Prerequisites for Creating a Connection

You must satisfy the following prerequisites to create a connection with the Azure Event Grid Adapter:

• Have an Azure subscription.
• Know the ID for a subscription in the Azure portal. To retrieve the subscription ID, see Find your Azure subscription ID.
• Know the API version. Get the API version from the Connectivity Certification Matrix.
• Create a resource group in the Azure portal. See Create resource groups.
• For authorizing access to the Azure Resource Group, Azure provides built-in roles for Event Grid. For more details about the roles, see Azure Built-in roles for Azure Event Grid.
• Register an application in the Azure portal and obtain the client ID, client secret, and tenant ID. A new application registration is required to obtain the client ID, client secret, and tenant ID. See Register a new application.

  Note:

  You use the client ID, client secret, and tenant ID later when configuring security for your Azure Event Grid Adapter connection. See Configure Connection Security.
• (Required only for trigger connections) Create a user in the Oracle Cloud Infrastructure identity domain that has the same user name as the client ID of the Azure-registered application and assign it the ServiceInvoker role. See Manage Access and Assign Roles in Provisioning and Administering Oracle Integration 3.

Prerequisites for Using a Private Namespace Operation

Before using an Azure Event Grid private namespace with a connectivity agent, ensure that the following prerequisites are met.

• Connectivity Agent Deployment Requirements
• DNS Configuration Requirements

Connectivity Agent Deployment Requirements

• The private namespace is certified for use with a connectivity agent and must be accessed from a private network.
• Install the connectivity agent on a virtual machine that runs within the Azure Virtual Network (VNet) hosting the Event Grid private namespace.
• Ensure the agent VM has network connectivity to the private namespace.

DNS Configuration Requirements

You must validate and configure DNS resolution for the agent VM to successfully connect to the Azure Event Grid private namespace.

1. Identify the private DNS name (canonical name (CNAME) validation).
   1. Run the following command from the VM where the connectivity agent is installed:

      nslookup namespace-name.region.eventgrid.azure.net

      Example:

      nslookup azure-private-namespace.eastus-1.eventgrid.azure.net

      Expected output:

      canonical name = azure-private-namespace.eastus-1.privatelink.eventgrid.azure.net

      Note:

      (Important) The returned CNAME determines the exact DNS record that must exist in the private DNS zone.
2. Verify the private DNS zone and VNet link.
   1. In the Azure portal, navigate to Azure Portal, then Private DNS Zones, then privatelink.eventgrid.azure.net, then DNS management, and then Virtual network links.
   2. Verify the following:
      • The connectivity agent VM's VNet is listed.
      • The link status is Succeeded.
      • Optional: Autoregistration

      Note:

      If the connectivity agent VM is in a peered VNet, ensure that the private DNS zone is linked to both VNets.
3. Verify the A-record in the private DNS zone.
   1. In the Azure portal, navigate to Private DNS Zones, then privatelink.eventgrid.azure.net, and then Record sets.
   2. Confirm that an A-record exists with the following values:

      Field	Value
      Record name	namespace-name.region
      IP address	Private endpoint IP address (for example, 10.x.x.x)