The different permissions that you can grant to a device or backend application to access your IoT Hub are:
- iothubowner: This will allow any device or backend solution all permissions
- service: This will allow an access policy with only the Service connect permission
- device: This will enable the device with an access Policy which has the Device connect permission
- registryRead: This is a policy with Registry read permission
- registryReadWrite: This is a policy with Registry read and Registry write permissions
- Per-device security credentials: Each device's credentials are maintained in the device registry