From f5eba007240b77f678eb789b5f07f2f8804dca15 Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Tue, 30 Aug 2022 21:35:16 +0200
Subject: [PATCH 01/14] [Modules] Updated ContainerRegistry/Registries to new
 dependency approach

---
 .../ms.containerregistry.registries.yml       |   3 +-
 .../.test/default/dependencies.bicep          |  42 +++
 .../.test/default/deploy.test.bicep           | 102 +++++++
 .../registries/.test/encr.parameters.json     |  29 --
 .../registries/.test/encr/dependencies.bicep  |  85 ++++++
 .../registries/.test/encr/deploy.test.bicep   |  59 ++++
 .../registries/.test/min.parameters.json      |   9 -
 .../registries/.test/min/deploy.test.bicep    |  37 +++
 .../registries/.test/parameters.json          |  87 ------
 .../registries/readme.md                      | 254 +++++++++---------
 utilities/tools/Set-ModuleReadMe.ps1          |   6 +-
 11 files changed, 456 insertions(+), 257 deletions(-)
 create mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/default/dependencies.bicep
 create mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/default/deploy.test.bicep
 delete mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/encr.parameters.json
 create mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep
 create mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
 delete mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/min.parameters.json
 create mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
 delete mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/parameters.json

diff --git a/.github/workflows/ms.containerregistry.registries.yml b/.github/workflows/ms.containerregistry.registries.yml
index 8d0ea9e6c5..b7deab4d1f 100644
--- a/.github/workflows/ms.containerregistry.registries.yml
+++ b/.github/workflows/ms.containerregistry.registries.yml
@@ -106,8 +106,7 @@ jobs:
       - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
         uses: ./.github/actions/templates/validateModuleDeployment
         with:
-          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-          parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
           location: '${{ env.location }}'
           resourceGroupName: '${{ env.resourceGroupName }}'
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/default/dependencies.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/default/dependencies.bicep
new file mode 100644
index 0000000000..a7cc224d87
--- /dev/null
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/default/dependencies.bicep
@@ -0,0 +1,42 @@
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Virtual Network to create.')
+param virtualNetworkName string
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+    name: virtualNetworkName
+    location: location
+    properties: {
+        addressSpace: {
+            addressPrefixes: [
+                '10.0.0.0/24'
+            ]
+        }
+        subnets: [
+            {
+                name: 'defaultSubnet'
+                properties: {
+                    addressPrefix: '10.0.0.0/24'
+                }
+            }
+        ]
+    }
+}
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+    name: managedIdentityName
+    location: location
+}
+
+@description('The resource ID of the created Virtual Network Subnet.')
+output subnetResourceId string = virtualNetwork.properties.subnets[0].id
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
+
+@description('The resource ID of the created Managed Identity.')
+output managedIdentityResourceId string = managedIdentity.id
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/default/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/default/deploy.test.bicep
new file mode 100644
index 0000000000..72b924f97b
--- /dev/null
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/default/deploy.test.bicep
@@ -0,0 +1,102 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for a testing purposes')
+@maxLength(90)
+param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints')
+param serviceShort string = 'crrdef'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    virtualNetworkName: 'dep-<<namePrefix>>-vnet-${serviceShort}'
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// Diagnostics
+// ===========
+module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnostic.dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-diagnosticDependencies'
+  params: {
+    storageAccountName: 'dep<<namePrefix>>diasa${serviceShort}01'
+    logAnalyticsWorkspaceName: 'dep-<<namePrefix>>-law-${serviceShort}'
+    eventHubNamespaceEventHubName: 'dep-<<namePrefix>>-evh-${serviceShort}'
+    eventHubNamespaceName: 'dep-<<namePrefix>>-evhns-${serviceShort}'
+    location: location
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    name: '<<namePrefix>>${serviceShort}001'
+    acrAdminUserEnabled: false
+    acrSku: 'Premium'
+    diagnosticLogsRetentionInDays: 7
+    diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId
+    diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId
+    diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId
+    diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName
+    exportPolicyStatus: 'enabled'
+    lock: 'CanNotDelete'
+    privateEndpoints: [
+      {
+        service: 'registry'
+        subnetResourceId: resourceGroupResources.outputs.subnetResourceId
+      }
+    ]
+    publicNetworkAccess: 'Disabled'
+    quarantinePolicyStatus: 'enabled'
+    replications: [
+      {
+        location: 'northeurope'
+        name: 'northeurope'
+      }
+    ]
+    roleAssignments: [
+      {
+        principalIds: [
+          resourceGroupResources.outputs.managedIdentityPrincipalId
+        ]
+        roleDefinitionIdOrName: 'Reader'
+      }
+    ]
+    systemAssignedIdentity: true
+    trustPolicyStatus: 'enabled'
+    userAssignedIdentities: {
+      '${resourceGroupResources.outputs.managedIdentityResourceId}': {}
+    }
+    webhooks: [
+      {
+        name: '<<namePrefix>>acrx001webhook'
+        serviceUri: 'https://www.contoso.com/webhook'
+      }
+    ]
+  }
+}
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/encr.parameters.json b/modules/Microsoft.ContainerRegistry/registries/.test/encr.parameters.json
deleted file mode 100644
index 2ed76c34cb..0000000000
--- a/modules/Microsoft.ContainerRegistry/registries/.test/encr.parameters.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "name": {
-            "value": "<<namePrefix>>azacrencr001"
-        },
-        "userAssignedIdentities": {
-            "value": {
-                "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001": {}
-            }
-        },
-        "publicNetworkAccess": {
-            "value": "Disabled"
-        },
-        "acrSku": {
-            "value": "Premium"
-        },
-        "cMKUserAssignedIdentityResourceId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001"
-        },
-        "cMKKeyVaultResourceId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<<namePrefix>>-az-kv-nopr-002"
-        },
-        "cMKKeyName": {
-            "value": "keyEncryptionKey"
-        }
-    }
-}
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep
new file mode 100644
index 0000000000..d8f9d790e3
--- /dev/null
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep
@@ -0,0 +1,85 @@
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Virtual Network to create.')
+param virtualNetworkName string
+
+@description('Required. The name of the Key Vault to create.')
+param keyVaultName string
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+    name: virtualNetworkName
+    location: location
+    properties: {
+        addressSpace: {
