diff --git a/.github/linters/.lychee.toml b/.github/linters/.lychee.toml
new file mode 100644
index 0000000..e27d79c
--- /dev/null
+++ b/.github/linters/.lychee.toml
@@ -0,0 +1,60 @@
+# https://lychee.cli.rs/#/usage/config
+# Example config: https://github.com/lycheeverse/lychee/blob/master/lychee.example.toml
+
+
+#############################  Cache  ###############################
+
+# Enable link caching. This can be helpful to avoid checking the same links on multiple runs.
+cache = true
+
+# Discard all cached requests older than this duration.
+max_cache_age = "1d"
+
+#############################  Runtime  #############################
+
+# Maximum number of allowed redirects.
+max_redirects = 6
+
+# Maximum number of allowed retries before a link is declared dead.
+max_retries = 2
+
+# Maximum number of concurrent link checks.
+# max_concurrency = 2
+
+#############################  Requests  ############################
+
+# User agent to send with each request.
+user_agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Edg/129.0.0.0"
+
+# Website timeout from connect to response finished.
+timeout = 45
+
+# Minimum wait time in seconds between retries of failed requests.
+retry_wait_time = 2
+
+# Comma-separated list of accepted status codes for valid links.
+accept = ["200", "206", "301", "429"]
+
+# Only test links with the given schemes (e.g. https).
+# Omit to check links with any scheme.
+scheme = ["https", "http", "file"]
+
+# Custom request headers
+headers = ['Accept-Encoding: deflate, compress, gzip, br, zstd']
+
+#############################  Exclusions  ##########################
+
+# Ignore case of paths when matching glob patterns.
+glob_ignore_case = true
+
+# Exclude all private IPs from checking.
+exclude_all_private = true
+
+# Exclude private IP address ranges from checking.
+exclude_private = true
+
+# Exclude link-local IP address range from checking.
+exclude_link_local = true
+
+# Exclude loopback IP address range and localhost from checking.
+exclude_loopback = true
diff --git a/.github/linters/.markdownlint-cli2.yaml b/.github/linters/.markdownlint-cli2.yaml
new file mode 100644
index 0000000..dc3132b
--- /dev/null
+++ b/.github/linters/.markdownlint-cli2.yaml
@@ -0,0 +1,7 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/DavidAnson/markdownlint-cli2/main/schema/markdownlint-cli2-config-schema.json
+---
+config:
+  extends: ./.markdownlint.yml
+gitignore: true
+# ignores:
+#   - ./.changes/*.md
diff --git a/.github/linters/.markdownlint.yml b/.github/linters/.markdownlint.yml
new file mode 100644
index 0000000..28efc49
--- /dev/null
+++ b/.github/linters/.markdownlint.yml
@@ -0,0 +1,37 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/DavidAnson/markdownlint/main/schema/markdownlint-config-schema.json
+---
+# Markdownlint YAML configuration
+# Default source: https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
+
+# Default state for all rules
+default: true
+
+# Path to configuration file to extend
+# extends: null
+
+ignore_front_matter: true
+
+# MD013/line-length - Line length
+MD013: false
+
+# MD024/no-duplicate-heading
+MD024: false
+
+# MD025/single-title - Multiple top level headings in the same document
+MD025: false
+
+# MD033/no-inline-html - Inline HTML
+MD033:
+  # Allowed elements
+  allowed_elements: ["br", "a"]
+
+# MD046/code-block-style - Code block style
+MD046:
+  # Block style
+  style: "fenced"
+
+# MD041/first-line-heading
+MD041: false
+# MD041:
+#   level: 1
+#   front_matter_title: ^\s*(title|page_title)\s*[:=]
diff --git a/.github/workflows/arm-bicep-e2e-v2.yaml b/.github/workflows/arm-bicep-e2e-v2.yaml
new file mode 100644
index 0000000..71832f1
--- /dev/null
+++ b/.github/workflows/arm-bicep-e2e-v2.yaml
@@ -0,0 +1,139 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+---
+# Terraform Provider testing workflow.
+name: 🧪 v2-arm-bicep-e2e
+
+# This GitHub action runs your tests for each pull request.
+# Optionally, you can turn it on using a schedule for regular testing.
+on:
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+  contents: read
