diff --git a/docs/content/en/docs/Rules/_index.md b/docs/content/en/docs/Rules/_index.md
index 3d698db9..2151f29e 100644
--- a/docs/content/en/docs/Rules/_index.md
+++ b/docs/content/en/docs/Rules/_index.md
@@ -68,246 +68,247 @@ Azure Quick Review uses the following rules to identify Azure resources that may
 58 | apim-009 | Security | TLS | APIM should only accept a minimum of TLS 1.2 | High | [Learn](https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-manage-protocols-ciphers)
 59 | apim-010 | Security | Cyphers | APIM should should not accept weak or deprecated ciphers. | High | [Learn](https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-manage-protocols-ciphers)
 60 | apim-011 | Security | Certificates | APIM: Renew expiring certificates | High | [Learn](https://learn.microsoft.com/en-us/azure/api-management/configure-custom-domain?tabs=custom)
-61 | appcs-001 | Reliability | Diagnostic Logs | AppConfiguration should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/monitor-app-configuration?tabs=portal)
-62 | appcs-003 | Reliability | SLA | AppConfiguration should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/app-configuration/)
-63 | appcs-004 | Security | Private Endpoint | AppConfiguration should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/concept-private-endpoint)
-64 | appcs-005 | Reliability | SKU | AppConfiguration SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/app-configuration/)
-65 | appcs-006 | Operational Excellence | Naming Convention (CAF) | AppConfiguration Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-66 | appcs-007 | Operational Excellence | Tags | AppConfiguration should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-67 | appcs-008 | Security | Identity and Access Control | AppConfiguration should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/howto-disable-access-key-authentication?tabs=portal#disable-access-key-authentication)
-68 | appcs-009 | Reliability | Reliability | AppConfiguration should have purge protection enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/concept-soft-delete#purge-protection)
-69 | appi-001 | Reliability | SLA | Azure Application Insights SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/application-insights/index.html)
-70 | appi-002 | Operational Excellence | Naming Convention (CAF) | Azure Application Insights Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-71 | appi-003 | Operational Excellence | Tags | Azure Application Insights should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-72 | appi-004 | Reliability | Reliability | Azure Application Insights should store data in a Log Analytics Workspace | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-monitor/app/create-workspace-resource)
-73 | cae-001 | Reliability | Diagnostic Logs | Container Apps Environment should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/log-options#diagnostic-settings)
-74 | cae-002 | Reliability | Availability Zones | Container Apps Environment should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/disaster-recovery?tabs=bash#set-up-zone-redundancy-in-your-container-apps-environment)
-75 | cae-003 | Reliability | SLA | Container Apps Environment should have a SLA | High | [Learn](https://azure.microsoft.com/en-us/support/legal/sla/container-apps/v1_0/)
-76 | cae-004 | Security | Private Endpoint | Container Apps Environment should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/vnet-custom-internal?tabs=bash&pivots=azure-portal)
-77 | cae-006 | Operational Excellence | Naming Convention (CAF) | Container Apps Environment Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-78 | cae-007 | Operational Excellence | Tags | Container Apps Environment should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-79 | ca-003 | Reliability | SLA | ContainerApp should have a SLA | High | [Learn](https://azure.microsoft.com/en-us/support/legal/sla/container-apps/v1_0/)
-80 | ca-006 | Operational Excellence | Naming Convention (CAF) | ContainerApp Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-81 | ca-007 | Operational Excellence | Tags | ContainerApp should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-82 | ca-008 | Security | HTTPS Only | ContainerApp should not allow insecure ingress traffic | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/ingress-how-to?pivots=azure-cli)
-83 | ca-009 | Security | Identity and Access Control | ContainerApp should use Managed Identities | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/managed-identity?tabs=portal%2Cdotnet)
-84 | ca-010 | Reliability | Reliability | ContainerApp should use Azure Files to persist container data | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/storage-mounts?pivots=azure-cli)
-85 | ca-011 | Reliability | Reliability | ContainerApp should avoid using session affinity | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/sticky-sessions?pivots=azure-portal)
-86 | ci-002 | Reliability | Availability Zones | ContainerInstance should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-instances/availability-zones)
-87 | ci-003 | Reliability | SLA | ContainerInstance should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/container-instances/v1_0/index.html)
-88 | ci-004 | Security | Private IP Address | ContainerInstance should use private IP addresses | High | [Learn]()
-89 | ci-005 | Reliability | SKU | ContainerInstance SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/container-instances/)
-90 | ci-006 | Operational Excellence | Naming Convention (CAF) | ContainerInstance Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-91 | ci-007 | Operational Excellence | Tags | ContainerInstance should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-92 | cog-001 | Reliability | Diagnostic Logs | Cognitive Service Account should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/monitor-event-hubs#collection-and-routing)
-93 | cog-003 | Reliability | SLA | Cognitive Service Account should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
-94 | cog-004 | Security | Private Endpoint | Cognitive Service Account should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/cognitive-services/cognitive-services-virtual-networks)
-95 | cog-005 | Reliability | SKU | Cognitive Service Account SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/templates/microsoft.cognitiveservices/accounts?pivots=deployment-language-bicep#sku)
-96 | cog-006 | Operational Excellence | Naming Convention (CAF) | Cognitive Service Account Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-97 | cog-007 | Operational Excellence | Tags | Cognitive Service Account should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-98 | cog-008 | Security | Identity and Access Control | Cognitive Service Account should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/ai-services/policy-reference#azure-ai-services)
-99 | cosmos-001 | Reliability | Diagnostic Logs | CosmosDB should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/monitor-resource-logs)
-100 | cosmos-002 | Reliability | Availability Zones | CosmosDB should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/high-availability)
-101 | cosmos-003 | Reliability | SLA | CosmosDB should have a SLA | High | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/high-availability#slas)
-102 | cosmos-004 | Security | Private Endpoint | CosmosDB should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-configure-private-endpoints)
-103 | cosmos-005 | Reliability | SKU | CosmosDB SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/cosmos-db/autoscale-provisioned/)
-104 | cosmos-006 | Operational Excellence | Naming Convention (CAF) | CosmosDB Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-105 | cosmos-007 | Operational Excellence | Tags | CosmosDB should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-106 | cr-001 | Reliability | Diagnostic Logs | ContainerRegistry should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/monitor-service)
-107 | cr-002 | Reliability | Availability Zones | ContainerRegistry should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/zone-redundancy)
-108 | cr-003 | Reliability | SLA | ContainerRegistry should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/container-registry/)
-109 | cr-004 | Security | Private Endpoint | ContainerRegistry should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-private-link)
-110 | cr-005 | Reliability | SKU | ContainerRegistry SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-skus)
-111 | cr-006 | Operational Excellence | Naming Convention (CAF) | ContainerRegistry Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-112 | cr-007 | Security | Identity and Access Control | ContainerRegistry should have anonymous pull access disabled | Medium | [Learn](https://learn.microsoft.com/azure/container-registry/anonymous-pull-access#configure-anonymous-pull-access)
-113 | cr-008 | Security | Identity and Access Control | ContainerRegistry should have the Administrator account disabled | Medium | [Learn](https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity)
