Spelling and typographical errors

Docs/guidance-exemptions.md

@@ -8,7 +8,7 @@ In the past, CSV has been the preferred tool in EPAC. However, the introduction
 
 ## Updating exemptions manually
 
-There are some usecases for manual update of the exemptions file. Generally, it is a consideration of what will be less effort to complete.
+There are some use cases for manual update of the exemptions file. Generally, it is a consideration of what will be less effort to complete.
 
 ### Expiration Update
 
@@ -20,7 +20,7 @@ Rather than update and export, an update to the date field can be accomplished w
 1. Open the json/jsonc/csv file used to manage Exemptions
 1. Update Content
     1. Search for the policyAssignmentId, including the full assignment path
-        1. Example: ```"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/[ManagmenetGroupName]/providers/Microsoft.Authorization/policyAssignments/[PolicyAssignmentName]"```
+        1. Example: ```"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/[ManagementGroupName]/providers/Microsoft.Authorization/policyAssignments/[PolicyAssignmentName]"```
     1. Modify the ```expiresOn``` field within the related block with the new timestamp
         1. Format: "YYYY-MM-DDTmm:hh:ssZ"
         1. Example: "2025-01-01T01:00:00Z"
@@ -37,7 +37,7 @@ In these cases, find each listing for affected assignments in the CSV/JSON file,
 
 1. Export Current Exemptions for pacSelector
 1. Update Content
-    1. Replace Root Management Group Name (Tenant GUID) with current assignment location (Tenant Intermediate Root Managment Group Name):
+    1. Replace Root Management Group Name (Tenant GUID) with current assignment location (Tenant Intermediate Root management Group Name):
         1. ```"policyAssignmentId"```
         1. Epac Managed Exemptions: ```metadata\epacMetadata\"policyAssignmentId"```
     1. Replace temporary pacSelector with main pacSelector:

Docs/guidance-remediation.md

@@ -19,7 +19,7 @@ There are several different ways that policies that affect change can be deploye
         1. New-AzRemediationTasks **will** by default enforce policyAssignments with the *DoNotEnforce* configuration. It is recommended to either use the switch parameter `-OnlyDefaultEnforcementMode`, have these policyAssignments removed or set to default enforcement before that pipeline is enabled
 1. Use of Effect *Override* functionality
     1. Override can be set to any Effect that is supported by that policy
-    1. When overriding a policySet, the policyDefinitionReferenceId will be used to identify which policies recieve audit vs auditIfNotExist effect if both exist
+    1. When overriding a policySet, the policyDefinitionReferenceId will be used to identify which policies receive audit vs auditIfNotExist effect if both exist
     1. If no effects are available, an override to *audit* was accepted in all tested cases
     1. Considerations:
         1. Much more granular control, requiring review of available effects and generating a list of overrides

Docs/guidance-scope-exclusions.md

@@ -18,7 +18,7 @@ If there is a requirement to review the scope change periodically, to confirm th
 
 While a decision around the scope will determine to which scope policyAssignments are applied, there are often changes to the Effect in order to descope individual items within a policySet. In this case, NotScope is generally the focus within the policyAssignment in order to provide that level of control.
 
-Example: Exempt a workload contained within a managment group from requiring Storage to use TLS 1.2 defined in the policySet [Enforce-EncryptTransit_20241211](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/Enforce-EncryptTransit_20241211.html) in order to support a legacy service which must use TLS 1.1, while retaining the enforcement for all other Services.
+Example: Exempt a workload contained within a management group from requiring Storage to use TLS 1.2 defined in the policySet [Enforce-EncryptTransit_20241211](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/Enforce-EncryptTransit_20241211.html) in order to support a legacy service which must use TLS 1.1, while retaining the enforcement for all other Services.
 
 ### Decision: Scope at policyAssignment or pacSelector
 

Docs/policy-assignments-csv-parameters.md

@@ -16,7 +16,7 @@ To address the problem of reading and maintaining hundreds or thousands of JSON
 
 ### From a list of deployed Policy Assignments
 
-If you want to switch from JSON to CSV or start EPAC from an existing deployment, [generate this CSV file frm your already deployed Assignment(s)](operational-scripts-documenting-policy.md#assignment-documentation).
+If you want to switch from JSON to CSV or start EPAC from an existing deployment, [generate this CSV file from your already deployed Assignment(s)](operational-scripts-documenting-policy.md#assignment-documentation).
 
 ## CSV File
 

Docs/policy-definitions.md

@@ -50,7 +50,7 @@ The names of the definition JSON files don't matter, the Policy and Policy Set d
 
 ## Custom Definitions
 
-Custom definitions are uploaded to Azure at the time of initial deployment to a pacSelector. For each pacSelector, the definition is uploaded to the pacSelector's defined root. This makes it available to the entirity of that pacSelector, while facilitating code promotion by allowing each pacSelector to recieve the updated definition as part of the release/deployment process.
+Custom definitions are uploaded to Azure at the time of initial deployment to a pacSelector. For each pacSelector, the definition is uploaded to the pacSelector's defined root. This makes it available to the entirity of that pacSelector, while facilitating code promotion by allowing each pacSelector to receive the updated definition as part of the release/deployment process.
 
