Skip to main content

EVENT GRID

Pushing messages to system topics

We do this when the subscribers are azure resources. 

Create an azure function that gets triggered when txt files are uploaded to a blob container named container1.

Steps:

1. Create a storage account






2. Create a 2 containers , container1 and container2.


3. Create an azure function

Create a function app and create an event grid triggered function in it.





4. Create an event subscription for the storage account



Create filtering rules in the subscription such that only specific events trigger the azure function. When creating the new subscription we need to create a filter such that only txt files uploaded to container1 trigger the event which in turn would invoke the azure function.



When filtering message based on the container prepend /blobServices/default/containers/{containername}

5. Upload blobs to container1 and 2 of different file formats and notice that only txt file uploaded to container1 trigger the function.






We can do the same thing by going to the portal and creating a event grid system topic and then adding a subscription to it. The easier way is to go to the storage account and add an event subscription under the events menu.

Sending Messages to custom topics

 class Program
    {
        
        async static Task Main(string[] args)
        {
            string endpoint = "";
            string key = "";
            string topicHostName = new Uri(endpoint).Host;

            EventGridEvent acct = new EventGridEvent(
                id: Guid.NewGuid().ToString(), 
                subject: "New Account", 
                data: new {Message = "hi"}, 
                eventType: "NewAccountCreated", 
                eventTime: DateTime.Now, 
                dataVersion: "1.0");
            
            TopicCredentials credentials = new TopicCredentials(key);

            EventGridClient client = new EventGridClient(credentials);

            await client.PublishEventsAsync(topicHostName, new EventGridEvent[] { acct });
        }
    }

<ItemGroup>
    <PackageReference Include="Microsoft.Azure.EventGrid" Version="" />
  </ItemGroup>

Receiver

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using System.IO;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;

using Microsoft.Azure.EventGrid.Models;

using Newtonsoft.Json;
using Newtonsoft.Json.Linq;


namespace SendNotification.Controllers
{
    [ApiController]
    [Route("[controller]")]
    public class SendNotificationController : ControllerBase
    {
        // from example at: https://github.com/Azure-Samples/azure-event-grid-viewer/blob/main/viewer/Controllers/UpdatesController.cs
        private bool EventTypeSubcriptionValidation
            => HttpContext.Request.Headers["aeg-event-type"].FirstOrDefault() ==
               "SubscriptionValidation";

        private bool EventTypeNotification
            => HttpContext.Request.Headers["aeg-event-type"].FirstOrDefault() ==
               "Notification";

        private readonly ILogger<SendNotificationController> _logger;

        public SendNotificationController(ILogger<SendNotificationController> logger)
        {
            _logger = logger;
        }

        [HttpPost]
        public async Task<IActionResult> Post()
        {
            using (var requestStream = new StreamReader(Request.Body))
            {
                var bodyJson = await requestStream.ReadToEndAsync();

                var events = JsonConvert.DeserializeObject<List<EventGridEvent>>(bodyJson);
                                            
                if (EventTypeSubcriptionValidation)
                {                
                    var subValidationEventData = 
                        ((JObject)events.First().Data).ToObject<SubscriptionValidationEventData>();
                                        
                    return new OkObjectResult(
                        new SubscriptionValidationResponse(subValidationEventData.ValidationCode)
                    );
                }
                else if (EventTypeNotification) 
                {                
                    var notificationEvent = events.First();

                    _logger.LogInformation(notificationEvent.Subject);

                    return new OkResult();
                }
            }

            return new BadRequestResult();
        }
    }
}




Comments

Popular posts from this blog

Az-500 NSG and ASG

Application security groups Application security groups enable you to configure network security as a natural extension of an application's structure, allowing you to group virtual machines and define network security policies based on those groups. You can reuse your security policy at scale without manual maintenance of explicit IP addresses. The platform handles the complexity of explicit IP addresses and multiple rule sets, allowing you to focus on your business logic. To better understand application security groups, consider the following example: In the previous picture,  NIC1  and  NIC2  are members of the  AsgWeb  application security group.  NIC3  is a member of the  AsgLogic  application security group.  NIC4  is a member of the  AsgDb  application security group. Though each network interface in this example is a member of only one network security group, a network interface can be a member of multiple app...

App Role assignment to service principal --

 Using Ms Graph Rest API's Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see  Permissions . Permission type Permissions (from least to most privileged) Delegated (work or school account) AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All Delegated (personal Microsoft account) Not supported. Application AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All Create 2 app registrations. App role owner will contain the app role that will be assigned to a service principal. The  reader role in approleowner will be added to the approlesubscriber Setup postman to use the Oauth auth flow to get a token for MS Graph. ClientId:   Application (client) ID for approlesubscrib...

Get user groups

 string[] scopes = new string[] { "https://graph.microsoft.com/.default" };             string clientId = "";             string tenantId = "";             string secret = "";                        var options = new TokenCredentialOptions             {                 AuthorityHost = AzureAuthorityHosts.AzurePublicCloud             };             // https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential             try             {                 var clientSecretCredential = new ClientSecretCredential(                        ...