-114 | cr-009 | Operational Excellence | Tags | ContainerRegistry should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-115 | cr-010 | Operational Excellence | Retention Policies | ContainerRegistry should use retention policies | Medium | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-retention-policy)
-116 | dec-001 | Reliability | Diagnostic Logs | Azure Data Explorer should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/using-diagnostic-logs)
-117 | dec-002 | Reliability | SLA | Azure Data Explorer SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services)
-118 | dec-003 | Reliability | SKU | Azure Data Explorer Production Cluster should not use Dev SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/manage-cluster-choose-sku)
-119 | dec-004 | Operational Excellence | Naming Convention (CAF) | Azure Data Explorer Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-120 | dec-005 | Operational Excellence | Tags | Azure Data Explorer should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-121 | dec-008 | Security | Disk Encryption | Azure Data Explorer should use Disk Encryption | High | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/cluster-encryption-overview)
-122 | dec-009 | Security | Identity and Access Control | Azure Data Explorer should use Managed Identities | Low | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/configure-managed-identities-cluster?tabs=portal)
-123 | evgd-001 | Reliability | Diagnostic Logs | Event Grid Domain should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-grid/diagnostic-logs)
-124 | evgd-003 | Reliability | SLA | Event Grid Domain should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/event-grid/)
-125 | evgd-004 | Security | Private Endpoint | Event Grid Domain should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/event-grid/configure-private-endpoints)
-126 | evgd-005 | Reliability | SKU | Event Grid Domain SKU | High | [Learn](https://azure.microsoft.com/en-gb/pricing/details/event-grid/)
-127 | evgd-006 | Operational Excellence | Naming Convention (CAF) | Event Grid Domain Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-128 | evgd-007 | Operational Excellence | Tags | Event Grid Domain should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-129 | evgd-008 | Security | Identity and Access Control | Event Grid Domain should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-grid/authenticate-with-access-keys-shared-access-signatures)
-130 | evh-001 | Reliability | Diagnostic Logs | Event Hub Namespace should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/monitor-event-hubs#collection-and-routing)
-131 | evh-002 | Reliability | Availability Zones | Event Hub Namespace should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/event-hubs-premium-overview#high-availability-with-availability-zones)
-132 | evh-003 | Reliability | SLA | Event Hub Namespace should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/event-hubs/)
-133 | evh-004 | Security | Private Endpoint | Event Hub Namespace should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/network-security)
-134 | evh-005 | Reliability | SKU | Event Hub Namespace SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/compare-tiers)
-135 | evh-006 | Operational Excellence | Naming Convention (CAF) | Event Hub Namespace Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-136 | evh-007 | Operational Excellence | Tags | Event Hub should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-137 | evh-008 | Security | Identity and Access Control | Event Hub should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/authorize-access-event-hubs#shared-access-signatures)
-138 | kv-001 | Reliability | Diagnostic Logs | Key Vault should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault)
-139 | kv-003 | Reliability | SLA | Key Vault should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/key-vault/)
-140 | kv-004 | Security | Private Endpoint | Key Vault should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/private-link-service)
-141 | kv-005 | Reliability | SKU | Key Vault SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/key-vault/)
-142 | kv-006 | Operational Excellence | Naming Convention (CAF) | Key Vault Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-143 | kv-007 | Operational Excellence | Tags | Key Vault should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-144 | kv-008 | Reliability | Reliability | Key Vault should have soft delete enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview)
-145 | kv-009 | Reliability | Reliability | Key Vault should have purge protection enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview#purge-protection)
-146 | lb-001 | Reliability | Diagnostic Logs | Load Balancer should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/monitor-load-balancer#creating-a-diagnostic-setting)
-147 | lb-002 | Reliability | Availability Zones | Load Balancer should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-availability-zones#zone-redundant)
-148 | lb-003 | Reliability | SLA | Load Balancer should have a SLA | High | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/skus)
-149 | lb-005 | Reliability | SKU | Load Balancer SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/skus)
-150 | lb-006 | Operational Excellence | Naming Convention (CAF) | Load Balancer Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-151 | lb-007 | Operational Excellence | Tags | Load Balancer should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-152 | logic-001 | Reliability | Diagnostic Logs | Logic App should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/monitor-workflows-collect-diagnostic-data)
-153 | logic-003 | Reliability | SLA | Logic App should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
-154 | logic-004 | Security | Firewall | Logic App should limit access to Http Triggers | High | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app?tabs=azure-portal#restrict-access-by-ip-address-range)
-155 | logic-006 | Operational Excellence | Naming Convention (CAF) | Logic App Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-156 | logic-007 | Operational Excellence | Tags | Logic App should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-157 | maria-001 | Reliability | Diagnostic Logs | MariaDB should have diagnostic settings enabled | Medium | [Learn]()
-158 | maria-002 | Security | Private Endpoint | MariaDB should have private endpoints enabled | High | [Learn]()
-159 | maria-003 | Operational Excellence | Naming Convention (CAF) | MariaDB server Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-160 | maria-004 | Reliability | SLA | MariaDB server should have a SLA | High | [Learn]()
-161 | maria-005 | Operational Excellence | Tags | MariaDB should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-162 | maria-006 | Security | TLS | MariaDB should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/mariadb/howto-tls-configurations)
-163 | mysqlf-001 | Reliability | Diagnostic Logs | Azure Database for MySQL - Flexible Server should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/tutorial-query-performance-insights#set-up-diagnostics)
-164 | mysqlf-002 | Reliability | Availability Zones | Azure Database for MySQL - Flexible Server should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/how-to-configure-high-availability-cli)
-165 | mysqlf-003 | Reliability | SLA | Azure Database for MySQL - Flexible Server should have a SLA | High | [Learn](hhttps://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
-166 | mysqlf-004 | Security | Private IP Address | Azure Database for MySQL - Flexible Server should have private access enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/how-to-manage-virtual-network-cli)
-167 | mysqlf-005 | Reliability | SKU | Azure Database for MySQL - Flexible Server SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/concepts-service-tiers-storage)
-168 | mysqlf-006 | Operational Excellence | Naming Convention (CAF) | Azure Database for MySQL - Flexible Server Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-169 | mysqlf-007 | Operational Excellence | Tags | Azure Database for MySQL - Flexible Server should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-170 | mysql-001 | Reliability | Diagnostic Logs | Azure Database for MySQL - Flexible Server should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/concepts-monitoring#server-logs)
-171 | mysql-003 | Reliability | SLA | Azure Database for MySQL - Flexible Server should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/mysql/)
-172 | mysql-004 | Security | Private Endpoint | Azure Database for MySQL - Flexible Server should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/concepts-data-access-security-private-link)
-173 | mysql-005 | Reliability | SKU | Azure Database for MySQL - Flexible Server SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/concepts-pricing-tiers)
-174 | mysql-006 | Operational Excellence | Naming Convention (CAF) | Azure Database for MySQL - Flexible Server Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-175 | mysql-007 | Reliability | SKU | Azure Database for MySQL - Single Server is on the retirement path | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/whats-happening-to-mysql-single-server)
