Azure Event Hubs - Namespaces Hubs Schema Registry RBAC
Microsoft has added a Schema Registry to their Azure Event Hubs. This is another feature parity checkbox for those thinking of moving from Kafka to Event Hubs. The Schema Registry at this point feels like it was created by a different team with a slightly different organizational structure and RBAC than that of the Hubs themselves.
Schema Registries are useful in a lot of circumstances. Microsoft would have been better served by Making the Schema Registry a stand-alone offering with its own Portal blade.
The video below walks through how the Schema Registry is fitted into Event Hubs.
Video
Speaker Notes
Namespaces
Namespaces are the Azure EventHubs primary top-level organizational unit.- Hub RBAC can be applied at the Namespace level.
- Schema Registry RBAC can be applied at the Namespace level
Hubs
Hubs are the individual event streams. They are topics in Kafa terms
- Access tokens are supported at the Hub level
- RBAC can be applied at the Hub level.
- RBAC applied at the Namespace level is inherited by all of the contained Hubs
Schemas
Schemas are data contracts that describe AVRO or other message types. They are often logically bound to an Event Hub documenting that Hub's data contracts. Schemas support schema evolution. They can be configured at the time of creation to support backwards or forwards compatible changes.
Schema topology differs from Hubs in that they reside in Schema Groups instead of directly in the Namespace. Schemas are similar to Kafka Schemas.
- RBAC can be applied at the Namespace level.
- RBAC applied at the Namespace level is inherited by all the contained Schemas
Schema Registry
A Schema Registry is an organizational construct inside the Namespace to manage Hub schemas. Schemas are contained in Schema Groups that are contained in Schema Registries. Event Hub Schema Registries are similar but not identical to the Kafka Schema Registry.
- RBAC can be applied at the Namespace level.
- RBAC applied at the Namespace level is inherited by all the contained Schemas.
- RBAC cannot be applied directly to a Schema Registry.
Schema Groups
A Schema Group is an organizational construct inside the Schema Registry that sits inside a Namespace. A Schema Group can contain any number of Schemas.
The provisioned tier determines the number of Schema Groups that are allowed. The standard tier is limited to one Schema Group. The number of schema versions is also limited by tier. There can be only one Schema Group in a given Event Hubs Namespace. This feels like a work in progress at the end of 2021.
- RBAC can be applied at the Namespace level.
- RBAC applied at the Namespace level is inherited by all the contained Schemas. The permissions transit from the Namespace through the Schema Registry, through the Schema Group, to be seen at the Schema level.
- RBAC cannot be applied directly to a Schema Group.
References
- https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-quotas
Source Code
GitHub repository to create the Azure environment in video
- https://github.com/freemansoft/eventhubs-sanbox-azure
Created 2021 12
Updated 2022 01
Comments
Post a Comment