From d54f49503da4ec888e29841e8442841a8d201c48 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Thu, 5 Dec 2024 11:13:39 -0500
Subject: [PATCH 01/14] Added a new control for MS cloud defender checks

---
 setup/modules.json                            | 1289 +----------------
 .../Audit/Check-DefenderForCloudAlerts.psd1   |  134 ++
 .../Audit/Check-DefenderForCloudAlerts.psm1   |  129 ++
 .../GR-ComplianceChecks-Msgs.psd1             |    8 +
 .../fr-CA/GR-ComplianceChecks-Msgs.psd1       |    8 +
 5 files changed, 282 insertions(+), 1286 deletions(-)
 create mode 100644 src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1
 create mode 100644 src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1

diff --git a/setup/modules.json b/setup/modules.json
index 9275acf9..1512ae27 100644
--- a/setup/modules.json
+++ b/setup/modules.json
@@ -1,1155 +1,15 @@
-[
   {
-    "ModuleName": "Check-AllUserMFARequired",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-AllUserMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.allUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-CloudAccountsMFA",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-CloudAccountsMFA -ControlName $msgTable.CtrName1 -ItemName $msgTable.allCloudUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-GAUserCountMFARequired",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-GAUserCountMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.gaAccntsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserAccountGCEventLogging",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName1 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      },
-      {
-        "Name": "RequiredRetentionDays",
-        "Value": "securityRetentionDays"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-AlertsMonitor",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName1 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-DedicatedAdminAccounts",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DedicatedAdminAccounts -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -ControlName $msgTable.CtrName1 -ItemName $msgTable.dedicatedAdminAccountsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -DocumentName $vars.DocumentName-CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "UserAccountsPrivilegedAndRegularUPN"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Get-ADLicenseType",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-ADLicenseType  -ControlName $msgTable.CtrName1 -ItemName $msgTable.MSEntIDLicense -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserGroups",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-UserGroups -ControlName $msgTable.CtrName2 -ItemName $msgTable.accManagementUserGroupsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DeprecatedAccounts",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DeprecatedUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.removeDeprecatedAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(3)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-OnlineAttackCountermeasures",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-OnlineAttackCountermeasures -ControlName $msgTable.CtrName2 -ItemName $msgTable.onlineAttackCounterMeasures -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ExternalUsers",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-ExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC6(6)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-PrivilegedExternalUsers",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-PrivilegedExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingPrivilegedGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC6(6)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-RiskBasedAccess",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-RiskBasedAccess -ControlName $msgTable.CtrName2 -ItemName $msgTable.riskBasedConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC4(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLifecycle -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "PrivilegedAccountManagementPlan"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLPRoleAssignment -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "PrivilegedAccountManagementPlan"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserRoleReviews",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-UserRoleReviews -ControlName $msgTable.CtrName2 -ItemName $msgTable.automatedRoleForUsers -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-CloudConsoleAccess",
-    "Control": "Guardrails3",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-CloudConsoleAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.consoleAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC4(7)"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-AdminAccess",
-    "Control": "Guardrails3",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-AdminAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.adminAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC4(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ServicePrincipalName",
-    "Control": "Guardrails4",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DepartmentServicePrincipalName -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.monitorAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
-        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(4)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ServicePrincipalNameSecrets",
-    "Control": "Guardrails4",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-DepartmentServicePrincipalNameSecrets -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.SPNCredentialsCompliance -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
-        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(4)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-FinOpsToolStatus",
-    "Control": "Guardrails4",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-FinOpsToolStatus -ControlName $msgTable.CtrName4 -ItemName $msgTable.FinOpsToolStatus -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Verify-AllowedLocationPolicy",
-    "Control": "Guardrails5",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [3, 4, 5, 6],
-    "Script": "Verify-AllowedLocationPolicy -ControlName $msgTable.CtrName5 -ItemName $msgTable.allowedLocationPolicy -PolicyID $vars.AllowedLocationPolicyId -InitiativeID $vars.AllowedLocationInitiativeId -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -AllowedLocationsString $vars.AllowedLocationsString -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "AllowedLocationPolicyId",
-        "Value": "AllowedLocationPolicyId"
-      },
-      {
-        "Name": "AllowedLocationInitiativeId",
-        "Value": "AllowedLocationInitiativeId"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SA9(5)"
-      },
-      {
-        "Name": "AllowedLocationsString",
-        "Value": "canada,canadaeast,canadacentral"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ProtectionDataAtRest",
-    "Control": "Guardrails6",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [3, 4, 5, 6],
-    "Script": "Verify-ProtectionDataAtRest -ControlName $msgTable.CtrName6 -ItemName $msgTable.dataAtRest -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC28"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-StorageAccountTLSversion",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName7 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-AppServiceHTTPSConfiguration",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-AppServiceHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.appServiceHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC28"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-FunctionAppHTTPSConfiguration",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-FunctionAppHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.functionAppHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC28"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ProtectionOfDataInTransit",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-ProtectionDataInTransit -ControlName $msgTable.CtrName7 -ItemName $msgTable.dataInTransit -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ApplicationGatewayCertificateValidity",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-ApplicationGatewayCertificateValidity -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.appGatewayCertValidity -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "ApprovedCAList"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.enableTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "TLS12EnabledAttestation"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Get-SubnetComplianceInformation",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-SubnetComplianceInformation -ControlName $msgTable.CtrName8 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcodesegmentation $vars.itsgcodesegmentation -itsgcodeseparation $vars.itsgcodeseparation -ReservedSubnetList $vars.reservedSubnetList -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "reservedSubnetList",
-        "Value": "reservedSubnetList"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodesegmentation",
-        "Value": "SC7"
-      },
-      {
-        "Name": "itsgcodeseparation",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.networkDiagram -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "NetworkArchitectureDiagram"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.highLevelDesign -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "HighLevelDesign"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.cloudInfrastructureDeployGuide -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "CloudDeploymentGuide"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Get-VnetComplianceInformation",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-VnetComplianceInformation -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-NetworkWatcherEnabled",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-NetworkWatcherStatus -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-NetworkSecurityTools",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-NetworkSecurityTools -ControlName $msgTable.CtrName9 -ItemName $msgTable.networkSecurityTools -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-StorageAccountTLSversion",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName9 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-CBSSensors",
-    "Control": "Guardrails10",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-CBSSensors -SubscriptionName $vars.cbssubscriptionName -TenantID $TenantID -ControlName $msgTable.CtrName10 -MsgTable $msgTable -ReportTime $ReportTime -ItemName 'CBS Subscription' -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SI4"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails10",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName10 -ItemName $msgTable.MOUwithCCCS -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": [
-          "MemorandumOfUnderstanding"
-        ]
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.SeverityNotificationToEmailConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": [
-          "SeverityNotificationToEmailConfigured"
-        ]
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DefenderForCloudConfig",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-DefenderForCloudConfig -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecdefender $vars.itsgcodedefender -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodedefender",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-HealthMonitoring",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-HealthMonitoringStatus -HealthLAWResourceId $vars.HealthLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfohealthmon $vars.itsgcodehealthmon -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "HealthLAWResourceId",
-        "Value": "HealthLAWResourceId"
-      },
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodehealthmon",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-SecurityMonitoring",
+    "ModuleName": "Check-DefenderForCloudAlerts",
     "Control": "Guardrails11",
     "ModuleType": "Builtin",
     "Status": "Enabled",
     "Required": "False",
     "Profiles": [2, 3, 4, 5, 6],
-    "Script": "get-SecurityMonitoringStatus -SecurityLAWResourceId $vars.SecurityLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecmon $vars.itsgcodesecmon -LAWRetention $vars.securityRetentionDays -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "Script": "Get-DefenderForCloudAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
     "variables": [
-      {
-        "Name": "SecurityLAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      },
       {
         "Name": "cbssubscriptionName",
         "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "securityRetentionDays",
-        "Value": "securityRetentionDays"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodesecmon",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.passwordNotificationsConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "ConfirmPasswordNotificationsConfigured"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserAccountGCEventLogging",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName11 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      },
-      {
-        "Name": "RequiredRetentionDays",
-        "Value": "securityRetentionDays"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ServiceHealthAlerts",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-ServiceHealthAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.monitoringChecklist -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "MonitoringUseCases"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-PrivateMarketPlaceCreation",
-    "Control": "Guardrails12",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-PrivateMarketPlaceCreation -ControlName $msgTable.Ctrname12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "CM8(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgProcedure -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "BreakGlassAccountProcedure"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-AlertsMonitor",
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName13 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
       }
     ],
     "localVariables": [
@@ -1158,147 +18,4 @@
         "Value": "AC2(11)"
       }
     ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleName": "Test-BreakGlassAccounts",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Test-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountTesting -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgValidSignature -MsgTable $msgTable -ReportTime $ReportTime  -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "BGAccountSignaturesandApprovalsThread"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleName": "Get-BreakGlassAccounts",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgCreation -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "ModuleName": "Get-BreakGlassAccountLicense",
-    "Script": "Get-BreakGlassAccountLicense  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgMSEntID -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(7)"
-      }
-    ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "ModuleName": "Get-BreakGlassOwnerinformation",
-    "Script": "Get-BreakGlassOwnerinformation  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountOwnerContact -FirstBreakGlassUPNOwner $vars.FirstBreakGlassUPN -SecondBreakGlassUPNOwner $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-TimeZoneConsistency",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-TimeZoneConsistency -ControlName $msgTable.CtrName11 -ItemName $msgTable.timeZoneConsistency -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AU2"
-      }
-    ]
-  }
-]
+  }
\ No newline at end of file
diff --git a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1 b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1
new file mode 100644
index 00000000..3ffd3842
--- /dev/null
+++ b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1	
@@ -0,0 +1,134 @@
+#
+# Module manifest for module 'Check-DefenderForCloudConfig'
+#
+# Generated by: Cloud Security Compliance Team
+#
+# Contact Information for module : cloudsecuritycompliance-conformiteinfonuagiquesecurise@ssc-spc.gc.ca
+#
+# Generated on: 2024-12-04
+#
+
+@{
+
+# Script module or binary module file associated with this manifest.
+RootModule = '.\Check-DefenderForCloudAlerts.psm1'
+
+# Version number of this module.
+ModuleVersion = '1.1.13'
+
+# Supported PSEditions
+# CompatiblePSEditions = @()
+
+# ID used to uniquely identify this module
+GUID = '5adc5e4c-800d-4db6-8ba0-45f463d602e1'
+
+# Author of this module
+Author = 'Cloud Security Compliance'
+
+# Company or vendor of this module
+CompanyName = 'Shared Services Canada'
+
+# Copyright statement for this module
+Copyright = ''
+
+# Description of the functionality provided by this module
+# Description = ''
+
+# Minimum version of the PowerShell engine required by this module
+# PowerShellVersion = ''
+
+# Name of the PowerShell host required by this module
+# PowerShellHostName = ''
+
+# Minimum version of the PowerShell host required by this module
+# PowerShellHostVersion = ''
+
+# Minimum version of Microsoft .NET Framework required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
+# DotNetFrameworkVersion = ''
+
+# Minimum version of the common language runtime (CLR) required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
+# ClrVersion = ''
+
+# Processor architecture (None, X86, Amd64) required by this module
+# ProcessorArchitecture = ''
+
+# Modules that must be imported into the global environment prior to importing this module
+# RequiredModules = @()
+
+# Assemblies that must be loaded prior to importing this module
+# RequiredAssemblies = @()
+
+# Script files (.ps1) that are run in the caller's environment prior to importing this module.
+# ScriptsToProcess = @()
+
+# Type files (.ps1xml) to be loaded when importing this module
+# TypesToProcess = @()
+
+# Format files (.ps1xml) to be loaded when importing this module
+# FormatsToProcess = @()
+
+# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess
+# NestedModules = @()
+
+# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.
+FunctionsToExport = '*'
+
+# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
+CmdletsToExport = '*'
+
+# Variables to export from this module
+VariablesToExport = '*'
+
+# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export.
+AliasesToExport = '*'
+
+# DSC resources to export from this module
+# DscResourcesToExport = @()
+
+# List of all modules packaged with this module
+# ModuleList = @()
+
+# List of all files packaged with this module
+# FileList = @()
+
+# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell.
+PrivateData = @{
+
+    PSData = @{
+
+        # Tags applied to this module. These help with module discovery in online galleries.
+        Tags = 'GOC 30 days Guardrails'
+
+        # A URL to the license for this module.
+        # LicenseUri = ''
+
+        # A URL to the main website for this project.
+        # ProjectUri = ''
+
+        # A URL to an icon representing this module.
+        # IconUri = ''
+
+        # ReleaseNotes of this module
+        # ReleaseNotes = ''
+
+        # Prerelease string of this module
+        # Prerelease = ''
+
+        # Flag to indicate whether the module requires explicit user acceptance for install/update/save
+        # RequireLicenseAcceptance = $false
+
+        # External dependent modules of this module
+        # ExternalModuleDependencies = @()
+
+    } # End of PSData hashtable
+
+} # End of PrivateData hashtable
+
+# HelpInfo URI of this module
+# HelpInfoURI = ''
+
+# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix.
+# DefaultCommandPrefix = ''
+
+}
+
diff --git a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1 b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1
new file mode 100644
index 00000000..52ef8320
--- /dev/null
+++ b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1	
@@ -0,0 +1,129 @@
+function Get-DefenderForCloudAlerts {
+    param (
+        [Parameter(Mandatory=$true)]
+        [string]$ControlName,
+        [Parameter(Mandatory=$true)]
+        [string]$ItemName,
+        [Parameter(Mandatory=$true)]
+        [string]$itsgcode,
+        [Parameter(Mandatory=$true)]
+        [hashtable]$msgTable,
+        [Parameter(Mandatory=$true)]
+        [string]$ReportTime,
+        [string] 
+        $CloudUsageProfiles = "3",  # Passed as a string
+        [string] $ModuleProfiles,  # Passed as a string
+        [switch] 
+        $EnableMultiCloudProfiles # New feature flag, default to false
+    )
+
+    $isCompliant = $false
+    $Comments = @()
+    $ErrorList = @()
+    $subCompliance = @()
+
+    #Get All the Subscriptions
+    $subs = Get-AzSubscription -ErrorAction SilentlyContinue| Where-Object {$_.State -eq "Enabled"}
+
+    foreach($subscription in $subs){
+        $subId = $subscription.Id
+        Set-AzContext -SubscriptionId $subId
+
+        $defenderPlans = Get-AzSecurityPricing
+        $defenderEnabled = $defenderPlans | Where-Object {$_.PricingTier -eq 'Standard'} #A paid plan should exist on the sub resource
+
+        if(-not $defenderEnabled){
+            $Comments += $msgTable.NotAllSubsHaveDefenderPlans -f $subscription
+            break
+        }
+
+        $azContext = Get-AzContext
+        $token = Get-AzAccessToken -TenantId $azContext.Subscription.TenantId 
+        
+        $authHeader = @{
+            'Content-Type'  = 'application/json'
+            'Authorization' = 'Bearer ' + $token.Token
+        }
+
+        #Retrieve notifications for alert and attack paths
+        $restUri = "https://management.azure.com/subscriptions/$($azContext.Subscription.Id)/providers/Microsoft.Security/securityContacts/default?api-version=2023-12-01-preview"
+
+        try{
+            $response = Invoke-RestMethod -Uri $restUri -Method Get -Headers $authHeader
+        }
+        catch{
+            $Comments += $msgTable.errorRetrievingNotifications
+            $ErrorList += "Error invoking $restUri for notifications for the subscription: $_"
+            break
+        }
+        
+        $notificationSources = $response.properties.notificationsSources
+        $notificationEmails = $response.properties.emails
+        $ownerRole = $response.properties.notificationsByRole.roles | Where-Object {$_ -eq "Owner"}
+        $ownerState = $response.properties.notificationsByRole.State
+
+        #Filter so we get required notification types
+        $alertNotification = $notificationSources | Where-Object {$_.sourceType -eq "Alert" -and $_.minimalSeverity -in @("Medium","Low")}
+        $attackPathNotification = $notificationSources | Where-Object {$_.sourceType -eq "AttackPath" -and $_.minimalRiskLevel -in @("Medium","Low")}
+
+        $emailCount = ($notificationEmails -split ";").Count
+
+        #Check theres minimum two emails and owner is also notified
+        if(($emailCount -lt 2) -or ($ownerState -ne "On" -or $ownerRole -ne "Owner")){
+            $Comments += $msgTable.EmailsOrOwnerNotConfigured -f $subscription
+            break
+        }
+
+        if($null -eq $alertNotification){
+            $Comments += $msgTable.AlertNotificationNotConfigured
+            break
+        }
+
+        if($null -eq $attackPathNotification){
+            $Comments += $msgTable.AttackPathNotifictionNotConfigured
+            break
+        }
+
+        #If it reaches here, then subscription is compliant
+        $subCompliance += $true
+    }
+    
+    #Check if all subscriptions are compliant
+    if ($subCompliance -notcontains $false -and $null -ne $subCompliance -and $subCompliance.Count -eq $subs.Count){
+        $isCompliant = $true
+        $Comments += $msgTable.DefenderCompliant
+    }
+
+    $PsObject = [PSCustomObject]@{
+        ComplianceStatus = $IsCompliant
+        ControlName = $ControlName
+        Comments = $Comments
+        ItemName = $ItemName
+        ReportTime = $ReportTime
+        itsgcode = $itsgcode
+    }
+
+    # Conditionally add the Profile field based on the feature flag
+    if ($EnableMultiCloudProfiles) {
+        $evalResult = Get-EvaluationProfile -CloudUsageProfiles $CloudUsageProfiles -ModuleProfiles $ModuleProfiles
+        if (!$evalResult.ShouldEvaluate) {
+            if ($evalResult.Profile -gt 0) {
+                $PsObject.ComplianceStatus = "Not Applicable"
+                $PsObject | Add-Member -MemberType NoteProperty -Name "Profile" -Value $evalResult.Profile
+                $PsObject.Comments = "Not evaluated - Profile $($evalResult.Profile) not present in CloudUsageProfiles"
+            } else {
+                $ErrorList.Add("Error occurred while evaluating profile configuration")
+            }
+        } else {
+            
+            $PsObject | Add-Member -MemberType NoteProperty -Name "Profile" -Value $evalResult.Profile
+        }
+    }
+    
+    $moduleOutput = [PSCustomObject]@{
+        ComplianceResults = $PsObject
+        Errors = $ErrorList
+    }
+
+    return $moduleOutput
+}
diff --git a/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1
index 28131c9d..e7ac017f 100644
--- a/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1
+++ b/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1
@@ -287,6 +287,14 @@ noServiceHealthAlerts = Could not retrieve any configured alerts for the subscri
 nonCompliantActionGroups = All subscriptions have Service Health Alerts, but not all action groups are correctly configured. A minimum of two email addresses or subscription owners are required for the action group.
 compliantServiceHealthAlerts = All subscriptions have Service Health Alerts, and the action group has at least two different contacts.
 
+msDefenderChecks = Microsoft Defender for Cloud Alerts and Events Check
+NotAllSubsHaveDefenderPlans = The following subscription(s) lack a defender plan: {0}. Enable Defender monitoring for all subscriptions.
+errorRetrievingNotifications = Defender alert notifications for the subscription(s) are not configured. Ensure they match the Remediation Guidance requirements.
+EmailsOrOwnerNotConfigured = Defender alert notifications for the subscription do not include at least two email addresses or subscription owners. Configure this to ensure alerts are sent correctly.
+AlertNotificationNotConfigured = Defender alert notifications are incorrect. Set the severity to Medium or Low and review the Remediation Guidance.
+AttackPathNotifictionNotConfigured = Defender alerts must include attack path notifications. Ensure this is configured for each subscription's alerts per the Remediation Guidance.
+DefenderCompliant = MS Defender for Cloud is enabled for all subscriptions, and email notifications are properly configured.
+
 monitoringChecklist = Monitoring Checklist: Use Cases
 
 timezoneConsistency = Time Zone Configuration Consistency Check
diff --git a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
index 165ee5fe..0726105e 100644
--- a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
+++ b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
@@ -290,6 +290,14 @@ compliantServiceHealthAlerts = Les alertes de santé du service « Service Healt
 
 monitoringChecklist = Liste de vérification de surveillance : Cas d'utilisation
 
+msDefenderChecks = Alertes infonuagiques et vérification des événements de Microsoft Defender
+NotAllSubsHaveDefenderPlans =
+errorRetrievingNotifications =
+EmailsOrOwnerNotConfigured =
+AlertNotificationNotConfigured = 
+AttackPathNotifictionNotConfigured = 
+DefenderCompliant = 
+
 timezoneConsistency = Vérification de la cohérence de la configuration du fuseau horaire
 noResourcesFound = Aucune ressource avec des informations de fuseau horaire trouvée.
 resourcesWithoutTimezone = Il y a {0} ressources sans informations de fuseau horaire.

From bac58a70fc81fad15bc831ae27e273bca5346665 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Thu, 5 Dec 2024 11:21:01 -0500
Subject: [PATCH 02/14] Added zip modules and IAC module

---
 psmodules/Check-DefenderForCloudAlerts.zip | Bin 0 -> 3564 bytes
 psmodules/GR-ComplianceChecks.zip          | Bin 20117 -> 20444 bytes
 setup/IaC/modules/automationaccount.bicep  |  12 +++++++++++-
 3 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 psmodules/Check-DefenderForCloudAlerts.zip

diff --git a/psmodules/Check-DefenderForCloudAlerts.zip b/psmodules/Check-DefenderForCloudAlerts.zip
new file mode 100644
index 0000000000000000000000000000000000000000..5189bd5d4e3a1df534e367dfdfffbe8205e9afc0
GIT binary patch
literal 3564
zcmbuCWmFXGw#SDqkr;%LmWEeAWazFT25{&ur8^{~85opqkd#zfQa~C6BwrYsp*uvR
zVI1J-Ip?1Hp7Z70weH?)KhNG@_J4o-tv?KkgG&V<{FRo*2qVBhgOCCMcm!YuDA?P)
zaN<?8v9)ovw(*3xc`7)&d0Wdl+jze8;&b=17SPir1rT^6wd@LhmDaEF_9Fpc;r?Fp
z_h;0=#EDLfDp=%7hOjQtHtK`sexx?nlxPM%a_Wo2{Oh13AzBl<IB*(RQ++RF<r(d$
zU!aptIzl}0i=gt#_1MjBK1z(4$=g^>)3aQ$zlt?enC)X8L;QA*)Y;gpe!Zd55@FV|
z;g`jF9Ja4Tzx`?9(MRen$v(MdLW%n|q8>@u#KxLSqYdj5ZP@`QC<9ixyf%&Hj5Kq{
z%d0MUtr+_t<TI9MZ|`$PY+&D&CXaoYO*Vk1cQ&P;J9j5Pgo2g|KTMl=F32#PX=(=C
z$oVZDw%u)qFeMTR7P<@JxMvb8jn)Mx5@8Bw967LOirl@{w|j(xp`UXls?5%|B|P6^
z+ED=tgK_n$R;MYwYL_&wmA+v-r`#fnb`)Z=SWP{ZC4ivh)g3)aDef3~x@V4(Eh-4#
z_f<JLH13DGC(~Z^!FTJW;=VzeYB4&RDcY|@hS({%4K%HXg~MET_64mAE`&7Zoun<>
zMQ(x@=!z%nm$SJKFY!Otch6UxRfY^Xr9_rwA86=&&b<N|2Ar~C<6b!KvDSwE^s!Wm
zGRY$FeYQR2o?uT6_kcolCsKv&`;c$u7by<NJL&Z!BT#@!1b~Jt&x?+-S3;UxmM1m(
z`bgJ*9Wg=TH_CY@zJQ*8u&!L7Xue%jPHd;haG>nU;l;<k=Ey<C85zQhn2&0sbY)li
zLUuccpX-!*QO_(RTj#T1FLp<Z5k6p`l_s`rn9gJ!JnWNd0k58wj`m6m5w%=e5ch_M
zDy1-Ab;#x*LEnUi2>%S9#9PyI$(Q<SL%IHbiPtx-!!GH3ZdXUFL$%!2UY*b~${5aM
z5$pOr{?>Pf)!|cSd>n+=unX3^-DO)1wtQLfK!zivT}*<bS5k_O{^p5~(AS!{2~Xw3
z22sd_ER?N>N_exDn+Sow5%*SAszkb#rpNw)TFsLllhUFFSiQ!QZ<2mh(R63z%t;_m
z-+SA#vX28hFPcJ)e|Ruo^}7v{G#sQ9sgW(jlJVZFDAZ)9MHk%Q^(H^)XrG;EcUig|
zhBpbxY@K{9s;Ugg@oHRo8WJpWV)M4?4zE>yE^gUc-bEC`p#_SU9o=X(eC$!Z02fS(
zO60T_lCjVap=B?q#mixca(_tYIX?UjzC5zqHi{9QLQWlt;E7lrbXAIRlyRs@$Pfx3
zZH7u!c?)=|EQ(D%b&Ks{o3pk&$V;Msw8>t6=!dC~T2dl=K13o%BkU>UztUx0q6=A~
zDADzduvf%NopE^1Dfh3Gqg&@f3LxVSu^7hNB~8{wlIL&s+^*d=0H0L}?!Te(t(AEf
zJ1$qnNBT1g$m}$4#=Fqth`fe$$?FoK)pWpkHe?`frvN(~!!$+FPXzCIE}7t_(JpUl
zDM*~5Y$fsjMZ}N0*nCbcDpo|dJpHoNVlXE(fSmj}qd%q4ISVbPgIY;N4noWJhuFzp
z$~Xx%_0LtRY+2-infP2Favy*AGetL<6Q-9c;tI)Bb7B>welJ)y)Z_qWy3Q;JUBmYR
zry0xoBW9h&qw<#nyDIv-SagFP=MIYI=WFdH>;~*eB<#`Qnt0Nq>p))}3BBiDda(A|
zERI7Qk+cyz)+~xP0^Uo;;LXVz9dM$d;axYOMK8U<pTY2`WC}uhN(NN)ISrz!_LI0b
z>EM!|Z>jRsM3v7u*q(izvDPKE*5WN3SKogl^V@63L023zHE|LgXbJq<dEn}_DnED2
zL#(c&l7f}uGpP?xzu#KV)=aAbmnmOypb@o-?ky787b%Cu*6-FV{xcqvRKRm3{xODg
zAdWvYmFD)gbP-Ls<lqog%F}u3mt0jPY<|+3p%jCQw8ipIx;W6csT!nDB;z6v30Dp_
zb@MQ8zi>m*l*gtc-Bcuj&$``$-5{NxY8?uhMNqc#(gok|eK&f<vnLL52)g>%+cOb!
zd9*Cr1~ukUPRrU?>fH@!nmojiz@P+#9hh0;UOWKcHy2?4A_j9&#J`Av0{)+f;qnh+
zd;@6N2~KF)X(M3&NsM*_7dMpXy<7AAyRaR675KE~Y!IrT*~ZBCkD8ABz3<ZW(Q=KM
ziWM$4$%~b!^G+u2PDP)|s#%6=3tA}Kd19c7Ry|8Xm97{jUN|sZa0EEzmX=psuF}u#
z=(LKupdMe*womHL$E<dCj``v7?swOI1zM$bNbMS#t^Po!Jk=i#44%&}U35&#OC0*1
z5=U<|5<CWPuw|^+B%-G7d0g47c3hW{d5w4HFCOb<%HzUsjY@N*nSn}WM3F&8j@2tN
z)hD{JaQWe8p$wwHeoO40&`@pP@Y>~Cwde+|kcf4)1-}V-kGJ)$14@o1I8&DMVL;RF
zdk9`|&*KNDW-9I+DwLJ*Ocl~}pGcI+Rze;an8vHa?FsETlYGdcnr`JfKVT4U)#z8+
zh&(E(t<uvmowj{m={wZU@LVu<lIk0_m9c52;V}E;Vx{*rA;-;C1wWub!r7F%FV%F!
z#eaAz?NwMv?>mwyP@Z{E&s<N_@_@Y~LW%HL5Z5L)d9^xHK!;YT4b;4m1++HLlfi8F
zWl+ac-jC#`WngzoD(f9m`4NK{C(y_$2}4`jJuNH0e*B<i=W#zG{o+D>xH;_{(%~82
z-Js$8qodCAkyb0{jGO*TQ1020rJXvj0!Iy-%@Y#6Vxm==F&4ZqphBWtkrpC;LYdDl
z{E5K@Ba4isOPwTZrMD`Cb4Yt%O#0{xX@^4#`Pc%5D_vXROS6v|-;LL(G`=0c^jGp?
z^=99S{M-<Qyx?0j_6rl6$Q7IhMPuk8aa{{}A^ui0N3cZJkuyzZ^q8e<Zw!k4B8(0F
zTopk<@<|eHt-E|=A3K<bJgG?8t?zfD%Bs9vGul$#Oq3yy&-E&<4ih0v<rb@mf2#h9
zJkSMj42WoC>ENK9LmcN66r;$DJ()}lTfzLwMe3VVYoggnS8BOz(R#usf;N!$ZiNB~
zwaB6peUapz7m$IcGee~hiS$gFGWQ9bV&<~6rVE0B(1**3ltyB6E2t0(=@qieyw}h;
z5lVxwquS{vv)d#lsC@tE4p(P^Jz{5bUO?L(NI2iyKV4(I)lZck1rF9Xv8oQyhHdn1
zs3a^lmgm6a@~%|(K!(0Lb>z+b`>MF_&SpZzk}h>j(p-S(jPai!OzE5bcZ@iJ!#cBo
zW(6UvIIe6cOOhh6QC7E(%uswJLY)a5;X13MS3!T?qIRsM+}U9>@rDDmI7K}C$7-qu
zzVDL45Om!lXPwIU{6had*f><HM*b}@1{};+{9gL-AiU)M>d#%r2|JvkIjS4d(e`g6
zi#lpMi=rUeuW1^n%n=(7B)1S&H80`b^8g{jc!4A(>Tmc*(>x$_0at7HL!t0HV%Uox
zjOAVq)hocdGdV-XCj+rjJd2`F=M>AvVG@nx7}|TRoO45?)?rgyk9&ny0aOp?(%{LS
z)epoOLyHqqJq;PdR1c7JSF-Y1?=D`GYfq2{QX<4CM^CyA{iyh68EzsI+PI)AnvIi%
zsW9K1!B^cm{%9%H;Ik7rgnw*22rWgq&|EPKzqAI^5nUOom~FiaZS(@;46>_FKGKSe
zsvpJ-7D#c^zB!O<k@~|woIiZi0KyHMHW9+l_>wBfVz%&916=IT{vu}+pJ7Atbzh)^
znl?AVc{y^ZlydJgt!q;wwO;Ht)sr_TtwOgx=D1EF9Vv<ab=eK=_Sj1jf_g`y`2+JW
zwLukio?FOw`7^RDJ;c5t^qGS<T>)f<>BrJ0{ri_toPc(dPV*&->7(=SXw|Pj5BL+t
zrcr5^2P+I8eL=P?VuPt?CgiH?u7~^G_*35Y_d6*u=!$LkyW?$vwF1r+a?HpYsgMa6
zv-ro(vVt*}snxV{Bwb!jc3z{^&)kKeCbS-DxJ6q^QCWbQF6Rpp%Z+%>Wk9ycTr20&
zx@JQd1D2jt>@Zd~3ss<Uu4}DF^7xMovtyDn%n{#{y6(JVa#@29tV*!8!sT0nSMVCF
zQ?mS-MKAK&XoAL5j+=IkFwjX5F8GXAd*^cRX7goE8_uSF4Y%j0-@~MxaK{c^0n*jL
z+Dhu!Liv82ojPo41D7cQPLNOhDSEd*MS=knLU^|n8H^gHw|Yj>`j~OWdkAPcQ0noq
z&-7~195}1l?Nq!zin4QaTXJ!`!TC)w;wi^=1AGABH>+S!ENm*A|8+ipCERc4^FQ$^
u?05J7_CbG@`;E=Np7QT<Pk$ZwU*!HfL}5_8UuysW>|eS3>%Y49d-@x*^MXtO

