Uredi

Dijelite putem

Connect to Azure resources securely using managed private endpoints (Preview)

  • Članak

Managed Private Endpoint is a network security feature of the Fabric platform that allows Fabric items to securely access data sources behind a firewall or not accessible from the public internet. By integrating Eventstream with the Managed Private Endpoint, a managed virtual network is automatically created for Eventstream, allowing you to securely connect to your Azure resources within a private network. This feature ensures that your data is securely transmitted over a private network.

The following diagram shows a sample architecture for connecting Eventstream to Azure event hub within a virtual network:

A screenshot of the Eventstream private network architecture.

Supported data sources and regions

  • Supported data sources: In alignment with the Managed Private Endpoints in Fabric, Eventstream only supports private connections for the following Azure resources:

    • Azure Event Hubs
    • Azure IoT Hub

  • Supported regions for Eventstream managed virtual network: Only selected Fabric tenant regions are supported for Eventstream managed virtual network. These regions include:

    • Australia Southeast
    • East US
    • Canada Central
    • East US 2
    • North Central US
    • North Europe
    • West Europe
    • West US

  • Coming soon: Support for additional regions is planned, including:

    • Australia East
    • Brazil South
    • Central India
    • France Central
    • Japan East
    • Southeast Asia
    • UAE North
    • UK South

To learn more about the Managed Private Endpoints and supported data sources, visit Managed Private Endpoints for Fabric.

Connect to Azure Event Hubs using a managed private endpoint

Setting up a private connection in Eventstream is straightforward. Follow these steps to create a managed private endpoint for an Azure event hub and stream data to Eventstream over private network.

Prerequisites

  • Managed private endpoints are supported for Fabric trial and all Fabric F SKU capacities.
  • Only users with Workspace Admin permissions can create Managed Private Endpoints
  • An Azure event hub with public access disabled, and its Resource ID ready for creating a private endpoint.
  • A Fabric tenant region that supports managed VNet for Eventstream.

Step 1: Create an eventstream

  1. Navigate to the Fabric portal.

  2. Select My workspace on the left navigation bar.

  3. On the My workspace page, select + New item on the command bar.

  4. On the New item page, search for Eventstream, and then select Eventstream.

    Screenshot that shows the New item page with Eventstream selected.

  5. In the New Eventstream window, enter a name for the eventstream, and then select Create.

    Screenshot that shows the New Eventstream window.

  6. Creation of the new eventstream in your workspace can take a few seconds. After the eventstream is created, you're directed to the main editor where you can start with adding sources to the eventstream.

    Screenshot showing the editor.

Step 2: Create a private endpoint

  • In the Fabric workspace, go to the Workspace settings and navigate to the Network security section.
  • Select Create to add a new private endpoint.
  • For the Resource identifier, enter the resource ID of your Azure Event Hubs such as /subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/my-resourcegroup/providers/Microsoft.EventHub/namespaces/my-eh-namespace.
  • For Target Sub-resource, select Azure Event Hub.
  • Select Create to finalize the private endpoint creation.

A screenshot of the creating a private endpoint.

Step 3: Approve the private endpoint in Azure Event Hubs

  • Go to the Azure portal and open your Azure event hub.
  • In the Networking section, navigate to the Private endpoint connections tab.
  • Locate the private endpoint request from your Fabric workspace and approve it.
  • Once approved, the managed private endpoint status updates to Approved.

A screenshot of approving private endpoint in Azure portal.

Step 4: Add an Azure Event Hubs source to Eventstream

  • Go back to the eventstream you created in Fabric.
  • Select Azure Event Hubs and add it as a source to your Eventstream.
  • When creating a new connection to your Azure event hub, uncheck the Test connection option if your event hub isn't publicly accessible.
  • Manually enter the Consumer group.

A screenshot of adding Azure Event Hubs to Eventstream.

Once added, Eventstream starts pulling data from your Azure event hub over the private network.

A screenshot of successfully adding Azure Event Hubs to Eventstream.

By following these steps, you have a fully operational Eventstream running over a secure private network, using the managed private endpoint to ensure secure data streaming.

Limitations

  • The Data Preview feature may not be available for data sources that aren't publicly accessible when connected through a managed private endpoint. However, the data is securely transmitted and flows correctly to the Eventstream.

Related content