+            addressPrefixes: [
+                '10.0.0.0/24'
+            ]
+        }
+        subnets: [
+            {
+                name: 'defaultSubnet'
+                properties: {
+                    addressPrefix: '10.0.0.0/24'
+                }
+            }
+        ]
+    }
+}
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+    name: managedIdentityName
+    location: location
+}
+
+resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
+    name: keyVaultName
+    location: location
+    properties: {
+        sku: {
+            family: 'A'
+            name: 'standard'
+        }
+        tenantId: tenant().tenantId
+        enablePurgeProtection: true // Required by batch account
+        softDeleteRetentionInDays: 7
+        enabledForTemplateDeployment: true
+        enabledForDiskEncryption: true
+        enabledForDeployment: true
+        enableRbacAuthorization: true
+        accessPolicies: []
+    }
+
+    resource key 'keys@2022-07-01' = {
+        name: 'keyEncryptionKey'
+        properties: {
+            kty: 'RSA'
+        }
+    }
+}
+
+resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+    name: guid('msi-${managedIdentity.name}-KeyVault-${keyVault.name}-Key-${keyVault::key.name}-Read-RoleAssignment')
+    scope: keyVault::key
+    properties: {
+        principalId: managedIdentity.properties.principalId
+        // Key Vault Crypto User
+        roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '12338af0-0e69-4776-bea7-57ae8d297424')
+        principalType: 'ServicePrincipal'
+    }
+}
+
+@description('The resource ID of the created Virtual Network Subnet.')
+output subnetResourceId string = virtualNetwork.properties.subnets[0].id
+
+@description('The resource ID of the created Key Vault.')
+output keyVaultResourceId string = keyVault.id
+
+@description('The resource ID of the created Managed Identity.')
+output managedIdentityResourceId string = managedIdentity.id
+
+@description('The name of the Key Vault Encryption Key.')
+output keyVaultEncryptionKeyName string = keyVault::key.name
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
new file mode 100644
index 0000000000..36d07f259a
--- /dev/null
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
@@ -0,0 +1,59 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for a testing purposes')
+@maxLength(90)
+param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints')
+param serviceShort string = 'crrencr'
+
+@description('Generated. Used as a basis for unique resource names.')
+param baseTime string = utcNow('u')
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    virtualNetworkName: 'dep-<<namePrefix>>-vnet-${serviceShort}'
+    // Adding base time to make the name unique as purge protection must be enabled (but may not be longer than 24 characters total)
+    keyVaultName: 'dep-<<namePrefix>>-kv-${serviceShort}-${substring(uniqueString(baseTime), 0, 3)}'
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    name: '<<namePrefix>>${serviceShort}001'
+    acrSku: 'Premium'
+    cMKKeyName: resourceGroupResources.outputs.keyVaultEncryptionKeyName
+    cMKKeyVaultResourceId: resourceGroupResources.outputs.keyVaultResourceId
+    cMKUserAssignedIdentityResourceId: resourceGroupResources.outputs.managedIdentityResourceId
+    publicNetworkAccess: 'Disabled'
+    userAssignedIdentities: {
+      '${resourceGroupResources.outputs.managedIdentityResourceId}': {}
+    }
+  }
+}
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/min.parameters.json b/modules/Microsoft.ContainerRegistry/registries/.test/min.parameters.json
deleted file mode 100644
index 255a9ddfcf..0000000000
--- a/modules/Microsoft.ContainerRegistry/registries/.test/min.parameters.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "name": {
-            "value": "<<namePrefix>>azacrmin001"
-        }
-    }
-}
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
new file mode 100644
index 0000000000..236838945d
--- /dev/null
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
@@ -0,0 +1,37 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for a testing purposes')
+@maxLength(90)
+param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints')
+param serviceShort string = 'crrmin'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    name: '<<namePrefix>>${serviceShort}001'
+  }
+}
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/parameters.json b/modules/Microsoft.ContainerRegistry/registries/.test/parameters.json
deleted file mode 100644
index ca1df52de6..0000000000
--- a/modules/Microsoft.ContainerRegistry/registries/.test/parameters.json
+++ /dev/null
@@ -1,87 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "name": {
-            "value": "<<namePrefix>>azacrx001"
-        },
-        "lock": {
-            "value": "CanNotDelete"
-        },
-        "acrAdminUserEnabled": {
-            "value": false
-        },
-        "acrSku": {
-            "value": "Premium"
-        },
-        "exportPolicyStatus": {
-            "value": "enabled"
-        },
-        "quarantinePolicyStatus": {
-            "value": "enabled"
-        },
-        "trustPolicyStatus": {
-            "value": "enabled"
-        },
-        "replications": {
-            "value": [
-                {
-                    "name": "northeurope",
-                    "location": "northeurope"
-                }
-            ]
-        },
-        "webhooks": {
-            "value": [
-                {
-                    "name": "<<namePrefix>>azacrx001webhook",
-                    "serviceUri": "https://www.contoso.com/webhook"
-                }
-            ]
-        },
-        "roleAssignments": {
-            "value": [
-                {
-                    "roleDefinitionIdOrName": "Reader",
-                    "principalIds": [
-                        "<<deploymentSpId>>"
-                    ]
-                }
-            ]
-        },
-        "diagnosticLogsRetentionInDays": {
-            "value": 7
-        },
-        "diagnosticStorageAccountId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<<namePrefix>>azsax001"
-        },
-        "diagnosticWorkspaceId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<<namePrefix>>-az-law-x-001"
-        },
-        "diagnosticEventHubAuthorizationRuleId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<<namePrefix>>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey"
-        },
-        "diagnosticEventHubName": {
-            "value": "adp-<<namePrefix>>-az-evh-x-001"
-        },
-        "systemAssignedIdentity": {
-            "value": true
-        },
-        "userAssignedIdentities": {
-            "value": {
-                "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001": {}
-            }
-        },
-        "publicNetworkAccess": {
-            "value": "Disabled"
-        },
-        "privateEndpoints": {
-            "value": [
-                {
-                    "subnetResourceId": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<<namePrefix>>-az-vnet-x-001/subnets/<<namePrefix>>-az-subnet-x-005-privateEndpoints",
-                    "service": "registry"
-                }
-            ]
-        }
-    }
-}
diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md
index 8d8ef7c088..1d069b925a 100644
--- a/modules/Microsoft.ContainerRegistry/registries/readme.md
+++ b/modules/Microsoft.ContainerRegistry/registries/readme.md
@@ -348,138 +348,32 @@ The following module usage examples are retrieved from the content of the files
    >**Note**: The name of each example is based on the name of the file from which it is taken.
    >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.
 
