What is the expected data plane read/write behavior on a secondary namespace when using RBAC authentication?

Giovanni Ortiz 20 Reputation points Microsoft Employee
2023-01-24T19:19:12.9833333+00:00

I have two Event Hubs namespaces configured as a geo-recovery pair. While the pairing is active, any data plane read/write operations sent directly to the secondary namespace using shared access keys for authentication are rejected by EH, effectively making the secondary namespace strictly passive until manual failover. However, using RBAC authentication, clients are able to read and write messages to the secondary namespace regardless of the state of the geo-recovery pairing.

What is the expected data plane read/write behavior on a secondary namespace when using RBAC authentication?

Azure Event Hubs
Azure Event Hubs
An Azure real-time data ingestion service.
556 questions
Accepted answer
  1. KranthiPakala-MSFT 46,422 Reputation points Microsoft Employee
    2023-02-17T00:04:00.9666667+00:00

    Hi Giovanni Ortiz,

    Product team confirmed that they have identified a bug with the behavior you have noticed and working on fixing it. I do not have a definite ETA at this point but will keep you posted as I get more updates on the fix.

    Expected behavior: Excepted behavior is that regardless of the auth type, secondary namespace should always block any request other than the GET.

    Appreciate much for reporting this issue here and helping improve Azure products.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest