Azure Event Grid
Enterprise event routing at massive scale. Build reactive, event-driven applications with serverless event delivery, advanced filtering, and seamless Azure integration.
Table of Contents
What is Azure Event Grid?
Azure Event Grid is a fully managed event routing service that enables event-driven, reactive programming using a publish-subscribe model. It simplifies building event-based applications by providing reliable event delivery at massive scale with low latency and pay-per-event pricing.
Key Value Proposition
Event Grid handles the complexity of event routing, retry logic, and scaling so you can focus on building reactive applications. With native integration to 20+ Azure services and support for custom events, it is the backbone of modern serverless and microservices architectures on Azure.
Why Event-Driven Architecture?
Traditional request-response architectures create tight coupling between services. Event-driven architecture decouples producers from consumers, enabling:
- Loose coupling - Publishers do not need to know about subscribers
- Scalability - Add new event handlers without modifying publishers
- Resilience - Failures in one handler do not affect others
- Real-time reactions - Respond to state changes immediately
Event Grid Capabilities
High Performance
- 10 million events per second per topic
- Sub-second latency for event delivery
- 99.99% availability SLA
- Automatic scaling with no provisioning
Native Azure Integration
- System topics for Azure services
- Built-in Azure Functions trigger
- Logic Apps connector
- Event Hubs, Service Bus, Storage destinations
Azure Event Grid Architecture
Understanding Event Grid's core concepts: topics, subscriptions, event handlers, and event schemas.
Topics
Endpoints where events are published. Two types exist:
- System Topics - Built-in topics for Azure services (Storage, IoT Hub, etc.)
- Custom Topics - User-created topics for application events
- Partner Topics - Third-party SaaS provider events
Event Subscriptions
Define which events to receive and where to deliver them:
- Event filtering - Subject, event type, or data field filters
- Destination - Webhook, Function, Logic App, etc.
- Retry policy - Max attempts and time-to-live
- Dead-letter - Storage for failed events
Event Handlers
Destinations that process events:
- Azure Functions - Serverless compute
- Logic Apps - Workflow automation
- Webhooks - HTTP endpoints
- Event Hubs / Service Bus - Messaging
- Storage Queues - Queue-based processing
Event Schema Options
Event Grid Schema (Default)
{
"id": "unique-event-id",
"eventType": "Microsoft.Storage.BlobCreated",
"subject": "/container/blob.txt",
"eventTime": "2025-01-15T10:30:00Z",
"data": {
"api": "PutBlob",
"contentLength": 1024
},
"dataVersion": "1.0",
"topic": "/subscriptions/.../topics/..."
}CloudEvents 1.0 Schema (Recommended)
{
"specversion": "1.0",
"type": "com.myapp.order.created",
"source": "/orders/12345",
"id": "unique-event-id",
"time": "2025-01-15T10:30:00Z",
"datacontenttype": "application/json",
"data": {
"orderId": "12345",
"total": 99.99
}
}Recommendation: Use CloudEvents schema for new applications. It is a CNCF standard that provides interoperability across platforms and vendors.
Azure Event Grid Pricing
Simple, transparent pricing with no upfront costs. Pay only for what you use.
Standard Operations
Publishing, delivery, and management operations for custom and system topics
- First 100,000 operations/month free
- Event publishing to topics
- Event delivery to subscribers
- Advanced filtering operations
- Dead-letter queue operations
Basic Namespace
Event Grid Namespaces with MQTT broker capabilities
- MQTT v3.1.1 and v5 support
- Topic spaces and routing
- Client groups and sessions
- Throughput units (1-40 TUs)
- IoT device connectivity
Partner Events
Events from third-party SaaS partners (Auth0, Twilio, etc.)
- Third-party event sources
- Partner topic subscriptions
- Same delivery guarantees
- Integrated billing
- No additional infrastructure
Monthly Cost Examples
| Scenario | Events/Month | Estimated Cost |
|---|---|---|
| Small application (dev/test) | 100,000 | Free (included) |
| Medium application | 5,000,000 | ~$3.00 |
| Large enterprise application | 100,000,000 | ~$60.00 |
| High-volume IoT platform | 1,000,000,000 | ~$600.00 |
* Estimates based on standard operations at $0.60/million. Actual costs may vary based on advanced filtering complexity and delivery retry attempts.
