az iot dps enrollment-group

Manage Azure IoT Hub Device Provisioning Service.

Commands

az iot dps enrollment-group create Create an enrollment group in an Azure IoT Hub Device Provisioning Service.
az iot dps enrollment-group delete Delete an enrollment group in an Azure IoT Hub Device Provisioning Service.
az iot dps enrollment-group list List enrollments groups in an Azure IoT Hub Device Provisioning Service.
az iot dps enrollment-group show Get the details of an enrollment group in an Azure IoT Hub Device Provisioning Service.
az iot dps enrollment-group update Update an enrollment group in an Azure IoT Hub Device Provisioning Service.

az iot dps enrollment-group create

Create an enrollment group in an Azure IoT Hub Device Provisioning Service.

az iot dps enrollment-group create --dps-name
--enrollment-id
--resource-group
[--allocation-policy {geolatency, hashed, static}]
[--ca-name]
[--certificate-path]
[--hn]
[--ih]
[--initial-twin-properties]
[--initial-twin-tags]
[--pk]
[--provisioning-status {disabled, enabled}]
[--reprovision-policy {never, reprovisionandmigratedata, reprovisionandresetdata}]
[--scn]
[--scp]
[--secondary-key]

Examples

Create an enrollment group '{enrollment_id}' in the Azure IoT provisioning service '{dps_name}' in the resource group '{resource_group_name} using an intermediate certificate as primary certificate'.

az iot dps enrollment-group create -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --certificate-path /certificates/Certificate.pem

Create an enrollment group '{enrollment_id}' in the Azure IoT provisioning service '{dps_name}' in the resource group '{resource_group_name} using a CA certificate {certificate_name} as secondary certificate'.

az iot dps enrollment-group create -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --secondary-ca-name {certificate_name}

Create an enrollment group '{enrollment_id}' in the Azure IoT provisioning service 'MyDps' in the resource group '{resource_group_name}' with provisioning status 'enabled', target IoT Hub '{iothub_host_name}' and initial twin tags '{"location":{"region":"US"}} using an intermediate certificate as primary certificate'.

az iot dps enrollment-group create -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --certificate-path /certificates/Certificate.pem --provisioning-status enabled --iot-hub-host-name {iothub_host_name} --initial-twin-tags "{'location':{'region':'US'}}"

Create an enrollment group '{enrollment_id}' in the Azure IoT provisioning service '{dps_name}' in the resource group '{resource_group_name} with attestation type 'symmetrickey'.

az iot dps enrollment-group create -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --primary-key {primary_key} --secondary-key {secondary_key}

Required Parameters

--dps-name

Name of the Azure IoT Hub device provisioning service.

--enrollment-id

ID of enrollment group.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--allocation-policy --ap

Type of allocation for device assigned to the Hub.

accepted values: geolatency, hashed, static
--ca-name --cn --root-ca-name

The name of the primary root CA certificate. If attestation with a root CA certificate is desired then a root ca name must be provided.

--certificate-path --cp

The path to the file containing the primary certificate. If attestation with an intermediate certificate is desired then a certificate path must be provided.

--hn --iot-hub-host-name

Host name of target IoT Hub.

--ih --iot-hubs

Host name of target IoT Hub. Use space-separated list for multiple IoT Hubs.

--initial-twin-properties --props

Initial twin properties.

--initial-twin-tags --tags

Initial twin tags.

--pk --primary-key

The primary symmetric shared access key stored in base64 format.

--provisioning-status --ps

Enable or disable enrollment entry.

accepted values: disabled, enabled
--reprovision-policy --rp

Device data to be handled on re-provision to different Iot Hub.

accepted values: never, reprovisionandmigratedata, reprovisionandresetdata
--scn --secondary-ca-name --secondary-root-ca-name

The name of the secondary root CA certificate. If attestation with a root CA certificate is desired then a root ca name must be provided.

--scp --secondary-certificate-path

The path to the file containing the secondary certificate. If attestation with an intermediate certificate is desired then a certificate path must be provided.

--secondary-key --sk

The secondary symmetric shared access key stored in base64 format.

az iot dps enrollment-group delete

Delete an enrollment group in an Azure IoT Hub Device Provisioning Service.

az iot dps enrollment-group delete --dps-name
--enrollment-id
--resource-group

Required Parameters

--dps-name

Name of the Azure IoT Hub device provisioning service.

