From af927852107637818e98a36e5d2106e40cb3c40e Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Thu, 3 Nov 2022 16:40:26 +0100
Subject: [PATCH 1/8] testfiles

---
 .../.test/common/dependencies.bicep           | 13 +++++
 .../.test/common/deploy.test.bicep            | 53 +++++++++++++++++++
 2 files changed, 66 insertions(+)
 create mode 100644 modules/Microsoft.Security/azureSecurityCenter/.test/common/dependencies.bicep
 create mode 100644 modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep

diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/common/dependencies.bicep b/modules/Microsoft.Security/azureSecurityCenter/.test/common/dependencies.bicep
new file mode 100644
index 0000000000..cc24476629
--- /dev/null
+++ b/modules/Microsoft.Security/azureSecurityCenter/.test/common/dependencies.bicep
@@ -0,0 +1,13 @@
+@description('Optional. The location to deploy to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Log Analytics Workspace to create.')
+param logAnalyticsWorkspaceName string
+
+resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2021-06-01' = {
+    name: logAnalyticsWorkspaceName
+    location: location
+}
+
+@description('The resource ID of the created Log Analytics Workspace.')
+output logAnalyticsWorkspaceResourceId string = logAnalyticsWorkspace.id
diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
new file mode 100644
index 0000000000..d42ed21860
--- /dev/null
+++ b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
@@ -0,0 +1,53 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.insights.components-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'iccom'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    logAnalyticsWorkspaceName: 'dep-<<namePrefix>>-law-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  // scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    scope: '/subscriptions/<<subscriptionId>>'
+    workspaceId: resourceGroupResources.outputs.logAnalyticsWorkspaceResourceId
+    securityContactProperties: {
+      alertNotifications: 'Off'
+      alertsToAdmins: 'Off'
+      email: 'foo@contoso.com'
+      phone: '+12345678'
+    }
+
+  }
+}

From dce1351c41c79e2a6f3f570094371ad932ea7c05 Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Thu, 3 Nov 2022 16:41:54 +0100
Subject: [PATCH 2/8] remove param

---
 .../.test/common/deploy.test.bicep            |  3 +--
 .../azureSecurityCenter/.test/parameters.json | 20 -------------------
 2 files changed, 1 insertion(+), 22 deletions(-)
 delete mode 100644 modules/Microsoft.Security/azureSecurityCenter/.test/parameters.json

diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
index d42ed21860..4f0502e44b 100644
--- a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
@@ -40,7 +40,7 @@ module testDeployment '../../deploy.bicep' = {
   // scope: resourceGroup
   name: '${uniqueString(deployment().name)}-test-${serviceShort}'
   params: {
-    scope: '/subscriptions/<<subscriptionId>>'
+    scope: subscription().subscriptionId
     workspaceId: resourceGroupResources.outputs.logAnalyticsWorkspaceResourceId
     securityContactProperties: {
       alertNotifications: 'Off'
@@ -48,6 +48,5 @@ module testDeployment '../../deploy.bicep' = {
       email: 'foo@contoso.com'
       phone: '+12345678'
     }
-
   }
 }
diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/parameters.json b/modules/Microsoft.Security/azureSecurityCenter/.test/parameters.json
deleted file mode 100644
index cfa02a1ddc..0000000000
--- a/modules/Microsoft.Security/azureSecurityCenter/.test/parameters.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "scope": {
-            "value": "/subscriptions/<<subscriptionId>>"
-        },
-        "securityContactProperties": {
-            "value": {
-                "email": "foo@contoso.com",
-                "phone": "+12345678",
-                "alertNotifications": "Off",
-                "alertsToAdmins": "Off"
-            }
-        },
-        "workspaceId": {
-            "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<<namePrefix>>-az-law-x-001"
-        }
-    }
-}

From 4aa9db071cd896a4aebe9027659249f8a6a8c350 Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Thu, 3 Nov 2022 16:43:06 +0100
Subject: [PATCH 3/8] shortid

---
 .../azureSecurityCenter/.test/common/deploy.test.bicep          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
index 4f0502e44b..0054b0756d 100644
--- a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
@@ -11,7 +11,7 @@ param resourceGroupName string = 'ms.insights.components-${serviceShort}-rg'
 param location string = deployment().location
 
 @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
-param serviceShort string = 'iccom'
+param serviceShort string = 'sasccom'
 
 // =========== //
 // Deployments //

From 926e5c6e26399ffd40338057caedc9e068dc0675 Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Thu, 3 Nov 2022 16:44:55 +0100
Subject: [PATCH 4/8] pipeline

---
 .github/workflows/ms.security.azuresecuritycenter.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/ms.security.azuresecuritycenter.yml b/.github/workflows/ms.security.azuresecuritycenter.yml
index c3e9ee978d..7a931edf5f 100644
--- a/.github/workflows/ms.security.azuresecuritycenter.yml
+++ b/.github/workflows/ms.security.azuresecuritycenter.yml
@@ -106,8 +106,7 @@ jobs:
       - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
         uses: ./.github/actions/templates/validateModuleDeployment
         with:
-          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-          parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
           location: '${{ env.location }}'
           resourceGroupName: '${{ env.resourceGroupName }}'
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'

