Secure Data Streaming with Private Endpoints in Eventstream (Generally Available)

• Announcements
• Real-Time Intelligence

• juli 16, 2025 från Alex Lin 18 834 Visningar

We’re excited to announce the General Availability of Managed Private Endpoints (MPE) in Fabric Eventstream. This network security feature allows you to stream data from Azure resources to Fabric over a private and secure network without the complexity of manual network configurations.

Why Network Security Matters for Streaming

As organizations increasingly adopt real-time data streaming and analytics, network security is no longer optional. Streaming data over the public internet exposes you to potential risks such as unauthorized access, data leakage, or failing to meet regulatory standards.

Eventstream addresses these challenges through integration with Fabric’s Managed Private Endpoint (MPE), enabling private connections to your Azure resources. With MPE, you can:

• Ingest data privately from Azure Event Hub and Azure IoT Hub that operate in an isolated network.
• Keep data processing entirely within a protected environment, especially in scenarios where your Fabric tenant or workspace has public access disabled.

By securing the data transmission at the network level, Eventstream ensures your data streaming is not only real-time, but also reliable, compliant, and secure by design.

What’s New in GA

With Managed Private Endpoint in Eventstream now generally available, customers now benefit from:

• Production-ready and improved error messages: MPE is now fully supported, offering a more stable and reliable experience. The GA release includes clearer error messages and enhanced diagnostics to make troubleshooting easier.
• Expanded Region Availability: You can now create managed private endpoints in the following regions:

• Improved UI Indicators: Once an Azure source is securely connected via a managed private endpoint, Eventstream now displays an icon confirming the secure connection.

How it works

In a common data streaming architecture, your Azure resource e.g., Azure Event Hub is deployed within a Virtual Network (VNet) or protected by firewall rules to restrict public access. With MPE, Eventstream can establish a secure connection to those resources without exposing them to the public internet.

The diagram shows a sample setup where Eventstream connects to an Azure event hub within a VNet using an MPE.

Get Started

Creating a managed private endpoint is easy—just go to Workspace settings, navigate to Network security, and set up an MPE to your Azure Event Hub or IoT Hub. Approve the Private endpoint connection in Azure, and you’re ready to stream data securely and privately into Eventstream.

For step-by-step instructions, check out our documentation: Connect to Azure resources securely using managed private endpoints. 

Need Help or Have Feedback?

Feel free to reach out via email at askeventstreams@microsoft.com. You can also submit feedback or feature request on Fabric Ideas, and join the conversation with fellow users in the Fabric Community.