-<h3>Example 1: Encr</h3>
+<h3>Example 1: Default</h3>
 
 <details>
 
 <summary>via Bicep module</summary>
 
 ```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-registries'
+module Registries './Microsoft.Containerregistry/Registries/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-crrdef'
   params: {
     // Required parameters
-    name: '<<namePrefix>>azacrencr001'
-    // Non-required parameters
-    acrSku: 'Premium'
-    cMKKeyName: 'keyEncryptionKey'
-    cMKKeyVaultResourceId: '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<<namePrefix>>-az-kv-nopr-002'
-    cMKUserAssignedIdentityResourceId: '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001'
-    publicNetworkAccess: 'Disabled'
-    userAssignedIdentities: {
-      '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001': {}
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<details>
-
-<summary>via JSON Parameter file</summary>
-
-```json
-{
-  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-  "contentVersion": "1.0.0.0",
-  "parameters": {
-    // Required parameters
-    "name": {
-      "value": "<<namePrefix>>azacrencr001"
-    },
-    // Non-required parameters
-    "acrSku": {
-      "value": "Premium"
-    },
-    "cMKKeyName": {
-      "value": "keyEncryptionKey"
-    },
-    "cMKKeyVaultResourceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<<namePrefix>>-az-kv-nopr-002"
-    },
-    "cMKUserAssignedIdentityResourceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001"
-    },
-    "publicNetworkAccess": {
-      "value": "Disabled"
-    },
-    "userAssignedIdentities": {
-      "value": {
-        "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001": {}
-      }
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<h3>Example 2: Min</h3>
-
-<details>
-
-<summary>via Bicep module</summary>
-
-```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-registries'
-  params: {
-    name: '<<namePrefix>>azacrmin001'
-  }
-}
-```
-
-</details>
-<p>
-
-<details>
-
-<summary>via JSON Parameter file</summary>
-
-```json
-{
-  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-  "contentVersion": "1.0.0.0",
-  "parameters": {
-    "name": {
-      "value": "<<namePrefix>>azacrmin001"
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<h3>Example 3: Parameters</h3>
-
-<details>
-
-<summary>via Bicep module</summary>
-
-```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-registries'
-  params: {
-    // Required parameters
-    name: '<<namePrefix>>azacrx001'
+    name: '<<namePrefix>>crrdef001'
     // Non-required parameters
     acrAdminUserEnabled: false
     acrSku: 'Premium'
-    diagnosticEventHubAuthorizationRuleId: '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<<namePrefix>>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey'
-    diagnosticEventHubName: 'adp-<<namePrefix>>-az-evh-x-001'
+    diagnosticEventHubAuthorizationRuleId: '<diagnosticEventHubAuthorizationRuleId>'
+    diagnosticEventHubName: '<diagnosticEventHubName>'
     diagnosticLogsRetentionInDays: 7
-    diagnosticStorageAccountId: '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<<namePrefix>>azsax001'
-    diagnosticWorkspaceId: '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<<namePrefix>>-az-law-x-001'
+    diagnosticStorageAccountId: '<diagnosticStorageAccountId>'
+    diagnosticWorkspaceId: '<diagnosticWorkspaceId>'
     exportPolicyStatus: 'enabled'
     lock: 'CanNotDelete'
     privateEndpoints: [
       {
         service: 'registry'
-        subnetResourceId: '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<<namePrefix>>-az-vnet-x-001/subnets/<<namePrefix>>-az-subnet-x-005-privateEndpoints'
+        subnetResourceId: '<subnetResourceId>'
       }
     ]
     publicNetworkAccess: 'Disabled'
@@ -493,7 +387,7 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
     roleAssignments: [
       {
         principalIds: [
-          '<<deploymentSpId>>'
+          '<managedIdentityPrincipalId>'
         ]
         roleDefinitionIdOrName: 'Reader'
       }
@@ -501,11 +395,11 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
     systemAssignedIdentity: true
     trustPolicyStatus: 'enabled'
     userAssignedIdentities: {
-      '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001': {}
+      '<managedIdentityResourceId>': {}
     }
     webhooks: [
       {
-        name: '<<namePrefix>>azacrx001webhook'
+        name: '<<namePrefix>>acrx001webhook'
         serviceUri: 'https://www.contoso.com/webhook'
       }
     ]
@@ -527,7 +421,7 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
   "parameters": {
     // Required parameters
     "name": {
-      "value": "<<namePrefix>>azacrx001"
+      "value": "<<namePrefix>>crrdef001"
     },
     // Non-required parameters
     "acrAdminUserEnabled": {
@@ -537,19 +431,19 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
       "value": "Premium"
     },
     "diagnosticEventHubAuthorizationRuleId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<<namePrefix>>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey"
+      "value": "<diagnosticEventHubAuthorizationRuleId>"
     },
     "diagnosticEventHubName": {
-      "value": "adp-<<namePrefix>>-az-evh-x-001"
+      "value": "<diagnosticEventHubName>"
     },
     "diagnosticLogsRetentionInDays": {
       "value": 7
     },
     "diagnosticStorageAccountId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<<namePrefix>>azsax001"
+      "value": "<diagnosticStorageAccountId>"
     },
     "diagnosticWorkspaceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<<namePrefix>>-az-law-x-001"
+      "value": "<diagnosticWorkspaceId>"
     },
     "exportPolicyStatus": {
       "value": "enabled"
@@ -561,7 +455,7 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
       "value": [
         {
           "service": "registry",
-          "subnetResourceId": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<<namePrefix>>-az-vnet-x-001/subnets/<<namePrefix>>-az-subnet-x-005-privateEndpoints"
+          "subnetResourceId": "<subnetResourceId>"
         }
       ]
     },
@@ -583,7 +477,7 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
       "value": [
         {
           "principalIds": [
-            "<<deploymentSpId>>"
+            "<managedIdentityPrincipalId>"
           ],
           "roleDefinitionIdOrName": "Reader"
         }
@@ -597,13 +491,13 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
     },
     "userAssignedIdentities": {
       "value": {
-        "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001": {}
+        "<managedIdentityResourceId>": {}
       }
     },
     "webhooks": {
       "value": [
         {
-          "name": "<<namePrefix>>azacrx001webhook",
+          "name": "<<namePrefix>>acrx001webhook",
           "serviceUri": "https://www.contoso.com/webhook"
         }
       ]
@@ -614,3 +508,109 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
 
 </details>
 <p>
+
+<h3>Example 2: Encr</h3>
+
+<details>
+
+<summary>via Bicep module</summary>
+
+```bicep
+module Registries './Microsoft.Containerregistry/Registries/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-crrencr'
+  params: {
+    // Required parameters
+    name: '<<namePrefix>>crrencr001'
+    // Non-required parameters
+    acrSku: 'Premium'
+    cMKKeyName: '<cMKKeyName>'
+    cMKKeyVaultResourceId: '<cMKKeyVaultResourceId>'
+    cMKUserAssignedIdentityResourceId: '<cMKUserAssignedIdentityResourceId>'
+    publicNetworkAccess: 'Disabled'
+    userAssignedIdentities: {
+      '<managedIdentityResourceId>': {}
+    }
+  }
+}
+```
+
+</details>
+<p>
+
+<details>
+
+<summary>via JSON Parameter file</summary>
+
+```json
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    // Required parameters
+    "name": {
+      "value": "<<namePrefix>>crrencr001"
+    },
+    // Non-required parameters
+    "acrSku": {
+      "value": "Premium"
+    },
+    "cMKKeyName": {
+      "value": "<cMKKeyName>"
+    },
+    "cMKKeyVaultResourceId": {
+      "value": "<cMKKeyVaultResourceId>"
+    },
+    "cMKUserAssignedIdentityResourceId": {
+      "value": "<cMKUserAssignedIdentityResourceId>"
+    },
+    "publicNetworkAccess": {
+      "value": "Disabled"
+    },
+    "userAssignedIdentities": {
+      "value": {
+        "<managedIdentityResourceId>": {}
+      }
+    }
+  }
+}
+```
+
+</details>
+<p>
+
+<h3>Example 3: Min</h3>
+
+<details>
+
+<summary>via Bicep module</summary>
+
+```bicep
+module Registries './Microsoft.Containerregistry/Registries/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-crrmin'
+  params: {
+    name: '<<namePrefix>>crrmin001'
+  }
+}
+```
+
+</details>
+<p>
+
+<details>
+
+<summary>via JSON Parameter file</summary>
+
+```json
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "name": {
+      "value": "<<namePrefix>>crrmin001"
+    }
+  }
+}
+```
+
+</details>
+<p>
diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1
index a1074fed21..6b922d65e8 100644
--- a/utilities/tools/Set-ModuleReadMe.ps1
+++ b/utilities/tools/Set-ModuleReadMe.ps1
@@ -883,9 +883,10 @@ function Set-DeploymentExamplesSection {
         ''
     )
 
+    $TextInfo = (Get-Culture -Name 'en-US').TextInfo
     $moduleRoot = Split-Path $TemplateFilePath -Parent
-    $resourceTypeIdentifier = $moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/')
-    $resourceType = $resourceTypeIdentifier.Split('/')[1]
+    $resourceTypeIdentifier = $TextInfo.ToTitleCase($moduleRoot.Replace('\', '/').Split('/modules/')[1].TrimStart('/'))
+    $resourceType = $TextInfo.ToTitleCase($resourceTypeIdentifier.Split('/')[1])
     $testFilePaths = Get-ModuleTestFileList -ModulePath $moduleRoot | ForEach-Object { Join-Path $moduleRoot $_ }
 
     $RequiredParametersList = $TemplateFileContent.parameters.Keys | Where-Object { $TemplateFileContent.parameters[$_].Keys -notcontains 'defaultValue' } | Sort-Object
@@ -906,7 +907,6 @@ function Set-DeploymentExamplesSection {
         } else {
             $exampleTitle = ((Split-Path $testFilePath -LeafBase) -replace '\.', ' ') -replace ' parameters', ''
         }
-        $TextInfo = (Get-Culture -Name 'en-US').TextInfo
         $exampleTitle = $TextInfo.ToTitleCase($exampleTitle)
         $SectionContent += @(
             '<h3>Example {0}: {1}</h3>' -f $pathIndex, $exampleTitle

From 585e2a37593488a269b0b58c7505c2b27c87e690 Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Thu, 1 Sep 2022 11:34:08 +0200
Subject: [PATCH 02/14] Update to latest

---
 .../registries/readme.md                      | 116 +-----------------
 1 file changed, 5 insertions(+), 111 deletions(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md
index b0d00798a4..b276810db0 100644
--- a/modules/Microsoft.ContainerRegistry/registries/readme.md
+++ b/modules/Microsoft.ContainerRegistry/registries/readme.md
@@ -355,117 +355,11 @@ The following module usage examples are retrieved from the content of the files
 <summary>via Bicep module</summary>
 
