From c55d9460593671d7cd5d8b461ce0bc5c1f623604 Mon Sep 17 00:00:00 2001
From: AlexanderSehr <asehr@hotmail.de>
Date: Tue, 6 Aug 2024 19:36:14 +0200
Subject: [PATCH 1/7] Update to latest

---
 .../image-template/README.md                  | 128 ++++++++----------
 .../image-template/main.bicep                 |   2 +-
 .../image-template/main.json                  |   3 +-
 .../tests/e2e/defaults/main.test.bicep        |   6 -
 4 files changed, 60 insertions(+), 79 deletions(-)

diff --git a/avm/res/virtual-machine-images/image-template/README.md b/avm/res/virtual-machine-images/image-template/README.md
index b63176a302..c7a8281e01 100644
--- a/avm/res/virtual-machine-images/image-template/README.md
+++ b/avm/res/virtual-machine-images/image-template/README.md
@@ -46,12 +46,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
   name: 'imageTemplateDeployment'
   params: {
     // Required parameters
-    customizationSteps: [
-      {
-        restartTimeout: '30m'
-        type: 'WindowsRestart'
-      }
-    ]
     distributions: [
       {
         imageName: 'mi-vmiitmin-001'
@@ -90,14 +84,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
   "contentVersion": "1.0.0.0",
   "parameters": {
     // Required parameters
-    "customizationSteps": {
-      "value": [
-        {
-          "restartTimeout": "30m",
-          "type": "WindowsRestart"
-        }
-      ]
-    },
     "distributions": {
       "value": [
         {
@@ -150,26 +136,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
   name: 'imageTemplateDeployment'
   params: {
     // Required parameters
-    customizationSteps: [
-      {
-        name: 'PowerShell installation'
-        scriptUri: '<scriptUri>'
-        type: 'Shell'
-      }
-      {
-        destination: 'Initialize-LinuxSoftware.ps1'
-        name: 'Initialize-LinuxSoftware'
-        sourceUri: '<sourceUri>'
-        type: 'File'
-      }
-      {
-        inline: [
-          'pwsh \'Initialize-LinuxSoftware.ps1\''
-        ]
-        name: 'Software installation'
-        type: 'Shell'
-      }
-    ]
     distributions: [
       {
         imageName: 'mi-vmiitmax-001'
@@ -203,6 +169,26 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
     name: 'vmiitmax001'
     // Non-required parameters
     buildTimeoutInMinutes: 60
+    customizationSteps: [
+      {
+        name: 'PowerShell installation'
+        scriptUri: '<scriptUri>'
+        type: 'Shell'
+      }
+      {
+        destination: 'Initialize-LinuxSoftware.ps1'
+        name: 'Initialize-LinuxSoftware'
+        sourceUri: '<sourceUri>'
+        type: 'File'
+      }
+      {
+        inline: [
+          'pwsh \'Initialize-LinuxSoftware.ps1\''
+        ]
+        name: 'Software installation'
+        type: 'Shell'
+      }
+    ]
     location: '<location>'
     lock: {
       kind: 'CanNotDelete'
@@ -270,28 +256,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
   "contentVersion": "1.0.0.0",
   "parameters": {
     // Required parameters
-    "customizationSteps": {
-      "value": [
-        {
-          "name": "PowerShell installation",
-          "scriptUri": "<scriptUri>",
-          "type": "Shell"
-        },
-        {
-          "destination": "Initialize-LinuxSoftware.ps1",
-          "name": "Initialize-LinuxSoftware",
-          "sourceUri": "<sourceUri>",
-          "type": "File"
-        },
-        {
-          "inline": [
-            "pwsh \"Initialize-LinuxSoftware.ps1\""
-          ],
-          "name": "Software installation",
-          "type": "Shell"
-        }
-      ]
-    },
     "distributions": {
       "value": [
         {
@@ -335,6 +299,28 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
     "buildTimeoutInMinutes": {
       "value": 60
     },
+    "customizationSteps": {
+      "value": [
+        {
+          "name": "PowerShell installation",
+          "scriptUri": "<scriptUri>",
+          "type": "Shell"
+        },
+        {
+          "destination": "Initialize-LinuxSoftware.ps1",
