fhessen | a blog about Azure

Enhancing observability with the power of Azure Event Grid

Several things have an impact on how a system functions, and to be able to monitor those things are crucial. In an earlier post i described the concept of release annotations in Application Insights, and how they can be used for more than just regular DevOps deployments.

When using a cloud platform like Azure there is a large number of events happening in the background, and Azure Event Grid acts as a pub/sub service where you can subscribe to these events that are happening throughout your infrastructure.

In other words, when you commit a change to one of your services, an event will occur, and that event will be published on the Event Grid.

Some of these events involve configuration changes to your applications or to your central configuration store like we have in Azure App Configuration (AAC). Each time we adjust or add a new key or secret in AAC an event is pushed into the Event Grid queue.

Using this information enables you to achieve greater knowledge and insight into events that affect your solutions in some way.

I will showcase this by doing the following:

  • Creating an event subscription for values that are added, modified or deleted and setting up a service bus endpoint
  • Analyzing the message that is received when a change occurs
  • Creating a Function App with an Service Bus queue trigger
  • Creating release annotations in Application Insights

Start off by navigating to the Event Grid. This is not a resource you can create, it’s a built-in Azure service. Search for it in the global search. Next, you will have to create a System Topic.

The system topic is fairly simple, you just provide a name, and a location for the topic. Once the topic is created you will need to add an Event Subscription.

The subscription defines which resource you will listen to events on, and which event types you are interested in. In my particular demo I have selected Key-value modified and Key-value deleted. The final step of creating an event subscription is to select which endpoint the message should be routed to. This can be directly to an Azure function, or in my case to a Service Bus queue.

When the subscription is created you can try modifying one of the keys in your AAC service to inspect the event message in detail. In my case I ran a peek into the queue of the service bus to achieve this.

From the json representation below you can see that the key ApiScope with label test has an event type of KeyValueModified which indicates that it has changed. Since there is no KeyValueAdded event type in this particular case we can utilize the dataVersion attribute to conclude if it is a new setting or a changed setting.

{
    "id": "bd56076f-6c6d-4532-a931-97afe3d3200f",
    "topic": "/subscriptions/<subid>/resourceGroups/rg-secret-fhtestcp-test/providers/microsoft.appconfiguration/configurationstores/appcs-fhtestcp-test",
    "subject": "https://appcs-fhtestcp-test.azconfig.io/kv/ApiScope?label=test&api-version=2023-10-01",
    "data": {
        "key": "ApiScope",
        "label": "test",
        "etag": "",
        "syncToken": ""
    },
    "eventType": "Microsoft.AppConfiguration.KeyValueModified",
    "dataVersion": "2",
    "metadataVersion": "1",
    "eventTime": "2025-03-28T13:50:36Z"
}

Next up I used an Azure Function to translate the message from the Event Grid into the expected format for a release annotation for Application Insights. I then performed a PUT to the management.azure.com endpoint with the necessary credentials from an Entra App Registration with write permissions to Application Insights.

{
    "id": "ce6788a6-cef6-4753-93e8-c9a0bed02f5a",
    "annotationName": "Config Change",
    "category": "Deployment",
    "eventTime": "2025-03-28T13:50:41",
    "properties": {
        "changeType": "Microsoft.AppConfiguration.KeyValueModified",
        "changeProperty": "ApiScope"
    }
}

Once the new message is pushed to the API through the Azure function, we can take a look at the Application Insights chart, and we will see that a new release annotation has been created based on the information we got from the Event Grid.

By integrating Azure Event Grid with Application Insights and App Configuration, we can create a more proactive monitoring system for configuration changes. This approach enables visibility into changes that impact our solutions, allowing for quicker troubleshooting.

While this post focused on Azure App Configuration, the same principles can be applied to other services within Azure. Whether tracking infrastructure changes, security events, or application updates – Event Grid provides a powerful mechanism to react in real time.

Azure Event Grid isn’t just a messaging system; it’s a foundation for event-driven intelligence in the cloud.

Posted

in

, ,

by

Frank

Tags:

, ,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *