I am able to send the events to the EventHub using below Link.
Above article is using Eventhub connection string to send the event hub. If someone (unknown user) know my event hub connection string they can also send the events.
So i want add some users like below in the portal and Users from below("Access control" in below screen shot) list only can send the events to my EventHub. Is there any way restrict like this?
No, you can't. There is a preview feature as mentioned in the comment, it uses azure ad RBAC role to authorize access to eventhub, but this is just another different way, if someone knows your connection string, he can also send the events.
My workaround is to use the Azure Keyvault to store the connection string as a secret. Then you can set the Access policies of the keyvault, add the user/service principal which you want. Then only the users/service principals with the permissions can retrieve the secret.
In the sample which you mentioned, it uses the plain text
static string connectionString = "namespace connection string", I suppose you may think it is not safe. After you store the connection string in the keyvault, you could use keyVaultClient.GetSecretAsync to get the secret to avoid to expose the connection string.
AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
KeyVaultClient keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
var secret = await keyVaultClient.GetSecretAsync("https://<YourKeyVaultName>.vault.azure.net/secrets/AppSecret")
.ConfigureAwait(false);
Message = secret.Value;
For more details, you could refer to the links below.