+          "name": "Initialize-LinuxSoftware",
+          "sourceUri": "<sourceUri>",
+          "type": "File"
+        },
+        {
+          "inline": [
+            "pwsh \"Initialize-LinuxSoftware.ps1\""
+          ],
+          "name": "Software installation",
+          "type": "Shell"
+        }
+      ]
+    },
     "location": {
       "value": "<location>"
     },
@@ -428,12 +414,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
   name: 'imageTemplateDeployment'
   params: {
     // Required parameters
-    customizationSteps: [
-      {
-        restartTimeout: '10m'
-        type: 'WindowsRestart'
-      }
-    ]
     distributions: [
       {
         sharedImageGalleryImageDefinitionResourceId: '<sharedImageGalleryImageDefinitionResourceId>'
@@ -454,6 +434,12 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
     }
     name: 'vmiitwaf001'
     // Non-required parameters
+    customizationSteps: [
+      {
+        restartTimeout: '10m'
+        type: 'WindowsRestart'
+      }
+    ]
     location: '<location>'
     subnetResourceId: '<subnetResourceId>'
     tags: {
@@ -478,14 +464,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
   "contentVersion": "1.0.0.0",
   "parameters": {
     // Required parameters
-    "customizationSteps": {
-      "value": [
-        {
-          "restartTimeout": "10m",
-          "type": "WindowsRestart"
-        }
-      ]
-    },
     "distributions": {
       "value": [
         {
@@ -514,6 +492,14 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
       "value": "vmiitwaf001"
     },
     // Non-required parameters
+    "customizationSteps": {
+      "value": [
+        {
+          "restartTimeout": "10m",
+          "type": "WindowsRestart"
+        }
+      ]
+    },
     "location": {
       "value": "<location>"
     },
@@ -575,7 +561,7 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
 
 Customization steps to be run when building the VM image.
 
-- Required: Yes
+- Required: No
 - Type: array
 
 ### Parameter: `distributions`
diff --git a/avm/res/virtual-machine-images/image-template/main.bicep b/avm/res/virtual-machine-images/image-template/main.bicep
index 9aefe03417..3bc46961c5 100644
--- a/avm/res/virtual-machine-images/image-template/main.bicep
+++ b/avm/res/virtual-machine-images/image-template/main.bicep
@@ -26,7 +26,7 @@ param subnetResourceId string?
 param imageSource object
 
 @description('Required. Customization steps to be run when building the VM image.')
-param customizationSteps array
+param customizationSteps array?
 
 @description('Optional. Resource ID of the staging resource group in the same subscription and location as the image template that will be used to build the image.</p>If this field is empty, a resource group with a random name will be created.</p>If the resource group specified in this field doesn\'t exist, it will be created with the same name.</p>If the resource group specified exists, it must be empty and in the same region as the image template.</p>The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn\'t exist,</p>but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain.')
 param stagingResourceGroup string?
diff --git a/avm/res/virtual-machine-images/image-template/main.json b/avm/res/virtual-machine-images/image-template/main.json
index 8af2add54f..817f7a2b91 100644
--- a/avm/res/virtual-machine-images/image-template/main.json
+++ b/avm/res/virtual-machine-images/image-template/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.29.47.4906",
-      "templateHash": "12715542154180929791"
+      "templateHash": "15899251447763565096"
     },
     "name": "Virtual Machine Image Templates",
     "description": "This module deploys a Virtual Machine Image Template that can be consumed by Azure Image Builder (AIB).",
@@ -458,6 +458,7 @@
     },
     "customizationSteps": {
       "type": "array",
+      "nullable": true,
       "metadata": {
         "description": "Required. Customization steps to be run when building the VM image."
