Support multitenant solutions in IoT Hub
I want to allow each tenant to connect directly to IoT hub (as service) to communicate with devices. Of course I would want each tenant to have access only to their own devices and not have the possibility to connect to devices from other tenants (thus I require the proper SAS).Following the documentation on the ServiceConnect permissions, it would seem that it is not possible to do this restriction on a SAS level.
Till Maurer commented
I would not expose Iot-hub directly to tenant applications. You would have no way of throttling requests. Who would pay the bill?
Johan Normén commented
We are in big needs of this. Now they are looking at other cloud providers. And that's sad thought we wanted to have 100% azure only services.
But we are in deeply need of use one iot hub solution with many tenants. Because of reuse of message routines etc... and we are also building a PaaS solution.
How close does IoT Central come to achieving this objective?
Bosko Bob Loncar commented
This is essential for any hardware/software as a service application
I think it is a great idea since:
From current Azure IoT architecture, one big back-end control all things. but some cases is, IoT company focus on maintain Things like upgrade SW, and end-user will configure the thing they pay to, like connect this Thing to other Thing or establish rule between Things belong to different company.
For this case, multi-tenant solution will be effective solution.
Ted van der Veen commented
As a half baked workaround: If a single device can be controlled from the cloud by a maximum of one tenant then you may implement cryptographically random and hard to guess deviceId and share deviceId with the correct tenant only. But it gets messy fast of course and does not allow more complex multitenant setups