From 4967da4034ed56c4e0a0f5b7e6e74853bcd6ef1e Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Thu, 3 Nov 2022 16:47:32 +0100
Subject: [PATCH 5/8] readme

---
 .../azureSecurityCenter/readme.md                  | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/modules/Microsoft.Security/azureSecurityCenter/readme.md b/modules/Microsoft.Security/azureSecurityCenter/readme.md
index 96c45b4c96..112890b6e5 100644
--- a/modules/Microsoft.Security/azureSecurityCenter/readme.md
+++ b/modules/Microsoft.Security/azureSecurityCenter/readme.md
@@ -108,7 +108,7 @@ The following module usage examples are retrieved from the content of the files
 
    >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.
 
-<h3>Example 1: Parameters</h3>
+<h3>Example 1: Common</h3>
 
 <details>
 
@@ -116,12 +116,10 @@ The following module usage examples are retrieved from the content of the files
 
 ```bicep
 module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-AzureSecurityCenter'
+  name: '${uniqueString(deployment().name)}-test-sasccom'
   params: {
     // Required parameters
-    scope: '/subscriptions/<<subscriptionId>>'
-    workspaceId: '/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<<namePrefix>>-az-law-x-001'
-    // Non-required parameters
+    workspaceId: '<workspaceId>'
     securityContactProperties: {
       alertNotifications: 'Off'
       alertsToAdmins: 'Off'
@@ -145,13 +143,9 @@ module azureSecurityCenter './Microsoft.Security/azureSecurityCenter/deploy.bice
   "contentVersion": "1.0.0.0",
   "parameters": {
     // Required parameters
-    "scope": {
-      "value": "/subscriptions/<<subscriptionId>>"
-    },
     "workspaceId": {
-      "value": "/subscriptions/<<subscriptionId>>/resourcegroups/validation-rg/providers/microsoft.operationalinsights/workspaces/adp-<<namePrefix>>-az-law-x-001"
+      "value": "<workspaceId>"
     },
-    // Non-required parameters
     "securityContactProperties": {
       "value": {
         "alertNotifications": "Off",

From d70579c954a68ff252b56908ff5a96dfc84b57dc Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Thu, 3 Nov 2022 16:51:03 +0100
Subject: [PATCH 6/8] rgname

---
 .../azureSecurityCenter/.test/common/deploy.test.bicep          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
index 0054b0756d..6a4223d5b4 100644
--- a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
@@ -5,7 +5,7 @@ targetScope = 'subscription'
 // ========== //
 @description('Optional. The name of the resource group to deploy for testing purposes.')
 @maxLength(90)
-param resourceGroupName string = 'ms.insights.components-${serviceShort}-rg'
+param resourceGroupName string = 'ms.security.azureSecurityCenter-${serviceShort}-rg'
 
 @description('Optional. The location to deploy resources to.')
 param location string = deployment().location

From 7f233c1ee2ac1a9769c0efcf33779764305e4533 Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Fri, 4 Nov 2022 11:09:22 +0100
Subject: [PATCH 7/8] scope

---
 .../azureSecurityCenter/.test/common/deploy.test.bicep          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
index 6a4223d5b4..a2632d91d5 100644
--- a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
@@ -40,7 +40,7 @@ module testDeployment '../../deploy.bicep' = {
   // scope: resourceGroup
   name: '${uniqueString(deployment().name)}-test-${serviceShort}'
   params: {
-    scope: subscription().subscriptionId
+    scope: '/subscriptions/${subscription().subscriptionId}'
     workspaceId: resourceGroupResources.outputs.logAnalyticsWorkspaceResourceId
     securityContactProperties: {
       alertNotifications: 'Off'

From 6b59d61b9d1aa47c3eebac5a28ea1638e5e24502 Mon Sep 17 00:00:00 2001
From: Erika Gressi <erikag@microsoft.com>
Date: Fri, 4 Nov 2022 11:45:09 +0100
Subject: [PATCH 8/8] cleanup

---
 .../azureSecurityCenter/.test/common/deploy.test.bicep           | 1 -
 1 file changed, 1 deletion(-)

diff --git a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
index a2632d91d5..7ae31d9e81 100644
--- a/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
+++ b/modules/Microsoft.Security/azureSecurityCenter/.test/common/deploy.test.bicep
@@ -37,7 +37,6 @@ module resourceGroupResources 'dependencies.bicep' = {
 // ============== //
 
 module testDeployment '../../deploy.bicep' = {
-  // scope: resourceGroup
   name: '${uniqueString(deployment().name)}-test-${serviceShort}'
   params: {
     scope: '/subscriptions/${subscription().subscriptionId}'