       }
diff --git a/avm/res/virtual-machine-images/image-template/tests/e2e/defaults/main.test.bicep b/avm/res/virtual-machine-images/image-template/tests/e2e/defaults/main.test.bicep
index bb557a787c..246c9d8a1f 100644
--- a/avm/res/virtual-machine-images/image-template/tests/e2e/defaults/main.test.bicep
+++ b/avm/res/virtual-machine-images/image-template/tests/e2e/defaults/main.test.bicep
@@ -50,12 +50,6 @@ module testDeployment '../../../main.bicep' = {
   params: {
     name: '${namePrefix}${serviceShort}001'
     location: resourceLocation
-    customizationSteps: [
-      {
-        restartTimeout: '30m'
-        type: 'WindowsRestart'
-      }
-    ]
     imageSource: {
       offer: 'Windows-11'
       publisher: 'MicrosoftWindowsDesktop'

From db8bc539fbd8af30a29bf18fabb206e1f1e629de Mon Sep 17 00:00:00 2001
From: AlexanderSehr <asehr@hotmail.de>
Date: Wed, 7 Aug 2024 09:38:18 +0200
Subject: [PATCH 2/7] Update to latest

---
 .../virtual-machine-images/image-template/README.md    | 10 +++++-----
 .../virtual-machine-images/image-template/main.bicep   |  4 ++--
 .../virtual-machine-images/image-template/main.json    |  6 +++---
 .../image-template/tests/e2e/max/main.test.bicep       |  2 +-
 4 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/avm/res/virtual-machine-images/image-template/README.md b/avm/res/virtual-machine-images/image-template/README.md
index c7a8281e01..9c90d98c9a 100644
--- a/avm/res/virtual-machine-images/image-template/README.md
+++ b/avm/res/virtual-machine-images/image-template/README.md
@@ -215,7 +215,7 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
         roleDefinitionIdOrName: '<roleDefinitionIdOrName>'
       }
     ]
-    stagingResourceGroup: '<stagingResourceGroup>'
+    stagingResourceGroupResourceId: '<stagingResourceGroupResourceId>'
     subnetResourceId: '<subnetResourceId>'
     tags: {
       Environment: 'Non-Prod'
@@ -357,8 +357,8 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
         }
       ]
     },
-    "stagingResourceGroup": {
-      "value": "<stagingResourceGroup>"
+    "stagingResourceGroupResourceId": {
+      "value": "<stagingResourceGroupResourceId>"
     },
     "subnetResourceId": {
       "value": "<subnetResourceId>"
@@ -544,7 +544,7 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
 | [`optimizeVmBoot`](#parameter-optimizevmboot) | string | The optimize property can be enabled while creating a VM image and allows VM optimization to improve image creation time. |
 | [`osDiskSizeGB`](#parameter-osdisksizegb) | int | Specifies the size of OS disk. |
 | [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignments to create. |
-| [`stagingResourceGroup`](#parameter-stagingresourcegroup) | string | Resource ID of the staging resource group in the same subscription and location as the image template that will be used to build the image.</p>If this field is empty, a resource group with a random name will be created.</p>If the resource group specified in this field doesn't exist, it will be created with the same name.</p>If the resource group specified exists, it must be empty and in the same region as the image template.</p>The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn't exist,</p>but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain. |
+| [`stagingResourceGroupResourceId`](#parameter-stagingresourcegroupresourceid) | string | Resource ID of the staging resource group in the same subscription and location as the image template that will be used to build the image.</p>If this field is empty, a resource group with a random name will be created.</p>If the resource group specified in this field doesn't exist, it will be created with the same name.</p>If the resource group specified exists, it must be empty and in the same region as the image template.</p>The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn't exist,</p>but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain. |
 | [`subnetResourceId`](#parameter-subnetresourceid) | string | Resource ID of an already existing subnet, e.g.: /subscriptions/<subscriptionId>/resourceGroups/<resourceGroupName>/providers/Microsoft.Network/virtualNetworks/<vnetName>/subnets/<subnetName>.</p>If no value is provided, a new temporary VNET and subnet will be created in the staging resource group and will be deleted along with the remaining temporary resources. |
 | [`tags`](#parameter-tags) | object | Tags of the resource. |
 | [`validationProcess`](#parameter-validationprocess) | object | Configuration options and list of validations to be performed on the resulting image. |
@@ -784,7 +784,7 @@ The principal type of the assigned principal ID.
   ]
   ```
 
-### Parameter: `stagingResourceGroup`
+### Parameter: `stagingResourceGroupResourceId`
 
 Resource ID of the staging resource group in the same subscription and location as the image template that will be used to build the image.</p>If this field is empty, a resource group with a random name will be created.</p>If the resource group specified in this field doesn't exist, it will be created with the same name.</p>If the resource group specified exists, it must be empty and in the same region as the image template.</p>The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn't exist,</p>but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain.
