[Enhancement] - GR5 Allowed Location Check + Policy Compliance Status Information

[alalvi00]

Overview/Summary

This update improves the logic for determining compliance status based on assigned policies and initiatives and their resource compliance in Azure Policy Compliance Checks.

✅ Ensured Proper Handling of Undefined Variables

• Initialized $TotalInitResources, $TotalPolicyResources, $InitCompliantResources, $InitNonCompliantResources, $PolicyCompliantResources, and $PolicyNonCompliantResources to avoid potential null reference errors.

✅ Optimized Compliance Evaluation for Policies & Initiatives

• If only an initiative has assigned resources, compliance is checked solely for that initiative.
• If only a policy has assigned resources, compliance is checked solely for that policy.
• If both an initiative and a policy have assigned resources, compliance is evaluated for both.

✅ Refined Compliance Status Determination

• Fully non-compliant resources: Marked as non-compliant.
• Partially non-compliant resources: Marked as non-compliant with a specific count.
• All resources compliant: Marked as compliant.
• No assigned resources: Marked as compliant with a note indicating no resources were found.

GR5 control will now take into account resource compliance for any policy or initiative that has the correct parameters and any exemptions attached to it

This PR fixes/adds/changes/removes

1. guardrails.bicep file has a new initiative ID value
2. config.json has a new initiative ID value
3. Check-AllowedLocationPolicy.psm1 and Check-AllowedLocationPolicy.psd1 files are updated
4. GR-ComplianceChecks-Msgs.psd1 messages typo fixed
5. GR-Common.psm1 typo fixed

Breaking Changes

No breaking changes were made

Testing Evidence

Some resources were made non compliant for our CSPM Allowed Location Initiative:

The result corresponds to our requirements

As part of this Pull Request I have

• Checked for duplicate Pull Requests
• Associated it with relevant GitHub Issues
• Ensured my code/branch is up-to-date with the latest changes in the main branch
• Performed testing and provided evidence.
• Updated relevant and associated documentation.
• Ensure PowerShell module versions have been updated (manually or with the ./tools/Update-ModuleVersions.ps1 script)

[dutt0]

We don't need to show the management groups in the workbook. Only subscription.

[alalvi00]

We don't need to show the management groups in the workbook. Only subscription.

Please create a new ticket for this request as the current PR does not affect what is shown in the workbook