Skip to article
Integration Event routing

Event Grid dead-letter destination

Event Grid dead-letter destination is a storage destination used by Azure Event Grid for events that cannot be delivered after retry or configuration handling. In Azure, it shows up when an event subscription needs a recoverable place for undelivered events instead of silently losing operational evidence. Teams use it to review event subscription dead-letter settings, storage account, blob container, identity or access method, retry policy, monitoring, retention, and processing runbook before changing production behavior. It is not a Service Bus dead-letter queue, handler retry loop, poison-message table, or general logging sink.

Source: Microsoft Learn - Event Grid message delivery and retry Reviewed 2026-05-14

Exam trap
Treating Event Grid dead-letter destination as a diagram label instead of checking the exact source resource ID, handler, identity, and event subscription.
Production check
Verify source resource ID, subscription name, destination type, delivery schema, filters, retry policy, and dead-letter settings.
Article details and learning context
Aliases
Event Grid dead letter destination, Event Grid dead-letter storage
Difficulty
intermediate
CLI mappings
5
Last verified
2026-05-14

Understand the concept

Why it matters

Event Grid dead-letter destination matters because Event Grid workflows fail in ways that are easy to misread: a publisher can succeed while a handler never receives the event, a filter can exclude the right payload, or an identity change can turn delivery into repeated failures. Clear vocabulary keeps architects, developers, operators, security reviewers, and business owners aligned on the exact routing behavior. It also improves change review because teams can ask who owns the setting, which events are affected, which handler depends on it, and what evidence proves the current state before a release, incident, audit, or cost review. This keeps ownership, evidence, change control, and customer impact visible before the next production decision.

Official wording and source

Event Grid dead-letter destination is a storage destination used by Azure Event Grid for events that cannot be delivered after retry or configuration handling. Microsoft Learn places it in Event Grid message delivery and retry; operators confirm scope, configuration, dependencies, and production impact.

Open Microsoft Learn

Technical context

Technically, Event Grid dead-letter destination sits inside the Azure Event Grid control plane and runtime delivery path. The main moving parts are event subscription, delivery retry policy, destination endpoint, storage account, blob container, managed identity, access role, dead-letter metrics, and replay procedure. It is usually created or inspected through the Azure portal, ARM or Bicep, REST, and Azure CLI. Production teams should connect the configured resource ID, schema choice, endpoint behavior, identity, logs, and metrics so troubleshooting can move from an architecture diagram to verifiable Azure evidence.

Exam context

Compare with

Where it is used

Where you see it

  1. Event subscription properties show a dead-letter destination, storage resource ID, container name, identity selection, retry settings, and expiration values that govern failed delivery handling during production review.
  2. Blob containers receive dead-lettered event payloads when endpoint deletion, authorization failure, filtering mistakes, or handler outages prevent normal delivery after Event Grid processing during production review.
  3. Metrics and alerts for delivery failure, dead-letter count, and endpoint errors help operators confirm whether failures are recoverable events or permanently dropped messages during production review.

Common situations

  • Inspect where undelivered events are stored.
  • Verify storage permissions for dead-letter delivery.
  • Review dead-letter payloads before replaying or closing an incident.

Illustrative Azure scenarios

These examples show how the concept can affect design and operations. They are illustrative scenarios, not customer claims.

Scenario 01 Event Grid dead-letter destination in action for financial services Scenario, objectives, solution, measured impact, and takeaway.
Scenario

Pioneer Bank, a financial services organization, needed to solve a concrete production challenge: loan workflow events were occasionally lost when document-processing handlers were offline during maintenance. The platform team focused on Event Grid dead-letter destination so the event-driven workflow could be changed with measurable evidence instead of guesswork.

Goals
  • Retain undelivered workflow events for investigation
  • Give auditors a recoverable evidence trail
  • Cut manual rework after endpoint outages
  • Protect storage access with least privilege
Approach using Event Grid dead-letter destination

Architects configured a storage-backed dead-letter destination on critical event subscriptions. They tied the design to Event Grid topics or domains, event subscriptions, filters, delivery schema, destination handlers, Azure Monitor metrics, and approved runbooks. The implementation recorded the source resource ID, responsible owner, expected event types, sample payloads, identity or key choice, retry behavior, dead-letter plan, and rollback steps. Engineers first captured read-only CLI output and portal evidence, then deployed the approved configuration through infrastructure as code. During validation, the team tested successful delivery, endpoint failure, authorization failure, and payload mismatch so operators knew exactly which signal to check before making production changes.