-176 | mysql-008 | Operational Excellence | Tags | Azure Database for MySQL - Single Server should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-177 | app-001 | Reliability | Diagnostic Logs | App Service should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs#send-logs-to-azure-monitor)
-178 | app-004 | Security | Private Endpoint | App Service should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/networking/private-endpoint)
-179 | app-006 | Operational Excellence | Naming Convention (CAF) | App Service Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-180 | app-007 | Security | HTTPS Only | App Service should use HTTPS only | High | [Learn](https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https)
-181 | app-008 | Operational Excellence | Tags | App Service should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-182 | app-009 | Security | Networking | App Service should use VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
-183 | app-010 | Security | Networking | App Service should have VNET Route all enabled for VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
-184 | app-011 | Security | TLS | App Service should use TLS 1.2 | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-tls)
-185 | app-012 | Security | Security | App Service remote debugging should be disabled | High | [Learn](https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging-azure-app-service?view=vs-2022#enable-remote-debugging)
-186 | app-013 | Reliability | Reliability | Function should avoid using Client Affinity | Medium | [Learn](https://learn.microsoft.com/en-us/azure/well-architected/service-guides/azure-app-service/reliability#checklist)
-187 | app-014 | Security | Security | App Service should have Always On enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/configure-common?tabs=portal)
-188 | app-015 | Reliability | Reliability | App Service should avoid using Client Affinity | Medium | [Learn](https://learn.microsoft.com/en-us/azure/well-architected/service-guides/azure-app-service/reliability#checklist)
-189 | app-016 | Security | Identity and Access Control | App Service should use Managed Identities | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp)
-190 | asp-001 | Reliability | Diagnostic Logs | Plan should have diagnostic settings enabled | Medium | [Learn]()
-191 | asp-002 | Reliability | Availability Zones | Plan should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/reliability/migrate-app-service)
-192 | asp-003 | Reliability | SLA | Plan should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/app-service/)
-193 | asp-005 | Reliability | SKU | Plan SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-hosting-plans)
-194 | asp-006 | Operational Excellence | Naming Convention (CAF) | Plan Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-195 | asp-007 | Operational Excellence | Tags | Plan should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-196 | func-001 | Reliability | Diagnostic Logs | Function should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-functions/functions-monitor-log-analytics?tabs=csharp)
-197 | func-004 | Security | Private Endpoint | Function should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-functions/functions-create-vnet)
-198 | func-006 | Operational Excellence | Naming Convention (CAF) | Function Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-199 | func-007 | Security | HTTPS Only | Function should use HTTPS only | High | [Learn](https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https)
-200 | func-008 | Operational Excellence | Tags | Function should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-201 | func-009 | Security | Networking | Function should use VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
-202 | func-010 | Security | Networking | Function should have VNET Route all enabled for VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
-203 | func-011 | Security | TLS | Function should use TLS 1.2 | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-tls)
-204 | func-012 | Security | Security | Function remote debugging should be disabled | Medium | [Learn](https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging-azure-app-service?view=vs-2022#enable-remote-debugging)
-205 | func-014 | Security | Identity and Access Control | Function should use Managed Identities | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp)
-206 | logics-001 | Reliability | Diagnostic Logs | Logic App should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/monitor-workflows-collect-diagnostic-data)
-207 | logics-004 | Security | Private Endpoint | Logic App should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/secure-single-tenant-workflow-virtual-network-private-endpoint)
-208 | logics-006 | Operational Excellence | Naming Convention (CAF) | Logic App Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-209 | logics-007 | Security | HTTPS Only | Logic App should use HTTPS only | High | [Learn](https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https)
-210 | logics-008 | Operational Excellence | Tags | Logic App should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-211 | logics-009 | Security | Networking | Logic App should use VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
-212 | logics-010 | Security | Networking | Logic App should have VNET Route all enabled for VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
-213 | logics-011 | Security | TLS | Logic App should use TLS 1.2 | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-tls)
-214 | logics-012 | Security | Security | Logic App remote debugging should be disabled | Medium | [Learn](https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging-azure-app-service?view=vs-2022#enable-remote-debugging)
-215 | logics-013 | Reliability | Reliability | Logic App should avoid using Client Affinity | Medium | [Learn](https://learn.microsoft.com/en-us/azure/well-architected/service-guides/azure-app-service/reliability#checklist)
-216 | logics-014 | Security | Identity and Access Control | Logic App should use Managed Identities | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp)
-217 | psqlf-001 | Reliability | Diagnostic Logs | PostgreSQL should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/howto-configure-and-access-logs)
-218 | psqlf-002 | Reliability | Availability Zones | PostgreSQL should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/overview#architecture-and-high-availability)
-219 | psqlf-003 | Reliability | SLA | PostgreSQL should have a SLA | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-compare-single-server-flexible-server)
-220 | psqlf-004 | Security | Private IP Address | PostgreSQL should have private access enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-networking#private-access-vnet-integration)
-221 | psqlf-005 | Reliability | SKU | PostgreSQL SKU | High | [Learn](https://azure.microsoft.com/en-gb/pricing/details/postgresql/flexible-server/)
-222 | psqlf-006 | Operational Excellence | Naming Convention (CAF) | PostgreSQL Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-223 | psqlf-007 | Operational Excellence | Tags | PostgreSQL should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-224 | psql-001 | Reliability | Diagnostic Logs | PostgreSQL should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-server-logs#resource-logs)
-225 | psql-003 | Reliability | SLA | PostgreSQL should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/postgresql/)
-226 | psql-004 | Security | Private Endpoint | PostgreSQL should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-data-access-and-security-private-link)
-227 | psql-005 | Reliability | SKU | PostgreSQL SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-pricing-tiers)
-228 | psql-006 | Operational Excellence | Naming Convention (CAF) | PostgreSQL Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-229 | psql-007 | Operational Excellence | Tags | PostgreSQL should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-230 | psql-008 | Security | SSL | PostgreSQL should enforce SSL | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-ssl-connection-security#enforcing-tls-connections)
-231 | psql-009 | Security | TLS | PostgreSQL should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/how-to-tls-configurations)
-232 | redis-001 | Reliability | Diagnostic Logs | Redis should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-monitor-diagnostic-settings)
-233 | redis-002 | Reliability | Availability Zones | Redis should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-high-availability)
-234 | redis-003 | Reliability | SLA | Redis should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
-235 | redis-004 | Security | Private Endpoint | Redis should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-private-link)
-236 | redis-005 | Reliability | SKU | Redis SKU | High | [Learn](https://azure.microsoft.com/en-gb/pricing/details/cache/)
-237 | redis-006 | Operational Excellence | Naming Convention (CAF) | Redis Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-238 | redis-007 | Operational Excellence | Tags | Redis should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-239 | redis-008 | Security | SSL | Redis should not enable non SSL ports | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-configure#access-ports)
