple events by using the --event parameter multiple times.
• Optional information for the asset such as:
  • Manufacturer
  • Manufacturer URI
  • Model
  • Product code
  • Hardware version
  • Software version
  • Serial number
  • Documentation URI
• Default values for sampling interval, publishing interval, and queue size.
• Tag specific values for sampling interval, publishing interval, and queue size.
• Event specific values for sampling publishing interval, and queue size.
• The observability mode for each tag and event

Add individual events to an asset

Azure IoT Operations portal

Now you can define the events associated with the asset. To add OPC UA events:

1. Select Add event or CSV > Add event.

2. Enter your event details:

   • Event notifier. This value is the event notifier from the OPC UA server.
   • Event name (Optional). This value is the friendly name that you want to use for the event. If you don't specify an event name, the event notifier is used as the event name.
   • Observability mode (Optional) with following choices:
     • None
     • Gauge
     • Counter
     • Histogram
     • Log
   • Queue size. You can override the default value for this tag.

   

3. Select Manage default settings to configure default event settings for the asset. These settings apply to all the OPC UA events that belong to the asset. You can override these settings for each event that you add. Default event settings include:

   • Publishing interval (milliseconds): The rate at which OPC UA Server should publish data.
   • Queue size: The depth of the queue to hold the sampling data before publishing it.

Add events in bulk to an asset

You can import up to 1000 OPC UA events at a time from a CSV file.

To export all the events from an asset to a CSV file, select Export all and choose a location for the file.

On the Events page, select Next to go to the Review page.

Tip

You can use the filter box to search for events.

Review your changes

Review your asset and OPC UA tag and event details and make any adjustments you need:

Azure CLI

When you create an asset by using the Azure CLI, you can define multiple events by using the --event parameter multiple times. The syntax for the --event parameter is similar to the --data parameter:

az iot ops asset create --name thermostat -g {your resource group name} --cluster {your cluster name} --endpoint opc-ua-connector-0 --description 'A simulated thermostat asset' --event event_notifier='ns=3;s=FastUInt12', name=warning

For each event that you define, you can specify the:

• Event notifier. This value is the event notifier from the OPC UA server.
• Event name. This value is the friendly name that you want to use for the event. If you don't specify an event name, the event notifier is used as the event name.
• Observability mode.
• Queue size.

Update an asset

Azure IoT Operations portal

Find and select the asset you created previously. Use the Asset details, Tags, and Events tabs to make any changes:

On the Tags tab, you can add tags, update existing tags, or remove tags.

To update a tag, select an existing tag and update the tag information. Then select Update:

To remove tags, select one or more tags and then select Remove tags:

You can also add, update, and delete events and properties in the same way.

When you're finished making changes, select Save to save your changes.

Azure CLI

To list your assets, use the following command:

az iot ops asset query -g {your resource group name}

Tip

You can refine the query command to search for assets that match specific criteria. For example, you can search for assets by manufacturer.

To view the details of the thermostat asset, use the following command:

az iot ops asset show --name thermostat -g {your resource group}

To update an asset, use the az iot ops asset update command. For example, to update the asset's description, use a command like the following example:

az iot ops asset update --name thermostat --description 'A simulated thermostat asset' -g {your resource group}

To list the thermostat asset's tags, use the following command:

az iot ops asset data-point list --asset thermostat -g {your resource group}

To list the thermostat asset's events, use the following command:

az iot ops asset event list --asset thermostat -g {your resource group}

To add a new tag to the thermostat asset, use a command like the following example:

az iot ops asset data-point add --asset thermostat -g {your resource group} --data-source 'ns=3;s=FastUInt1002' --name 'humidity'

To delete a tag, use the az iot ops asset data-point remove command.

You can manage an asset's events by using the az iot ops asset event commands.

Delete an asset

Azure IoT Operations portal

To delete an asset, select the asset you want to delete. On the Asset details page, select Delete. Confirm your changes to delete the asset:

Azure CLI

To delete an asset, use a command that looks like the following example:

az iot ops asset delete --name thermostat -g {your resource group name}

Notifications

Whenever you make a change to asset in the Azure IoT Operations (preview) portal, you see a notification that reports the status of the operation:

Related content

• Azure OPC UA Broker overview
• Azure IoT Akri overview
• az iot ops asset
• az iot ops asset endpoint