 
diff --git a/avm/res/virtual-machine-images/image-template/main.bicep b/avm/res/virtual-machine-images/image-template/main.bicep
index 3bc46961c5..cff563eace 100644
--- a/avm/res/virtual-machine-images/image-template/main.bicep
+++ b/avm/res/virtual-machine-images/image-template/main.bicep
@@ -29,7 +29,7 @@ param imageSource object
 param customizationSteps array?
 
 @description('Optional. Resource ID of the staging resource group in the same subscription and location as the image template that will be used to build the image.</p>If this field is empty, a resource group with a random name will be created.</p>If the resource group specified in this field doesn\'t exist, it will be created with the same name.</p>If the resource group specified exists, it must be empty and in the same region as the image template.</p>The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn\'t exist,</p>but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain.')
-param stagingResourceGroup string?
+param stagingResourceGroupResourceId string?
 
 @description('Optional. The lock settings of the service.')
 param lock lockType
@@ -138,7 +138,7 @@ resource imageTemplate 'Microsoft.VirtualMachineImages/imageTemplates@2023-07-01
     }
     source: imageSource
     customize: customizationSteps
-    stagingResourceGroup: stagingResourceGroup
+    stagingResourceGroup: stagingResourceGroupResourceId
     distribute: [
       for distribution in distributions: union(
         {
diff --git a/avm/res/virtual-machine-images/image-template/main.json b/avm/res/virtual-machine-images/image-template/main.json
index 817f7a2b91..f07e6ae41f 100644
--- a/avm/res/virtual-machine-images/image-template/main.json
+++ b/avm/res/virtual-machine-images/image-template/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.29.47.4906",
-      "templateHash": "15899251447763565096"
+      "templateHash": "14238712772410872792"
     },
     "name": "Virtual Machine Image Templates",
     "description": "This module deploys a Virtual Machine Image Template that can be consumed by Azure Image Builder (AIB).",
@@ -463,7 +463,7 @@
         "description": "Required. Customization steps to be run when building the VM image."
       }
     },
-    "stagingResourceGroup": {
+    "stagingResourceGroupResourceId": {
       "type": "string",
       "nullable": true,
       "metadata": {
@@ -608,7 +608,7 @@
         },
         "source": "[parameters('imageSource')]",
         "customize": "[parameters('customizationSteps')]",
-        "stagingResourceGroup": "[parameters('stagingResourceGroup')]",
+        "stagingResourceGroup": "[parameters('stagingResourceGroupResourceId')]",
         "validate": "[parameters('validationProcess')]",
         "optimize": "[if(not(equals(parameters('optimizeVmBoot'), null())), createObject('vmBoot', createObject('state', parameters('optimizeVmBoot'))), null())]"
       }
diff --git a/avm/res/virtual-machine-images/image-template/tests/e2e/max/main.test.bicep b/avm/res/virtual-machine-images/image-template/tests/e2e/max/main.test.bicep
index ff20a8a137..f997482ca2 100644
--- a/avm/res/virtual-machine-images/image-template/tests/e2e/max/main.test.bicep
+++ b/avm/res/virtual-machine-images/image-template/tests/e2e/max/main.test.bicep
@@ -60,7 +60,7 @@ module testDeployment '../../../main.bicep' = {
   params: {
     name: '${namePrefix}${serviceShort}001'
     location: resourceLocation
-    stagingResourceGroup: '${subscription().id}/resourcegroups/${resourceGroupName}-staging'
+    stagingResourceGroupResourceId: '${subscription().id}/resourcegroups/${resourceGroupName}-staging'
     customizationSteps: [
       {
         type: 'Shell'

From 0952511aac24c88109d3ee8af0c36368e30d60bb Mon Sep 17 00:00:00 2001
From: AlexanderSehr <asehr@hotmail.de>
Date: Thu, 8 Aug 2024 09:22:09 +0200
Subject: [PATCH 3/7] Update to latest

---
 .../image-template/tests/e2e/max/dependencies.bicep         | 4 ++--
 .../scripts/Set-StorageContainerContentByEnvVar.ps1         | 6 +++---
 .../resourceRemoval/Initialize-DeploymentRemoval.ps1        | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/avm/res/virtual-machine-images/image-template/tests/e2e/max/dependencies.bicep b/avm/res/virtual-machine-images/image-template/tests/e2e/max/dependencies.bicep
index 036e72fb96..0581a62957 100644
--- a/avm/res/virtual-machine-images/image-template/tests/e2e/max/dependencies.bicep
+++ b/avm/res/virtual-machine-images/image-template/tests/e2e/max/dependencies.bicep
@@ -271,11 +271,11 @@ resource assetsStorageAccount_upload 'Microsoft.Resources/deploymentScripts@2023
     scriptContent: loadTextContent('../../../../../../utilities/e2e-template-assets/scripts/Set-StorageContainerContentByEnvVar.ps1')
     environmentVariables: [
       {
-        name: 'script_Install__LinuxPowerShell_sh' // May only be alphanumeric characters & underscores. The upload will replace '_' with '.' and '__' with '-'.
