dcsimg
 

Introduction to Azure Digital Twins

Wednesday Aug 28th 2019 by Hannes DuPreez
Introduction to Azure Digital Twins

By using Azure Digital Twins, data can be queried from a physical space rather than from various disparate sensors. Master the concept here.

Azure Digital Twins is an Azure IoT service that creates models of the physical environment. Azure Digital Twins creates spatial intelligence graphs to model the interactions and relationships between spaces, devices, and most importantly, people.

By using Azure Digital Twins, data can be queried from a physical space rather than from various disparate sensors. Azure Digital Twins helps build spatially aware experiences that link streaming data across the physical and digital world.

Azure Digital Twins Capabilities

The following are some key capabilities of Azure Digital Twins:

  • Built-in access control: Identity management features, such as role-based access control and Azure Active Directory, enable you to securely control access for individuals and devices.
  • Multiple and nested tenants: You can create multiple subtenants that can be used and accessed in an isolated and secure manner.
  • Spatial intelligence graph:: The spatial intelligence graph is a virtual representation of the physical environment. This can be used to model the relationships between people, places, and devices.
  • Advanced compute capabilities: We can define and run custom functions against incoming device data to send signals to predefined endpoints.
  • Digital twin object models: Digital Twin object models are predefined device protocols and data schema.
  • Ecosystem: We can connect an Azure Digital Twins instance to many powerful Azure services, including Azure Stream Analytics, Azure AI; and Azure Storage, Azure Maps, Microsoft Mixed Reality, Dynamics 365, or Office 365.
  • Role-based access control: Azure Digital Twins enables precise access control to specific actions, data, and resources through RBAC (Role-based access control). Role-based access control simply consists of roles and role assignments. By using Role-based access control, permissions can be granted to the following:
    • Users
    • Devices
    • Service principals
    • User-defined functions
    • Users who belong to a domain
    • Tenants

Role Definition

Role definitions are collections of permissions; they list allowed operations such as the CRUD operations (REATE, READ, UPDATE, and DELETE). Table 1 shows the available roles in Azure Digital Twins.

Role Description
Space Administrator

Specified space: CREATE, READ, UPDATE, and DELETE

All nodes underneath: CREATE, READ, UPDATE, and DELETE

User Administrator

Users: CREATE, READ, UPDATE, and DELETE

User-related objects: CREATE, READ, UPDATE, and DELETE

Spaces: READ

Device Administrator

Devices: CREATE, READ, UPDATE, and DELETE

Device-related objects: CREATE, READ, UPDATE, and DELETE

Spaces: READ

Key Administrator

Access-keys: CREATE, READ, UPDATE, and DELETE

Key-related objects: CREATE, READ, UPDATE, and DELETE

Spaces: READ

Token Administrator

Access Keys: READ and UPDATE

Spaces: READ

User

Spaces, Sensors, Users: READ

Support Specialist Everything except access-keys: READ
Device Installer

Devices and Sensors: READ and UPDATE

Spaces: READ

Gateway Device

Sensors: CREATE

Devices: READ

Table 1: The available roles in Azure Digital Twins

Object Identifiers

Object identifiers simply refer to the type of identity that is given to a particular role.

Table 2 shows the supported object identifiers in Azure Digital Twins.

Type Description
UserId Assigns a role to a user
DeviceId Assigns a role to a device
DomainName Assigns a role to a domain name
TenantId Assigns a role to a tenant
ServicePrincipalId Assigns a role to a service principal
UserDefinedFunctionId Assigns a role to a user-defined function

Table 2: The supported object identifiers in Azure Digital Twins

Conclusion

Azure is growing strength by strength, and before we know it, it has become our reality.

Home
Mobile Site | Full Site