literal 0
HcmV?d00001

diff --git a/psmodules/GR-ComplianceChecks.zip b/psmodules/GR-ComplianceChecks.zip
index 5209ef541d36f5f94cc6d2ba544cd162c8bffc56..6242659feec54a16cb134215a3934af178c568d7 100644
GIT binary patch
delta 17036
zcmZsCQ*<T{>}9{&*3`Cb+qP}DQ-8H>+wIi0?M`jm=IrmkyAS)YIVZ_OlGmGalXFvZ
z0bBWi1VJ#ge@YD^brAoPo1P%H0f;f$q1qt-*P!f@ccG}D&gYdaSr?R(5uq`Gn+~L1
ziMNnnNW(CgFGQxfrgI%UOvu_v{33MP2}i%ocF!>Bf0r$*WzqY%2Z0@7z4*PJK9K8T
zCCPiVnfWAbhx=vyV%Ju$p;?I)S5Q1vtfH!e?cvEx70+V)Y)m<bmkfsrhw4KM_RTCk
zQO5o-yBjmmjyaaeje>LbTg`m|mT&LJa`9s&pI`gVXGeFf8_{(3>|Aeq3ZQK}8^V7E
z-}`bAB3k&rXtRA@>BV#&-aLbxB3LZfBQ4Y;otki*ZOcQMFx@CRgoEtHe+l5ce{;iU
zB9$edJ8>WvZ{9ok^Ww+V@$38VAT4wg&WiW(-bQ6_8vGXM#{V=Hlo;{{K2?V@AG}0S
z<hq?wE)Ce-oPMFtyjQx<I{C8XdyF+1vtOTDZOpZwT%y#3X>sGqbuQib?n(Ybjr}>+
zi-CHaYg-azE)RPY95O7+59<kdE#Dm}`n=J5`tgMkxkRdkG~Ls5m5^T}y3XFbv^AkZ
zR=;n{LV<fjC)?`6H$<od-j?Z)1?<dR<ICMB{A0^dbm&AG)VeDt^1^1u)NE4?VI_>a
zHL|WLTFvZDU*8wD@%C<+Rmn_eTL0G*Y&hBpFBs?Up9BsDJuQJ5EmD^Gwtc=oV8t;$
zW&DpqUd;hr?pLXFVXQxuv202xcrND6p>LN)I8-$h_xQ128K!0@FaXBHZ5d-*{=MRX
zMcyp)LN7zIX9AOCwX|JR<lgBX<d6}Lyid<^5t}$!%<<tt@9Vm27kuEl`~;%ElDL3a
zEW^*UK4qJ1LKaNbJD%n}2rh7)#SkPI1SZxDGU~=8^@Q5aO?xn2zbwe3d%9mFBXM>q
ziRx^zPrPzOog%#-h|>h%Aevtvtyv;l#sveJe4?gTg&>maoDTOYOQ(yVQ<a7>Gl+OE
zMrHl*1S1TkOOfIb2hdKn?nm+LS1gZ;eSz_4q;Zr0=AjG9kt3eTW&#W2Pyzoydk3b=
zo9EwU5}%GO64Q7iE)Uw$t*Rkg64J)qJE&7A<t=_GrwIfA?}R`@^eZR>Y=>QS1X>p}
zY)wAgk_Tv%0wG|;(VvEzK*5oS7%_W5sp@|M%&C+l%_QYm$PrAKq_p0trl4{Dpg*B>
z1gKH+0HxBI*i6_9K(NO-2CZo(G`}nc(bN_$MI2Wk+1?&-(7WBD3mi?P3B7)ugFb%{
zBXEXAct}J8jd+W2g<V`Cq#4zU7AZ%f*%^ZwWm|O8|5R6q_1fa6a)Hj?7A&%K<qo^G
ztcahhLtso*$p+Ww4uku88m$8;iaEuLJagX0cK^ZAjSBw!?BX*y1saIeE3wAVK*Ttf
zV*n^|I3l$#eE}$<2s4S!AHkg%7m=J}EA4kLn~c;z(TfROsz;x{o9+wxb#OflDn<_W
z#PO(Sy_z&g+@k%kT>;>~x$BVAQILzw9@g|m(zeEv<fye(IJ%qU8)i8?xIs1}zW~3W
z`U%j-CGXgXN#U+A*R27(LC)1PlfmMR>tyFM56*q!w|}Jo)W!T%;_o#h-(}!J^?Vuu
zIWXiv-C6^XXn&Hfo1MV(Z|Ey=!QfiZ(SK1FDY8KgzbgavKv@G^m}!WA6$Zvor!`RO
zRX!*)Mp&at15VW<Gpw`DQ&GowC;@viyFHm=N9-4AG(xhV7&!KgEc_jyxdncN${z4*
zySYt<6b8>MJ=#REaiM|f61@w*1Ht%`CwyLkPPW8SDdI^~YshH1r4wld{s=;Nhm@Lw
zxU7QXnKu{<K0CYtpkrAZdriB%mC)Zx>FKUT;ZWHg*4r8`F5n}ycc3uGAgZ~(d{c1h
zBqq7R`Gl2=SsB?kmQl@^I?l)~DtGpQ(h2z>z|TtxdUPJs;DDn8j=5IOhjmb45NImk
zybkn)MkTWuANVZS0u#iQ+5-gLl8JGw(;F|&vb%6AzP41q&?sCgbxF{*-woJ0te-1F
zBRJ{E3U=n=d-OtkIx7T|jtKr6WhBzkklBI@R;qfBW_!Z0{J?c8e1g)Qt?ZW@inO@i
zE4Ux#P1kaRXPP1G7lap_QkB-!zBdwZqTJ)<ml(;?mIMhERYW>GLnECV<PJGHy7p11
zPC->=Xj5JZn}g=l_G(sAaW2w}AQNF@#Fw-Mwf!2c5m~KgkI<@$4usH)OGbK;eUKsH
z(lO~crrtc7uP!J~!Q#a&IO+wNey}g|KJ&qw0}IEkm4KW)oYtgE^2DG*V0<nxZ8=~M
z@?YSYh$8ad;Wu^#IgS#7gux9_Eos>Wwffva#mojFil1b%%`AFlbu4kzfTAd#c#suL
z7mNaSKw93%2tj7^5<CL}=P~Nry>eDO+8|-q=+_Z>*_Ys<R0XZ{fm_J~C`w@WA%|HF
zjal8WYo8l*7<YyBXvUz^_1gpRW80uqQ!MXz!XnoiMlC|YByY`v8)p7A0>VG01(Ei9
z7`HKSSNzq3lE2pLRd3Z#&b5%mLfz^x^B@2kH(Xh%0tEgsh11RU?e9FiwY^Set<gR|
z+wRDuZHTgl&%~v$FUR<zc@(v<kJAYtTs@9joqP5|9kIq#PkF_K_)QUr3ll7SC?hGI
z8h1jsSDek|URzvhgc?N5p&SPu2o()k@U*bJeuV3ZJc*-W$91E%CX8Ku5D#r#E%UQR
zxCMU_+?xSkR(#{hl(+k(&4=#2ED~=RIU<7-^_)s^9LIpCBHv`5$%`sw8##_p7>Ue1
z?#@F6%TOd27W8BA%@YKyaF{S&2$fyTS4$MI^9mowd!V{3iew)vY0&<FP`k#rsn-h@
zY)Qlb7eo(m+Dl;5w-?kmf}k3ir-xFXnZZP+3+O`*QF{rK5u#PZnGNp=gZmk7E^HLw
z>7hfnsJ1aiNDm$^l!ZfajU}G-Z0Zbu?%#N*XR|a8autUo1a-pV8#_A%kU)ILe8vFD
zr{nIeFqMRz?BkQGkhy>*Toy?aUle{y6CA{CnC&=FJveku&0MvkV6xf8J3TQ@K@K%6
zgmojb)|rIXeud!=i0QEV3}Q~(jVTjYG$JBvNK5^<3luKEP>?x)h{qUKa7AW3nLN>w
z4BtShuxOBUmaz&a(6lFQEI4Pd&5_~uQQ@;KUUvw{uB4d2KoTI>jbtvp%{vGU*Kjkz
z&ohPop2yYIfU|}37OTB2XFA`JW+0&i`OWtesiqDysYnxU@!A->&eGZn))Z`?Gq_S^
z!&b{#x{@xZqdqq{NxkB@^YMpwvD~?9FH<{QbmPH?15@@Ys@UD4ZV#Z5Xmxr@$JqVX
zApT_}XBJ8vz7f!wT)u)KY&R%DdU!?CQ8XD(F?>2y7TLnpF^NRKxRjscmM^e5lxA$L
zB%H6XCLFD<-vkfQsjp7x@Og#t;+o3K_-L`;W|f?`z7OsLnbmKsW-=EXM{GT7YHlUe
zUxvAYj32ysjbtINX~BL`LY%Rp2qrA@FAQA=-6Y2883>S2kMbA8aL=f>T-CHs;C-YD
z+(Ur8{UgQmKZV=&nkjZ;FuDP)>+DHf-yuK+YLk!=i7N68Buh1Poh;)Ws?Tv7*r28q
z%W%77#b@}p?2+tZD15UByL%>;1BHnsX$itbLhKc+df4FM<O0dE-qmYrPZ+DfY0Etm
zLro%WDIsvwTWqAT>I{tx9bH7$5+VSNr37Z&Zla{4OaWj}#~Y~EknI?J7_k*zBdyey
zqSxl;3-0<afIu9MH;+t7I2_M`5dW5EfQC8K)rU&_C&*H$0{qXhQ*0(ij?><XGX|4e
zIPTm7iUWm5cSpRID2?h?p2g!`Ky~9-b+g-xatlz~ljulh-4X?lBzQSW1{Zh?T8AaD
zE@g`L@%>QUzd`e7D1vXDJc%AoEKrjJ1->@sUP{+p6gF`5uWv_4h&hT{d8SnfOYM7{
z+5;7_w0@>5bEsDk#Z8Uv5{e7K2r*U;He-iYqa%Jl7}2i>3c^UD8*;kKyaZ70W}cEh
z4MX5{ZVyas_14Cr=$&uMZwHsiF(t(S+H~5gN*3IUV?A8`9z@ccU(jtVRiQei9>i$5
zuId0Y6;Y>3;`eo^wri)D?)0q`@6bxPtQK1RcCs4GW7mQ46O#gG`&5`DtJMKhYu#w1
z&uIPZsq0Ae++AC3x*CnHNE0^Ks==nr$|m3uN{o9eVLg*W%At_(VLcbw46TqDuQg}A
z&iXN!3>jyJ{z8B2cjIG7IM)<JHvw3~?)}qDTFCEyyPOT?rTT{GI0*!TbPKIz9>D5r
z%3zwdSNwy$ww>HB8pceYa&3of75-C`nrhKCnd&p$v0Ez^M=DuF74Ve_mgD_REs6hj
z1LIA1Ba|9F8AYhBfU6r(SLg$}eu42*`=P5b+4tz5;w*sK=Q6YU5f2^Djwx-@>4k77
z3sx)WUBfT(y8U~@>w>BL$^?jKi%<WqTRz6s;%bI}q@!YdJN8{D7^5tnh?s|@SW4=V
zF`j7#96oWF)b35C(*=8|1Z~Z1`Z>Vpr8p+?Fb6CVy!EEuV!?<eL?*Tgj_4|H5Af<>
zM#3t_?F2c&y-!3>5*p&fSLWPL`K;8Tt?%ruBydK$I3We5{qQ&`mZwn=r0CRrXlWwg
z6|(C*#<o#G^xBW-*A3D^dEDMg=}CD$uSxC%YDU-K?t^^VxA4~@jN16O=LfI;m_x;0
z+fqP<Q{vmNk)3iF&3YE~H~L`m(F?JKswD+>=pZ;YB@Ire&0l@DR}w%XzR@;%Wxtw~
z5tU?AOj0=S&VkylKlllJev!#Sm;wNwWFRK_ud;rsh(4u1Yc2t-C2Uj~$y6111fqW~
zu6>ewFd3+zf*?KN1%ABhGoUdI(bIg;#J$^1A^7ZKhq$65>LCq(A8rK0U_D|cqhWFX
zatDimDX6(hfJ9df{B_9>LS(ni{!BCDxSDK^MGWkr-H$i4raWi?*<=Z#+~`G=nx?ED
z+RDRH2y$8K1BI|Q{+n*nLMZPQ<6YGu+#2bI#O6ankdr$yz@pPhookzk%(@X0b^bir
zee4(6U5<(InmI$QU0b193W~9^wOQ!gmF(ySUIfpy`I|@l<RyG4`1#ug!#;fC*vbs7
z%LzzXFIs^Wlo|~P#1Lg#qW*2H%`#{cd>t}CL+GQ~t-&JugyU=yEf=*j&totd=NwiD
zXq8gKNIKW5QJ7b|baDH}Y|L>Ei9|Szfbsx$+KcEcP|^R~<5VHk=nmYw%ijaxcM6In
zsF%jADUMET)oC|^9kTlOnj!<DHS~Pu<p#utR|-Q9sz4oV-9<vGfBd6sViMuqc$y|F
zy5Mgn?rKeD`wLvhfb9p|@F4+FQRx0A_b?j7f#7<Xp1y;l7fo%7reNEqjsBpfzGzr6
zdOVX;IV9Jw)swa%eidebYEuJCJPdaFB@A0$9v>1<xY!Ep$JwWjU9wpXS;19~$rHG-
zKY&_<aV0fYvC*dc7Ke4*3t?Q$&y7UU+G3-XdR7gkL!M>7t0ebGRgmA=AD=zFu48f<
zIfv}qvD6fxrD;D~Or!_tYV1|S75hrzc(Knt(E(h2^vuB6nEXb2+$hbLgb#d}{93T%
zh_|Y`V_TMaaxCv_scQphjFVHOnFG5>+=emCXYrQbUV@b%`okAs#z~;_Y&Wkcnd(yN
zrX4NZW?+9p_&%>*&GPji!vTV1H4sEl>f()o`&;5OGk>(^1Nb&d$T<pX>Vy&JTsBq3
zrT3vcEsjj~(5|5aMb92!&7K{obiUXxRPGik*8}<@$TBposqzjg@Xq)^%YcN$>h@gm
zLg12GN3SD)4OR#Gs$px0t+iZNAQ%qYSN&d7u}9`JVrlvt^1esU5^ueO%7sUXcsl8&
z#k2_O-gTSxOy07cRYg=K`PI!6gN$^Yv0e@Z<MBAZ#v1jqWix#N?m3mHQ-Y(+_;mea
z@4hT(uV46eq4OXXPi-x5ltB6jDy{Pb%B^v`S!+@r1HH^K)}p#W^VG9HLnEQoE}tew
zrMH)2AM8Qj6@QRa2Ipv|eo`(^yH6RInrobqc&2eiSV7+ZBX*B)gX`sK`#Ntt@w-ug
zYF(#})I<JKUtDpll^n<f>+FpYu`N-s(Rc9CcJ!sIZ8@v<KnI>aB%p^$*8BF3--tm;
zvhGE?S=hbInO-Vqyw2YND2GdSY|y>lIb>~fT3|Dj5X5}HsVg_Q!H?Vv^b4+CuZ`+D
zVz-m*L=?VQ#SDkl(A_)2qO>29&>vZe+3Pfz(sKnLy9Th=3#R-geTVqILEIr^GnVIV
zGUpv5i`7HL);~VbW56VVz1td8cFd6Ne&`lg3OlfR8m6p@y#O`5iuTAC@`!RSmLb>Z
z`p8~pxb|Hl5Y2B8f1F>CId+Hdso!=61NT|3-@jh>JUwE|0e4WHf7#!BZZLx6)2h!%
z?qmETA9%M$EGD!*Xm&}08ExvX*sEW7#l~udqME3cr|XTvHGzV=+IvRu&#=HZnQ{04
zp+$`_cD~DlDLMMe?Ewp%eZgR6TWvMcEkUNljTD=&O4-xEyH!Z>=;l4Ah`3V0Qt`;N
zTrpEc8vKX~B#wEc4+Q~@a*&KYK5Z_S>!vlm-RE*Uu5&A3pff%D$>GzPTyj`z%eIUR
zQ;AfDDgkSY1+a;r+mgj@N(zqLz*Nt}t0Q;Hyp(+fVKsTOMCR|UI>|z|FAmbliixp+
z+9Y{4wPw}`S5{I#sZ+{DMI@GqZoRNg;Bk8$F;VDD#IwGGlhdmtOvy1Mu6t2KWZs!$
z(Q$Vi1E%rv@+d6*8Om<9mk~y5{-inaebrG05JWeH4_HQiMlv$^^=lEp#OOA>q?s`^
z^cH^y_gf$kcEJ%Y*KUx$&`bP9Xm$<g=_txU?=cONmKF9c3efFbLx%BdnSH{{CQ@e8
zi;j|nCKzl1;AoBzo|QO|?Y4aXmXrMS6s2KBn0kTpOb_LFi4BVOH^c=v(>(y#fqM*1
zk4$tZz#Hse27cu`au%1CS2QZ2*~c07z*coPRHwo;=<vS<0{s2D;Yz^00!RrUj*s-7
z;cL`BwaOd}c0(#n<!63buem9>?qECx(SDexO#`UonA-XGIYE!49u?~?It+?5bEKc)
z^oOT!?q^*_6cn+n?i0RK^qq;Q2J33GUnMs-3qH=j;I>}fx6i#n)!IL9w&lKzD5Z7%
zV|-v?n}eZ8t?vvpqs!h}#5zaXVg>~IMOr$^v;@=wj+&!(0}x^z5ben8oPE+X<{->G
z(%WcY=DCC*dmXJ5yu7<Dt$uq~=gerAx4V)>EXLD`c1#Xqot)3^OZmx31X6&N<V^x9
zz)&(cAs4_pnV%2~7*;$ywxQ@*d=FT3QV$vWh}}h|E;j}5@1xw03wg7AjX<!-1@reE
zF;Mm(+jSF!(x#l;4p@6X*o}qsn>KHyUmA{>D;Tqg4Ntc!*?QQ*MUk>l8#!^v9txHd
zP~1jv&G<W3LQvg!v&gNltAc*Ic<k^t+cdf%P}|hPm_P*3V<jo@Kq4qBTf5Twu%tN)
zVh_&L&b6V1;q_zX$lO!fq1laF_Br4nN6xqtmED7Mjk&U$B53hgW_*Hx|7Gh?KU5+A
z=D_=<S&LBkD2}aJgjjsnE{tcmd2c2#mdr@RMov#NqWWT;>IfOR98DS5vJ~G&9bW3z
z7I$aM`DPY4*ZM|zr@@;XL8ObyYGVj?*3;_07DpL6{EO0I(jfVnNP*EX=u*F5SEx&x
z5%8PfR=$6mtnZ%ykL%w?xcp5yMQDMoShwuCo?Od=nF-V@2IFKGVqGBcY(@r|ok>@1
z^*2$!LP96|PXF@d#n+0CmtbhVb#%Jq5!hA-A`#SZn^L5w9CSNr8~}BPx>b`dfTcF2
z{IAh<F-lR#$AJx^6d30El>M7mEfnp1h1JJ&T=hWV!)A$;X5$)c*2n`wasOK?+iq}{
zBvSCY-x?03hIIU#qX^JqV<(##1~wHsU-_Y-JXsyx-Bo5Su9l`=$tj9Csx<SX|GuGj
zMM0-GNCb%vk9XWH?0tt+i?1}H-flOVNyELbw|e$2JG%Pu@1NRJ!<Hwg1WyVKfj^jn
zC|E;3kO9EM{9GTjY@52a``9C)yl1uLUMk9iPu#bdH4?u9I7MLTX36s<H#@>bZ{YN+
z^4*%RN}ab81C>H_t=78c4$~S4DuxY*_wQL(aX;S6(=C1=vOY(JD|t8CUxxWM`r6dT
zI@7!Tfk`ej(R0nOIEm=z^~}~0-np5agodg<H07=sIu<E2W2}y^Bssi%#V(SVa<Yj2
z?UAStdz;YHmlt3T!RScqMG@#oRfc5#rU$gjSyHZ&@E32a4KCjsJ3^=Q*35@@HSxNX
ztL|3O=)9^?V4@$ZU+t5z?uBVXpMo{-LQ7jpS8xu$QDCwt>2*Uk#ES4F^24jVZQ@@e
z^L=-!{?k_cOS6D5lzLQ7BY<(5PkMi!*xylWvZx*T3@M;oA@ufC$a)tm1{g|^7Fa~a
zk<dxyeguV0Q$abk=nKKGa3gy{yEWnF-4J1L_N*32YKp2sP7aVwFifB1UHY*kJIE>}
zthOdUF`5YO?>V;)?WdAIPy4LWeHVJhiukKDR2N}}?_6X&HyHa=ww%89SFC+89Bm-t
zo=AjX169C?lN}||t)S6SKX3Iqy){O(Imi4fG%us-aOPxM45j5OJ6C5?f_bm{+CE5*
z!tATc%%RaIu<z%(#4orurGP$bA|XV)f7efKKvKt$_!lGPq30$}rgnojNE`+ajoE^a
z8#>Af2(cUEgDh9!-4KN{8g`C$<7i2fF~}`D^eo_|`UES{C)}>MQ=44H!uYOI#Z8{r
z;a?Jl&qI3Pbo$^FTyF_RZ@%7$3%lpC@v5#+r&bXRW^4?8GhtpGu6BliI<B^qXOL-=
z<3&XT;2v38;#iN*1ZwoXZI{8#gopODix=6%xB4MD_T59>_+J`Ip3^7m_TCs!M$82@
zh8H-o?E0wvg7mhQ<L4_otT^4$-NVj3w2$`cBx)bjWp&hdxF<xoK@e7pKGf?iIfqaH
zR*l-nf!BtY(IGtGkF+=Zs$RPYN@s*yZ<OKu%4a0oGp1#5C@WQ$>-wR~>j9MHv)S3#
zyhY9I2|tUNf^gF@W~`KSj6vNxd%2WKeFGkdJraZXW2Pz8%XxLwFoay2fnb~&7w+$E
z%Sx(Th2ne~=sUFlVqB_s-oh_}x)7kPps;-eBR<bI06ao~v2zXd8&J9<Jp&)@LNBv`
z7gr{zI=kx(5lc<UAE~9-p$RHE@4szX(FgWF>0lhwhTPr$Gg_|6<c=ga<WGHTRX~#G
zqkZ+#57q5IpVL2FnqTvZpS8}0J}!k7b(BWIf^kjqmTDKx?CTs_p9J|&BNKPvb<c$f
zdl)i;l^D4F?nveVq%uru&%?WC=2=~%+*$(&5|h7v&Vn!f`l+vUlQ2dGwEB^C$>9ib
zIxS6Qr+WGI?&CMw|K$+P=tGq~W&@Ydd=sG%QVH=qd|n25r5KLI#;$tOfHTRu91($@
zr@1E5hW^m-DJ6sXqd7!ph}VCip%Il2{!NooNz6}$ffo;zWv@=4vm;hSUa?uy;x|VO
zDz>D_Z2ks6AK>@69MeR#aeJvOe4LoX@pHMnJcz(s;@ixR0=CQ{+^TNBRRaANd6;g+
z&v%=)YX>$q!0}~8QV8osYU+!HVDFkdMZ&3t?#6woOuR2M@;E)d+44kZqyx2VT%7)>
z-ss32OW-6W(!m*86pykp#wZC;L2gszBhlp#_vUpj<E{b$Nkx>nD0lVX9BZ*R1Wnd-
z*7Z87#QFbxJ?S|?ahE?>s)3vx>Ohw5ZUv)T8qh1H5vO~8=rs~go`e(2uRg$9#18vz
z?{}o11`6znB7u%!UBTGpri);;JUhwuKUE@zmv2ij#_u*L`+xTX>Z?7K-WybxV*gwf
zwmcsnHd1IMZil>D;mVz*`anz9;va(}@)x{AJ$HjX?)J{&!=e6xDdEaOLBm5MkrEJr
zfI!)SfGEj=fusNLSF5jHvJoXd>s5%7<@%zsWwe8zg}Wyl2mt(ls{cFupI&GXXppM^
z=Rv#TpIlGL03=#awv_+R|37or{8KKtl1abC&j@)eOu$rPptGN{(c-Y7!Ktr;h%kwc
z*VooWo4P<+x6i`5I*FALcQt{`Z7mjcuA7^8V;qFfS5P1}d`;>6Ya{`+(=|0UzM9WW
zbFD>GbJ4zj%~a83y1Ai1bL_9e*Qbdk%07fyxJ2>afhC4y{+x8t*6o;M18oB%Ge-U#
zgfWx@_ts3=hWditeb_U>6ILkjbqtoPceiI*0&#N^OP9=Fz0k9JhcnNfEC%qklAMpB
zfu0A#eB1~O1UqvmdX7wZ0$=5RcdWMqa|*#DL!bLIzTHagmYRpab9SPO*dI@RpeHcW
zb7pU@XCOZxM`li9;K1U?n=MZca%mr0P|;iSF?s-<8sAVJA%c+)*)RvPcxv5@2~U3z
z&)VBkbLo8OGqLnd)^Rv}x@G~n&>Jl1-VJ28*CWjT7~#9h=gbO6Zw_i{<ZUD7djt2A
zoyo>6Pz*HRNIw8*+XP@*<NJwyedBz4`+D}Q@EqcU)IinQyEI{Ie=klASM&>f`%5VB
z)s`Oce6|1mZq<psuFTF1%KdR#o&D~{q%21%l55^T>gUWYFp!#)7tiQ$0ydO0HQ@Ue
z6^e-I%E#ZAWjI*(&zn`mL*5Y*3sK0hCQi84NWJ{<kvR&u3{q$qU(QJ<*Urwc_{AZY
zFCcxyWazj^HZ2nX@@bukWxFs&Smt&9!!grD)YylXKtp#xBDc8LHl~=b#~`82Es#x?
zI9?KfvigdPGE5?MpDhKRF0FRNVweWt(+a7t%M;LM98$*IDI*b>gTn@6MW}vIFf&ID
zH3#KloPz=ihdH$dRKjx<!V~=HVUj=>v#bmFA`ej1MG;{LZF{Rm?X^mkaOsp9lPLt}
z3w(1E(OE`r#g|c%ncf+*Ca7~o6xF2M9o;F234&w{9D5PT#Af8hhN|V8Bfk!M=9<A!
z71X2O9bW8<zT6cGje_y%1OWsF0<hE@q-kNC#;k$Jr%dagL|Z4)C}PqthXAGEZrByC
zqzQkxCt2*q+7)>IOMq2gWy%45?V|tPH>7^yAk<-X8)J}rh7_pGl28WJV(gUx$+B^l
z0lY&Al|iU(pe(3L3RunGeH+Y!p{{;}9d#l??uhH5@P~cTgyHu2siXbi;o~GE!XnrZ
za6zEJ7qyfRF<-#l);hQ?wom$)TzgV#X%gm<V}zLj1?sC<BWMWo5-)f#I!Vgd;%CjI
z6Cm+7%ojuc5Y0YbLZPw&Itk4PP6afZM2VpNJZ4Qbx&S~H1?CzgrIiVy^T<4pocuZf
z;178rWo6ztc?ST|OqGV!4J8U~6PnZ@ngcoktW?R!i&9g!i1>}voUgcKA2DcS*hX$m
z`<ViXcfp?Mz#WnT%riZso&J674g^Wa8>!u`{u}tFcdiO3L<I>fJHHZLr?iT7CW_JZ
z{i_P?t)Sk3Asy8O`XR0nf$=~<c|JEnim<BN1cF5zF$CX1*J!V@rz(X5YlA^~yaSYe
zJ!3BM2>|l>cka~dH^mOhYh%oGq<O#c`38h%`dUK|wWtO)UFF!MCD%;Tf`bLAietzX
zc)ppZF4htYgK8rzJJ3dVyF5P(sDKRS6ZH4`GbPlwA8apRQofp!TP<f0SyPi>O4iE;
zU{2WR+~O{zB#w{7=n%sjjcrGQ{s2WY=o{y{Bb}=C`g1r@?WU%pnWAKd%8fz=tw5Np
zrzomZ=!!c_P}!0jnVB~^zp(grMe0kKFs&EfiVkSt2O(I|O8OI>3m3sbuY9BuWU*mM
z8Zg3>7Y1RwEIu;}&C2A>Iz#rZ0=$+EZnK&OPVJEfBX)w|lb$J{{1A6J%7C8z&2)#c
z$wh==_+%v^jHEl~XQs`Q9vd8rY1hGNE%NQnTT2QN)gDFTC*$&Yfd)eS$kvt#e*@Jf
zYXe6!KC>dMXd5+ovpNdPsd>Tqw(O#ORTHG!!gh|K3uuRjfYgC^@K(Y63;Gc?9C$9j
z{#ssUA})1DEt~}NrfT*Qt^x0q5ArO<P&4E-LaV{+#{>8R!jY;&%qhIzAfPPzgTUK#
zq8!Kzuliqbx*=_E76xt#NuzLIncc9_d42zEcpgs@4JrD!&52fRd>7;HPOS$|b_zXX
z_(LKlwN=ptj>8^4p@XXbN&wUNP)Q+cY+k}UmTkQPi{j2UN|2lPpasTgHGc$0+Oaq7
z^J<Z8aruQ1j%sRq3&QNy8}=ZwqLV4XQav&$Dpj4~762(Bw3Ot@?dT#Dt!AQ}qKVOy
zo^R`+f&lF%ugK}+dtKdcf%!fhzkFZ61o0Y$mHQ=V2HX`#9P|p-lT_*z5-{v=*Y=q(
z{z9P)h$4lw=vo}`=K+zK;O<(PrmG-Fnm|^*8H8D7E|>lpBtbWGNl6UH5Ks-rW1PWU
zqc?QPg3Y6WD)Qp&V?wUfB-t&~{3{Hy;9G6qzgHU=LH<_<pFwKt4j%?{2L+=sQ%y=E
zd_|*%9O(=A<c{}OqLGx2R-d5LIjds_k2b5OBlt;bOo|kbNd}@e#BEp|Ug`_l?NZ(k
zg>x~Vsc?>iNC@HO+XvE@w9h7^54o&CQ*rJc`qtSc8Sv>@sbveXQjK*>Np%}pKd|>R
zCeg`o)O7Hp=50@x%}sdjsZo^$g||t=68!ojO4Ay}PmK_8I&&CduU;C^yE_O#&RfvU
zK)7Xy(Z)sW6fuUlKzD90%o78qC2j@!tLO}RbrZ(ygat^+v(inGbo`Oo!1v&>%I_rM
zWYR3M^BSC<6_*t7jgF5c64||a6(WYtX|Eth_xRJ3kahHO-Z-iQ&@~KwSgskD#_N28
zy)c4GW@I7;idwbnTOS?5d+1E6<?x#ju6}Wtpf8F~w_Jecok_aj2IN6L?TKPkj~4x|
zPaC!7%19C(N~u{UT0~0Co^u6@?Lwdpi{@}Fnmt71@M_e{$3jVez6#2i&mnF=wZ%Bq
z*CxOR)VRXdP_Jj9b6L9mDv~%L27paH%nt=@4z$6sz}1L1$~dSpO7fQDT}$&zM#F5l
zGO^qXPw1ePv;+n|p9Pg%`M?ROF~d@E72Dl{%x5M8nDK$yThkVg_vB?iggg21<)(DX
zN-d-}&If<!8UI*RNC{s?4xS{;v*d=BjUsAFTjDXkf(6VlsOvzzHAqYBtq>c$VM)SU
zn0`K!i^0))c*IDCY?ha|+LC3_=#y*px7VQ^gR4A&45-<Bzf_$6bIQ4_1!2hTo-5*2
zYRZrnUqb}GduZniXyeMD7-fts7Hd(6rASub(66sfI+`Q)f?Mc;x~S?><(yn@im(Mm
z@bR)Fl67*rgLoTLxWk&I+A&{P!scWq;vRlfF<_<W+c8{QJE1!XHO{t)NT)vBfqV~E
z2=+IJ#9p7_REx$o%fdl#dD%PS)NeJUg-bzRiZlRO4jG2%^iW2%aV(O}sEa-$w!pq(
zR6z4`?rYeU3`+%Y7m@$|jZ|{*nyNVcT$nrA%YrAfpj>_s2#N}<rfkuXus!`Kv1JJ3
zle9R}hCP7|3td1GErA@=Kq=}Y+6+QSAp3|!gF5TKOkoisl8tl5PGC?7UPaFk&H!m5
zeZ>N{QP_978!YzW*7OBXf=ChnqzkaCQj*{jxC%ig;-5WeLHWV9R_-cs(Q*k(A7sAN
z_Q#j|5;$ldkH4K!b6wo_#~x2gj~}7k@{V)jv=h|8aWtZsmv28c9@6`g6`Ixsd4YsG
z;Ui{7!){aMzLgt>$Bzw9SepdDoP3anD_a7WFykraAM~6|;DZ)_A2FD{LqI!KiYnG=
zL`btwW6sCHPY^Y4SU_`8hf2Wp&M+fgb{$$HW>d?Jr|Wi{mAy}EQ3x`f%UPbAd1Y@p
z-tDm^tDPo^)Ea7$R(uP}QH8d7bNQRRf@G|aWu`1C5Q;w%!{h8^J7W^YV{a8p?yUef
zQNBj--;RmbCjLk@s_P4d`J{!77Ls3s7|XZQrlvFrl@_!OqBb!`a*5%5;8WB`i%>7}
znT}PAlSZ^j^;FwEQz#B#C+k>-<IVugrwxoYE;YvaCaiA%im$J6DOM;~y-McAW7zGB
z!^sR1KTN>oA`f+|fzCplA3%G>8Mgp!c_2pTm`dUGklw=ahjhykE7Ip?uNoTnv@d!<
zfPNDdp_B0`XuES<YBuwTiKuD^kFvzR6T}@}7&23#+>{oG%5?sB)hb}mAs{0fD<dNL
z>9krrEuISp>ba0uWhVy@!H*wDlnY=>Uo3RRyqt6UU3)Fy{!$yVEe7o)P53}*{tPox
zTydDoeIv-;Z=$YOS{FL_8<OTU?Y$22R`h{9t-;xXj7WIv)ceK`cS=Fk#{Aw>zi?H}
zOecG4^Hb?oTV-`yh+d8Jr;bZ-lK#I^Qjt-@G)L2zS|2_aUZ@#>A|`1!z%XP5S@N<A
zj3LS%2^EpRbaYY*Sp4Z|=mv02fXR@3KF2MP(!@3d^I+^3ow}PNcyf|vqiTs=&n=TN
zYN@>%$x<Ceu_(hvNRh6J{9~rfF>XQgqY&WV9ZL!cfepOzWYdTo9}@}qpL$Gta<;V~
zAMrPi6t$t{8-jwvMT3)$+^uy<b*{ynPcEV4pj?c~d5TWBrqtRJr8}UBpG<^D8nSW|
zXeBztP0+H8>`-!ikwgtA5^&TXzO-6h5mXa*ut-ha(Gwo`Uxr$OMogNutI9w|60E!T
z8uf2!9x<-~`q-$DtI(ICikIM*jEghd=`9XdnizW$we)oZKKl{-!e$=qH+IN>R!p;x
zB9yF<*O4B{Bejlkty{om1u6~4%4=a$&`o&W-wZ^9nh+wFF>eioVl)LX4Ud5~zFMJb
z=8|C}=Sdk`2~*<z0bpTr2m}$o0dNGtwS3TwGirqm)8NkIRCBVGhe`zCEKeAt0`)C?
zmzHK(Pf<$_iXnO?-cP#b`8k*%x%oEd1qVA&nqq34V80E66kLGA_yUUrgBgfJcBfbu
z>qlwWQ3v$`k*s(@ipb$x9+eY#=z|GA*X(H-=6<4oaoCL7t5yJln}4_TjG+8Wj+9;N
z(+0}$j^Z(_n@Abw!1_WUZmJc#XY4uI8hw(Q7MmwPEZ8f`+xyQ+fB)HrV4q2re1`Z;
zXtknXzW&P{JJJhmMbHmC&TkKw6DBAAkHv7G48mQA5I8+T@X~kbaB%}`tKQA4#l>j1
zMNn8y9(?;*D~fBTjKkxHTX_bM<Gf3LD+PM2SR|QO3+>_=0o4siON_SZv#Lwz978Nz
zv$+uBKAFggptkXyimBdrKK+~)q5RNG)$LU8`HdjI9x{R7=6j0{1aI9)VfiXEM!Sz{
zFOJn@^kbPna$)%&em?cROncG($fX$(08cGg=X_|Gqx5f(+$QdJNVEnFYLm~Qrqe#8
z-V3NL`OUBMOM$8!)HXc-bam^G&%JDcOFD68px2i*Ve1S>WXR)ogJ=q`^w+P_qZr7X
zp=q%~b^uU)6;X?xJnxKK<rA(p;Sg?xk3p|}o~@D|U^>vMc<r*eDpToJ<;lZut+gIB
zzeyd!VPo8!M;F_fyRwY@uR_{EJv7+fA=~gFQr&pgjF6SK-cqNS3oQ%pps(WBMAk}`
z@p8+qf3<XRRku1t8i3a>%Uv|f*0DR0f9nFOju|+X9aJX);a7Wu<!{_KbiDfQFVwIi
zk^6MU098((M4oUa7T)7DdP|BUFEpe2h8F|+`>5*~cPTmM1?(w{n%~I|u?+UmL(L42
z>YQaC9A@lgV4bV~<`|WgwBH+=sv|%Of@z9}v_LE9Q3ZZ_&>swKMU;Tm7f=g%mYQk9
zEd{)<Sgcl3c<g{Soe#)4)0!^pMSI0!AXT2j{%!r4+qA)(VW_YF+thjwI{0ZdIL<5n
z04floT54WmjXV3pBh1i~Z$geU3ttLb+?y-PI&O$9)FvAQo-S(ex9B{{S!hV5a}miP
z1Y`@1IxU%lt-@_Fhk~;EfD%sMe`rr*U<&k~4Pt3dY7^Fv<dP}9|JbU4QPe9MYqEw<
z_o!_(PN`=Bu_l&#jBA)RX-4q-IO3bA<#^zkQ_ZS+I>~u)LB9?lRLPK2-4M(0$D!et
zHW(?8+#cMgzlwawtNOXM!aBTHTSmyl;s;_tzi_GY|6whc+KrW*o58q>bow5}(E_IA
z4}svQmV9s?81%qQUE_kR42CE(@}L*Ix!yoe)Z4wldJq67`f)A+3~tt>$cIqg^;;i0
zXgT}~mT?S_1>VF#iDlAjOXG%oevKXabv+17Zo~dB4-ZM-)}9GJ&$KLPoVkJDnEX{I
zOV+TjzWXlH-+#=?A`tJ>x|R4QyMYl82nVGea@azGl|ei#$&-~Sd6ZOD3r(SUUU}*1
zScH<xy4izGG!4+jWME)w$a^TsHL%L^5R;06Ca{g2smh6VR%}8o$58dj6hL`uk!c;y
zGf~P?@HT!Rsmb+?@<G$7#E=-$#!?sFX3a&KZmRtFOu;x8u-G_L$;m>WUqS(Qjnvhf
z&51f}Mu3X>V}$scGCv-YQ}S`)%4Q%wzR4DvgJ^4m*@TUs#j@0P@snJZk^7x4?nb2e
zDr<!r*YVX0d2%K$S(%rBnO`jH#V5(-ja7VJ@=kk278G?eiJCHT{n5z!b{|YDJZj0K
z{hoY{+@Ud_Om{X1$e3KfYYQX{0;cqXc8a#qH+AL`HN;8k>qfH!d4AT7#i7)0=q}J{
zYnVX|cc@`W9RlFwZB|f<)~v<sqA_|wafM-GFDHU-kOF|ghd&dyQibQeyb2QGRkAQ>
z57~G%1Ahb%isl5W>;F5I2#0Dlo(y0P%|K+laqjcynN!rkc4I$%zb8lW!HTkF7*iMY
zcedYRDxqqYp+%916SqLSIv`pNJcBi2l8Crqd4d1XWK{bU+^(B2d)2;<P{tO!5w8;J
zBs>&aZV4V-Lng2CkpOjt`0CLly87dqhIsH^?U;OT(y7Gwb$+Z&2zKi3o1qB71>d!m
z!$nf&qH<Vrh2ZqF9_&FBOxg?W=f;xG))FYm39f;(_Eps_!fSdd;v}s_(T$+up2000
zeU$E09d(l~q=sQc$=cl@0tfUgz2J_6Bzl5hB3>Ye3Vofuc|iKC%J_IR<9RIg3<IoG
zy7fZQ*6}iI*<*)uR$JK@181%>6nV*OgX!TitZP=*Za}Ku;Z!X8E}$7W@xZx0&ns(1
z{2q=p?9Xx$PLi{((&KiT)+rDE++&t{flGkhb3$KqMlon7nuO!v{pf8n->7{|A}!qM
z`kR{Ku+T&i9+)B}ZdPcsuI!qKpWM(HxUEucl=PRXCGcYf1x|PbBE*l74;L}dG)<Q3
zB&Z2bNu5TDCAS0<g3%>`@m^0ia3->fmC&DSV7af*4>s{vD-*?(Pq>~94~ZR&u0y=s
zT&S}`qEt0LQbsSu&ZA_@&59(q6Nix#4S)6;e}}^9GtkMzMkLSUeyNprCDfw4k)wpF
zJqSK|=uzgc2-GD?1!aB5#b5MHQNO66MD|4-t7nW&DCH9R?|Fhsj%M1+TLFc|@ZC22
zBloZk`B3N&$}`#_6_r4=E&U6p>N^_%78hL}Sl=VEBWIQ=USOAeF)S;T`k|5uuN+=i
zxQ*F<Bk&*$Tq_{1lv`7AT#_#4G|n#;$Go#$$z0-17HY9dxmEGrj$+c=hlOqig&(Z2
zFZ)KQPp>v3i8XOslqh;;5M&LaTCsDjTjFwtX`o39T|4O7;-m`k={}tZt1RGNuMm7Q
zsqWrCz7Hb57ibD*3yOm(YO+xaiQ6Iu5ZpN$QAdJn(8)G1hmOpNpJlb;enLYce4>;S
z3=q%nm7rxE6SQ}2EW%u6qE5o7azOoc5x#YnGRr~zc97Z|dYoG>Y)u!EI?6<ajRfJ%
z?QVPv9y93d%JDmSLXZ^LV^pOK{dyN{u2Jq`uwxib8>M}(Tk4JW3p)2h8}pqf!mjm7
zL(G_5{LY)FQ==2BsI~x{s>D8+Q`!qF#0rWTqXpjETshJJjd9qbfLlDq>n@%+!28JA
zE{Hxy*h><HArKxL>p7k!R{lv0h(@0^ts6KtU&#{m_E?0#f8YaTLrU4pC*OzFqY$e5
z(MdK`3Fx6)e)n&wL0+V&=B+}{hnarg&)}=N+6j_J!XZb+{f0pjt0FLjowW*jVL(&l
zWk<&$_ZnMogeFgrE6ItJ&)PLq^9)^S1N_5HE*W}_>~#!o1ixWQWjs+e-Sc!>MYn7I
z?M2aUsE>|ZF5?0el0)B78rtRaLmlf-`#o;FQZp`#p`4$4{6fLmZ1F}$am!0sMkR+-
z0EW^{vTGb&P4&0mvHZ)vpmzmB@>=IG(&KP&#aQbLfeG<NLF@gpvP<u+vO`W+DDsin
zVvf_1O&xDSQKvA!u$)1L=Ta(xuxUFd)*_FB=!Rpn^(+l*%(SuV-1DD<%GUKB1hl^W
zuMH@Z376930AU<pFEr{l7~X|#v!|bR5B@GI8>BH*?z@+Y5La@UW+<#36&YPF_Q)T9
zW93gP>iUu0X2(`>{y`3M*VlvWfsQtN3f=<__j&LcC4?5SEl1mUAf-dF<u1Z(J}+cF
zA^chWGw+pC@NT=<W-J<&9*xA=n@BEx(0#^Qu(MYPCwKzTnC=@Hk;2l_V)WW5K8zx3
zuiaSaIcQ@!dDdM#2e?dtcyci5Q)60aq))u*u9}LllFV*tA{P(o#2mw{3KKEfBt%JP
ze=W@MbaY={(Bnv6@!6y|K8?wg%SteCcRcu?>L9_2m?aa7Wj0rsYrttp-*6~hRL?DO
zB$ch0TV4i8^&br~hhil>*t_IesJrEwi%}tZOo?YEZmBZv1ys&e=&$-Xuy&P3k}p?^
zy@IFkjey-~a#m=B4G~N5f@S2XL8jIn4esHaB;|yF;VVAzTi;tlUzkq6SZFWXA@K`9
z{ucey-5H;F+p>^LSjeiau$tzX^pOg^^ib<F90Ura=?*r5i6(}9mA)NdeFjMy*ryfd
zSoJ=yCT6}P$-ox41Z`l-l~?{$=k;(&9{BArzUy+D2;5HG>bKj*y%%vs(xjFBYYd??
zli<iFHN@%acZzmZ+jM8p*bCZH)azmL>o881p(CM<@z-?9jrZmO+Z!xzcZ{_#+FkUd
zg9H-L)BZ8(M%?nlggLB7iA1mZ+-l;cVlRVei~w$PMu`<=9u9e6Gx+O7EAf2fq*M;g
z-C|z0%8F?<rA8$EKTQ?I%lvV$VWS?XMH0-CynNGMf%Hs>NCL-0APJel1At&isHr?K
zPS!4JT!Ts3q1FzIPLHUilj2a9wPN;O!rc}4r(x^3r;7Hrv-m%~nZTj#)!PH5Kx#nZ
z4ZeL<-x9%|eTVLkm!_ZvTt-^QhJlgPlHSyH9bGegFL9SLaew6i+<49z*5^KWTkmZO
zL6;j%&%>QCzMg+{B|sQ4?5On?UVz(Y_~0NPTYojL5Y{>wleAGK#X`LIOYP6-FIRn_
z&zrY4m4eOSL)uBUqL(=jW0L6OG0FEuQ~VGtT5us05!_*W8I65y&`kv`U(=s_gtL8*
z7wUS>Z0x3sU^)Vj%5>uo$gOdXw=LVgX|(ggPBQ1e+IVXP&?izu=MpnngG;|_mF~ES
z)qPoH6fX>r1w=&fio?{bQw_@xmVS_cu4vCNa#@aJsR(6BR~~xFu*q%=%k2M&Y^t)#
z!_FbZyE?0p5_IYYxD-#l3i+1{Jg^9MOZTj)`g|Q*GMG0%ov7XK?lYvgZ-$C;3*v{1
z!*ThaWvV|#TbBKwdu3hslTSYU^aO4Yuxs{|Da2_nH5QyXr1dUu3$m!Wx@tdxlDRsx
zK2Tb!LF-B}Z+kS0mz>AT3})5lJ+AZyo)w^0cteWMYvA%pHn;cLc4|FnV-1~u0IsKm
zwg_70-th8Eohds9DlYLn+}VL)7X-&)O-;v6$|k0g%9oCloMEG}or7iY_^0dasT=5z
z)(T*XuctmW1(BdDms<myITS6xmQx4<t5gq-lX04vY4H`LJb+VoAyklFgp%o<K77L>
zUZR-U4kLxN#ExJZ#FWo#;H57(fkr17NFAs+COOnayLH@3v#Q&7ruYbg_Sa=b51iIz
z8_T9o!tYQ{PwI{j)pKGD%>83%p1ajLgnHScEa`GG1Y|SWZq>Huydz1Vsr@~73n~j@
zHCm6y7Lon@<&1se>P?cy!zv_hYH<|sa?4$nuCh0f|H%-!unkXVhMcgrY}BaJ7o*4P
zcymdb9i*QoKzQAq{@lAG56#8q_Ujk;aohP2qwT&MTVFsupYwX2<_m7qZGM+56C~sy
zR}U&PUoO_GaP3CQJbV_A(Ks**_et$COx)I&e<VnLgjUDVV&U>{cXe;rK4-uI=O^Z8
zL*omO0rqC#YU9MC`9jdh|Jw-j;<CqJjWX*sp?ZR26YQD)$YJ0wH?xEulQv(Yv3j89
zl#;PNIh^_zUYBfLEg?l@ogqzKg$q(nTlC%$AtiZVV@L*?>e(F77(rp%kw^LW1zV$P
zZ?HQKyy&Y&REX~Bs*0{;(7DCHm#)rhSzot+0_E~aHsm+|jxE%9zuyq6UezOl#R;zD
zTkchPH%;x1nVP7J{P_~4ST%3i3-~aGFYY?sFjrolEpWPiz<D=8n4E*|G_ya=YIbY~
z>YCG8@;$egQxphPp6a5btzy_YhKOq0jHR=U)mBh!6d=_8{q1Y?Qo_s;OIxr@evD5Q
zZ_5smeIl8^XwNs=vWAea+Y8?j?L?1P&-;<-Zo2rfKX(bauyq9`=bvnA6^3Tnj`jB5
z<{e;vdTDB6iD2wxjA-6sGMXvydH!|^6!}T_`c;-uq*DzP)kG*^U0Pd;%#3vSxw+Lq
zwcSu5`U@%FAMWrU;8#wjd+Cvrhs}r9LU8`p`BSslD)4Og2{Zi&B_PZ>EEOwSRLHF<
z-A7cyuCc}(c*D<NQhsAjP}JprhDhPg3Dsjg%$>XG7;sN(<wMj{(YDPtaIj-O{^!ny
zlNnVFjluv(gWbNQCN*xa><NR>de1$E_+D1Mw1<dWsUY}HHcPs0n62Q>#Fig%Rgsim
zb8S4N$VDM=Aj&I=8|IBp5=VO4Q7qSO-79m$+C8MRU4ZMknhDOhtUq6OZgG)D>t;#G
zmEoOzFTqfIUwzrJHrd+S2MN_86OJELL3|?7m}my<G|#^A5Q()joiRo<PQI23Lr6|h
zuX>T-Wdge>a7{nMk6`b!E&S>23P5D(J|l=qV<$%H@VmR8yFT*#y^`^1rQCBTzF~!H
z2ttc%8Jug|lB+3-jC%X+lOCiZ;7P7>$}0|9^*H%(Jeil4=l&3Mq2z_xrI>%6A+T67
zn@|Px`IBqvH%V~aj_2cH;!s>9>IYp5mO;aG3ppA)IBPR+Y_z42)5wzKHbCys8I!;B
z-}O{^6n;2)(p%59K($1({EVeh8hX#%U}s^<c<Y{>*a?E_6n93Ct6Mz+B_kbPb|>Y;
z(a#oI%t5C764838!vE|?eW?f2t&+%Lgoy+AYGew~gxtXo+$PEa>)krby3k%i`1o=6
zZRIuC&fk4cqDwvgqdCFr;P-g@B=K#i!K^siN7x4^zni&0W=Njtuz&25aE;_{c=z0z
zEEwj^B2C>V3HaP^(m}_01;@XrQFG;N+UY(K#r^$Tzw4AlX2sJ@qjYgXfI<`Z^Bo0f
zfDx%<Ui{p<iQ#BqbK#L&4KkU+v#p6;0XMc2<eKjMzqVZM_m3$mPj~-pE!UWFn%__C
zVz1<{Z*SxLT(2&^vQnTbKazJ@R`IKEW!#>r(;990Uhdns)mB|M_an#4AL+kO@m#zn
z-_JkyPfn4{#v5E`wA|iBCu9d(E_PlMt(#V|eQmuG$NxJYA2BV_72L4p)rRBeriTWs
zpJRFa{w$W8w)56Gus&U|&SH&`-G>(c)GN%aJ-p^K4lQ5p6tLpsReRC$yJ;I_u1LCk
zulc@r``TTL%HQpYSpK=gsd$GrzbU5!?*b{Cvz~#+Ka_Q{o;lFLx?MxD{>#ITY0kno
zmT9eC<ZMu7Ut7<%|F!gmm%3uChV#}ZAH23!=)L}f+wL8cwiYZ>_`cVD>&|`#$-7}I
zE4Lr*yX0<gA@JTeyIX!Mi{l&>L(Q|Mw7K5ScC>ISHh6e7D&h0SBU4h;|4fUO-6;EQ
zQ(VyEx$jrr{hk;8{Lb?7^}O8Ky<vZ)9z3{xH~*t;!>78}x4Rpqe|eUQAD`F0DDSP+
z*So#8#g{+d>V4s|TjiT5=bu|_y=Sh3@wte<Ire>K=0eLirsqxWekr))KmW_W4_{9H
zX9@tWIg$vtX?|3NfdRN$sL>}7bkxISYhQ)QUwxcmZ1AZMh^0xBGkwkAr#@Kw%CLc!
zApzGYo$!?r3(#O-NGsBHcGM3I;bmZlE?EK@r~q1-gs_W&L771Tq!A3ZHBQl(Y~`oL
R4qdA>IonT#?UXM_4gkGth~5AI