+        name: '__SCRIPT__Install__LinuxPowerShell_sh' // May only be alphanumeric characters & underscores. The upload will replace '_' with '.' and '__' with '-'.
         value: loadTextContent('src/Install-LinuxPowerShell.sh')
       }
       {
-        name: 'script_Initialize__LinuxSoftware_ps1' // May only be alphanumeric characters & underscores. The upload will replace '_' with '.' and '__' with '-'.
+        name: '__SCRIPT__Initialize__LinuxSoftware_ps1' // May only be alphanumeric characters & underscores. The upload will replace '_' with '.' and '__' with '-'.
         value: loadTextContent('src/Initialize-LinuxSoftware.ps1')
       }
     ]
diff --git a/avm/utilities/e2e-template-assets/scripts/Set-StorageContainerContentByEnvVar.ps1 b/avm/utilities/e2e-template-assets/scripts/Set-StorageContainerContentByEnvVar.ps1
index d0af03f8c2..3d06cd5ab1 100644
--- a/avm/utilities/e2e-template-assets/scripts/Set-StorageContainerContentByEnvVar.ps1
+++ b/avm/utilities/e2e-template-assets/scripts/Set-StorageContainerContentByEnvVar.ps1
@@ -15,7 +15,7 @@ Required. The name of the Storage Account to upload to
 Required. The container to upload the files to
 
 .EXAMPLE
-Set-StorageContainerContentByEnvVar -StorageAccountName 'mystorage' -TargetContainer 'myContainer'
+. 'Set-StorageContainerContentByEnvVar.ps1' -StorageAccountName 'mystorage' -TargetContainer 'myContainer'
 
 Upload any required data to the storage account 'mystorage' and container 'myContainer'.
 #>
@@ -33,9 +33,9 @@ Write-Verbose 'Fetching & storing scripts' -Verbose
 $contentDirectoryName = 'scripts'
 $contentDirectory = (New-Item $contentDirectoryName -ItemType 'Directory' -Force).FullName
 $scriptPaths = @()
-foreach ($scriptEnvVar in (Get-ChildItem 'env:*').Name | Where-Object { $_ -like 'script_*' }) {
+foreach ($scriptEnvVar in (Get-ChildItem 'env:*').Name | Where-Object { $_ -like '__SCRIPT__*' }) {
     # Handle value like 'script_Initialize__LinuxSoftware_ps1'
-    $scriptName = $scriptEnvVar -replace 'script_', '' -replace '__', '-' -replace '_', '.'
+    $scriptName = $scriptEnvVar -replace '__SCRIPT__', '' -replace '__', '-' -replace '_', '.'
