您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

快速入门:创建 azureiotsecurity 模块孪生Quickstart: Create an azureiotsecurity module twin

本快速入门介绍如何为新设备创建单个 azureiotsecurity 模块孪生,或者为 IoT 中心内的所有设备批量创建模块孪生。This quickstart explains how to create individual azureiotsecurity module twins for new devices, or batch create module twins for all devices in an IoT Hub.

先决条件Prerequisites

  • None

了解 azureiotsecurity 模块孪生Understanding azureiotsecurity module twins

对于在 Azure 中生成的 IoT 解决方案,设备孪生在设备管理和流程自动化方面发挥着关键作用。For IoT solutions built in Azure, device twins play a key role in both device management and process automation.

Defender for IoT 可与现有的 IoT 设备管理平台完全集成,使你能够管理设备的安全状态,并利用现有的设备控制功能。Defender for IoT offers full integration with your existing IoT device management platform, enabling you to manage your device security status and make use of existing device control capabilities. 适用于 IoT 的 Defender 集成是使用 IoT 中心孪生机制实现的。Defender for IoT integration is achieved by making use of the IoT Hub twin mechanism.

请参阅 IoT 中心模块孪生详细了解 Azure IoT 中心内模块孪生的一般概念。See IoT Hub module twins to learn more about the general concept of module twins in Azure IoT Hub.

适用于 IoT 的 Defender 利用模块孪生机制,并为每个设备维护一个名为 azureiotsecurity 的安全模块孪生。Defender for IoT makes use of the module twin mechanism and maintains a security module twin named azureiotsecurity for each of your devices.

Defender-IoT-micro-agent 孪生体为每台设备保存与设备安全性相关的所有信息。The Defender-IoT-micro-agent twin holds all the information relevant to device security for each of your devices.

若要充分利用 Defender for IoT 功能,需要对服务中的每台设备创建、配置和使用此 Defender-IoT-micro-agent 孪生体。To make full use of Defender for IoT features, you'll need to create, configure, and use this Defender-IoT-micro-agent twins for every device in the service.

创建 azureiotsecurity 模块孪生Create azureiotsecurity module twin

可通过两种方式创建 azureiotsecurity 模块孪生:azureiotsecurity module twins can be created in two ways:

  1. 模块批处理脚本 - 使用默认配置为新的设备或者不包含模块孪生的设备自动创建模块孪生。Module batch script - automatically creates module twin for new devices or devices without a module twin using the default configuration.
  2. 使用每个设备的特定配置单独手动编辑每个模块孪生。Manually editing each module twin individually with specific configurations for each device.

备注

使用批处理方法不会覆盖现有的 azureiotsecurity 模块孪生。Using the batch method will not overwrite existing azureiotsecurity module twins. 使用批处理方法只会为尚不包含安全模块孪生的设备创建新的模块孪生。Using the batch method ONLY creates new module twins for devices that do not already have a security module twin.

请参阅代理配置,了解如何修改或更改现有模块孪生的配置。See agent configuration to learn how to modify or change the configuration of an existing module twin.

若要手动为设备创建新的 azureiotsecurity 模块孪生:To manually create a new azureiotsecurity module twin for a device:

  1. 在 IoT 中心,找到并选择要为其创建安全模块孪生的设备。In your IoT Hub, locate and select the device you wish to create a security module twin for.

  2. 选择你的设备,然后选择“添加模块标识”。Select on your device, and then on Add module identity.

  3. 在“模块标识名称”字段中输入 azureiotsecurityIn the Module Identity Name field, enter azureiotsecurity.

  4. 选择“保存”。 Select Save.

验证是否要创建模块孪生Verify creation of a module twin

验证特定的设备是否存在安全模块孪生:To verify if a security module twin exists for a specific device:

  1. 在 Azure IoT 中心,从“资源管理器”菜单中选择“IoT 设备”。 In your Azure IoT Hub, select IoT devices from the Explorers menu.

  2. 输入设备 ID,或者在“查询设备字段”中选择一个选项,然后选择“查询设备” 。Enter the device ID, or select an option in the Query device field and select Query devices.

    查询设备

  3. 选择该设备或双击选中它,打开“设备详细信息”页面。Select the device or double select it to open the Device details page.

  4. 选择“模块标识”菜单,在与设备关联的模块标识列表中,确认是否存在 azureiotsecurity 模块。 Select the Module identities menu, and confirm existence of the azureiotsecurity module in the list of module identities associated with the device.

    与设备关联的模块

若要详细了解如何自定义适用于 IoT 的 Defender 模块孪生的属性,请参阅代理配置To learn more about customizing properties of Defender for IoT module twins, see Agent configuration.

后续步骤Next steps

请转到下一篇文章了解如何调查安全建议…Advance to the next article to learn how to investigate security recommendations...