--enrollment-id

ID of enrollment group.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az iot dps enrollment-group list

List enrollments groups in an Azure IoT Hub Device Provisioning Service.

az iot dps enrollment-group list --dps-name
--resource-group
[--top]

Required Parameters

--dps-name

Name of the Azure IoT Hub device provisioning service.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--top

Maximum number of elements to return. Use -1 for unlimited.

az iot dps enrollment-group show

Get the details of an enrollment group in an Azure IoT Hub Device Provisioning Service.

az iot dps enrollment-group show --dps-name
--enrollment-id
--resource-group

Required Parameters

--dps-name

Name of the Azure IoT Hub device provisioning service.

--enrollment-id

ID of enrollment group.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az iot dps enrollment-group update

Update an enrollment group in an Azure IoT Hub Device Provisioning Service.

az iot dps enrollment-group update --dps-name
--enrollment-id
--resource-group
[--allocation-policy {geolatency, hashed, static}]
[--ca-name]
[--certificate-path]
[--etag]
[--hn]
[--ih]
[--initial-twin-properties]
[--initial-twin-tags]
[--pk]
[--provisioning-status {disabled, enabled}]
[--rc {false, true}]
[--remove-secondary-certificate {false, true}]
[--reprovision-policy {never, reprovisionandmigratedata, reprovisionandresetdata}]
[--scn]
[--scp]
[--secondary-key]

Examples

Update enrollment group '{enrollment_id}' in the Azure IoT provisioning service '{dps_name}' in the resource group '{resource_group_name}' with new initial twin tags.

az iot dps enrollment-group update -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --initial-twin-tags "{'location':{'region':'US2'}}" --etag AAAAAAAAAAA=

Update enrollment group '{enrollment_id}' in the Azure IoT provisioning service '{dps_name}' in the resource group '{resource_group_name}' with new primary intermediate certificate and remove existing secondary intermediate certificate.

az iot dps enrollment-group update -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --certificate-path /certificates/NewCertificate.pem --remove-secondary-certificate --etag AAAAAAAAAAA=

Update enrollment group '{enrollment_id}' in the Azure IoT provisioning service '{dps_name}' in the resource group '{resource_group_name}' with new secondary CA certificate '{certificate_name}' and remove existing primary CA certificate.

az iot dps enrollment-group update -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --secondary-ca-name {certificate_name} --remove-certificate --etag AAAAAAAAAAA=

Update enrollment group '{enrollment_id}' in the Azure IoT provisioning service '{dps_name}' in the resource group '{resource_group_name}' with new primary key.

az iot dps enrollment-group update -g {resource_group_name} --dps-name {dps_name} --enrollment-id {enrollment_id} --primary-key {new_primary_key} --etag AAAAAAAAAAA=

Required Parameters

--dps-name

Name of the Azure IoT Hub device provisioning service.

--enrollment-id

ID of enrollment group.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--allocation-policy --ap

Type of allocation for device assigned to the Hub.

accepted values: geolatency, hashed, static
--ca-name --cn --root-ca-name

The name of the primary root CA certificate. If attestation with a root CA certificate is desired then a root ca name must be provided.

--certificate-path --cp

The path to the file containing the primary certificate. If attestation with an intermediate certificate is desired then a certificate path must be provided.

--etag -e

Entity tag value.

--hn --iot-hub-host-name

Host name of target IoT Hub.

--ih --iot-hubs

Host name of target IoT Hub. Use space-separated list for multiple IoT Hubs.

--initial-twin-properties --props

Initial twin properties.

--initial-twin-tags --tags

Initial twin tags.

--pk --primary-key

The primary symmetric shared access key stored in base64 format.

--provisioning-status --ps

Enable or disable enrollment entry.

accepted values: disabled, enabled
--rc --remove-certificate

Remove current primary certificate.

accepted values: false, true
--remove-secondary-certificate --rsc

Remove current secondary certificate.

accepted values: false, true
--reprovision-policy --rp

Device data to be handled on re-provision to different Iot Hub.

accepted values: never, reprovisionandmigratedata, reprovisionandresetdata
--scn --secondary-ca-name --secondary-root-ca-name

The name of the secondary root CA certificate. If attestation with a root CA certificate is desired then a root ca name must be provided.

--scp --secondary-certificate-path

The path to the file containing the secondary certificate. If attestation with an intermediate certificate is desired then a certificate path must be provided.

--secondary-key --sk

The secondary symmetric shared access key stored in base64 format.