We need add the new config parameters introduced in elastic/beats#47256 into the related azure integrations.
This enhances Azure Event Hub input plugin for Elastic Agent with RBAC authorization (OAuth2) due to security requirements. Previously we only support shared access key (with connection string) for authentication.
The implementation added a new config parameter called auth_type for users to specify authentication method:
When auth_type is set to connection_string, or leave it blank: connection_string is required.
When auth_type is set to client_secret, oauth2 is used.
Note: We do expect users to use the same auth type for both eventhub and storage account.
OAuth2 specific Configuration Parameters (auth_type=client_secret):
- eventhub_namespace: Fully qualified namespace (e.g., namespace.servicebus.windows.net)
- tenant_id: Azure AD tenant ID
- client_id: Azure AD application (client) ID
- client_secret: Azure AD application client secret
- authority_host: Azure AD authority host (optional, defaults to Azure Public Cloud).
https://login.microsoftonline.com is the default.
We need add the new config parameters introduced in elastic/beats#47256 into the related azure integrations.
This enhances Azure Event Hub input plugin for Elastic Agent with RBAC authorization (OAuth2) due to security requirements. Previously we only support shared access key (with connection string) for authentication.
The implementation added a new config parameter called
auth_typefor users to specify authentication method:When
auth_typeis set toconnection_string, or leave it blank:connection_stringis required.When
auth_typeis set toclient_secret,oauth2is used.Note: We do expect users to use the same auth type for both eventhub and storage account.
OAuth2 specific Configuration Parameters (auth_type=client_secret):
https://login.microsoftonline.comis the default.