     $scriptContent = (Get-Item env:$scriptEnvVar).Value
 
     Write-Verbose ('Storing file [{0}] with length [{1}]' -f $scriptName, $scriptContent.Length) -Verbose
diff --git a/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1 b/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1
index bcaa55703a..32ef457548 100644
--- a/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1
+++ b/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1
@@ -72,6 +72,7 @@ function Initialize-DeploymentRemoval {
         # The initial sequence is a general order-recommendation
         $RemoveFirstSequence = @(
             'Microsoft.Authorization/locks',
+            'Microsoft.VirtualMachineImages/imageTemplates', # Must be removed before their MSI & should be removed before its entities permissions are removed
             'Microsoft.Authorization/roleAssignments',
             'Microsoft.Insights/diagnosticSettings',
             'Microsoft.Network/privateEndpoints/privateDnsZoneGroups',
@@ -91,7 +92,6 @@ function Initialize-DeploymentRemoval {
             'Microsoft.MachineLearningServices/workspaces',
             'Microsoft.Compute/virtualMachines',
             'Microsoft.ContainerInstance/containerGroups' # Must be removed before their MSI
-            'Microsoft.VirtualMachineImages/imageTemplates', # Must be removed before their MSI
             'Microsoft.ManagedIdentity/userAssignedIdentities',
             'Microsoft.Databricks/workspaces'
             'Microsoft.Resources/resourceGroups'

From 1035a2cb86fc27dbea4336a886b4502751083a23 Mon Sep 17 00:00:00 2001
From: AlexanderSehr <asehr@hotmail.de>
Date: Thu, 8 Aug 2024 09:24:36 +0200
Subject: [PATCH 4/7] Update to latest

---
 .../resourceRemoval/Initialize-DeploymentRemoval.ps1            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1 b/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1
index 32ef457548..bcaa55703a 100644
--- a/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1
+++ b/avm/utilities/pipelines/e2eValidation/resourceRemoval/Initialize-DeploymentRemoval.ps1
@@ -72,7 +72,6 @@ function Initialize-DeploymentRemoval {
         # The initial sequence is a general order-recommendation
         $RemoveFirstSequence = @(
             'Microsoft.Authorization/locks',
-            'Microsoft.VirtualMachineImages/imageTemplates', # Must be removed before their MSI & should be removed before its entities permissions are removed
             'Microsoft.Authorization/roleAssignments',
             'Microsoft.Insights/diagnosticSettings',
             'Microsoft.Network/privateEndpoints/privateDnsZoneGroups',
@@ -92,6 +91,7 @@ function Initialize-DeploymentRemoval {
             'Microsoft.MachineLearningServices/workspaces',
             'Microsoft.Compute/virtualMachines',
             'Microsoft.ContainerInstance/containerGroups' # Must be removed before their MSI
+            'Microsoft.VirtualMachineImages/imageTemplates', # Must be removed before their MSI
             'Microsoft.ManagedIdentity/userAssignedIdentities',
             'Microsoft.Databricks/workspaces'
             'Microsoft.Resources/resourceGroups'

From bdd9c7cd0c3d4cc630cdead172faae365b04263f Mon Sep 17 00:00:00 2001
From: Alexander Sehr <ASehr@hotmail.de>
Date: Sat, 7 Sep 2024 08:13:28 +0200
Subject: [PATCH 5/7] Update
 avm/res/virtual-machine-images/image-template/main.bicep

Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com>
---
 avm/res/virtual-machine-images/image-template/main.bicep | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/avm/res/virtual-machine-images/image-template/main.bicep b/avm/res/virtual-machine-images/image-template/main.bicep
index cff563eace..5607fc8166 100644
--- a/avm/res/virtual-machine-images/image-template/main.bicep
+++ b/avm/res/virtual-machine-images/image-template/main.bicep
@@ -25,7 +25,7 @@ param subnetResourceId string?
 @description('Required. Image source definition in object format.')
 param imageSource object
 
-@description('Required. Customization steps to be run when building the VM image.')
+ @description('Optional. Customization steps to be run when building the VM image.')
 param customizationSteps array?
 
 @description('Optional. Resource ID of the staging resource group in the same subscription and location as the image template that will be used to build the image.</p>If this field is empty, a resource group with a random name will be created.</p>If the resource group specified in this field doesn\'t exist, it will be created with the same name.</p>If the resource group specified exists, it must be empty and in the same region as the image template.</p>The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn\'t exist,</p>but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain.')