delta 16644
zcmV)GK)%1+p8=Jf0gyifBVA9E;V2ZbR+|L_BVA9E;V2Zd2nNXk4zo;zSpWb400000
z003x{-v=lLGigv~=6{hv6@T45U2h|~k?#Y{e;_tE*n^C<YtMc<Fc4XiJwhy5kmMQU
z-sl!3cc#@;nl1aZ!2<aU_kQ>1@=LBhNH*EslI=<E9`0$!YO<<WRje--xjmgfs-nCq
z^!j907HPif%TkIz9=(0@_Ra6aAYWyvc@Ty^8T_$V7Gt?qr{Y3f-+y(d{b_f2BTmo7
zWO_Rv^ycDjHkgWTuXlSlp3g*g+!w?CU_2krhl81)eHP6=I~SwwxO+Xod4pLs>_ar{
z!?~CZdUw--7>xUq+abXBBfpPEet!-_=7Z^EI-Cu}=yp7u-%f|)YfqP-_d_)AhjY>I
z&b#8~w%45xZ^wSvkAKmyAN^`!jJUm`NhjU;$#gKA`#C>FbAD=_GaR4Hr`_>vSWWvm
zn)WlU`FaGaAy&=?lkT)TANbL~M5BK>7vsVF^X>Fc%&Fo0&+w1wr(rMP{pokH=)OA_
zy+2=q(E5X`!5H|}oKX`tNc-mY`kELDL{<E)X2b$M1qt_V$A4GD>$_>!F`##Idk2%d
z(?1R7lbddYFc$nNNFGLv#ntT;;mn8QJ6Ia4=yj&=W%l+>YI=IT$x@k@FxmgRgI~tF
z3_p%_ev$+O2+UR%i$bQE_}%H-H>24gFNgh`G*P)xFlCe`g*JLw!j>ot2|6v@$N6rf
z-o9Bc<sg^$nSWYb=>jH*(N$M;x8;M%%QTT?s&io;^fp_FT$kcr3B|+362@N^N`AS{
zq%lG!iQeYrx%k_6zX^idPt7xcQ$s*Qh%o!@o0aS)NnRS5(tA+J7hDL;miYo01W0Hk
zGf;FF>oiYcqstP0>@pR!<7EaG!i;pDmPA39{uZScSAUsY0c*?_*nmK1TeC@%RBsIc
zDAUKZOcj7I=_()QnO?CVvP>l<ka;2I4@%7F;|+WivQQ$~76q&<+l4FYgrnA56Y&q|
zSX<hV20$Z#o<bnjlQaj0I!Xlm1$={<k7=RvwIb=u?IJDr5ZA?T&(T&5Y9TF=n{rzy
zPnyg!qJJ!1g782Bgk7jdfNR84T0XSWm}_GCbeq8{P=N&rMHKYIlL7=wkQa+y0Tft&
zz%mr5BeEkVnUV%E7$mHGkYxmoRtoxvTtKQ5oiEcB42@U~C;$esjc}Su@)f_C@B~%#
zy3pH=0S&&q1_dwOBIuh~(MMiJx<I{Nrs2jA(SOcp5o||vBS=mTG3kX$RQjlRvF3U3
zWvSMivUL@e$oH+I5=X%KJycp|x09HzH@Yajs-R+7b!iZ`mzaPLOO_pAGJ0DiipPn6
z{QbYcV*KOp|J?xt7wAO<3pK;2Qo#6jS`l!fVUw7R&KD3d)X*Fmr$4A$p`LhiY>f+V
zzkkD$GNhiofik~Gy<HdG&8E<sA_eBw7V;p0?t7*3kTV3VunS0Vm-7m7837?mCJ)V3
z?8uF*$dr;LWy3q$7MpBqmjke!$d|}C0Jc;hAHmavj4ZHQWTyq}2*$0qYY!I5W|O41
ztB1oDy;CCvq>T2U6y=i^_uCQx!SYxEa(^b2Y`J;{Ec%J;x_bwv_am?u{S3Ma82>A(
zQ!WX{!KDUr3CsY>#i)d2ga$IESjL`kt;z?zAf`zq1)NhQVy0=P*Ge4goCJU?efMe-
zk=LkOssJqsRA{u#%Jk$4bb|JMMA<Q5e|OG)nRwO9^mc(XIu-_A8u>=w1rG2`CV%hU
z!>xrNQ5H#}U_(rFmL@xb`ZWM?jGtTyZ_NB4XL?XX?|JV43LI-{gU^2Nq$2dPE-&Xq
z-@e(lOY63hlOrfzffq<92bk*Q<5^y)5)tbh{QO9j*2LU&KU1W&(29eowSsR8OoIFb
z_}5>zX`#>=8w4a5w|Ta^kxv!~0)Ie2f!0DuwoZ*9;~{XyiH0d)r;;yVnHCFcgu~y_
zsBQ|f?Z`p`1~Oi#Od%C)?{go>R_L2+kR=!?w#LYm&R>kiy__k4(Gu#wpCmqz50gd9
zT~t=}Ug1I#HwCv>GC)GXudVRYMI;q*-4pa#xbIfS;#qzv@DJoIK&fIahkxrmB%j*Z
zXAp@@a~p}Epdel{xX7~58F-gaP-Kx8YJsYz7S4K-(zspGcVBBtj&?rS|G<36BJxL>
zrL<wMfRVW3%>rFZX%zt3%VA!Mwh4ZHNLLRaTW~>-@NETXfJ&>s6G*6&bOZ9mgvW^E
zyUEzRqxmp3Enq3DZ6*sl1%EzvT2=#s8~g{N3q3)AkN0DsmS{jV7<svexQ>{r$5cIu
zqc&@QMD!g^syS1nt~Q1!20smP6bYgw>?Sy209tzL7YAh0PBXYP+>|Te$46;CP6&VO
z8uOFqnDYOOBcZM&iPMqF3q%C+j@y#4s*t@9&;80F80Mg+8Dk2=wSVKw>vsp0UJ-eg
zC)-V?B~T$ciFst3<s?9#BNq5E);g^9BX7tCeiz-_o%FEb-E&>{G0la_m{p;TXNm(N
zY#c^Gp#m_>Q{K?6;Zs91q_t^fx`u`K(0mtbuMtLB?Io`V@!23tS1G0h?ZKG`99B7|
zROL9US2?hbaYb3ng@54x+DI4-8do|>s&q7G0UzDOsdF7I1(OgAv59gd2s~Ic0Hu$v
z&L-c$gHYD6V#9IA!Vbb%6@NrXJ5}<>{@`XXAN0j!FdcQrgYo?4&th5VbqhUyB^E1b
zDAre+lsmd`NHxutW$s8IttBEigeF4dAUEltD7c6+84CJ$^?&OKqPi7_MHenfe^f=f
z-0=>PIpk5+MH6d|Nn^A03#i&V)L^**e`+Hu2!1F4;lLqjy4rrazzR@`p<52BnwuRU
zSO9+^2&wE1m4McsG@K864Hx{0X+vdwaC%uN%vROH8ZHNkLzfmJ<{Cqs@pgR=>w&f9
zVQJ371m}ttJ{bhyc#hG}5+Vitg!_ztCCrZTXckaGaBUBhst`DTqBv%f$^0f=s$`dt
zTMJx`gI*05I9eQ6<AJ5kQSY8dI6*g7nU9y^rL@eCw7$?od524da2F!DZduCY3l$+D
z?1yRK_h=Kje?ov~zk+$j8G@%64kgbaQcS);B*R63OPOO-H~~xgq>F{Pf$d^qT;m{g
z?wz^<gI!6+z(A3I0r!K>7PWi;6&zw(5C3|bE^s?`4&XSmIPRIYjhjmz@~glPqZ0RF
z`jIQGm=U4bk5L@r8m(z;>x*TD-#7xO)L8CY^mC}Ko42kU0uk6J<hXKuy;Y|4IbRsu
zg+*C$eK(lRYY8HF>7CvJS&(byWv#Hf3gM3R#2d{B#~!eMxRNGR7sKyB$RuLxt9PME
zj;BNB!X*f^y*EjbZqU*mn|Gc-+Cr6MY|=xXP}akV7ho|C2e{uCpz(U^7xj9SyfAWU
zV72R#9oXLmeTbR9XIAA-0u7>U&E;pCLO-S$RFWQoQEZWD$JyvMX``YSRM7;(MCt^V
zTo&b;b98`z53Z987vkPvJtkG=y}<ZHsRen!rnY&L`hTZ)T-N29umP4}toBXi4Zh(3
zREb$2Fp(*UW&@d3gx94Pc!`7Z+XLY%BpG5nAk@Rd{w4Ay=|Totp_;l(6gLyGqY=^u
zb;w3`g(^egaph={YA*Ks%3i}6pYz&y7#G&amC_G?V?CncP*wB^5()~TrLzLS2^rD^
zWVU3|TvMk2uh*SGuGr0Y!Er?HL)IjyTS~55IzEEAU!q6R!j2~iRL~)ZJ4DC3POwT$
z=G-1ik-y*>5Gp}yIb36A1t%Q1bzB7u-Qm`=e1w~c9dGU<){x2+x2M@Im$)i>yh=-F
zA61)wg$F{elzkS#Au?F4sI>7{F7SHclZ`Ysp+79Y3aqWtI*iDZeInVhKoodo6T#rh
z7>~47H>40~OwE@|NLUs@b()DrD&v~(NF@&vlGL?17gLxgXyV?wHXR}7Q5<r?iSdey
zC5P4lJOGj*Z}O1{;$FeB?g=T7L#spjYxUKC-r1|rxXP_PJ_OH4dFM8lcntLjxN^Cs
znkuuQUe2}A)ypvAo`G;Hqgtp{Y8NumIad`xCN%_?8j_zwaN7>Y$a~3csn?jgpjo@p
zg-gO}Q9c)pY%T^G*H)PziFO@4mbSI{u)o-~x!j&e(fPfW#lmW}n<z#zrz$*~nL0~<
z9>7><hXD)YMmY`?G!BbH(!2mfw3GG&tCd|ophR+m*%b|J+b?@hc!;xH!0Ry(`yEf;
zY)N<z%*Lr5GYuQN=xEg7acPECtrKv4k11@Kwf89Bmc`bTq4JWscbet4Db;f>#=1I$
zt+a~1b^MMd^M<nIAVpxEEK?r7jb&tiS^eV9D|<lILSj<5<1<GGvRf!m(FGbtk2^jW
zM$&KGI;t5!wqG4nMXtl5<2|+}d9IhzmASALfRD{6c@2;MY6o5ZOoc3{H{18SL+5$9
z9$j_$j~Em2c)#sNR2a+PIarL3TtHPNGU7>k*&H}pq}0upGJ}Fkc-+#`ba5_!PCLSs
z7`j~uab(Z>j{YFdI>68*+b*i=*%7P`zI>>@bVD-zfbTotiKv7`-p6$Aw`o=mbN4s7
zB?(?w9D$r*!VevhWay0n9u_OZ5t2au*dgYiE4slz7qR{E_}w4GPaVOnOU+L|cf=->
zB`|l5zvbI3`-AwU6R42;@$|boj@?kfZ>IrK;Ue)fioH)0u3%-V@LL8;jMa&vRj0jb
z5Cj)!psa4-wljX;*^Ry=JjS;zQGKkG#Y&SC79$ICy1}lytsRg&eU6hs7Cr$7lYkZ_
z8MeSEh`&&+*m8g~q%<g)lPIVh9z(6_?FW;-7A`0cf(CdDKK^;Im<SeM6qb7vMS8er
z1w3qn!#IkFum)fE<2rx|7xNmE6c;%eO#_GtpsekX1{70)8S4W8AZ*<?^(xJ8H<M-;
zA%D9o;Xl99PQ+^gwq*oQw0#|rm``AbxjiqO1m&iG1q#x_s4vB8KbrCw^;C0%Y!m4L
zX!b-rI6I4jWwdltI@dBGX0!<v)9aOa%li^}Pc16$Gn-SgTv4w|1uCq$w?pH0C*SA@
zL>XYV?{tdH?GJC?Z0^_VXgf?UM<W~9g?~GN9YVbjtXvETtQdlsPPq%qk`Y!LY$ps>
z`PjSSwUSw)H;5BkWK#5o*6~tyj57=kutlP(kW9y7b%Lf^m!s>~kmZacOl%lOJg_5x
z14q;amFn6Dzmoc};td3ce}V(_zzH^bz$R_5jxI*pYT<$@45R(OQz`*q4cDXR(SKnu
zKp9d9qDlzcet-K0JKwq`CWfdd2X47E6zxY=G?zxQmO-H9MdMHKB@gNF1QhSVIlc(s
z=Fwi=(UNQ9J3+Oq0@|&1+ak^iD@y#dh@5#7McCPAi?<T{c%2Z8vTb!yWT?PwZ;8>=
z)M3C8G>SIhA9wd!b3{u8;WWntgMX*JeY1jS1v}C)s`l*`zT-u?Z$a2-PtJphZLJzs
zCHiVft3<Qy8;WTj1@u!F_;HgtTTARb@fm_IcX}2O>#EIp6okuQE-X(Jr}5t8O+7p(
zIrn!xkB3>Itvoz2uU-0izz`^}%pc8W^N6MjPgAW#|91LY`+6H-g<N4`S%0=GLPuOt
z=FCxzZ$AiC0DKsofGmRGxwg%I0`p4w%KT<V*R0^bkY}I$p6rv$;4t8agtY+VpsGkV
zFr2%nxw#b!8jweuw8RFK%{9p3N$z^8C@K5^&x~9Qe4-s8a0p#qfvnyQMT@^dT?#%r
zH5>33kp%N94aHL&l>?nez<=~3q^b?)5s2Uji~PQr+Uq*_cU6HkBn@lMy1-=|_qy-C
z5~COzvsDE+*0bLjJ@Q>o@HEI6L`SzJi3rQ%4S$Q4OALQCZc1qCsHdtdQV?t_?!tcj
z=aJ)v|5%nAb19QAppG+DV)@57rh^6eIG;~u;-0_bwGbM>jQ+NE;eVtB5d|w9@`PKN
z%{gsE$BQfTct-S9xU3Srb-1`NMQ&dVtn_`INWVs~AGP&CO88l2*`IR#l=s{PhL$xR
zK!;hQcmg2*`1^l;K{$uhGF%H^=kZ%HV08;Fw{pCvl<%VG!kW_nGHp}4n2395z&M}4
z7?)z2gPRErH_%Pz_kY1oOf$dRyD!*_baG4mlFTq(37xC*=243}_`q$w1VaGa_ZcFq
zY~_#k0H^>Ocx*0*z{{V>9>IQt%~x$I+kqEuDOs_D2({S;Z5TekK{~1L0jPD!$hqAz
zp)}oTk1clKULEFhw#)7DS9oI>f=s5qn<UN~%<Ovn$+mS5;eS}t2mGB?qQ-)-8yKN>
z&V+3MRs}{A6&#R?0~I&XJ_qp>M`n0#5jN2`W&!sb1mLQd;HQycz{xhAU)j&*1stzA
z*Pn3@j%U|+8UX)6m%0Ie&%Hvh$#NB4B%aYPQGSQJ*sK^!U*$Vw@I?)ly=K*Zhv?W9
zNO3kLiWwH{@PF#(I}03)p<d$;UkRB35J=j}u!bjHe3_{gwL92MBm6TMvynwL!u^4X
z)V5UPPhC0>gnu?DTBHSsLv$?tDJ@F0>?9g{Qt3cMeXxOk(0B5&It9Q4=h4EE8=uAI
z`mR4^!%0W`3yf>2F(0Q#XPPv$t?gD)f+0o1obs5dHGiA+;60OJTSi(a@fzc@%gfzd
zt}3muZn&OQCRL(-uM&yg<kNUCw-yWYp;E5cOu5o5#?h1n9)Y7&M@_sC+ky>J3oOTd
z4FM@^My&60gM+(2N+2ya*r*eYP4q;66D{X;bg>Alt~OR^L67)e%>%2j{Zy_BiB~1Z
z`~%pc<bNS8K^G|&=FgB0fO(-Kp1#5y9>#x!U%2xLREU0C=wusi3C%0A2Xe;#;k^yn
zwAe8xSZW&P%L2A^u_Y4vYLn?5HbJ6jxE2+U5Ilry12nFRKhR0tNWN?P@0gDE@rG1p
z8kX%B@Gc8&>>C9a{k}E=;#lMZYW~1oX6Ip8B7fX7GQ9duy_w9`&)8L@3OCC!+x~2;
z=p^7mtq=~WL4A6Fw+^BHz(Ea+{xtTIz<(YT!(*hL6EI?HRZ{mqO?}PA2)2YDO+dm8
z@z`PoUXQ8L`_lt@kGN1~-YF6yl4273zL@p#_&WDrFcl9%R<`In;1=P<maJy3Y5P)h
zFfuwc{)4x^Tlo9n!c(rTbZe)4&k?1sz{flRhTFo0<hJ=PD#q1%SRq>ESwvnQU7}c7
zlPn%7KDR4lw%`Jy+yY#P?3>>tl`?=BouuxGfwImI0Ps{>lbxOKTiYRU_Vk#E_4n^1
zQJFC2NVXWaW8Itjy6L}@lO9L`Hj~^QC;`ip1s^y8Ws^Q17k`AK#K+oCc%yL%X}BuF
zVg1H$h?LVY0^r}1a7RM?vwOq_v(5oOzGAN^JCbj@pM$Iu<!(UieDUu_gFfam+m&fz
z#AncBv%$klG*WJP?u`f}Gpb^9x6Ru(nS7eM8|E;nk4ZgNW!<H7y0)Y!&ZW!U@SSIk
zwS8P?XI~&e0$gT9K<yqpOii)bvGmVW&;@G-GqXC?RuXplW^6LSp}bYTJ*)S`ZA&09
z;fI#M4dxix*_J(O?W$ks3m7ui++c@MoABLs_*bqCq4Px;SE3H1@VG%7U)%9yKE;zT
zAT%X4D#cR{X_apViPeiIj<wT|*C~gkbia=9Yd830fzP)1C-7E#lZhZ(5)*1)1L(cB
ze%OvDg~S;rZpuNE_8?9#pM&dNz-vIeNzVay9`9Aa-6X&NK00&MvJ0QuOiu_t+>Lab
z&%K>z;?2nt?5<#wb0J%QU-o7th#HtJs_Q!tU?)i325;c%O?7^2t-PPY&$PwMBk}?6
zTnCT?;#;UhJSGI(5yt=t?-biB7C;$S%2R5v_R$E@Tzzph2c!Xu?By=}JlBIYXjC+P
zX2;dwQ2A|Aq-$C11kGakhEZVrN}BIM&7+6G>^^Lb6RV`h=QkmLGi~q9m;{ANgwH7X
z*we`>in=)^Y)4lWSSUEf7{$^|ec<?5Uu!2VUqPV<7LFZcI>UVL5iA~4NLY67MHs8P
zU*A<{_|3)DdFocz^RHU^14ulR3ZGVspNNZLe*?h3@z2h^icPiG+xSLuAkTWLYG0HS
z@%;^aMr@HT>B3Wg={9NodQMG)y00MfeH1)4pVX@!oC}K6qAS++l{XAFfJB9wjozK}
zTv6Z7`YCtMA4Hc8>Rbu$1hotFb&G4|{L2{ZJAu*1VftlXj|rTO|Cw$zik`G7KE99g
ztIicR({RE}?iPOKI%ssxBf?QO&+|#~XMPfCZUKt$0xo)gfGT@-k0&8+L1W_vovKMD
zJSdOnw@>yFJZOlAF_UW*P}OW{aSj73^B$}_SO=!N$)1`y2*MBa_dZ7QFMM_iiq=4Y
z960{l>2Lo=YKX6OU^e3#SsNH!6Kn$wS2-#zsJ>&MfUOQB7ZACJiEGXUeG@vNJCxYj
zf@iyl9UE|evr%EHmm|)A>@VDe?Aptz!@##DS54>9IJJoDeR#bW1EsKQ+2^w1!>N@K
zufeOT+^+%Yj7SqKzUF2J9fs!<Mhnx&Xd?>=OSd-crlZst5Dx)38|;aBz@yjmZ@*pW
z#B|oKov8!1<y)1XY|Xdp3j4Q=@Pzvw>FO^2DG|wkNigmtS5M9Nm_OhvQ})#z5x*_f
z^61Xw42MtLjqTb5cf-Jc$H9R<w7m#hDTaOSitZVsxve6;HXOHXk=>wRzXx#QM)j+-
z01Ma#EEr~7gEwrc_vpkmK7sPmIj6t1WA~Rsqf>i+?kbVldx-ovPoOfTy`368E=X{r
zYi}ceRpM3i<_%ze50XmPro3ELH$nC?fGTsa&~Whnr6Vb}liog574$TNQEt^6|3X#J
z)Qo`kfUy??xPhh}paT?eoUTLQF2D@#^4iM^%_9S}pMyDgS7Xl<Dq0`;vkW&5C!;Xw
zHP31;insaJxb^RAhu5zelWke@CgLU{|BEeuCr~pE-chK((c8Mu?2mKBFMPD`8uzs)
z7m5z_12*_NyzMrj8iy^$w81*`>YT4igr)n|7XpIk=lrBrYyj8YkOxPUU@q^8heSQi
zUB?Wp;07b341e@d+9BZ7e!e0rii0t85j!OdA2_@BB1_A@16=X1S-4lp)7-UQIlno7
zJ;A3q&`|loVVhSkynNtdO?1rOYx!sV_^g%~h?iX{hxB<zV4x&r{2E_H2-?CrH3EX_
zY5a<RkcH5bW(1?drkmHv6g5t!i0m|HD;@NP!B4ebD%)@XnZ!M|>BhatH9Gs$$@OSu
zjXt^cSz$ze47z9=)9|16ozX+88^6(iO<D)$y(s-dmb(pDTN{~UE=X@yvqG%#C{YUV
zvsjwP8cOiGbSPqa<dohubqDF5L(NHnSZZ=`Jrk}Uy>cTB$w-!k&#$TD#0w*o4~jvz
z$>#&hC$Y~a?)26jyn>|Ytu_QaEP)Mnqq|ou8cQ0iH&nsn|1Mw3jlf2=KFR2RO>Whg
zNLMZs*t`6egF_X=#f#vuMX)TG=4bp2xQ*yt*WK&i)@Bu<VE$y;dTpIvtqwcO-F0%S
zO*JCj1Lfl4&@1E5y?5UB;`vqAJ*Md1ZmX`LNB_%=_{9DBwJBGHI)w9VA5P<teg#T#
z80QBOzn}90@xBK2+c!sleEa4ee*jQR2ME~3uACwt0001J002-+0|XQR00000vrLm*
zC>;hfX;5eUf0Kbu7Zw8q6aWYS2ms7kgjoOp00000006apldLE%2H<~CXYzlMK^1@P
zJ<D?2NRoF)_#Y56u|Ye=qFZu5HPI16Q<ThIiqevjJsTT)fPf-}HVCj$0ByOW@9V#q
z+qP$~bKBeK$2K4J#Dk<fJ+qfRbXz1*nORv``L4n+&o-hcPm6qYFfWTFTb_hv82q94
z_|fA>zYR_ckwv$Gq+cX{H!O>3xDtPd!S})0^<Z`~8;mEx;c;*|ySTdlcs7~^lhHgF
zUYuWE!M~#``ZzurO|QoA`#d;-kJne@$#_1v8ePxk2I7$i@#r`>yZ<;taJ|8Bc>kaF
z!57|xFOGxx{m0?;Y&=)EFE7T^D?rp6{qbsc|M490n!#UsgTFjBl%9-&`SpM7^=Leq
z45q^oexCF$W@m#bQaZkv8W3N3Aig>dM(3B4!EkgAbEN5=Tui6;A4itrue}jpGqXlR
zgz60l#?t|O``Q`$jW_h0?xCY;a5WoD=i@6g_FHf4x4@{;84?M6f^`9|T@HZ3=JD^m
z$G^kJXRpUY#T(`^u#(UMU*~_L!Sx@lJbd8`#25bX;lI5EtS9#$Pe;@F$d0Os5y;U$
zUtG_ogNb4~5$Y_99qEh9;SsLn^mKf7JsTM2oDXKhS1fd}nB(c`#q1n@{nzUevTJ%h
zICB8{Vs!{|1*<w8pN>(i1_=FXJiTUN!mV+Z<~L#b_)#K<`D&deVOD<v1lUiDyjY1o
z{xHo;_qS=D1(E%ofK*`-7h#eHzdd~X=zKoP%JIo0i9{v^jJUd6iy#(3ir+*cI8UM?
zm-(U$;K3q<ef9X!Y7vgI@Fo@UX<on>m}yv*w<0T(C@d4ed44(wGK8}MOl7bRWpMxJ
zvJgQSmC5G*lL*#%RRn*j0P0rjQUo_eBE`Wn4I^<J{Pe}o0bw~w<Zd)QAsK@Yn}ICD
zK@?@BgeQl$B6<s82Ir@NC^cewHWpHSmO<PL<5iL+pn$?sz>mxOPucya0vQkRXbA@R
z1OuK|#X7Adz#XSSoWo@Af^d^3MGz&~k9$B3@+w&6NhbR((9eHi$f{Z~^sEP<d8Sf|
z54cLZ!S@?<g$f^xuiifkR$(FuC`|)l?nyVYdx2DkX?ixemZEqSZUim~NKp>3QirQq
zh!1ZAH~3J2eB>au_n*r9PeBsnLNAj0PZF0)-hYZJ5EA@&|ED1Bh428vb7vE*VC-!k
zGvP{B7D`%>zaf8;d7enz6Uh<~#!T-J3{r?t9!l?%D#Hat-X-w6d<v_Cb3lehc~OX{
z6f2-2&=`^av_V_2s#5p_EJY-=15nz+6zG!Yd6ty40|xjRs3W13$uh$S09;ijDQp#j
z6y5+S8-YB-1)xoll!#VVa*gzWQN^+2EX|j!Fwzvij{$$f1cv+o(6bP@NdlH-;yuFs
z>wgDx8a07Y!C(Ie_qW8U0)|Qe1e&I^4`rXAHO7H3Ztzi0A?P_(#YQA4&I;%kSs|9l
zdz_>{7mqYtZ_NT+gdh$x<g&;%Nr6uxX(*^woRm8!-J{2l?g9Ss@acNPw#_yQ*JV{S
z=UVFBbN_z{9%k~TAq>|}3C^N(s##95GOG{_2u>AMFoEL!mt{)3h6D*@HB`H;Eb_|L
z%X>=!2!FZ<`})B^!s3b#2OFH+kCmWRV}himh*%uKE&*C3t7*M&L{mm07c**wFn}F*
zD+>4zVYbLV^CrTrat3o=ORz03&%!7w4WEJ~{-A#Wz@#mktWvU!>XJ&(Ov=W@Y~S!-
z@O%rwlEPS|MdOQ#t1t)`%uJ91N5+Lp69};HAwe!-D2T*H>`z7uE9{!>W`>fPHj(KP
zf|EVwO^d&6&IX^iJqROu3o=Mn>m2kseA}4f9@DanH%^Lv7<Q15626Rhr=yS2D%)w>
zJXwFX_gdCA;nH$XJ0Y&xi6WaL*Lend0rfznok3CuQYpIz8e{HjBBHIxPVH#shMuPE
z5b$ulF7kCjCfyo(mm`3#5cmJ31i~|*4faI0A+p+V$YoHUt!Fw+^D0K05AIZ6`F>!-
zM~Qo$5lLV&Srsl5z#;?k0Pa666PB6i{uh57m;nnC+-fPhm4vbb+iUO|thq-AyN8Y_
zZrq2^VNh)GwQA#)D}xL_`rR%MscQF+u6-|O2P*3V)mQilI7r^AvIHV4jMGyHRAoR8
zSm|?7lE~6dbCfUHvQH@HY=S{DLE9}cV$tdkCbH4YhVNjJaO3n5ei&b5>D?rJ$9{kH
zD$G!jKq;Wi!#qK$qHloyofKd}HI=ZjAU>frE5Z$iP)OFl!yX6*;ELTrTq1)vdGVH?
zdomfkdHNp?*`O$3BbDH~r(!!U&}>O5SSQE|whioXm<sBHh~S|I!rCn}@g7eIm<4!S
z7-m(2;#mOeew&~frS<9mAV~yT93+1uVnz=X;>QZ~gm#M9-K7EO34x~_jc^MCYnDm2
zY?c2|K{K9f-0*m+;B1KhR|d?HwK@jF1o(pltLD`al^}K%Du_frgZ-RGZ<WeX(qdII
zix&E84Z$MWDvSHSq^x9O5#yvptfMyC_<Gk5+xJO)|0zxky3`FafDsVKXB&TD3n{MC
zB*m~CHUi2G_&7f(o1_;H7aG+j&<x5kFA@?jSekqV@QWmik~M2?kAx@Jm(!<YJa8%$
zQ^CWVBn6L*)*%%e#h#P~!1LyD#I~$bK;LiS00__MJ<Nu87sjj&2VJ28b&5FLP*0*i
z%SdiPKPfHYJl+pR??XVOrWr<-Ws%%eCG8G79kfqfksFvRQMNo`X6K?KAHK!MMi8NI
z_IscZ1WsJk5(?YaUPw)H`*c}jErG4CLiy^l$VnW!_zLP^3zI7`Aw_*?xLIoC;|z9M
z%2b>@U?11~HewXgMa;G80-oqcaua}_2K3-V70bq=cd(YmX*igYLBo`+)F9Fim7C9V
z1C84?D~7X^kue%lZCM^20jzQgtSQ-=6gX#e8KOqwAprx+^3cP8+rhUD3#>)5Om0#y
zM?0e&?NL2PiwW9OFf#F8$yyVnwSj^4=z^r|dka8RF$yR+qipX0(20}%F&%%IUteC%
z#^;#&zyEkTo{q6ZLDi19$BDPLytJC3A_c7{3Y$Yh%XH?N8arGiopHR}4FEQ~RB0XH
z$2u8-TZeezUmP*G9NVwYAzE0nvtv9W+&(?ET_e#{=_<hj#(kA2Cy=5C2&Pi&w?|F?
zhvQs#1#s!)T^8Mfn#D{i!ghbix6AtY(aKPY0K+Vn9>p>tqC7&?Xvw}-ej{`6B{1U>
zkek{<;WS^}6rvGC<k^9VB+<R81JDaIsZ$`UWP?#ZQ{c>u+!)tab-AGIVsmMagM)wr
zl2yJDN~)BH2k7TU{Q;&0Y-~r@SRHDlU0Oik&TD(qfaQ+0JVY{B7m9zS8FwCL;gT?3
zreQWo79zTf$UVT%C?(*@8P8e+^;PPVAq_!Ioe1TYw~Tta8~x=BT$6#s?4(-W2T(C^
z^`utIXzg5|bj8Jxr^t*vOTk>hurPW%L~0;x6(RZyvMtyENur-PaexlIPALNfvg8<t
z0qNp6cuj#Bgb6S^a({nuYtp7$<t6>Q#`+6*0)Q0af9X>*bt1CiAqQj-*?}&Pb<n3^
zoB9ofvw{<pB%W#S0{nQ&=i!!Bj*O3<f}{Qx+*q!hgiJp1zJq+Df$PD#U?Uq*cG^uZ
zJKn-)5<2!On0s&t*I}QzsL+kliGTWa_;^U1oF+DCZ?0dmA9a5=ZSi0NEzbof#vmyD
zK<+}8pMe0EI`s5vg_u;sYys`akPJerZH9o8QfRc`n;i47zB``gu$jVye7U8IZkk^j
z%j5?po#`x{EN^rB4IZ3klImPi$n^_r1hxN%38nBx564gJ9stvtB$IO5>Z52rgh9i5
zGtT0}5rcd50Nj6iJA%Ks1;5+}JGm7}wyX=taL3ZnIJBf4Agl>@rIK<Ms1)>8SYY-g
z5&K9(zrzG}Q7A>4XY3dic?9tmsdtsFUgs$oV^ZtvaHBb(jM+0xd))|`CmHRXx+ohP
z=Lt1R_3p^?p@J>EXhBIhL_T?;6JnT`O2D}wT^u3LF|2=fO{c*48K#th>jD3;V|e4#
z0rm3PnLSh%JWIV3;IA(kwNUwia^m|L`$`SkAyR@$e10i}FF7PPuR>|LFyq9`K8nQ;
zepPCqo)Dne%DPzS^Ku1CrxwpzysG2i%+y?5esEr&{3Lo{nxBVdbnE6hd>6cyzz<1#
zsn!d(c(#8fsRxs6WTPlyJsezuZ$HTH{E8e4gS!Z=WfpjDfh|R_Cl;_XC}tu<T4lU!
zZr#bxl<cPOY2V@0MJ8NZO4)gm?OIgTT7j=sI(_asfe0`)5>ldKkP11o1(yDfdY%Mk
zfGA87T>!BGD#>KESin~VxCjb}5A&iV<-p^)aiM=Uwhzo#4Kznx;EC88p@sPI5|%2u
zGlEIUE7>Vhw%)g&Fp1JODv{~eg3%!tZ9>s4siyf%rSc6>+IgUW-@Xi`h=&?OnDT5f
z6Az3CK`X38TL}%e;7$>~2_@BVwYvxCxU`pfZYOv4Q5B9f=PnM=q+n-7Dzu4i!)&Q5
zDHMOaSf3K2odrbHtUxM7fxBR}($etgv#1fP_5Gi*A4BPC)sw*0hOj7A)f*ne#y=(%
zq!puO+MHA{rldlh9(KxIlJ-#^U`wMSA$y^{D60LSJ*GPP3NyFOoC;%`2-Rh_6Hi-l
zTPUp#27ZOXKN^hFywJ&vL3^UzWU=d;qb+|otrLpXdun^on7}r}&YcN}@Ku4(IwOAU
z2ayVBLhO8?8Xs06RoRhYak?ZXH{^UCFyMe8Q-cTMox_61pey&nOEXnyEHgnIGRpH(
z>Nu2pfed|xu?uW1&-#K)lU{M!?TL^JOpkuA?32?1pz~8L9aP-=;EIUqX5j8i&`E!e
zxWh-<Lm1OxnC<*RJ)7JTLs1;oCvk>D@Co9O+b%VkgF+b6zrVr~v#f83T7w1*SJgV;
zXPcUv3GBd+lssw<)-u?XgZ!}~ZFb=0dEl3@z<u@H+uU|TBfBR#D@~gWU{-^AiVK`R
za@X2jP}4klR9~<UX^UnO(@ve!nD2jT+t3wQ{)v0Y6jTzD)gqi>F1(;F<N-Hdu+y@w
zg_HB=s+wQ6T12$cEfgVR&QAwCgF4E(9Cr9fY^xIt;iyM?3l(T*Z6;Z^3iS0J_E+UK
zLJHR1qPa@S@<wPjw~6E6un$uLa?srYH;R()z265%eb7fyTE#XM-vegAFE4-WF9Vl$
z^T3yVF#MEi2K%0;vVT)0X*tgHXEOZM@7sg*g#lmngDAyB48X%ui2FoHAiwSh=$y^K
zHJFHvND<o~o;>}1@J&D9ZrbKg-}X`El(^;ayR1sn-v{6IS!XGV`OCvE`mk*_NhF-_
z4jrQ0N#f5aB_}lC6lNw0tqFgqy0*t^De*+lk=kEyg&be7=5gV|g{Dbu0T>ImeQKB6
zzE(=5Q^nKiNyEw(gx*dev{4JA^<-((?X<3j_(x50qbeM1bKCrq=T?O|lYPjnz@BN1
z;!J3=kN=`(Bx_o$hE>;o`>iI8s`6HuSO#pdY1R#CuD$U_c5tg7yvBbVZwkH|74*5f
zU-*Un4wql|`vJvT8+Fp7yBwUhNR~jN6CL)#8NZ8YGyyeF;Y%<I+>!6rZ%j`z+7Hlc
zru4wEIhZPp+fk8mprp%$6C@nl2QS9~b}yHh83EQqK*<F}Du7wm83Dx-oR?x?7WNyM
zupaV|;d5{`K(Ab?mV<v3k1D+i<usp(Fa{0CiH`Z@)OX_k!eu1t8RIT(zjIc52eXTd
zt8Od}9AS|DdeAZNQM?scu!;n2gsrowZ)f<0$CJ!-quGLlQKb8$nC3W4Q>eBHz`&v?
zd^ZFwf?i0N8Ye0uTwqYEQnf<jw&wIcYU31D7YwEG^CVlQ;x&Kf=PW2gD|s8#m58HM
z8n4fdn()LqdOYjKaB1gi8%7B$1CSQNH18PeEJoYV$B#~v>|!mi@;s%fN^j0-FGtZ1
z_#uVKG^I_1>8GKRljKzldeki(-oTzH@2Kkkfp#$-PgUKJdC~J%fnbj_)zf<E6zRM1
z=()LqJrS<oSOb5H^0Oa6V~SM&M%=46VYz(+z*?9v>P3eF6o1YgAsLp<Uct`eFBw>4
zJ-~%7Z3JTcKo6E%Uu%N1C;H6M#Q;<<L@?4c340p(tH+PlH>;Jm0fvs)U%os)XMY+V
zq<{U2%*0J+V82C=s`+%9!aZNOSWtf}nJJ<}yeBUdk1~JHqkN5csT~sr&`+wMj?AQT
zDy8QMifZ(1p=Xxo<@wp?QT5)Y@T^KK!YIkW02Ksy#3ZXiR8xWS(+`+}tZrmfBx@QC
zP;L1E?4-$GQ;HC?)(!g5Nh!f?&)<nyyL*)Q?77h}(S!E%Hpe!ry5&}76LK>sGS1&=
zSSA#_w5~@Urw#0pIXxP<6vJj8lo<WukoJ?$2ZQT_+350O&X13?D+o3q+}bi?G(9k9
zrEAjrHA^o!`7Dm^LZj@O)+rlr_jwS?&6bl)JRUI}M4I+{l5+SnMbHQES=LJe65Em~
zCz09nU}^9E6Ih3e({{M=CD<iyvY#Xy&Yb@slbbwie;a~-l)wVIMYk=px}6}gjz?Wv
zi#2~b{Mlhe2UPAX>J%%iF#=ycC<-HPfD27())AuEX+&&`6}|x*K?#kk$(-&FfPaI-
z{?YG9q3OOmPDY2SO9>P5>m01XjXn*c&pxZLRG(!*g;=uY!4|{y8JPHY;T@i3Ca(&-
z81()5O;1Eq1rhwl8LQwpxWrOGfpu};EubW>OeYjYib84;=G+|6g6jul%|(Rd&hrTT
zRWMg~K;M)3eDYN9i|37_bRpLtT9ERgXWT#H{Th?fJtBV_Ks>M$M!Ud{v%@+Z_hc}9
z>X#@)JzD;3V(ve#@U#aX1V8#&QHMg5UluuKI)N6tH0ApMoWyWV+n$dl(Xk;<N<7;C
zR@zioYlE<vD2qgFL>FZRitrk1bAM0jP;y_D<yyWBK_;_!4t&I0WPAx;hef!$|Aq1Z
z#+`n3b#;F^Z>ByzPlQ2VRAG8mRI+4;4%s4`Vl0)rrO&J_*n7p{m_{@mwL38ro1V4L
z%<u+Oa*Z$7QoI3Z|B~hJvY~gD&_ePLABf##)DJ~Cv!#0J)-83D2<m&uD%CeUFnY~f
zMA1!z*@h%F-1O%4#Gqxf%0-fbbm#6;OvXdSo)~{9k&4Jd)v}}JB0DBybpyMlR>35x
zQECJAts@qKiVFz)E_gB=JjE=RP|O8qIiRXkkYqYZEec-bAYb6QwgQ_IRcAi@aD=OW
zP5TrgGi+f@7IzN0)O1AH61LnPnVt*doFb7{JMJ-kO}yuiYTd1ma^P&h;8c1xv3qiz
z&g*~S#MFd5?c%3xx2y}zPGxOKQE&wrCWq&hsD%#JBT!FZbJejaGKcyUha+pGHPGrS
zwhy96Tl%3rQf+8g*57@cqz}JuJILz{wVMhN^pDV2hNYweC%C)R;a1_*0xob^JO_T~
zA>M8@hd2Uvn?@C84ywkX#CDiCb_dnS!bN|@4GFLS9ZPeno{$e%7|$L17B$Lrex}Nd
z@RtsxRikX5;@M1;_4Z^~nge<ULVq{ifquDMG9@P>yMsU$n}q?e3s#?Wv3ZTwn_+?{
zu_&?x+s({X9q8jPKrT!H<EcUkwk2QT{T_b{K7Iej8rB3fB!<MaT@5yBi2{DS%ZpXF
zbFo~RUS$Z0oR7{kXgTx~_n-79Oh14{pT0&bGs8b^bF!iq*DxuPC8}-`8R~~z>y*wW
zDfr@*zJ=wTr$K2fgq6lHC>Rd~dO3ArZv~9PaeXp#lf*zHe?4QWQ3!YNgJo8yc3$3H
zg-eQA@mr;O6B!7d`dJkDDu`^h>_$XkB}MRhI=WK27ox791Sq6!gLg@J8-!>FF%`84
zdSy|GUK20GW}rDmjCt_SA%J@1acqJuoI!a@5iWrY7#H=AGL232M1K=4n#>!4$Iz)V
zg81{I4L#y}SuhWj;GZPn5?m%gul`z*Us8a*EY<mbwX6`*Cd*r@6rTvp`Qey6s_fo^
zO%EC+5^Mbl4@9aSUkc7>g7z*GPdhaf8YOwh*`f#~kW8eUh;^FZomF^+*7uXYK^uP$
zc_z4DT@(<fN^(F<6y8w7-#va5$GKE@$YIv3$V(MbpPc0OCO5QZ_#`IpJ0GSfOb?&~
z5xgRAu*FprYT)-%{x(ow>x!dxt?@*=abfE)EdB-<2YV;1{PombF8tJ7rVXIP`53e3
zn>U&&j^rn;&|jjbE=oG<NRS`0-JBwgW}YS>?l#-B=$40Lvb*VU_ij?$?cfCnU2PfK
z2V%)`sgrv`8h<_u65RtF>T9%keQCWN-!n7@VGEu4X;MHqlcpDi3T!AOES(s|t$txq
z`(Pok#ox4VwnaU{HYIcS;=94Aw{0d{;x={A1kF$lwM5+SYmdJXH^GxPgVU#u0qh3@
zI&A#`JKW$mF41=51PT|55jwt5XNO=sCiY-l9^nlEWPcb-KZJwH*_oMfTiBzai6%I1
z7*M^ScJ-ulT@mMBwTFYbxbhC`SSVN*$adXSWrOu(#hDn>qXAqDW6V?nqVZ**6PC92
zARBt}@C(r1HxktSNiJk&3z*Isk6`$6?v*5QNHiCj%nKRk&LEs%xaO{};maW|y2#>6
zn$eslC4ZE%^Q5wanGbRBb)D$fcbsQNDUf-}$C!{>)iB?H)MwPL>pioX-O|L8>Qth8
z0!kj^0r!h*R4c>b5Tl&|OiwC<%2#q>@D4FaPQrnXC;FbW_%sCdF=l(StZKH09v*_b
zp;lhq$H@2E=+2MOnJlMkOFT*aN`z^7+dX1V0e=<VL9u|v5QY1s_uz?o0LkF+l^~mI
zz4X<P7<ds(44-v@SeVYHsQs!PJGsf=jT`c}+<D|*cO=&^TlYr1(A>k-$`W;0fmSo*
z8xPX(-Av#41iR}bypyc2K&_~+omj@W<C04*<n2oaGo`!UHaHEw!VWKEn$raQqOzOO
z1AkuIyrg^4nZ8(zVb7Ha*J?UivO6j`CdjeJ!nQNiOa$}-MDX??zd2T9da-#a(?p#a
z^pYwX%oQc8&?Qy$x`{n>`QVo<mw=gM!gN#9EI4RVGocWqjeMX8iI;qU$1u?BX`tgA
zn<BC$Oq81|+XV|3NUg5P_|^=nbG%XATz_jUcX_Ak%G>U!GJT3q_!>LD{E1H`V5ECX
zo9geh2Y6d<mw(>X57`2yWv;dt7}7M?a{DU_ErV~!Zd3?xYVZOwC;G*HIKi#&TcyV?
zol39Ve^LjR-(zY(kb@z)?K^`{&K|M2_$Nl!wP&b8+N8yZtQ4hLk*~i{t8v0y*MA<q
zUKWazny|d3`R)r|na+#k(0sW_zj^U_SYcu?bPr@<9M@E(%~jAHb%kfP^|Jvz+|E7)
z_Ie#-R(+7g10eN0Oy7YU*#@6`?H73>Jyho;jyj728x+ADXgJ-dSyOoW&J_wiC!~r`
zM(Ii23&KZ8h-1`{Dy{PCRD9b1VSjF-K7mQ|?YOeRRFd6}Yf@p7&ZWBMXi`m8^VBfC
zplDZj^#M}rH5ljVG%vKL8r1H><GU0*4ds{btrjz8dlxRH4n7|fDaTz{v=j81c=T|i
zr(S7wzpu91t=_k3E_~8lzmLnuy#a$IJj$eKW!)+|&L)X#{T);@1!vcF|9_}cYiaKQ
zYf3O1iV+`NMSA_FyxN6qwXAop#S0Hr0F7h#sUDl4NmA`Sev^%=cj7o!w>4ny{9~;F
zt4xofX<C=kTU<)+Q730J&`{l@+;DcX7|u&<>?mseP5Ii;xK>x#l%eB1yQWf`Vm{4j
z;OYK+j}<ggz<QNCc$?Ftwtx1#zyqz)&dMBFrJ1?N`oR+bjyLo`kP8uN48DsYR+=M{
zh|K%NB+bbC$Fg8~=RR<ikHEu9w*cT(pva=+Kpi*D!HRZ@u0OM=xFL&w9kX`<YyDPc
zdk^xq@CGj>SAQx!q{1S+96<;E`n3UeNmMiGl%xTIY>9X3w%(KcV1KMFKBrbf#$k1$
z*Nz*c4SKz~E%Mr3(n|i?V54$W@o$~GZi*$<H?W8P3nKKEL#w&q!`0LnOqZ{sH?Mqq
zI;jQ#SOqXByRIc&FV}NIPVJpPfuQ^*z5it;oQ~#a5SAw{+w;nPWA^=1cL~P8Kp3Z2
zB8I2);x5Qln-ZEq^M55QP;-MGYuzw!jjyLzu&H=O>&+~Botk&m*D(ABQ2b`sVn0;Y
z{?A3hJ(ykF+>TcL2h6V@T!#93uV?m&<~`(Uvd#8DeGj=?Fm+Ch5f@Ark8D^~;MFoz
zSXaqH6+g%B(yQx-N#g65$}6he1Ly4`IQhp($*(LS=EM~GbAMQaQ}>%r)SWtw?3C|d
z9S6hEy_F*2*7*|qaq~=I$1kTF?}GM=rlb5;UkjnXsHGJa6&25J^8#1TZMK!Qz9XmQ
zRv-VXdp15Wdyp1;q7~3LNqGx<<4R4zX0g#_a{Fr0h1m|DJDLo+^Kc~`uv^-7b>GeE
z{?Drh(cH@hOn-itYiNcOC%Dx7{ChpXcB}O<Z?S?XuP|qhS~25HpZs+A^FJZ~%e)Lz
z%)qSFnW6^LOVhW~iJ6IR{_YDSUg1`d6oNDwGy$I}Rfq1Rs?Ozcm6RAE7P{2g%%j$-
z25sw8PbMG1Jm2yGu^|Q`?C}rHu|fI;A+4~0jQL^jaeomzWgYVnU1dX845_Op=tUaN
z;nRKtj9(zy0qI%2tE34QuZ?HOt?+6W4H8rn1)VDxxYJa`!(Bgk#}am_Ij8FQBB$fv
z7W;&bpFfXth=y0D5gYXAbCDfX^7+c1rF+gH-vOUVIao8)gAj2XIL{qq;$8DiX)o}K
zW_3Yq;D6oL5xi7a9lxfFms@U#y*$Ff)VhloPH_oa-9E)er1kYIIH*-R><~l^AtjQH
zB-16*bam0YjB21Nlp5v`71)Mb*f2?1rD|`q12drZI#!6rPptS=0`=Fq1=Oeita~UL
zj)WY*_Q8igx0B;t$zrZsMfJk>L}P3JGhk)o=zptoYqay`1481xUhZ5_MgwpB>3n5I
zKxIr>zFgYFz?Yr8pfXFI#qQH5Tc(dRsUwo=+Ggj}nzBb*?tZ>JGM6pUnKcC00Zi3T
zw*%uoSZ6iptSfFO&d3-^I^zm1-8E0IoRHiHVg}+tTs^Ki(5XSILt+`(Bn0p>FK_AH
zCx7nvnh>}Gl=FpME*#z}#0X5gg(YuF^S8bf0|FDJ({%%|>BHW4|ElR;3A!^6w_+HZ
zYo4(_DT7#azkbK#n5pD)A7`p(O&7%bx6Rq+Z*@I<=R2TO60=?e?zq&<zp@(je_6#m
z8UOnCE;M~-Mw5J*WV%C@s~xue(S3i_`+rXU80yI+rTm%zZ1>J;K~~%obY`(qz01sc
z^A-zj+}(BUo{K11<Iz!!O6RheTy5-U2Y3@AYL&It`)<>>d1t5FRITCzQ^|90=vVh?
zy$9zm<3>cT;8G5dubvm)nODxPJ4rJ4#RYx)@+zlb=uzqvz`U1;22-^;b@#S~q<<2p
zz#fNmU*Fo6ik7Z#gmn0`eItZuYyZZFj(#>Fd@MEslV*|olGEB$PUwv0MvEC;-Kq$}
zKeyb=kF+HMmR6l**!nI8Y6UaL)LUcx?c?c&Pf!l(2EQuf^E~)eMlC+T*l>**YPtyn
zg&N;%Q*l#i2FpQ>FLaG{-+P&;D}Q>Y&U<4zJMf#sU3sWU0BQi$zi19ZI)=APEMNvk
zEVu&)`J;RPTh0Vv7pAO=4#DXC^a6g@7ktx88VX`O-!_7sNhKc7=gT#Sl9h0xAosOC
zwYiS~8C}MxdAGra$p<jdQQr2t)lR8%-moB5vt^WqMcZ31I7V|Y;muKC^MA2|l4M8x
z5?LLw?e{KPQlp)(VcqrWQs-EscWny`YmHX@mfPU_?Jud_gYtgs%Xxtt`fUz}o`<3?
zr8@TAjU98-^V*K+NV_EV4FLRB0*%a+<NM|!o^$;Bp^}a_-^G$=<?XV6cf7x<zT(e|
zdPdOdp2&PXnJN_qhOM>0)jg9>`}%=T7jX1fm~7+c3}b^289=N9n!Lf!40^}_aOICI
z8)!iga6J&ezl>;zIs-#mk*>3&erO0U13Ty>0`T%6MFr5ZAY{vw85BVJz+hYB4E4#4
V{#ww5LZIbDlTY~bu{HaEqyct~lVbn?

diff --git a/setup/IaC/modules/automationaccount.bicep b/setup/IaC/modules/automationaccount.bicep
index 525f906d..4a549ce5 100644
--- a/setup/IaC/modules/automationaccount.bicep
+++ b/setup/IaC/modules/automationaccount.bicep
@@ -474,7 +474,7 @@ resource guardrailsAC 'Microsoft.Automation/automationAccounts@2021-06-22' = if
     }
   }
 
-  resource module45 'modules' = if (newDeployment || updatePSModules) {
+  resource module47 'modules' = if (newDeployment || updatePSModules) {
     name: 'Check-ServiceHealthAlerts'
     properties: {
       contentLink: {
@@ -484,6 +484,16 @@ resource guardrailsAC 'Microsoft.Automation/automationAccounts@2021-06-22' = if
     }
   }
 
+  resource module48 'modules' = if (newDeployment || updatePSModules) {
+    name: 'Check-DefenderForCloudAlerts'
+    properties: {
+      contentLink: {
+        uri: '${ModuleBaseURL}/Check-DefenderForCloudAlerts.zip'
+        version: '1.0.0'
+      }
+    }
+  }
+
 
   resource variable1 'variables' = if (newDeployment || updateCoreResources) {
     name: 'KeyvaultName'

From d2603364073785b92aca0ae584dc72715d2d477a Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Thu, 5 Dec 2024 11:23:24 -0500
Subject: [PATCH 03/14] updated modules.json

