Azure-docs: Setting event hub policy
It is no longer possible to set an event hub policy other than "RootManageSharedAccessKey" which is set as a default. This is a security risk as it effectively provides admin rights on the namespace and event hub. Can you please fix?
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 0ca576e1-fafa-3a02-6d29-394f342bc737
- Version Independent ID: a6a83de5-41fd-2dce-eb86-cee6c086c07d
- Content: Create diagnostic settings to send platform logs and metrics to different destinations - Azure Monitor
- Content Source: articles/azure-monitor/platform/diagnostic-settings.md
- Service: azure-monitor
- Sub-service: logs
- GitHub Login: @bwren
- Microsoft Alias: bwren
scunge6006
All 3 comments
@scunge6006 Thanks for your comment! We will review and provide an update as appropriate.
KrishnaG-MSFT
on 25 Jun 2020
@scunge6006 Thanks for your valuable feedback. When diagnostic settings are enabled to send logs to Event Hub, diagnostic settings creates event hubs in the event hub namespace if they do not exist. Therefore, it needs manage permissions to create them.
As this is more of feature request than documentation change, I would recommend you to navigate here and share your feedback or suggestions directly with the responsible Azure feature team and clicking the vote button of your suggestion to raise visibility and priority on it.
Hope this helps ! We will close the issue for now. If there are further questions , please revert and we will be glad to assist you.
SwathiDhanwada-MSFT
on 1 Jul 2020
Thanks for the update and suggestion. I will follow up with contacting the Azure team.
Miles
From: SwathiDhanwada-MSFT notifications@github.com
Sent: Wednesday, 1 July 2020 7:28 PM
To: MicrosoftDocs/azure-docs azure-docs@noreply.github.com
Cc: Scott Hill, Miles Miles.Scott-Hill@team.telstra.com; Mention mention@noreply.github.com
Subject: Re: [MicrosoftDocs/azure-docs] Setting event hub policy (#57827)
[External Email] This email was sent from outside the organisation – be cautious, particularly with links and attachments.
@scunge6006https://github.com/scunge6006 Thanks for your valuable feedback. When diagnostic settings are enabled to send logs to Event Hub, diagnostic settings creates event hubs in the event hub namespace if they do not exist. Therefore, it needs manage permissions to create them.
As this is more of feature request than documentation change, I would recommend you to navigate herehttps://feedback.azure.com/forums/267889-azure-monitor-log-analytics and share your feedback or suggestions directly with the responsible Azure feature team and clicking the vote button of your suggestion to raise visibility and priority on it.
Hope this helps ! We will close the issue for now. If there are further questions , please revert and we will be glad to assist you.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHubhttps://github.com/MicrosoftDocs/azure-docs/issues/57827#issuecomment-652243902, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AM6TUWKU22PKS5254EZVYA3RZLQQRANCNFSM4OHXSTBA.
scunge6006
on 2 Jul 2020
Related issues
monteledwards
·
3Comments
AronT-TLV
·
3Comments
mrdfuse
·
3Comments
spottedmahn
·
3Comments
jharbieh
·
3Comments