Event Grid vs Service Bus vs Event Hubs
Choose the right Azure messaging service for your use case. Each service excels in different scenarios.
| Feature | Event Grid | Service Bus | Event Hubs |
|---|---|---|---|
| Primary Use Case | Event-driven reactive programming | Enterprise messaging with transactions | Big data streaming & telemetry |
| Delivery Model | Push (HTTP/HTTPS webhooks) | Pull (queue-based) | Pull (partition-based) |
| Message Size | 1 MB (64 KB for CloudEvents) | 256 KB (Standard), 100 MB (Premium) | 1 MB (Standard), 20 MB (Dedicated) |
| Retention | 24 hours (retry window) | Configurable (up to 14 days) | 1-90 days (based on tier) |
| Throughput | 10M events/sec per topic | 1000s of messages/sec | Millions of events/sec |
| Ordering Guarantee | No (best effort) | Yes (FIFO with sessions) | Yes (within partition) |
| Transactions | No | Yes (ACID transactions) | No |
| Pricing Model | Per operation ($0.60/million) | Per messaging unit + operations | Per throughput/capacity unit |
Choose Event Grid When...
- Building reactive, event-driven apps
- Responding to Azure resource changes
- Serverless architectures with Functions
- Fan-out to multiple subscribers
Choose Service Bus When...
- Requiring FIFO message ordering
- Implementing request/reply patterns
- Needing transactional processing
- Enterprise integration scenarios
Choose Event Hubs When...
- Ingesting millions of events/second
- Building analytics pipelines
- Requiring long-term event retention
- Processing with Apache Kafka
Common Azure Event Grid Use Cases
Event Grid powers serverless applications, IoT solutions, and enterprise automation at scale.
Serverless Application Architecture
Trigger Azure Functions, Logic Apps, and custom webhooks in response to events without managing infrastructure.
Example Scenarios:
- Image processing when blobs are uploaded
- Order processing pipelines
- Real-time notifications
- Workflow automation
IoT & Device Telemetry
Route device events from IoT Hub to downstream services for real-time processing and analytics.
Example Scenarios:
- Device state change notifications
- Telemetry data routing
- Alerting and monitoring
- Predictive maintenance triggers
Resource Change Automation
React to Azure resource changes (VM created, storage modified) for compliance, tagging, and automation.
Example Scenarios:
- Auto-tagging new resources
- Compliance policy enforcement
- Cost management alerts
- Backup automation
Application Events & Microservices
Decouple microservices with event-driven communication using custom topics and domain events.
Example Scenarios:
- Order placed events
- User registration notifications
- Inventory updates
- Cross-service communication
Azure Service Integrations
Event Grid connects seamlessly with Azure Functions, Logic Apps, and 20+ Azure services.
Azure Functions
Native Event Grid trigger binding for serverless event processing with automatic scaling.
Azure Logic Apps
Visual workflow designer with Event Grid connector for business process automation.
Azure Storage
System topics for blob created/deleted events, container changes, and data lifecycle.
Azure IoT Hub
Route device telemetry, lifecycle events, and twin changes through Event Grid.
Azure Event Hubs
Forward events to Event Hubs for big data pipelines and long-term retention.
Service Bus
Route events to Service Bus queues/topics for reliable enterprise messaging.
Security & Event Filtering
Enterprise-grade security with Azure AD, private endpoints, and granular event filtering.
Authentication & Authorization
- Azure AD authentication for publishers/subscribers
- Managed identities for secure access
- SAS tokens for webhook validation
- RBAC roles (Contributor, Data Sender, Data Receiver)
Event Filtering
- Subject prefix/suffix filtering
- Event type filtering
- Advanced filters on data properties
- Operators: equals, contains, in, isnotnull
Network Security
- Private endpoints for VNet isolation
- IP firewall rules
- Managed private link
- No public internet exposure option
Monitoring & Diagnostics
- Azure Monitor metrics and logs
- Dead-letter storage for failed deliveries
- Delivery attempt tracking
- Custom metric alerts
Advanced Filtering Example
{
"filter": {
"subjectBeginsWith": "/blobServices/default/containers/images/",
"subjectEndsWith": ".jpg",
"isNotNull": [
{ "key": "data.contentLength" }
],
"advancedFilters": [
{
"operatorType": "NumberGreaterThan",
"key": "data.contentLength",
"value": 1048576
},
{
"operatorType": "StringContains",
"key": "data.api",
"values": ["PutBlob", "CopyBlob"]
}
]
}
}This filter matches only JPEG images larger than 1MB uploaded via PutBlob or CopyBlob operations.
Enterprise Best Practices
Recommendations from EPC Group's Azure architects for production Event Grid deployments.
Use CloudEvents Schema
Adopt the CloudEvents 1.0 schema for interoperability and standardization across platforms.
Implement Idempotent Handlers
Design event handlers to process duplicate events safely, as Event Grid provides at-least-once delivery.
Configure Dead-Letter Destinations
Set up dead-letter storage (Azure Storage) to capture failed events for debugging and reprocessing.
