tested & updated

spelluru · spelluru · commit 6bbf9a0ee5c8 · 2022-09-27T13:30:37.000-04:00
diff --git a/articles/event-hubs/event-hubs-quickstart-kafka-enabled-event-hubs.md b/articles/event-hubs/event-hubs-quickstart-kafka-enabled-event-hubs.md
@@ -19,10 +19,10 @@ To complete this quickstart, make sure you have the following prerequisites:
 
 * Read through the [Event Hubs for Apache Kafka](event-hubs-for-kafka-ecosystem-overview.md) article.
 * An Azure subscription. If you don't have one, create a [free account](https://azure.microsoft.com/free/?ref=microsoft.com&utm_source=microsoft.com&utm_medium=docs&utm_campaign=visualstudio) before you begin.
-* [Java Development Kit (JDK) 1.7+](/azure/developer/java/fundamentals/java-support-on-azure).
-* [Download](https://maven.apache.org/download.cgi) and [install](https://maven.apache.org/install.html) a Maven binary archive.
-* [Git](https://www.git-scm.com/)
-* To run this quickstart using managed identity, you need to run it on an Azure virtual machine.
+* Create a Windows virtual machine and install the following components: 
+    * [Java Development Kit (JDK) 1.7+](/azure/developer/java/fundamentals/java-support-on-azure).
+    * [Download](https://maven.apache.org/download.cgi) and [install](https://maven.apache.org/install.html) a Maven binary archive.
+    * [Git](https://www.git-scm.com/)
 
 ## Create an Event Hubs namespace
 
@@ -34,78 +34,45 @@ When you create an Event Hubs namespace, the Kafka endpoint for the namespace is
 ## Send and receive messages with Kafka in Event Hubs
 