 ```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-Registries'
+module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-crrdef'
   params: {
     // Required parameters
-    name: '<<namePrefix>>azacrencr001'
-    // Non-required parameters
-    acrSku: 'Premium'
-    cMKKeyName: 'keyEncryptionKey'
-    cMKKeyVaultResourceId: '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<<namePrefix>>-az-kv-nopr-002'
-    cMKUserAssignedIdentityResourceId: '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001'
-    publicNetworkAccess: 'Disabled'
-    userAssignedIdentities: {
-      '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001': {}
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<details>
-
-<summary>via JSON Parameter file</summary>
-
-```json
-{
-  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-  "contentVersion": "1.0.0.0",
-  "parameters": {
-    // Required parameters
-    "name": {
-      "value": "<<namePrefix>>azacrencr001"
-    },
-    // Non-required parameters
-    "acrSku": {
-      "value": "Premium"
-    },
-    "cMKKeyName": {
-      "value": "keyEncryptionKey"
-    },
-    "cMKKeyVaultResourceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<<namePrefix>>-az-kv-nopr-002"
-    },
-    "cMKUserAssignedIdentityResourceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001"
-    },
-    "publicNetworkAccess": {
-      "value": "Disabled"
-    },
-    "userAssignedIdentities": {
-      "value": {
-        "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001": {}
-      }
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<h3>Example 2: Min</h3>
-
-<details>
-
-<summary>via Bicep module</summary>
-
-```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-Registries'
-  params: {
-    name: '<<namePrefix>>azacrmin001'
-  }
-}
-```
-
-</details>
-<p>
-
-<details>
-
-<summary>via JSON Parameter file</summary>
-
-```json
-{
-  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-  "contentVersion": "1.0.0.0",
-  "parameters": {
-    "name": {
-      "value": "<<namePrefix>>azacrmin001"
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<h3>Example 3: Parameters</h3>
-
-<details>
-
-<summary>via Bicep module</summary>
-
-```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-Registries'
-  params: {
-    // Required parameters
-    name: '<<namePrefix>>azacrx001'
+    name: '<<namePrefix>>crrdef001'
     // Non-required parameters
     acrAdminUserEnabled: false
     acrSku: 'Premium'
@@ -622,7 +516,7 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
 <summary>via Bicep module</summary>
 
 ```bicep
-module Registries './Microsoft.Containerregistry/Registries/deploy.bicep' = {
+module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
   name: '${uniqueString(deployment().name)}-test-crrencr'
   params: {
     // Required parameters
@@ -691,7 +585,7 @@ module Registries './Microsoft.Containerregistry/Registries/deploy.bicep' = {
 <summary>via Bicep module</summary>
 