 ## Definition Delivery
 

Docs/policy-exemptions.md

@@ -38,7 +38,7 @@ Exemption_00000000000001,My display Name,Mitigated,,,,,,
 
 ## Exemption Folder Structure
 
-Exemptions can be defined as JSON or CSV files (we recommend that you use JSON files). The names of the definition files don't matter. If multiple files exists in a folder, the lists from all the files are added together.
+Exemptions can be defined as JSON or CSV files (we recommend that you use JSON files). The names of the definition files don't matter. If multiple files exist in a folder, the lists from all the files are added together.
 
 The pacEnvironment (see global-settings.jsonc) is represented with a folder structure under the folder policyExemptions, such as epac-dev, tenant, ... A missing folder indicates that the pacEnvironment's Exemptions are not managed by this solution. To extract existing exemptions, the operations script Get-AzExemptions.ps1 can be used to generate JSON and CSV files. The output may be used to start the Exemption definitions. This same output is also created when [Extract existing Policy Resources from an Environment](epac-extracting-policy-resources.md).
 

Docs/policy-set-definitions.md

@@ -56,7 +56,7 @@ The names of the definition JSON files don't matter, the Policy Sets are registe
 
 ## Custom Definitions
 
-Custom definitions are uploaded to Azure at the time of initial deployment to a pacSelector. For each pacSelector, the definition is uploaded to the pacSelector's defined root. This makes it available to the entirity of that pacSelector, while facilitating code promotion by allowing each pacSelector to recieve the updated definition as part of the release/deployment process.
+Custom definitions are uploaded to Azure at the time of initial deployment to a pacSelector. For each pacSelector, the definition is uploaded to the pacSelector's defined root. This makes it available to the entirity of that pacSelector, while facilitating code promotion by allowing each pacSelector to receive the updated definition as part of the release/deployment process.
 
 ## Policy Definition Groups
 

Docs/settings-global-setting-file.md

@@ -4,7 +4,7 @@
 
 `global-settings.jsonc` has following sections explained below:
 
-- `telemetryOptOut` if set to true disables the collection of usage date for the EPAC repo. The default is false. See [Usage Tracking](index.md#telemetry-tracking-using-customer-usage-attribution-pid) for more information.
+- `telemetryOptOut` if set to true disables the collection of usage data for the EPAC repo. The default is false. See [Usage Tracking](index.md#telemetry-tracking-using-customer-usage-attribution-pid) for more information.
 - `pacOwnerId` uniquely identifies deployments from a specific repo. We recommend using a GUID.
 - `pacEnvironments` defines the EPAC environments.
 
@@ -102,7 +102,7 @@ EPAC has a concept of an environment identified by a string (unique per reposito
     - Policy Definitions, Policy Set Definitions and Policy Exemptions - `metadata.deployedBy`.
     - Policy Assignments - `metadata.assignedBy` since Azure Portal displays it as 'Assigned by'.
     - Role Assignments - add the value to the `description` field since Role assignments do not contain `metadata`.
-  - `managedTenant`: Used when the `pacEnvironment` is in a lighthouse managed tenant, [see this example](#example-for-lighthouse-manged-tenant) It must contain:
+  - `managedTenant`: Used when the `pacEnvironment` is in a lighthouse managed tenant, [see this example](#example-for-lighthouse-managed-tenant) It must contain:
     - `managingTenantId` - The tenantId of the managing tenant.
     - `managingTenantRootScope` - An array of all subscriptions that will need `additionalRoleAssignments` deployed to them.
 - `defaultContext`: In rare cases (typically only when deploying to a lighthouse managed tenant) the default context (Get-azContext) of a user/SPN running a plan will  

Scripts/HydrationKit/Install-HydrationEpac.ps1

@@ -1312,7 +1312,7 @@ function Install-HydrationEpac {
     Write-Host "    Deploy-RolesPlan -PacEnvironmentSelector $epacDevName -DefinitionsRootFolder $DefinitionsRootFolder"
     Write-Host "`nIf you were notified that default values were missing for items above (scroll back to review), you will need to update those values prior to running the code above.`n" -BackgroundColor Yellow -ForegroundColor Black
     Write-Host "`nParameter Update Guidance: https://github.com/Azure/enterprise-azure-policy-as-code/blob/main/Docs/policy-assignments.md"
-    Write-Host "Advanced Parameter Managment Guidance: https://github.com/Azure/enterprise-azure-policy-as-code/blob/main/Docs/policy-assignments-csv-parameters.md"
+    Write-Host "Advanced Parameter Management Guidance: https://github.com/Azure/enterprise-azure-policy-as-code/blob/main/Docs/policy-assignments-csv-parameters.md"
 
