Question about downstream device identity creation

Azure-Samples / azure-iot-edge-identity-translation-lite

Azure IoT Edge Identity Translation Module sample.

MIT License

22 stars 23 forks source link

Question about downstream device identity creation #31

Closed afroewis closed 6 months ago

afroewis commented 6 months ago

Hi, in this sample, the IoT identity for the downstream device is created in an Azure Function. Is there a reason for this? Why is this not done in the Edge module itself, wouldn't it be easier?

Thanks.

katriendg commented 6 months ago

Technically speaking you could do this in the IoT Edge module, but that would pose a security risk as you would need to give a client (the IoT Edge being the client) exceedingly high permissions to be able to interact with the IoT Hub Registry endpoint.

afroewis commented 6 months ago

I see. That was my suspicion. Thanks for the clarification!