 ```bicep
-module Registries './Microsoft.Containerregistry/Registries/deploy.bicep' = {
+module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
   name: '${uniqueString(deployment().name)}-test-crrmin'
   params: {
     name: '<<namePrefix>>crrmin001'

From 45b878b34f6d0a669ed5d450c3d5e4a21f43042e Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Sat, 3 Sep 2022 12:33:18 +0200
Subject: [PATCH 03/14] Update to latest

---
 .../registries/.test/encr/dependencies.bicep                    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep
index d8f9d790e3..641bfbe2fb 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/encr/dependencies.bicep
@@ -62,7 +62,7 @@ resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
 }
 
 resource keyPermissions 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-    name: guid('msi-${managedIdentity.name}-KeyVault-${keyVault.name}-Key-${keyVault::key.name}-Read-RoleAssignment')
+    name: guid('msi-${keyVault::key.id}-${location}-${managedIdentity.id}-Key-Reader-RoleAssignment')
     scope: keyVault::key
     properties: {
         principalId: managedIdentity.properties.principalId

From a9a56828daa01ef55d22eff9d99781a388652e3f Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Thu, 8 Sep 2022 19:03:52 +0200
Subject: [PATCH 04/14] Updated folder default to common.

---
 .../.test/{default => common}/dependencies.bicep          | 0
 .../.test/{default => common}/deploy.test.bicep           | 0
 modules/Microsoft.ContainerRegistry/registries/readme.md  | 8 ++++----
 3 files changed, 4 insertions(+), 4 deletions(-)
 rename modules/Microsoft.ContainerRegistry/registries/.test/{default => common}/dependencies.bicep (100%)
 rename modules/Microsoft.ContainerRegistry/registries/.test/{default => common}/deploy.test.bicep (100%)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/default/dependencies.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/common/dependencies.bicep
similarity index 100%
rename from modules/Microsoft.ContainerRegistry/registries/.test/default/dependencies.bicep
rename to modules/Microsoft.ContainerRegistry/registries/.test/common/dependencies.bicep
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/default/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
similarity index 100%
rename from modules/Microsoft.ContainerRegistry/registries/.test/default/deploy.test.bicep
rename to modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md
index b276810db0..5da344366b 100644
--- a/modules/Microsoft.ContainerRegistry/registries/readme.md
+++ b/modules/Microsoft.ContainerRegistry/registries/readme.md
@@ -348,14 +348,14 @@ The following module usage examples are retrieved from the content of the files
    >**Note**: The name of each example is based on the name of the file from which it is taken.
    >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.
 
-<h3>Example 1: Default</h3>
+<h3>Example 1: Common</h3>
 
 <details>
 
 <summary>via Bicep module</summary>
 
 ```bicep
-module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
+module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
   name: '${uniqueString(deployment().name)}-test-crrdef'
   params: {
     // Required parameters
@@ -516,7 +516,7 @@ module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
 <summary>via Bicep module</summary>
 
