Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Do you have an idea or suggestion based on your experience with Azure IoT Edge?

← Azure IoT Edge

Optional signature for the deployment manifest

Optional signature for the deployment manifest, so that the IoTEdge can verify the integrity of the manifest independent of transport/cloud integrity.

The overall objective should be to at least enable users of the Azure IoT edge solution to secure/harden the system in a way that even a cloud breach couldn't lead to a corruption of the local systems or an information leak. At the moment the system depends solely on the cloud integrity - but a second security barrier should be available.

For sure there are multiple starting points - e.g. signing container images; generally disable upstream-messaging. But the biggest security improvement from my perspective could be to prevent the possibility to alter deployments in case of a cloud breach - so maybe an optional cryptographically secure signature of a deployment manifest that the edge could validate is an option.

10 votes

Andreas Ländle shared this idea · December 18, 2019 · Flag idea as inappropriate… · Admin →

under review · January 13, 2020

0 comments

An error occurred while saving the comment

Azure IoT Edge: Deploying modules

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 6,961 ideas
- Additional Services 326 ideas
- Analytics Platform System 20 ideas
- API Apps 0 ideas
- API Management 650 ideas
- Automation 529 ideas
- Azure Active Directory 5,225 ideas
- Azure Active Directory Application Requests 282 ideas
- Azure Advisor 34 ideas
- Azure Analysis Services 188 ideas
- Azure API for FHIR 14 ideas
- Azure App Configuration 48 ideas
- Azure Arc 27 ideas
- Azure Automanage 11 ideas
- Azure Backup 585 ideas
- Azure Blockchain Service 12 ideas
- Azure Bot Service 35 ideas
- Azure Certified Device 15 ideas
- Azure Cloud Shell 368 ideas
- Azure Cognitive Services 63 ideas
- Azure Confidential Compute 2 ideas
- Azure Container Instances 168 ideas
- Azure Container Registry 99 ideas
- Azure Cosmos DB 287 ideas
- Azure CycleCloud 6 ideas
- Azure Data Explorer 215 ideas
- Azure Data Share 11 ideas
- Azure Database for MariaDB 18 ideas
- Azure Database for MySQL 76 ideas
- Azure Database for PostgreSQL 159 ideas
- Azure Database Migration Service 79 ideas
- Azure Databricks 286 ideas
- Azure Dev Spaces 11 ideas
- Azure Digital Twins 21 ideas
- Azure Event Grid 67 ideas
- Azure FarmBeats 13 ideas
- Azure Functions 242 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 202 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 332 ideas
- Azure IoT Central 159 ideas
- Azure IoT Edge 94 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 45 ideas
- Azure Key Vault 177 ideas
- Azure Kinect DK 69 ideas
- Azure Kubernetes Service (AKS) 305 ideas
- Azure Lighthouse 32 ideas
- Azure Management Groups 24 ideas
- Azure Maps 77 ideas
- Azure Marketplace 460 ideas
- Azure Media Services 260 ideas
- Azure Migrate 73 ideas
- Azure mobile app 364 ideas
- Azure Monitor 260 ideas
- Azure Monitor- Alert Management 161 ideas
- Azure Monitor-Application Insights 808 ideas
- Azure Monitor-Log Analytics 1,007 ideas
- Azure NetApp Files (ANF) 33 ideas
- Azure Pack 298 ideas
- Azure Portal 2,218 ideas
- Azure Purview 180 ideas
- Azure Quantum 0 ideas
- Azure Red Hat OpenShift 13 ideas
- Azure Remote Rendering 10 ideas
- Azure Reservations 186 ideas
- Azure Resource Manager 562 ideas
- Azure Search 298 ideas
- Azure Security Center 322 ideas
- Azure Sentinel 132 ideas
- Azure Service Health 45 ideas
- Azure SignalR Service 17 ideas
- Azure Spatial Anchors 31 ideas
- Azure Sphere 81 ideas
- Azure Spring Cloud 3 ideas
- Azure Stack HCI 8 ideas
- Azure Stack Hub 204 ideas
- Azure Synapse Analytics 486 ideas
- Azure TCO Calculator 30 ideas
- Azure Time Series Insights 31 ideas
- Batch 37 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 55 ideas
- Cache 42 ideas
- Change Tracking 14 ideas
- Cloud Services (Web and Worker Role) 274 ideas
- Cost Management 356 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 179 ideas
- Data Factory 1,271 ideas
- Data Lake 355 ideas
- Data Science VM 24 ideas
- Diagnostics and Monitoring 204 ideas
- Event Hubs 43 ideas
- Global Infrastructure 44 ideas
- HDInsight 136 ideas
- Lab Services 383 ideas
- Logic Apps 1,872 ideas
- Machine Learning 234 ideas
- Mobile Engagement 19 ideas
- Networking 1,477 ideas
- Notification Hubs 37 ideas
- Project Bonsai 31 ideas
- Scheduler 43 ideas
- Scripting and Command Line Tools 102 ideas
- SDK and Tools 150 ideas
- Security and Compliance 106 ideas
- Service Bus 208 ideas
- Service Fabric 304 ideas
- Signup and Billing 1,795 ideas
- Site Recovery 299 ideas
- SQL Data Sync 68 ideas
- SQL Database 891 ideas
- SQL Managed Instance 154 ideas
- SQL Server 10,759 ideas
- SQL Server - Big Data Clusters 48 ideas
- Storage 1,035 ideas
- StorSimple 26 ideas
- Stream Analytics 271 ideas
- Support Feedback 276 ideas
- System Center Data Protection Manager 152 ideas
- Update Management 186 ideas
- Virtual Machines 1,710 ideas
- Web Apps 652 ideas
Microsoft Azure