Broker Authorization - Create Or Update
创建 BrokerAuthorizationResource
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.IoTOperations/instances/{instanceName}/brokers/{brokerName}/authorizations/{authorizationName}?api-version=2025-10-01URI 参数
| 名称 | 在 | 必需 | 类型 | 说明 |
|---|---|---|---|---|
|
authorization
|
path | True |
string minLength: 3maxLength: 63 pattern: ^[a-z0-9][a-z0-9-]*[a-z0-9]$ |
实例代理授权资源的名称 |
|
broker
|
path | True |
string minLength: 3maxLength: 63 pattern: ^[a-z0-9][a-z0-9-]*[a-z0-9]$ |
中转站的名称。 |
|
instance
|
path | True |
string minLength: 3maxLength: 63 pattern: ^[a-z0-9][a-z0-9-]*[a-z0-9]$ |
实例的名称。 |
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
资源组的名称。 此名称不区分大小写。 |
|
subscription
|
path | True |
string (uuid) |
目标订阅的 ID。 该值必须是 UUID。 |
|
api-version
|
query | True |
string minLength: 1 |
要用于此操作的 API 版本。 |
请求正文
| 名称 | 类型 | 说明 |
|---|---|---|
| extendedLocation |
资源的边缘位置。 |
|
| properties |
此资源的资源特定属性。 |
响应
| 名称 | 类型 | 说明 |
|---|---|---|
| 200 OK |
资源“BrokerAuthorizationResource”更新作成功 |
|
| 201 Created |
资源“BrokerAuthorizationResource”创建作成功 标头
|
|
| Other Status Codes |
意外的错误响应。 |
安全性
azure_auth
Azure Active Directory OAuth2 Flow。
类型:
oauth2
流向:
implicit
授权 URL:
https://login.microsoftonline.com/common/oauth2/authorize
作用域
| 名称 | 说明 |
|---|---|
| user_impersonation | 模拟用户帐户 |
示例
|
Broker |
|
Broker |
|
Broker |
BrokerAuthorization_CreateOrUpdate
示例请求
PUT https://management.azure.com/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123?api-version=2025-10-01
{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"brokerResources": [
{
"method": "Connect",
"clientIds": [
"nlc"
],
"topics": [
"wvuca"
]
}
],
"principals": {
"attributes": [
{
"key5526": "nydhzdhbldygqcn"
}
],
"clientIds": [
"smopeaeddsygz"
],
"usernames": [
"iozngyqndrteikszkbasinzdjtm"
]
},
"stateStoreResources": [
{
"keyType": "Pattern",
"keys": [
"tkounsqtwvzyaklxjqoerpu"
],
"method": "Read"
}
]
}
]
}
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
}
}
示例响应
{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"brokerResources": [
{
"method": "Connect",
"clientIds": [
"nlc"
],
"topics": [
"wvuca"
]
}
],
"principals": {
"attributes": [
{
"key5526": "nydhzdhbldygqcn"
}
],
"clientIds": [
"smopeaeddsygz"
],
"usernames": [
"iozngyqndrteikszkbasinzdjtm"
]
},
"stateStoreResources": [
{
"keyType": "Pattern",
"keys": [
"tkounsqtwvzyaklxjqoerpu"
],
"method": "Read"
}
]
}
]
},
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123",
"name": "anqrqsvrjmlvzkrbuav",
"type": "Microsoft.IoTOperations/instances/brokers/authorizations",
"systemData": {
"createdBy": "contosouser",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "contosouser",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}Azure-AsyncOperation: https://contoso.com/operationstatus{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"brokerResources": [
{
"method": "Connect",
"clientIds": [
"nlc"
],
"topics": [
"wvuca"
]
}
],
"principals": {
"attributes": [
{
"key5526": "nydhzdhbldygqcn"
}
],
"clientIds": [
"smopeaeddsygz"
],
"usernames": [
"iozngyqndrteikszkbasinzdjtm"
]
},
"stateStoreResources": [
{
"keyType": "Pattern",
"keys": [
"tkounsqtwvzyaklxjqoerpu"
],
"method": "Read"
}
]
}
]
},
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123",
"name": "anqrqsvrjmlvzkrbuav",
"type": "Microsoft.IoTOperations/instances/brokers/authorizations",
"systemData": {
"createdBy": "contosouser",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "contosouser",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}BrokerAuthorization_CreateOrUpdate_Complex