Potential outcomes
  • Undelivered events were retained in approved blob storage.
  • Manual reconstruction of failed workflows fell by 55 percent.
  • Auditors received timestamped event evidence during review.
  • Managed identity access removed shared storage keys from the process.
What to learn

Event Grid dead-letter destination is valuable when teams connect event-routing design to live Azure configuration, observable evidence, and an accountable operating model.

Scenario 02 Event Grid dead-letter destination in action for ecommerce Scenario, objectives, solution, measured impact, and takeaway.
Scenario

BrightCart Retail, a ecommerce organization, needed to solve a concrete production challenge: order routing subscriptions failed during promotional spikes, leaving support unsure which events needed replay. The platform team focused on Event Grid dead-letter destination so the event-driven workflow could be changed with measurable evidence instead of guesswork.

Goals
  • Store failed order events for replay review
  • Alert support before customer-impacting backlog grows
  • Separate transient handler errors from permanent misconfiguration
  • Reduce missed fulfillment updates
Approach using Event Grid dead-letter destination

The team designed the solution around dead-letter destination as an explicit production control, not just a diagram term. They mapped publisher responsibilities, subscription settings, handler ownership, filters, schema expectations, retry handling, dead-letter storage, and security permissions. Azure Monitor dashboards tracked published, matched, delivered, failed, and dead-lettered events. The change package included sample events, CLI evidence, access review notes, and an incident procedure. Mutating commands were blocked without approval, while read-only commands became the first step for support engineers validating whether Event Grid, the handler, or a downstream dependency caused the issue.

Potential outcomes
  • Dead-letter count alerts exposed a handler outage in seven minutes.
  • Replay candidates were identified without querying application databases.
  • Missed fulfillment updates dropped by 48 percent.
  • Permanent endpoint deletion was caught before the next campaign.
What to learn

Event Grid dead-letter destination is valuable when teams connect event-routing design to live Azure configuration, observable evidence, and an accountable operating model.

Scenario 03 Event Grid dead-letter destination in action for public sector permits Scenario, objectives, solution, measured impact, and takeaway.
Scenario

CivicWorks Online, a public sector permits organization, needed to solve a concrete production challenge: permit status notifications required recoverability when third-party inspection systems rejected events. The platform team focused on Event Grid dead-letter destination so the event-driven workflow could be changed with measurable evidence instead of guesswork.

Goals
  • Preserve rejected permit events for compliance review
  • Document who may inspect and replay payloads
  • Shorten outage recovery after partner downtime
  • Prevent broad access to citizen data
Approach using Event Grid dead-letter destination

Engineers implemented Event Grid dead-letter destination with a small reference architecture before rolling it into production. The reference included a source event, configured subscription, approved handler, test payload, monitored metric, and documented failure path. Security reviewed identity and payload access. Operations reviewed alert thresholds, dead-letter handling, and replay ownership. Developers updated handler tests to match the selected event schema and filter behavior. After deployment, daily checks compared expected event volume with matched and delivered counts so the team could catch drift before customers noticed missing or delayed automation.

Potential outcomes
  • Partner downtime recovery dropped from four hours to forty minutes.
  • Storage RBAC limited payload access to the integration support group.
  • Compliance reviewers accepted the dead-letter runbook.
  • No permit events were silently dropped during quarterly failover testing.
What to learn

Event Grid dead-letter destination is valuable when teams connect event-routing design to live Azure configuration, observable evidence, and an accountable operating model.

Azure CLI

Azure CLI is useful for Event Grid dead-letter destination because it gives operators reproducible evidence for the source, subscription, handler, schema, filter, retry, identity, and metrics before any mutating change is approved.

Useful for

  • Inspect where undelivered events are stored.
  • Verify storage permissions for dead-letter delivery.
  • Review dead-letter payloads before replaying or closing an incident.

Before you run a command

  • Confirm the tenant, subscription, resource group, source resource ID, handler, and environment are the intended production or nonproduction scope.
  • Capture read-only evidence first, including current event subscriptions, filters, schema, retry, dead-letter, identity, and recent delivery metrics.
  • Get approval before create, update, delete, key, identity, role assignment, or endpoint changes because those actions can reroute or stop events.

What the output tells you

  • Resource IDs, endpoints, schemas, filters, identities, and retry settings show what Event Grid is configured to do right now.
  • Metrics and logs show whether events are being published, matched, delivered, failed, retried, or dead-lettered after recent changes.
  • Role assignment and identity output shows whether delivery failures are likely authorization problems rather than application defects.

