Event Grid Topic & Subscriptions
An Event Grid custom topic plus event subscriptions with an optional in-module Storage Queue target — SAS auth off (Entra ID), a system-assigned identity, and HTTPS-only TLS 1.2+ storage.
Verification
Live-testedReally deployed, verified, idempotent and destroyed in a cloud sandbox.
Conformance
- Static validation (fmt · validate · tflint)
- Security scan (Checkov)
- Plan tests (mocked: validation rules · outputs)
Provenance
- SHA-256 checksum
- Signature (pending)
Functional
- Live-tested — applied, verified, destroyed
Last verified 2026-06-30 · how we verify
Documentation
azure-event-grid
Event Grid custom topic plus event subscriptions, with an optional
in-module Storage Queue delivery target so a single apply gives you a
complete, working pub/sub pipeline. Subscriptions can target the created queue,
an existing Storage Queue, or an HTTPS webhook — with subject/event-type
filters, retry policy and an optional blob dead-letter destination. Consumes an
existing resource group. Secure by default: topic access-key (SAS) auth is
off (Entra-ID / managed-identity publishing), a system-assigned identity is
always created, and the queue Storage Account is HTTPS-only with TLS 1.2+, no
anonymous access and infrastructure (double) encryption. Works with Terraform
and OpenTofu (>= 1.6), azurerm provider >= 4.0, < 5.0.
Requirements
| Requirement | Version |
|---|---|
| Terraform / OpenTofu | >= 1.6 |
hashicorp/azurerm | >= 4.0, < 5.0 |
Verification
Static-validated (fmt, validate, tflint). Live apply/destroy testing pending cloud sandbox availability — see catalog status.
License
Commercial — IaC Bazaar EULA. © IaC Bazaar. Original work (not derived from a third-party module).
Usage code & full reference unlock after purchase
The complete copy-paste usage, the full input/output reference, and operational notes ship with your licence — shown here and bundled in the download.
- Usage
- Inputs
- Outputs
- Notes — the bits that trip people up