From fcd3dd56c2c9635b77db215a4a266fa0b326d125 Mon Sep 17 00:00:00 2001
From: AlexanderSehr <asehr@hotmail.de>
Date: Sat, 7 Sep 2024 08:22:12 +0200
Subject: [PATCH 6/7] Regen files

---
 .../image-template/README.md                     | 16 ++++++++--------
 .../image-template/main.json                     |  4 ++--
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/avm/res/virtual-machine-images/image-template/README.md b/avm/res/virtual-machine-images/image-template/README.md
index e202e236cb..022c56722c 100644
--- a/avm/res/virtual-machine-images/image-template/README.md
+++ b/avm/res/virtual-machine-images/image-template/README.md
@@ -525,7 +525,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
 
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
-| [`customizationSteps`](#parameter-customizationsteps) | array | Customization steps to be run when building the VM image. |
 | [`distributions`](#parameter-distributions) | array | The distribution targets where the image output needs to go to. |
 | [`imageSource`](#parameter-imagesource) | object | Image source definition in object format. |
 | [`managedIdentities`](#parameter-managedidentities) | object | The managed identity definition for this resource. |
@@ -536,6 +535,7 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
 | [`buildTimeoutInMinutes`](#parameter-buildtimeoutinminutes) | int | The image build timeout in minutes. 0 means the default 240 minutes. |
+| [`customizationSteps`](#parameter-customizationsteps) | array | Customization steps to be run when building the VM image. |
 | [`enableTelemetry`](#parameter-enabletelemetry) | bool | Enable/Disable usage telemetry for module. |
 | [`location`](#parameter-location) | string | Location for all resources. |
 | [`lock`](#parameter-lock) | object | The lock settings of the service. |
@@ -555,13 +555,6 @@ module imageTemplate 'br/public:avm/res/virtual-machine-images/image-template:<v
 | :-- | :-- | :-- |
 | [`baseTime`](#parameter-basetime) | string | Do not provide a value! This date value is used to generate a unique image template name. |
 
-### Parameter: `customizationSteps`
-
-Customization steps to be run when building the VM image.
-
-- Required: No
-- Type: array
-
 ### Parameter: `distributions`
 
 The distribution targets where the image output needs to go to.
@@ -611,6 +604,13 @@ The image build timeout in minutes. 0 means the default 240 minutes.
 - Type: int
 - Default: `0`
 
+### Parameter: `customizationSteps`
+
+Customization steps to be run when building the VM image.
+
+- Required: No
+- Type: array
+
 ### Parameter: `enableTelemetry`
 
 Enable/Disable usage telemetry for module.
diff --git a/avm/res/virtual-machine-images/image-template/main.json b/avm/res/virtual-machine-images/image-template/main.json
index f07e6ae41f..df6d5ed0ea 100644
--- a/avm/res/virtual-machine-images/image-template/main.json
+++ b/avm/res/virtual-machine-images/image-template/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.29.47.4906",
-      "templateHash": "14238712772410872792"
+      "templateHash": "495678619291242908"
     },
     "name": "Virtual Machine Image Templates",
     "description": "This module deploys a Virtual Machine Image Template that can be consumed by Azure Image Builder (AIB).",
@@ -460,7 +460,7 @@
       "type": "array",
       "nullable": true,
       "metadata": {
-        "description": "Required. Customization steps to be run when building the VM image."
+        "description": "Optional. Customization steps to be run when building the VM image."
       }
     },
     "stagingResourceGroupResourceId": {

From b74a4f7dc20e08b506a1aa62be2cbc35646f799e Mon Sep 17 00:00:00 2001
From: Alexander Sehr <ASehr@hotmail.de>
Date: Sat, 7 Sep 2024 18:06:54 +0200
Subject: [PATCH 7/7] Update
 avm/res/virtual-machine-images/image-template/main.bicep

Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com>
---
 avm/res/virtual-machine-images/image-template/main.bicep | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/avm/res/virtual-machine-images/image-template/main.bicep b/avm/res/virtual-machine-images/image-template/main.bicep
index 5607fc8166..c32e5e36f0 100644
--- a/avm/res/virtual-machine-images/image-template/main.bicep
+++ b/avm/res/virtual-machine-images/image-template/main.bicep
@@ -25,7 +25,7 @@ param subnetResourceId string?
 @description('Required. Image source definition in object format.')
 param imageSource object
 
- @description('Optional. Customization steps to be run when building the VM image.')
+@description('Optional. Customization steps to be run when building the VM image.')
 param customizationSteps array?
 
 @description('Optional. Resource ID of the staging resource group in the same subscription and location as the image template that will be used to build the image.</p>If this field is empty, a resource group with a random name will be created.</p>If the resource group specified in this field doesn\'t exist, it will be created with the same name.</p>If the resource group specified exists, it must be empty and in the same region as the image template.</p>The resource group created will be deleted during template deletion if this field is empty or the resource group specified doesn\'t exist,</p>but if the resource group specified exists the resources created in the resource group will be deleted during template deletion and the resource group itself will remain.')