     Write-Host "`nNext Steps: CI/CD Integration" -ForegroundColor Yellow
     Write-Host "    General Guidance: https://azure.github.io/enterprise-azure-policy-as-code/ci-cd-overview/"

StarterKit/HydrationKit/questions.jsonc

@@ -84,7 +84,7 @@
         "questionIncrement": 1,
         "displayText": "Modify Names for CAF3 Hierarchy in Primary Tenant - Prefix",
         "bodyHeader": "Add a prefix to apply to Management Groups created in the Main Tenant Intermediate Root Management Group hierarchy.",
-        "bodyText": "In order to prevent naming collisions, a prefix and/or suffix can be specified in order to help ensure a unique name value. For Example, a prefix of 'New' would result in the 'Sandbox' Managment Group being updated to 'NewSandbox'",
+        "bodyText": "In order to prevent naming collisions, a prefix and/or suffix can be specified in order to help ensure a unique name value. For Example, a prefix of 'New' would result in the 'Sandbox' Management Group being updated to 'NewSandbox'",
         "dataRequest": "Please input a prefix for the Caf3Hierarchy that will be created in the primary tenant intermediate root group...",
         "links": [
             "https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator-and-alz-bicep-repository"
@@ -98,7 +98,7 @@
         "questionIncrement": 2,
         "displayText": "Modify Names for CAF3 Hierarchy in Primary Tenant - Suffix",
         "bodyHeader": "If desired, add a suffix to apply to Management Groups created in the Main Tenant Intermediate Root Management Group hierarchy.",
-        "bodyText": "In order to prevent naming collisions, a prefix and/or suffix can be specified in order to help ensure a unique name value. For Example, a suffix of 'Caf' would result in the 'SandboxCaf' Managment Group being updated to 'Sandbox-epac'",
+        "bodyText": "In order to prevent naming collisions, a prefix and/or suffix can be specified in order to help ensure a unique name value. For Example, a suffix of 'Caf' would result in the 'SandboxCaf' Management Group being updated to 'Sandbox-epac'",
         "dataRequest": "Please input a suffix for the Caf3Hierarchy that will be created in the primary tenant intermediate root group...",
         "links": [
             "https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator-and-alz-bicep-repository"
@@ -159,7 +159,7 @@
         "questionIncrement": 1,
         "displayText": "Modify Names for EPAC Environment - Prefix",
         "bodyHeader": "Add a prefix to apply to Management Groups created to mimic the Main Tenant Intermediate Root Management Group hierarchy",
-        "bodyText": "This management group hierarchy will be used to test deployments for the Main Tenant Intermediate Root Management Group hierarchy. In order to prevent naming collisions, a prefix and/or suffix can be specified in order to help ensure a unique name value.For Example, a prefix of 'epac-' would result in the 'Sandbox' Managment Group being updated to 'epac-Sandbox'",
+        "bodyText": "This management group hierarchy will be used to test deployments for the Main Tenant Intermediate Root Management Group hierarchy. In order to prevent naming collisions, a prefix and/or suffix can be specified in order to help ensure a unique name value.For Example, a prefix of 'epac-' would result in the 'Sandbox' Management Group being updated to 'epac-Sandbox'",
         "dataRequest": "Please input a prefix for the EPAC Hierarchy that will be created to support pipeline operations...",
         "links": [
             "https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator-and-alz-bicep-repository",
@@ -175,7 +175,7 @@
         "questionIncrement": 2,
         "displayText": "Modify Names for EPAC Environment - Suffix",
         "bodyHeader": "Choose a suffix and/or prefix to apply to the EPAC Development Management Group hierarchy",
-        "bodyText": "This management group hierarchy will be used to test deployments for the Main Tenant Intermediate Root Management Group hierarchy. In order to prevent naming collisions, a prefix and/or suffix MUST be specified in order to help ensure a unique name value. For Example, a suffix of '-epacdev' would result in the 'Sandbox' Managment Group being updated to 'Sandbox-epacdev' in the EPAC development envirnoment.",
+        "bodyText": "This management group hierarchy will be used to test deployments for the Main Tenant Intermediate Root Management Group hierarchy. In order to prevent naming collisions, a prefix and/or suffix MUST be specified in order to help ensure a unique name value. For Example, a suffix of '-epacdev' would result in the 'Sandbox' Management Group being updated to 'Sandbox-epacdev' in the EPAC development envirnoment.",
         "dataRequest": "Please input a suffix for the EPAC Hierarchy that will be created to support pipeline operations...",
         "links": [
             "https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator-and-alz-bicep-repository",