-240 | redis-009 | Security | TLS | Redis should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-remove-tls-10-11)
-241 | sb-001 | Reliability | Diagnostic Logs | Service Bus should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/monitor-service-bus#collection-and-routing)
-242 | sb-002 | Reliability | Availability Zones | Service Bus should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/service-bus-outages-disasters#availability-zones)
-243 | sb-003 | Reliability | SLA | Service Bus should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/service-bus/)
-244 | sb-004 | Security | Private Endpoint | Service Bus should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/network-security)
-245 | sb-005 | Reliability | SKU | Service Bus SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/service-bus/)
-246 | sb-006 | Operational Excellence | Naming Convention (CAF) | Service Bus Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-247 | sb-007 | Operational Excellence | Tags | Service Bus should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-248 | sb-008 | Security | Identity and Access Control | Service Bus should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas)
-249 | sigr-001 | Reliability | Diagnostic Logs | SignalR should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-signalr/signalr-howto-diagnostic-logs)
-250 | sigr-002 | Reliability | Availability Zones | SignalR should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-signalr/availability-zones)
-251 | sigr-003 | Reliability | SLA | SignalR should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/signalr-service/)
-252 | sigr-004 | Security | Private Endpoint | SignalR should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-signalr/howto-private-endpoints)
-253 | sigr-005 | Reliability | SKU | SignalR SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/signalr-service/)
-254 | sigr-006 | Operational Excellence | Naming Convention (CAF) | SignalR Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-255 | sigr-007 | Operational Excellence | Tags | SignalR should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-256 | sql-001 | Reliability | Diagnostic Logs | SQL should have diagnostic settings enabled | Medium | [Learn]()
-257 | sql-004 | Security | Private Endpoint | SQL should have private endpoints enabled | High | [Learn]()
-258 | sql-006 | Operational Excellence | Naming Convention (CAF) | SQL Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-259 | sql-007 | Operational Excellence | Tags | SQL should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-260 | sql-008 | Security | TLS | SQL should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-sql/database/connectivity-settings?view=azuresql&tabs=azure-portal#minimal-tls-version)
-261 | sqldb-001 | Reliability | Diagnostic Logs | SQL Database should have diagnostic settings enabled | Medium | [Learn]()
-262 | sqldb-002 | Reliability | Availability Zones | SQL Database should have availability zones enabled | High | [Learn]()
-263 | sqldb-003 | Reliability | SLA | SQL Database should have a SLA | High | [Learn]()
-264 | sqldb-005 | Reliability | SKU | SQL Database SKU | High | [Learn](https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tiers-vcore?tabs=azure-portal)
-265 | sqldb-006 | Operational Excellence | Naming Convention (CAF) | SQL Database Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-266 | sqldb-007 | Operational Excellence | Tags | SQL Database should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-267 | traf-001 | Reliability | Diagnostic Logs | Traffic Manager should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-diagnostic-logs)
-268 | traf-002 | Reliability | Availability Zones | Traffic Manager should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/architecture/high-availability/reference-architecture-traffic-manager-application-gateway)
-269 | traf-003 | Reliability | SLA | Traffic Manager should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/traffic-manager/)
-270 | traf-006 | Operational Excellence | Naming Convention (CAF) | Traffic Manager Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-271 | traf-007 | Operational Excellence | Tags | Traffic Manager should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-272 | traf-008 | Reliability | Reliability | Traffic Manager should use at least 2 endpoints | High | [Learn](https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-endpoint-types)
-273 | traf-009 | Security | HTTPS Only | Traffic Manager: HTTP endpoints should be monitored using HTTPS | High | [Learn](https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring)
-274 | st-001 | Reliability | Diagnostic Logs | Storage should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage)
-275 | st-002 | Reliability | Availability Zones | Storage should have availability zones enabled | High | [Learn](https://learn.microsoft.com/EN-US/azure/reliability/migrate-storage)
-276 | st-003 | Reliability | SLA | Storage should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/storage/)
-277 | st-004 | Security | Private Endpoint | Storage should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints)
-278 | st-005 | Reliability | SKU | Storage SKU | High | [Learn](https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types)
-279 | st-006 | Operational Excellence | Naming Convention (CAF) | Storage Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-280 | st-007 | Security | HTTPS Only | Storage Account should use HTTPS only | High | [Learn](https://learn.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer)
-281 | st-008 | Operational Excellence | Tags | Storage Account should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-282 | st-009 | Security | TLS | Storage Account should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version?tabs=portal)
-283 | vm-001 | Reliability | Diagnostic Logs | Virtual Machine should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-monitor/agents/diagnostics-extension-windows-install)
-284 | vm-002 | Reliability | Availability Zones | Virtual Machine should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/virtual-machines/availability#availability-zones)
-285 | vm-003 | Reliability | SLA | Virtual Machine should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
-286 | vm-006 | Operational Excellence | Naming Convention (CAF) | Virtual Machine Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-287 | vm-007 | Operational Excellence | Tags | Virtual Machine should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-288 | vm-008 | Reliability | Reliability | Virtual Machine should use managed disks | High | [Learn](https://learn.microsoft.com/en-us/azure/architecture/checklist/resiliency-per-service#virtual-machines)
-289 | vm-009 | Reliability | Reliability | Virtual Machine should host application or database data on a data disk | Low | [Learn](https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#data-disk)
-290 | vnet-001 | Reliability | Diagnostic Logs | Virtual Network should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/virtual-network/monitor-virtual-network#collection-and-routing)
-291 | vnet-002 | Reliability | Availability Zones | Virtual Network should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview#virtual-networks-and-availability-zones)
-292 | vnet-006 | Operational Excellence | Naming Convention (CAF) | Virtual Network Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-293 | vnet-007 | Operational Excellence | Tags | Virtual Network should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-294 | vnet-008 | Security | Networking | Virtual Network: All Subnets should have a Network Security Group associated | High | [Learn](https://learn.microsoft.com/azure/virtual-network/concepts-and-best-practices)
-295 | vnet-009 | Reliability | Reliability | Virtual NetworK should have at least two DNS servers assigned | High | [Learn](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances?tabs=redhat#specify-dns-servers)
-296 | wps-001 | Reliability | Diagnostic Logs | Web Pub Sub should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-web-pubsub/howto-troubleshoot-resource-logs)
-297 | wps-002 | Reliability | Availability Zones | Web Pub Sub should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-web-pubsub/concept-availability-zones)
-298 | wps-003 | Reliability | SLA | Web Pub Sub should have a SLA | High | [Learn](https://azure.microsoft.com/en-gb/support/legal/sla/web-pubsub/)
-299 | wps-004 | Security | Private Endpoint | Web Pub Sub should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-web-pubsub/howto-secure-private-endpoints)
-300 | wps-005 | Reliability | SKU | Web Pub Sub SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/web-pubsub/)
-301 | wps-006 | Operational Excellence | Naming Convention (CAF) | Web Pub Sub Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
-302 | wps-007 | Operational Excellence | Tags | Web Pub Sub should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
-