---
 setup/modules.json | 1304 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 1301 insertions(+), 3 deletions(-)

diff --git a/setup/modules.json b/setup/modules.json
index 1512ae27..7df18932 100644
--- a/setup/modules.json
+++ b/setup/modules.json
@@ -1,15 +1,1170 @@
+[
   {
-    "ModuleName": "Check-DefenderForCloudAlerts",
+    "ModuleName": "Check-AllUserMFARequired",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-AllUserMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.allUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-CloudAccountsMFA",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-CloudAccountsMFA -ControlName $msgTable.CtrName1 -ItemName $msgTable.allCloudUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-GAUserCountMFARequired",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-GAUserCountMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.gaAccntsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserAccountGCEventLogging",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName1 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      },
+      {
+        "Name": "RequiredRetentionDays",
+        "Value": "securityRetentionDays"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-AlertsMonitor",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName1 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-DedicatedAdminAccounts",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DedicatedAdminAccounts -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -ControlName $msgTable.CtrName1 -ItemName $msgTable.dedicatedAdminAccountsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -DocumentName $vars.DocumentName-CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "UserAccountsPrivilegedAndRegularUPN"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Get-ADLicenseType",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-ADLicenseType  -ControlName $msgTable.CtrName1 -ItemName $msgTable.MSEntIDLicense -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserGroups",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-UserGroups -ControlName $msgTable.CtrName2 -ItemName $msgTable.accManagementUserGroupsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DeprecatedAccounts",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DeprecatedUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.removeDeprecatedAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(3)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-OnlineAttackCountermeasures",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-OnlineAttackCountermeasures -ControlName $msgTable.CtrName2 -ItemName $msgTable.onlineAttackCounterMeasures -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ExternalUsers",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-ExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC6(6)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-PrivilegedExternalUsers",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-PrivilegedExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingPrivilegedGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC6(6)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-RiskBasedAccess",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-RiskBasedAccess -ControlName $msgTable.CtrName2 -ItemName $msgTable.riskBasedConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC4(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLifecycle -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "PrivilegedAccountManagementPlan"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLPRoleAssignment -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "PrivilegedAccountManagementPlan"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserRoleReviews",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-UserRoleReviews -ControlName $msgTable.CtrName2 -ItemName $msgTable.automatedRoleForUsers -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-CloudConsoleAccess",
+    "Control": "Guardrails3",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-CloudConsoleAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.consoleAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC4(7)"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-AdminAccess",
+    "Control": "Guardrails3",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-AdminAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.adminAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC4(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ServicePrincipalName",
+    "Control": "Guardrails4",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DepartmentServicePrincipalName -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.monitorAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
+        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(4)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ServicePrincipalNameSecrets",
+    "Control": "Guardrails4",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-DepartmentServicePrincipalNameSecrets -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.SPNCredentialsCompliance -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
+        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(4)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-FinOpsToolStatus",
+    "Control": "Guardrails4",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-FinOpsToolStatus -ControlName $msgTable.CtrName4 -ItemName $msgTable.FinOpsToolStatus -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Verify-AllowedLocationPolicy",
+    "Control": "Guardrails5",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [3, 4, 5, 6],
+    "Script": "Verify-AllowedLocationPolicy -ControlName $msgTable.CtrName5 -ItemName $msgTable.allowedLocationPolicy -PolicyID $vars.AllowedLocationPolicyId -InitiativeID $vars.AllowedLocationInitiativeId -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -AllowedLocationsString $vars.AllowedLocationsString -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "AllowedLocationPolicyId",
+        "Value": "AllowedLocationPolicyId"
+      },
+      {
+        "Name": "AllowedLocationInitiativeId",
+        "Value": "AllowedLocationInitiativeId"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SA9(5)"
+      },
+      {
+        "Name": "AllowedLocationsString",
+        "Value": "canada,canadaeast,canadacentral"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ProtectionDataAtRest",
+    "Control": "Guardrails6",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [3, 4, 5, 6],
+    "Script": "Verify-ProtectionDataAtRest -ControlName $msgTable.CtrName6 -ItemName $msgTable.dataAtRest -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC28"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-StorageAccountTLSversion",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName7 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-AppServiceHTTPSConfiguration",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-AppServiceHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.appServiceHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC28"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-FunctionAppHTTPSConfiguration",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-FunctionAppHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.functionAppHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC28"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ProtectionOfDataInTransit",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-ProtectionDataInTransit -ControlName $msgTable.CtrName7 -ItemName $msgTable.dataInTransit -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ApplicationGatewayCertificateValidity",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-ApplicationGatewayCertificateValidity -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.appGatewayCertValidity -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "ApprovedCAList"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.enableTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "TLS12EnabledAttestation"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Get-SubnetComplianceInformation",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-SubnetComplianceInformation -ControlName $msgTable.CtrName8 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcodesegmentation $vars.itsgcodesegmentation -itsgcodeseparation $vars.itsgcodeseparation -ReservedSubnetList $vars.reservedSubnetList -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "reservedSubnetList",
+        "Value": "reservedSubnetList"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodesegmentation",
+        "Value": "SC7"
+      },
+      {
+        "Name": "itsgcodeseparation",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.networkDiagram -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "NetworkArchitectureDiagram"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.highLevelDesign -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "HighLevelDesign"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.cloudInfrastructureDeployGuide -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "CloudDeploymentGuide"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Get-VnetComplianceInformation",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-VnetComplianceInformation -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-NetworkWatcherEnabled",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-NetworkWatcherStatus -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-NetworkSecurityTools",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-NetworkSecurityTools -ControlName $msgTable.CtrName9 -ItemName $msgTable.networkSecurityTools -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-StorageAccountTLSversion",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName9 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-CBSSensors",
+    "Control": "Guardrails10",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-CBSSensors -SubscriptionName $vars.cbssubscriptionName -TenantID $TenantID -ControlName $msgTable.CtrName10 -MsgTable $msgTable -ReportTime $ReportTime -ItemName 'CBS Subscription' -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SI4"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails10",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName10 -ItemName $msgTable.MOUwithCCCS -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": [
+          "MemorandumOfUnderstanding"
+        ]
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.SeverityNotificationToEmailConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": [
+          "SeverityNotificationToEmailConfigured"
+        ]
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DefenderForCloudConfig",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-DefenderForCloudConfig -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecdefender $vars.itsgcodedefender -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodedefender",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-HealthMonitoring",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-HealthMonitoringStatus -HealthLAWResourceId $vars.HealthLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfohealthmon $vars.itsgcodehealthmon -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "HealthLAWResourceId",
+        "Value": "HealthLAWResourceId"
+      },
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodehealthmon",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-SecurityMonitoring",
     "Control": "Guardrails11",
     "ModuleType": "Builtin",
     "Status": "Enabled",
     "Required": "False",
     "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-DefenderForCloudAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "Script": "get-SecurityMonitoringStatus -SecurityLAWResourceId $vars.SecurityLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecmon $vars.itsgcodesecmon -LAWRetention $vars.securityRetentionDays -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
     "variables": [
+      {
+        "Name": "SecurityLAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      },
       {
         "Name": "cbssubscriptionName",
         "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "securityRetentionDays",
+        "Value": "securityRetentionDays"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodesecmon",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.passwordNotificationsConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "ConfirmPasswordNotificationsConfigured"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserAccountGCEventLogging",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName11 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      },
+      {
+        "Name": "RequiredRetentionDays",
+        "Value": "securityRetentionDays"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ServiceHealthAlerts",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-ServiceHealthAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DefenderForCloudAlerts",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-DefenderForCloudAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.msDefenderChecks -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.monitoringChecklist -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "MonitoringUseCases"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-PrivateMarketPlaceCreation",
+    "Control": "Guardrails12",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-PrivateMarketPlaceCreation -ControlName $msgTable.Ctrname12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "CM8(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgProcedure -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "BreakGlassAccountProcedure"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-AlertsMonitor",
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName13 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
       }
     ],
     "localVariables": [
@@ -18,4 +1173,147 @@
         "Value": "AC2(11)"
       }
     ]
-  }
\ No newline at end of file
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleName": "Test-BreakGlassAccounts",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Test-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountTesting -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgValidSignature -MsgTable $msgTable -ReportTime $ReportTime  -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "BGAccountSignaturesandApprovalsThread"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleName": "Get-BreakGlassAccounts",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgCreation -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "ModuleName": "Get-BreakGlassAccountLicense",
+    "Script": "Get-BreakGlassAccountLicense  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgMSEntID -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(7)"
+      }
+    ]
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "ModuleName": "Get-BreakGlassOwnerinformation",
+    "Script": "Get-BreakGlassOwnerinformation  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountOwnerContact -FirstBreakGlassUPNOwner $vars.FirstBreakGlassUPN -SecondBreakGlassUPNOwner $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-TimeZoneConsistency",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-TimeZoneConsistency -ControlName $msgTable.CtrName11 -ItemName $msgTable.timeZoneConsistency -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AU2"
+      }
+    ]
+  }
+]

From 40a9ef6eefae60eb60b995dce196366a783d7920 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 10:02:35 -0500
Subject: [PATCH 04/14] Added french messages

---
 .../fr-CA/GR-ComplianceChecks-Msgs.psd1              | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
index 0726105e..8194ad13 100644
--- a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
+++ b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
@@ -291,12 +291,12 @@ compliantServiceHealthAlerts = Les alertes de santé du service « Service Healt
 monitoringChecklist = Liste de vérification de surveillance : Cas d'utilisation
 
 msDefenderChecks = Alertes infonuagiques et vérification des événements de Microsoft Defender
-NotAllSubsHaveDefenderPlans =
-errorRetrievingNotifications =
-EmailsOrOwnerNotConfigured =
-AlertNotificationNotConfigured = 
-AttackPathNotifictionNotConfigured = 
-DefenderCompliant = 
+NotAllSubsHaveDefenderPlans = Le(s) abonnement(s) suivant(s) n'a/n'ont pas de plan MS Defender : {0} . Activez la surveillance MS Defender pour tous les abonnements.
+errorRetrievingNotifications = Les notifications d'alerte MS Defender pour le ou les abonnements ne sont pas configurées. Assurez-vous qu'elles correspondent aux exigences du guide de Remédiation.
+EmailsOrOwnerNotConfigured = Les notifications d'alerte MS Defender pour l'abonnement n'incluent pas au moins deux adresses courriel ou propriétaires d'abonnement. Configurez les pour s'assurer que les alertes sont envoyées correctement
+AlertNotificationNotConfigured = Les notifications d'alerte MS Defender sont incorrectes. Définissez la gravité à Moyen ou Faible et passez en revue le Guide de Remédiation.
+AttackPathNotifictionNotConfigured = Les alertes MS Defender doivent inclure des notifications de chemin d'attaque. Assurez-vous qu'elles sont configurées pour les alertes de chaque abonnement conformément aux instructions du Guide de Remédiation
+DefenderCompliant = MS Defender pour l'infonuagique est activé pour tous les abonnements et les notifications par courriel sont correctement configurées.
 
 timezoneConsistency = Vérification de la cohérence de la configuration du fuseau horaire
 noResourcesFound = Aucune ressource avec des informations de fuseau horaire trouvée.

From 400c5e566a34e8a7ae5053d3c15d3be2a3646746 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 10:03:39 -0500
Subject: [PATCH 05/14] A new zip module

---
 psmodules/GR-ComplianceChecks.zip | Bin 20444 -> 20685 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/psmodules/GR-ComplianceChecks.zip b/psmodules/GR-ComplianceChecks.zip
index 6242659feec54a16cb134215a3934af178c568d7..bafea66ad6cc379285cd0c08e24f313306d9f0df 100644
GIT binary patch
delta 8200
zcmYkBRa6|nvaT5z+}$-e8Qfh1A-F@3!97559VAF_7zh^J-QC^Y-6aqP*FZQq_wKvb
zt$z8dS64k&|J~n4HefOr5HEoM!qbHAG85G5WFY=OU5|o<0RP{F4&^fq0@uG&QmRBm
z2tWcjlz&S}EleNoKhYlytzc$H2H<I0|KDb$kkJHBxf5#P-z$LxM7gxbhq>l-7(q0l
zMmPiT1w-WIzBV4jJz2JH=51}X>anfWfBTv#y{o&<CtqqO<;DI00<TwmSNo$;a@cs-
z*x0tU#U|=2na6JEOsGL)bfY@frld&S7h?X`x1-e|H_{ffMl`>Ozi(rXn~_xwx?DOs
zLtJ=LvnP@FKRWx7O&sYiV^gz#xB+t;0Q<|wSNUE<+KS@#>t}C$FuFN{c^<u7#j>J_
zL(XO={Y+`Hyl_-iLZZU4U4hHw7~$A&w$v{hzLz)i;HyhhFCJ<R0@&)Jmk(xyPriiV
zG_|-PoiWcNy3-|baoAkFdQD4OH)#x$4z$-zux}c=wfJJjDW^EBtBJ7p340)=xcB5M
zKPiTM3a5Pf*6O0$^QEZ;%il5bD?%Q7UfGhZK(HufPqWj{ToYfJZWxttI@0n@uNzkv
zzd7VA<`o20W+kDU^eXY{7e&&+GuSyZ<865gNe-X(3woTO7Jq5h4ZQok+Yb$AeGf>7
zHn181mZ8{epCJUjjMb4egp!*+nvpwA3I&1&g{Jf>Arb-inv!}`c&*gRstQ9p{Z=&P
z&Ny=VEW4w-nGpeSoFU^kl1XG-V&v$h;^Q>1&@16lJT*yEmYw0n{^8%d=0VZOUJXD5
zzhD4InHf|EZzp!1X3DhgL8@gEN*9s%dl(@H$(yj^20{;gB|1srv@oh9^;trg5!GZF
z^ffGe-T8yrCLM}Bq<diuJmX9NCKUy7Vi%CFcFLCZ^LCPKD5!T}HN&R>3z(7hO8Xbz
z4}^OLk#|%}ihspf505+SAEx>4lAAKxFaLd<fm-|nAqr}M-=k*yy|fqHZfia266Za8
zT$(cj8{`uMXk;5_v_pv=_T2&z#k|N91&KwLIj-<QKY16P?gH=8NIYD-Pl!e)zk^v;
zE0RwQ*Ctv4vX%qV(`E64|3Qbh24HqHMROY+7yYET20(bhSV))|vq;`WfU9DK5;UPn
zp*aO5RZ3><!p{^bD9W<2wMzN)l<cjz{5WFMfsoinZVv~V!pn3apXj4(&;!P~udsIi
z-gSo{#-#U@>{P#n{Q1161(0EYgIAtk4X;z3A={TEX?`pz#<~4jX2zCCV2yYiRe{5H
zAf_^x9VJgz)ocY|m&OSv{i<)VUeHq<&r7htsxsCIh0U5PJixtqy|{Inwp)>hX4J8!
zLtH_3Fz-hcY@Vk%oG|-hp!KTI;(I3jG+h)VU~wdCs^rz>4Qrv1OfayHtZY+<$oug0
zFr*Ofn}k@P|0|fr)MfBbK1c;NtT<D~B{ioZ`#u(&0tZT5Y}gXWV|kYlMcOD$(i7W`
zkN6VK`Pm}d8-G`)HBiWje&vTQu_-|^Buupz4Kf1<p8KJ!!=nGe{Ud`7qoui7lhY%I
zS63+bqv`v(yeqjuZIW;3R*VWk@Ajn&QGqKD@iZx%1hQsqSWNk$gdUUkJTjw786$3}
zy{mwmqQPxG>yYVns&BZRh@|vq%2>}7U5-jufwuZX<V<oB7$OP^s3spe=4Xd(Aj#(q
zj#=;5kwNwu&bF<^nK-)VvI&z38KMZCfj%^IQ#7RrrAbBzF<cLPxU)JI)gHXAGOC&$
zC|)hA1W!dY&@Y&s<G7N#5#etd@VlflNWOXPIQou)2izsoOFWcC-h}y+$eyg#eiAji
z`2%9p5%ipC6==Gs-~@m-95%Hs1a(~L_L2u{A`lVvOC!OiqV#IeIi?rp(nfyBri?s+
z0L=V^liB0Zpz&%fSt>01#VR{otMQM#KvzmVa<Y5SDccJM1-+BDK70b<&@UEX88;1b
z#cd(;M+@6xp|KQ)Re1te{$852oO2zLTAMp${8c-ve$N_(7MEufiRkJ&$ZY^#mu0sP
zr4_S64uRT{X;zNbtbpX33R+E0y5fo+PWDVX;VzL3GyU1NDK-$nc@Rd+p3v**eT5+L
z;K2O|dx8jBgyaRrXa%2TMQ*l8)-x1>GilgX_-p!2Sxd0#g2Sm$?3*VBd_`%&L_3bA
zsoI#4)_{sXM!{A|OT}-HPI_D$m-y%iQZcm%YPK2tH5N0^6r>y`V3r4O9|)sDpJBC3
z`>zb*q*s+o|9)w36zyLVQcn4$QxXjP9c;XcbX|F^;1%r>8oVd?dsnL09Ie<yqVh!j
zh8Yuk6rxcbebE;NO9uQX5+(*S%EsBD<@SJ;F4ev8I2W^-!Y}a<Ky;v>_&WS&1(!@F
zmaxMbT(vJf!%xPm^qpQUGbQ{%R%)@{3GrUNa|iZ;CiMDA4tlP>^rG!)%GuDXo>Da>
zL~JK0fhe~@xRwK<uLc?1bjC35dYK}?zdICxMl|1(lYGmFq@JI`Efj5mWzShg?EByM
z?^+RF3mU%Ncu9~zI?(|M=~j9_<i37RZV>tHHY4sX_XS)fyL$aCEi)?C?~#a_T<Tlb
z>P3(=j-ZSBC+6P<zO;O!=kt~^jqpufSchl&2~a_|E5e0dtgYbD2(`&q316{$13)Yt
zsO7`{(-mZs4ZN@>#zpVVI}kqO+&(ulO!~VasZ`K+K)mV+;yA!u5S41bh$uQ6cfb!P
zhI!H(&Z-k5cL4^)%sX>3goLr^mrE5;vkGJ%BawNM>tGN&Zpmg2Q#xE*w2E`kv7fCX
za^(uim@zD|PPNyG3d8Fi6X<Ey@v%5hop8&>49LJE{W#1G2Q-H`5fkY}StM^18OM64
z2(3YVVu|n}4aZ=My^zF4Mg@BWgtJ-1kE;(vfhA@HYR(^4w*Waj31}WfVT`3`qpCUk
zYz+LD#D!E`mwk=!4MHgF67?-<lSliXlwKwL1gTYr_40D;<Tv&QK7Tegm{dy$UcwKZ
zq|LPyMpurZtV)~`G=?F=Wf+w;U|pI+qkAf4IxaaNu_O~i_h+9Xh;)AcCW%97R#kOe
zR^ZicQ>+PeF<}}*EjR%Lmo7Y?tIxmf3N9M~428Y3<veq&xS)|Wl-K8V;{J8~NpwA&
zQHAogN)gO)YJ3KD)ydmq6n>}^Ex?1KCN;sy<>pWuAg;HE1>HwCr&GAwKBZHF5!O|+
zg=qqaAkRC2p*w9OcINgK!?pPx=AA%`OsCL9*27)EbErBb&=!?^eU?uroXj?b2&d&{
zZHpJ&Y7W9qz*q`3vm7!C({G`RuIHU#9MzD0z->i-BrODr3hnFL=X5Fh^B2&Tl;Y=Z
zT>ns?e#p<B?Byd>m{2J@^am0m=&IT^MlV68?mjLXVtB_+jMNiM5MrR`Q->*FeygOD
zg-A6alGA*=#b?5r30h{c43zvqvCm0k^b^U6nKOhFU?mUZ_@cb#cGgh<5zvDGRN>;K
zUpV~jid1CzMUMh8=tO1?Yq6dQ95lOgopqdp69;(Cje@9EpF}t6#uBb(HJul>gUBJ{
z$<X*wrY+BSCthbUJz@uocVjB;zbuD8KgvoE8zbJpVeJZ2a1#@@sS97Jc4JV-eTU8u
zAe~R%eZtD0Dgsd{=Nz`~43Gc|FGh_<uF-LJG{UotD{-K9sh}K6(nKkn#z`D!4YU{{
zzYKG#CC}k`3VzMhc#h_;v&uJVwMvix@Lbx|+~_rb^Y%`!Eo12vL#SbQ%?GtVkW@7^
zr#t7D0T_U@@*_7(ai)0WkqilMhrs@OaVoAB`M93S=68=#BA4SbHPFuq7UgY$7!U6;
zV`M(90s7LNby-=ggA}ElLK&<~@LVEzZ$*^A#Gx7m-b1nK3Gz5j2|l{3r^=A5U@peS
zDJ+3>gt64lo`&Vhc<;p7t<tEvT9+)fe65Q(QEIl8z9^!kZ!!l^Vqw}a?^57T^tnOY
zYl?omWjD0wY*R(j7OG2Zk+5bJN;Qt`%vE#C-ueY!z~Adcb@XIv7N)Ljmy(4XN;-y;
zf#YN8$3&U0H^NCj&|Os~DDohBFFU%0NT;ZP$jXYSP;n038aKPEyuor|Om?No!9(QZ
zyHV9V<f11_y$_yWvid!H?NMLi8&d2#oujNp5`8#FKk!H5E%o<e`2CUcxX?Y&BiWF%
z0oC`oesW+57OVZ1DaD0PI>)+i>3XITP-G$DKm7-*xQcssO=D~d>aYySD_cVItDO7g
zx{N9tSeg)zM;M|tk_M`|eOS1m=R}Y-O+0~*z*PIlSbm7tMb{&zCh3<-%)o+7H64TA
zSnCh&vda<r1+O}=gaR6f<IyWS*+OAtsJ19pSoPU9?W0#*FOe-WLH`hL*nle6T#$am
zlRPFMX?q+5|94lLSxywPK+>0F9hK$<mPIiz1+6LC)F3`YUOF<DhLvxMNe&lwPPmG+
z*2k4O7YIGL1TrFuuxaEfyAfNl8GX#%8GKH{Ie$-^XN9Q2g0_KJp8O+>DO)y1&xz`9
z^ec&?Zh024ivOEjY1!5#3IAWNQkqH<(EL$BFc$;i>1~ZBEYS@TaSivGj1YAd{ajA{
z9QmAUadtVi)$vG+WL>s|y}r|HEplDj)}8ax9^>yU_~&t`iWSBh{yAfm(Kdx+t8J!Q
z#g_Vd$PloJ)B|QH`K=o5+Y;%OxkQAPB)-`(!s25MTIpCUM$|k5S1WBwR3HEuBaKWH
z=K`Kc6v@aN$2c8QDs7&Ix)-mWm7+16D~e)q!WQihw)b9|9_9T-SiG5q(mHT^(mW<E
z1cDQmSe%m@?8L5$DEWc}>jGvTM2Pqmh<)Rt3|pPzSg0QbaS;rf`r}y(0<&qbTF*70
zLd@T2U)Sy5bB#ZTmGIg0IBQoT1T>Ylw)SAXD2(PGfkF5o%0eU5Y;#uf##zV#sOTHI
z9G%bufmDc*^Bl52L7}#T=9L&2>E*ih)pBR<3)N#Dc38H?BzXHq>)xrH9yFZxS1By}
z+26OOi*si@0H-iD0^p^G=8}zqdZ7CXmsu~=f`ng7$YS>Awf?vpy$goCp}hX`tJz;m
zh~bOS3w!z8t!J-*|B`;B+28BOdU1ygM?BQycJt5S%$|vlJc^^Fn1bPH-=*#0%c>}A
z3=~CYT?_7s4QYpoE4&R`oO5k8KEn?MJ7%vPHdQBU{L;E|^O>uuL(FZ~L~&f`vk}uL
za~G*Br~RuA-6%stUf<yFJ}89h2=Tx>aYCbn*a7g+HX%*G85B#H8IS@M5LScV0z<zG
z8v$&g$HI14|8AF7qv}pfPPc)8`%|ci2pu368Z1H&%>J+_0xc5}pkgyShpF$?AAjhV
z#a^3lr&zBz{qZ?jd1NwYL=aLAeG?G?5JCk+)d26H5u#AYKlcyqkHjk3&|hHD(K82j
zb?6d&*nlHWU#NH|TRR`ILd52W$sdeIwhTqwq=tJ#8h(Xt$4k%qd;W~Z(oVr+JP;7l
z3;FC%CY$ZAWBTvy7mQYGF&P31%RuM6a_aXL9al0Y^x``CbCVrWghuxm!=uw{%h|6X
z8RYJ=4ayOquTo+nkc*VI!#&!dm<c{ZwgAa~J7B*?dC}(7eURL)A2ho*yogGP$#<h&
zrZ$Mb&b8i<*xQ88iiu!am{EyWTs0t510|k5LP^C%=*PdlGYO@E>UY42?}50xfKGjM
zh7vDI-f;UW-CbQ-p!Cu>Rj8M^0HC?PMqCX5c_rc-b92cZi@r?3D$ve%$lhC3O1itZ
z&`W>kgCq?R*bEA2HRNKjrfUzEB+3W{)S&BRyVZKfEM=GmTh}tz0oNxdv?)*aIi%Q?
z0Q;@ds7(we`>#|GbaDT;A*3ZBFMZfRgApdb-FNtaj>#x$BC|&R&M_Q3A?i%)nXe}h
zCMxk$)zkpEC~^M~9jjQ#+L47EsLE7>o=t0$o_hhib(SU5QR8xu%^!VSL^Whi4}~qp
zRE?7g?e^<w-xexK=>CxdOjeiISk5sRttnt?gT?%Q(dI28ZmPX}M2{dS^z4S>SFE3u
zZ?9H94r~{Byh7!?qpcfDm!N*HS@90S$c-a>SO5On9cR^HwKAelF>+_p&8^anL)J(N
zRZU?X$q9PRjxvj7#%f1;JC=vn$!HugDd`$Xa<h{y4R<%PzXJR$7;+s;X9!Qq$$m<0
zNtSW){V$^dZ(1{aT&|`i@akBO+-KmyhKjjY;!_`Ci&CKRYa?TK0i3UX+084&PM@|w
zS;te0MI1l%rk~4OYqb+GgNj#?p8px2Dnd)Fi{R%h@Z5+o%fpVDSMfTw-V#@lCQU&I
zKZCcsyW|qB(h1?O0OQB-3w-}=Bumr{Q&y9S;-Q|aohp_Un~NJI=k7LU8kOXOz*Odr
z+^}x%XZl#zQdoR{g?>T`Yo0hnWc*zDi_PTaN2M)KaV7OsDoJEIFS)LMB3<>8ply|>
zbxHq9w%E1CA^h{9(8~UrM{+R5@64KO0Zq@=OHJ3bra-)7^NB2{Et@jI#OwxX2^m$R
zB)6pm8VRd*A@WI4WyuZ4CdXM&+^~h`{MFyhf|m7Obey&|?gs3E#6v|0q4|f@wIQ-#
zSYvUfiepc$D>6Fd`&?!zu*DCTz71J$VcF*DdCo_q%i0E`4@>ywrXbLnQMnq8a79f)
zPnaw6^J`z;{j3H!s@rzkA<E~Qqv8>4usOulX<f-<!0|K(H9eQi?t9DjBGsG92GVpF
z`A-Q?46p>rjOp3K$}SS5+vR%`Ig?t8R`kqOsIUldpQ{#m{~E;!g{EKcnU+FnYHA{S
zy_X78nYY)aKkyW>v79OMEK=~TOpIb;F!@1mSh}}Oy6LQlmArz<erh0<3UkMd#JmU(
zC&oHRMQ?2_#NlLge_GOaTT$)7x-~ux1Qxay4c;ve)lD3rot1`IaC2Dv6bW$--VJN-
z3abulIiZVUv;E+jo}~8A4UAz~i4XKHyXTo~yJV3TN*=LLn@ihi_xmAeWUIGVJ#1Kc
ze8T@!ruiL)%IqD9yixr{tr8<#CfWmuQ>+w&)nqiZS7d-*2o+g4>%@0%Zysl1IQ4w8
zu56Xc#}5M*X5bBRr+&9>pD!XIZC&@X3Uoz(XOCNSX!H<)h^Xa-JcvgmLjZ$rg;<{g
z=tKH-gB_~w=5%GucH}s@{FV^SOocP@?#n%XA25boY{YjTPQ80;d)FGY+9t3UdPG&F
z^P{96ts$Lu+bcfI>G*kyX~oETx6{HO(N50)e1Ln1GQ|+`mDb6GJC$Ygu4&NrlF-A8
zbUv7Ihd6mNn(A`xh+#8o>UPi!!#7v9MQ46CaZ|mQODa~3s3{}YiY|wkCb${-X|k4X
zK5Ft)8sq6iPKwqnxQazTl)W@>S^0PFIC8f|D{z7yzbGT!s#gk{jv7kicz__M&~bnu
z8Wv=wia-fTSs_TM1m|rSuCnX3NZPq84>en<W$wqE9vPUoj{9osZn?`R|I+juT3)$2
zRP|#8yxSC6(}EO>^{jtwez~a%m>}W=xi)t8#22;xSU1tLA@!5-$d?Y(3?Ysen&r6f
zNB!cz%_8RUOUvhQH($8r1xphlm;z(eahufd>wN@da8QD)tx8OWaE=l5!J?3PGScrZ
z%^-&7sO|ppu1@Xe!nZ@vq(Ju7n42+u_|drB^WAZF7$GB)47McEkc+bRnjzw*x~`Yi
zX9@C|{`23OU?+Yqt3_meQ8*2b{##H>g5zcDazGl>oQ(U&y^?yt8Y$d~gs}OTbiUBy
z3&UK<j;nOpqeW8ILMM&iw{L<UFiYoHyHy5@U#X86Pw`WEw`1AJl^9mfTNnu$e;Jn9
z$1*Nz@u_0YqeptU>r&G+8i%-KP2EWQmPwtni*|kLomUHZ+Op#^Z+h6(INh1&O8B}F
zE+-<D9U+e`;B(rj^AK)V{(9=4a@5B(dH1IU;<rK0sn?sY6sfaRnYZtd*s`=O#i!})
zVe}9u+^BPpRZ|44&n3C))h<|e8Y?#%(HZwSHt4uiL!1!|%Ra3|O{ZVn+80<Y@nMQJ
zcmIrVG$pY_Rx@@>l3wJ_(m7aoK;{0G9|3bwYz))ddVDu;U??_kX*<aYBZk~PRGCy5
zGF5NS+Q@P={}U+-HvOO{g^yUV+#1p>q-<wDjV?OFdR{S+pq-u;RY5I^u;V3z4Q$29
z9olIpF)I|J`##cPqBIxX0eO%9;{k@S{DdM};f4%nj2QV|5o^I^o}$vW_~e-<Dw4eJ
zahc1PxMs=8vgv{50?p}C<Lh1VoDA!GNZ&ZF+fKC!IXFd@532H!jArDASMirKvC+7p
zwLMom1`7%uCZF>bskNNtjCH!|O@_*YYD|7sdBV4)*0Ul#4SxjRlWrPmC!vP)PvVBk
zF}-e2tUfnm&BahVxIk^Vkh(L2xx24oOa}{FPdq4NPV?c}%YDCW0syAodv#*fklzAU
z+Y+8BU<{0JE<OxqUcwx(5W_~6TvA?>K6pNXlhP&3sHI1rNW_dt-G;4+yya4FU4P8}
zYPiAbd(geP<@uW-!A8hx<K(%`BBbZ#x%d6TvTtXND(?lYF4VCJ`P6r0Gq}{%EV>0;
z=Vj4f24DRnx35i+sO(Y5BgNPVBB6w5(ye8zen=(gMBF<np`sXIips@QG?U#=_Oor<
zEf2O}Yf<cne8x)>2CF1MZJw$wY>EZWPX<3VH^7u3-u^#T$|eOcpM5))W0&*2QImwv
zpQDX|_+1Uer8d@kUril_i&Y$tI$(Nj(;n+s&hM_?r=9j7VEy@!e#m$O!E83}Mheq9
zL1!}hZnMppXWQ)KHm(7#CL@ly>3KYYH*)^@hnPLSo3=W#yqR=yLv(pxz5c{|kU%)B
z^hVG0kCnJH(?f=*3OMA;be7d^qfjj-#jlsF`=8~yS>m*|?z(6A$4Ux#{st&1a+a7U
zeCl5L?;iiG$+b^hAo9UyLc*W54#KvX5KV~9#_xCY%)dVdbm&K<G31p;IZVQ(sQBZ<
zSIYN3^;N*sKX}4pmuT>jR$Ki}tSyqZcO|;}L{}lmi@=M6ROZZssQqUnTbyfb2sP1w
zep*}1IK}fAYYExLU&mo2i6vJH>Uh4VP8^lwB}_XF%!2Ifjr-38K+Xe_wts#4dQ03$
ze^!^L6Wrd>L%BmG7T?IObPN|Pj$ssc;|KotcP2`k7Z{L|<hjFQSkAJNPIW5(kOW}e
z+PrM-o{w)wS?&Y0?_UPPr2m;s?@gL?5#OLuCs)i#=RJ%&6p1$#?3&JY|B1b-{tM-0
zdt|Ghzv?BZ-fmS#AaC3p{RB6&_U?UkL2g!UkHTDRH*=4h0+SXZBLTsOoHp>{rq!`D
zpBBsGhqX1#x+-R3sFmvt%5$44RXZCz;BQ`n;>NMKK>bf~xk9qa-82P!P4nQ!317nj
zm4tOsSz_PWQ2SFlDxb=DSAy<sxc!vz2T33Gi(30&xyF%r$miX~DkFvxMkcpX@Q#Y+
z6E!Sofc&_|dRfSPVtFkS$#aFz`}x}Pr+i&E|FA|+xgSeizG9c*I&_dj2;ecmbQ{Z$
zamOr6AwT6RpXRmh=X7xFW!l-sE^-NDM>8&s+TNbwy9GU1POCU`Qd;z!J+$P?Zw?N#
zyPu7hIjfaJ+*W8K$lent#?a3vKf5K6x8d{G@=o0J2?fBBGqRLxoyT~9krt%FD`tcK
zZA9igeH{-}0d<~GMH+vU-gW-7v!A^-dc|JCouUdgmy|D`#SH*dI2ZzVHgYdIki+7=
zIMzD|lC}r`ObeUP5U6Q}zc;D;y@*n;Vyrex>L&|%_*G9iFQ2{;<l_Fl(=|+YHJ?&o
zcUom)(bX-OxYr#{bCbS3=&BUXn(yR5;tSK1D*4B@od6=A8zk?+#P+=j$&MeAarRhl
z!e18>R-+y8;JuPlJZ~A9J^hqX3;|<L&(g$LPK0JaBHF%0fx@THCb(J$&5Ffm`#48h
zW4V7Iy2=j*GnjcTg#9aqK5?65+?VXYbEMs$N5@t7TGQ#qDZAU9wsCzWDVA<sxT?u+
zrywp$UD0Ra$Naw><*7{j-5B}k%G+tP^d<~xu;t^mYDXl`?W2b(s6?0#_eU0yaj!>)
z@~0UW)frTnV&(yODZ}&GW*=5%|6nLPN)`vfD$*9NpFXfNmyqc5HB~QnXxQ?M>q!+L
zX_r^hY8trZYq?-kZ$|GzIA-5(a=<z%rR(F^!`Z@wGqiV8M5;>JYOcO^U1Jhe%=Cb}
zNFM9ea#ZpEF(|EJNe_;bX{&Z}4ACDaCHdy|0`-@OwGqJx!OncKz)P<Ud}L+W5XOXb
z3-zRpk!I>`+i~SngwdhAZCw4pD*)lvG@M#2PYKMcnOC$n<n!&f`igFPVvI>`S{qpU
zwc%!umF(h@kbkK$mVbcHRonONV*OG(4HhcFjAy^Q@U7PIkh|FMj?y{yE;w@5rLw~d
zB$IS^%`o4M-95)cPYuFFhsn$SJ%K{hKuiTSOh!f_^FE5Fu8&6Dus~z|{!!E}U(|YK
z24kH*T})gC`(0Tn*rzEwS84!vTe{B8m#E$AcO)mwPQFiW#S20g83|=~qKf@_=aiBZ
z`9i6eRAMzxda5dQ_yPZB^$M0Rk3i|{REoxhZ$dr(U*8nH+L|Ss#fulLu1)RNF&F~#
zMRQjfMN96sqw8;PW>#D8({^&-qoU(R^4aemAAkQ*d!z)BrH#f>MX;~LT)572c&><S
z+P3}LZOIn@_4@Z0^bJw%6Ecd|C_-fu1038xz&@g^{(peHlqwBWR7K{$I!{I6KbiuH
ls>=5tPEUjNzkL4xD|b>A{V$*Yhw-5!s#r+vD*wyx{|8gbgmwS`

