Secure Data Streaming with Managed Private Endpoints in Eventstream (Preview)
Introducing Managed VNet Support for Fabric Eventstream! By creating a Fabric’s Managed Private Endpoint, you can now securely connect Eventstream to your Azure services, such as Azure Event Hubs or IoT Hub, within a private network or behind a firewall. This integration ensures your data is securely transmitted over a private network, enabling you to leverage the full potential of real-time streaming and high-performance data processing in Eventstream.
The diagram below shows how Eventstream pulls data from your Azure event hub within a virtual network using a Managed Private Endpoint.
What’s managed private endpoint?
Managed Private Endpoint is a network security feature provided by the Fabric platform that allows Fabric items e.g., Eventstream to securely access data sources behind a firewall or not accessible from the public internet. It’s primarily used for secure outbound scenarios where Fabric items need to access and pull data from external sources. Managed private endpoints are supported for various data sources including Azure Event Hubs and Azure IoT Hub.
To learn more about Managed Private Endpoints and supported data sources, visit Overview of managed private endpoints for Microsoft Fabric.
Connect to Azure Event Hubs using a managed private endpoint
Setting up a private connection in Eventstream is straightforward. Follow the steps below to create a managed private endpoint for an Azure event hub and pull data to Eventstream over a private network. For more detailed instructions, visit Connect to Azure streaming sources using managed private endpoints
Step 1: Create an eventstream
- Switch your Power BI experience to Real-time Intelligence.
- Navigate to the Eventstream section and click Create. Name your Eventstream e.g. “eventstream-1”.
Step 2: Create a managed private endpoint
- In the Fabric workspace, go to the Workspace settings and navigate to the Network security section.
- Click Create to add a new managed private endpoint.
- Enter the resource ID of your Azure event hub.
Step 3: Approve the private endpoint connection in Azure Event Hubs
- Go to the Azure portal and open your Azure event hub.
- In the Networking section, navigate to the Private endpoint connections tab.
- Locate the private endpoint request from your Fabric workspace and approve it, this may take a few minutes.
- Once approved, the managed private endpoint status will update to Approved.
Step 4: Add Azure Event Hubs source to Eventstream
- Go back to the Eventstream you created in Fabric.
- Select your Azure event hub and add it to the Eventstream.
- Once successfully added, Eventstream will start pulling data from your event hub over the private network.
By following these steps, you’ll have a fully operational Eventstream running over a secure private network, leveraging Fabric’s managed private endpoint to ensure secure data streaming.