+
+
+jobs:
+
+  testarmbicepe2e:
+    name: 🧪 Run ARM Bicep e2e Tests (${{ matrix.cli }} ${{ matrix.version }})
+    runs-on: ubuntu-24.04
+    env:
+      MPF_SUBSCRIPTIONID: ${{ secrets.MPF_SUBSCRIPTIONID }}
+      MPF_TENANTID: ${{ secrets.MPF_TENANTID }}
+      MPF_SPCLIENTID: ${{ secrets.MPF_SPCLIENTID }}
+      MPF_SPCLIENTSECRET: ${{ secrets.MPF_SPCLIENTSECRET }}
+      MPF_SPOBJECTID: ${{ secrets.MPF_SPOBJECTID }}
+    permissions:
+      contents: read
+      pull-requests: write
+      checks: write
+    steps:
+      - name: ⤵️ Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          fetch-depth: 0
+
+      - name: 🚧 Setup Go
+        uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
+        with:
+          go-version-file: go.mod
+          cache: true
+
+      - name: 🚧 Setup Task
+        uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v2.0.0
+        with:
+          repo-token: ${{ github.token }}
+
+      - name: 🔀 Download Go dependencies
+        run: task deps:download
+
+      - name: 🔨 Setup Test tools
+        run: task test:tools
+
+      - name: Install Bicep
+        run: |
+          curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64
+          chmod +x ./bicep
+          sudo mv ./bicep /usr/local/bin/bicep
+
+      - name: 'Az CLI login - federated'
+        uses: azure/login@v1
+        with:
+          client-id: ${{ secrets.AZURE_OID_CLIENT_ID }}
+          tenant-id: ${{ secrets.MPF_TENANTID }}
+          subscription-id: ${{ secrets.MPF_SUBSCRIPTIONID }}
+
+      - name: 🧪 Run ARM Bicep E2E Tests
+        run: task teste2e:armbicep
+
+
+
+      - name: 📤 Upload ARM Bicep e2e test results
+        if: always()
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        with:
+          name: ${{ format('{0}-{1}-test-results', matrix.cli, env.CLI_VERSION) }}
+          path: testresults.xml
+          if-no-files-found: warn
+          overwrite: true
+
+      - name: 📤 Upload ARM Bicep e2e test coverage results
+        if: always()
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        with:
+          name: ${{ format('{0}-{1}-test-coverage-results', matrix.cli, env.CLI_VERSION) }}
+          path: |
+            coverage.html
+            coverage.json
+            coverage.out
+            coverage.txt
+            coverage.xml
+          if-no-files-found: warn
+          overwrite: true
+
+      - name: 📢 Publish ARM Bicep e2e test results
+        if: always()
+        uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1
+        with:
+          name: 📜 Test results (${{ matrix.cli }} ${{ matrix.version }})
+          reporter: jest-junit
+          path: testresults.xml
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: ⚙️ Get ARM Bicep e2e test Coverage summary
+        if: always()
+        uses: irongut/CodeCoverageSummary@51cc3a756ddcd398d447c044c02cb6aa83fdae95 # v1.3.0
+        with:
+          filename: coverage.xml
+          badge: true
+          fail_below_min: true
+          format: markdown
+          hide_branch_rate: false
+          hide_complexity: false
+          indicators: true
+          output: both
+          thresholds: "30 60"
+
+      - name: 📤 Upload ARM Bicep e2e Coverage summary
+        if: always()
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        with:
+          name: ${{ format('{0}-{1}-test-coverage-summary', matrix.cli, env.CLI_VERSION) }}
+          path: |
+            code-coverage-results.md
+          if-no-files-found: warn
+          overwrite: true
+  
+  check-test-matrix:
+    if: always()
+    name: 🧪 Check ARM Bicep e2e Tests
+    needs: test
+    runs-on: ubuntu-24.04
+    steps:
+      - name: ✅ OK
+        if: ${{ !(contains(needs.*.result, 'failure')) }}
+        run: exit 0
+      - name: 🛑 Failure
+        if: ${{ contains(needs.*.result, 'failure') }}
+        run: exit 1
diff --git a/.github/workflows/civ2.yml b/.github/workflows/civ2.yml
index 83f97c6..7ebb305 100644
--- a/.github/workflows/civ2.yml
+++ b/.github/workflows/civ2.yml
@@ -29,7 +29,7 @@ permissions:
 