delta 7970
zcmYkBWmFshkFFWqp?Gm94y6MWcXxNU;@VPN1_rkxgAA_4-5mys7I$|a+>5mL+dX&h
z-Q>@klau_+N%Bk-0M_#WiQ-6v|1=;wEJXEsSt$Rb8_`jb5RrIhH2*8nNRMtzi?lNP
z-vOD1G7>To0{VZv!Z6$r;s4rV5TuHQ6ODF8(@yojtKNg;lf7k+X@qR8khJ2^v+lA8
ze~_Ugvz~!zNoWsNmY1a)I}utojw3od=rnP+^g&#$&9=23Yin1-d^GoGXb6rXjp?Gx
z^uaabRaI31`uD)8mO_@P*nq$$mRJVkoNybm*Mi5p(K+T`oJp)CS?`cybA}*(j#!5_
zl3`dYY!EbI5yVFm#|*o60A`t+ig)#rO@xlxzr(KOv|GBmJkAvRF(o$#=X&iypWNP?
zxcA{U!>*C%zYP!Z*_9L##NnjgoO);C2BZ{wEe*Wlxr9xrg$@q9>`Vl7X|&nt@15|{
zp2q+65e4~xqJ1W|r@CQzdE`n{a<E<7zkZ){RdiA3cF@Ju{q%2RVMMG{=BhYRpG5G@
zvr&tFuY3Vgn)XvV_}S^toeaDr{d`h(`;|UkHG^N^hXlU<j<D6^6%llR^H$-1Y)@`7
zg*G?%v>NxeO7X%AQDY;czxOHg84y9$BQV;ATYYZ(Q<NI19vJd8Pb2o)njU<Aw(|yw
zV&eeBK$_W%0Id*wc4H7ejHxz;mRMrLPdjG2MWI;0=%*!vT4<iwn;<QRUG#cF2{VKB
zl_gK2u0T{_Rm#==m70t=0u*-OORE$Q&5aM&$+N+K?Dxs}g29qsM|8D!x+DE?RUk2h
zBw_>xh{1wMb?X(`G2Dk8@Q;8iFSP52itl6;ANBwmp<S4ZzM$mMAgnuOvWA*PY*9GC
zKDRt&m#Stq=;{sCw4fhtud?+M*b}ONs5B=5MVpO3GoxRy%rwJxEoLzbHx5xo)Jj3B
zn%{9G*&XQY!`alOr4fueABeo!kxu;8HvM~lC-m1rG9FDKW*D-#*ek1oKb=VM)%psu
z6PbVduu5BUD(Gi2$-Z0E7c(Y;N0|o1Fs?aa<WM5|l;PQzsxfy!k~hXHXWjtY4rOA2
zrWp}E+aP%v`e(UfahGY5s!Ad;fbu(xbA*%@AWFx+O)ewjc`zUd^;E&$reW*~fS{kM
zh-n;78{R50rbj#F4zSl|U@S~cU8fbb(D`~MpnOZr4vPCccxl}S458aXy5m50O%Arn
z@QHQ*_q+uI%c)xETrK^By?y*z5nMok5K?k-CcVOJAODp$&NyIR8{JP$x1LxrrV;U3
zRxgV9hMM_gYVZTjl5ryfDP7b6b~{Idi`KTb0y(B5G4sKu;^Q$_v41c~B&cJv&a^SU
zU)7L!0@R-7_b3t&9GMZ|fIiTy4Q@Qkc1(j*jk6;ofwg6cRq}nFY*J@y=p+#haTZ+J
zW4pfH-@vpG`tzv!dV+w7b#1#FGbGH9){OQGP+A98dJ_3M<zSLgN25!MnUtiF!8jv2
zY>VNIXvDwL(2osMUD589CVkob1kS&I#{y%NKm(-~;o|lPK!@K<l_?xW9mNEnAq`wy
zYy7XIB3n{*#Xu5=nWw^CHtc>B9>U_jq^||D$cShD3W>^OnDq6;k&u~w%ud^vjDjyE
zs$V+7w$Fln=XNhM8(~K-c>PhEVC>|3CbU4@Exr<;z9x>nct{~l1QkPZ*ryMhC&$)J
zpfRsiKJ~Qo(6naNwx;ztwWvz3!jZ!f)!Yy>2~m6pyTthrow1sbA?QnHls$WczHnxH
zK`E;+vdFq~On`QxVr#_a0eU|BuK^Hi$Q8DIsOXGoR23iPxA*gQ@C@9!u9%s_P~lYl
z9-8GV&D~r(83L$^UU(&P-AJ%Va3o$OD9nb*?+FFXwhxTlY82zjSa8<&K;DJwbTI?F
zDEJUV@yPX^j7T`3de!G(jCMdhsC7!ZV)d<vV(a%x=varuJ#i2!ZgOh{N5}}~-W?I5
z?)yX}y=ScyhK8m&$^+$=Go%>7EQ>^yX)pFTgQn-uXlLHW9bp58b%DSznjw8dke@il
zR-Jh_E)Nld1}4ibP+g<qm?9s<jAEdn%IM4yrEWhF;~q;#lze|#hXw|;Sv}&Xk8F2#
zJ%!}?^Suvvd=;l`kkssxV}p6B54xJ<uOw^LsU;FSQ!MWQiRaPY!KCrRnvHFDMRW0i
zSXV8;@e0(zMuf#TPDvgm_}o8`Su%Q)fP&nwIBJ$(3B<=3=S20L%1G0Mi0Z=RJ0z%!
zRmsi^Z2t<twjxVyJJ&j}LHvKU*w7D7p4br>S7;b|6O|v>B+uA%@S_6&FM<g{8f@~4
zvAUxiM#r_h$gy84IjH|8HzY^P#z6?`f2`W?!A-@Tx0tU7A_cgPwfILs2yzmXc`hLz
zi`yn4L<8TJ(OLMn_X292lg&g->~*pvcvyzJ6coBF9Bz2~J|%M~@l~~p669`-mrRZN
zZ0oR;fFoNKF{$5IOS84ah_d1YA5H8<x#<23?%C=G;OEX5Lvb!S;|wWqJETxfiN3ZK
z<jR23lGa0lw2b<FyJ+G-n-ReZsyrOO>D#N7R;j#%?DIP4`GNX{&c6NQld|$+0kH}3
zv{GAVj}mm~*==QvL|)b1iJAKkCk;bJ0Aus;n}w<oMaqsR%u@?AH`o`Mvctc5-PHco
z2=YlJCPmk;PrVn!K*#f3vSbnRU1|F^Q-}RMY%ilRoorDnnx$6|pB2%p?0EAjV(zj0
zH;Uj~)VpnI;>w{y@4B=h2LWiZ<UmT*0_`kbYSxqoQhX;4dqgasTjAs$E}w6MNgnCD
z^!qa~bUK@^p1_It$kdRU3Q*;NS;e}NNhDzR{e7X_E*${r_s#S`@EWWY3#&@DLCID7
zle};#<+-A$d@KfN)dR?VEjemLSlk>Ea(@giKJ&+t(BZ;l5h!xLM3~M{KoQ20hRomZ
zGf!Wq5>PzFY9)~Q>=*%7DUs9j4A;kPZ?73k{?csbC6rooXlgWnxcItT{qa+^ZJB~3
zJi7ldahf|PykrPhU(t^8(<4&w1gEYM+Ecxv-1Z`!*%K*99^2OX<(^Rni`~mBPCjg{
zw6w*EA(PFN(V(xbmhb>s>ka{?<M{SacJj|X8(xFJnbS2@D6G*4Rg_)E{o`erCuT^Y
z^v(i0I9p`EB$FavM*eYSY0S+Aw+GqQ1o4};F-!I#d`;>zI7&pAJBgu#-xI;llF1YE
zOR6*1sU0RLJ0po=@414LG{w}J^W4Fm$X%jgvQ<hk_2vrUt-nmXuPH44{FuB_I=)F6
z3w_<!#f`jfy*@2c0TnJ)&%MVvz+v)k$dKF?@`bhVC2Ae%HBJjLH~YGZSHt|L7{x69
z{Cu>AtMBi!qnDYf!|hCL23zKZ8!>Q9NF{T#k(?9g=(*U5GeSh(cHa>55Hlit22Z*e
zwO{XDVK40(7$=e8IhqjdxDTGfEkUdN<11Mrr&{O|5mXY2(D>nzw3W%F!_#cGm!hgS
zm>EHV?r*vnuQoG11+|9+Y7*7)jR9I9W=r{&h5);Oq~dPILrq^oX#lmW;laq$F{{Ao
zWnVn#U`%mjpYT$6grB^Px(bW0;hjzC#$ChS#{h-`>sqicLZmwtZbmHT220LUsd;3=
z@UKw^tI&tTXU0fPyE&2srs*3KcPni0toJ_Wmp>@z?&Z?zwR%yCyyGO(Kd?t>n^tYn
z1z5x7uzDuA@Zg<$4!BvYDkJH}?Z+j5#toQ2;=mIXyOS@zS!-@r+n*siN6At(<^~_i
z-o#Z{!dv|Wf~+19po<I{DRXKxvbS{D<eOPvNoW$t){Eq~7uVjs4pKcG&@GQvD>Ueu
zN<{dlMGO@%o+DVQwy~$CG)nx;Z|x^&{1h!9L;g&~R2M77IxAv5TsHC{s#T%8()peV
zqz)s47}-TqOaN@g%`8^odLtsE_LuXrE6W1vWttU_^0^7b&O5SLO8s;<qgXlk16?|Z
zlPD*<=)ONJo1KJEhNgf&u}$!vBB=(9OL5E6rzX$p8@3HkyAeQvqh;Y^2`PkIQvy1U
z)3`|lI=i>ZbOEDu?Y_iHzrzKYZE-b096?u=T1fX{2!ncygHn0v>;^*3J~O+zIjE#1
zhr2hSx6k{`Ge~o<+#E&1{8Kxf+s(*93aiS^W^IFwREna|FCQpmG2lBEs6B7AosaC_
zIIu71o6-!o+ZkJkV7UhUlljnSY=_kAhIUV8aqWh@o}<7>ZT$>)7gn1i#TF-!rmho8
zkKV~$I~<w5Z(czmI!2Ohf1JeN+5gm+017AsDt-t2LM>x}EPTT-f45D~LMt{No1B7_
za5NOYx-14X=bg^}9>Q$p6h^W;{GLPiyBjhjS-(NM*tz=>Xi4zXMTdT_7Ntm<b2Y5c
zSWERbL+OAbzv)&2@b8K{g`OJZh;2F6IH)25q(`o<BXME;ybSi2ed0^e8CbZW&fl9g
zJ8aKcUy;`pn9Y6>kbr=5h|8y$I<Oj3Yl=0ltOAvyywdPB8xhNiP%gj=O3DL}ghIJ0
zemu}n5cbbXU3El#ivB_!T{j<Wihod@M7_8)2M;Y6G#S&=Z<*CwQ3xdC8~iaoChRQy
zp|I>B^Z|N$>@>d4=fM`|La&p)VkY7;=u*%mME1ms`p+IXc`L=tgL)qA1sSYy`_Z!A
zq{gD>R(>vNjkty_?9EBrua6=Hk9(@8kzvcnsJ{(y3@`}Sv5}7$JV}PGC;pc03r31i
z!J&@w24GQ#)`*~gngHn()Q=;79buVLF5lCjM&`aF9uli-7J=J+$-Il1b5##BvGTh!
zw#myTLCDE-JjvhPMAMhi;Yac|2djPiMI|;%-4Deba6TeEUD;0~i`lIci{_yOtK&zm
zdzFt;67?tkJ?Bk>+5}3^lYh2ot5^hxug$NUSfB+J?`wM0r4hnPDEAYH9U4D;nnLOg
zL%FC_?}8lgLqUP=vuJ@tKXsk8uSG3TUvDzrY_?}zsh_&=BJ#8*EVgcS9^5J!J`QL6
zRf))Z4)m|<0dB_z;s1n20elQFzviK1?5DpW<TMJlp%T^;vs%3jG#>Th^_-%utFFDC
zz{M)E30f(G(sdo4U$(Qv;2g4CAm3L9nwAN^=&;+3dSmGnVa3<?KlkHMvj@gy3U~p!
zOSlFf8FP;XwO+7l68EqcML12`razZ|1X#mb)X%@IEh&|MukaBPbud@~Pp`3t@i|&H
z<#NP#<SZ`W|0`2;)eR4Iam_NniH7J4@*vi7LE;2C0hEwVL2W=K1W$+sumlkh(m*t`
zhQtV&0_-8jLXNm1fer1ZwcR+t@4tc`ZXg!I^nf%-s4xREjr@W!q*9ol`h(T^h30PK
zk=%d`-s)T@<yzHgnsKV?$VC2#0H`Qggde~N5fIS;AVH!<ARv&?-xW()G@T2MQzG^%
zE=2Q9R?H8s!C0z}i|-1T9b}wiiF*(!Br)RQqu>j?U{L7Z-_c8jf|DL$HMz(NWemcb
zEXpcawHQv}lvrime@;KiaD#?J7|Fl{3iOG8M>N-lsTQ+~?C$N4x{Nl;yVs%jmD``8
zmaO@G9c`B+8vF$MC4@2bvUJVp9<I3duzREi5_+j`q`t_1*`SsF`IjqJT)s7rgUs<o
z-|3cUj1q4O?AFD1&mps-!Z`L;)SI=}O=vX8;(rVw<YK}MW8XfQN6<nHyAZ^7KXUgV
zyY<tXh`&ntBJ8R4cJ$<a%q&kxfcT2>1Na;3#WVn*z<6?-jy4S&xhG|`*$T}T^=oIQ
zF+YE9j)`}oNCmxF7ZSZDHPB?9qz!4>*ol6GWt2+wj^!>n_yiEvXh38LKDRxrz`eUp
zrzI^3zBVa9UQ4dM4oc`n$?E}GBRL_G6G&UF)}T@}%K*eT_XqK?>W#9@Y|x{#6DE1=
z1@AzFcr<s+D&oPic|CIMJj3EH9u0*gOF-6S;tE%S_otET$0?J1tWUeCJ>dsArIHRD
zVW~qv7BV~(KS58+OXRrzuO58fh3w?Dg?y4I#^QDtDO@j(O`u=$M;p3dIAZ$x?|pxK
zm+#5%wy4lVf4mB{(JS>b+cb}4k1@P9{^<uIe2<><Y)JA)D9X9zOi#v=QTEDDs6(%V
zw6G>0nWfkzlwZ-8G|V22i?|uv&qg!ajPTPh+k8RUINz%Tx?sQkug>6)*^<8U?>IxS
z$w==LxZ_ptWI%);GslfXhNsK9!B4k^IHJ4$pYc+*^B8w9O_(HV{~AHewSv1j7XAc*
znyc_<nJR@Vi1IMT|Lj0TD$X{+s(9p#1Qc%=crq2#=9rWA;0I1Zbzxp2az@|bl?HUi
zM3v&~Xw}Rua~+@X#a6&S3P|z5V|0&OXan*EF!j@+w)M7;`x23JleaHZo4F|weyP$o
z2^FGEje#wZK!V|R9q$p##i|iyV$D2I&cOo{f0OMK1Jk82O$mz%UOv*hF8VFY*h-f9
zKDW|Wm;9bZV)=8Uy=bq!{zXfJR~#VjgPOq~czLJEQ+d0Ju|)JOm+ch4+h<+MQFWt&
zyn<3rB_X&%B2D8)cD!va6YT}xTFY_TuysS{iO)Y*t@ZP56m(OU_p4}Dqu+jlVz@r2
zxLD&zKCaHGmGW&bw}*!J%A8E<Ae!``6Ko(+o;o%81Uht6ZSj0YwM5JL<Eteh04dQA
z$8=_4;K(5xtPZl&e6eS(8{BGgYmpW0=VSDE+|7cux4JM1@A7$0BTs1HG|Q~JIVFIY
zT|@1*a3=GFQR`^1kL&J*&)h>nTWvCH@q{cUY;wm>QaM!MYv^+5SKlyx<U~u3H+)<s
zJ3HH<bBlxsrp)a&ONo2%>H=iaQ#Kp4K#hC2JLX?yU0`8Kx8|vxin9pewX;%5Ky~Me
z<I={68fuha=5RTe<h$FyF3s<DV=Q}VG#MEu0p{>f!>$hc*%fya?dd?=8Km5kIg$b}
z_W@J$fplq;?@5EHpNj-lm013>4A`LY(Clu*g=T6m1*YP(Xm3*zxagWIEPDXuQ)Q-0
z{;oWoKcg8J%4HsrQ$z-lF7)}!^dbi6<b;u+xjLw+wfp_sR94B^VMtW!ccKp04(O-W
z;}5om3(k0=VyNEI)m@;Dgrv*nnH-t|9z(UIG@s<>RP?!<8vkElM7FL_D~wn=%tysb
z7|%UIGHi!kl5ffHq>_&7iXKWP21l$1=BR4E=n8v%gTTC9N4CBlC4n}Q*87|{D6XYE
z@buZ0=Pgl;CKBC56bAS`0*?sKY8tQ18hQ|$3wyk*-tYZT<^;7Twtjj)o^s*0w)^=B
zQ@AV6L6Yz)cFa`{&&TC9`9jw2*@`QoTZ7)D^2C1hqHG&VJ4}tWHle}uZW;?8wifz&
zXpnR=c=%I=(9?EWxxyZ}lu{*?t}_E?dYC>4HE%FMv`xmCQ&nx;&R3iWlS<^f387~&
zy8%!SNHms)`~WFC$BgI!HC=0*NjXetn>(2HjCsl?ujM>Fs_WMex+~Z(JBr5cSjG07
z&Yo_V#ZrTlE~s28dgrLOUD}QR`s$0@VnNf|SIsOG=1hK{*K#yr_t14}()E?Yutu_v
zNndu5TYD~3s5`&2b>Cb`QkewBmIEYlBlcS^vBd=ae}Q&)^T<q>atkmWAS53ev{Gzk
zdtP;_hu(Xb`ak&@vZy)s-=rO8sr%XpeM*+TJ)nO(ZA=)zBn&M;qs7{5D`9h~0bi7{
zi!@f};T-RHJ+RjCXOT6YhH_9Nl&4!hqppweJ*_+SjuV~~bTE9KH>6z7M?X{;IFXyk
z?4R?l(Ewcu(&+|pE2*EF;fqO0Q5Hq$IHa1F?#}(i^B}y(P|0)~PQ@unKJzkxU_!og
zF7V1j94j(QBTi6cJ3A`z5{+tM0_sP;1)>Z2UZm7pKeruNdIQ{=p<HV(?yR0y*H8t)
zi-E$N{Dfackrbl$N|i6t%?m;IJ<1+Cki+Ld6Oh;i4q4T<CX*~XTyN$ppP~u;GCz}5
zptI&hKF5gNAI(4;yrL2Jw9PgP=Ra8B{8DMt?eWpfrwq}aazOol8Cf;i@$x#$S*M$D
zxW1zr;BiFbgkxaihpjr-k+Qj~^({e2Fe@bDl=>i|vGKrN)5=<26Ye&~A2Af)(O-g1
z1v*;cO<g6rbx=c6e?0Q9%8y1|gs;QavYDEjk5H)XQ@!*KN7yFDWf$>s0q$J|Xke2l
z4eKjY?D|>CB$+RppO_rvHpSCWe)~U$zypw}^*WFcY7u2g7|~AK9DXb|X@7sqkR8M^
ze1${1u?*m?+-v@c-r@W{tnJU*Cv?Olpq&GBp{u1@oI2&gOvO?L9Q-fJUD~bpx%=|g
zF4uz11l+ilgxy~2v@X-|374d$i)6i<B~*&kq8Jc--BX*RyeCBT&K$p>mC|T}k*20(
z$f6^FxZC$&ZBCIFp^q(Ca>euGiC=pz;Wx+2*Z0T=ttSJYoOZr{?hURJ`MQ#;4|<?z
zyv*xV2BM<&3v?53iR6$zO4h8VOk-z$vJA<jxYL10$T|gx4uVw&*^S(6XW;W)l|2zV
z{K32YFC;JZ4G$nr%nR7r>Y-QDsklYZn+3@!yxVM<IrA~Ga+Gfk>0Wf-6*e!(C1(OO
z6lt*34blItVQI>UrTa?Rsa#tFqG5`zHD{|W`-Yd@8oRwu!_3&*5C$dGKAy6~QQL46
z()2$4+@ReP>Pe0*{iqicW_+}yWh@Uqv4y=F8$Fivc8RGmFC1o}zKL!+p^fwf4)B;%
z+~U|CQpi8$oRxO5)ogyzk^ZK7GRG`aDO~b^{EIk%Vuj<EKyI!RXuJ*v`nr`U$;iiX
zl+l-FKRLXKcFzA*{!dO1zcfhmcP9sX1?T1gN=)loJcm=fp_+Pw7>%L#TY$wwF&AGv
zd;S*V0ToMv6E8~Ep?uz~i^x#(GESax4|aR3`$x(;;pYrb>)Gd>DLCrP`Wc!^5X8wo
zg3zvw^yyElU$Dy&+}g?xgk$M$iEGnrHIyOta`JQplKPwO`@RHPXjCb!k5kMuw>%e}
z5$*c-;!=;mX;q7M9#yq3()B+BzkDp+*MyNVVmiDAh2Pt#x@xvX?B4kWWBe9POp^bX
zLcDZgfuO!(FKsce-ZEFng(#<0>4gn-VQ0`WE|VueTDQY5!JIWWQ1CUoy+3VtS?k7U
z*zTsyNcEK?KNo=xA(I&!S=*eB!ibBe4+e3|wcs%BpOVVCZCr|SHSs?TlOI;hv(!9+
zpYx*5%98V{&MgPj1(?KkrG@1wBK(Nxe|$J<FH-4p=ux`h=^8NF$fxjG%0T|KU^-oU
zVtbm#{@spQ0P2@@4U*%mxvqq_FORkK^rE6QD@9U)%jgc}8j`+r*koOJNyR%`Pgvqw
zLe3Q;a3CqV6%TU4K%~=rkMv`zDBfPDg1<eT!MNOA$J8-tymWZ&fmhd4=lee1i_jN)
z&F(ANReK6^1a=C$&>W}c9DQkgg3CAmbg-6~52MzRuq<K)=yvSpU@SK+*YgH^s^Lr0
zsh)QZ6`L)dOsw#)&an<0qdsq=^!KuIEh>}_M6W@DvH>qqhvNGu9j7fV*445bxRbxb
z7+pK!@;3kTL(m+;{skHHGx5mRF4iwS=5A0#-?lN^ocV3Je$7kgj>2+8F<~Omr5p7Q
znvSi!nR4g`3Uor3aaAgX<2uZh1s(s@o$Ds~UQX*e2;_UTum<R(Zc>G8&}Jj`tRH8d
z8qVQ7|Md)L5jNY%+xnBtk$O<AKPv1Rczby#_hzogr9RY4(~G6Ll`+F$&Y0o4bMP(k
z9M9AI>b?ac9^uEW$l5Cpc-d(*A|ii8raG<C@!)R+ZFU_>Q+Ruub{^3yE&6=d`#C!*
z#-va2^5>lyakP<5(S6Svv74FWsaH-V!dQyXhCW#t*6=3SBmHYB)5}u|!$IetaBmjq
zZ#*@UnfUk559elTvI|A?<@kPXhBzgT9;XjpSc*1jA)>e^Jw45$%pYB@(NCW2UdFIz
z7HJajKsm3@-ze*sF~`~DE{rXlv;~W#tBgO|es8U&NB_5ey^C1<@m*chY2EN-x~@iT
zw&3tqCi04CZjA)WL4J)u6}Q+`n7Yk85=tBnKeWHJQc9!jdO@7nd&9Pla{j%{W58o~
zYjsDV_eGaM>1~vhM;kjHFNOq8KDo$*qUP|G7bqHKye|r+m4yy;w-c2nO}JdbR#_+w
z^b-$6?S)fJpL`@i;mWPGhAmbTTz=YKlaESnb}yuT?3QnCPe6FTp;zwPI{0H&9yqPJ
z`5?BcR_<XYNvF&2m=Yno<|HW~=K<VVFtWI<|CREE`8Cays-Ehh!Az?t=dyg`(N+Iw
z-MZAf76;2IUhj>3dwXre?OHVWCJ4S38$$8yNjjVxS?GE$biWZV>M?h_8h<R)$?!mo
z@w$o{KR&OAD?@rV^qApLAb7?*^?BpYeO*28?(fyz=s!daWi)g$jTQbu1_Xrvz~*)}
z&HrK55IS}B|ED9>b^ZriLvGYX|A$(WYbXN{iIDz3xBg$PEHp&^7q=#Yv})j^j;a0^
G*Zx01;yYph


From ec838d11118fe6908cac674487a2e6d5e8c7efd7 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Thu, 5 Dec 2024 11:13:39 -0500
Subject: [PATCH 06/14] Added a new control for MS cloud defender checks

---
 setup/modules.json                            | 1289 +----------------
 .../Audit/Check-DefenderForCloudAlerts.psd1   |  134 ++
 .../Audit/Check-DefenderForCloudAlerts.psm1   |  129 ++
 .../GR-ComplianceChecks-Msgs.psd1             |    8 +
 .../fr-CA/GR-ComplianceChecks-Msgs.psd1       |    8 +
 5 files changed, 282 insertions(+), 1286 deletions(-)
 create mode 100644 src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1
 create mode 100644 src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1

diff --git a/setup/modules.json b/setup/modules.json
index 9275acf9..1512ae27 100644
--- a/setup/modules.json
+++ b/setup/modules.json
@@ -1,1155 +1,15 @@
-[
   {
-    "ModuleName": "Check-AllUserMFARequired",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-AllUserMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.allUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-CloudAccountsMFA",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-CloudAccountsMFA -ControlName $msgTable.CtrName1 -ItemName $msgTable.allCloudUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-GAUserCountMFARequired",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-GAUserCountMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.gaAccntsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserAccountGCEventLogging",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName1 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      },
-      {
-        "Name": "RequiredRetentionDays",
-        "Value": "securityRetentionDays"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-AlertsMonitor",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName1 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-DedicatedAdminAccounts",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DedicatedAdminAccounts -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -ControlName $msgTable.CtrName1 -ItemName $msgTable.dedicatedAdminAccountsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -DocumentName $vars.DocumentName-CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "UserAccountsPrivilegedAndRegularUPN"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Get-ADLicenseType",
-    "Control": "Guardrails1",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-ADLicenseType  -ControlName $msgTable.CtrName1 -ItemName $msgTable.MSEntIDLicense -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserGroups",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-UserGroups -ControlName $msgTable.CtrName2 -ItemName $msgTable.accManagementUserGroupsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DeprecatedAccounts",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DeprecatedUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.removeDeprecatedAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(3)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-OnlineAttackCountermeasures",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-OnlineAttackCountermeasures -ControlName $msgTable.CtrName2 -ItemName $msgTable.onlineAttackCounterMeasures -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ExternalUsers",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-ExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC6(6)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-PrivilegedExternalUsers",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-PrivilegedExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingPrivilegedGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC6(6)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-RiskBasedAccess",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-RiskBasedAccess -ControlName $msgTable.CtrName2 -ItemName $msgTable.riskBasedConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC4(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLifecycle -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "PrivilegedAccountManagementPlan"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLPRoleAssignment -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "PrivilegedAccountManagementPlan"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserRoleReviews",
-    "Control": "Guardrails2",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-UserRoleReviews -ControlName $msgTable.CtrName2 -ItemName $msgTable.automatedRoleForUsers -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "IA2(1)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-CloudConsoleAccess",
-    "Control": "Guardrails3",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-CloudConsoleAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.consoleAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC4(7)"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-AdminAccess",
-    "Control": "Guardrails3",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-AdminAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.adminAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC4(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ServicePrincipalName",
-    "Control": "Guardrails4",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DepartmentServicePrincipalName -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.monitorAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
-        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(4)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ServicePrincipalNameSecrets",
-    "Control": "Guardrails4",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-DepartmentServicePrincipalNameSecrets -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.SPNCredentialsCompliance -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
-        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(4)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-FinOpsToolStatus",
-    "Control": "Guardrails4",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-FinOpsToolStatus -ControlName $msgTable.CtrName4 -ItemName $msgTable.FinOpsToolStatus -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Verify-AllowedLocationPolicy",
-    "Control": "Guardrails5",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [3, 4, 5, 6],
-    "Script": "Verify-AllowedLocationPolicy -ControlName $msgTable.CtrName5 -ItemName $msgTable.allowedLocationPolicy -PolicyID $vars.AllowedLocationPolicyId -InitiativeID $vars.AllowedLocationInitiativeId -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -AllowedLocationsString $vars.AllowedLocationsString -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "AllowedLocationPolicyId",
-        "Value": "AllowedLocationPolicyId"
-      },
-      {
-        "Name": "AllowedLocationInitiativeId",
-        "Value": "AllowedLocationInitiativeId"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SA9(5)"
-      },
-      {
-        "Name": "AllowedLocationsString",
-        "Value": "canada,canadaeast,canadacentral"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ProtectionDataAtRest",
-    "Control": "Guardrails6",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [3, 4, 5, 6],
-    "Script": "Verify-ProtectionDataAtRest -ControlName $msgTable.CtrName6 -ItemName $msgTable.dataAtRest -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC28"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-StorageAccountTLSversion",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName7 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-AppServiceHTTPSConfiguration",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-AppServiceHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.appServiceHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC28"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-FunctionAppHTTPSConfiguration",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-FunctionAppHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.functionAppHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC28"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ProtectionOfDataInTransit",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-ProtectionDataInTransit -ControlName $msgTable.CtrName7 -ItemName $msgTable.dataInTransit -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "pbmmpolicyID",
-        "Value": "PBMMPolicyID"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ApplicationGatewayCertificateValidity",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-ApplicationGatewayCertificateValidity -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.appGatewayCertValidity -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "ApprovedCAList"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails7",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.enableTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "TLS12EnabledAttestation"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Get-SubnetComplianceInformation",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-SubnetComplianceInformation -ControlName $msgTable.CtrName8 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcodesegmentation $vars.itsgcodesegmentation -itsgcodeseparation $vars.itsgcodeseparation -ReservedSubnetList $vars.reservedSubnetList -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "reservedSubnetList",
-        "Value": "reservedSubnetList"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodesegmentation",
-        "Value": "SC7"
-      },
-      {
-        "Name": "itsgcodeseparation",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.networkDiagram -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "NetworkArchitectureDiagram"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.highLevelDesign -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "HighLevelDesign"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails8",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.cloudInfrastructureDeployGuide -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "CloudDeploymentGuide"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC7"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Get-VnetComplianceInformation",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-VnetComplianceInformation -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-NetworkWatcherEnabled",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-NetworkWatcherStatus -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-NetworkSecurityTools",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-NetworkSecurityTools -ControlName $msgTable.CtrName9 -ItemName $msgTable.networkSecurityTools -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-	{
-    "ModuleName": "Check-StorageAccountTLSversion",
-    "Control": "Guardrails9",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName9 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SC8"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-CBSSensors",
-    "Control": "Guardrails10",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-CBSSensors -SubscriptionName $vars.cbssubscriptionName -TenantID $TenantID -ControlName $msgTable.CtrName10 -MsgTable $msgTable -ReportTime $ReportTime -ItemName 'CBS Subscription' -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "SI4"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails10",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName10 -ItemName $msgTable.MOUwithCCCS -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": [
-          "MemorandumOfUnderstanding"
-        ]
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.SeverityNotificationToEmailConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": [
-          "SeverityNotificationToEmailConfigured"
-        ]
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "SC5"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DefenderForCloudConfig",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-DefenderForCloudConfig -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecdefender $vars.itsgcodedefender -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodedefender",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-HealthMonitoring",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-HealthMonitoringStatus -HealthLAWResourceId $vars.HealthLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfohealthmon $vars.itsgcodehealthmon -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "HealthLAWResourceId",
-        "Value": "HealthLAWResourceId"
-      },
-      {
-        "Name": "cbssubscriptionName",
-        "Value": "CBSSubscriptionName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodehealthmon",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-SecurityMonitoring",
+    "ModuleName": "Check-DefenderForCloudAlerts",
     "Control": "Guardrails11",
     "ModuleType": "Builtin",
     "Status": "Enabled",
     "Required": "False",
     "Profiles": [2, 3, 4, 5, 6],
-    "Script": "get-SecurityMonitoringStatus -SecurityLAWResourceId $vars.SecurityLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecmon $vars.itsgcodesecmon -LAWRetention $vars.securityRetentionDays -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "Script": "Get-DefenderForCloudAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
     "variables": [
-      {
-        "Name": "SecurityLAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      },
       {
         "Name": "cbssubscriptionName",
         "Value": "CBSSubscriptionName"
-      },
-      {
-        "Name": "securityRetentionDays",
-        "Value": "securityRetentionDays"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcodesecmon",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.passwordNotificationsConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "ConfirmPasswordNotificationsConfigured"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-UserAccountGCEventLogging",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName11 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
-      },
-      {
-        "Name": "RequiredRetentionDays",
-        "Value": "securityRetentionDays"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-ServiceHealthAlerts",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Get-ServiceHealthAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(11)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.monitoringChecklist -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "MonitoringUseCases"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AU2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-PrivateMarketPlaceCreation",
-    "Control": "Guardrails12",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [1, 2, 3, 4, 5, 6],
-    "Script": "Check-PrivateMarketPlaceCreation -ControlName $msgTable.Ctrname12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "CM8(7)"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgProcedure -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "BreakGlassAccountProcedure"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-AlertsMonitor",
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName13 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "variables": [
-      {
-        "Name": "LAWResourceId",
-        "Value": "SecurityLAWResourceId"
       }
     ],
     "localVariables": [
@@ -1158,147 +18,4 @@
         "Value": "AC2(11)"
       }
     ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleName": "Test-BreakGlassAccounts",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Test-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountTesting -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-DocumentExistsInStorage",
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgValidSignature -MsgTable $msgTable -ReportTime $ReportTime  -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "variables": [
-      {
-        "Name": "storageAccountName",
-        "Value": "StorageAccountName"
-      },
-      {
-        "Name": "containerName",
-        "Value": "ContainerName"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "DocumentName",
-        "Value": "BGAccountSignaturesandApprovalsThread"
-      },
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleName": "Get-BreakGlassAccounts",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgCreation -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "ModuleName": "Get-BreakGlassAccountLicense",
-    "Script": "Get-BreakGlassAccountLicense  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgMSEntID -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2(7)"
-      }
-    ]
-  },
-  {
-    "Control": "Guardrails13",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "False",
-    "Profiles": [2, 3, 4, 5, 6],
-    "ModuleName": "Get-BreakGlassOwnerinformation",
-    "Script": "Get-BreakGlassOwnerinformation  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountOwnerContact -FirstBreakGlassUPNOwner $vars.FirstBreakGlassUPN -SecondBreakGlassUPNOwner $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "secrets": [
-      {
-        "Name": "FirstBreakGlassUPN",
-        "Value": "BGA1"
-      },
-      {
-        "Name": "SecondBreakGlassUPN",
-        "Value": "BGA2"
-      }
-    ],
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AC2"
-      }
-    ]
-  },
-  {
-    "ModuleName": "Check-TimeZoneConsistency",
-    "Control": "Guardrails11",
-    "ModuleType": "Builtin",
-    "Status": "Enabled",
-    "Required": "True",
-    "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Check-TimeZoneConsistency -ControlName $msgTable.CtrName11 -ItemName $msgTable.timeZoneConsistency -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
-    "localVariables": [
-      {
-        "Name": "itsgcode",
-        "Value": "AU2"
-      }
-    ]
-  }
-]
+  }
\ No newline at end of file
diff --git a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1 b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1
new file mode 100644
index 00000000..3ffd3842
--- /dev/null
+++ b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1	
@@ -0,0 +1,134 @@
+#
+# Module manifest for module 'Check-DefenderForCloudConfig'
+#
+# Generated by: Cloud Security Compliance Team
+#
+# Contact Information for module : cloudsecuritycompliance-conformiteinfonuagiquesecurise@ssc-spc.gc.ca
+#
+# Generated on: 2024-12-04
+#
+
+@{
+
+# Script module or binary module file associated with this manifest.
+RootModule = '.\Check-DefenderForCloudAlerts.psm1'
+
+# Version number of this module.
+ModuleVersion = '1.1.13'
+
+# Supported PSEditions
+# CompatiblePSEditions = @()
+
+# ID used to uniquely identify this module
+GUID = '5adc5e4c-800d-4db6-8ba0-45f463d602e1'
+
+# Author of this module
+Author = 'Cloud Security Compliance'
+
+# Company or vendor of this module
+CompanyName = 'Shared Services Canada'
+
+# Copyright statement for this module
+Copyright = ''
+
+# Description of the functionality provided by this module
+# Description = ''
+
+# Minimum version of the PowerShell engine required by this module
+# PowerShellVersion = ''
+
+# Name of the PowerShell host required by this module
+# PowerShellHostName = ''
+
+# Minimum version of the PowerShell host required by this module
+# PowerShellHostVersion = ''
+
+# Minimum version of Microsoft .NET Framework required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
+# DotNetFrameworkVersion = ''
+
+# Minimum version of the common language runtime (CLR) required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
+# ClrVersion = ''
+
+# Processor architecture (None, X86, Amd64) required by this module
+# ProcessorArchitecture = ''
+
+# Modules that must be imported into the global environment prior to importing this module
+# RequiredModules = @()
+
+# Assemblies that must be loaded prior to importing this module
+# RequiredAssemblies = @()
+
+# Script files (.ps1) that are run in the caller's environment prior to importing this module.
+# ScriptsToProcess = @()
+
+# Type files (.ps1xml) to be loaded when importing this module
+# TypesToProcess = @()
+
+# Format files (.ps1xml) to be loaded when importing this module
+# FormatsToProcess = @()
+
+# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess
+# NestedModules = @()
+
+# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.
+FunctionsToExport = '*'
+
+# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
+CmdletsToExport = '*'
+
+# Variables to export from this module
+VariablesToExport = '*'
+
+# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export.
+AliasesToExport = '*'
+
+# DSC resources to export from this module
+# DscResourcesToExport = @()
+
+# List of all modules packaged with this module
+# ModuleList = @()
+
+# List of all files packaged with this module
+# FileList = @()
+
+# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell.
+PrivateData = @{
+
+    PSData = @{
+
+        # Tags applied to this module. These help with module discovery in online galleries.
+        Tags = 'GOC 30 days Guardrails'
+
+        # A URL to the license for this module.
+        # LicenseUri = ''
+
+        # A URL to the main website for this project.
+        # ProjectUri = ''
+
+        # A URL to an icon representing this module.
+        # IconUri = ''
+
+        # ReleaseNotes of this module
+        # ReleaseNotes = ''
+
+        # Prerelease string of this module
+        # Prerelease = ''
+
+        # Flag to indicate whether the module requires explicit user acceptance for install/update/save
+        # RequireLicenseAcceptance = $false
+
+        # External dependent modules of this module
+        # ExternalModuleDependencies = @()
+
+    } # End of PSData hashtable
+
+} # End of PrivateData hashtable
+
+# HelpInfo URI of this module
+# HelpInfoURI = ''
+
+# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix.
+# DefaultCommandPrefix = ''
+
+}
+
diff --git a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1 b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1
new file mode 100644
index 00000000..52ef8320
--- /dev/null
+++ b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1	
@@ -0,0 +1,129 @@
+function Get-DefenderForCloudAlerts {
+    param (
+        [Parameter(Mandatory=$true)]
+        [string]$ControlName,
+        [Parameter(Mandatory=$true)]
+        [string]$ItemName,
+        [Parameter(Mandatory=$true)]
+        [string]$itsgcode,
+        [Parameter(Mandatory=$true)]
+        [hashtable]$msgTable,
+        [Parameter(Mandatory=$true)]
+        [string]$ReportTime,
+        [string] 
+        $CloudUsageProfiles = "3",  # Passed as a string
+        [string] $ModuleProfiles,  # Passed as a string
+        [switch] 
+        $EnableMultiCloudProfiles # New feature flag, default to false
+    )
+
+    $isCompliant = $false
+    $Comments = @()
+    $ErrorList = @()
+    $subCompliance = @()
+
+    #Get All the Subscriptions
+    $subs = Get-AzSubscription -ErrorAction SilentlyContinue| Where-Object {$_.State -eq "Enabled"}
+
+    foreach($subscription in $subs){
+        $subId = $subscription.Id
+        Set-AzContext -SubscriptionId $subId
+
+        $defenderPlans = Get-AzSecurityPricing
+        $defenderEnabled = $defenderPlans | Where-Object {$_.PricingTier -eq 'Standard'} #A paid plan should exist on the sub resource
+
+        if(-not $defenderEnabled){
+            $Comments += $msgTable.NotAllSubsHaveDefenderPlans -f $subscription
+            break
+        }
+
+        $azContext = Get-AzContext
+        $token = Get-AzAccessToken -TenantId $azContext.Subscription.TenantId 
+        
+        $authHeader = @{
+            'Content-Type'  = 'application/json'
+            'Authorization' = 'Bearer ' + $token.Token
+        }
+
+        #Retrieve notifications for alert and attack paths
+        $restUri = "https://management.azure.com/subscriptions/$($azContext.Subscription.Id)/providers/Microsoft.Security/securityContacts/default?api-version=2023-12-01-preview"
+
+        try{
+            $response = Invoke-RestMethod -Uri $restUri -Method Get -Headers $authHeader
+        }
+        catch{
+            $Comments += $msgTable.errorRetrievingNotifications
+            $ErrorList += "Error invoking $restUri for notifications for the subscription: $_"
+            break
+        }
+        
+        $notificationSources = $response.properties.notificationsSources
+        $notificationEmails = $response.properties.emails
+        $ownerRole = $response.properties.notificationsByRole.roles | Where-Object {$_ -eq "Owner"}
+        $ownerState = $response.properties.notificationsByRole.State
+
+        #Filter so we get required notification types
+        $alertNotification = $notificationSources | Where-Object {$_.sourceType -eq "Alert" -and $_.minimalSeverity -in @("Medium","Low")}
+        $attackPathNotification = $notificationSources | Where-Object {$_.sourceType -eq "AttackPath" -and $_.minimalRiskLevel -in @("Medium","Low")}
+
+        $emailCount = ($notificationEmails -split ";").Count
+
+        #Check theres minimum two emails and owner is also notified
+        if(($emailCount -lt 2) -or ($ownerState -ne "On" -or $ownerRole -ne "Owner")){
+            $Comments += $msgTable.EmailsOrOwnerNotConfigured -f $subscription
+            break
+        }
+
+        if($null -eq $alertNotification){
+            $Comments += $msgTable.AlertNotificationNotConfigured
+            break
+        }
+
+        if($null -eq $attackPathNotification){
+            $Comments += $msgTable.AttackPathNotifictionNotConfigured
+            break
+        }
+
+        #If it reaches here, then subscription is compliant
+        $subCompliance += $true
+    }
+    
+    #Check if all subscriptions are compliant
+    if ($subCompliance -notcontains $false -and $null -ne $subCompliance -and $subCompliance.Count -eq $subs.Count){
+        $isCompliant = $true
+        $Comments += $msgTable.DefenderCompliant
+    }
+
+    $PsObject = [PSCustomObject]@{
+        ComplianceStatus = $IsCompliant
+        ControlName = $ControlName
+        Comments = $Comments
+        ItemName = $ItemName
+        ReportTime = $ReportTime
+        itsgcode = $itsgcode
+    }
+
+    # Conditionally add the Profile field based on the feature flag
+    if ($EnableMultiCloudProfiles) {
+        $evalResult = Get-EvaluationProfile -CloudUsageProfiles $CloudUsageProfiles -ModuleProfiles $ModuleProfiles
+        if (!$evalResult.ShouldEvaluate) {
+            if ($evalResult.Profile -gt 0) {
+                $PsObject.ComplianceStatus = "Not Applicable"
+                $PsObject | Add-Member -MemberType NoteProperty -Name "Profile" -Value $evalResult.Profile
+                $PsObject.Comments = "Not evaluated - Profile $($evalResult.Profile) not present in CloudUsageProfiles"
+            } else {
+                $ErrorList.Add("Error occurred while evaluating profile configuration")
+            }
+        } else {
+            
+            $PsObject | Add-Member -MemberType NoteProperty -Name "Profile" -Value $evalResult.Profile
+        }
+    }
+    
+    $moduleOutput = [PSCustomObject]@{
+        ComplianceResults = $PsObject
+        Errors = $ErrorList
+    }
+
+    return $moduleOutput
+}
diff --git a/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1
index 28131c9d..e7ac017f 100644
--- a/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1
+++ b/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1
@@ -287,6 +287,14 @@ noServiceHealthAlerts = Could not retrieve any configured alerts for the subscri
 nonCompliantActionGroups = All subscriptions have Service Health Alerts, but not all action groups are correctly configured. A minimum of two email addresses or subscription owners are required for the action group.
 compliantServiceHealthAlerts = All subscriptions have Service Health Alerts, and the action group has at least two different contacts.
 
+msDefenderChecks = Microsoft Defender for Cloud Alerts and Events Check
+NotAllSubsHaveDefenderPlans = The following subscription(s) lack a defender plan: {0}. Enable Defender monitoring for all subscriptions.
+errorRetrievingNotifications = Defender alert notifications for the subscription(s) are not configured. Ensure they match the Remediation Guidance requirements.
+EmailsOrOwnerNotConfigured = Defender alert notifications for the subscription do not include at least two email addresses or subscription owners. Configure this to ensure alerts are sent correctly.
+AlertNotificationNotConfigured = Defender alert notifications are incorrect. Set the severity to Medium or Low and review the Remediation Guidance.
+AttackPathNotifictionNotConfigured = Defender alerts must include attack path notifications. Ensure this is configured for each subscription's alerts per the Remediation Guidance.
+DefenderCompliant = MS Defender for Cloud is enabled for all subscriptions, and email notifications are properly configured.
+
 monitoringChecklist = Monitoring Checklist: Use Cases
 
 timezoneConsistency = Time Zone Configuration Consistency Check
diff --git a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
index 165ee5fe..0726105e 100644
--- a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
+++ b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
@@ -290,6 +290,14 @@ compliantServiceHealthAlerts = Les alertes de santé du service « Service Healt
 
 monitoringChecklist = Liste de vérification de surveillance : Cas d'utilisation
 
+msDefenderChecks = Alertes infonuagiques et vérification des événements de Microsoft Defender
+NotAllSubsHaveDefenderPlans =
+errorRetrievingNotifications =
+EmailsOrOwnerNotConfigured =
+AlertNotificationNotConfigured = 
+AttackPathNotifictionNotConfigured = 
+DefenderCompliant = 
+
 timezoneConsistency = Vérification de la cohérence de la configuration du fuseau horaire
 noResourcesFound = Aucune ressource avec des informations de fuseau horaire trouvée.
 resourcesWithoutTimezone = Il y a {0} ressources sans informations de fuseau horaire.

From fc412219c5cc60f8a4f3da2bf33d6b7ceef7908d Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Thu, 5 Dec 2024 11:21:01 -0500
Subject: [PATCH 07/14] Added zip modules and IAC module

---
 psmodules/Check-DefenderForCloudAlerts.zip | Bin 0 -> 3564 bytes
 psmodules/GR-ComplianceChecks.zip          | Bin 20117 -> 20444 bytes
 setup/IaC/modules/automationaccount.bicep  |  10 ++++++++++
 3 files changed, 10 insertions(+)
 create mode 100644 psmodules/Check-DefenderForCloudAlerts.zip

diff --git a/psmodules/Check-DefenderForCloudAlerts.zip b/psmodules/Check-DefenderForCloudAlerts.zip
new file mode 100644
index 0000000000000000000000000000000000000000..5189bd5d4e3a1df534e367dfdfffbe8205e9afc0
GIT binary patch
literal 3564
zcmbuCWmFXGw#SDqkr;%LmWEeAWazFT25{&ur8^{~85opqkd#zfQa~C6BwrYsp*uvR
zVI1J-Ip?1Hp7Z70weH?)KhNG@_J4o-tv?KkgG&V<{FRo*2qVBhgOCCMcm!YuDA?P)
zaN<?8v9)ovw(*3xc`7)&d0Wdl+jze8;&b=17SPir1rT^6wd@LhmDaEF_9Fpc;r?Fp
z_h;0=#EDLfDp=%7hOjQtHtK`sexx?nlxPM%a_Wo2{Oh13AzBl<IB*(RQ++RF<r(d$
zU!aptIzl}0i=gt#_1MjBK1z(4$=g^>)3aQ$zlt?enC)X8L;QA*)Y;gpe!Zd55@FV|
z;g`jF9Ja4Tzx`?9(MRen$v(MdLW%n|q8>@u#KxLSqYdj5ZP@`QC<9ixyf%&Hj5Kq{
z%d0MUtr+_t<TI9MZ|`$PY+&D&CXaoYO*Vk1cQ&P;J9j5Pgo2g|KTMl=F32#PX=(=C
z$oVZDw%u)qFeMTR7P<@JxMvb8jn)Mx5@8Bw967LOirl@{w|j(xp`UXls?5%|B|P6^
z+ED=tgK_n$R;MYwYL_&wmA+v-r`#fnb`)Z=SWP{ZC4ivh)g3)aDef3~x@V4(Eh-4#
z_f<JLH13DGC(~Z^!FTJW;=VzeYB4&RDcY|@hS({%4K%HXg~MET_64mAE`&7Zoun<>
zMQ(x@=!z%nm$SJKFY!Otch6UxRfY^Xr9_rwA86=&&b<N|2Ar~C<6b!KvDSwE^s!Wm
zGRY$FeYQR2o?uT6_kcolCsKv&`;c$u7by<NJL&Z!BT#@!1b~Jt&x?+-S3;UxmM1m(
z`bgJ*9Wg=TH_CY@zJQ*8u&!L7Xue%jPHd;haG>nU;l;<k=Ey<C85zQhn2&0sbY)li
zLUuccpX-!*QO_(RTj#T1FLp<Z5k6p`l_s`rn9gJ!JnWNd0k58wj`m6m5w%=e5ch_M
zDy1-Ab;#x*LEnUi2>%S9#9PyI$(Q<SL%IHbiPtx-!!GH3ZdXUFL$%!2UY*b~${5aM
z5$pOr{?>Pf)!|cSd>n+=unX3^-DO)1wtQLfK!zivT}*<bS5k_O{^p5~(AS!{2~Xw3
z22sd_ER?N>N_exDn+Sow5%*SAszkb#rpNw)TFsLllhUFFSiQ!QZ<2mh(R63z%t;_m
z-+SA#vX28hFPcJ)e|Ruo^}7v{G#sQ9sgW(jlJVZFDAZ)9MHk%Q^(H^)XrG;EcUig|
zhBpbxY@K{9s;Ugg@oHRo8WJpWV)M4?4zE>yE^gUc-bEC`p#_SU9o=X(eC$!Z02fS(
zO60T_lCjVap=B?q#mixca(_tYIX?UjzC5zqHi{9QLQWlt;E7lrbXAIRlyRs@$Pfx3
zZH7u!c?)=|EQ(D%b&Ks{o3pk&$V;Msw8>t6=!dC~T2dl=K13o%BkU>UztUx0q6=A~
zDADzduvf%NopE^1Dfh3Gqg&@f3LxVSu^7hNB~8{wlIL&s+^*d=0H0L}?!Te(t(AEf
zJ1$qnNBT1g$m}$4#=Fqth`fe$$?FoK)pWpkHe?`frvN(~!!$+FPXzCIE}7t_(JpUl
zDM*~5Y$fsjMZ}N0*nCbcDpo|dJpHoNVlXE(fSmj}qd%q4ISVbPgIY;N4noWJhuFzp
z$~Xx%_0LtRY+2-infP2Favy*AGetL<6Q-9c;tI)Bb7B>welJ)y)Z_qWy3Q;JUBmYR
zry0xoBW9h&qw<#nyDIv-SagFP=MIYI=WFdH>;~*eB<#`Qnt0Nq>p))}3BBiDda(A|
zERI7Qk+cyz)+~xP0^Uo;;LXVz9dM$d;axYOMK8U<pTY2`WC}uhN(NN)ISrz!_LI0b
z>EM!|Z>jRsM3v7u*q(izvDPKE*5WN3SKogl^V@63L023zHE|LgXbJq<dEn}_DnED2
zL#(c&l7f}uGpP?xzu#KV)=aAbmnmOypb@o-?ky787b%Cu*6-FV{xcqvRKRm3{xODg
zAdWvYmFD)gbP-Ls<lqog%F}u3mt0jPY<|+3p%jCQw8ipIx;W6csT!nDB;z6v30Dp_
zb@MQ8zi>m*l*gtc-Bcuj&$``$-5{NxY8?uhMNqc#(gok|eK&f<vnLL52)g>%+cOb!
zd9*Cr1~ukUPRrU?>fH@!nmojiz@P+#9hh0;UOWKcHy2?4A_j9&#J`Av0{)+f;qnh+
zd;@6N2~KF)X(M3&NsM*_7dMpXy<7AAyRaR675KE~Y!IrT*~ZBCkD8ABz3<ZW(Q=KM
ziWM$4$%~b!^G+u2PDP)|s#%6=3tA}Kd19c7Ry|8Xm97{jUN|sZa0EEzmX=psuF}u#
z=(LKupdMe*womHL$E<dCj``v7?swOI1zM$bNbMS#t^Po!Jk=i#44%&}U35&#OC0*1
z5=U<|5<CWPuw|^+B%-G7d0g47c3hW{d5w4HFCOb<%HzUsjY@N*nSn}WM3F&8j@2tN
z)hD{JaQWe8p$wwHeoO40&`@pP@Y>~Cwde+|kcf4)1-}V-kGJ)$14@o1I8&DMVL;RF
zdk9`|&*KNDW-9I+DwLJ*Ocl~}pGcI+Rze;an8vHa?FsETlYGdcnr`JfKVT4U)#z8+
zh&(E(t<uvmowj{m={wZU@LVu<lIk0_m9c52;V}E;Vx{*rA;-;C1wWub!r7F%FV%F!
z#eaAz?NwMv?>mwyP@Z{E&s<N_@_@Y~LW%HL5Z5L)d9^xHK!;YT4b;4m1++HLlfi8F
zWl+ac-jC#`WngzoD(f9m`4NK{C(y_$2}4`jJuNH0e*B<i=W#zG{o+D>xH;_{(%~82
z-Js$8qodCAkyb0{jGO*TQ1020rJXvj0!Iy-%@Y#6Vxm==F&4ZqphBWtkrpC;LYdDl
z{E5K@Ba4isOPwTZrMD`Cb4Yt%O#0{xX@^4#`Pc%5D_vXROS6v|-;LL(G`=0c^jGp?
z^=99S{M-<Qyx?0j_6rl6$Q7IhMPuk8aa{{}A^ui0N3cZJkuyzZ^q8e<Zw!k4B8(0F
zTopk<@<|eHt-E|=A3K<bJgG?8t?zfD%Bs9vGul$#Oq3yy&-E&<4ih0v<rb@mf2#h9
zJkSMj42WoC>ENK9LmcN66r;$DJ()}lTfzLwMe3VVYoggnS8BOz(R#usf;N!$ZiNB~
zwaB6peUapz7m$IcGee~hiS$gFGWQ9bV&<~6rVE0B(1**3ltyB6E2t0(=@qieyw}h;
z5lVxwquS{vv)d#lsC@tE4p(P^Jz{5bUO?L(NI2iyKV4(I)lZck1rF9Xv8oQyhHdn1
zs3a^lmgm6a@~%|(K!(0Lb>z+b`>MF_&SpZzk}h>j(p-S(jPai!OzE5bcZ@iJ!#cBo
zW(6UvIIe6cOOhh6QC7E(%uswJLY)a5;X13MS3!T?qIRsM+}U9>@rDDmI7K}C$7-qu
zzVDL45Om!lXPwIU{6had*f><HM*b}@1{};+{9gL-AiU)M>d#%r2|JvkIjS4d(e`g6
zi#lpMi=rUeuW1^n%n=(7B)1S&H80`b^8g{jc!4A(>Tmc*(>x$_0at7HL!t0HV%Uox
zjOAVq)hocdGdV-XCj+rjJd2`F=M>AvVG@nx7}|TRoO45?)?rgyk9&ny0aOp?(%{LS
z)epoOLyHqqJq;PdR1c7JSF-Y1?=D`GYfq2{QX<4CM^CyA{iyh68EzsI+PI)AnvIi%
zsW9K1!B^cm{%9%H;Ik7rgnw*22rWgq&|EPKzqAI^5nUOom~FiaZS(@;46>_FKGKSe
zsvpJ-7D#c^zB!O<k@~|woIiZi0KyHMHW9+l_>wBfVz%&916=IT{vu}+pJ7Atbzh)^
znl?AVc{y^ZlydJgt!q;wwO;Ht)sr_TtwOgx=D1EF9Vv<ab=eK=_Sj1jf_g`y`2+JW
zwLukio?FOw`7^RDJ;c5t^qGS<T>)f<>BrJ0{ri_toPc(dPV*&->7(=SXw|Pj5BL+t
zrcr5^2P+I8eL=P?VuPt?CgiH?u7~^G_*35Y_d6*u=!$LkyW?$vwF1r+a?HpYsgMa6
zv-ro(vVt*}snxV{Bwb!jc3z{^&)kKeCbS-DxJ6q^QCWbQF6Rpp%Z+%>Wk9ycTr20&
zx@JQd1D2jt>@Zd~3ss<Uu4}DF^7xMovtyDn%n{#{y6(JVa#@29tV*!8!sT0nSMVCF
zQ?mS-MKAK&XoAL5j+=IkFwjX5F8GXAd*^cRX7goE8_uSF4Y%j0-@~MxaK{c^0n*jL
z+Dhu!Liv82ojPo41D7cQPLNOhDSEd*MS=knLU^|n8H^gHw|Yj>`j~OWdkAPcQ0noq
z&-7~195}1l?Nq!zin4QaTXJ!`!TC)w;wi^=1AGABH>+S!ENm*A|8+ipCERc4^FQ$^
u?05J7_CbG@`;E=Np7QT<Pk$ZwU*!HfL}5_8UuysW>|eS3>%Y49d-@x*^MXtO