+61 | apim-012 | Reliability | Reliability | APIM: Migrate instance hosted on the stv1 platform to stv2 | High | [Learn](https://learn.microsoft.com/en-us/azure/api-management/migrate-stv1-to-stv2?tabs=portal)
+62 | appcs-001 | Reliability | Diagnostic Logs | AppConfiguration should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/monitor-app-configuration?tabs=portal)
+63 | appcs-003 | Reliability | SLA | AppConfiguration should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/app-configuration/)
+64 | appcs-004 | Security | Private Endpoint | AppConfiguration should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/concept-private-endpoint)
+65 | appcs-005 | Reliability | SKU | AppConfiguration SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/app-configuration/)
+66 | appcs-006 | Operational Excellence | Naming Convention (CAF) | AppConfiguration Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+67 | appcs-007 | Operational Excellence | Tags | AppConfiguration should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+68 | appcs-008 | Security | Identity and Access Control | AppConfiguration should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/howto-disable-access-key-authentication?tabs=portal#disable-access-key-authentication)
+69 | appcs-009 | Reliability | Reliability | AppConfiguration should have purge protection enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-app-configuration/concept-soft-delete#purge-protection)
+70 | appi-001 | Reliability | SLA | Azure Application Insights SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/application-insights/index.html)
+71 | appi-002 | Operational Excellence | Naming Convention (CAF) | Azure Application Insights Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+72 | appi-003 | Operational Excellence | Tags | Azure Application Insights should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+73 | appi-004 | Reliability | Reliability | Azure Application Insights should store data in a Log Analytics Workspace | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-monitor/app/create-workspace-resource)
+74 | cae-001 | Reliability | Diagnostic Logs | Container Apps Environment should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/log-options#diagnostic-settings)
+75 | cae-002 | Reliability | Availability Zones | Container Apps Environment should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/disaster-recovery?tabs=bash#set-up-zone-redundancy-in-your-container-apps-environment)
+76 | cae-003 | Reliability | SLA | Container Apps Environment should have a SLA | High | [Learn](https://azure.microsoft.com/en-us/support/legal/sla/container-apps/v1_0/)
+77 | cae-004 | Security | Private Endpoint | Container Apps Environment should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/vnet-custom-internal?tabs=bash&pivots=azure-portal)
+78 | cae-006 | Operational Excellence | Naming Convention (CAF) | Container Apps Environment Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+79 | cae-007 | Operational Excellence | Tags | Container Apps Environment should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+80 | ca-003 | Reliability | SLA | ContainerApp should have a SLA | High | [Learn](https://azure.microsoft.com/en-us/support/legal/sla/container-apps/v1_0/)
+81 | ca-006 | Operational Excellence | Naming Convention (CAF) | ContainerApp Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+82 | ca-007 | Operational Excellence | Tags | ContainerApp should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+83 | ca-008 | Security | HTTPS Only | ContainerApp should not allow insecure ingress traffic | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/ingress-how-to?pivots=azure-cli)
+84 | ca-009 | Security | Identity and Access Control | ContainerApp should use Managed Identities | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/managed-identity?tabs=portal%2Cdotnet)
+85 | ca-010 | Reliability | Reliability | ContainerApp should use Azure Files to persist container data | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/storage-mounts?pivots=azure-cli)
+86 | ca-011 | Reliability | Reliability | ContainerApp should avoid using session affinity | Low | [Learn](https://learn.microsoft.com/en-us/azure/container-apps/sticky-sessions?pivots=azure-portal)
+87 | ci-002 | Reliability | Availability Zones | ContainerInstance should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-instances/availability-zones)
+88 | ci-003 | Reliability | SLA | ContainerInstance should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/container-instances/v1_0/index.html)
+89 | ci-004 | Security | Private IP Address | ContainerInstance should use private IP addresses | High | [Learn]()
+90 | ci-005 | Reliability | SKU | ContainerInstance SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/container-instances/)
+91 | ci-006 | Operational Excellence | Naming Convention (CAF) | ContainerInstance Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+92 | ci-007 | Operational Excellence | Tags | ContainerInstance should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+93 | cog-001 | Reliability | Diagnostic Logs | Cognitive Service Account should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/monitor-event-hubs#collection-and-routing)
+94 | cog-003 | Reliability | SLA | Cognitive Service Account should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
+95 | cog-004 | Security | Private Endpoint | Cognitive Service Account should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/cognitive-services/cognitive-services-virtual-networks)
+96 | cog-005 | Reliability | SKU | Cognitive Service Account SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/templates/microsoft.cognitiveservices/accounts?pivots=deployment-language-bicep#sku)
+97 | cog-006 | Operational Excellence | Naming Convention (CAF) | Cognitive Service Account Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+98 | cog-007 | Operational Excellence | Tags | Cognitive Service Account should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+99 | cog-008 | Security | Identity and Access Control | Cognitive Service Account should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/ai-services/policy-reference#azure-ai-services)
+100 | cosmos-001 | Reliability | Diagnostic Logs | CosmosDB should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/monitor-resource-logs)
+101 | cosmos-002 | Reliability | Availability Zones | CosmosDB should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/high-availability)
+102 | cosmos-003 | Reliability | SLA | CosmosDB should have a SLA | High | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/high-availability#slas)
+103 | cosmos-004 | Security | Private Endpoint | CosmosDB should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-configure-private-endpoints)
+104 | cosmos-005 | Reliability | SKU | CosmosDB SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/cosmos-db/autoscale-provisioned/)
+105 | cosmos-006 | Operational Excellence | Naming Convention (CAF) | CosmosDB Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+106 | cosmos-007 | Operational Excellence | Tags | CosmosDB should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+107 | cr-001 | Reliability | Diagnostic Logs | ContainerRegistry should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/monitor-service)
+108 | cr-002 | Reliability | Availability Zones | ContainerRegistry should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/zone-redundancy)
+109 | cr-003 | Reliability | SLA | ContainerRegistry should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/container-registry/)
+110 | cr-004 | Security | Private Endpoint | ContainerRegistry should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-private-link)
+111 | cr-005 | Reliability | SKU | ContainerRegistry SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-skus)
+112 | cr-006 | Operational Excellence | Naming Convention (CAF) | ContainerRegistry Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+113 | cr-007 | Security | Identity and Access Control | ContainerRegistry should have anonymous pull access disabled | Medium | [Learn](https://learn.microsoft.com/azure/container-registry/anonymous-pull-access#configure-anonymous-pull-access)
+114 | cr-008 | Security | Identity and Access Control | ContainerRegistry should have the Administrator account disabled | Medium | [Learn](https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity)
+115 | cr-009 | Operational Excellence | Tags | ContainerRegistry should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+116 | cr-010 | Operational Excellence | Retention Policies | ContainerRegistry should use retention policies | Medium | [Learn](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-retention-policy)
+117 | dec-001 | Reliability | Diagnostic Logs | Azure Data Explorer should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/using-diagnostic-logs)
+118 | dec-002 | Reliability | SLA | Azure Data Explorer SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services)
+119 | dec-003 | Reliability | SKU | Azure Data Explorer Production Cluster should not use Dev SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/manage-cluster-choose-sku)
