Category: Azure

Connecting a Sparkfun ThingPlus ESP32-S2 WROOM to Azure IoT Central

One of the main aims I’ve had with all my IoT projects was eventually to integrate them into Azure. One way that I found was via:

Connecting to Azure IoT hub

The limitation there is that it really only gets the telemetry into Azure. From Azure IoT hub you need to send it off to another application to get any real value.

What I wanted to achieve was to send that data into Azure but have it display some sort of result, like a graph, without me having to do anything too much low level work.

The solution was to use the Azure IoT Central service. So the project plan was to use what I learned in building an

Adafruit Huzzah Temperature sensor

but instead of simply displaying the results on the serial console to have the results sent ot Azure and displayed in a graph.

The starting point was:

Quickstart: Connect an ESPRESSIF ESP32-Azure IoT Kit to IoT Central

problem was that the hardware device they use in this project is now obsolete it appears:

image

https://au.mouser.com/ProductDetail/Espressif-Systems/ESP32-Azure-IoT-Kit?qs=PqoDHHvF64%252BuVX1eLQkvaQ%3D%3D

Instead, I decided to use a:

SparkFun Thing Plus – ESP32-S2 WROOM

The hope being that it would be close enough to what the original document wanted.

Also for guidance and source files I used:

Connecting ESPRESSIF ESP32 to Azure IoT Central using the Azure SDK for C Arduino library

You should start here:

Getting started with the ESPRESSIF ESP32 and Azure IoT Central with Azure SDK for C Arduino library

which will take you through setting up a new IoT Central Application, which I won’t repeat here. The result of that will be 3 items that will need to be included in the code for the device:

  • ID scope
    Device ID
    Primary key

Next, you’ll need to download all the source files in the repo and include them in a new PlatformIO project. The files are:

  • AzureIoT.cpp
    AzureIoT.h
    Azure_IoT_Central_ESP32.ino
    Azure_IoT_PnP_Template.cpp
    Azure_IoT_PnP_Template.h
    iot_configs.h

I renamed Azure_IoT_Central_ESP32.ino to main.cpp in my project.

The next thing you’ll need to do is set your local wifi parameters in the file iot_configs.h. The settings should look like:

// Wifi

#define IOT_CONFIG_WIFI_SSID “<YOUR LOCAL SSID>”

#define IOT_CONFIG_WIFI_PASSWORD “<YOUR WIFI ACCESS POINT PASSWORD>”

Make sure you save any changes to the files you make.

In this same file also locate and the set the Azure IOT Central settings like:

// Azure IoT Central

#define DPS_ID_SCOPE “<ID SCOPE>”

#define IOT_CONFIG_DEVICE_ID “<DEVICE ID>”

// Use device key if not using certificates

#ifndef IOT_CONFIG_USE_X509_CERT

#define IOT_CONFIG_DEVICE_KEY “<PRIMARY KEY>”

which need to include the values obtained when configuring Azure IoT Central earlier.

If you now build your code and upload it to the device you should find that it will connect to your local wifi and start sending information to Azure IoT Central.

image

The device configured in Azure IoT Central should report as connected as shown above when you view this in the Azure IoT Central portal at:

https://apps.azureiotcentral.com/

image

If you then select the Raw Data menu item as shown above, you see the data from your device being received regularly into Azure.

image

If you look at the serial monitor connected to the device locally you should see something like the above indicating that data is being sent up to Azure.

This, therefore, now indicates that there is a correct connection to the Azure IoT Central portal. The problem is that the data being sent currently is actually just static dummy data that never changes. What I want to do is send actual data read from a temperature sensor connected to my device. So I need to find the source of the data in the code so I can replace that with the dynamic data from the tempreture sensor connected to my device I want.

Turns out the source of that dummy data is in the file Azure_IoT_PnP_Template.cpp around line 236:

image

What I now want to do is replace the static value of 21.0 for temperature and 88.0 for humidity with actual readings from the device.

To achieve that I’ll need the code from the previous project that read the temperature data which is here:

https://github.com/directorcia/Azure/blob/master/Iot/huzzah-tempsens.ino

I’m going to add that to a new file in my project called ciaath.cpp to keep my code separate from the templated Azure stuff. In there I’ll have 2 functions:

float ciaaht_getTemp() which returns temp.tempreture

float ciaaht_getHumidity() which returns humidity.relative_humidity

Remember, both temp and humidity are objects and all I want is the actual numeric value in there.

I’ll also create a ciaath.h file that looks like:

#ifndef CIAATH_H
#define CIAATH_H
void ciaaht_init();
float ciaaht_getTemp();
float ciaaht_getHumidity();
#endif

The idea is that this tells other pieces of code about these functions. You’ll also note I have a function ciaaht_init() to initialise the temperature sensor at start up.

