Set up continuous export to an event hub behind a firewall
In a situation where an event hub is behind a firewall, you can enable continuous export as a trusted service so that you can send data to the event hub.
Prerequisites
- Set up continuous export in the Azure portal or set up continuous export with Azure Policy or set up continuous export with REST API.
Set up continuous export to the eventhub
You can enable continuous export as a trusted service so that you can send data to an event hub that has Azure Firewall enabled.
To grant access to continuous export as a trusted service:
Sign in to the Azure portal.
Go to Microsoft Defender for Cloud > Environmental settings.
Select the relevant resource.
Select Continuous export.
Select Export as a trusted service.
Add the relevant role assignment to the destination event hub.
To add the relevant role assignment to the destination event hub:
Go to the selected event hub.
In the resource menu, select Access control (IAM) > Add role assignment.
Select Azure Event Hubs Data Sender.
Select the Members tab.
Choose + Select members.
Search for and then select Azure Security Resource Provider.
Select Review + assign.