Hi rkum,
Here you can find the network security mechaanism that you can use to protect Azure Event Hub traffic ( https://video2.skills-academy.com/en-us/azure/event-hubs/network-security )
-
Azure event hub network built in firewall rules
here you can setup your Public network acces as Selected networks and manually add Ips or networks IDs to the access list. (Inbound Access)
Additional information: https://video2.skills-academy.com/en-us/azure/event-hubs/event-hubs-ip-filtering
-
Bind event hubs to virtual networks
This require two step process , first one create a virtual network and a service endpoint for EventHub there (https://video2.skills-academy.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview) and second step is bind the Event hub namespace to a network rule. (Keep the communication on Microsoft backbone)
Additional information: https://video2.skills-academy.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview https://video2.skills-academy.com/en-us/azure/event-hubs/event-hubs-service-endpoints
-
Create Private endpoint
Here like the before option integrate directly to a vnet, her you can include a more complex network architecture and include Azure firewall if it's needed .
Additional information: https://video2.skills-academy.com/en-us/azure/private-link/private-link-overview
After configure these services you will have this path of communication secure:
Azure Event Hub <--- Inbound --- Other services
Let me know if this is helpfull and if you need additional assitance.
Cheers,
Luis