Back in the Azure_IoT_PnP_Template.cpp file I need to include the line:

#include <ciaath.h>

to tell it about my functions in my ciaath.cpp file. I can now also change the lines that report the temperature and humidity from their original static value to the value read from the temperature senor connected to my device to be:

static float simulated_get_temperature() { return ciaaht_getTemp(); }
static float simulated_get_humidity() { return ciaaht_getHumidity(); }

which basically get the data from my device which will then be sent to Azure.

Back in main.cpp I need to add:

#include “ciaath.h”

to tell it about my custom functions. I also have to add around line 359:

ciaaht_init();

to initialise the temperature sensor on my device at startup.

Once this all compiles and uploads to the device I can again check Azure IoT Central portal and see in the Overview menu item

image

and I see my temperature and humidity are no longer a constant.

If I heat up the temperature senor connected to my device I see:

image

and if I leave it to return to normal I see:

image

I’ve put all the code up at:

https://github.com/directorcia/Azure/tree/master/Iot/ESP32-S2/IoT-Central

so you can have a look and use it if you need to.

I did need to get some help along the way, especially with the code and working out where the values uploaded to Azure came from initially as well as how to structure the .h files to make it cleaner. I’m no coder but hopefully my explanation here helps other non-coder, but let me know if I haven’t got it right as I really want to better understand all this.

I’m now super happy I have this working and I’m confident that I can use this as a base to start creating more powerful projects connected to Azure!

Need to Know podcast–Episode 300

In this episode I cover off why adding Azure to every environment makes sense. Even though the billing model is different that doesn’t there isn’t an opportunity to add value to an environment with what Azure can provide. There are also plenty of updates from the Microsoft Cloud with many exciting new things to try. Listen along and let me know if you have any feedback.

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-300-why-you-should-add-azure/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

@directorcia@twit.social

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

CIAOPS Blog

YouTube edition of this podcast

Introducing the new Microsoft Teams, now in preview

The new Teams

Welcome to the new era of Microsoft Teams

Windows 365 Frontline available in public preview

Adding your Microsoft Store for Business and Education apps to the Microsoft Store in Intune

What’s New at Microsoft Secure

Avatars for Microsoft Teams

Introducing Microsoft Security Copilot: Empowering defenders at the speed of AI

Explaining the Microsoft 365 Copilot System

Microsoft Incident Response Retainer is generally available

Microsoft awarded Best Advanced Protection for Corporate and Consumer Users by AV-TEST

New Microsoft Intune Devices experience

What’s new in Microsoft Intune – 2303 (March) edition

How to enable Microsoft Authenticator Lite for Outlook mobile (preview)

Techwerks 19

bw-car-vehicle

CIAOPS Techwerks returns to Melbourne CBD on Thursday the 18th of May.

The course is limited to 20 people and you can sign up and reserve your place now! You reserve a place by completing this form:

http://bit.ly/ciaopsroi

or by sending me an email (director@ciaops.com) expressing your interest.

The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into the Microsoft Cloud including Microsoft 365, Azure, Intune, Defender for Endpoint, security such as Azure Sentinel and PowerShell configuration and scripts, with a focus on enabling the technology in SMB businesses.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend is:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

I hope to see you there.

Need to Know podcast–Episode 297

In this episode I do a quick overview of the differences between Windows 365 Business, Enterprise and Azure Virtual Desktop (AVD) and how they can be used inside a business. You’ll also get the latest news and updates from the Microsoft cloud.

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-297-windows-365-and-avd/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

@directorcia@twit.social

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

CIAOPS Blog

YouTube edition of this podcast

Reinventing search with a new AI-powered Microsoft Bing and Edge, your copilot for the web

Introducing the New Post-delivery Activities Report in Microsoft Defender for Office 365

Yammer is evolving to Microsoft Viva Engage with new experiences rolling out today

Automate your alert response actions in Microsoft 365 Defender

Microsoft Defender – Monthly news – February 2023

Expanding support for Attack surface reduction rules with Microsoft Intune

Introducing Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

Need to Know podcast–Episode 296

In this latest episode I take a quick look at Microsoft Sentinel as well as speak to the benefits and why if you are serious about cybersecurity you should be considering it in every environment. There is also the latest news and updates from the Microsoft Cloud. Listen along and enjoy.

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-296-sentinel/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

@directorcia@twit.social

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

CIAOPS Blog

YouTube edition of this podcast

2023 identity security trends and solutions from Microsoft

Seamless application access and lifecycle management for multi-tenant Azure AD organizations

Skilling up on Microsoft Security, compliance, and identity: Quarterly recap

Cloud Skills Challenge

2023 End-of-Support Milestone in Microsoft 365

New Microsoft Intune troubleshooting experience

Intune remote help introduction

Combatting Risky Sign-ins in Azure Active Directory

Introducing Microsoft Teams Premium, now available

What is Microsoft Sentinel

Introduction to Sentinel

Getting Started with Azure Sentinel

Need to Know podcast–Episode 295

Aside from the usual update from the Microsoft Cloud I tackle I listener question about the methodology of staying up to date with technology. I think the question is more about what NOT to do than what to do. Success is a system and key factor in being successful in business is saying NO more than saying yes. In this episode I’ll give you some tips to creating a system to keeping you current with the Microsoft Cloud.

ou can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-295-staying-up-to-date/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

@directorcia@twit.social

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

CIAOPS Blog

YouTube edition of this podcast

Using MSPs to administer your cloud services

SC-900 free practice tests

The new Sentinel incident experience is here!

