Azure Event Hubs - Namespaces Hubs Schema Registry RBAC

Microsoft has added a Schema Registry to their Azure Event Hubs.  This is another feature parity checkbox for those thinking of moving from Kafka to Event Hubs. The Schema Registry at this point feels like it was created by a different team with a slightly different organizational structure and RBAC than that of the Hubs themselves. 

Schema Registries are useful in a lot of circumstances. Microsoft would have been better served by Making the Schema Registry a stand-alone offering with its own Portal blade.  

The video below walks through how the Schema Registry is fitted into Event Hubs.



Video

 

Speaker Notes

Namespaces

Namespaces are the Azure EventHubs primary top-level organizational unit.
  • Hub RBAC can be applied at the Namespace level.
  • Schema Registry RBAC can be applied at the Namespace level

Hubs

Hubs are the individual event streams. They are topics in Kafa terms
  • Access tokens are supported at the Hub level
  • RBAC can be applied at the Hub level.
  • RBAC applied at the Namespace level is inherited by all of the contained Hubs

Schemas

Schemas are data contracts that describe AVRO or other message types. They are often logically bound to an Event Hub documenting that Hub's data contracts. Schemas support schema evolution. They can be configured at the time of creation to support backwards or forwards compatible changes.

Schema topology differs from Hubs in that they reside in Schema Groups instead of directly in the Namespace. Schemas are similar to Kafka Schemas.
  • RBAC can be applied at the Namespace level.
  • RBAC applied at the Namespace level is inherited by all the contained Schemas

Schema Registry

A Schema Registry is an organizational construct inside the Namespace to manage Hub schemas.  Schemas are contained in Schema Groups that are contained in Schema Registries. Event Hub Schema Registries are similar but not identical to the Kafka Schema Registry. 
  • RBAC can be applied at the Namespace level.
  • RBAC applied at the Namespace level is inherited by all the contained Schemas.
  • RBAC cannot be applied directly to a Schema Registry.

Schema Groups

A Schema Group is an organizational construct inside the Schema Registry that sits inside a Namespace.  A Schema Group can contain any number of Schemas.  

The provisioned tier determines the number of Schema Groups that are allowed.  The standard tier is limited to one Schema Group.  The number of schema versions is also limited by tier. There can be only one Schema Group in a given Event Hubs Namespace. This feels like a work in progress at the end of 2021.
  • RBAC can be applied at the Namespace level.
  • RBAC applied at the Namespace level is inherited by all the contained Schemas. The permissions transit from the Namespace through the Schema Registry, through the Schema Group, to be seen at the Schema level.
  • RBAC cannot be applied directly to a Schema Group.
References
  • https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-quotas

Source Code

GitHub repository to create the Azure environment in video
  •  https://github.com/freemansoft/eventhubs-sanbox-azure


Created 2021 12
Updated 2022 01

Comments

Popular posts from this blog

Installing the RNDIS driver on Windows 11 to use USB Raspberry Pi as network attached

Understanding your WSL2 RAM and swap - Changing the default 50%-25%

Almost PaaS Document Parsing with Tika and AWS Elastic Beanstalk