0

I am trying to setup Azure EventGrid for an Azure Subscription to get notified when a certain tag for a ressource has changed.

This is how I created the EventGrid Subscription:

$includedEventTypes  = , 'Microsoft.Resources.ResourceWriteSuccess'
New-AzEventGridSubscription `
  -EventSubscriptionName mySubscriptionName `
  -ResourceGroupName myResourceGroup `
  -Endpoint myEndpoint `
  -IncludedEventType $includedEventTypes

Now If I change a tag for example on an Azure Web App, I receive the following event:

{
  "subject": "/subscriptions/mySubId/resourceGroups/eventgrid/providers/Microsoft.Web/sites/wd-eventgrid-viewer",
  "eventType": "Microsoft.Resources.ResourceWriteSuccess",
  "eventTime": "2019-06-03T08:50:47.7469859Z",
  "id": "f193df79-6755-42c7-b663-91bc373a80e5",
  "data": {
    "authorization": {
      "scope": "/subscriptions/mySubId/resourceGroups/eventgrid/providers/Microsoft.Web/sites/wd-eventgrid-viewer",
      "action": "Microsoft.Web/sites/write",
      "evidence": {
        "role": "Subscription Admin"
      }
    },
    "claims": {
     ....
    },
    "correlationId": "9a1bb49f-9f39-4e98-918c-dfe0655b895a",
    "httpRequest": {
      "clientRequestId": "8bf9bfdb-6e65-4c55-84f2-3f4e05b340d0",
      "clientIpAddress": "......",
      "method": "PATCH",
      "url": "https://management.azure.com/subscriptions/mySubId/resourceGroups/eventgrid/providers/Microsoft.Web/sites/wd-eventgrid-viewer?api-version=2015-08-01"
    },
    "resourceProvider": "Microsoft.Web",
    "resourceUri": "/subscriptions/mySubId/resourceGroups/eventgrid/providers/Microsoft.Web/sites/wd-eventgrid-viewer",
    "operationName": "Microsoft.Web/sites/write",
    "status": "Succeeded",
    "subscriptionId": "mySubId",
    "tenantId": "...."
  },
  "dataVersion": "2",
  "metadataVersion": "1",
  "topic": "/subscriptions/mySubId"
}

Unfortunately, I don't see that a tag has changed nor do I see which tag has changed. Is there any way to receive which tag for a resource has changed or do I have to query the tags manually after the event?

Martin Brandl
  • 56,134
  • 13
  • 133
  • 172

1 Answers1

2

Azure Subscription Events are emitted either for Resource Actions, Deletes or Writes as documented.

You are only provided with the resource details which you will have to use to fetch the changes.

As you had thought, you would have to use these details with the Resources API to fetch the tags.

UPDATE: There is a new API to get resource changes which you can use to detect the exact changes made on a resource. Note that this feature is currently in public preview.

PramodValavala
  • 6,026
  • 1
  • 11
  • 30