+120 | dec-004 | Operational Excellence | Naming Convention (CAF) | Azure Data Explorer Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+121 | dec-005 | Operational Excellence | Tags | Azure Data Explorer should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+122 | dec-008 | Security | Disk Encryption | Azure Data Explorer should use Disk Encryption | High | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/cluster-encryption-overview)
+123 | dec-009 | Security | Identity and Access Control | Azure Data Explorer should use Managed Identities | Low | [Learn](https://learn.microsoft.com/en-us/azure/data-explorer/configure-managed-identities-cluster?tabs=portal)
+124 | evgd-001 | Reliability | Diagnostic Logs | Event Grid Domain should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-grid/diagnostic-logs)
+125 | evgd-003 | Reliability | SLA | Event Grid Domain should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/event-grid/)
+126 | evgd-004 | Security | Private Endpoint | Event Grid Domain should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/event-grid/configure-private-endpoints)
+127 | evgd-005 | Reliability | SKU | Event Grid Domain SKU | High | [Learn](https://azure.microsoft.com/en-gb/pricing/details/event-grid/)
+128 | evgd-006 | Operational Excellence | Naming Convention (CAF) | Event Grid Domain Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+129 | evgd-007 | Operational Excellence | Tags | Event Grid Domain should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+130 | evgd-008 | Security | Identity and Access Control | Event Grid Domain should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-grid/authenticate-with-access-keys-shared-access-signatures)
+131 | evh-001 | Reliability | Diagnostic Logs | Event Hub Namespace should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/monitor-event-hubs#collection-and-routing)
+132 | evh-002 | Reliability | Availability Zones | Event Hub Namespace should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/event-hubs-premium-overview#high-availability-with-availability-zones)
+133 | evh-003 | Reliability | SLA | Event Hub Namespace should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/event-hubs/)
+134 | evh-004 | Security | Private Endpoint | Event Hub Namespace should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/network-security)
+135 | evh-005 | Reliability | SKU | Event Hub Namespace SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/compare-tiers)
+136 | evh-006 | Operational Excellence | Naming Convention (CAF) | Event Hub Namespace Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+137 | evh-007 | Operational Excellence | Tags | Event Hub should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+138 | evh-008 | Security | Identity and Access Control | Event Hub should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/event-hubs/authorize-access-event-hubs#shared-access-signatures)
+139 | kv-001 | Reliability | Diagnostic Logs | Key Vault should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault)
+140 | kv-003 | Reliability | SLA | Key Vault should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/key-vault/)
+141 | kv-004 | Security | Private Endpoint | Key Vault should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/private-link-service)
+142 | kv-005 | Reliability | SKU | Key Vault SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/key-vault/)
+143 | kv-006 | Operational Excellence | Naming Convention (CAF) | Key Vault Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+144 | kv-007 | Operational Excellence | Tags | Key Vault should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+145 | kv-008 | Reliability | Reliability | Key Vault should have soft delete enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview)
+146 | kv-009 | Reliability | Reliability | Key Vault should have purge protection enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview#purge-protection)
+147 | lb-001 | Reliability | Diagnostic Logs | Load Balancer should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/monitor-load-balancer#creating-a-diagnostic-setting)
+148 | lb-002 | Reliability | Availability Zones | Load Balancer should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-availability-zones#zone-redundant)
+149 | lb-003 | Reliability | SLA | Load Balancer should have a SLA | High | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/skus)
+150 | lb-005 | Reliability | SKU | Load Balancer SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/load-balancer/skus)
+151 | lb-006 | Operational Excellence | Naming Convention (CAF) | Load Balancer Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+152 | lb-007 | Operational Excellence | Tags | Load Balancer should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+153 | logic-001 | Reliability | Diagnostic Logs | Logic App should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/monitor-workflows-collect-diagnostic-data)
+154 | logic-003 | Reliability | SLA | Logic App should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
+155 | logic-004 | Security | Firewall | Logic App should limit access to Http Triggers | High | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app?tabs=azure-portal#restrict-access-by-ip-address-range)
+156 | logic-006 | Operational Excellence | Naming Convention (CAF) | Logic App Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+157 | logic-007 | Operational Excellence | Tags | Logic App should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+158 | maria-001 | Reliability | Diagnostic Logs | MariaDB should have diagnostic settings enabled | Medium | [Learn]()
+159 | maria-002 | Security | Private Endpoint | MariaDB should have private endpoints enabled | High | [Learn]()
+160 | maria-003 | Operational Excellence | Naming Convention (CAF) | MariaDB server Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+161 | maria-004 | Reliability | SLA | MariaDB server should have a SLA | High | [Learn]()
+162 | maria-005 | Operational Excellence | Tags | MariaDB should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+163 | maria-006 | Security | TLS | MariaDB should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/mariadb/howto-tls-configurations)
+164 | mysqlf-001 | Reliability | Diagnostic Logs | Azure Database for MySQL - Flexible Server should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/tutorial-query-performance-insights#set-up-diagnostics)
+165 | mysqlf-002 | Reliability | Availability Zones | Azure Database for MySQL - Flexible Server should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/how-to-configure-high-availability-cli)
+166 | mysqlf-003 | Reliability | SLA | Azure Database for MySQL - Flexible Server should have a SLA | High | [Learn](hhttps://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
+167 | mysqlf-004 | Security | Private IP Address | Azure Database for MySQL - Flexible Server should have private access enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/how-to-manage-virtual-network-cli)
+168 | mysqlf-005 | Reliability | SKU | Azure Database for MySQL - Flexible Server SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/concepts-service-tiers-storage)
+169 | mysqlf-006 | Operational Excellence | Naming Convention (CAF) | Azure Database for MySQL - Flexible Server Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+170 | mysqlf-007 | Operational Excellence | Tags | Azure Database for MySQL - Flexible Server should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+171 | mysql-001 | Reliability | Diagnostic Logs | Azure Database for MySQL - Flexible Server should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/concepts-monitoring#server-logs)
+172 | mysql-003 | Reliability | SLA | Azure Database for MySQL - Flexible Server should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/mysql/)
+173 | mysql-004 | Security | Private Endpoint | Azure Database for MySQL - Flexible Server should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/concepts-data-access-security-private-link)
+174 | mysql-005 | Reliability | SKU | Azure Database for MySQL - Flexible Server SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/concepts-pricing-tiers)
+175 | mysql-006 | Operational Excellence | Naming Convention (CAF) | Azure Database for MySQL - Flexible Server Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+176 | mysql-007 | Reliability | SKU | Azure Database for MySQL - Single Server is on the retirement path | High | [Learn](https://learn.microsoft.com/en-us/azure/mysql/single-server/whats-happening-to-mysql-single-server)
+177 | mysql-008 | Operational Excellence | Tags | Azure Database for MySQL - Single Server should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+178 | app-001 | Reliability | Diagnostic Logs | App Service should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs#send-logs-to-azure-monitor)
+179 | app-004 | Security | Private Endpoint | App Service should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/networking/private-endpoint)
+180 | app-006 | Operational Excellence | Naming Convention (CAF) | App Service Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+181 | app-007 | Security | HTTPS Only | App Service should use HTTPS only | High | [Learn](https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https)