示例请求
PUT https://management.azure.com/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123?api-version=2025-10-01
{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"principals": {
"usernames": [
"temperature-sensor",
"humidity-sensor"
],
"attributes": [
{
"building": "17",
"organization": "contoso"
}
]
},
"brokerResources": [
{
"method": "Connect",
"clientIds": [
"{principal.attributes.building}*"
]
},
{
"method": "Publish",
"topics": [
"sensors/{principal.attributes.building}/{principal.clientId}/telemetry/*"
]
},
{
"method": "Subscribe",
"topics": [
"commands/{principal.attributes.organization}"
]
}
],
"stateStoreResources": [
{
"method": "Read",
"keyType": "Pattern",
"keys": [
"myreadkey",
"myotherkey?",
"mynumerickeysuffix[0-9]",
"clients:{principal.clientId}:*"
]
},
{
"method": "ReadWrite",
"keyType": "Binary",
"keys": [
"MTE2IDEwMSAxMTUgMTE2"
]
}
]
}
]
}
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
}
}
示例响应
{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"principals": {
"usernames": [
"temperature-sensor",
"humidity-sensor"
],
"attributes": [
{
"building": "17",
"organization": "contoso"
}
]
},
"brokerResources": [
{
"method": "Connect",
"clientIds": [
"{principal.attributes.building}*"
]
},
{
"method": "Publish",
"topics": [
"sensors/{principal.attributes.building}/{principal.clientId}/telemetry/*"
]
},
{
"method": "Subscribe",
"topics": [
"commands/{principal.attributes.organization}"
]
}
],
"stateStoreResources": [
{
"method": "Read",
"keyType": "Pattern",
"keys": [
"myreadkey",
"myotherkey?",
"mynumerickeysuffix[0-9]",
"clients:{principal.clientId}:*"
]
},
{
"method": "ReadWrite",
"keyType": "Binary",
"keys": [
"MTE2IDEwMSAxMTUgMTE2"
]
}
]
}
]
},
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123",
"name": "anqrqsvrjmlvzkrbuav",
"type": "Microsoft.IoTOperations/instances/brokers/authorizations",
"systemData": {
"createdBy": "contosouser",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "contosouser",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}Azure-AsyncOperation: https://contoso.com/operationstatus{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"principals": {
"usernames": [
"temperature-sensor",
"humidity-sensor"
],
"attributes": [
{
"building": "17",
"organization": "contoso"
}
]
},
"brokerResources": [
{
"method": "Connect",
"clientIds": [
"{principal.attributes.building}*"
]
},
{
"method": "Publish",
"topics": [
"sensors/{principal.attributes.building}/{principal.clientId}/telemetry/*"
]
},
{
"method": "Subscribe",
"topics": [
"commands/{principal.attributes.organization}"
]
}
],
"stateStoreResources": [
{
"method": "Read",
"keyType": "Pattern",
"keys": [
"myreadkey",
"myotherkey?",
"mynumerickeysuffix[0-9]",
"clients:{principal.clientId}:*"
]
},
{
"method": "ReadWrite",
"keyType": "Binary",
"keys": [
"MTE2IDEwMSAxMTUgMTE2"
]
}
]
}
]
},
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123",
"name": "anqrqsvrjmlvzkrbuav",
"type": "Microsoft.IoTOperations/instances/brokers/authorizations",
"systemData": {
"createdBy": "contosouser",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "contosouser",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}BrokerAuthorization_CreateOrUpdate_Simple
示例请求
PUT https://management.azure.com/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123?api-version=2025-10-01
{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"principals": {
"clientIds": [
"my-client-id"
],
"attributes": [
