Azure Data Explorer / Data Connection from IOT hub in different tenant

Ed Goward 96 Reputation points

We're migrating between Azure tenants and have come across some infrastructure connectivity niggles I'd like help with.

In the old tenant we have an IOT hub which our external devices report telemetry through.

In the new Azure tenant we have a TSI Gen2 instance. This is subscribed to events from the old tenant using a manually generated event source which includes a sharedAccessKey as per docs here. This isn't great security but does allow events to pass between the subscriptions.

We are trying to do the same thing with an Azure Data Explorer Data Connection however as per the Kusto docs here, it doesn't appear to be possible to manually specify a SAS key. I'd prefer to connect using a managed identity which it does support however but that only appears to work within the same tenant.

Any suggestions on getting data into ADX from an IOT hub in a different tenant?

Azure IoT Hub
Azure IoT Hub
An Azure service that enables bidirectional communication between internet of things (IoT) devices and applications.
1,078 questions
Azure Event Hubs
Azure Event Hubs
An Azure real-time data ingestion service.
525 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,577 questions
{count} votes

Accepted answer
  1. Ed Goward 96 Reputation points

    We have a solution that should be good enough for our use case.

    If you ask it nicely (via Arm or the CLI), an IOT hub can route to event hubs using a target connection string including a shared access key that works cross tenant. So our old IOT hub can send messages to a new event hub and ADX can ingest via a data connection to that.

    Thanks to @Sander van de Velde for encouraging me to delve deeper.

    0 comments No comments

0 additional answers

Sort by: Most helpful