+182 | app-008 | Operational Excellence | Tags | App Service should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+183 | app-009 | Security | Networking | App Service should use VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
+184 | app-010 | Security | Networking | App Service should have VNET Route all enabled for VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
+185 | app-011 | Security | TLS | App Service should use TLS 1.2 | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-tls)
+186 | app-012 | Security | Security | App Service remote debugging should be disabled | High | [Learn](https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging-azure-app-service?view=vs-2022#enable-remote-debugging)
+187 | app-013 | Security | Security | App Service should not allow insecure FTP | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/deploy-ftp?tabs=portal)
+188 | app-014 | Security | Security | App Service should have Always On enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/configure-common?tabs=portal)
+189 | app-015 | Reliability | Reliability | App Service should avoid using Client Affinity | Medium | [Learn](https://learn.microsoft.com/en-us/azure/well-architected/service-guides/azure-app-service/reliability#checklist)
+190 | app-016 | Security | Identity and Access Control | App Service should use Managed Identities | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp)
+191 | asp-001 | Reliability | Diagnostic Logs | Plan should have diagnostic settings enabled | Medium | [Learn]()
+192 | asp-002 | Reliability | Availability Zones | Plan should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/reliability/migrate-app-service)
+193 | asp-003 | Reliability | SLA | Plan should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/app-service/)
+194 | asp-005 | Reliability | SKU | Plan SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-hosting-plans)
+195 | asp-006 | Operational Excellence | Naming Convention (CAF) | Plan Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+196 | asp-007 | Operational Excellence | Tags | Plan should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+197 | func-001 | Reliability | Diagnostic Logs | Function should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-functions/functions-monitor-log-analytics?tabs=csharp)
+198 | func-004 | Security | Private Endpoint | Function should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-functions/functions-create-vnet)
+199 | func-006 | Operational Excellence | Naming Convention (CAF) | Function Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+200 | func-007 | Security | HTTPS Only | Function should use HTTPS only | High | [Learn](https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https)
+201 | func-008 | Operational Excellence | Tags | Function should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+202 | func-009 | Security | Networking | Function should use VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
+203 | func-010 | Security | Networking | Function should have VNET Route all enabled for VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
+204 | func-011 | Security | TLS | Function should use TLS 1.2 | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-tls)
+205 | func-012 | Security | Security | Function remote debugging should be disabled | Medium | [Learn](https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging-azure-app-service?view=vs-2022#enable-remote-debugging)
+206 | func-013 | Reliability | Reliability | Function should avoid using Client Affinity | Medium | [Learn](https://learn.microsoft.com/en-us/azure/well-architected/service-guides/azure-app-service/reliability#checklist)
+207 | func-014 | Security | Identity and Access Control | Function should use Managed Identities | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp)
+208 | logics-001 | Reliability | Diagnostic Logs | Logic App should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/monitor-workflows-collect-diagnostic-data)
+209 | logics-004 | Security | Private Endpoint | Logic App should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/logic-apps/secure-single-tenant-workflow-virtual-network-private-endpoint)
+210 | logics-006 | Operational Excellence | Naming Convention (CAF) | Logic App Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+211 | logics-007 | Security | HTTPS Only | Logic App should use HTTPS only | High | [Learn](https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https)
+212 | logics-008 | Operational Excellence | Tags | Logic App should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+213 | logics-009 | Security | Networking | Logic App should use VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
+214 | logics-010 | Security | Networking | Logic App should have VNET Route all enabled for VNET integration | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration)
+215 | logics-011 | Security | TLS | Logic App should use TLS 1.2 | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-tls)
+216 | logics-012 | Security | Security | Logic App remote debugging should be disabled | Medium | [Learn](https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging-azure-app-service?view=vs-2022#enable-remote-debugging)
+217 | logics-013 | Reliability | Reliability | Logic App should avoid using Client Affinity | Medium | [Learn](https://learn.microsoft.com/en-us/azure/well-architected/service-guides/azure-app-service/reliability#checklist)
+218 | logics-014 | Security | Identity and Access Control | Logic App should use Managed Identities | Medium | [Learn](https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp)
+219 | psqlf-001 | Reliability | Diagnostic Logs | PostgreSQL should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/howto-configure-and-access-logs)
+220 | psqlf-002 | Reliability | Availability Zones | PostgreSQL should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/overview#architecture-and-high-availability)
+221 | psqlf-003 | Reliability | SLA | PostgreSQL should have a SLA | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-compare-single-server-flexible-server)
+222 | psqlf-004 | Security | Private IP Address | PostgreSQL should have private access enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-networking#private-access-vnet-integration)
+223 | psqlf-005 | Reliability | SKU | PostgreSQL SKU | High | [Learn](https://azure.microsoft.com/en-gb/pricing/details/postgresql/flexible-server/)
+224 | psqlf-006 | Operational Excellence | Naming Convention (CAF) | PostgreSQL Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+225 | psqlf-007 | Operational Excellence | Tags | PostgreSQL should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+226 | psql-001 | Reliability | Diagnostic Logs | PostgreSQL should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-server-logs#resource-logs)
+227 | psql-003 | Reliability | SLA | PostgreSQL should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/postgresql/)
+228 | psql-004 | Security | Private Endpoint | PostgreSQL should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-data-access-and-security-private-link)
+229 | psql-005 | Reliability | SKU | PostgreSQL SKU | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-pricing-tiers)
+230 | psql-006 | Operational Excellence | Naming Convention (CAF) | PostgreSQL Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+231 | psql-007 | Operational Excellence | Tags | PostgreSQL should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+232 | psql-008 | Security | SSL | PostgreSQL should enforce SSL | High | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-ssl-connection-security#enforcing-tls-connections)
+233 | psql-009 | Security | TLS | PostgreSQL should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/postgresql/single-server/how-to-tls-configurations)
+234 | redis-001 | Reliability | Diagnostic Logs | Redis should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-monitor-diagnostic-settings)
+235 | redis-002 | Reliability | Availability Zones | Redis should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-high-availability)
+236 | redis-003 | Reliability | SLA | Redis should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
+237 | redis-004 | Security | Private Endpoint | Redis should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-private-link)
+238 | redis-005 | Reliability | SKU | Redis SKU | High | [Learn](https://azure.microsoft.com/en-gb/pricing/details/cache/)
+239 | redis-006 | Operational Excellence | Naming Convention (CAF) | Redis Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+240 | redis-007 | Operational Excellence | Tags | Redis should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+241 | redis-008 | Security | SSL | Redis should not enable non SSL ports | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-configure#access-ports)
+242 | redis-009 | Security | TLS | Redis should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-remove-tls-10-11)