 ### [Passwordless (Recommended)](#tab/passwordless)
-
-1. Managed identities for Azure resources provide Azure services with an automatically managed identity in Azure Active Directory. You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code.
-
-   Azure Event Hubs supports using Azure Active Directory (Azure AD) to authorize requests to Event Hubs resources. With Azure AD, you can use Azure role-based access control (Azure RBAC) to grant permissions to a security principal, which may be a user, or an application service principal.
-
-   To use Managed Identity, you can create or configure a virtual machine using a system-assigned managed identity. For more information about configuring managed identity on a VM, see [Configure managed identities for Azure resources on a VM using the Azure portal](../active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm.md#system-assigned-managed-identity).
-
-1. In the virtual machine that you configure managed identity, clone the [Azure Event Hubs for Kafka repository](https://github.com/Azure/azure-event-hubs-for-kafka).
-
-1. Navigate to *azure-event-hubs-for-kafka/quickstart/java/producer*.
-
-1. Update the configuration details for the producer in *src/main/resources/producer.config* as follows:
-
-   After you configure the virtual machine with managed identity, you need to add managed identity to Event Hubs namespace. For that you need to follow these steps.
-
-   * In the Azure portal, navigate to your Event Hubs namespace. Go to **Access Control (IAM)** in the left navigation.
-
-   * Select **Add** and select `Add role assignment`.
-
-   * In the **Role** tab, select **Azure Event Hubs Data Owner**, then select **Next**=.
-
-   * In the **Members** tab, select the **Managed Identity** radio button for the type to assign access to.
-
-   * Select the **Select members** link. In the **Managed Identity** dropdown, select **Virtual Machine**, then select your virtual machine's managed identity.
-
-   * Select **Review + Assign**.
-
-1. After you configure managed identity, you can update *src/main/resources/producer.config* as shown below.
-
-   ```xml
-   bootstrap.servers=NAMESPACENAME.servicebus.windows.net:9093
-   security.protocol=SASL_SSL
-   sasl.mechanism=OAUTHBEARER
-   sasl.jaas.config=org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required;
-   sasl.login.callback.handler.class=CustomAuthenticateCallbackHandler;
-   ```
-
-   You can find the source code for the sample handler class CustomAuthenticateCallbackHandler on GitHub [here](https://github.com/Azure/azure-event-hubs-for-kafka/tree/master/tutorials/oauth/java/appsecret/producer/src/main/java).
-
-1. Run the producer code and stream events into Event Hubs:
-
-   ```shell
-   mvn clean package
-   mvn exec:java -Dexec.mainClass="TestProducer"
-   ```
-
-1. Navigate to *azure-event-hubs-for-kafka/quickstart/java/consumer*.
-
-1. Update the configuration details for the consumer in *src/main/resources/consumer.config* as follows:
-
-1. Make sure you configure managed identity as mentioned in step 3 and use the following consumer configuration.
-
-   ```xml
-   bootstrap.servers=NAMESPACENAME.servicebus.windows.net:9093
-   security.protocol=SASL_SSL
-   sasl.mechanism=OAUTHBEARER
-   sasl.jaas.config=org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required;
-   sasl.login.callback.handler.class=CustomAuthenticateCallbackHandler;
-   ```
-
-   You can find the source code for the sample handler class CustomAuthenticateCallbackHandler on GitHub [here](https://github.com/Azure/azure-event-hubs-for-kafka/tree/master/tutorials/oauth/java/appsecret/consumer/src/main/java).
-
-   You can find all the OAuth samples for Event Hubs for Kafka [here](https://github.com/Azure/azure-event-hubs-for-kafka/tree/master/tutorials/oauth).
-
-1. Run the consumer code and process events from event hub using your Kafka clients:
-
-   ```java
-   mvn clean package
-   mvn exec:java -Dexec.mainClass="TestConsumer"
-   ```
-
-   If your Event Hubs Kafka cluster has events, you now start receiving them from the consumer.
+1. Enable a system-assigned managed identity for the virtual machine. For more information about configuring managed identity on a VM, see [Configure managed identities for Azure resources on a VM using the Azure portal](../active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm.md#system-assigned-managed-identity). Managed identities for Azure resources provide Azure services with an automatically managed identity in Azure Active Directory. You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code.
+2. Using the **Access control** page of the Event Hubs namespace you created, assign **Azure Event Hubs Data Owner** role to the VM's managed identity. 
+Azure Event Hubs supports using Azure Active Directory (Azure AD) to authorize requests to Event Hubs resources. With Azure AD, you can use Azure role-based access control (Azure RBAC) to grant permissions to a security principal, which may be a user, or an application service principal.    
+    1. In the Azure portal, navigate to your Event Hubs namespace. Go to "Access Control (IAM)" in the left navigation.    
+    2. Select + Add and select `Add role assignment`.    
+    3. In the Role tab, select `Azure Event Hubs Data Owner` and select the Next button.    
+    4. In the `Members` tab, select the `Managed Identity` radio button for type to assign access to.    
+    5. Select the `+Select members` link. In the Managed Identity dropdown, select Virtual Machine and select your virtual machine's managed identity.    
+    6. Select `Review + Assign`.
+1. Log in to the VM for which you configured the managed identity, and clone the [Azure Event Hubs for Kafka repository](https://github.com/Azure/azure-event-hubs-for-kafka).
+1. Navigate to `azure-event-hubs-for-kafka/tutorials/oauth/java/managedidentity/consumer`.
+6. Switch to the `src/main/resources/` folder, and open `consumer.config`. Replace `namespacename` with the name of your Event Hubs namespace. 
+
+    ```xml
+    bootstrap.servers=NAMESPACENAME.servicebus.windows.net:9093
+    security.protocol=SASL_SSL
+    sasl.mechanism=OAUTHBEARER
+    sasl.jaas.config=org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required;
+    sasl.login.callback.handler.class=CustomAuthenticateCallbackHandler;
+    ```    
+
+    > [!NOTE]
+    > You can find all the OAuth samples for Event Hubs for Kafka [here](https://github.com/Azure/azure-event-hubs-for-kafka/tree/master/tutorials/oauth).
+7. Run the consumer code and process events from event hub using your Kafka clients:
+
+    ```java
+    mvn clean package
+    mvn exec:java -Dexec.mainClass="TestConsumer"                                    
+    ```
+1. Navigate to `azure-event-hubs-for-kafka/tutorials/oauth/java/managedidentity/producer`.
+1. Switch to the `src/main/resources/` folder, and open `producer.config`. Replace `mynamespace` with the name of your Event Hubs namespace.       
+4. Switch back to the **Producer** folder where the `pom.xml` file is and, run the producer code and stream events into Event Hubs:
+   
+    ```shell
+    mvn clean package
+    mvn exec:java -Dexec.mainClass="TestProducer"                                    
+    ```    
+
+    You should see messages about events sent in the producer window. Now, check the consumer app window to see the messages that it receives from the event hub.
 
 ### [Connection string](#tab/connection-string)
 