 ```bicep
-module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
+module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
   name: '${uniqueString(deployment().name)}-test-crrencr'
   params: {
     // Required parameters
@@ -585,7 +585,7 @@ module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
 <summary>via Bicep module</summary>
 
 ```bicep
-module Registries './Microsoft.ContainerRegistry/Registries/deploy.bicep' = {
+module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
   name: '${uniqueString(deployment().name)}-test-crrmin'
   params: {
     name: '<<namePrefix>>crrmin001'

From 7ae258303f8df815b47ed661780ef020ff6c77bc Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Fri, 9 Sep 2022 12:50:21 +0200
Subject: [PATCH 05/14] Update to latest

---
 .../registries/.test/common/deploy.test.bicep                 | 4 ++--
 .../registries/.test/encr/deploy.test.bicep                   | 2 +-
 .../registries/.test/min/deploy.test.bicep                    | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
index 72b924f97b..a24f9097a8 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
@@ -10,8 +10,8 @@ param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort
 @description('Optional. The location to deploy resources to')
 param location string = deployment().location
 
-@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints')
-param serviceShort string = 'crrdef'
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints')
+param serviceShort string = 'crrcom'
 
 // =========== //
 // Deployments //
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
index 36d07f259a..0d464392c0 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
@@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort
 @description('Optional. The location to deploy resources to')
 param location string = deployment().location
 
-@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints')
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints')
 param serviceShort string = 'crrencr'
 
 @description('Generated. Used as a basis for unique resource names.')
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
index 236838945d..5feb01b358 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
@@ -10,7 +10,7 @@ param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort
 @description('Optional. The location to deploy resources to')
 param location string = deployment().location
 
-@description('Optional. A short identifier for the kind of deployment .Should be kept short to not run into resource-name length-constraints')
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints')
 param serviceShort string = 'crrmin'
 
 // =========== //

From 2f07b8bcff81e9bc79227de82206a4a2d6d459e4 Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Fri, 9 Sep 2022 13:03:19 +0200
Subject: [PATCH 06/14] Update to latest

---
 .../registries/.test/common/deploy.test.bicep               | 6 +++---
 .../registries/.test/encr/deploy.test.bicep                 | 6 +++---
 .../registries/.test/min/deploy.test.bicep                  | 6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
index a24f9097a8..c5dde06d61 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
@@ -3,14 +3,14 @@ targetScope = 'subscription'
 // ========== //
 // Parameters //
 // ========== //
-@description('Optional. The name of the resource group to deploy for a testing purposes')
+@description('Optional. The name of the resource group to deploy for a testing purposes.')
 @maxLength(90)
 param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
 
-@description('Optional. The location to deploy resources to')
+@description('Optional. The location to deploy resources to.')
 param location string = deployment().location
 
-@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints')
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
 param serviceShort string = 'crrcom'
 
 // =========== //
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
index 0d464392c0..532e1b74af 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
@@ -3,14 +3,14 @@ targetScope = 'subscription'
 // ========== //
 // Parameters //
 // ========== //
-@description('Optional. The name of the resource group to deploy for a testing purposes')
+@description('Optional. The name of the resource group to deploy for a testing purposes.')
 @maxLength(90)
 param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
 
-@description('Optional. The location to deploy resources to')
+@description('Optional. The location to deploy resources to.')
 param location string = deployment().location
 
-@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints')
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
 param serviceShort string = 'crrencr'
 
 @description('Generated. Used as a basis for unique resource names.')
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
index 5feb01b358..9a93ae685e 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
@@ -3,14 +3,14 @@ targetScope = 'subscription'
 // ========== //
 // Parameters //
 // ========== //
-@description('Optional. The name of the resource group to deploy for a testing purposes')
+@description('Optional. The name of the resource group to deploy for a testing purposes.')
 @maxLength(90)
 param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
 
-@description('Optional. The location to deploy resources to')
+@description('Optional. The location to deploy resources to.')
 param location string = deployment().location
 
-@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints')
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
 param serviceShort string = 'crrmin'
 
 // =========== //

From 45f75c1bca5d73bd75925bac7a996325947cf19c Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Fri, 9 Sep 2022 13:40:34 +0200
Subject: [PATCH 07/14] Update to latest

---
 .../registries/.test/parameters.json          |  87 -------------
 .../registries/readme.md                      | 120 +-----------------
 2 files changed, 3 insertions(+), 204 deletions(-)
 delete mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/parameters.json

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/parameters.json b/modules/Microsoft.ContainerRegistry/registries/.test/parameters.json
deleted file mode 100644
index f390c7d265..0000000000
--- a/modules/Microsoft.ContainerRegistry/registries/.test/parameters.json
+++ /dev/null
@@ -1,87 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "name": {
-            "value": "<<namePrefix>>azacrx002"
-        },
-        "lock": {
-            "value": "CanNotDelete"
-        },
-        "acrAdminUserEnabled": {
-            "value": false
-        },
-        "acrSku": {
-            "value": "Premium"
-        },
-        "exportPolicyStatus": {
-            "value": "enabled"
-        },
-        "quarantinePolicyStatus": {
-            "value": "enabled"
-        },
-        "trustPolicyStatus": {
-            "value": "enabled"
-        },
-        "replications": {
-            "value": [
-                {
-                    "name": "northeurope",
-                    "location": "northeurope"
-                }
-            ]
-        },
-        "webhooks": {
-            "value": [
-                {
-                    "name": "<<namePrefix>>azacrx001webhook",
-                    "serviceUri": "https://www.contoso.com/webhook"
-                }
-            ]
-        },
-        "roleAssignments": {
-            "value": [
-                {
-                    "roleDefinitionIdOrName": "Reader",
-                    "principalIds": [
-                        "<<deploymentSpId>>"
-                    ]
-                }
-            ]
-        },
-        "diagnosticLogsRetentionInDays": {
-            "value": 7
-        },
-        "diagnosticStorageAccountId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Storage/storageAccounts/adp<<namePrefix>>azsax001"
-        },
-        "diagnosticWorkspaceId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<<namePrefix>>-az-law-x-001"
-        },
-        "diagnosticEventHubAuthorizationRuleId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.EventHub/namespaces/adp-<<namePrefix>>-az-evhns-x-001/AuthorizationRules/RootManageSharedAccessKey"
-        },
-        "diagnosticEventHubName": {
-            "value": "adp-<<namePrefix>>-az-evh-x-001"
-        },
-        "systemAssignedIdentity": {
-            "value": true
-        },
-        "userAssignedIdentities": {
-            "value": {
-                "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001": {}
-            }
-        },
-        "publicNetworkAccess": {
-            "value": "Disabled"
-        },
-        "privateEndpoints": {
-            "value": [
-                {
-                    "subnetResourceId": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<<namePrefix>>-az-vnet-x-001/subnets/<<namePrefix>>-az-subnet-x-005-privateEndpoints",
-                    "service": "registry"
-                }
-            ]
-        }
-    }
-}
diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md
index 4b5e405f4b..baf436650f 100644
--- a/modules/Microsoft.ContainerRegistry/registries/readme.md
+++ b/modules/Microsoft.ContainerRegistry/registries/readme.md
@@ -357,120 +357,10 @@ The following module usage examples are retrieved from the content of the files
 
