Subscribe on a messaging service (servicebus, eventhubs, ...) using Managed Identity

Question

Subscribe on a messaging service (servicebus, eventhubs, ...) using Managed Identity

Closed this issue a year ago · 2 comments

I'm not sure if this is already possible, but I haven't found anything on it in the docs.

AFAIK, we must always provide a connection-string to the message-pump in order to be able to connect to Service Bus, EventHub, etc...
It would be nice if we could achieve that using managed identity as well. The App that is created must have an identity then of course, and that identity must be assigned to the correct roles in Azure for this to work.
If this would be possible, this would be a huge security improvement imho.

(Maybe this is already possible without having to make a code change ? It's a matter of passing in the URL to the endpoint which doesn't contain any tokens / secrets, and setting the correct roles on identity level).

Answer 1 · 2023-07-19T04:28:59.000Z

We already support managed identity for Service Bus: https://messaging.arcus-azure.net/Features/message-handling/service-bus#pump-configuration

EventHubs, not yet, I think.

Answer 2 · 2023-07-19T07:54:43.000Z

We already support managed identity for Service Bus: https://messaging.arcus-azure.net/Features/message-handling/service-bus#pump-configuration

EventHubs, not yet, I think.

Great! I missed that / overlooked it in the docs.