 jobs:
   lintGo:
-    name: lint, build, unit test
+    name: Go lint
     runs-on: ubuntu-24.04
     timeout-minutes: 10
     permissions:
@@ -68,7 +68,7 @@ jobs:
           args: --out-format=github-actions
       
   linkMarkdowns:
-    name: 📃 Check Docs
+    name: 📃 Lint Markdown
     runs-on: ubuntu-24.04
     permissions:
       contents: read
@@ -120,11 +120,16 @@ jobs:
       - name: 🔨 Setup Build tools
         run: task build:mpf
 
-      - name: 🏗️ Build
-        run: task build
+      # - name: 🏗️ Build
+      #   run: task build
 
   test:
-    name: 🧪 Run Tests (${{ matrix.cli }} ${{ matrix.version }})
+    name: 🧪 Run Unit Tests (${{ matrix.cli }} ${{ matrix.version }})
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+      pull-requests: write
+      checks: write
     steps:
       - name: ⤵️ Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -153,7 +158,7 @@ jobs:
 
 
 
-      - name: 📤 Upload test results
+      - name: 📤 Upload unit test results
         if: always()
         uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
@@ -162,7 +167,7 @@ jobs:
           if-no-files-found: warn
           overwrite: true
 
-      - name: 📤 Upload coverage results
+      - name: 📤 Upload unit test coverage results
         if: always()
         uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
@@ -176,15 +181,16 @@ jobs:
           if-no-files-found: warn
           overwrite: true
 
-      - name: 📢 Publish test results
+      - name: 📢 Publish unit test results
         if: always()
         uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1
         with:
           name: 📜 Test results (${{ matrix.cli }} ${{ matrix.version }})
           reporter: jest-junit
           path: testresults.xml
+          token: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: ⚙️ Get Coverage summary
+      - name: ⚙️ Get unit Coverage summary
         if: always()
         uses: irongut/CodeCoverageSummary@51cc3a756ddcd398d447c044c02cb6aa83fdae95 # v1.3.0
         with:
@@ -196,9 +202,9 @@ jobs:
           hide_complexity: false
           indicators: true
           output: both
-          thresholds: "40 60"
+          thresholds: "30 60"
 
-      - name: 📤 Upload Coverage summary
+      - name: 📤 Upload unit Coverage summary
         if: always()
         uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
@@ -207,64 +213,10 @@ jobs:
             code-coverage-results.md
           if-no-files-found: warn
           overwrite: true
-
-  coverage-summary:
-    name: 📔 Coverage Summary
-    needs:
-      - test
-      - changes
-    if: always() && needs.changes.outputs.src == 'true'
-    runs-on: ubuntu-24.04
-    permissions:
-      contents: read
-      issues: write
-      pull-requests: write
-      id-token: write
-    steps:
-      - name: 📥 Download
-        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
-        with:
-          pattern: terraform-1_10-test-coverage*
-          merge-multiple: true
-
-      - name: 📝 Publish
-        run: cat code-coverage-results.md >> $GITHUB_STEP_SUMMARY
-
-      - name: 📤 Upload results to Codecov
-        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5.3.1
-        with:
-          use_oidc: true
-          files: ./coverage.out
-
-      - name: 🔎 Find comment
-        if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target'
-        uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3.1.0
-        id: fc
-        with:
-          issue-number: ${{ github.event.pull_request.number }}
-          comment-author: github-actions[bot]
-          body-includes: Minimum allowed line rate is
-
-      - name: 📝 Create comment
-        if: steps.fc.outputs.comment-id == '' && (github.event_name == 'pull_request' || github.event_name == 'pull_request_target')
-        uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
-        with:
-          issue-number: ${{ github.event.pull_request.number }}
-          body-path: code-coverage-results.md
-
-      - name: 📝 Update comment
-        if: steps.fc.outputs.comment-id != '' && (github.event_name == 'pull_request' || github.event_name == 'pull_request_target')
-        uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
-        with:
-          comment-id: ${{ steps.fc.outputs.comment-id }}
-          body-path: code-coverage-results.md
-          edit-mode: replace
-
-  # Returns success if all matrix jobs in test are successful - otherwise, it returns a failure.
-  # Use this as a PR status check for GitHub Policy Service instead of individual matrix entry checks.
+  
   check-test-matrix:
     if: always()
-    name: 🧪 Check Tests
+    name: 🧪 Check Unit Tests
     needs: test
     runs-on: ubuntu-24.04
     steps:
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 43d29ab..1d4bee6 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -22,7 +22,7 @@ name: 🛡️ CodeQL
 #       - "*.tf"
   # schedule:
   #   - cron: "32 19 * * 2"
-  workflow_dispatch:
+  # workflow_dispatch:
 
 concurrency:
   group: ${{ format('{0}-{1}-{2}-{3}-{4}', github.workflow, github.event_name, github.ref, github.base_ref || null, github.head_ref || null) }}