{
"floor": "floor1",
"site": "site1"
}
]
},
"brokerResources": [
{
"method": "Connect"
},
{
"method": "Subscribe",
"topics": [
"topic",
"topic/with/wildcard/#"
]
}
],
"stateStoreResources": [
{
"method": "ReadWrite",
"keyType": "Pattern",
"keys": [
"*"
]
}
]
}
]
}
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
}
}
示例响应
{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"principals": {
"clientIds": [
"my-client-id"
],
"attributes": [
{
"floor": "floor1",
"site": "site1"
}
]
},
"brokerResources": [
{
"method": "Connect"
},
{
"method": "Subscribe",
"topics": [
"topic",
"topic/with/wildcard/#"
]
}
],
"stateStoreResources": [
{
"method": "ReadWrite",
"keyType": "Pattern",
"keys": [
"*"
]
}
]
}
]
},
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123",
"name": "anqrqsvrjmlvzkrbuav",
"type": "Microsoft.IoTOperations/instances/brokers/authorizations",
"systemData": {
"createdBy": "contosouser",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "contosouser",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}Azure-AsyncOperation: https://contoso.com/operationstatus{
"properties": {
"authorizationPolicies": {
"cache": "Enabled",
"rules": [
{
"principals": {
"clientIds": [
"my-client-id"
],
"attributes": [
{
"floor": "floor1",
"site": "site1"
}
]
},
"brokerResources": [
{
"method": "Connect"
},
{
"method": "Subscribe",
"topics": [
"topic",
"topic/with/wildcard/#"
]
}
],
"stateStoreResources": [
{
"method": "ReadWrite",
"keyType": "Pattern",
"keys": [
"*"
]
}
]
}
]
},
"provisioningState": "Succeeded"
},
"extendedLocation": {
"name": "/subscriptions/F8C729F9-DF9C-4743-848F-96EE433D8E53/resourceGroups/rgiotoperations/providers/Microsoft.ExtendedLocation/customLocations/resource-123",
"type": "CustomLocation"
},
"id": "/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup123/providers/Microsoft.IoTOperations/instances/resource-name123/brokers/resource-name123/authorizations/resource-name123",
"name": "anqrqsvrjmlvzkrbuav",
"type": "Microsoft.IoTOperations/instances/brokers/authorizations",
"systemData": {
"createdBy": "contosouser",
"createdByType": "User",
"createdAt": "2024-08-09T18:13:29.389Z",
"lastModifiedBy": "contosouser",
"lastModifiedByType": "User",
"lastModifiedAt": "2024-08-09T18:13:29.389Z"
}
}定义
| 名称 | 说明 |
|---|---|
|
Authorization |
代理 AuthorizationConfig 属性 |
|
Authorization |
AuthorizationConfig 规则属性 |
|
Broker |
BrokerAuthorization 资源属性 |
|
Broker |
实例代理授权资源 |
|
Broker |
允许的 BrokerResourceDefinitionMethods 方法 |
|
Broker |
代理资源规则属性。 这定义了表示作或主题的对象,例如 - 方法。连接,方法。发布等。 |
|
created |
创建资源的标识的类型。 |
|
Error |
资源管理错误附加信息。 |
|
Error |
错误详细信息。 |
|
Error |
错误响应 |
|
Extended |
扩展位置是 Azure 位置的扩展。 它们提供了一种使用已启用 Azure ARC 的 Kubernetes 群集作为部署 Azure 服务实例的目标位置的方法。 |
|
Extended |
接受的枚举定义 ExtendedLocation 类型。 |
|
Operational |
模式属性 |
|
Principal |
Rule的PrincipalDefinition属性 |
|
Provisioning |
枚举定义资源的状态。 |
|
Resource |
资源的运行状况。 |
|
State |
允许的 StateStoreResourceDefinitionMethods 方法 |
|
State |
StateStoreResourceKeyTypes 属性 |
|
State |
状态存储资源规则属性。 |
|
system |
与创建和上次修改资源相关的元数据。 |
AuthorizationConfig
代理 AuthorizationConfig 属性
| 名称 | 类型 | 默认值 | 说明 |
|---|---|---|---|
| cache | Enabled |
启用授权规则的缓存。 |
|
| rules |
要遵循的授权规则。 如果未设置规则,则使用授权资源意味着 DenyAll。 |
AuthorizationRule
AuthorizationConfig 规则属性
| 名称 | 类型 | 说明 |
|---|---|---|
| brokerResources |
授予对 Broker 方法和主题的访问权限。 |
|
| principals |
根据以下属性授予对客户端的访问权限。 |
|
| stateStoreResources |
授予对状态存储资源的访问权限。 |
BrokerAuthorizationProperties
BrokerAuthorization 资源属性
| 名称 | 类型 | 默认值 | 说明 |
|---|---|---|---|
