Cloud Drops - Building an Event-Driven workflow with Event Grid
Event-driven architectures decouple producers from consumers, making them a natural fit for serverless consumption models where you pay only when work is being done. This Cloud Drop builds a real image-processing workflow step by step:
- Source storage account — a Blob Storage container called
imageswhere uploads trigger events. - Queue storage account — a Storage Queue (
work-in-progress) that acts as a durable buffer guaranteeing at-least-once processing. - Event Grid system topic + subscription — created on the source storage account, filtered by subject (
/blobServices/default/containers/images) so only image-container blob-created events are forwarded; the event handler is set to the Storage Queue. - System-managed identity + RBAC — the Event Grid system topic’s managed identity is assigned the Storage Queue Data Message Sender role on the queue storage account, eliminating stored credentials.
- Azure Function queue trigger — consumes and removes messages from the queue, with Application Insights showing execution logs.
The demo also verifies subject filtering by uploading to the thumbnails container and confirming no extra messages appear in the queue, and discusses dead-lettering, retry policies, and the important distinctions between Azure Storage Queues and Azure Service Bus Queues for message-processing guarantees.
Related Content
9 - Building smart Integration Solutions with Microsoft Azure
Building cloud integration solutions means choosing the right messaging and eventing tools — and understanding the critical difference between an event and a message. In this episode, Chris is joined by Ezhilarasi Chezhiyan, Technical Lead at Serverless360 (Kovai.co), to explore Azure's serverless integration landscape: Logic Apps, Azure Functions, Service Bus, Event Grid, and Event Hubs. The discussion covers cloud design patterns including queue-based load leveling, competing consumers, dead letter queues, retry policies, and circuit breakers — plus the observability gap that tools like Serverless360 fill when Azure Monitor falls short for business-level monitoring.
Cloud Drops - Beginners guide to PowerShell in Azure Functions
Azure Functions supports PowerShell Core as a runtime stack, enabling PowerShell scripters to build serverless event-driven workflows without compiled code. This Cloud Drop demonstrates creating an HTTP trigger and an Event Grid trigger function, configuring requirements.psd1 to load the Az PowerShell module, and using a system-assigned managed identity with the Contributor RBAC role to dynamically tag Azure resource groups on creation.
33 - External Config and Claim Check Pattern - Easier Management and Externalising Payloads
Chris and Peter cover two cloud design patterns in depth. The External Configuration Store pattern addresses one of the most critical security concerns in cloud development: keeping secrets and connection strings out of source code. They explore Azure Key Vault and Azure App Configuration as canonical implementations, discuss deployment slot behaviour, and highlight the risks of committing credentials to version control. The Claim Check pattern tackles a different challenge — what happens when your message payload exceeds the size limits of your messaging infrastructure (Azure Service Bus, Azure Queue Storage)? By externalising the payload to a data store and passing only a correlation ID on the queue, you gain scalability and flexibility at the cost of added latency. Azure Event Grid's automatic claim check generation is also demonstrated. Security is a thread running through both patterns: compromised config stores and poisoned messages both demand an operational response plan.