Mapped commands

Event Grid operational checks

direct
az eventgrid event-subscription show --name <subscription-name> --source-resource-id <source-resource-id>
az eventgrid event-subscriptiondiscoverIntegration
az eventgrid event-subscription update --name <subscription-name> --source-resource-id <source-resource-id> --deadletter-endpoint <storage-container-resource-id>
az eventgrid event-subscriptionconfigureIntegration
az storage blob list --account-name <storage-account> --container-name <container> --output table
az storage blobdiscoverIntegration
az monitor metrics list --resource <event-grid-resource-id> --metric DeadLetteredCount --interval PT1H
az monitor metricsdiscoverIntegration
az role assignment list --scope <storage-account-resource-id> --output table
az role assignmentdiscoverStorage

Architecture context

Event Grid dead-letter destination belongs in the Event Grid routing architecture with explicit publishers, subscriptions, handlers, filters, schemas, retry policy, dead-lettering, identity, monitoring, and rollback ownership.

Security
Security for Event Grid dead-letter destination starts with knowing which identity, key, role assignment, endpoint, or storage resource can publish, configure, receive, or recover events. Avoid anonymous delivery paths where a managed identity, Microsoft Entra protected endpoint, or least-privilege Azure RBAC role is appropriate. Protect event payloads because metadata and data fields can expose tenant IDs, object names, user activity, or business workflow details. Review Activity Log changes, role assignments, private endpoint requirements, and diagnostic settings before production updates. For regulated data, document who can view dead-letter payloads and who may replay or reprocess them. This keeps ownership, evidence, change control, and customer impact visible before the next production decision.
Cost
Cost for Event Grid dead-letter destination usually comes from event operations, handler executions, downstream queue or stream processing, storage for dead-letter payloads, logging, alerting, and repeated retry activity. A small event route can become expensive when noisy publishers, broad filters, duplicate subscriptions, or failing handlers multiply delivery attempts. Review expected event rate, matched event count, failed delivery count, log retention, and downstream execution cost together. Use tags, budgets, and ownership labels so cost analysis can distinguish planned integration volume from accidental fan-out or retry storms. Retire unused subscriptions and test topics before they become permanent background spend. This keeps ownership, evidence, change control, and customer impact visible before the next production decision.
Reliability
Reliability for Event Grid dead-letter destination depends on accurate source routing, compatible event schema, healthy handlers, retry behavior, dead-letter handling, and clear monitoring. Event Grid can accept an event while downstream processing still fails, so success must be measured across publish, match, delivery, and handler processing stages. Test endpoint outage, authorization failure, malformed payload, noisy publisher, and filter drift scenarios before relying on the workflow. Keep replay and cleanup procedures documented. During incidents, compare recent Activity Log entries, handler logs, Event Grid metrics, and dead-letter contents before changing routing or retry settings. This keeps ownership, evidence, change control, and customer impact visible before the next production decision.
Performance
Performance for Event Grid dead-letter destination is about how quickly relevant events move from publisher to handler without creating avoidable fan-out, parsing, or retry delay. Broad filters, slow endpoints, oversized payloads, schema mismatches, cold-starting functions, or throttled downstream services can turn near-real-time routing into delayed processing. Measure publish latency, matched event rate, delivery success, handler duration, and retry patterns together. Design handlers to acknowledge events quickly, offload long work where needed, and scale independently. Use Event Hubs, Service Bus, or queues when buffering is more important than immediate handler execution. This keeps ownership, evidence, change control, and customer impact visible before the next production decision.
Operations
Operations for Event Grid dead-letter destination should be runbook-driven. The runbook needs the resource ID, owner, environment, publisher, handler, schema, filter, retry policy, dead-letter location, dashboards, and first read-only CLI commands. Operators should know which metric proves publish volume, which metric proves matching, and which log proves delivery failure. Change tickets should include expected event types, sample payloads, rollback instructions, and who can approve mutating commands. When support receives an alert, the first task is to locate the exact subscription or topic, not to restart every dependent service. This keeps ownership, evidence, change control, and customer impact visible before the next production decision.

Common mistakes

  • Treating Event Grid dead-letter destination as a diagram label instead of checking the exact source resource ID, handler, identity, and event subscription.
  • Changing filters, retry, schema, or destination settings before saving read-only evidence and confirming the approved rollback path.
  • Assuming publisher success means end-to-end success even when the handler is failing, throttled, unauthorized, or receiving the wrong schema.