literal 0
HcmV?d00001

diff --git a/psmodules/GR-ComplianceChecks.zip b/psmodules/GR-ComplianceChecks.zip
index 5209ef541d36f5f94cc6d2ba544cd162c8bffc56..6242659feec54a16cb134215a3934af178c568d7 100644
GIT binary patch
delta 17036
zcmZsCQ*<T{>}9{&*3`Cb+qP}DQ-8H>+wIi0?M`jm=IrmkyAS)YIVZ_OlGmGalXFvZ
z0bBWi1VJ#ge@YD^brAoPo1P%H0f;f$q1qt-*P!f@ccG}D&gYdaSr?R(5uq`Gn+~L1
ziMNnnNW(CgFGQxfrgI%UOvu_v{33MP2}i%ocF!>Bf0r$*WzqY%2Z0@7z4*PJK9K8T
zCCPiVnfWAbhx=vyV%Ju$p;?I)S5Q1vtfH!e?cvEx70+V)Y)m<bmkfsrhw4KM_RTCk
zQO5o-yBjmmjyaaeje>LbTg`m|mT&LJa`9s&pI`gVXGeFf8_{(3>|Aeq3ZQK}8^V7E
z-}`bAB3k&rXtRA@>BV#&-aLbxB3LZfBQ4Y;otki*ZOcQMFx@CRgoEtHe+l5ce{;iU
zB9$edJ8>WvZ{9ok^Ww+V@$38VAT4wg&WiW(-bQ6_8vGXM#{V=Hlo;{{K2?V@AG}0S
z<hq?wE)Ce-oPMFtyjQx<I{C8XdyF+1vtOTDZOpZwT%y#3X>sGqbuQib?n(Ybjr}>+
zi-CHaYg-azE)RPY95O7+59<kdE#Dm}`n=J5`tgMkxkRdkG~Ls5m5^T}y3XFbv^AkZ
zR=;n{LV<fjC)?`6H$<od-j?Z)1?<dR<ICMB{A0^dbm&AG)VeDt^1^1u)NE4?VI_>a
zHL|WLTFvZDU*8wD@%C<+Rmn_eTL0G*Y&hBpFBs?Up9BsDJuQJ5EmD^Gwtc=oV8t;$
zW&DpqUd;hr?pLXFVXQxuv202xcrND6p>LN)I8-$h_xQ128K!0@FaXBHZ5d-*{=MRX
zMcyp)LN7zIX9AOCwX|JR<lgBX<d6}Lyid<^5t}$!%<<tt@9Vm27kuEl`~;%ElDL3a
zEW^*UK4qJ1LKaNbJD%n}2rh7)#SkPI1SZxDGU~=8^@Q5aO?xn2zbwe3d%9mFBXM>q
ziRx^zPrPzOog%#-h|>h%Aevtvtyv;l#sveJe4?gTg&>maoDTOYOQ(yVQ<a7>Gl+OE
zMrHl*1S1TkOOfIb2hdKn?nm+LS1gZ;eSz_4q;Zr0=AjG9kt3eTW&#W2Pyzoydk3b=
zo9EwU5}%GO64Q7iE)Uw$t*Rkg64J)qJE&7A<t=_GrwIfA?}R`@^eZR>Y=>QS1X>p}
zY)wAgk_Tv%0wG|;(VvEzK*5oS7%_W5sp@|M%&C+l%_QYm$PrAKq_p0trl4{Dpg*B>
z1gKH+0HxBI*i6_9K(NO-2CZo(G`}nc(bN_$MI2Wk+1?&-(7WBD3mi?P3B7)ugFb%{
zBXEXAct}J8jd+W2g<V`Cq#4zU7AZ%f*%^ZwWm|O8|5R6q_1fa6a)Hj?7A&%K<qo^G
ztcahhLtso*$p+Ww4uku88m$8;iaEuLJagX0cK^ZAjSBw!?BX*y1saIeE3wAVK*Ttf
zV*n^|I3l$#eE}$<2s4S!AHkg%7m=J}EA4kLn~c;z(TfROsz;x{o9+wxb#OflDn<_W
z#PO(Sy_z&g+@k%kT>;>~x$BVAQILzw9@g|m(zeEv<fye(IJ%qU8)i8?xIs1}zW~3W
z`U%j-CGXgXN#U+A*R27(LC)1PlfmMR>tyFM56*q!w|}Jo)W!T%;_o#h-(}!J^?Vuu
zIWXiv-C6^XXn&Hfo1MV(Z|Ey=!QfiZ(SK1FDY8KgzbgavKv@G^m}!WA6$Zvor!`RO
zRX!*)Mp&at15VW<Gpw`DQ&GowC;@viyFHm=N9-4AG(xhV7&!KgEc_jyxdncN${z4*
zySYt<6b8>MJ=#REaiM|f61@w*1Ht%`CwyLkPPW8SDdI^~YshH1r4wld{s=;Nhm@Lw
zxU7QXnKu{<K0CYtpkrAZdriB%mC)Zx>FKUT;ZWHg*4r8`F5n}ycc3uGAgZ~(d{c1h
zBqq7R`Gl2=SsB?kmQl@^I?l)~DtGpQ(h2z>z|TtxdUPJs;DDn8j=5IOhjmb45NImk
zybkn)MkTWuANVZS0u#iQ+5-gLl8JGw(;F|&vb%6AzP41q&?sCgbxF{*-woJ0te-1F
zBRJ{E3U=n=d-OtkIx7T|jtKr6WhBzkklBI@R;qfBW_!Z0{J?c8e1g)Qt?ZW@inO@i
zE4Ux#P1kaRXPP1G7lap_QkB-!zBdwZqTJ)<ml(;?mIMhERYW>GLnECV<PJGHy7p11
zPC->=Xj5JZn}g=l_G(sAaW2w}AQNF@#Fw-Mwf!2c5m~KgkI<@$4usH)OGbK;eUKsH
z(lO~crrtc7uP!J~!Q#a&IO+wNey}g|KJ&qw0}IEkm4KW)oYtgE^2DG*V0<nxZ8=~M
z@?YSYh$8ad;Wu^#IgS#7gux9_Eos>Wwffva#mojFil1b%%`AFlbu4kzfTAd#c#suL
z7mNaSKw93%2tj7^5<CL}=P~Nry>eDO+8|-q=+_Z>*_Ys<R0XZ{fm_J~C`w@WA%|HF
zjal8WYo8l*7<YyBXvUz^_1gpRW80uqQ!MXz!XnoiMlC|YByY`v8)p7A0>VG01(Ei9
z7`HKSSNzq3lE2pLRd3Z#&b5%mLfz^x^B@2kH(Xh%0tEgsh11RU?e9FiwY^Set<gR|
z+wRDuZHTgl&%~v$FUR<zc@(v<kJAYtTs@9joqP5|9kIq#PkF_K_)QUr3ll7SC?hGI
z8h1jsSDek|URzvhgc?N5p&SPu2o()k@U*bJeuV3ZJc*-W$91E%CX8Ku5D#r#E%UQR
zxCMU_+?xSkR(#{hl(+k(&4=#2ED~=RIU<7-^_)s^9LIpCBHv`5$%`sw8##_p7>Ue1
z?#@F6%TOd27W8BA%@YKyaF{S&2$fyTS4$MI^9mowd!V{3iew)vY0&<FP`k#rsn-h@
zY)Qlb7eo(m+Dl;5w-?kmf}k3ir-xFXnZZP+3+O`*QF{rK5u#PZnGNp=gZmk7E^HLw
z>7hfnsJ1aiNDm$^l!ZfajU}G-Z0Zbu?%#N*XR|a8autUo1a-pV8#_A%kU)ILe8vFD
zr{nIeFqMRz?BkQGkhy>*Toy?aUle{y6CA{CnC&=FJveku&0MvkV6xf8J3TQ@K@K%6
zgmojb)|rIXeud!=i0QEV3}Q~(jVTjYG$JBvNK5^<3luKEP>?x)h{qUKa7AW3nLN>w
z4BtShuxOBUmaz&a(6lFQEI4Pd&5_~uQQ@;KUUvw{uB4d2KoTI>jbtvp%{vGU*Kjkz
z&ohPop2yYIfU|}37OTB2XFA`JW+0&i`OWtesiqDysYnxU@!A->&eGZn))Z`?Gq_S^
z!&b{#x{@xZqdqq{NxkB@^YMpwvD~?9FH<{QbmPH?15@@Ys@UD4ZV#Z5Xmxr@$JqVX
zApT_}XBJ8vz7f!wT)u)KY&R%DdU!?CQ8XD(F?>2y7TLnpF^NRKxRjscmM^e5lxA$L
zB%H6XCLFD<-vkfQsjp7x@Og#t;+o3K_-L`;W|f?`z7OsLnbmKsW-=EXM{GT7YHlUe
zUxvAYj32ysjbtINX~BL`LY%Rp2qrA@FAQA=-6Y2883>S2kMbA8aL=f>T-CHs;C-YD
z+(Ur8{UgQmKZV=&nkjZ;FuDP)>+DHf-yuK+YLk!=i7N68Buh1Poh;)Ws?Tv7*r28q
z%W%77#b@}p?2+tZD15UByL%>;1BHnsX$itbLhKc+df4FM<O0dE-qmYrPZ+DfY0Etm
zLro%WDIsvwTWqAT>I{tx9bH7$5+VSNr37Z&Zla{4OaWj}#~Y~EknI?J7_k*zBdyey
zqSxl;3-0<afIu9MH;+t7I2_M`5dW5EfQC8K)rU&_C&*H$0{qXhQ*0(ij?><XGX|4e
zIPTm7iUWm5cSpRID2?h?p2g!`Ky~9-b+g-xatlz~ljulh-4X?lBzQSW1{Zh?T8AaD
zE@g`L@%>QUzd`e7D1vXDJc%AoEKrjJ1->@sUP{+p6gF`5uWv_4h&hT{d8SnfOYM7{
z+5;7_w0@>5bEsDk#Z8Uv5{e7K2r*U;He-iYqa%Jl7}2i>3c^UD8*;kKyaZ70W}cEh
z4MX5{ZVyas_14Cr=$&uMZwHsiF(t(S+H~5gN*3IUV?A8`9z@ccU(jtVRiQei9>i$5
zuId0Y6;Y>3;`eo^wri)D?)0q`@6bxPtQK1RcCs4GW7mQ46O#gG`&5`DtJMKhYu#w1
z&uIPZsq0Ae++AC3x*CnHNE0^Ks==nr$|m3uN{o9eVLg*W%At_(VLcbw46TqDuQg}A
z&iXN!3>jyJ{z8B2cjIG7IM)<JHvw3~?)}qDTFCEyyPOT?rTT{GI0*!TbPKIz9>D5r
z%3zwdSNwy$ww>HB8pceYa&3of75-C`nrhKCnd&p$v0Ez^M=DuF74Ve_mgD_REs6hj
z1LIA1Ba|9F8AYhBfU6r(SLg$}eu42*`=P5b+4tz5;w*sK=Q6YU5f2^Djwx-@>4k77
z3sx)WUBfT(y8U~@>w>BL$^?jKi%<WqTRz6s;%bI}q@!YdJN8{D7^5tnh?s|@SW4=V
zF`j7#96oWF)b35C(*=8|1Z~Z1`Z>Vpr8p+?Fb6CVy!EEuV!?<eL?*Tgj_4|H5Af<>
zM#3t_?F2c&y-!3>5*p&fSLWPL`K;8Tt?%ruBydK$I3We5{qQ&`mZwn=r0CRrXlWwg
z6|(C*#<o#G^xBW-*A3D^dEDMg=}CD$uSxC%YDU-K?t^^VxA4~@jN16O=LfI;m_x;0
z+fqP<Q{vmNk)3iF&3YE~H~L`m(F?JKswD+>=pZ;YB@Ire&0l@DR}w%XzR@;%Wxtw~
z5tU?AOj0=S&VkylKlllJev!#Sm;wNwWFRK_ud;rsh(4u1Yc2t-C2Uj~$y6111fqW~
zu6>ewFd3+zf*?KN1%ABhGoUdI(bIg;#J$^1A^7ZKhq$65>LCq(A8rK0U_D|cqhWFX
zatDimDX6(hfJ9df{B_9>LS(ni{!BCDxSDK^MGWkr-H$i4raWi?*<=Z#+~`G=nx?ED
z+RDRH2y$8K1BI|Q{+n*nLMZPQ<6YGu+#2bI#O6ankdr$yz@pPhookzk%(@X0b^bir
zee4(6U5<(InmI$QU0b193W~9^wOQ!gmF(ySUIfpy`I|@l<RyG4`1#ug!#;fC*vbs7
z%LzzXFIs^Wlo|~P#1Lg#qW*2H%`#{cd>t}CL+GQ~t-&JugyU=yEf=*j&totd=NwiD
zXq8gKNIKW5QJ7b|baDH}Y|L>Ei9|Szfbsx$+KcEcP|^R~<5VHk=nmYw%ijaxcM6In
zsF%jADUMET)oC|^9kTlOnj!<DHS~Pu<p#utR|-Q9sz4oV-9<vGfBd6sViMuqc$y|F
zy5Mgn?rKeD`wLvhfb9p|@F4+FQRx0A_b?j7f#7<Xp1y;l7fo%7reNEqjsBpfzGzr6
zdOVX;IV9Jw)swa%eidebYEuJCJPdaFB@A0$9v>1<xY!Ep$JwWjU9wpXS;19~$rHG-
zKY&_<aV0fYvC*dc7Ke4*3t?Q$&y7UU+G3-XdR7gkL!M>7t0ebGRgmA=AD=zFu48f<
zIfv}qvD6fxrD;D~Or!_tYV1|S75hrzc(Knt(E(h2^vuB6nEXb2+$hbLgb#d}{93T%
zh_|Y`V_TMaaxCv_scQphjFVHOnFG5>+=emCXYrQbUV@b%`okAs#z~;_Y&Wkcnd(yN
zrX4NZW?+9p_&%>*&GPji!vTV1H4sEl>f()o`&;5OGk>(^1Nb&d$T<pX>Vy&JTsBq3
zrT3vcEsjj~(5|5aMb92!&7K{obiUXxRPGik*8}<@$TBposqzjg@Xq)^%YcN$>h@gm
zLg12GN3SD)4OR#Gs$px0t+iZNAQ%qYSN&d7u}9`JVrlvt^1esU5^ueO%7sUXcsl8&
z#k2_O-gTSxOy07cRYg=K`PI!6gN$^Yv0e@Z<MBAZ#v1jqWix#N?m3mHQ-Y(+_;mea
z@4hT(uV46eq4OXXPi-x5ltB6jDy{Pb%B^v`S!+@r1HH^K)}p#W^VG9HLnEQoE}tew
zrMH)2AM8Qj6@QRa2Ipv|eo`(^yH6RInrobqc&2eiSV7+ZBX*B)gX`sK`#Ntt@w-ug
zYF(#})I<JKUtDpll^n<f>+FpYu`N-s(Rc9CcJ!sIZ8@v<KnI>aB%p^$*8BF3--tm;
zvhGE?S=hbInO-Vqyw2YND2GdSY|y>lIb>~fT3|Dj5X5}HsVg_Q!H?Vv^b4+CuZ`+D
zVz-m*L=?VQ#SDkl(A_)2qO>29&>vZe+3Pfz(sKnLy9Th=3#R-geTVqILEIr^GnVIV
zGUpv5i`7HL);~VbW56VVz1td8cFd6Ne&`lg3OlfR8m6p@y#O`5iuTAC@`!RSmLb>Z
z`p8~pxb|Hl5Y2B8f1F>CId+Hdso!=61NT|3-@jh>JUwE|0e4WHf7#!BZZLx6)2h!%
z?qmETA9%M$EGD!*Xm&}08ExvX*sEW7#l~udqME3cr|XTvHGzV=+IvRu&#=HZnQ{04
zp+$`_cD~DlDLMMe?Ewp%eZgR6TWvMcEkUNljTD=&O4-xEyH!Z>=;l4Ah`3V0Qt`;N
zTrpEc8vKX~B#wEc4+Q~@a*&KYK5Z_S>!vlm-RE*Uu5&A3pff%D$>GzPTyj`z%eIUR
zQ;AfDDgkSY1+a;r+mgj@N(zqLz*Nt}t0Q;Hyp(+fVKsTOMCR|UI>|z|FAmbliixp+
z+9Y{4wPw}`S5{I#sZ+{DMI@GqZoRNg;Bk8$F;VDD#IwGGlhdmtOvy1Mu6t2KWZs!$
z(Q$Vi1E%rv@+d6*8Om<9mk~y5{-inaebrG05JWeH4_HQiMlv$^^=lEp#OOA>q?s`^
z^cH^y_gf$kcEJ%Y*KUx$&`bP9Xm$<g=_txU?=cONmKF9c3efFbLx%BdnSH{{CQ@e8
zi;j|nCKzl1;AoBzo|QO|?Y4aXmXrMS6s2KBn0kTpOb_LFi4BVOH^c=v(>(y#fqM*1
zk4$tZz#Hse27cu`au%1CS2QZ2*~c07z*coPRHwo;=<vS<0{s2D;Yz^00!RrUj*s-7
z;cL`BwaOd}c0(#n<!63buem9>?qECx(SDexO#`UonA-XGIYE!49u?~?It+?5bEKc)
z^oOT!?q^*_6cn+n?i0RK^qq;Q2J33GUnMs-3qH=j;I>}fx6i#n)!IL9w&lKzD5Z7%
zV|-v?n}eZ8t?vvpqs!h}#5zaXVg>~IMOr$^v;@=wj+&!(0}x^z5ben8oPE+X<{->G
z(%WcY=DCC*dmXJ5yu7<Dt$uq~=gerAx4V)>EXLD`c1#Xqot)3^OZmx31X6&N<V^x9
zz)&(cAs4_pnV%2~7*;$ywxQ@*d=FT3QV$vWh}}h|E;j}5@1xw03wg7AjX<!-1@reE
zF;Mm(+jSF!(x#l;4p@6X*o}qsn>KHyUmA{>D;Tqg4Ntc!*?QQ*MUk>l8#!^v9txHd
zP~1jv&G<W3LQvg!v&gNltAc*Ic<k^t+cdf%P}|hPm_P*3V<jo@Kq4qBTf5Twu%tN)
zVh_&L&b6V1;q_zX$lO!fq1laF_Br4nN6xqtmED7Mjk&U$B53hgW_*Hx|7Gh?KU5+A
z=D_=<S&LBkD2}aJgjjsnE{tcmd2c2#mdr@RMov#NqWWT;>IfOR98DS5vJ~G&9bW3z
z7I$aM`DPY4*ZM|zr@@;XL8ObyYGVj?*3;_07DpL6{EO0I(jfVnNP*EX=u*F5SEx&x
z5%8PfR=$6mtnZ%ykL%w?xcp5yMQDMoShwuCo?Od=nF-V@2IFKGVqGBcY(@r|ok>@1
z^*2$!LP96|PXF@d#n+0CmtbhVb#%Jq5!hA-A`#SZn^L5w9CSNr8~}BPx>b`dfTcF2
z{IAh<F-lR#$AJx^6d30El>M7mEfnp1h1JJ&T=hWV!)A$;X5$)c*2n`wasOK?+iq}{
zBvSCY-x?03hIIU#qX^JqV<(##1~wHsU-_Y-JXsyx-Bo5Su9l`=$tj9Csx<SX|GuGj
zMM0-GNCb%vk9XWH?0tt+i?1}H-flOVNyELbw|e$2JG%Pu@1NRJ!<Hwg1WyVKfj^jn
zC|E;3kO9EM{9GTjY@52a``9C)yl1uLUMk9iPu#bdH4?u9I7MLTX36s<H#@>bZ{YN+
z^4*%RN}ab81C>H_t=78c4$~S4DuxY*_wQL(aX;S6(=C1=vOY(JD|t8CUxxWM`r6dT
zI@7!Tfk`ej(R0nOIEm=z^~}~0-np5agodg<H07=sIu<E2W2}y^Bssi%#V(SVa<Yj2
z?UAStdz;YHmlt3T!RScqMG@#oRfc5#rU$gjSyHZ&@E32a4KCjsJ3^=Q*35@@HSxNX
ztL|3O=)9^?V4@$ZU+t5z?uBVXpMo{-LQ7jpS8xu$QDCwt>2*Uk#ES4F^24jVZQ@@e
z^L=-!{?k_cOS6D5lzLQ7BY<(5PkMi!*xylWvZx*T3@M;oA@ufC$a)tm1{g|^7Fa~a
zk<dxyeguV0Q$abk=nKKGa3gy{yEWnF-4J1L_N*32YKp2sP7aVwFifB1UHY*kJIE>}
zthOdUF`5YO?>V;)?WdAIPy4LWeHVJhiukKDR2N}}?_6X&HyHa=ww%89SFC+89Bm-t
zo=AjX169C?lN}||t)S6SKX3Iqy){O(Imi4fG%us-aOPxM45j5OJ6C5?f_bm{+CE5*
z!tATc%%RaIu<z%(#4orurGP$bA|XV)f7efKKvKt$_!lGPq30$}rgnojNE`+ajoE^a
z8#>Af2(cUEgDh9!-4KN{8g`C$<7i2fF~}`D^eo_|`UES{C)}>MQ=44H!uYOI#Z8{r
z;a?Jl&qI3Pbo$^FTyF_RZ@%7$3%lpC@v5#+r&bXRW^4?8GhtpGu6BliI<B^qXOL-=
z<3&XT;2v38;#iN*1ZwoXZI{8#gopODix=6%xB4MD_T59>_+J`Ip3^7m_TCs!M$82@
zh8H-o?E0wvg7mhQ<L4_otT^4$-NVj3w2$`cBx)bjWp&hdxF<xoK@e7pKGf?iIfqaH
zR*l-nf!BtY(IGtGkF+=Zs$RPYN@s*yZ<OKu%4a0oGp1#5C@WQ$>-wR~>j9MHv)S3#
zyhY9I2|tUNf^gF@W~`KSj6vNxd%2WKeFGkdJraZXW2Pz8%XxLwFoay2fnb~&7w+$E
z%Sx(Th2ne~=sUFlVqB_s-oh_}x)7kPps;-eBR<bI06ao~v2zXd8&J9<Jp&)@LNBv`
z7gr{zI=kx(5lc<UAE~9-p$RHE@4szX(FgWF>0lhwhTPr$Gg_|6<c=ga<WGHTRX~#G
zqkZ+#57q5IpVL2FnqTvZpS8}0J}!k7b(BWIf^kjqmTDKx?CTs_p9J|&BNKPvb<c$f
zdl)i;l^D4F?nveVq%uru&%?WC=2=~%+*$(&5|h7v&Vn!f`l+vUlQ2dGwEB^C$>9ib
zIxS6Qr+WGI?&CMw|K$+P=tGq~W&@Ydd=sG%QVH=qd|n25r5KLI#;$tOfHTRu91($@
zr@1E5hW^m-DJ6sXqd7!ph}VCip%Il2{!NooNz6}$ffo;zWv@=4vm;hSUa?uy;x|VO
zDz>D_Z2ks6AK>@69MeR#aeJvOe4LoX@pHMnJcz(s;@ixR0=CQ{+^TNBRRaANd6;g+
z&v%=)YX>$q!0}~8QV8osYU+!HVDFkdMZ&3t?#6woOuR2M@;E)d+44kZqyx2VT%7)>
z-ss32OW-6W(!m*86pykp#wZC;L2gszBhlp#_vUpj<E{b$Nkx>nD0lVX9BZ*R1Wnd-
z*7Z87#QFbxJ?S|?ahE?>s)3vx>Ohw5ZUv)T8qh1H5vO~8=rs~go`e(2uRg$9#18vz
z?{}o11`6znB7u%!UBTGpri);;JUhwuKUE@zmv2ij#_u*L`+xTX>Z?7K-WybxV*gwf
zwmcsnHd1IMZil>D;mVz*`anz9;va(}@)x{AJ$HjX?)J{&!=e6xDdEaOLBm5MkrEJr
zfI!)SfGEj=fusNLSF5jHvJoXd>s5%7<@%zsWwe8zg}Wyl2mt(ls{cFupI&GXXppM^
z=Rv#TpIlGL03=#awv_+R|37or{8KKtl1abC&j@)eOu$rPptGN{(c-Y7!Ktr;h%kwc
z*VooWo4P<+x6i`5I*FALcQt{`Z7mjcuA7^8V;qFfS5P1}d`;>6Ya{`+(=|0UzM9WW
zbFD>GbJ4zj%~a83y1Ai1bL_9e*Qbdk%07fyxJ2>afhC4y{+x8t*6o;M18oB%Ge-U#
zgfWx@_ts3=hWditeb_U>6ILkjbqtoPceiI*0&#N^OP9=Fz0k9JhcnNfEC%qklAMpB
zfu0A#eB1~O1UqvmdX7wZ0$=5RcdWMqa|*#DL!bLIzTHagmYRpab9SPO*dI@RpeHcW
zb7pU@XCOZxM`li9;K1U?n=MZca%mr0P|;iSF?s-<8sAVJA%c+)*)RvPcxv5@2~U3z
z&)VBkbLo8OGqLnd)^Rv}x@G~n&>Jl1-VJ28*CWjT7~#9h=gbO6Zw_i{<ZUD7djt2A
zoyo>6Pz*HRNIw8*+XP@*<NJwyedBz4`+D}Q@EqcU)IinQyEI{Ie=klASM&>f`%5VB
z)s`Oce6|1mZq<psuFTF1%KdR#o&D~{q%21%l55^T>gUWYFp!#)7tiQ$0ydO0HQ@Ue
z6^e-I%E#ZAWjI*(&zn`mL*5Y*3sK0hCQi84NWJ{<kvR&u3{q$qU(QJ<*Urwc_{AZY
zFCcxyWazj^HZ2nX@@bukWxFs&Smt&9!!grD)YylXKtp#xBDc8LHl~=b#~`82Es#x?
zI9?KfvigdPGE5?MpDhKRF0FRNVweWt(+a7t%M;LM98$*IDI*b>gTn@6MW}vIFf&ID
zH3#KloPz=ihdH$dRKjx<!V~=HVUj=>v#bmFA`ej1MG;{LZF{Rm?X^mkaOsp9lPLt}
z3w(1E(OE`r#g|c%ncf+*Ca7~o6xF2M9o;F234&w{9D5PT#Af8hhN|V8Bfk!M=9<A!
z71X2O9bW8<zT6cGje_y%1OWsF0<hE@q-kNC#;k$Jr%dagL|Z4)C}PqthXAGEZrByC
zqzQkxCt2*q+7)>IOMq2gWy%45?V|tPH>7^yAk<-X8)J}rh7_pGl28WJV(gUx$+B^l
z0lY&Al|iU(pe(3L3RunGeH+Y!p{{;}9d#l??uhH5@P~cTgyHu2siXbi;o~GE!XnrZ
za6zEJ7qyfRF<-#l);hQ?wom$)TzgV#X%gm<V}zLj1?sC<BWMWo5-)f#I!Vgd;%CjI
z6Cm+7%ojuc5Y0YbLZPw&Itk4PP6afZM2VpNJZ4Qbx&S~H1?CzgrIiVy^T<4pocuZf
z;178rWo6ztc?ST|OqGV!4J8U~6PnZ@ngcoktW?R!i&9g!i1>}voUgcKA2DcS*hX$m
z`<ViXcfp?Mz#WnT%riZso&J674g^Wa8>!u`{u}tFcdiO3L<I>fJHHZLr?iT7CW_JZ
z{i_P?t)Sk3Asy8O`XR0nf$=~<c|JEnim<BN1cF5zF$CX1*J!V@rz(X5YlA^~yaSYe
zJ!3BM2>|l>cka~dH^mOhYh%oGq<O#c`38h%`dUK|wWtO)UFF!MCD%;Tf`bLAietzX
zc)ppZF4htYgK8rzJJ3dVyF5P(sDKRS6ZH4`GbPlwA8apRQofp!TP<f0SyPi>O4iE;
zU{2WR+~O{zB#w{7=n%sjjcrGQ{s2WY=o{y{Bb}=C`g1r@?WU%pnWAKd%8fz=tw5Np
zrzomZ=!!c_P}!0jnVB~^zp(grMe0kKFs&EfiVkSt2O(I|O8OI>3m3sbuY9BuWU*mM
z8Zg3>7Y1RwEIu;}&C2A>Iz#rZ0=$+EZnK&OPVJEfBX)w|lb$J{{1A6J%7C8z&2)#c
z$wh==_+%v^jHEl~XQs`Q9vd8rY1hGNE%NQnTT2QN)gDFTC*$&Yfd)eS$kvt#e*@Jf
zYXe6!KC>dMXd5+ovpNdPsd>Tqw(O#ORTHG!!gh|K3uuRjfYgC^@K(Y63;Gc?9C$9j
z{#ssUA})1DEt~}NrfT*Qt^x0q5ArO<P&4E-LaV{+#{>8R!jY;&%qhIzAfPPzgTUK#
zq8!Kzuliqbx*=_E76xt#NuzLIncc9_d42zEcpgs@4JrD!&52fRd>7;HPOS$|b_zXX
z_(LKlwN=ptj>8^4p@XXbN&wUNP)Q+cY+k}UmTkQPi{j2UN|2lPpasTgHGc$0+Oaq7
z^J<Z8aruQ1j%sRq3&QNy8}=ZwqLV4XQav&$Dpj4~762(Bw3Ot@?dT#Dt!AQ}qKVOy
zo^R`+f&lF%ugK}+dtKdcf%!fhzkFZ61o0Y$mHQ=V2HX`#9P|p-lT_*z5-{v=*Y=q(
z{z9P)h$4lw=vo}`=K+zK;O<(PrmG-Fnm|^*8H8D7E|>lpBtbWGNl6UH5Ks-rW1PWU
zqc?QPg3Y6WD)Qp&V?wUfB-t&~{3{Hy;9G6qzgHU=LH<_<pFwKt4j%?{2L+=sQ%y=E
zd_|*%9O(=A<c{}OqLGx2R-d5LIjds_k2b5OBlt;bOo|kbNd}@e#BEp|Ug`_l?NZ(k
zg>x~Vsc?>iNC@HO+XvE@w9h7^54o&CQ*rJc`qtSc8Sv>@sbveXQjK*>Np%}pKd|>R
zCeg`o)O7Hp=50@x%}sdjsZo^$g||t=68!ojO4Ay}PmK_8I&&CduU;C^yE_O#&RfvU
zK)7Xy(Z)sW6fuUlKzD90%o78qC2j@!tLO}RbrZ(ygat^+v(inGbo`Oo!1v&>%I_rM
zWYR3M^BSC<6_*t7jgF5c64||a6(WYtX|Eth_xRJ3kahHO-Z-iQ&@~KwSgskD#_N28
zy)c4GW@I7;idwbnTOS?5d+1E6<?x#ju6}Wtpf8F~w_Jecok_aj2IN6L?TKPkj~4x|
zPaC!7%19C(N~u{UT0~0Co^u6@?Lwdpi{@}Fnmt71@M_e{$3jVez6#2i&mnF=wZ%Bq
z*CxOR)VRXdP_Jj9b6L9mDv~%L27paH%nt=@4z$6sz}1L1$~dSpO7fQDT}$&zM#F5l
zGO^qXPw1ePv;+n|p9Pg%`M?ROF~d@E72Dl{%x5M8nDK$yThkVg_vB?iggg21<)(DX
zN-d-}&If<!8UI*RNC{s?4xS{;v*d=BjUsAFTjDXkf(6VlsOvzzHAqYBtq>c$VM)SU
zn0`K!i^0))c*IDCY?ha|+LC3_=#y*px7VQ^gR4A&45-<Bzf_$6bIQ4_1!2hTo-5*2
zYRZrnUqb}GduZniXyeMD7-fts7Hd(6rASub(66sfI+`Q)f?Mc;x~S?><(yn@im(Mm
z@bR)Fl67*rgLoTLxWk&I+A&{P!scWq;vRlfF<_<W+c8{QJE1!XHO{t)NT)vBfqV~E
z2=+IJ#9p7_REx$o%fdl#dD%PS)NeJUg-bzRiZlRO4jG2%^iW2%aV(O}sEa-$w!pq(
zR6z4`?rYeU3`+%Y7m@$|jZ|{*nyNVcT$nrA%YrAfpj>_s2#N}<rfkuXus!`Kv1JJ3
zle9R}hCP7|3td1GErA@=Kq=}Y+6+QSAp3|!gF5TKOkoisl8tl5PGC?7UPaFk&H!m5
zeZ>N{QP_978!YzW*7OBXf=ChnqzkaCQj*{jxC%ig;-5WeLHWV9R_-cs(Q*k(A7sAN
z_Q#j|5;$ldkH4K!b6wo_#~x2gj~}7k@{V)jv=h|8aWtZsmv28c9@6`g6`Ixsd4YsG
z;Ui{7!){aMzLgt>$Bzw9SepdDoP3anD_a7WFykraAM~6|;DZ)_A2FD{LqI!KiYnG=
zL`btwW6sCHPY^Y4SU_`8hf2Wp&M+fgb{$$HW>d?Jr|Wi{mAy}EQ3x`f%UPbAd1Y@p
z-tDm^tDPo^)Ea7$R(uP}QH8d7bNQRRf@G|aWu`1C5Q;w%!{h8^J7W^YV{a8p?yUef
zQNBj--;RmbCjLk@s_P4d`J{!77Ls3s7|XZQrlvFrl@_!OqBb!`a*5%5;8WB`i%>7}
znT}PAlSZ^j^;FwEQz#B#C+k>-<IVugrwxoYE;YvaCaiA%im$J6DOM;~y-McAW7zGB
z!^sR1KTN>oA`f+|fzCplA3%G>8Mgp!c_2pTm`dUGklw=ahjhykE7Ip?uNoTnv@d!<
zfPNDdp_B0`XuES<YBuwTiKuD^kFvzR6T}@}7&23#+>{oG%5?sB)hb}mAs{0fD<dNL
z>9krrEuISp>ba0uWhVy@!H*wDlnY=>Uo3RRyqt6UU3)Fy{!$yVEe7o)P53}*{tPox
zTydDoeIv-;Z=$YOS{FL_8<OTU?Y$22R`h{9t-;xXj7WIv)ceK`cS=Fk#{Aw>zi?H}
zOecG4^Hb?oTV-`yh+d8Jr;bZ-lK#I^Qjt-@G)L2zS|2_aUZ@#>A|`1!z%XP5S@N<A
zj3LS%2^EpRbaYY*Sp4Z|=mv02fXR@3KF2MP(!@3d^I+^3ow}PNcyf|vqiTs=&n=TN
zYN@>%$x<Ceu_(hvNRh6J{9~rfF>XQgqY&WV9ZL!cfepOzWYdTo9}@}qpL$Gta<;V~
zAMrPi6t$t{8-jwvMT3)$+^uy<b*{ynPcEV4pj?c~d5TWBrqtRJr8}UBpG<^D8nSW|
zXeBztP0+H8>`-!ikwgtA5^&TXzO-6h5mXa*ut-ha(Gwo`Uxr$OMogNutI9w|60E!T
z8uf2!9x<-~`q-$DtI(ICikIM*jEghd=`9XdnizW$we)oZKKl{-!e$=qH+IN>R!p;x
zB9yF<*O4B{Bejlkty{om1u6~4%4=a$&`o&W-wZ^9nh+wFF>eioVl)LX4Ud5~zFMJb
z=8|C}=Sdk`2~*<z0bpTr2m}$o0dNGtwS3TwGirqm)8NkIRCBVGhe`zCEKeAt0`)C?
zmzHK(Pf<$_iXnO?-cP#b`8k*%x%oEd1qVA&nqq34V80E66kLGA_yUUrgBgfJcBfbu
z>qlwWQ3v$`k*s(@ipb$x9+eY#=z|GA*X(H-=6<4oaoCL7t5yJln}4_TjG+8Wj+9;N
z(+0}$j^Z(_n@Abw!1_WUZmJc#XY4uI8hw(Q7MmwPEZ8f`+xyQ+fB)HrV4q2re1`Z;
zXtknXzW&P{JJJhmMbHmC&TkKw6DBAAkHv7G48mQA5I8+T@X~kbaB%}`tKQA4#l>j1
zMNn8y9(?;*D~fBTjKkxHTX_bM<Gf3LD+PM2SR|QO3+>_=0o4siON_SZv#Lwz978Nz
zv$+uBKAFggptkXyimBdrKK+~)q5RNG)$LU8`HdjI9x{R7=6j0{1aI9)VfiXEM!Sz{
zFOJn@^kbPna$)%&em?cROncG($fX$(08cGg=X_|Gqx5f(+$QdJNVEnFYLm~Qrqe#8
z-V3NL`OUBMOM$8!)HXc-bam^G&%JDcOFD68px2i*Ve1S>WXR)ogJ=q`^w+P_qZr7X
zp=q%~b^uU)6;X?xJnxKK<rA(p;Sg?xk3p|}o~@D|U^>vMc<r*eDpToJ<;lZut+gIB
zzeyd!VPo8!M;F_fyRwY@uR_{EJv7+fA=~gFQr&pgjF6SK-cqNS3oQ%pps(WBMAk}`
z@p8+qf3<XRRku1t8i3a>%Uv|f*0DR0f9nFOju|+X9aJX);a7Wu<!{_KbiDfQFVwIi
zk^6MU098((M4oUa7T)7DdP|BUFEpe2h8F|+`>5*~cPTmM1?(w{n%~I|u?+UmL(L42
z>YQaC9A@lgV4bV~<`|WgwBH+=sv|%Of@z9}v_LE9Q3ZZ_&>swKMU;Tm7f=g%mYQk9
zEd{)<Sgcl3c<g{Soe#)4)0!^pMSI0!AXT2j{%!r4+qA)(VW_YF+thjwI{0ZdIL<5n
z04floT54WmjXV3pBh1i~Z$geU3ttLb+?y-PI&O$9)FvAQo-S(ex9B{{S!hV5a}miP
z1Y`@1IxU%lt-@_Fhk~;EfD%sMe`rr*U<&k~4Pt3dY7^Fv<dP}9|JbU4QPe9MYqEw<
z_o!_(PN`=Bu_l&#jBA)RX-4q-IO3bA<#^zkQ_ZS+I>~u)LB9?lRLPK2-4M(0$D!et
zHW(?8+#cMgzlwawtNOXM!aBTHTSmyl;s;_tzi_GY|6whc+KrW*o58q>bow5}(E_IA
z4}svQmV9s?81%qQUE_kR42CE(@}L*Ix!yoe)Z4wldJq67`f)A+3~tt>$cIqg^;;i0
zXgT}~mT?S_1>VF#iDlAjOXG%oevKXabv+17Zo~dB4-ZM-)}9GJ&$KLPoVkJDnEX{I
zOV+TjzWXlH-+#=?A`tJ>x|R4QyMYl82nVGea@azGl|ei#$&-~Sd6ZOD3r(SUUU}*1
zScH<xy4izGG!4+jWME)w$a^TsHL%L^5R;06Ca{g2smh6VR%}8o$58dj6hL`uk!c;y
zGf~P?@HT!Rsmb+?@<G$7#E=-$#!?sFX3a&KZmRtFOu;x8u-G_L$;m>WUqS(Qjnvhf
z&51f}Mu3X>V}$scGCv-YQ}S`)%4Q%wzR4DvgJ^4m*@TUs#j@0P@snJZk^7x4?nb2e
zDr<!r*YVX0d2%K$S(%rBnO`jH#V5(-ja7VJ@=kk278G?eiJCHT{n5z!b{|YDJZj0K
z{hoY{+@Ud_Om{X1$e3KfYYQX{0;cqXc8a#qH+AL`HN;8k>qfH!d4AT7#i7)0=q}J{
zYnVX|cc@`W9RlFwZB|f<)~v<sqA_|wafM-GFDHU-kOF|ghd&dyQibQeyb2QGRkAQ>
z57~G%1Ahb%isl5W>;F5I2#0Dlo(y0P%|K+laqjcynN!rkc4I$%zb8lW!HTkF7*iMY
zcedYRDxqqYp+%916SqLSIv`pNJcBi2l8Crqd4d1XWK{bU+^(B2d)2;<P{tO!5w8;J
zBs>&aZV4V-Lng2CkpOjt`0CLly87dqhIsH^?U;OT(y7Gwb$+Z&2zKi3o1qB71>d!m
z!$nf&qH<Vrh2ZqF9_&FBOxg?W=f;xG))FYm39f;(_Eps_!fSdd;v}s_(T$+up2000
zeU$E09d(l~q=sQc$=cl@0tfUgz2J_6Bzl5hB3>Ye3Vofuc|iKC%J_IR<9RIg3<IoG
zy7fZQ*6}iI*<*)uR$JK@181%>6nV*OgX!TitZP=*Za}Ku;Z!X8E}$7W@xZx0&ns(1
z{2q=p?9Xx$PLi{((&KiT)+rDE++&t{flGkhb3$KqMlon7nuO!v{pf8n->7{|A}!qM
z`kR{Ku+T&i9+)B}ZdPcsuI!qKpWM(HxUEucl=PRXCGcYf1x|PbBE*l74;L}dG)<Q3
zB&Z2bNu5TDCAS0<g3%>`@m^0ia3->fmC&DSV7af*4>s{vD-*?(Pq>~94~ZR&u0y=s
zT&S}`qEt0LQbsSu&ZA_@&59(q6Nix#4S)6;e}}^9GtkMzMkLSUeyNprCDfw4k)wpF
zJqSK|=uzgc2-GD?1!aB5#b5MHQNO66MD|4-t7nW&DCH9R?|Fhsj%M1+TLFc|@ZC22
zBloZk`B3N&$}`#_6_r4=E&U6p>N^_%78hL}Sl=VEBWIQ=USOAeF)S;T`k|5uuN+=i
zxQ*F<Bk&*$Tq_{1lv`7AT#_#4G|n#;$Go#$$z0-17HY9dxmEGrj$+c=hlOqig&(Z2
zFZ)KQPp>v3i8XOslqh;;5M&LaTCsDjTjFwtX`o39T|4O7;-m`k={}tZt1RGNuMm7Q
zsqWrCz7Hb57ibD*3yOm(YO+xaiQ6Iu5ZpN$QAdJn(8)G1hmOpNpJlb;enLYce4>;S
z3=q%nm7rxE6SQ}2EW%u6qE5o7azOoc5x#YnGRr~zc97Z|dYoG>Y)u!EI?6<ajRfJ%
z?QVPv9y93d%JDmSLXZ^LV^pOK{dyN{u2Jq`uwxib8>M}(Tk4JW3p)2h8}pqf!mjm7
zL(G_5{LY)FQ==2BsI~x{s>D8+Q`!qF#0rWTqXpjETshJJjd9qbfLlDq>n@%+!28JA
zE{Hxy*h><HArKxL>p7k!R{lv0h(@0^ts6KtU&#{m_E?0#f8YaTLrU4pC*OzFqY$e5
z(MdK`3Fx6)e)n&wL0+V&=B+}{hnarg&)}=N+6j_J!XZb+{f0pjt0FLjowW*jVL(&l
zWk<&$_ZnMogeFgrE6ItJ&)PLq^9)^S1N_5HE*W}_>~#!o1ixWQWjs+e-Sc!>MYn7I
z?M2aUsE>|ZF5?0el0)B78rtRaLmlf-`#o;FQZp`#p`4$4{6fLmZ1F}$am!0sMkR+-
z0EW^{vTGb&P4&0mvHZ)vpmzmB@>=IG(&KP&#aQbLfeG<NLF@gpvP<u+vO`W+DDsin
zVvf_1O&xDSQKvA!u$)1L=Ta(xuxUFd)*_FB=!Rpn^(+l*%(SuV-1DD<%GUKB1hl^W
zuMH@Z376930AU<pFEr{l7~X|#v!|bR5B@GI8>BH*?z@+Y5La@UW+<#36&YPF_Q)T9
zW93gP>iUu0X2(`>{y`3M*VlvWfsQtN3f=<__j&LcC4?5SEl1mUAf-dF<u1Z(J}+cF
zA^chWGw+pC@NT=<W-J<&9*xA=n@BEx(0#^Qu(MYPCwKzTnC=@Hk;2l_V)WW5K8zx3
zuiaSaIcQ@!dDdM#2e?dtcyci5Q)60aq))u*u9}LllFV*tA{P(o#2mw{3KKEfBt%JP
ze=W@MbaY={(Bnv6@!6y|K8?wg%SteCcRcu?>L9_2m?aa7Wj0rsYrttp-*6~hRL?DO
zB$ch0TV4i8^&br~hhil>*t_IesJrEwi%}tZOo?YEZmBZv1ys&e=&$-Xuy&P3k}p?^
zy@IFkjey-~a#m=B4G~N5f@S2XL8jIn4esHaB;|yF;VVAzTi;tlUzkq6SZFWXA@K`9
z{ucey-5H;F+p>^LSjeiau$tzX^pOg^^ib<F90Ura=?*r5i6(}9mA)NdeFjMy*ryfd
zSoJ=yCT6}P$-ox41Z`l-l~?{$=k;(&9{BArzUy+D2;5HG>bKj*y%%vs(xjFBYYd??
zli<iFHN@%acZzmZ+jM8p*bCZH)azmL>o881p(CM<@z-?9jrZmO+Z!xzcZ{_#+FkUd
zg9H-L)BZ8(M%?nlggLB7iA1mZ+-l;cVlRVei~w$PMu`<=9u9e6Gx+O7EAf2fq*M;g
z-C|z0%8F?<rA8$EKTQ?I%lvV$VWS?XMH0-CynNGMf%Hs>NCL-0APJel1At&isHr?K
zPS!4JT!Ts3q1FzIPLHUilj2a9wPN;O!rc}4r(x^3r;7Hrv-m%~nZTj#)!PH5Kx#nZ
z4ZeL<-x9%|eTVLkm!_ZvTt-^QhJlgPlHSyH9bGegFL9SLaew6i+<49z*5^KWTkmZO
zL6;j%&%>QCzMg+{B|sQ4?5On?UVz(Y_~0NPTYojL5Y{>wleAGK#X`LIOYP6-FIRn_
z&zrY4m4eOSL)uBUqL(=jW0L6OG0FEuQ~VGtT5us05!_*W8I65y&`kv`U(=s_gtL8*
z7wUS>Z0x3sU^)Vj%5>uo$gOdXw=LVgX|(ggPBQ1e+IVXP&?izu=MpnngG;|_mF~ES
z)qPoH6fX>r1w=&fio?{bQw_@xmVS_cu4vCNa#@aJsR(6BR~~xFu*q%=%k2M&Y^t)#
z!_FbZyE?0p5_IYYxD-#l3i+1{Jg^9MOZTj)`g|Q*GMG0%ov7XK?lYvgZ-$C;3*v{1
z!*ThaWvV|#TbBKwdu3hslTSYU^aO4Yuxs{|Da2_nH5QyXr1dUu3$m!Wx@tdxlDRsx
zK2Tb!LF-B}Z+kS0mz>AT3})5lJ+AZyo)w^0cteWMYvA%pHn;cLc4|FnV-1~u0IsKm
zwg_70-th8Eohds9DlYLn+}VL)7X-&)O-;v6$|k0g%9oCloMEG}or7iY_^0dasT=5z
z)(T*XuctmW1(BdDms<myITS6xmQx4<t5gq-lX04vY4H`LJb+VoAyklFgp%o<K77L>
zUZR-U4kLxN#ExJZ#FWo#;H57(fkr17NFAs+COOnayLH@3v#Q&7ruYbg_Sa=b51iIz
z8_T9o!tYQ{PwI{j)pKGD%>83%p1ajLgnHScEa`GG1Y|SWZq>Huydz1Vsr@~73n~j@
zHCm6y7Lon@<&1se>P?cy!zv_hYH<|sa?4$nuCh0f|H%-!unkXVhMcgrY}BaJ7o*4P
zcymdb9i*QoKzQAq{@lAG56#8q_Ujk;aohP2qwT&MTVFsupYwX2<_m7qZGM+56C~sy
zR}U&PUoO_GaP3CQJbV_A(Ks**_et$COx)I&e<VnLgjUDVV&U>{cXe;rK4-uI=O^Z8
zL*omO0rqC#YU9MC`9jdh|Jw-j;<CqJjWX*sp?ZR26YQD)$YJ0wH?xEulQv(Yv3j89
zl#;PNIh^_zUYBfLEg?l@ogqzKg$q(nTlC%$AtiZVV@L*?>e(F77(rp%kw^LW1zV$P
zZ?HQKyy&Y&REX~Bs*0{;(7DCHm#)rhSzot+0_E~aHsm+|jxE%9zuyq6UezOl#R;zD
zTkchPH%;x1nVP7J{P_~4ST%3i3-~aGFYY?sFjrolEpWPiz<D=8n4E*|G_ya=YIbY~
z>YCG8@;$egQxphPp6a5btzy_YhKOq0jHR=U)mBh!6d=_8{q1Y?Qo_s;OIxr@evD5Q
zZ_5smeIl8^XwNs=vWAea+Y8?j?L?1P&-;<-Zo2rfKX(bauyq9`=bvnA6^3Tnj`jB5
z<{e;vdTDB6iD2wxjA-6sGMXvydH!|^6!}T_`c;-uq*DzP)kG*^U0Pd;%#3vSxw+Lq
zwcSu5`U@%FAMWrU;8#wjd+Cvrhs}r9LU8`p`BSslD)4Og2{Zi&B_PZ>EEOwSRLHF<
z-A7cyuCc}(c*D<NQhsAjP}JprhDhPg3Dsjg%$>XG7;sN(<wMj{(YDPtaIj-O{^!ny
zlNnVFjluv(gWbNQCN*xa><NR>de1$E_+D1Mw1<dWsUY}HHcPs0n62Q>#Fig%Rgsim
zb8S4N$VDM=Aj&I=8|IBp5=VO4Q7qSO-79m$+C8MRU4ZMknhDOhtUq6OZgG)D>t;#G
zmEoOzFTqfIUwzrJHrd+S2MN_86OJELL3|?7m}my<G|#^A5Q()joiRo<PQI23Lr6|h
zuX>T-Wdge>a7{nMk6`b!E&S>23P5D(J|l=qV<$%H@VmR8yFT*#y^`^1rQCBTzF~!H
z2ttc%8Jug|lB+3-jC%X+lOCiZ;7P7>$}0|9^*H%(Jeil4=l&3Mq2z_xrI>%6A+T67
zn@|Px`IBqvH%V~aj_2cH;!s>9>IYp5mO;aG3ppA)IBPR+Y_z42)5wzKHbCys8I!;B
z-}O{^6n;2)(p%59K($1({EVeh8hX#%U}s^<c<Y{>*a?E_6n93Ct6Mz+B_kbPb|>Y;
z(a#oI%t5C764838!vE|?eW?f2t&+%Lgoy+AYGew~gxtXo+$PEa>)krby3k%i`1o=6
zZRIuC&fk4cqDwvgqdCFr;P-g@B=K#i!K^siN7x4^zni&0W=Njtuz&25aE;_{c=z0z
zEEwj^B2C>V3HaP^(m}_01;@XrQFG;N+UY(K#r^$Tzw4AlX2sJ@qjYgXfI<`Z^Bo0f
zfDx%<Ui{p<iQ#BqbK#L&4KkU+v#p6;0XMc2<eKjMzqVZM_m3$mPj~-pE!UWFn%__C
zVz1<{Z*SxLT(2&^vQnTbKazJ@R`IKEW!#>r(;990Uhdns)mB|M_an#4AL+kO@m#zn
z-_JkyPfn4{#v5E`wA|iBCu9d(E_PlMt(#V|eQmuG$NxJYA2BV_72L4p)rRBeriTWs
zpJRFa{w$W8w)56Gus&U|&SH&`-G>(c)GN%aJ-p^K4lQ5p6tLpsReRC$yJ;I_u1LCk
zulc@r``TTL%HQpYSpK=gsd$GrzbU5!?*b{Cvz~#+Ka_Q{o;lFLx?MxD{>#ITY0kno
zmT9eC<ZMu7Ut7<%|F!gmm%3uChV#}ZAH23!=)L}f+wL8cwiYZ>_`cVD>&|`#$-7}I
zE4Lr*yX0<gA@JTeyIX!Mi{l&>L(Q|Mw7K5ScC>ISHh6e7D&h0SBU4h;|4fUO-6;EQ
zQ(VyEx$jrr{hk;8{Lb?7^}O8Ky<vZ)9z3{xH~*t;!>78}x4Rpqe|eUQAD`F0DDSP+
z*So#8#g{+d>V4s|TjiT5=bu|_y=Sh3@wte<Ire>K=0eLirsqxWekr))KmW_W4_{9H
zX9@tWIg$vtX?|3NfdRN$sL>}7bkxISYhQ)QUwxcmZ1AZMh^0xBGkwkAr#@Kw%CLc!
zApzGYo$!?r3(#O-NGsBHcGM3I;bmZlE?EK@r~q1-gs_W&L771Tq!A3ZHBQl(Y~`oL
R4qdA>IonT#?UXM_4gkGth~5AI

