The bug:

A policy using an event grid function in Azure + the management group environment variable appears to send multiple emails (one email for every subscription within the management group) to the Storage account queue for sendgrid to pick up

Steps to reproduce the behavior:

Create the following policy:

vars:
  email-notify: &email-notify
  - type: notify
    template: default.html
    priority_header: '2'
    to:
      - myEmail@myCompany.com
    transport:
      type: asq
      queue: https://myEmailQueue.queue.core.windows.net/taskqueue

policies:
- name: vms-with-public-ip
  description: Finds new Virtual Machines with public IP addresses
  resource: azure.vm
  mode:
    type: azure-event-grid
    events:
      - resourceProvider: Microsoft.Compute/virtualMachines
        event: write
  filters:
  - type: network-interface
    key: 'properties.ipConfigurations[].properties.publicIPAddress.id'
    value: not-null
  actions:
  - <<: *email-notify
    subject: Custodian - New Virtual Machine Resource found with public IP
    violation_desc: 'Notification - The following VM was created with a public IP'
    to:
    - myEmail@myCompany.com

Expected behavior:

One email is received, not multiple

Background :

OS: I believe the docker image is debian buster-slim
Python Version: 3.7.x - whatever is deployed in the docker image with latest tag as of
Custodian Version: whatever is deployed in the docker image with latest tag as of 06/17/2020
Tool Version: N/A?
Cloud Provider: Azure
Policy: Please see above

cloud-custodian / cloud-custodian

Azure - Event Grid Functions using Management groups sends multiple emails #5869

The bug:

Steps to reproduce the behavior: