Azure
diff --git a/‎docs/wiki/Settings.md‎
Lines changed: 11 additions & 10 deletions b/‎docs/wiki/Settings.md‎
Lines changed: 11 additions & 10 deletions
diff --git a/‎src/AzOps.psd1‎
Lines changed: 4 additions & 4 deletions b/‎src/AzOps.psd1‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/internal/configurations/Core.ps1‎
Lines changed: 1 addition & 0 deletions b/‎src/internal/configurations/Core.ps1‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/internal/functions/Get-AzOpsNestedSubscription.ps1‎
Lines changed: 7 additions & 2 deletions b/‎src/internal/functions/Get-AzOpsNestedSubscription.ps1‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎src/internal/functions/Get-AzOpsPolicyExemption.ps1‎
Lines changed: 3 additions & 3 deletions b/‎src/internal/functions/Get-AzOpsPolicyExemption.ps1‎
Lines changed: 3 additions & 3 deletions
@@ -34,16 +34,17 @@ The following configuration values can be modified within the `settings.json` fi
 | 22  | SkipResourceGroup                    | Do not include Resource Groups in pull                                                                                                                                                | `"Core.SkipResourceGroup": false`                                                               |
 | 23  | SkipResourceType                     | Skip specific [Resource Types](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types)  (only targets Resource Group scoped resources) | `"Core.SkipResourceType": ["Microsoft.VSOnline/plans"]`                                        |
 | 24  | SkipRole                             | Do not include Role types in pull                                                                                                                                                     | `"Core.SkipRole": false`                                                                        |
-| 25  | State                                | Folder to store AzOpsState artefact, defaults to `root`                                                                                                                               | `"Core.State: "/root"`                                                                          |
-| 26  | SubscriptionsToIncludeChildResource  | Filter which Subscription IDs should include child resources in pull                                                                                                                  | `"Core.SubscriptionsToIncludeChildResource": ["*"]`                                             |
-| 27  | SubscriptionsToIncludeResourceGroups | Filter which Subscription IDs should include Resource Groups in pull [Logic Updated in v2.0.0](https://github.com/Azure/AzOps/releases/tag/2.0.0)                                     | `"Core.SubscriptionsToIncludeResourceGroups": ["*"]`                                            |
-| 28  | TemplateParameterFileSuffix          | Default template file suffix. *Not recommended to change*                                                                                                                             | `"Core.TemplateParameterFileSuffix": ".json"`                                                   |
-| 29  | AllowMultipleTemplateParameterFiles  | Control multiple parameter file behaviour. *Not recommended to change*                                                                                                                | `"Core.AllowMultipleTemplateParameterFiles": false`                                             |
-| 30  | DeployAllMultipleTemplateParameterFiles | Control base template deployment behaviour with changes and un-changed multiple corresponding parameter files.                                                                     | `"Core.DeployAllMultipleTemplateParameterFiles": false`                                         |
-| 31  | MultipleTemplateParameterFileSuffix | Multiple parameter file suffix identifier. *Example mytemplate.x1.bicepparam*                                                                                                          | `"Core.MultipleTemplateParameterFileSuffix": ".x"`                                              |
-| 32  | ParallelDeployMultipleTemplateParameterFiles | Control parallel deployment of MultipleTemplateParameterFiles behaviour                                                                                                       | `"Core.ParallelDeployMultipleTemplateParameterFiles": false`                                    |
-| 33  | ThrottleLimit                        | Value declaring number of parallel threads. [Read more](https://github.com/azure/azops/wiki/performance-considerations)                                                               | `"Core.ThrottleLimit": 5`                                                                       |
-| 34  | WhatifExcludedChangeTypes            | Exclude specific change types from WhatIf operations                                                                                                                                  | `"Core.WhatifExcludedChangeTypes": ["NoChange","Ignore"]`                                       |
+| 25  | SkipSubscription                     | Filter which Subscription IDs should be excluded from pull                                                                                                                            | `"Core.SkipSubscription": ["*"]`                                                                |
+| 26  | State                                | Folder to store AzOpsState artefact, defaults to `root`                                                                                                                               | `"Core.State: "/root"`                                                                          |
+| 27  | SubscriptionsToIncludeChildResource  | Filter which Subscription IDs should include child resources in pull                                                                                                                  | `"Core.SubscriptionsToIncludeChildResource": ["*"]`                                             |
+| 28  | SubscriptionsToIncludeResourceGroups | Filter which Subscription IDs should include Resource Groups in pull [Logic Updated in v2.0.0](https://github.com/Azure/AzOps/releases/tag/2.0.0)                                     | `"Core.SubscriptionsToIncludeResourceGroups": ["*"]`                                            |
+| 29  | TemplateParameterFileSuffix          | Default template file suffix. *Not recommended to change*                                                                                                                             | `"Core.TemplateParameterFileSuffix": ".json"`                                                   |
+| 30  | AllowMultipleTemplateParameterFiles  | Control multiple parameter file behaviour. *Not recommended to change*                                                                                                                | `"Core.AllowMultipleTemplateParameterFiles": false`                                             |
+| 31  | DeployAllMultipleTemplateParameterFiles | Control base template deployment behaviour with changes and un-changed multiple corresponding parameter files.                                                                     | `"Core.DeployAllMultipleTemplateParameterFiles": false`                                         |
+| 32  | MultipleTemplateParameterFileSuffix | Multiple parameter file suffix identifier. *Example mytemplate.x1.bicepparam*                                                                                                          | `"Core.MultipleTemplateParameterFileSuffix": ".x"`                                              |
+| 33  | ParallelDeployMultipleTemplateParameterFiles | Control parallel deployment of MultipleTemplateParameterFiles behaviour                                                                                                       | `"Core.ParallelDeployMultipleTemplateParameterFiles": false`                                    |
+| 34  | ThrottleLimit                        | Value declaring number of parallel threads. [Read more](https://github.com/azure/azops/wiki/performance-considerations)                                                               | `"Core.ThrottleLimit": 5`                                                                       |
+| 35  | WhatifExcludedChangeTypes            | Exclude specific change types from WhatIf operations                                                                                                                                  | `"Core.WhatifExcludedChangeTypes": ["NoChange","Ignore"]`                                       |
 
