Skip to content

Repo sync for protected branch #2690

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
learn-build-service-prod merged 4 commits into from
Jul 22, 2025
Merged

Repo sync for protected branch #2690

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1eca951
Update ingest-data-event-grid-overview.md
vladikbr Jul 21, 2025
a4f4653
Merge pull request #6997 from vladikbr/patch-25
prmerger-automator[bot] Jul 22, 2025
bab892a
Merge pull request #7002 from MicrosoftDocs/main
learn-build-service-prod[bot] Jul 22, 2025
4d875dd
Merging changes synced from https://github.com/MicrosoftDocs/dataexpl…
Jul 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion data-explorer/ingest-data-event-grid-overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,16 @@ For general information about data ingestion in Azure Data Explorer, see [Azure
## Event Grid data connection authentication mechanisms

* [Managed Identity](managed-identities-overview.md) based data connection (recommended): Using a managed identity-based data connection is the most secure way to connect to data sources. It provides full control over the ability to fetch data from a data source.
Setup of an Event Grid data connection using managed identity requires the following steps:

Setup of an Event Grid data connection using managed identity requires the following steps and permissions:
1. Make sure you have [EventGrid Contributor](/azure/role-based-access-control/built-in-roles/integration#eventgrid-contributor) role assignment on the Azure subscribtion of the source data storage account.
1. [Add a managed identity to your cluster](configure-managed-identities-cluster.md).
1. [Grant permissions to the managed identity on the data source](ingest-data-managed-identity.md#grant-permissions-to-the-managed-identity). To fetch data from Azure Storage, the managed identity must have at least [Storage Blob Data Reader](/azure/role-based-access-control/built-in-roles#storage-blob-data-reader) permissions on the Azure Storage account.
1. Grant permissions to the managed identity on the event hub. To fetch blob notifications from the event hub, the managed identity must have [Azure Event Hubs Data Receiver](/azure/role-based-access-control/built-in-roles#azure-event-hubs-data-receiver) permissions on the Azure Event Hubs.
1. Set a [managed identity policy](/kusto/management/managed-identity-policy?view=azure-data-explorer&preserve-view=true) on the target databases.
1. Create a data connection using managed identity authentication to fetch data.


> [!Note]
>
> * The event hub consumer group *must* be unique per consumer. Create a dedicated consumer group for every Azure Data Explorer data connection.
Expand Down