| authorizationPolicies |
授权资源支持的授权策略列表。 |
||
| healthState | Unknown |
资源的运行状况。 |
|
| provisioningState |
上次操作的状态。 |
BrokerAuthorizationResource
实例代理授权资源
| 名称 | 类型 | 说明 |
|---|---|---|
| extendedLocation |
资源的边缘位置。 |
|
| id |
string (arm-id) |
资源的完全限定资源 ID。 例如“/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” |
| name |
string |
资源的名称 |
| properties |
此资源的资源特定属性。 |
|
| systemData |
包含 createdBy 和 modifiedBy 信息的 Azure 资源管理器元数据。 |
|
| type |
string |
资源类型。 例如,“Microsoft.Compute/virtualMachines”或“Microsoft.Storage/storageAccounts” |
BrokerResourceDefinitionMethods
允许的 BrokerResourceDefinitionMethods 方法
| 值 | 说明 |
|---|---|
| Connect |
允许连接到代理 |
| Publish |
允许发布到代理 |
| Subscribe |
允许订阅代理 |
BrokerResourceRule
代理资源规则属性。 这定义了表示作或主题的对象,例如 - 方法。连接,方法。发布等。
| 名称 | 类型 | 说明 |
|---|---|---|
| clientIds |
string[] |
与客户端匹配的客户端 ID 的列表。 客户端 ID 区分大小写,并且必须与客户端在连接期间提供的客户端 ID 匹配。 如果方法是 Connect,可以设置此子字段。 |
| method |
授予 Broker 方法(即连接、订阅或发布)的访问权限。 |
|
| topics |
string[] |
与客户端可以发布或订阅的主题匹配的主题或主题模式的列表。 如果方法是“发布”或“订阅”,则需要此子字段。 |
createdByType
创建资源的标识的类型。
| 值 | 说明 |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
ErrorAdditionalInfo
资源管理错误附加信息。
| 名称 | 类型 | 说明 |
|---|---|---|
| info |
object |
其他信息。 |
| type |
string |
其他信息类型。 |
ErrorDetail
错误详细信息。
| 名称 | 类型 | 说明 |
|---|---|---|
| additionalInfo |
错误附加信息。 |
|
| code |
string |
错误代码。 |
| details |
错误详细信息。 |
|
| message |
string |
错误消息。 |
| target |
string |
错误目标。 |
ErrorResponse
错误响应
| 名称 | 类型 | 说明 |
|---|---|---|
| error |
错误对象。 |
ExtendedLocation
扩展位置是 Azure 位置的扩展。 它们提供了一种使用已启用 Azure ARC 的 Kubernetes 群集作为部署 Azure 服务实例的目标位置的方法。
| 名称 | 类型 | 说明 |
|---|---|---|
| name |
string |
扩展位置的名称。 |
| type |
ExtendedLocation 的类型。 |
ExtendedLocationType
接受的枚举定义 ExtendedLocation 类型。
| 值 | 说明 |
|---|---|
| CustomLocation |
CustomLocation 类型 |
OperationalMode
模式属性
| 值 | 说明 |
|---|---|
| Enabled |
Enabled 等效于 True |
| Disabled |
Disabled 等效于 False。 |
PrincipalDefinition
Rule的PrincipalDefinition属性
| 名称 | 类型 | 说明 |
|---|---|---|
| attributes |
object[] |
与客户端属性匹配的键值对列表。 这些属性区分大小写,并且必须与客户端在身份验证期间提供的属性匹配。 |
| clientIds |
string[] |
与客户端匹配的客户端 ID 的列表。 客户端 ID 区分大小写,并且必须与客户端在连接期间提供的客户端 ID 匹配。 |
| usernames |
string[] |
与客户端匹配的用户名列表。 用户名区分大小写,并且必须与客户端在身份验证期间提供的用户名匹配。 |
ProvisioningState
枚举定义资源的状态。
| 值 | 说明 |
|---|---|
| Succeeded |
已创建资源。 |
| Failed |
资源创建失败。 |
| Canceled |
资源创建已取消。 |
| Provisioning |
资源正在预配。 |
| Updating |
资源正在更新。 |
| Deleting |
资源正在删除。 |
| Accepted |
资源已被接受。 |
ResourceHealthState
资源的运行状况。
| 值 | 说明 |
|---|---|
| Available |
资源可用且按预期运行。 |
| Degraded |
资源运行状况下降。 |
| Unavailable |
资源未按预期运行。 |
| Unknown |
资源状态未知。 |
StateStoreResourceDefinitionMethods
允许的 StateStoreResourceDefinitionMethods 方法
| 值 | 说明 |
|---|---|
| Read |
从商店获取/KeyNotify |
| Write |
在商店中设置/删除 |
| ReadWrite |
允许对存储进行所有作 - Get/KeyNotify/Set/Delete |
StateStoreResourceKeyTypes
StateStoreResourceKeyTypes 属性
| 值 | 说明 |
|---|---|
| Pattern |
键类型 - 图案 |
| String |
键类型 - 字符串 |
| Binary |
密钥类型 - 二进制 |
StateStoreResourceRule
状态存储资源规则属性。
| 名称 | 类型 | 说明 |
|---|---|---|
| keyType |
允许的 keyTypes 模式、字符串、二进制文件。 用于匹配的键类型,例如模式尝试将密钥与 glob 样式模式匹配,字符串检查键等于键中提供的值。 |
|
| keys |
string[] |
为定义的相应主体授予对状态存储密钥的访问权限。 当键类型为模式集 glob 样式模式时(例如,“”、“clients/”)。 |
| method |
为 |
systemData
与创建和上次修改资源相关的元数据。
| 名称 | 类型 | 说明 |
|---|---|---|
| createdAt |
string (date-time) |
资源创建时间戳(UTC)。 |
| createdBy |
string |
创建资源的标识。 |
| createdByType |
创建资源的标识的类型。 |
|
| lastModifiedAt |
string (date-time) |
上次修改的资源时间戳(UTC) |
| lastModifiedBy |
string |
上次修改资源的标识。 |
| lastModifiedByType |
上次修改资源的标识的类型。 |