Use Advanced Filtering
Filter events at the subscription level to reduce handler invocations and lower costs.
Secure Webhook Endpoints
Validate webhook endpoints using the Event Grid validation handshake or Azure AD authentication.
Monitor with Azure Monitor
Track publish success rate, delivery latency, and dead-lettered events with Azure Monitor alerts.
Production Checklist
- Configure dead-letter storage for failed events
- Set up Azure Monitor alerts for delivery failures
- Use managed identities for authentication
- Enable diagnostic logs for troubleshooting
- Implement retry-safe (idempotent) event handlers
- Use private endpoints for sensitive workloads
- Document event schemas and versioning strategy
- Test failover and dead-letter reprocessing
Azure Event Grid FAQs
Common questions about Event Grid architecture, pricing, security, and integration.
Q:What is Azure Event Grid and how does it work?
Azure Event Grid is a fully managed event routing service that uses a publish-subscribe model. Publishers (Azure services or custom applications) send events to topics, and Event Grid pushes those events to subscribers (Azure Functions, Logic Apps, webhooks, etc.) based on subscriptions and filters. It provides at-least-once delivery with automatic retry, supports millions of events per second, and charges only for operations used. Event Grid is ideal for building reactive, event-driven applications without managing messaging infrastructure.
Q:How much does Azure Event Grid cost?
Azure Event Grid pricing is straightforward: $0.60 per million operations after the first 100,000 free operations per month. Operations include event publishing, delivery attempts, and advanced filtering matches. For most applications, this results in extremely low costs. For example, 10 million events per month costs approximately $6. Event Grid Namespaces (with MQTT support) cost $0.48 per million operations plus throughput unit charges. There are no upfront costs, minimum commitments, or infrastructure management fees.
Q:When should I use Event Grid vs Service Bus vs Event Hubs?
Use Event Grid for event-driven reactive programming where you need to trigger actions in response to state changes (blob uploaded, resource created, custom domain events). Use Service Bus when you need enterprise messaging with FIFO ordering, transactions, sessions, and dead-letter queues for reliable command/request processing. Use Event Hubs for high-volume telemetry and streaming scenarios (millions of events/second) with long-term retention and batch processing. Many architectures use all three: Event Grid for event routing, Service Bus for reliable messaging, and Event Hubs for analytics pipelines.
Q:Does Azure Event Grid guarantee message ordering?
No, Azure Event Grid does not guarantee message ordering. Events may arrive at subscribers in a different order than they were published. If your application requires strict ordering, consider: (1) including sequence numbers in event data and reordering in the handler, (2) using Service Bus with sessions for FIFO guarantees, or (3) using Event Hubs with partition keys for per-partition ordering. Event Grid is optimized for high throughput and low latency rather than strict ordering.
Q:How do I secure Azure Event Grid webhooks?
Secure Event Grid webhooks using multiple methods: (1) Validation handshake - Event Grid sends a validation request with a code that your endpoint must echo back to prove ownership. (2) Azure AD authentication - Configure Event Grid to include Azure AD tokens in requests, and validate them in your handler. (3) Secret headers - Include a shared secret in the webhook URL or headers. (4) Private endpoints - Use Azure Private Link to keep traffic within your VNet. (5) IP filtering - Restrict webhook access to Event Grid IP ranges. For production, combine Azure AD authentication with private endpoints for defense in depth.
Q:What happens when Event Grid cannot deliver an event?
Event Grid implements exponential backoff retry with up to 24 hours of attempts for HTTP webhooks. Retry intervals start at 10 seconds and increase to 1 hour maximum. If all retries fail, the event is dead-lettered to an Azure Storage container (if configured) for later analysis or reprocessing. Dead-letter events include original event data plus error information. For Azure destinations (Functions, Logic Apps, Event Hubs), Event Grid retries continuously for 24 hours. Configure dead-letter destinations and Azure Monitor alerts to track delivery failures.
Q:Can I use Azure Event Grid with on-premises systems?
Yes, Azure Event Grid can integrate with on-premises systems through several patterns: (1) Webhooks - Expose on-premises endpoints via Azure API Management, Application Gateway, or a reverse proxy with proper security. (2) Hybrid Connections - Use Azure Relay Hybrid Connections to receive events without opening inbound firewall ports. (3) Event Grid Namespaces - Use MQTT protocol for IoT/OT scenarios with devices behind firewalls. (4) Azure Functions proxy - Deploy a Function that receives events and forwards to on-premises via VPN/ExpressRoute. Always secure these connections with authentication, encryption, and network isolation.
Build Event-Driven Applications with Azure
Partner with EPC Group to architect and implement Azure Event Grid solutions for your enterprise. 28+ years Microsoft expertise, Fortune 500 trust.