 ## Workflow / Pipeline Settings
 
 
@@ -3,7 +3,7 @@
 #
 # Generated by: Customer Architecture Team (CAT)
 #
-# Generated on: 09/16/2025
+# Generated on: 11/27/2025
 #
 
 @{
@@ -51,11 +51,11 @@ PowerShellVersion = '7.2'
 # ProcessorArchitecture = ''
 
 # Modules that must be imported into the global environment prior to importing this module
-RequiredModules = @(@{ModuleName = 'PSFramework'; RequiredVersion = '1.13.406'; }, 
-               @{ModuleName = 'Az.Accounts'; RequiredVersion = '5.3.0'; }, 
+RequiredModules = @(@{ModuleName = 'PSFramework'; RequiredVersion = '1.13.419'; }, 
+               @{ModuleName = 'Az.Accounts'; RequiredVersion = '5.3.1'; }, 
                @{ModuleName = 'Az.Billing'; RequiredVersion = '2.2.0'; }, 
                @{ModuleName = 'Az.ResourceGraph'; RequiredVersion = '1.2.1'; }, 
-               @{ModuleName = 'Az.Resources'; RequiredVersion = '8.1.0'; })
+               @{ModuleName = 'Az.Resources'; RequiredVersion = '9.0.0'; })
 
 # Assemblies that must be loaded prior to importing this module
 # RequiredAssemblies = @()
 
@@ -25,6 +25,7 @@ Set-PSFConfig -Module AzOps -Name Core.SkipResource -Value $true -Initialize -Va
 Set-PSFConfig -Module AzOps -Name Core.SkipResourceGroup -Value $false -Initialize -Validation bool -Description 'Global flag to indicate whether resource group should be discovered or not'
 Set-PSFConfig -Module AzOps -Name Core.SkipResourceType -Value @('Microsoft.VSOnline/plans', 'Microsoft.PowerPlatform/accounts', 'Microsoft.PowerPlatform/enterprisePolicies') -Initialize -Validation stringarray -Description 'Global flag to skip discovery of specific Resource types.'
 Set-PSFConfig -Module AzOps -Name Core.SkipRole -Value $false -Initialize -Validation bool -Description '-'
+Set-PSFConfig -Module AzOps -Name Core.SkipSubscription -Value @('*') -Initialize -Validation stringarray -Description 'Skip Subscription ID that matches the filter.'
 Set-PSFConfig -Module AzOps -Name Core.State -Value (Join-Path $pwd -ChildPath "root") -Initialize -Validation string -Description 'Folder to store AzOpsState artefact'
 Set-PSFConfig -Module AzOps -Name Core.SubscriptionsToIncludeChildResource -Value @('*') -Initialize -Validation stringarray -Description 'Requires SkipResourceGroup, SkipResource and SkipChildResource to be false. Subscription ID that matches the filter.'
 Set-PSFConfig -Module AzOps -Name Core.SubscriptionsToIncludeResourceGroups -Value @('*') -Initialize -Validation stringarray -Description 'Requires SkipResourceGroup to be false. Subscription ID that matches the filter.'
 