 ```bicep
 module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-test-crrdef'
+  name: '${uniqueString(deployment().name)}-test-crrcom'
   params: {
     // Required parameters
-<<<<<<< HEAD
-    name: '<<namePrefix>>crrdef001'
-=======
-    name: '<<namePrefix>>azacrencr001'
-    // Non-required parameters
-    acrSku: 'Premium'
-    cMKKeyName: 'keyEncryptionKey'
-    cMKKeyVaultResourceId: '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<<namePrefix>>-az-kv-nopr-002'
-    cMKUserAssignedIdentityResourceId: '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001'
-    publicNetworkAccess: 'Disabled'
-    userAssignedIdentities: {
-      '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001': {}
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<details>
-
-<summary>via JSON Parameter file</summary>
-
-```json
-{
-  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-  "contentVersion": "1.0.0.0",
-  "parameters": {
-    // Required parameters
-    "name": {
-      "value": "<<namePrefix>>azacrencr001"
-    },
-    // Non-required parameters
-    "acrSku": {
-      "value": "Premium"
-    },
-    "cMKKeyName": {
-      "value": "keyEncryptionKey"
-    },
-    "cMKKeyVaultResourceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-<<namePrefix>>-az-kv-nopr-002"
-    },
-    "cMKUserAssignedIdentityResourceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001"
-    },
-    "publicNetworkAccess": {
-      "value": "Disabled"
-    },
-    "userAssignedIdentities": {
-      "value": {
-        "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-<<namePrefix>>-az-msi-x-001": {}
-      }
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<h3>Example 2: Min</h3>
-
-<details>
-
-<summary>via Bicep module</summary>
-
-```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-Registries'
-  params: {
-    name: '<<namePrefix>>azacrmin001'
-  }
-}
-```
-
-</details>
-<p>
-
-<details>
-
-<summary>via JSON Parameter file</summary>
-
-```json
-{
-  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-  "contentVersion": "1.0.0.0",
-  "parameters": {
-    "name": {
-      "value": "<<namePrefix>>azacrmin001"
-    }
-  }
-}
-```
-
-</details>
-<p>
-
-<h3>Example 3: Parameters</h3>
-
-<details>
-
-<summary>via Bicep module</summary>
-
-```bicep
-module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-Registries'
-  params: {
-    // Required parameters
-    name: '<<namePrefix>>azacrx002'
->>>>>>> main
+    name: '<<namePrefix>>crrcom001'
     // Non-required parameters
     acrAdminUserEnabled: false
     acrSku: 'Premium'
@@ -532,11 +422,7 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
   "parameters": {
     // Required parameters
     "name": {
-<<<<<<< HEAD
-      "value": "<<namePrefix>>crrdef001"
-=======
-      "value": "<<namePrefix>>azacrx002"
->>>>>>> main
+      "value": "<<namePrefix>>crrcom001"
     },
     // Non-required parameters
     "acrAdminUserEnabled": {

From dcf3b9dc92d5933d44ee3c6937e51ac3cd334cfb Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Mon, 19 Sep 2022 15:34:40 +0200
Subject: [PATCH 08/14] First commit

---
 utilities/tools/REST2CARML/Set-ModuleFolderData.ps1 | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 utilities/tools/REST2CARML/Set-ModuleFolderData.ps1

diff --git a/utilities/tools/REST2CARML/Set-ModuleFolderData.ps1 b/utilities/tools/REST2CARML/Set-ModuleFolderData.ps1
new file mode 100644
index 0000000000..5f282702bb
--- /dev/null
+++ b/utilities/tools/REST2CARML/Set-ModuleFolderData.ps1
@@ -0,0 +1 @@
+
\ No newline at end of file

From e89861b8a4ed3f8a60cf438b41849d7d6444ee64 Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Mon, 19 Sep 2022 21:12:01 +0200
Subject: [PATCH 09/14] Update to latest

---
 utilities/tools/REST2CARML/Set-ModuleFolderData.ps1 | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 utilities/tools/REST2CARML/Set-ModuleFolderData.ps1

diff --git a/utilities/tools/REST2CARML/Set-ModuleFolderData.ps1 b/utilities/tools/REST2CARML/Set-ModuleFolderData.ps1
deleted file mode 100644
index 5f282702bb..0000000000
--- a/utilities/tools/REST2CARML/Set-ModuleFolderData.ps1
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file

From 42636303dd619967c33c8a15c52672167449285d Mon Sep 17 00:00:00 2001
From: Alexander Sehr <ASehr@hotmail.de>
Date: Mon, 3 Oct 2022 11:40:15 +0200
Subject: [PATCH 10/14] Update
 modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep

Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com>
---
 .../registries/.test/common/deploy.test.bicep                   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
index 4d88dea039..42804e9ede 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/common/deploy.test.bicep
@@ -3,7 +3,7 @@ targetScope = 'subscription'
 // ========== //
 // Parameters //
 // ========== //
-@description('Optional. The name of the resource group to deploy for a testing purposes.')
+@description('Optional. The name of the resource group to deploy for testing purposes.')
 @maxLength(90)
 param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
 

From b20c55f037529370283bc78f557b0cdefe822aaf Mon Sep 17 00:00:00 2001
From: Alexander Sehr <ASehr@hotmail.de>
Date: Mon, 3 Oct 2022 11:40:26 +0200
Subject: [PATCH 11/14] Update
 modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep

Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com>
---
 .../registries/.test/min/deploy.test.bicep                      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
index 9a93ae685e..b4282f1122 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/min/deploy.test.bicep
@@ -3,7 +3,7 @@ targetScope = 'subscription'
 // ========== //
 // Parameters //
 // ========== //
-@description('Optional. The name of the resource group to deploy for a testing purposes.')
+@description('Optional. The name of the resource group to deploy for testing purposes.')
 @maxLength(90)
 param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
 

From 9e9856a5df364bdd5d62be3b56ebed9c812f438b Mon Sep 17 00:00:00 2001
From: Alexander Sehr <ASehr@hotmail.de>
Date: Mon, 3 Oct 2022 11:40:32 +0200
Subject: [PATCH 12/14] Update
 modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep

Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com>
---
 .../registries/.test/encr/deploy.test.bicep                     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
index 532e1b74af..73ec59e08e 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/encr/deploy.test.bicep
@@ -3,7 +3,7 @@ targetScope = 'subscription'
 // ========== //
 // Parameters //
 // ========== //
-@description('Optional. The name of the resource group to deploy for a testing purposes.')
+@description('Optional. The name of the resource group to deploy for testing purposes.')
 @maxLength(90)
 param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
 

From dc0ecda1e4cbe89faf843e1bc83cabfbc8595bd6 Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Mon, 3 Oct 2022 22:17:22 +0200
Subject: [PATCH 13/14] Updated PR test

