You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Seokwon Yang (Jira)" <ji...@apache.org> on 2020/04/23 17:13:00 UTC

[jira] [Commented] (NIFI-6149) Azure EventHub Managed identities integration

    [ https://issues.apache.org/jira/browse/NIFI-6149?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17090769#comment-17090769 ] 

Seokwon Yang commented on NIFI-6149:
------------------------------------

[~tobylerone], [~SUNILEMANJEE@GMAIL.COM] : I have a PR up for this feature support. [https://github.com/apache/nifi/pull/4226]

Would you take a look at and try out? Make sure to add IAM role (Azure Event Hubs Data Owner role) to your VM or VMSS for your test. Just enabling MSI would not allow to push/read  data to/from event hub. 

> Azure EventHub Managed identities integration
> ---------------------------------------------
>
>                 Key: NIFI-6149
>                 URL: https://issues.apache.org/jira/browse/NIFI-6149
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework, Extensions
>    Affects Versions: 1.8.0, 1.9.0
>            Reporter: Sunile Manjee
>            Assignee: Seokwon Yang
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Currently all event hub processors seem to use [Shared Access Signature (SAS)|https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas]tokens.  A emerging pattern (might be the dominate pattern) is to integrate with [Managed identities for Azure resources|https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview].  Instead of NiFi using the Shared Access Token (SAS) token provider, NiFi should create a token provider for the managed identity with the following call:
>  {{TokenProvider.CreateManagedServiceIdentityTokenProvider(ServiceAudience.EventHubAudience)}}call.
> As such, there are no secrets to save and use.
>  
> _Some of the above text copied from azure, giving azure docs proper credit._
>  
> Code examples and full details on how applications (like NiFi) would integrate with Azure Managed Identities (Azure Active Directory).
> https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-managed-service-identity
>  
>  
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)