@@ -4,6 +4,8 @@
             Create a list of subscriptionId's nested at ManagementGroup Scope
         .PARAMETER Scope
             ManagementGroup Name
+        .PARAMETER SkipSubscription
+            Filter which Subscription IDs should be excluded from pull.
         .EXAMPLE
             > Get-AzOpsNestedSubscription -Scope 5663f39e-feb1-4303-a1f9-cf20b702de61
             Discover subscriptions at Management Group scope and below
@@ -13,15 +15,18 @@
     param (
         [Parameter(Mandatory = $false)]
         [string]
-        $Scope
+        $Scope,
+
+        [string[]]
+        $SkipSubscription = (Get-PSFConfigValue -FullName 'AzOps.Core.SkipSubscription')
     )
 
     process {
         $children = ($script:AzOpsAzManagementGroup | Where-Object {$_.Name -eq $Scope}).Children
         if ($children) {
             $subscriptionIds = @()
             foreach ($child in $children) {
-                if (($child.Type -eq '/subscriptions') -and ($script:AzOpsSubscriptions.id -contains $child.Id)) {
+                if (($child.Type -eq '/subscriptions') -and ($script:AzOpsSubscriptions.id -contains $child.Id) -and ($child.Name -notin $SkipSubscription)) {
                     $subscriptionIds += [PSCustomObject] @{
                         Name = $child.DisplayName
                         Id = $child.Name
 
@@ -48,17 +48,17 @@
         }
         if ($Subscription) {
             if ($SubscriptionsToIncludeResourceGroups -and $ResourceGroup) {
-                Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $ScopeObject.SubscriptionDisplayName, $ScopeObject.Subscription -Target $ScopeObject
+                Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $SubscriptionsToIncludeResourceGroups.count -Target $ScopeObject
                 $query = "policyresources | where type == 'microsoft.authorization/policyexemptions' and resourceGroup != '' | order by ['id'] asc"
                 Search-AzOpsAzGraph -Subscription $SubscriptionsToIncludeResourceGroups -Query $query -ErrorAction Stop
             }
             elseif ($ResourceGroup) {
-                Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.ResourceGroup' -LogStringValues $ScopeObject.ResourceGroup -Target $ScopeObject
+                Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.ResourceGroup' -LogStringValues $Subscription.count -Target $ScopeObject
                 $query = "policyresources | where type == 'microsoft.authorization/policyexemptions' and resourceGroup != '' | order by ['id'] asc"
                 Search-AzOpsAzGraph -Subscription $Subscription -Query $query -ErrorAction Stop
             }
             else {
-                Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $ScopeObject.SubscriptionDisplayName, $ScopeObject.Subscription -Target $ScopeObject
+                Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $Subscription.count -Target $ScopeObject
                 $query = "policyresources | where type == 'microsoft.authorization/policyexemptions' and resourceGroup == '' | order by ['id'] asc"
                 Search-AzOpsAzGraph -Subscription $Subscription -Query $query -ErrorAction Stop
             }
Original file line number	Diff line number	Diff line change
`@@ -48,17 +48,17 @@`
`48`	`48`	`}`
`49`	`49`	`if ($Subscription) {`
`50`	`50`	`if ($SubscriptionsToIncludeResourceGroups -and $ResourceGroup) {`
`51`		`- Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $ScopeObject.SubscriptionDisplayName, $ScopeObject.Subscription -Target $ScopeObject`
	`51`	`+ Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $SubscriptionsToIncludeResourceGroups.count -Target $ScopeObject`
`52`	`52`	`$query = "policyresources \| where type == 'microsoft.authorization/policyexemptions' and resourceGroup != '' \| order by ['id'] asc"`
`53`	`53`	`Search-AzOpsAzGraph -Subscription $SubscriptionsToIncludeResourceGroups -Query $query -ErrorAction Stop`
`54`	`54`	`}`
`55`	`55`	`elseif ($ResourceGroup) {`
`56`		`- Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.ResourceGroup' -LogStringValues $ScopeObject.ResourceGroup -Target $ScopeObject`
	`56`	`+ Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.ResourceGroup' -LogStringValues $Subscription.count -Target $ScopeObject`
`57`	`57`	`$query = "policyresources \| where type == 'microsoft.authorization/policyexemptions' and resourceGroup != '' \| order by ['id'] asc"`
`58`	`58`	`Search-AzOpsAzGraph -Subscription $Subscription -Query $query -ErrorAction Stop`
`59`	`59`	`}`
`60`	`60`	`else {`
`61`		`- Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $ScopeObject.SubscriptionDisplayName, $ScopeObject.Subscription -Target $ScopeObject`
	`61`	`+ Write-AzOpsMessage -LogLevel Debug -LogString 'Get-AzOpsPolicyExemption.Subscription' -LogStringValues $Subscription.count -Target $ScopeObject`
`62`	`62`	`$query = "policyresources \| where type == 'microsoft.authorization/policyexemptions' and resourceGroup == '' \| order by ['id'] asc"`
`63`	`63`	`Search-AzOpsAzGraph -Subscription $Subscription -Query $query -ErrorAction Stop`
`64`	`64`	`}`