---
 .../registries/.test/pe.parameters.json       | 25 --------
 .../registries/.test/pe/dependencies.bicep    | 47 +++++++++++++++
 .../registries/.test/pe/deploy.test.bicep     | 58 +++++++++++++++++++
 .../registries/readme.md                      | 14 ++---
 4 files changed, 112 insertions(+), 32 deletions(-)
 delete mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/pe.parameters.json
 create mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/pe/dependencies.bicep
 create mode 100644 modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/pe.parameters.json b/modules/Microsoft.ContainerRegistry/registries/.test/pe.parameters.json
deleted file mode 100644
index bef24d0f9b..0000000000
--- a/modules/Microsoft.ContainerRegistry/registries/.test/pe.parameters.json
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "name": {
-            "value": "<<namePrefix>>azacrpe001"
-        },
-        "acrSku": {
-            "value": "Premium"
-        },
-        "privateEndpoints": {
-            "value": [
-                {
-                    "subnetResourceId": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<<namePrefix>>-az-vnet-x-001/subnets/<<namePrefix>>-az-subnet-x-005-privateEndpoints",
-                    "service": "registry",
-                    "privateDnsZoneGroup": {
-                        "privateDNSResourceIds": [
-                            "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azurecr.io"
-                        ]
-                    }
-                }
-            ]
-        }
-    }
-}
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/pe/dependencies.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/pe/dependencies.bicep
new file mode 100644
index 0000000000..1a018e1d73
--- /dev/null
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/pe/dependencies.bicep
@@ -0,0 +1,47 @@
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Virtual Network to create.')
+param virtualNetworkName string
+
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+    name: virtualNetworkName
+    location: location
+    properties: {
+        addressSpace: {
+            addressPrefixes: [
+                '10.0.0.0/24'
+            ]
+        }
+        subnets: [
+            {
+                name: 'defaultSubnet'
+                properties: {
+                    addressPrefix: '10.0.0.0/24'
+                }
+            }
+        ]
+    }
+}
+
+resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
+    name: 'privatelink.azurecr.io'
+    location: 'global'
+
+    resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+        name: '${virtualNetwork.name}-vnetlink'
+        location: 'global'
+        properties: {
+            virtualNetwork: {
+                id: virtualNetwork.id
+            }
+            registrationEnabled: false
+        }
+    }
+}
+
+@description('The resource ID of the created Virtual Network Subnet.')
+output subnetResourceId string = virtualNetwork.properties.subnets[0].id
+
+@description('The resource ID of the created Private DNS Zone.')
+output privateDNSZoneResourceId string = privateDNSZone.id
diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep
new file mode 100644
index 0000000000..50a5b51c1d
--- /dev/null
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep
@@ -0,0 +1,58 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.containerregistry.registries-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'crrpe'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    virtualNetworkName: 'dep-<<namePrefix>>-vnet-${serviceShort}'
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    name: '<<namePrefix>>${serviceShort}001'
+    acrSku: 'Premium'
+    privateEndpoints: [
+      {
+        service: 'registry'
+        subnetResourceId: resourceGroupResources.outputs.subnetResourceId
+        privateDnsZoneGroup: {
+          privateDNSResourceIds: [
+            resourceGroupResources.outputs.privateDNSZoneResourceId
+          ]
+        }
+      }
+    ]
+  }
+}
diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md
index 33bf4b8f7b..87a71560a9 100644
--- a/modules/Microsoft.ContainerRegistry/registries/readme.md
+++ b/modules/Microsoft.ContainerRegistry/registries/readme.md
@@ -662,21 +662,21 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
 
 ```bicep
 module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-Registries'
+  name: '${uniqueString(deployment().name)}-test-crrpe'
   params: {
     // Required parameters
-    name: '<<namePrefix>>azacrpe001'
+    name: '<<namePrefix>>crrpe001'
     // Non-required parameters
     acrSku: 'Premium'
     privateEndpoints: [
       {
         privateDnsZoneGroup: {
           privateDNSResourceIds: [
-            '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azurecr.io'
+            '<privateDNSZoneResourceId>'
           ]
         }
         service: 'registry'
-        subnetResourceId: '/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<<namePrefix>>-az-vnet-x-001/subnets/<<namePrefix>>-az-subnet-x-005-privateEndpoints'
+        subnetResourceId: '<subnetResourceId>'
       }
     ]
   }
@@ -697,7 +697,7 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
   "parameters": {
     // Required parameters
     "name": {
-      "value": "<<namePrefix>>azacrpe001"
+      "value": "<<namePrefix>>crrpe001"
     },
     // Non-required parameters
     "acrSku": {
@@ -708,11 +708,11 @@ module registries './Microsoft.ContainerRegistry/registries/deploy.bicep' = {
         {
           "privateDnsZoneGroup": {
             "privateDNSResourceIds": [
-              "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/privateDnsZones/privatelink.azurecr.io"
+              "<privateDNSZoneResourceId>"
             ]
           },
           "service": "registry",
-          "subnetResourceId": "/subscriptions/<<subscriptionId>>/resourceGroups/validation-rg/providers/Microsoft.Network/virtualNetworks/adp-<<namePrefix>>-az-vnet-x-001/subnets/<<namePrefix>>-az-subnet-x-005-privateEndpoints"
+          "subnetResourceId": "<subnetResourceId>"
         }
       ]
     }

From 3a06e9b99de8c2d2f21c3c2137c9c84096128a29 Mon Sep 17 00:00:00 2001
From: MrMCake <asehr@hotmail.de>
Date: Mon, 3 Oct 2022 22:22:55 +0200
Subject: [PATCH 14/14] Cleanup

---
 .../registries/.test/pe/deploy.test.bicep                        | 1 -
 1 file changed, 1 deletion(-)

diff --git a/modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep b/modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep
index 50a5b51c1d..3be8432e61 100644
--- a/modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep
+++ b/modules/Microsoft.ContainerRegistry/registries/.test/pe/deploy.test.bicep
@@ -29,7 +29,6 @@ module resourceGroupResources 'dependencies.bicep' = {
   name: '${uniqueString(deployment().name, location)}-paramNested'
   params: {
     virtualNetworkName: 'dep-<<namePrefix>>-vnet-${serviceShort}'
-    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
   }
 }