+243 | sb-001 | Reliability | Diagnostic Logs | Service Bus should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/monitor-service-bus#collection-and-routing)
+244 | sb-002 | Reliability | Availability Zones | Service Bus should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/service-bus-outages-disasters#availability-zones)
+245 | sb-003 | Reliability | SLA | Service Bus should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/service-bus/)
+246 | sb-004 | Security | Private Endpoint | Service Bus should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/network-security)
+247 | sb-005 | Reliability | SKU | Service Bus SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/service-bus/)
+248 | sb-006 | Operational Excellence | Naming Convention (CAF) | Service Bus Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+249 | sb-007 | Operational Excellence | Tags | Service Bus should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+250 | sb-008 | Security | Identity and Access Control | Service Bus should have local authentication disabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas)
+251 | sigr-001 | Reliability | Diagnostic Logs | SignalR should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-signalr/signalr-howto-diagnostic-logs)
+252 | sigr-002 | Reliability | Availability Zones | SignalR should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-signalr/availability-zones)
+253 | sigr-003 | Reliability | SLA | SignalR should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/signalr-service/)
+254 | sigr-004 | Security | Private Endpoint | SignalR should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-signalr/howto-private-endpoints)
+255 | sigr-005 | Reliability | SKU | SignalR SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/signalr-service/)
+256 | sigr-006 | Operational Excellence | Naming Convention (CAF) | SignalR Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+257 | sigr-007 | Operational Excellence | Tags | SignalR should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+258 | sql-001 | Reliability | Diagnostic Logs | SQL should have diagnostic settings enabled | Medium | [Learn]()
+259 | sql-004 | Security | Private Endpoint | SQL should have private endpoints enabled | High | [Learn]()
+260 | sql-006 | Operational Excellence | Naming Convention (CAF) | SQL Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+261 | sql-007 | Operational Excellence | Tags | SQL should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+262 | sql-008 | Security | TLS | SQL should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-sql/database/connectivity-settings?view=azuresql&tabs=azure-portal#minimal-tls-version)
+263 | sqldb-001 | Reliability | Diagnostic Logs | SQL Database should have diagnostic settings enabled | Medium | [Learn]()
+264 | sqldb-002 | Reliability | Availability Zones | SQL Database should have availability zones enabled | High | [Learn]()
+265 | sqldb-003 | Reliability | SLA | SQL Database should have a SLA | High | [Learn]()
+266 | sqldb-005 | Reliability | SKU | SQL Database SKU | High | [Learn](https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tiers-vcore?tabs=azure-portal)
+267 | sqldb-006 | Operational Excellence | Naming Convention (CAF) | SQL Database Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+268 | sqldb-007 | Operational Excellence | Tags | SQL Database should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+269 | traf-001 | Reliability | Diagnostic Logs | Traffic Manager should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-diagnostic-logs)
+270 | traf-002 | Reliability | Availability Zones | Traffic Manager should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/architecture/high-availability/reference-architecture-traffic-manager-application-gateway)
+271 | traf-003 | Reliability | SLA | Traffic Manager should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/traffic-manager/)
+272 | traf-006 | Operational Excellence | Naming Convention (CAF) | Traffic Manager Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+273 | traf-007 | Operational Excellence | Tags | Traffic Manager should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+274 | traf-008 | Reliability | Reliability | Traffic Manager should use at least 2 endpoints | High | [Learn](https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-endpoint-types)
+275 | traf-009 | Security | HTTPS Only | Traffic Manager: HTTP endpoints should be monitored using HTTPS | High | [Learn](https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring)
+276 | st-001 | Reliability | Diagnostic Logs | Storage should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage)
+277 | st-002 | Reliability | Availability Zones | Storage should have availability zones enabled | High | [Learn](https://learn.microsoft.com/EN-US/azure/reliability/migrate-storage)
+278 | st-003 | Reliability | SLA | Storage should have a SLA | High | [Learn](https://www.azure.cn/en-us/support/sla/storage/)
+279 | st-004 | Security | Private Endpoint | Storage should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints)
+280 | st-005 | Reliability | SKU | Storage SKU | High | [Learn](https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types)
+281 | st-006 | Operational Excellence | Naming Convention (CAF) | Storage Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+282 | st-007 | Security | HTTPS Only | Storage Account should use HTTPS only | High | [Learn](https://learn.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer)
+283 | st-008 | Operational Excellence | Tags | Storage Account should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+284 | st-009 | Security | TLS | Storage Account should enforce TLS >= 1.2 | Low | [Learn](https://learn.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version?tabs=portal)
+285 | vm-001 | Reliability | Diagnostic Logs | Virtual Machine should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-monitor/agents/diagnostics-extension-windows-install)
+286 | vm-002 | Reliability | Availability Zones | Virtual Machine should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/virtual-machines/availability#availability-zones)
+287 | vm-003 | Reliability | SLA | Virtual Machine should have a SLA | High | [Learn](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1)
+288 | vm-006 | Operational Excellence | Naming Convention (CAF) | Virtual Machine Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+289 | vm-007 | Operational Excellence | Tags | Virtual Machine should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+290 | vm-008 | Reliability | Reliability | Virtual Machine should use managed disks | High | [Learn](https://learn.microsoft.com/en-us/azure/architecture/checklist/resiliency-per-service#virtual-machines)
+291 | vm-009 | Reliability | Reliability | Virtual Machine should host application or database data on a data disk | Low | [Learn](https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#data-disk)
+292 | vnet-001 | Reliability | Diagnostic Logs | Virtual Network should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/virtual-network/monitor-virtual-network#collection-and-routing)
+293 | vnet-002 | Reliability | Availability Zones | Virtual Network should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview#virtual-networks-and-availability-zones)
+294 | vnet-006 | Operational Excellence | Naming Convention (CAF) | Virtual Network Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+295 | vnet-007 | Operational Excellence | Tags | Virtual Network should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)
+296 | vnet-008 | Security | Networking | Virtual Network: All Subnets should have a Network Security Group associated | High | [Learn](https://learn.microsoft.com/azure/virtual-network/concepts-and-best-practices)
+297 | vnet-009 | Reliability | Reliability | Virtual NetworK should have at least two DNS servers assigned | High | [Learn](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances?tabs=redhat#specify-dns-servers)
+298 | wps-001 | Reliability | Diagnostic Logs | Web Pub Sub should have diagnostic settings enabled | Medium | [Learn](https://learn.microsoft.com/en-us/azure/azure-web-pubsub/howto-troubleshoot-resource-logs)
+299 | wps-002 | Reliability | Availability Zones | Web Pub Sub should have availability zones enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-web-pubsub/concept-availability-zones)
+300 | wps-003 | Reliability | SLA | Web Pub Sub should have a SLA | High | [Learn](https://azure.microsoft.com/en-gb/support/legal/sla/web-pubsub/)
+301 | wps-004 | Security | Private Endpoint | Web Pub Sub should have private endpoints enabled | High | [Learn](https://learn.microsoft.com/en-us/azure/azure-web-pubsub/howto-secure-private-endpoints)
+302 | wps-005 | Reliability | SKU | Web Pub Sub SKU | High | [Learn](https://azure.microsoft.com/en-us/pricing/details/web-pubsub/)
+303 | wps-006 | Operational Excellence | Naming Convention (CAF) | Web Pub Sub Name should comply with naming conventions | Low | [Learn](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations)
+304 | wps-007 | Operational Excellence | Tags | Web Pub Sub should have tags | Low | [Learn](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources?tabs=json)