What is OSConfig for IoT?
Solution builders and operators need to configure or observe device settings on their Azure IoT connected devices. Common examples include network settings, hostnames, time zones, security benchmarks, firewall rules, ssh users, and so on.
Until now, developers and operators have faced an expensive DIY battle to accomplish these "table stakes" tasks.
- Developers could build custom device management agents and corresponding Azure IoT integration, but doing so robs time and dev resources from their core solution.
- Developers could adapt server management tools like Ansible, Chef, et. al., but those datacenter toolchains don't always translate well to the world of IoT. For example: mismatched personas and skill sets, constrained device size, conflicting device identities, poor battery life, and restricted communications.
OSConfig for IoT brings these configuration management capabilities into your existing Azure IoT workflows, so you don't have to switch contexts and toolchains. OSConfig for IoT is built on Azure IoT fundamentals including MQTT, twins, DPS, and so on.
OSConfig and the Microsoft capability suite for IoT
OSConfig for IoT adds configuration management to the broader suite of device management and security capabilities from Microsoft.
To get the full suite of capabilities, ensure that your devices have:
- The OSConfig for IoT client
- The Device Update for IoT Hub client
- The Defender for IoT client
- (for larger devices) the IoT Edge runtime.
You can install these packages to your own device, or you can use devices which have them pre-installed, such as Azure Percept devices and Edge Secured Core certified devices.
How it works with Azure IoT
The compact and efficient OSConfig agent for Linux runs on each device. It projects the device's configurable and observable properties into your Azure IoT Hub. This enables twin-based workflows (for example: IoT Explorer, Azure IoT Device Management Configurations, and Azure IoT Device Management Queries) to observe and configure the devices.

What can I manage?
OSConfig for IoT has an extensible plug-in model, so developers can add functionality as needed for your unique devices. It also includes a standard library of capabilities that you can use right away. As of version 0.4, these include:
| Scenario | Description |
|---|---|
| IP information | Get network adapter and IP configuration such as IP addresses, DNS servers, and so on. |
| Firewall rules | Observe what firewall rules are present on the device, such as allowing or blocking ssh traffic, and so on. |
| Azure Device Health Service (ADHS) governance | Set and observe the opt-in level for the ADHS service. |
| Delivery Optimization governance | Set and observe Delivery Optimization parameters such as Microsoft Connected Cache URLs, throttling, and so on. Delivery Optimization is used by Device Update for IoT Hub for downloading update content. |
| Reboot & shutdown | Restart devices as needed, or shut down a misbehaving device until it can be replaced |
| Custom configuration | Apply shell-based configurations. For example: setting time zones, configuring hostnames, updating proxy servers, creating firewall rules, and so on. |
| Custom reporting | Through shell commands, retrieve information from the device which is pertinent to your solution. For example: getting any of the data points referred to in "Custom configuration" above, getting free disk space, getting specialized device info, getting app status, and so on. |