delta 16644
zcmV)GK)%1+p8=Jf0gyifBVA9E;V2ZbR+|L_BVA9E;V2Zd2nNXk4zo;zSpWb400000
z003x{-v=lLGigv~=6{hv6@T45U2h|~k?#Y{e;_tE*n^C<YtMc<Fc4XiJwhy5kmMQU
z-sl!3cc#@;nl1aZ!2<aU_kQ>1@=LBhNH*EslI=<E9`0$!YO<<WRje--xjmgfs-nCq
z^!j907HPif%TkIz9=(0@_Ra6aAYWyvc@Ty^8T_$V7Gt?qr{Y3f-+y(d{b_f2BTmo7
zWO_Rv^ycDjHkgWTuXlSlp3g*g+!w?CU_2krhl81)eHP6=I~SwwxO+Xod4pLs>_ar{
z!?~CZdUw--7>xUq+abXBBfpPEet!-_=7Z^EI-Cu}=yp7u-%f|)YfqP-_d_)AhjY>I
z&b#8~w%45xZ^wSvkAKmyAN^`!jJUm`NhjU;$#gKA`#C>FbAD=_GaR4Hr`_>vSWWvm
zn)WlU`FaGaAy&=?lkT)TANbL~M5BK>7vsVF^X>Fc%&Fo0&+w1wr(rMP{pokH=)OA_
zy+2=q(E5X`!5H|}oKX`tNc-mY`kELDL{<E)X2b$M1qt_V$A4GD>$_>!F`##Idk2%d
z(?1R7lbddYFc$nNNFGLv#ntT;;mn8QJ6Ia4=yj&=W%l+>YI=IT$x@k@FxmgRgI~tF
z3_p%_ev$+O2+UR%i$bQE_}%H-H>24gFNgh`G*P)xFlCe`g*JLw!j>ot2|6v@$N6rf
z-o9Bc<sg^$nSWYb=>jH*(N$M;x8;M%%QTT?s&io;^fp_FT$kcr3B|+362@N^N`AS{
zq%lG!iQeYrx%k_6zX^idPt7xcQ$s*Qh%o!@o0aS)NnRS5(tA+J7hDL;miYo01W0Hk
zGf;FF>oiYcqstP0>@pR!<7EaG!i;pDmPA39{uZScSAUsY0c*?_*nmK1TeC@%RBsIc
zDAUKZOcj7I=_()QnO?CVvP>l<ka;2I4@%7F;|+WivQQ$~76q&<+l4FYgrnA56Y&q|
zSX<hV20$Z#o<bnjlQaj0I!Xlm1$={<k7=RvwIb=u?IJDr5ZA?T&(T&5Y9TF=n{rzy
zPnyg!qJJ!1g782Bgk7jdfNR84T0XSWm}_GCbeq8{P=N&rMHKYIlL7=wkQa+y0Tft&
zz%mr5BeEkVnUV%E7$mHGkYxmoRtoxvTtKQ5oiEcB42@U~C;$esjc}Su@)f_C@B~%#
zy3pH=0S&&q1_dwOBIuh~(MMiJx<I{Nrs2jA(SOcp5o||vBS=mTG3kX$RQjlRvF3U3
zWvSMivUL@e$oH+I5=X%KJycp|x09HzH@Yajs-R+7b!iZ`mzaPLOO_pAGJ0DiipPn6
z{QbYcV*KOp|J?xt7wAO<3pK;2Qo#6jS`l!fVUw7R&KD3d)X*Fmr$4A$p`LhiY>f+V
zzkkD$GNhiofik~Gy<HdG&8E<sA_eBw7V;p0?t7*3kTV3VunS0Vm-7m7837?mCJ)V3
z?8uF*$dr;LWy3q$7MpBqmjke!$d|}C0Jc;hAHmavj4ZHQWTyq}2*$0qYY!I5W|O41
ztB1oDy;CCvq>T2U6y=i^_uCQx!SYxEa(^b2Y`J;{Ec%J;x_bwv_am?u{S3Ma82>A(
zQ!WX{!KDUr3CsY>#i)d2ga$IESjL`kt;z?zAf`zq1)NhQVy0=P*Ge4goCJU?efMe-
zk=LkOssJqsRA{u#%Jk$4bb|JMMA<Q5e|OG)nRwO9^mc(XIu-_A8u>=w1rG2`CV%hU
z!>xrNQ5H#}U_(rFmL@xb`ZWM?jGtTyZ_NB4XL?XX?|JV43LI-{gU^2Nq$2dPE-&Xq
z-@e(lOY63hlOrfzffq<92bk*Q<5^y)5)tbh{QO9j*2LU&KU1W&(29eowSsR8OoIFb
z_}5>zX`#>=8w4a5w|Ta^kxv!~0)Ie2f!0DuwoZ*9;~{XyiH0d)r;;yVnHCFcgu~y_
zsBQ|f?Z`p`1~Oi#Od%C)?{go>R_L2+kR=!?w#LYm&R>kiy__k4(Gu#wpCmqz50gd9
zT~t=}Ug1I#HwCv>GC)GXudVRYMI;q*-4pa#xbIfS;#qzv@DJoIK&fIahkxrmB%j*Z
zXAp@@a~p}Epdel{xX7~58F-gaP-Kx8YJsYz7S4K-(zspGcVBBtj&?rS|G<36BJxL>
zrL<wMfRVW3%>rFZX%zt3%VA!Mwh4ZHNLLRaTW~>-@NETXfJ&>s6G*6&bOZ9mgvW^E
zyUEzRqxmp3Enq3DZ6*sl1%EzvT2=#s8~g{N3q3)AkN0DsmS{jV7<svexQ>{r$5cIu
zqc&@QMD!g^syS1nt~Q1!20smP6bYgw>?Sy209tzL7YAh0PBXYP+>|Te$46;CP6&VO
z8uOFqnDYOOBcZM&iPMqF3q%C+j@y#4s*t@9&;80F80Mg+8Dk2=wSVKw>vsp0UJ-eg
zC)-V?B~T$ciFst3<s?9#BNq5E);g^9BX7tCeiz-_o%FEb-E&>{G0la_m{p;TXNm(N
zY#c^Gp#m_>Q{K?6;Zs91q_t^fx`u`K(0mtbuMtLB?Io`V@!23tS1G0h?ZKG`99B7|
zROL9US2?hbaYb3ng@54x+DI4-8do|>s&q7G0UzDOsdF7I1(OgAv59gd2s~Ic0Hu$v
z&L-c$gHYD6V#9IA!Vbb%6@NrXJ5}<>{@`XXAN0j!FdcQrgYo?4&th5VbqhUyB^E1b
zDAre+lsmd`NHxutW$s8IttBEigeF4dAUEltD7c6+84CJ$^?&OKqPi7_MHenfe^f=f
z-0=>PIpk5+MH6d|Nn^A03#i&V)L^**e`+Hu2!1F4;lLqjy4rrazzR@`p<52BnwuRU
zSO9+^2&wE1m4McsG@K864Hx{0X+vdwaC%uN%vROH8ZHNkLzfmJ<{Cqs@pgR=>w&f9
zVQJ371m}ttJ{bhyc#hG}5+Vitg!_ztCCrZTXckaGaBUBhst`DTqBv%f$^0f=s$`dt
zTMJx`gI*05I9eQ6<AJ5kQSY8dI6*g7nU9y^rL@eCw7$?od524da2F!DZduCY3l$+D
z?1yRK_h=Kje?ov~zk+$j8G@%64kgbaQcS);B*R63OPOO-H~~xgq>F{Pf$d^qT;m{g
z?wz^<gI!6+z(A3I0r!K>7PWi;6&zw(5C3|bE^s?`4&XSmIPRIYjhjmz@~glPqZ0RF
z`jIQGm=U4bk5L@r8m(z;>x*TD-#7xO)L8CY^mC}Ko42kU0uk6J<hXKuy;Y|4IbRsu
zg+*C$eK(lRYY8HF>7CvJS&(byWv#Hf3gM3R#2d{B#~!eMxRNGR7sKyB$RuLxt9PME
zj;BNB!X*f^y*EjbZqU*mn|Gc-+Cr6MY|=xXP}akV7ho|C2e{uCpz(U^7xj9SyfAWU
zV72R#9oXLmeTbR9XIAA-0u7>U&E;pCLO-S$RFWQoQEZWD$JyvMX``YSRM7;(MCt^V
zTo&b;b98`z53Z987vkPvJtkG=y}<ZHsRen!rnY&L`hTZ)T-N29umP4}toBXi4Zh(3
zREb$2Fp(*UW&@d3gx94Pc!`7Z+XLY%BpG5nAk@Rd{w4Ay=|Totp_;l(6gLyGqY=^u
zb;w3`g(^egaph={YA*Ks%3i}6pYz&y7#G&amC_G?V?CncP*wB^5()~TrLzLS2^rD^
zWVU3|TvMk2uh*SGuGr0Y!Er?HL)IjyTS~55IzEEAU!q6R!j2~iRL~)ZJ4DC3POwT$
z=G-1ik-y*>5Gp}yIb36A1t%Q1bzB7u-Qm`=e1w~c9dGU<){x2+x2M@Im$)i>yh=-F
zA61)wg$F{elzkS#Au?F4sI>7{F7SHclZ`Ysp+79Y3aqWtI*iDZeInVhKoodo6T#rh
z7>~47H>40~OwE@|NLUs@b()DrD&v~(NF@&vlGL?17gLxgXyV?wHXR}7Q5<r?iSdey
zC5P4lJOGj*Z}O1{;$FeB?g=T7L#spjYxUKC-r1|rxXP_PJ_OH4dFM8lcntLjxN^Cs
znkuuQUe2}A)ypvAo`G;Hqgtp{Y8NumIad`xCN%_?8j_zwaN7>Y$a~3csn?jgpjo@p
zg-gO}Q9c)pY%T^G*H)PziFO@4mbSI{u)o-~x!j&e(fPfW#lmW}n<z#zrz$*~nL0~<
z9>7><hXD)YMmY`?G!BbH(!2mfw3GG&tCd|ophR+m*%b|J+b?@hc!;xH!0Ry(`yEf;
zY)N<z%*Lr5GYuQN=xEg7acPECtrKv4k11@Kwf89Bmc`bTq4JWscbet4Db;f>#=1I$
zt+a~1b^MMd^M<nIAVpxEEK?r7jb&tiS^eV9D|<lILSj<5<1<GGvRf!m(FGbtk2^jW
zM$&KGI;t5!wqG4nMXtl5<2|+}d9IhzmASALfRD{6c@2;MY6o5ZOoc3{H{18SL+5$9
z9$j_$j~Em2c)#sNR2a+PIarL3TtHPNGU7>k*&H}pq}0upGJ}Fkc-+#`ba5_!PCLSs
z7`j~uab(Z>j{YFdI>68*+b*i=*%7P`zI>>@bVD-zfbTotiKv7`-p6$Aw`o=mbN4s7
zB?(?w9D$r*!VevhWay0n9u_OZ5t2au*dgYiE4slz7qR{E_}w4GPaVOnOU+L|cf=->
zB`|l5zvbI3`-AwU6R42;@$|boj@?kfZ>IrK;Ue)fioH)0u3%-V@LL8;jMa&vRj0jb
z5Cj)!psa4-wljX;*^Ry=JjS;zQGKkG#Y&SC79$ICy1}lytsRg&eU6hs7Cr$7lYkZ_
z8MeSEh`&&+*m8g~q%<g)lPIVh9z(6_?FW;-7A`0cf(CdDKK^;Im<SeM6qb7vMS8er
z1w3qn!#IkFum)fE<2rx|7xNmE6c;%eO#_GtpsekX1{70)8S4W8AZ*<?^(xJ8H<M-;
zA%D9o;Xl99PQ+^gwq*oQw0#|rm``AbxjiqO1m&iG1q#x_s4vB8KbrCw^;C0%Y!m4L
zX!b-rI6I4jWwdltI@dBGX0!<v)9aOa%li^}Pc16$Gn-SgTv4w|1uCq$w?pH0C*SA@
zL>XYV?{tdH?GJC?Z0^_VXgf?UM<W~9g?~GN9YVbjtXvETtQdlsPPq%qk`Y!LY$ps>
z`PjSSwUSw)H;5BkWK#5o*6~tyj57=kutlP(kW9y7b%Lf^m!s>~kmZacOl%lOJg_5x
z14q;amFn6Dzmoc};td3ce}V(_zzH^bz$R_5jxI*pYT<$@45R(OQz`*q4cDXR(SKnu
zKp9d9qDlzcet-K0JKwq`CWfdd2X47E6zxY=G?zxQmO-H9MdMHKB@gNF1QhSVIlc(s
z=Fwi=(UNQ9J3+Oq0@|&1+ak^iD@y#dh@5#7McCPAi?<T{c%2Z8vTb!yWT?PwZ;8>=
z)M3C8G>SIhA9wd!b3{u8;WWntgMX*JeY1jS1v}C)s`l*`zT-u?Z$a2-PtJphZLJzs
zCHiVft3<Qy8;WTj1@u!F_;HgtTTARb@fm_IcX}2O>#EIp6okuQE-X(Jr}5t8O+7p(
zIrn!xkB3>Itvoz2uU-0izz`^}%pc8W^N6MjPgAW#|91LY`+6H-g<N4`S%0=GLPuOt
z=FCxzZ$AiC0DKsofGmRGxwg%I0`p4w%KT<V*R0^bkY}I$p6rv$;4t8agtY+VpsGkV
zFr2%nxw#b!8jweuw8RFK%{9p3N$z^8C@K5^&x~9Qe4-s8a0p#qfvnyQMT@^dT?#%r
zH5>33kp%N94aHL&l>?nez<=~3q^b?)5s2Uji~PQr+Uq*_cU6HkBn@lMy1-=|_qy-C
z5~COzvsDE+*0bLjJ@Q>o@HEI6L`SzJi3rQ%4S$Q4OALQCZc1qCsHdtdQV?t_?!tcj
z=aJ)v|5%nAb19QAppG+DV)@57rh^6eIG;~u;-0_bwGbM>jQ+NE;eVtB5d|w9@`PKN
z%{gsE$BQfTct-S9xU3Srb-1`NMQ&dVtn_`INWVs~AGP&CO88l2*`IR#l=s{PhL$xR
zK!;hQcmg2*`1^l;K{$uhGF%H^=kZ%HV08;Fw{pCvl<%VG!kW_nGHp}4n2395z&M}4
z7?)z2gPRErH_%Pz_kY1oOf$dRyD!*_baG4mlFTq(37xC*=243}_`q$w1VaGa_ZcFq
zY~_#k0H^>Ocx*0*z{{V>9>IQt%~x$I+kqEuDOs_D2({S;Z5TekK{~1L0jPD!$hqAz
zp)}oTk1clKULEFhw#)7DS9oI>f=s5qn<UN~%<Ovn$+mS5;eS}t2mGB?qQ-)-8yKN>
z&V+3MRs}{A6&#R?0~I&XJ_qp>M`n0#5jN2`W&!sb1mLQd;HQycz{xhAU)j&*1stzA
z*Pn3@j%U|+8UX)6m%0Ie&%Hvh$#NB4B%aYPQGSQJ*sK^!U*$Vw@I?)ly=K*Zhv?W9
zNO3kLiWwH{@PF#(I}03)p<d$;UkRB35J=j}u!bjHe3_{gwL92MBm6TMvynwL!u^4X
z)V5UPPhC0>gnu?DTBHSsLv$?tDJ@F0>?9g{Qt3cMeXxOk(0B5&It9Q4=h4EE8=uAI
z`mR4^!%0W`3yf>2F(0Q#XPPv$t?gD)f+0o1obs5dHGiA+;60OJTSi(a@fzc@%gfzd
zt}3muZn&OQCRL(-uM&yg<kNUCw-yWYp;E5cOu5o5#?h1n9)Y7&M@_sC+ky>J3oOTd
z4FM@^My&60gM+(2N+2ya*r*eYP4q;66D{X;bg>Alt~OR^L67)e%>%2j{Zy_BiB~1Z
z`~%pc<bNS8K^G|&=FgB0fO(-Kp1#5y9>#x!U%2xLREU0C=wusi3C%0A2Xe;#;k^yn
zwAe8xSZW&P%L2A^u_Y4vYLn?5HbJ6jxE2+U5Ilry12nFRKhR0tNWN?P@0gDE@rG1p
z8kX%B@Gc8&>>C9a{k}E=;#lMZYW~1oX6Ip8B7fX7GQ9duy_w9`&)8L@3OCC!+x~2;
z=p^7mtq=~WL4A6Fw+^BHz(Ea+{xtTIz<(YT!(*hL6EI?HRZ{mqO?}PA2)2YDO+dm8
z@z`PoUXQ8L`_lt@kGN1~-YF6yl4273zL@p#_&WDrFcl9%R<`In;1=P<maJy3Y5P)h
zFfuwc{)4x^Tlo9n!c(rTbZe)4&k?1sz{flRhTFo0<hJ=PD#q1%SRq>ESwvnQU7}c7
zlPn%7KDR4lw%`Jy+yY#P?3>>tl`?=BouuxGfwImI0Ps{>lbxOKTiYRU_Vk#E_4n^1
zQJFC2NVXWaW8Itjy6L}@lO9L`Hj~^QC;`ip1s^y8Ws^Q17k`AK#K+oCc%yL%X}BuF
zVg1H$h?LVY0^r}1a7RM?vwOq_v(5oOzGAN^JCbj@pM$Iu<!(UieDUu_gFfam+m&fz
z#AncBv%$klG*WJP?u`f}Gpb^9x6Ru(nS7eM8|E;nk4ZgNW!<H7y0)Y!&ZW!U@SSIk
zwS8P?XI~&e0$gT9K<yqpOii)bvGmVW&;@G-GqXC?RuXplW^6LSp}bYTJ*)S`ZA&09
z;fI#M4dxix*_J(O?W$ks3m7ui++c@MoABLs_*bqCq4Px;SE3H1@VG%7U)%9yKE;zT
zAT%X4D#cR{X_apViPeiIj<wT|*C~gkbia=9Yd830fzP)1C-7E#lZhZ(5)*1)1L(cB
ze%OvDg~S;rZpuNE_8?9#pM&dNz-vIeNzVay9`9Aa-6X&NK00&MvJ0QuOiu_t+>Lab
z&%K>z;?2nt?5<#wb0J%QU-o7th#HtJs_Q!tU?)i325;c%O?7^2t-PPY&$PwMBk}?6
zTnCT?;#;UhJSGI(5yt=t?-biB7C;$S%2R5v_R$E@Tzzph2c!Xu?By=}JlBIYXjC+P
zX2;dwQ2A|Aq-$C11kGakhEZVrN}BIM&7+6G>^^Lb6RV`h=QkmLGi~q9m;{ANgwH7X
z*we`>in=)^Y)4lWSSUEf7{$^|ec<?5Uu!2VUqPV<7LFZcI>UVL5iA~4NLY67MHs8P
zU*A<{_|3)DdFocz^RHU^14ulR3ZGVspNNZLe*?h3@z2h^icPiG+xSLuAkTWLYG0HS
z@%;^aMr@HT>B3Wg={9NodQMG)y00MfeH1)4pVX@!oC}K6qAS++l{XAFfJB9wjozK}
zTv6Z7`YCtMA4Hc8>Rbu$1hotFb&G4|{L2{ZJAu*1VftlXj|rTO|Cw$zik`G7KE99g
ztIicR({RE}?iPOKI%ssxBf?QO&+|#~XMPfCZUKt$0xo)gfGT@-k0&8+L1W_vovKMD
zJSdOnw@>yFJZOlAF_UW*P}OW{aSj73^B$}_SO=!N$)1`y2*MBa_dZ7QFMM_iiq=4Y
z960{l>2Lo=YKX6OU^e3#SsNH!6Kn$wS2-#zsJ>&MfUOQB7ZACJiEGXUeG@vNJCxYj
zf@iyl9UE|evr%EHmm|)A>@VDe?Aptz!@##DS54>9IJJoDeR#bW1EsKQ+2^w1!>N@K
zufeOT+^+%Yj7SqKzUF2J9fs!<Mhnx&Xd?>=OSd-crlZst5Dx)38|;aBz@yjmZ@*pW
z#B|oKov8!1<y)1XY|Xdp3j4Q=@Pzvw>FO^2DG|wkNigmtS5M9Nm_OhvQ})#z5x*_f
z^61Xw42MtLjqTb5cf-Jc$H9R<w7m#hDTaOSitZVsxve6;HXOHXk=>wRzXx#QM)j+-
z01Ma#EEr~7gEwrc_vpkmK7sPmIj6t1WA~Rsqf>i+?kbVldx-ovPoOfTy`368E=X{r
zYi}ceRpM3i<_%ze50XmPro3ELH$nC?fGTsa&~Whnr6Vb}liog574$TNQEt^6|3X#J
z)Qo`kfUy??xPhh}paT?eoUTLQF2D@#^4iM^%_9S}pMyDgS7Xl<Dq0`;vkW&5C!;Xw
zHP31;insaJxb^RAhu5zelWke@CgLU{|BEeuCr~pE-chK((c8Mu?2mKBFMPD`8uzs)
z7m5z_12*_NyzMrj8iy^$w81*`>YT4igr)n|7XpIk=lrBrYyj8YkOxPUU@q^8heSQi
zUB?Wp;07b341e@d+9BZ7e!e0rii0t85j!OdA2_@BB1_A@16=X1S-4lp)7-UQIlno7
zJ;A3q&`|loVVhSkynNtdO?1rOYx!sV_^g%~h?iX{hxB<zV4x&r{2E_H2-?CrH3EX_
zY5a<RkcH5bW(1?drkmHv6g5t!i0m|HD;@NP!B4ebD%)@XnZ!M|>BhatH9Gs$$@OSu
zjXt^cSz$ze47z9=)9|16ozX+88^6(iO<D)$y(s-dmb(pDTN{~UE=X@yvqG%#C{YUV
zvsjwP8cOiGbSPqa<dohubqDF5L(NHnSZZ=`Jrk}Uy>cTB$w-!k&#$TD#0w*o4~jvz
z$>#&hC$Y~a?)26jyn>|Ytu_QaEP)Mnqq|ou8cQ0iH&nsn|1Mw3jlf2=KFR2RO>Whg
zNLMZs*t`6egF_X=#f#vuMX)TG=4bp2xQ*yt*WK&i)@Bu<VE$y;dTpIvtqwcO-F0%S
zO*JCj1Lfl4&@1E5y?5UB;`vqAJ*Md1ZmX`LNB_%=_{9DBwJBGHI)w9VA5P<teg#T#
z80QBOzn}90@xBK2+c!sleEa4ee*jQR2ME~3uACwt0001J002-+0|XQR00000vrLm*
zC>;hfX;5eUf0Kbu7Zw8q6aWYS2ms7kgjoOp00000006apldLE%2H<~CXYzlMK^1@P
zJ<D?2NRoF)_#Y56u|Ye=qFZu5HPI16Q<ThIiqevjJsTT)fPf-}HVCj$0ByOW@9V#q
z+qP$~bKBeK$2K4J#Dk<fJ+qfRbXz1*nORv``L4n+&o-hcPm6qYFfWTFTb_hv82q94
z_|fA>zYR_ckwv$Gq+cX{H!O>3xDtPd!S})0^<Z`~8;mEx;c;*|ySTdlcs7~^lhHgF
zUYuWE!M~#``ZzurO|QoA`#d;-kJne@$#_1v8ePxk2I7$i@#r`>yZ<;taJ|8Bc>kaF
z!57|xFOGxx{m0?;Y&=)EFE7T^D?rp6{qbsc|M490n!#UsgTFjBl%9-&`SpM7^=Leq
z45q^oexCF$W@m#bQaZkv8W3N3Aig>dM(3B4!EkgAbEN5=Tui6;A4itrue}jpGqXlR
zgz60l#?t|O``Q`$jW_h0?xCY;a5WoD=i@6g_FHf4x4@{;84?M6f^`9|T@HZ3=JD^m
z$G^kJXRpUY#T(`^u#(UMU*~_L!Sx@lJbd8`#25bX;lI5EtS9#$Pe;@F$d0Os5y;U$
zUtG_ogNb4~5$Y_99qEh9;SsLn^mKf7JsTM2oDXKhS1fd}nB(c`#q1n@{nzUevTJ%h
zICB8{Vs!{|1*<w8pN>(i1_=FXJiTUN!mV+Z<~L#b_)#K<`D&deVOD<v1lUiDyjY1o
z{xHo;_qS=D1(E%ofK*`-7h#eHzdd~X=zKoP%JIo0i9{v^jJUd6iy#(3ir+*cI8UM?
zm-(U$;K3q<ef9X!Y7vgI@Fo@UX<on>m}yv*w<0T(C@d4ed44(wGK8}MOl7bRWpMxJ
zvJgQSmC5G*lL*#%RRn*j0P0rjQUo_eBE`Wn4I^<J{Pe}o0bw~w<Zd)QAsK@Yn}ICD
zK@?@BgeQl$B6<s82Ir@NC^cewHWpHSmO<PL<5iL+pn$?sz>mxOPucya0vQkRXbA@R
z1OuK|#X7Adz#XSSoWo@Af^d^3MGz&~k9$B3@+w&6NhbR((9eHi$f{Z~^sEP<d8Sf|
z54cLZ!S@?<g$f^xuiifkR$(FuC`|)l?nyVYdx2DkX?ixemZEqSZUim~NKp>3QirQq
zh!1ZAH~3J2eB>au_n*r9PeBsnLNAj0PZF0)-hYZJ5EA@&|ED1Bh428vb7vE*VC-!k
zGvP{B7D`%>zaf8;d7enz6Uh<~#!T-J3{r?t9!l?%D#Hat-X-w6d<v_Cb3lehc~OX{
z6f2-2&=`^av_V_2s#5p_EJY-=15nz+6zG!Yd6ty40|xjRs3W13$uh$S09;ijDQp#j
z6y5+S8-YB-1)xoll!#VVa*gzWQN^+2EX|j!Fwzvij{$$f1cv+o(6bP@NdlH-;yuFs
z>wgDx8a07Y!C(Ie_qW8U0)|Qe1e&I^4`rXAHO7H3Ztzi0A?P_(#YQA4&I;%kSs|9l
zdz_>{7mqYtZ_NT+gdh$x<g&;%Nr6uxX(*^woRm8!-J{2l?g9Ss@acNPw#_yQ*JV{S
z=UVFBbN_z{9%k~TAq>|}3C^N(s##95GOG{_2u>AMFoEL!mt{)3h6D*@HB`H;Eb_|L
z%X>=!2!FZ<`})B^!s3b#2OFH+kCmWRV}himh*%uKE&*C3t7*M&L{mm07c**wFn}F*
zD+>4zVYbLV^CrTrat3o=ORz03&%!7w4WEJ~{-A#Wz@#mktWvU!>XJ&(Ov=W@Y~S!-
z@O%rwlEPS|MdOQ#t1t)`%uJ91N5+Lp69};HAwe!-D2T*H>`z7uE9{!>W`>fPHj(KP
zf|EVwO^d&6&IX^iJqROu3o=Mn>m2kseA}4f9@DanH%^Lv7<Q15626Rhr=yS2D%)w>
zJXwFX_gdCA;nH$XJ0Y&xi6WaL*Lend0rfznok3CuQYpIz8e{HjBBHIxPVH#shMuPE
z5b$ulF7kCjCfyo(mm`3#5cmJ31i~|*4faI0A+p+V$YoHUt!Fw+^D0K05AIZ6`F>!-
zM~Qo$5lLV&Srsl5z#;?k0Pa666PB6i{uh57m;nnC+-fPhm4vbb+iUO|thq-AyN8Y_
zZrq2^VNh)GwQA#)D}xL_`rR%MscQF+u6-|O2P*3V)mQilI7r^AvIHV4jMGyHRAoR8
zSm|?7lE~6dbCfUHvQH@HY=S{DLE9}cV$tdkCbH4YhVNjJaO3n5ei&b5>D?rJ$9{kH
zD$G!jKq;Wi!#qK$qHloyofKd}HI=ZjAU>frE5Z$iP)OFl!yX6*;ELTrTq1)vdGVH?
zdomfkdHNp?*`O$3BbDH~r(!!U&}>O5SSQE|whioXm<sBHh~S|I!rCn}@g7eIm<4!S
z7-m(2;#mOeew&~frS<9mAV~yT93+1uVnz=X;>QZ~gm#M9-K7EO34x~_jc^MCYnDm2
zY?c2|K{K9f-0*m+;B1KhR|d?HwK@jF1o(pltLD`al^}K%Du_frgZ-RGZ<WeX(qdII
zix&E84Z$MWDvSHSq^x9O5#yvptfMyC_<Gk5+xJO)|0zxky3`FafDsVKXB&TD3n{MC
zB*m~CHUi2G_&7f(o1_;H7aG+j&<x5kFA@?jSekqV@QWmik~M2?kAx@Jm(!<YJa8%$
zQ^CWVBn6L*)*%%e#h#P~!1LyD#I~$bK;LiS00__MJ<Nu87sjj&2VJ28b&5FLP*0*i
z%SdiPKPfHYJl+pR??XVOrWr<-Ws%%eCG8G79kfqfksFvRQMNo`X6K?KAHK!MMi8NI
z_IscZ1WsJk5(?YaUPw)H`*c}jErG4CLiy^l$VnW!_zLP^3zI7`Aw_*?xLIoC;|z9M
z%2b>@U?11~HewXgMa;G80-oqcaua}_2K3-V70bq=cd(YmX*igYLBo`+)F9Fim7C9V
z1C84?D~7X^kue%lZCM^20jzQgtSQ-=6gX#e8KOqwAprx+^3cP8+rhUD3#>)5Om0#y
zM?0e&?NL2PiwW9OFf#F8$yyVnwSj^4=z^r|dka8RF$yR+qipX0(20}%F&%%IUteC%
z#^;#&zyEkTo{q6ZLDi19$BDPLytJC3A_c7{3Y$Yh%XH?N8arGiopHR}4FEQ~RB0XH
z$2u8-TZeezUmP*G9NVwYAzE0nvtv9W+&(?ET_e#{=_<hj#(kA2Cy=5C2&Pi&w?|F?
zhvQs#1#s!)T^8Mfn#D{i!ghbix6AtY(aKPY0K+Vn9>p>tqC7&?Xvw}-ej{`6B{1U>
zkek{<;WS^}6rvGC<k^9VB+<R81JDaIsZ$`UWP?#ZQ{c>u+!)tab-AGIVsmMagM)wr
zl2yJDN~)BH2k7TU{Q;&0Y-~r@SRHDlU0Oik&TD(qfaQ+0JVY{B7m9zS8FwCL;gT?3
zreQWo79zTf$UVT%C?(*@8P8e+^;PPVAq_!Ioe1TYw~Tta8~x=BT$6#s?4(-W2T(C^
z^`utIXzg5|bj8Jxr^t*vOTk>hurPW%L~0;x6(RZyvMtyENur-PaexlIPALNfvg8<t
z0qNp6cuj#Bgb6S^a({nuYtp7$<t6>Q#`+6*0)Q0af9X>*bt1CiAqQj-*?}&Pb<n3^
zoB9ofvw{<pB%W#S0{nQ&=i!!Bj*O3<f}{Qx+*q!hgiJp1zJq+Df$PD#U?Uq*cG^uZ
zJKn-)5<2!On0s&t*I}QzsL+kliGTWa_;^U1oF+DCZ?0dmA9a5=ZSi0NEzbof#vmyD
zK<+}8pMe0EI`s5vg_u;sYys`akPJerZH9o8QfRc`n;i47zB``gu$jVye7U8IZkk^j
z%j5?po#`x{EN^rB4IZ3klImPi$n^_r1hxN%38nBx564gJ9stvtB$IO5>Z52rgh9i5
zGtT0}5rcd50Nj6iJA%Ks1;5+}JGm7}wyX=taL3ZnIJBf4Agl>@rIK<Ms1)>8SYY-g
z5&K9(zrzG}Q7A>4XY3dic?9tmsdtsFUgs$oV^ZtvaHBb(jM+0xd))|`CmHRXx+ohP
z=Lt1R_3p^?p@J>EXhBIhL_T?;6JnT`O2D}wT^u3LF|2=fO{c*48K#th>jD3;V|e4#
z0rm3PnLSh%JWIV3;IA(kwNUwia^m|L`$`SkAyR@$e10i}FF7PPuR>|LFyq9`K8nQ;
zepPCqo)Dne%DPzS^Ku1CrxwpzysG2i%+y?5esEr&{3Lo{nxBVdbnE6hd>6cyzz<1#
zsn!d(c(#8fsRxs6WTPlyJsezuZ$HTH{E8e4gS!Z=WfpjDfh|R_Cl;_XC}tu<T4lU!
zZr#bxl<cPOY2V@0MJ8NZO4)gm?OIgTT7j=sI(_asfe0`)5>ldKkP11o1(yDfdY%Mk
zfGA87T>!BGD#>KESin~VxCjb}5A&iV<-p^)aiM=Uwhzo#4Kznx;EC88p@sPI5|%2u
zGlEIUE7>Vhw%)g&Fp1JODv{~eg3%!tZ9>s4siyf%rSc6>+IgUW-@Xi`h=&?OnDT5f
z6Az3CK`X38TL}%e;7$>~2_@BVwYvxCxU`pfZYOv4Q5B9f=PnM=q+n-7Dzu4i!)&Q5
zDHMOaSf3K2odrbHtUxM7fxBR}($etgv#1fP_5Gi*A4BPC)sw*0hOj7A)f*ne#y=(%
zq!puO+MHA{rldlh9(KxIlJ-#^U`wMSA$y^{D60LSJ*GPP3NyFOoC;%`2-Rh_6Hi-l
zTPUp#27ZOXKN^hFywJ&vL3^UzWU=d;qb+|otrLpXdun^on7}r}&YcN}@Ku4(IwOAU
z2ayVBLhO8?8Xs06RoRhYak?ZXH{^UCFyMe8Q-cTMox_61pey&nOEXnyEHgnIGRpH(
z>Nu2pfed|xu?uW1&-#K)lU{M!?TL^JOpkuA?32?1pz~8L9aP-=;EIUqX5j8i&`E!e
zxWh-<Lm1OxnC<*RJ)7JTLs1;oCvk>D@Co9O+b%VkgF+b6zrVr~v#f83T7w1*SJgV;
zXPcUv3GBd+lssw<)-u?XgZ!}~ZFb=0dEl3@z<u@H+uU|TBfBR#D@~gWU{-^AiVK`R
za@X2jP}4klR9~<UX^UnO(@ve!nD2jT+t3wQ{)v0Y6jTzD)gqi>F1(;F<N-Hdu+y@w
zg_HB=s+wQ6T12$cEfgVR&QAwCgF4E(9Cr9fY^xIt;iyM?3l(T*Z6;Z^3iS0J_E+UK
zLJHR1qPa@S@<wPjw~6E6un$uLa?srYH;R()z265%eb7fyTE#XM-vegAFE4-WF9Vl$
z^T3yVF#MEi2K%0;vVT)0X*tgHXEOZM@7sg*g#lmngDAyB48X%ui2FoHAiwSh=$y^K
zHJFHvND<o~o;>}1@J&D9ZrbKg-}X`El(^;ayR1sn-v{6IS!XGV`OCvE`mk*_NhF-_
z4jrQ0N#f5aB_}lC6lNw0tqFgqy0*t^De*+lk=kEyg&be7=5gV|g{Dbu0T>ImeQKB6
zzE(=5Q^nKiNyEw(gx*dev{4JA^<-((?X<3j_(x50qbeM1bKCrq=T?O|lYPjnz@BN1
z;!J3=kN=`(Bx_o$hE>;o`>iI8s`6HuSO#pdY1R#CuD$U_c5tg7yvBbVZwkH|74*5f
zU-*Un4wql|`vJvT8+Fp7yBwUhNR~jN6CL)#8NZ8YGyyeF;Y%<I+>!6rZ%j`z+7Hlc
zru4wEIhZPp+fk8mprp%$6C@nl2QS9~b}yHh83EQqK*<F}Du7wm83Dx-oR?x?7WNyM
zupaV|;d5{`K(Ab?mV<v3k1D+i<usp(Fa{0CiH`Z@)OX_k!eu1t8RIT(zjIc52eXTd
zt8Od}9AS|DdeAZNQM?scu!;n2gsrowZ)f<0$CJ!-quGLlQKb8$nC3W4Q>eBHz`&v?
zd^ZFwf?i0N8Ye0uTwqYEQnf<jw&wIcYU31D7YwEG^CVlQ;x&Kf=PW2gD|s8#m58HM
z8n4fdn()LqdOYjKaB1gi8%7B$1CSQNH18PeEJoYV$B#~v>|!mi@;s%fN^j0-FGtZ1
z_#uVKG^I_1>8GKRljKzldeki(-oTzH@2Kkkfp#$-PgUKJdC~J%fnbj_)zf<E6zRM1
z=()LqJrS<oSOb5H^0Oa6V~SM&M%=46VYz(+z*?9v>P3eF6o1YgAsLp<Uct`eFBw>4
zJ-~%7Z3JTcKo6E%Uu%N1C;H6M#Q;<<L@?4c340p(tH+PlH>;Jm0fvs)U%os)XMY+V
zq<{U2%*0J+V82C=s`+%9!aZNOSWtf}nJJ<}yeBUdk1~JHqkN5csT~sr&`+wMj?AQT
zDy8QMifZ(1p=Xxo<@wp?QT5)Y@T^KK!YIkW02Ksy#3ZXiR8xWS(+`+}tZrmfBx@QC
zP;L1E?4-$GQ;HC?)(!g5Nh!f?&)<nyyL*)Q?77h}(S!E%Hpe!ry5&}76LK>sGS1&=
zSSA#_w5~@Urw#0pIXxP<6vJj8lo<WukoJ?$2ZQT_+350O&X13?D+o3q+}bi?G(9k9
zrEAjrHA^o!`7Dm^LZj@O)+rlr_jwS?&6bl)JRUI}M4I+{l5+SnMbHQES=LJe65Em~
zCz09nU}^9E6Ih3e({{M=CD<iyvY#Xy&Yb@slbbwie;a~-l)wVIMYk=px}6}gjz?Wv
zi#2~b{Mlhe2UPAX>J%%iF#=ycC<-HPfD27())AuEX+&&`6}|x*K?#kk$(-&FfPaI-
z{?YG9q3OOmPDY2SO9>P5>m01XjXn*c&pxZLRG(!*g;=uY!4|{y8JPHY;T@i3Ca(&-
z81()5O;1Eq1rhwl8LQwpxWrOGfpu};EubW>OeYjYib84;=G+|6g6jul%|(Rd&hrTT
zRWMg~K;M)3eDYN9i|37_bRpLtT9ERgXWT#H{Th?fJtBV_Ks>M$M!Ud{v%@+Z_hc}9
z>X#@)JzD;3V(ve#@U#aX1V8#&QHMg5UluuKI)N6tH0ApMoWyWV+n$dl(Xk;<N<7;C
zR@zioYlE<vD2qgFL>FZRitrk1bAM0jP;y_D<yyWBK_;_!4t&I0WPAx;hef!$|Aq1Z
z#+`n3b#;F^Z>ByzPlQ2VRAG8mRI+4;4%s4`Vl0)rrO&J_*n7p{m_{@mwL38ro1V4L
z%<u+Oa*Z$7QoI3Z|B~hJvY~gD&_ePLABf##)DJ~Cv!#0J)-83D2<m&uD%CeUFnY~f
zMA1!z*@h%F-1O%4#Gqxf%0-fbbm#6;OvXdSo)~{9k&4Jd)v}}JB0DBybpyMlR>35x
zQECJAts@qKiVFz)E_gB=JjE=RP|O8qIiRXkkYqYZEec-bAYb6QwgQ_IRcAi@aD=OW
zP5TrgGi+f@7IzN0)O1AH61LnPnVt*doFb7{JMJ-kO}yuiYTd1ma^P&h;8c1xv3qiz
z&g*~S#MFd5?c%3xx2y}zPGxOKQE&wrCWq&hsD%#JBT!FZbJejaGKcyUha+pGHPGrS
zwhy96Tl%3rQf+8g*57@cqz}JuJILz{wVMhN^pDV2hNYweC%C)R;a1_*0xob^JO_T~
zA>M8@hd2Uvn?@C84ywkX#CDiCb_dnS!bN|@4GFLS9ZPeno{$e%7|$L17B$Lrex}Nd
z@RtsxRikX5;@M1;_4Z^~nge<ULVq{ifquDMG9@P>yMsU$n}q?e3s#?Wv3ZTwn_+?{
zu_&?x+s({X9q8jPKrT!H<EcUkwk2QT{T_b{K7Iej8rB3fB!<MaT@5yBi2{DS%ZpXF
zbFo~RUS$Z0oR7{kXgTx~_n-79Oh14{pT0&bGs8b^bF!iq*DxuPC8}-`8R~~z>y*wW
zDfr@*zJ=wTr$K2fgq6lHC>Rd~dO3ArZv~9PaeXp#lf*zHe?4QWQ3!YNgJo8yc3$3H
zg-eQA@mr;O6B!7d`dJkDDu`^h>_$XkB}MRhI=WK27ox791Sq6!gLg@J8-!>FF%`84
zdSy|GUK20GW}rDmjCt_SA%J@1acqJuoI!a@5iWrY7#H=AGL232M1K=4n#>!4$Iz)V
zg81{I4L#y}SuhWj;GZPn5?m%gul`z*Us8a*EY<mbwX6`*Cd*r@6rTvp`Qey6s_fo^
zO%EC+5^Mbl4@9aSUkc7>g7z*GPdhaf8YOwh*`f#~kW8eUh;^FZomF^+*7uXYK^uP$
zc_z4DT@(<fN^(F<6y8w7-#va5$GKE@$YIv3$V(MbpPc0OCO5QZ_#`IpJ0GSfOb?&~
z5xgRAu*FprYT)-%{x(ow>x!dxt?@*=abfE)EdB-<2YV;1{PombF8tJ7rVXIP`53e3
zn>U&&j^rn;&|jjbE=oG<NRS`0-JBwgW}YS>?l#-B=$40Lvb*VU_ij?$?cfCnU2PfK
z2V%)`sgrv`8h<_u65RtF>T9%keQCWN-!n7@VGEu4X;MHqlcpDi3T!AOES(s|t$txq
z`(Pok#ox4VwnaU{HYIcS;=94Aw{0d{;x={A1kF$lwM5+SYmdJXH^GxPgVU#u0qh3@
zI&A#`JKW$mF41=51PT|55jwt5XNO=sCiY-l9^nlEWPcb-KZJwH*_oMfTiBzai6%I1
z7*M^ScJ-ulT@mMBwTFYbxbhC`SSVN*$adXSWrOu(#hDn>qXAqDW6V?nqVZ**6PC92
zARBt}@C(r1HxktSNiJk&3z*Isk6`$6?v*5QNHiCj%nKRk&LEs%xaO{};maW|y2#>6
zn$eslC4ZE%^Q5wanGbRBb)D$fcbsQNDUf-}$C!{>)iB?H)MwPL>pioX-O|L8>Qth8
z0!kj^0r!h*R4c>b5Tl&|OiwC<%2#q>@D4FaPQrnXC;FbW_%sCdF=l(StZKH09v*_b
zp;lhq$H@2E=+2MOnJlMkOFT*aN`z^7+dX1V0e=<VL9u|v5QY1s_uz?o0LkF+l^~mI
zz4X<P7<ds(44-v@SeVYHsQs!PJGsf=jT`c}+<D|*cO=&^TlYr1(A>k-$`W;0fmSo*
z8xPX(-Av#41iR}bypyc2K&_~+omj@W<C04*<n2oaGo`!UHaHEw!VWKEn$raQqOzOO
z1AkuIyrg^4nZ8(zVb7Ha*J?UivO6j`CdjeJ!nQNiOa$}-MDX??zd2T9da-#a(?p#a
z^pYwX%oQc8&?Qy$x`{n>`QVo<mw=gM!gN#9EI4RVGocWqjeMX8iI;qU$1u?BX`tgA
zn<BC$Oq81|+XV|3NUg5P_|^=nbG%XATz_jUcX_Ak%G>U!GJT3q_!>LD{E1H`V5ECX
zo9geh2Y6d<mw(>X57`2yWv;dt7}7M?a{DU_ErV~!Zd3?xYVZOwC;G*HIKi#&TcyV?
zol39Ve^LjR-(zY(kb@z)?K^`{&K|M2_$Nl!wP&b8+N8yZtQ4hLk*~i{t8v0y*MA<q
zUKWazny|d3`R)r|na+#k(0sW_zj^U_SYcu?bPr@<9M@E(%~jAHb%kfP^|Jvz+|E7)
z_Ie#-R(+7g10eN0Oy7YU*#@6`?H73>Jyho;jyj728x+ADXgJ-dSyOoW&J_wiC!~r`
zM(Ii23&KZ8h-1`{Dy{PCRD9b1VSjF-K7mQ|?YOeRRFd6}Yf@p7&ZWBMXi`m8^VBfC
zplDZj^#M}rH5ljVG%vKL8r1H><GU0*4ds{btrjz8dlxRH4n7|fDaTz{v=j81c=T|i
zr(S7wzpu91t=_k3E_~8lzmLnuy#a$IJj$eKW!)+|&L)X#{T);@1!vcF|9_}cYiaKQ
zYf3O1iV+`NMSA_FyxN6qwXAop#S0Hr0F7h#sUDl4NmA`Sev^%=cj7o!w>4ny{9~;F
zt4xofX<C=kTU<)+Q730J&`{l@+;DcX7|u&<>?mseP5Ii;xK>x#l%eB1yQWf`Vm{4j
z;OYK+j}<ggz<QNCc$?Ftwtx1#zyqz)&dMBFrJ1?N`oR+bjyLo`kP8uN48DsYR+=M{
zh|K%NB+bbC$Fg8~=RR<ikHEu9w*cT(pva=+Kpi*D!HRZ@u0OM=xFL&w9kX`<YyDPc
zdk^xq@CGj>SAQx!q{1S+96<;E`n3UeNmMiGl%xTIY>9X3w%(KcV1KMFKBrbf#$k1$
z*Nz*c4SKz~E%Mr3(n|i?V54$W@o$~GZi*$<H?W8P3nKKEL#w&q!`0LnOqZ{sH?Mqq
zI;jQ#SOqXByRIc&FV}NIPVJpPfuQ^*z5it;oQ~#a5SAw{+w;nPWA^=1cL~P8Kp3Z2
zB8I2);x5Qln-ZEq^M55QP;-MGYuzw!jjyLzu&H=O>&+~Botk&m*D(ABQ2b`sVn0;Y
z{?A3hJ(ykF+>TcL2h6V@T!#93uV?m&<~`(Uvd#8DeGj=?Fm+Ch5f@Ark8D^~;MFoz
zSXaqH6+g%B(yQx-N#g65$}6he1Ly4`IQhp($*(LS=EM~GbAMQaQ}>%r)SWtw?3C|d
z9S6hEy_F*2*7*|qaq~=I$1kTF?}GM=rlb5;UkjnXsHGJa6&25J^8#1TZMK!Qz9XmQ
zRv-VXdp15Wdyp1;q7~3LNqGx<<4R4zX0g#_a{Fr0h1m|DJDLo+^Kc~`uv^-7b>GeE
z{?Drh(cH@hOn-itYiNcOC%Dx7{ChpXcB}O<Z?S?XuP|qhS~25HpZs+A^FJZ~%e)Lz
z%)qSFnW6^LOVhW~iJ6IR{_YDSUg1`d6oNDwGy$I}Rfq1Rs?Ozcm6RAE7P{2g%%j$-
z25sw8PbMG1Jm2yGu^|Q`?C}rHu|fI;A+4~0jQL^jaeomzWgYVnU1dX845_Op=tUaN
z;nRKtj9(zy0qI%2tE34QuZ?HOt?+6W4H8rn1)VDxxYJa`!(Bgk#}am_Ij8FQBB$fv
z7W;&bpFfXth=y0D5gYXAbCDfX^7+c1rF+gH-vOUVIao8)gAj2XIL{qq;$8DiX)o}K
zW_3Yq;D6oL5xi7a9lxfFms@U#y*$Ff)VhloPH_oa-9E)er1kYIIH*-R><~l^AtjQH
zB-16*bam0YjB21Nlp5v`71)Mb*f2?1rD|`q12drZI#!6rPptS=0`=Fq1=Oeita~UL
zj)WY*_Q8igx0B;t$zrZsMfJk>L}P3JGhk)o=zptoYqay`1481xUhZ5_MgwpB>3n5I
zKxIr>zFgYFz?Yr8pfXFI#qQH5Tc(dRsUwo=+Ggj}nzBb*?tZ>JGM6pUnKcC00Zi3T
zw*%uoSZ6iptSfFO&d3-^I^zm1-8E0IoRHiHVg}+tTs^Ki(5XSILt+`(Bn0p>FK_AH
zCx7nvnh>}Gl=FpME*#z}#0X5gg(YuF^S8bf0|FDJ({%%|>BHW4|ElR;3A!^6w_+HZ
zYo4(_DT7#azkbK#n5pD)A7`p(O&7%bx6Rq+Z*@I<=R2TO60=?e?zq&<zp@(je_6#m
z8UOnCE;M~-Mw5J*WV%C@s~xue(S3i_`+rXU80yI+rTm%zZ1>J;K~~%obY`(qz01sc
z^A-zj+}(BUo{K11<Iz!!O6RheTy5-U2Y3@AYL&It`)<>>d1t5FRITCzQ^|90=vVh?
zy$9zm<3>cT;8G5dubvm)nODxPJ4rJ4#RYx)@+zlb=uzqvz`U1;22-^;b@#S~q<<2p
zz#fNmU*Fo6ik7Z#gmn0`eItZuYyZZFj(#>Fd@MEslV*|olGEB$PUwv0MvEC;-Kq$}
zKeyb=kF+HMmR6l**!nI8Y6UaL)LUcx?c?c&Pf!l(2EQuf^E~)eMlC+T*l>**YPtyn
zg&N;%Q*l#i2FpQ>FLaG{-+P&;D}Q>Y&U<4zJMf#sU3sWU0BQi$zi19ZI)=APEMNvk
zEVu&)`J;RPTh0Vv7pAO=4#DXC^a6g@7ktx88VX`O-!_7sNhKc7=gT#Sl9h0xAosOC
zwYiS~8C}MxdAGra$p<jdQQr2t)lR8%-moB5vt^WqMcZ31I7V|Y;muKC^MA2|l4M8x
z5?LLw?e{KPQlp)(VcqrWQs-EscWny`YmHX@mfPU_?Jud_gYtgs%Xxtt`fUz}o`<3?
zr8@TAjU98-^V*K+NV_EV4FLRB0*%a+<NM|!o^$;Bp^}a_-^G$=<?XV6cf7x<zT(e|
zdPdOdp2&PXnJN_qhOM>0)jg9>`}%=T7jX1fm~7+c3}b^289=N9n!Lf!40^}_aOICI
z8)!iga6J&ezl>;zIs-#mk*>3&erO0U13Ty>0`T%6MFr5ZAY{vw85BVJz+hYB4E4#4
V{#ww5LZIbDlTY~bu{HaEqyct~lVbn?

