Disabling public network access of the Event Hub seems to block any access even if vnet rule is matched
中垣 茂(ESM)
0
Reputation points
Hi.
I'm trying to disable public network access of the Event Hub. But it seems to block every thing.
The environment is below.
- Event Hub (public network access = false with vnet rules)
- Private Endpoint
- Private DNS Zone (privatelink.servicebus.windows.net)
- Python (azure-eventhub 5.11.5)
- Sender: Azure Linux Web App
- Receiver: Azure Linux Function (Event Hub Trigger)
- Deploy: terraform with Azure RM Provider (3.81.0)
The result is below.
- Sender: I guess the connection was time-outed. (the message is
CBS Authorization failed
. But it seems not to be able to connect to the Event Hub.) - Receiver: Connection was refused because non-trusted service (Diagnostics log said)
If we enable the public network access, the result is below.
- Sender: success (Diagnostics OperationLogs said)
- api-version=2022-10 from Azure Linux Web App
- api-version=2021-10 from Azure Linux Function (on trigger another function from a receiver function)
- I don't know why there are different api version even we use same version of the library.
- api-version=2021-10 from Azure Linux Function (on trigger another function from a receiver function)
- api-version=2022-10 from Azure Linux Web App
- Receiver: Accept Connection (Diagnostics EventHubVNetConnectionEvent said)
- reason: Matched VNet rule.
- IPAddress: it seems IPv6
- reason: Matched VNet rule.
Can't we disable public network access of Event Hub even if we use only vnet?
I read the following documents. But no clue.
https://video2.skills-academy.com/en-us/azure/event-hubs/event-hubs-service-endpoints
https://video2.skills-academy.com/en-us/azure/event-hubs/private-link-service
Sign in to answer