A Look at Different Options for Storing and Searching Sentinel Archived Logs

How to run a Windows 11 VM on Hyper-V

Update on Stream (Classic) retirement: Last day of service set for Feb 15, 2024

Microsoft 365 Defender – Monthly news – January 2023

Centrally manage permissions with the Microsoft 365 Defender role-based access control (RBAC) model

Protect your sensitive data against malicious apps

Microsoft Entra: 5 identity priorities for 2023

IPv6 Coming to Azure AD

Microsoft Defender for Endpoint: The Ultimate Solution for Endpoint Security

URLs

Connecting to Azure IoT hub

The main aim of my dive into IoT was to get a remote device talking to Azure. After getting the IoT device connected to WiFi, flashing LEDs, accepting input from a button and capturing temperature data, it was now time to make that dream a reality.

There are different methods of connecting devices to Azure but for my first attempt I decided to use Azure IoT hub. The first step in that process is to login to the Azure portal and create a new IoT hub.

image

To do this, select the Create menu option in the top left of the Azure IoT hub blade

image

Once you have selected the Azure subscription and Resource group you’ll need to pick a Name for your Azure IoT hub. This name needs to be unique as a URL will be generated from this. Then select a Region and a Tier. You’ll notice that there is a Free tier, which I have selected for this example (very handy for tests like this).

image

Next, you can configure your networking. Because my device will just connect to a public Internet connection I selected Public access.

image

I left the management options as shown above.

image

The add-ons shown here are not available on the Free tier.

image

I didn’t need any tags.

image

I finally get a summary as shown. Note that the cost will be $0 because I am using the Free tier. Select Create to complete the process.

image

After a few minutes you should be able to see you IoT hub as shown above. Select Devices from the menu on the left.

image

Now select Add device from the menu on the right as shown above.

image

Give a the device a Name, and to keep things simple select Symmetric key for the Authentication type as shown. Ensure that the Auto-generate keys is select and that Connect this device to an IoT hub is set to Enable. Select Save to continue.

image

You should now see the device you just created listed as shown above. Select the name of the device to view it’s properties.

image

Here you will find the settings for your device. You’ll need to grab at least one Key and the matching Connection string to use when configuring your device.

With all of that information it’s time to head back and set up the device.

I have uploaded the code to get the device connected to Azure IoT hub here:

https://github.com/directorcia/Azure/blob/master/Iot/huzzah-iothub.ino

It is much more extensive that before and I will admit I am not yet 100% sure of what it all does but basically it connects the device to local Wifi then sends telemetry information to Azure IoT hub.

You’ll also need to have the file iot_config.h in the same directory when compiling your code. You can find an example of that here:

https://github.com/directorcia/Azure/blob/master/Iot/iot_configs.h

that file basically extracts all the unique security information like WiFi password, device keys and IoT Hub URL away from the main code. You’ll need to modify this file to suit your own environment before compiling.

The only other thing you’ll need to do is connect a single LED to pin 5 of the device to act as a diagnostic indicator. It will basically flash when data is sent to Azure IoT hub which gives a nice visual representation of something actually happening on the device.

image

When you compile the code you’ll also need to ensure all the appropriate libraries are available. Details of each of these is contained in the code.

With the compiled code uploaded to the device you should see the LED light start to flash after a few seconds indicating that data is being sent. If you look at the serial port you should see diagnostic data like so:

image

If you then look at the Overview page in the Azure IoT Hub you should the diagnostics reporting a number of messages increasing over time like so:

image

You can also download a tool called the Azure IoT explorer which you will find here:

https://github.com/Azure/azure-iot-explorer/releases

image

When you configure this for your IoT hub environment and drill down into the Device then Telemetry, as shown above, should allow to see the actual information being sent.

So there you have it. Once you have set up an Azure IoT hub and added a device to it you can grab the connection details and plug them into the code you use to configure your device. You can also use the Azure IoT Explorer to get more granular details of what your device is doing.

The next challenge is now to get the device working with Azure IoT central.

Defender EASM adds billable assets blade

I’ve talked about the value of Defender EASM before:

Go get Defender EASM

image

I now notice that there is a Billable assets option on the menu as shown above. Given that the costs for Defender EASM are based assets:

https://azure.microsoft.com/en-us/pricing/details/defender-external-attack-surface-management/

image

knowing exactly what those costs are is great.

As you can see in my environment I have about 29 billable assets equating to a grand total of:

29 x $0.0.17 per day = $0.49per day = $15.28 per month

As I maintain, Defender EASM is cheap for value it provides and now you can more easily track costs. (Don’t forget you also get a free 30 day trial!)