diff --git a/setup/IaC/modules/automationaccount.bicep b/setup/IaC/modules/automationaccount.bicep
index b8fdf692..4a549ce5 100644
--- a/setup/IaC/modules/automationaccount.bicep
+++ b/setup/IaC/modules/automationaccount.bicep
@@ -484,6 +484,16 @@ resource guardrailsAC 'Microsoft.Automation/automationAccounts@2021-06-22' = if
     }
   }
 
+  resource module48 'modules' = if (newDeployment || updatePSModules) {
+    name: 'Check-DefenderForCloudAlerts'
+    properties: {
+      contentLink: {
+        uri: '${ModuleBaseURL}/Check-DefenderForCloudAlerts.zip'
+        version: '1.0.0'
+      }
+    }
+  }
+
 
   resource variable1 'variables' = if (newDeployment || updateCoreResources) {
     name: 'KeyvaultName'

From 246c22bdb74419af0d67238484e251393f89c384 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Thu, 5 Dec 2024 11:23:24 -0500
Subject: [PATCH 08/14] updated modules.json

---
 setup/modules.json | 1304 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 1301 insertions(+), 3 deletions(-)

diff --git a/setup/modules.json b/setup/modules.json
index 1512ae27..7df18932 100644
--- a/setup/modules.json
+++ b/setup/modules.json
@@ -1,15 +1,1170 @@
+[
   {
-    "ModuleName": "Check-DefenderForCloudAlerts",
+    "ModuleName": "Check-AllUserMFARequired",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-AllUserMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.allUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-CloudAccountsMFA",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-CloudAccountsMFA -ControlName $msgTable.CtrName1 -ItemName $msgTable.allCloudUserAccountsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-GAUserCountMFARequired",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-GAUserCountMFARequired -ControlName $msgTable.CtrName1 -ItemName $msgTable.gaAccntsMFACheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserAccountGCEventLogging",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName1 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      },
+      {
+        "Name": "RequiredRetentionDays",
+        "Value": "securityRetentionDays"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-AlertsMonitor",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName1 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-DedicatedAdminAccounts",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DedicatedAdminAccounts -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -ControlName $msgTable.CtrName1 -ItemName $msgTable.dedicatedAdminAccountsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -DocumentName $vars.DocumentName-CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "UserAccountsPrivilegedAndRegularUPN"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Get-ADLicenseType",
+    "Control": "Guardrails1",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-ADLicenseType  -ControlName $msgTable.CtrName1 -ItemName $msgTable.MSEntIDLicense -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserGroups",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-UserGroups -ControlName $msgTable.CtrName2 -ItemName $msgTable.accManagementUserGroupsCheck -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DeprecatedAccounts",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DeprecatedUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.removeDeprecatedAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(3)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-OnlineAttackCountermeasures",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-OnlineAttackCountermeasures -ControlName $msgTable.CtrName2 -ItemName $msgTable.onlineAttackCounterMeasures -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ExternalUsers",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-ExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC6(6)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-PrivilegedExternalUsers",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-PrivilegedExternalUsers -ControlName $msgTable.CtrName2 -ItemName $msgTable.existingPrivilegedGuestAccounts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC6(6)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-RiskBasedAccess",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-RiskBasedAccess -ControlName $msgTable.CtrName2 -ItemName $msgTable.riskBasedConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC4(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLifecycle -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "PrivilegedAccountManagementPlan"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName2 -ItemName $msgTable.privilegedAccountManagementPlanLPRoleAssignment -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "PrivilegedAccountManagementPlan"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserRoleReviews",
+    "Control": "Guardrails2",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-UserRoleReviews -ControlName $msgTable.CtrName2 -ItemName $msgTable.automatedRoleForUsers -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "IA2(1)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-CloudConsoleAccess",
+    "Control": "Guardrails3",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-CloudConsoleAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.consoleAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC4(7)"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-AdminAccess",
+    "Control": "Guardrails3",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-AdminAccess -ControlName $msgTable.CtrName3 -ItemName $msgTable.adminAccessConditionalPolicy -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC4(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ServicePrincipalName",
+    "Control": "Guardrails4",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DepartmentServicePrincipalName -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.monitorAccount -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
+        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(4)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ServicePrincipalNameSecrets",
+    "Control": "Guardrails4",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-DepartmentServicePrincipalNameSecrets -SPNID $vars.SSCReadOnlyServicePrincipalNameAPPID -ControlName $msgTable.CtrName4 -ItemName $msgTable.SPNCredentialsCompliance -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name":  "SSCReadOnlyServicePrincipalNameAPPID",
+        "Value": "SSCReadOnlyServicePrincipalNameAPPID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(4)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-FinOpsToolStatus",
+    "Control": "Guardrails4",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-FinOpsToolStatus -ControlName $msgTable.CtrName4 -ItemName $msgTable.FinOpsToolStatus -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Verify-AllowedLocationPolicy",
+    "Control": "Guardrails5",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [3, 4, 5, 6],
+    "Script": "Verify-AllowedLocationPolicy -ControlName $msgTable.CtrName5 -ItemName $msgTable.allowedLocationPolicy -PolicyID $vars.AllowedLocationPolicyId -InitiativeID $vars.AllowedLocationInitiativeId -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -AllowedLocationsString $vars.AllowedLocationsString -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "AllowedLocationPolicyId",
+        "Value": "AllowedLocationPolicyId"
+      },
+      {
+        "Name": "AllowedLocationInitiativeId",
+        "Value": "AllowedLocationInitiativeId"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SA9(5)"
+      },
+      {
+        "Name": "AllowedLocationsString",
+        "Value": "canada,canadaeast,canadacentral"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ProtectionDataAtRest",
+    "Control": "Guardrails6",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [3, 4, 5, 6],
+    "Script": "Verify-ProtectionDataAtRest -ControlName $msgTable.CtrName6 -ItemName $msgTable.dataAtRest -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC28"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-StorageAccountTLSversion",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName7 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-AppServiceHTTPSConfiguration",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-AppServiceHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.appServiceHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC28"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-FunctionAppHTTPSConfiguration",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-FunctionAppHTTPSConfiguration -ControlName $msgTable.CtrName7 -ItemName $msgTable.functionAppHttpsConfig -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC28"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ProtectionOfDataInTransit",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-ProtectionDataInTransit -ControlName $msgTable.CtrName7 -ItemName $msgTable.dataInTransit -PolicyID $vars.pbmmpolicyID -MsgTable $msgTable  -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "pbmmpolicyID",
+        "Value": "PBMMPolicyID"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ApplicationGatewayCertificateValidity",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-ApplicationGatewayCertificateValidity -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.appGatewayCertValidity -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "ApprovedCAList"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails7",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName7 -ItemName $msgTable.enableTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "TLS12EnabledAttestation"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Get-SubnetComplianceInformation",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-SubnetComplianceInformation -ControlName $msgTable.CtrName8 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcodesegmentation $vars.itsgcodesegmentation -itsgcodeseparation $vars.itsgcodeseparation -ReservedSubnetList $vars.reservedSubnetList -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "reservedSubnetList",
+        "Value": "reservedSubnetList"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodesegmentation",
+        "Value": "SC7"
+      },
+      {
+        "Name": "itsgcodeseparation",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.networkDiagram -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "NetworkArchitectureDiagram"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.highLevelDesign -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "HighLevelDesign"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.cloudInfrastructureDeployGuide -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "CloudDeploymentGuide"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Get-VnetComplianceInformation",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-VnetComplianceInformation -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-NetworkWatcherEnabled",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-NetworkWatcherStatus -ControlName $msgTable.CtrName9 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-NetworkSecurityTools",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-NetworkSecurityTools -ControlName $msgTable.CtrName9 -ItemName $msgTable.networkSecurityTools -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+	{
+    "ModuleName": "Check-StorageAccountTLSversion",
+    "Control": "Guardrails9",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Verify-TLSForStorageAccount -ControlName $msgTable.CtrName9 -ItemName $msgTable.storageAccTLS12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SC8"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-CBSSensors",
+    "Control": "Guardrails10",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-CBSSensors -SubscriptionName $vars.cbssubscriptionName -TenantID $TenantID -ControlName $msgTable.CtrName10 -MsgTable $msgTable -ReportTime $ReportTime -ItemName 'CBS Subscription' -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "SI4"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails10",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName10 -ItemName $msgTable.MOUwithCCCS -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": [
+          "MemorandumOfUnderstanding"
+        ]
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentsExistInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.SeverityNotificationToEmailConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": [
+          "SeverityNotificationToEmailConfigured"
+        ]
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC5"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DefenderForCloudConfig",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-DefenderForCloudConfig -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecdefender $vars.itsgcodedefender -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodedefender",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-HealthMonitoring",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-HealthMonitoringStatus -HealthLAWResourceId $vars.HealthLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfohealthmon $vars.itsgcodehealthmon -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "HealthLAWResourceId",
+        "Value": "HealthLAWResourceId"
+      },
+      {
+        "Name": "cbssubscriptionName",
+        "Value": "CBSSubscriptionName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodehealthmon",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-SecurityMonitoring",
     "Control": "Guardrails11",
     "ModuleType": "Builtin",
     "Status": "Enabled",
     "Required": "False",
     "Profiles": [2, 3, 4, 5, 6],
-    "Script": "Get-DefenderForCloudAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "Script": "get-SecurityMonitoringStatus -SecurityLAWResourceId $vars.SecurityLAWResourceId -ControlName $msgTable.CtrName11 -MsgTable $msgTable -ReportTime $ReportTime -CBSSubscriptionName $vars.cbssubscriptionName -itsginfosecmon $vars.itsgcodesecmon -LAWRetention $vars.securityRetentionDays -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
     "variables": [
+      {
+        "Name": "SecurityLAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      },
       {
         "Name": "cbssubscriptionName",
         "Value": "CBSSubscriptionName"
+      },
+      {
+        "Name": "securityRetentionDays",
+        "Value": "securityRetentionDays"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcodesecmon",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.passwordNotificationsConfigured -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "ConfirmPasswordNotificationsConfigured"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-UserAccountGCEventLogging",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-UserAccountGCEventLogging -LAWResourceId $vars.LAWResourceId -RequiredRetentionDays $vars.RequiredRetentionDays -ControlName $msgTable.CtrName11 -ItemName $msgTable.gcEventLogging -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
+      },
+      {
+        "Name": "RequiredRetentionDays",
+        "Value": "securityRetentionDays"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-ServiceHealthAlerts",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Get-ServiceHealthAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.serviceHealthAlerts -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DefenderForCloudAlerts",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-DefenderForCloudAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.msDefenderChecks -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(11)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName11 -ItemName $msgTable.monitoringChecklist -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "MonitoringUseCases"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AU2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-PrivateMarketPlaceCreation",
+    "Control": "Guardrails12",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-PrivateMarketPlaceCreation -ControlName $msgTable.Ctrname12 -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "CM8(7)"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgProcedure -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "BreakGlassAccountProcedure"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-AlertsMonitor",
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-AlertsMonitor -LAWResourceId $vars.LAWResourceId -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -ControlName $msgTable.CtrName13 -ItemName $msgTable.alertsMonitor -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "variables": [
+      {
+        "Name": "LAWResourceId",
+        "Value": "SecurityLAWResourceId"
       }
     ],
     "localVariables": [
@@ -18,4 +1173,147 @@
         "Value": "AC2(11)"
       }
     ]
-  }
\ No newline at end of file
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleName": "Test-BreakGlassAccounts",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Test-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountTesting -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgValidSignature -MsgTable $msgTable -ReportTime $ReportTime  -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "BGAccountSignaturesandApprovalsThread"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleName": "Get-BreakGlassAccounts",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Get-BreakGlassAccounts -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgCreation -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "ModuleName": "Get-BreakGlassAccountLicense",
+    "Script": "Get-BreakGlassAccountLicense  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgMSEntID -FirstBreakGlassUPN $vars.FirstBreakGlassUPN -SecondBreakGlassUPN $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2(7)"
+      }
+    ]
+  },
+  {
+    "Control": "Guardrails13",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "False",
+    "Profiles": [2, 3, 4, 5, 6],
+    "ModuleName": "Get-BreakGlassOwnerinformation",
+    "Script": "Get-BreakGlassOwnerinformation  -ControlName $msgTable.CtrName13 -ItemName $msgTable.bgAccountOwnerContact -FirstBreakGlassUPNOwner $vars.FirstBreakGlassUPN -SecondBreakGlassUPNOwner $vars.SecondBreakGlassUPN -MsgTable $msgTable  -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "secrets": [
+      {
+        "Name": "FirstBreakGlassUPN",
+        "Value": "BGA1"
+      },
+      {
+        "Name": "SecondBreakGlassUPN",
+        "Value": "BGA2"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AC2"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-TimeZoneConsistency",
+    "Control": "Guardrails11",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [2, 3, 4, 5, 6],
+    "Script": "Check-TimeZoneConsistency -ControlName $msgTable.CtrName11 -ItemName $msgTable.timeZoneConsistency -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "localVariables": [
+      {
+        "Name": "itsgcode",
+        "Value": "AU2"
+      }
+    ]
+  }
+]

From 1ea5ee0b7978812f8bc46b369df1b6d322911fa8 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 10:02:35 -0500
Subject: [PATCH 09/14] Added french messages

---
 .../fr-CA/GR-ComplianceChecks-Msgs.psd1              | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
index 0726105e..8194ad13 100644
--- a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
+++ b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
@@ -291,12 +291,12 @@ compliantServiceHealthAlerts = Les alertes de santé du service « Service Healt
 monitoringChecklist = Liste de vérification de surveillance : Cas d'utilisation
 
 msDefenderChecks = Alertes infonuagiques et vérification des événements de Microsoft Defender
-NotAllSubsHaveDefenderPlans =
-errorRetrievingNotifications =
-EmailsOrOwnerNotConfigured =
-AlertNotificationNotConfigured = 
-AttackPathNotifictionNotConfigured = 
-DefenderCompliant = 
+NotAllSubsHaveDefenderPlans = Le(s) abonnement(s) suivant(s) n'a/n'ont pas de plan MS Defender : {0} . Activez la surveillance MS Defender pour tous les abonnements.
+errorRetrievingNotifications = Les notifications d'alerte MS Defender pour le ou les abonnements ne sont pas configurées. Assurez-vous qu'elles correspondent aux exigences du guide de Remédiation.
+EmailsOrOwnerNotConfigured = Les notifications d'alerte MS Defender pour l'abonnement n'incluent pas au moins deux adresses courriel ou propriétaires d'abonnement. Configurez les pour s'assurer que les alertes sont envoyées correctement
+AlertNotificationNotConfigured = Les notifications d'alerte MS Defender sont incorrectes. Définissez la gravité à Moyen ou Faible et passez en revue le Guide de Remédiation.
+AttackPathNotifictionNotConfigured = Les alertes MS Defender doivent inclure des notifications de chemin d'attaque. Assurez-vous qu'elles sont configurées pour les alertes de chaque abonnement conformément aux instructions du Guide de Remédiation
+DefenderCompliant = MS Defender pour l'infonuagique est activé pour tous les abonnements et les notifications par courriel sont correctement configurées.
 
 timezoneConsistency = Vérification de la cohérence de la configuration du fuseau horaire
 noResourcesFound = Aucune ressource avec des informations de fuseau horaire trouvée.

From 4912bc890eac70b172565f6271cad9b8f38ec5bf Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 10:03:39 -0500
Subject: [PATCH 10/14] A new zip module

---
 psmodules/GR-ComplianceChecks.zip | Bin 20444 -> 20685 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/psmodules/GR-ComplianceChecks.zip b/psmodules/GR-ComplianceChecks.zip
index 6242659feec54a16cb134215a3934af178c568d7..bafea66ad6cc379285cd0c08e24f313306d9f0df 100644
GIT binary patch
delta 8200
zcmYkBRa6|nvaT5z+}$-e8Qfh1A-F@3!97559VAF_7zh^J-QC^Y-6aqP*FZQq_wKvb
zt$z8dS64k&|J~n4HefOr5HEoM!qbHAG85G5WFY=OU5|o<0RP{F4&^fq0@uG&QmRBm
z2tWcjlz&S}EleNoKhYlytzc$H2H<I0|KDb$kkJHBxf5#P-z$LxM7gxbhq>l-7(q0l
zMmPiT1w-WIzBV4jJz2JH=51}X>anfWfBTv#y{o&<CtqqO<;DI00<TwmSNo$;a@cs-
z*x0tU#U|=2na6JEOsGL)bfY@frld&S7h?X`x1-e|H_{ffMl`>Ozi(rXn~_xwx?DOs
zLtJ=LvnP@FKRWx7O&sYiV^gz#xB+t;0Q<|wSNUE<+KS@#>t}C$FuFN{c^<u7#j>J_
zL(XO={Y+`Hyl_-iLZZU4U4hHw7~$A&w$v{hzLz)i;HyhhFCJ<R0@&)Jmk(xyPriiV
zG_|-PoiWcNy3-|baoAkFdQD4OH)#x$4z$-zux}c=wfJJjDW^EBtBJ7p340)=xcB5M
zKPiTM3a5Pf*6O0$^QEZ;%il5bD?%Q7UfGhZK(HufPqWj{ToYfJZWxttI@0n@uNzkv
zzd7VA<`o20W+kDU^eXY{7e&&+GuSyZ<865gNe-X(3woTO7Jq5h4ZQok+Yb$AeGf>7
zHn181mZ8{epCJUjjMb4egp!*+nvpwA3I&1&g{Jf>Arb-inv!}`c&*gRstQ9p{Z=&P
z&Ny=VEW4w-nGpeSoFU^kl1XG-V&v$h;^Q>1&@16lJT*yEmYw0n{^8%d=0VZOUJXD5
zzhD4InHf|EZzp!1X3DhgL8@gEN*9s%dl(@H$(yj^20{;gB|1srv@oh9^;trg5!GZF
z^ffGe-T8yrCLM}Bq<diuJmX9NCKUy7Vi%CFcFLCZ^LCPKD5!T}HN&R>3z(7hO8Xbz
z4}^OLk#|%}ihspf505+SAEx>4lAAKxFaLd<fm-|nAqr}M-=k*yy|fqHZfia266Za8
zT$(cj8{`uMXk;5_v_pv=_T2&z#k|N91&KwLIj-<QKY16P?gH=8NIYD-Pl!e)zk^v;
zE0RwQ*Ctv4vX%qV(`E64|3Qbh24HqHMROY+7yYET20(bhSV))|vq;`WfU9DK5;UPn
zp*aO5RZ3><!p{^bD9W<2wMzN)l<cjz{5WFMfsoinZVv~V!pn3apXj4(&;!P~udsIi
z-gSo{#-#U@>{P#n{Q1161(0EYgIAtk4X;z3A={TEX?`pz#<~4jX2zCCV2yYiRe{5H
zAf_^x9VJgz)ocY|m&OSv{i<)VUeHq<&r7htsxsCIh0U5PJixtqy|{Inwp)>hX4J8!
zLtH_3Fz-hcY@Vk%oG|-hp!KTI;(I3jG+h)VU~wdCs^rz>4Qrv1OfayHtZY+<$oug0
zFr*Ofn}k@P|0|fr)MfBbK1c;NtT<D~B{ioZ`#u(&0tZT5Y}gXWV|kYlMcOD$(i7W`
zkN6VK`Pm}d8-G`)HBiWje&vTQu_-|^Buupz4Kf1<p8KJ!!=nGe{Ud`7qoui7lhY%I
zS63+bqv`v(yeqjuZIW;3R*VWk@Ajn&QGqKD@iZx%1hQsqSWNk$gdUUkJTjw786$3}
zy{mwmqQPxG>yYVns&BZRh@|vq%2>}7U5-jufwuZX<V<oB7$OP^s3spe=4Xd(Aj#(q
zj#=;5kwNwu&bF<^nK-)VvI&z38KMZCfj%^IQ#7RrrAbBzF<cLPxU)JI)gHXAGOC&$
zC|)hA1W!dY&@Y&s<G7N#5#etd@VlflNWOXPIQou)2izsoOFWcC-h}y+$eyg#eiAji
z`2%9p5%ipC6==Gs-~@m-95%Hs1a(~L_L2u{A`lVvOC!OiqV#IeIi?rp(nfyBri?s+
z0L=V^liB0Zpz&%fSt>01#VR{otMQM#KvzmVa<Y5SDccJM1-+BDK70b<&@UEX88;1b
z#cd(;M+@6xp|KQ)Re1te{$852oO2zLTAMp${8c-ve$N_(7MEufiRkJ&$ZY^#mu0sP
zr4_S64uRT{X;zNbtbpX33R+E0y5fo+PWDVX;VzL3GyU1NDK-$nc@Rd+p3v**eT5+L
z;K2O|dx8jBgyaRrXa%2TMQ*l8)-x1>GilgX_-p!2Sxd0#g2Sm$?3*VBd_`%&L_3bA
zsoI#4)_{sXM!{A|OT}-HPI_D$m-y%iQZcm%YPK2tH5N0^6r>y`V3r4O9|)sDpJBC3
z`>zb*q*s+o|9)w36zyLVQcn4$QxXjP9c;XcbX|F^;1%r>8oVd?dsnL09Ie<yqVh!j
zh8Yuk6rxcbebE;NO9uQX5+(*S%EsBD<@SJ;F4ev8I2W^-!Y}a<Ky;v>_&WS&1(!@F
zmaxMbT(vJf!%xPm^qpQUGbQ{%R%)@{3GrUNa|iZ;CiMDA4tlP>^rG!)%GuDXo>Da>
zL~JK0fhe~@xRwK<uLc?1bjC35dYK}?zdICxMl|1(lYGmFq@JI`Efj5mWzShg?EByM
z?^+RF3mU%Ncu9~zI?(|M=~j9_<i37RZV>tHHY4sX_XS)fyL$aCEi)?C?~#a_T<Tlb
z>P3(=j-ZSBC+6P<zO;O!=kt~^jqpufSchl&2~a_|E5e0dtgYbD2(`&q316{$13)Yt
zsO7`{(-mZs4ZN@>#zpVVI}kqO+&(ulO!~VasZ`K+K)mV+;yA!u5S41bh$uQ6cfb!P
zhI!H(&Z-k5cL4^)%sX>3goLr^mrE5;vkGJ%BawNM>tGN&Zpmg2Q#xE*w2E`kv7fCX
za^(uim@zD|PPNyG3d8Fi6X<Ey@v%5hop8&>49LJE{W#1G2Q-H`5fkY}StM^18OM64
z2(3YVVu|n}4aZ=My^zF4Mg@BWgtJ-1kE;(vfhA@HYR(^4w*Waj31}WfVT`3`qpCUk
zYz+LD#D!E`mwk=!4MHgF67?-<lSliXlwKwL1gTYr_40D;<Tv&QK7Tegm{dy$UcwKZ
zq|LPyMpurZtV)~`G=?F=Wf+w;U|pI+qkAf4IxaaNu_O~i_h+9Xh;)AcCW%97R#kOe
zR^ZicQ>+PeF<}}*EjR%Lmo7Y?tIxmf3N9M~428Y3<veq&xS)|Wl-K8V;{J8~NpwA&
zQHAogN)gO)YJ3KD)ydmq6n>}^Ex?1KCN;sy<>pWuAg;HE1>HwCr&GAwKBZHF5!O|+
zg=qqaAkRC2p*w9OcINgK!?pPx=AA%`OsCL9*27)EbErBb&=!?^eU?uroXj?b2&d&{
zZHpJ&Y7W9qz*q`3vm7!C({G`RuIHU#9MzD0z->i-BrODr3hnFL=X5Fh^B2&Tl;Y=Z
zT>ns?e#p<B?Byd>m{2J@^am0m=&IT^MlV68?mjLXVtB_+jMNiM5MrR`Q->*FeygOD
zg-A6alGA*=#b?5r30h{c43zvqvCm0k^b^U6nKOhFU?mUZ_@cb#cGgh<5zvDGRN>;K
zUpV~jid1CzMUMh8=tO1?Yq6dQ95lOgopqdp69;(Cje@9EpF}t6#uBb(HJul>gUBJ{
z$<X*wrY+BSCthbUJz@uocVjB;zbuD8KgvoE8zbJpVeJZ2a1#@@sS97Jc4JV-eTU8u
zAe~R%eZtD0Dgsd{=Nz`~43Gc|FGh_<uF-LJG{UotD{-K9sh}K6(nKkn#z`D!4YU{{
zzYKG#CC}k`3VzMhc#h_;v&uJVwMvix@Lbx|+~_rb^Y%`!Eo12vL#SbQ%?GtVkW@7^
zr#t7D0T_U@@*_7(ai)0WkqilMhrs@OaVoAB`M93S=68=#BA4SbHPFuq7UgY$7!U6;
zV`M(90s7LNby-=ggA}ElLK&<~@LVEzZ$*^A#Gx7m-b1nK3Gz5j2|l{3r^=A5U@peS
zDJ+3>gt64lo`&Vhc<;p7t<tEvT9+)fe65Q(QEIl8z9^!kZ!!l^Vqw}a?^57T^tnOY
zYl?omWjD0wY*R(j7OG2Zk+5bJN;Qt`%vE#C-ueY!z~Adcb@XIv7N)Ljmy(4XN;-y;
zf#YN8$3&U0H^NCj&|Os~DDohBFFU%0NT;ZP$jXYSP;n038aKPEyuor|Om?No!9(QZ
zyHV9V<f11_y$_yWvid!H?NMLi8&d2#oujNp5`8#FKk!H5E%o<e`2CUcxX?Y&BiWF%
z0oC`oesW+57OVZ1DaD0PI>)+i>3XITP-G$DKm7-*xQcssO=D~d>aYySD_cVItDO7g
zx{N9tSeg)zM;M|tk_M`|eOS1m=R}Y-O+0~*z*PIlSbm7tMb{&zCh3<-%)o+7H64TA
zSnCh&vda<r1+O}=gaR6f<IyWS*+OAtsJ19pSoPU9?W0#*FOe-WLH`hL*nle6T#$am
zlRPFMX?q+5|94lLSxywPK+>0F9hK$<mPIiz1+6LC)F3`YUOF<DhLvxMNe&lwPPmG+
z*2k4O7YIGL1TrFuuxaEfyAfNl8GX#%8GKH{Ie$-^XN9Q2g0_KJp8O+>DO)y1&xz`9
z^ec&?Zh024ivOEjY1!5#3IAWNQkqH<(EL$BFc$;i>1~ZBEYS@TaSivGj1YAd{ajA{
z9QmAUadtVi)$vG+WL>s|y}r|HEplDj)}8ax9^>yU_~&t`iWSBh{yAfm(Kdx+t8J!Q
z#g_Vd$PloJ)B|QH`K=o5+Y;%OxkQAPB)-`(!s25MTIpCUM$|k5S1WBwR3HEuBaKWH
z=K`Kc6v@aN$2c8QDs7&Ix)-mWm7+16D~e)q!WQihw)b9|9_9T-SiG5q(mHT^(mW<E
z1cDQmSe%m@?8L5$DEWc}>jGvTM2Pqmh<)Rt3|pPzSg0QbaS;rf`r}y(0<&qbTF*70
zLd@T2U)Sy5bB#ZTmGIg0IBQoT1T>Ylw)SAXD2(PGfkF5o%0eU5Y;#uf##zV#sOTHI
z9G%bufmDc*^Bl52L7}#T=9L&2>E*ih)pBR<3)N#Dc38H?BzXHq>)xrH9yFZxS1By}
z+26OOi*si@0H-iD0^p^G=8}zqdZ7CXmsu~=f`ng7$YS>Awf?vpy$goCp}hX`tJz;m
zh~bOS3w!z8t!J-*|B`;B+28BOdU1ygM?BQycJt5S%$|vlJc^^Fn1bPH-=*#0%c>}A
z3=~CYT?_7s4QYpoE4&R`oO5k8KEn?MJ7%vPHdQBU{L;E|^O>uuL(FZ~L~&f`vk}uL
za~G*Br~RuA-6%stUf<yFJ}89h2=Tx>aYCbn*a7g+HX%*G85B#H8IS@M5LScV0z<zG
z8v$&g$HI14|8AF7qv}pfPPc)8`%|ci2pu368Z1H&%>J+_0xc5}pkgyShpF$?AAjhV
z#a^3lr&zBz{qZ?jd1NwYL=aLAeG?G?5JCk+)d26H5u#AYKlcyqkHjk3&|hHD(K82j
zb?6d&*nlHWU#NH|TRR`ILd52W$sdeIwhTqwq=tJ#8h(Xt$4k%qd;W~Z(oVr+JP;7l
z3;FC%CY$ZAWBTvy7mQYGF&P31%RuM6a_aXL9al0Y^x``CbCVrWghuxm!=uw{%h|6X
z8RYJ=4ayOquTo+nkc*VI!#&!dm<c{ZwgAa~J7B*?dC}(7eURL)A2ho*yogGP$#<h&
zrZ$Mb&b8i<*xQ88iiu!am{EyWTs0t510|k5LP^C%=*PdlGYO@E>UY42?}50xfKGjM
zh7vDI-f;UW-CbQ-p!Cu>Rj8M^0HC?PMqCX5c_rc-b92cZi@r?3D$ve%$lhC3O1itZ
z&`W>kgCq?R*bEA2HRNKjrfUzEB+3W{)S&BRyVZKfEM=GmTh}tz0oNxdv?)*aIi%Q?
z0Q;@ds7(we`>#|GbaDT;A*3ZBFMZfRgApdb-FNtaj>#x$BC|&R&M_Q3A?i%)nXe}h
zCMxk$)zkpEC~^M~9jjQ#+L47EsLE7>o=t0$o_hhib(SU5QR8xu%^!VSL^Whi4}~qp
zRE?7g?e^<w-xexK=>CxdOjeiISk5sRttnt?gT?%Q(dI28ZmPX}M2{dS^z4S>SFE3u
zZ?9H94r~{Byh7!?qpcfDm!N*HS@90S$c-a>SO5On9cR^HwKAelF>+_p&8^anL)J(N
zRZU?X$q9PRjxvj7#%f1;JC=vn$!HugDd`$Xa<h{y4R<%PzXJR$7;+s;X9!Qq$$m<0
zNtSW){V$^dZ(1{aT&|`i@akBO+-KmyhKjjY;!_`Ci&CKRYa?TK0i3UX+084&PM@|w
zS;te0MI1l%rk~4OYqb+GgNj#?p8px2Dnd)Fi{R%h@Z5+o%fpVDSMfTw-V#@lCQU&I
zKZCcsyW|qB(h1?O0OQB-3w-}=Bumr{Q&y9S;-Q|aohp_Un~NJI=k7LU8kOXOz*Odr
z+^}x%XZl#zQdoR{g?>T`Yo0hnWc*zDi_PTaN2M)KaV7OsDoJEIFS)LMB3<>8ply|>
zbxHq9w%E1CA^h{9(8~UrM{+R5@64KO0Zq@=OHJ3bra-)7^NB2{Et@jI#OwxX2^m$R
zB)6pm8VRd*A@WI4WyuZ4CdXM&+^~h`{MFyhf|m7Obey&|?gs3E#6v|0q4|f@wIQ-#
zSYvUfiepc$D>6Fd`&?!zu*DCTz71J$VcF*DdCo_q%i0E`4@>ywrXbLnQMnq8a79f)
zPnaw6^J`z;{j3H!s@rzkA<E~Qqv8>4usOulX<f-<!0|K(H9eQi?t9DjBGsG92GVpF
z`A-Q?46p>rjOp3K$}SS5+vR%`Ig?t8R`kqOsIUldpQ{#m{~E;!g{EKcnU+FnYHA{S
zy_X78nYY)aKkyW>v79OMEK=~TOpIb;F!@1mSh}}Oy6LQlmArz<erh0<3UkMd#JmU(
zC&oHRMQ?2_#NlLge_GOaTT$)7x-~ux1Qxay4c;ve)lD3rot1`IaC2Dv6bW$--VJN-
z3abulIiZVUv;E+jo}~8A4UAz~i4XKHyXTo~yJV3TN*=LLn@ihi_xmAeWUIGVJ#1Kc
ze8T@!ruiL)%IqD9yixr{tr8<#CfWmuQ>+w&)nqiZS7d-*2o+g4>%@0%Zysl1IQ4w8
zu56Xc#}5M*X5bBRr+&9>pD!XIZC&@X3Uoz(XOCNSX!H<)h^Xa-JcvgmLjZ$rg;<{g
z=tKH-gB_~w=5%GucH}s@{FV^SOocP@?#n%XA25boY{YjTPQ80;d)FGY+9t3UdPG&F
z^P{96ts$Lu+bcfI>G*kyX~oETx6{HO(N50)e1Ln1GQ|+`mDb6GJC$Ygu4&NrlF-A8
zbUv7Ihd6mNn(A`xh+#8o>UPi!!#7v9MQ46CaZ|mQODa~3s3{}YiY|wkCb${-X|k4X
zK5Ft)8sq6iPKwqnxQazTl)W@>S^0PFIC8f|D{z7yzbGT!s#gk{jv7kicz__M&~bnu
z8Wv=wia-fTSs_TM1m|rSuCnX3NZPq84>en<W$wqE9vPUoj{9osZn?`R|I+juT3)$2
zRP|#8yxSC6(}EO>^{jtwez~a%m>}W=xi)t8#22;xSU1tLA@!5-$d?Y(3?Ysen&r6f
zNB!cz%_8RUOUvhQH($8r1xphlm;z(eahufd>wN@da8QD)tx8OWaE=l5!J?3PGScrZ
z%^-&7sO|ppu1@Xe!nZ@vq(Ju7n42+u_|drB^WAZF7$GB)47McEkc+bRnjzw*x~`Yi
zX9@C|{`23OU?+Yqt3_meQ8*2b{##H>g5zcDazGl>oQ(U&y^?yt8Y$d~gs}OTbiUBy
z3&UK<j;nOpqeW8ILMM&iw{L<UFiYoHyHy5@U#X86Pw`WEw`1AJl^9mfTNnu$e;Jn9
z$1*Nz@u_0YqeptU>r&G+8i%-KP2EWQmPwtni*|kLomUHZ+Op#^Z+h6(INh1&O8B}F
zE+-<D9U+e`;B(rj^AK)V{(9=4a@5B(dH1IU;<rK0sn?sY6sfaRnYZtd*s`=O#i!})
zVe}9u+^BPpRZ|44&n3C))h<|e8Y?#%(HZwSHt4uiL!1!|%Ra3|O{ZVn+80<Y@nMQJ
zcmIrVG$pY_Rx@@>l3wJ_(m7aoK;{0G9|3bwYz))ddVDu;U??_kX*<aYBZk~PRGCy5
zGF5NS+Q@P={}U+-HvOO{g^yUV+#1p>q-<wDjV?OFdR{S+pq-u;RY5I^u;V3z4Q$29
z9olIpF)I|J`##cPqBIxX0eO%9;{k@S{DdM};f4%nj2QV|5o^I^o}$vW_~e-<Dw4eJ
zahc1PxMs=8vgv{50?p}C<Lh1VoDA!GNZ&ZF+fKC!IXFd@532H!jArDASMirKvC+7p
zwLMom1`7%uCZF>bskNNtjCH!|O@_*YYD|7sdBV4)*0Ul#4SxjRlWrPmC!vP)PvVBk
zF}-e2tUfnm&BahVxIk^Vkh(L2xx24oOa}{FPdq4NPV?c}%YDCW0syAodv#*fklzAU
z+Y+8BU<{0JE<OxqUcwx(5W_~6TvA?>K6pNXlhP&3sHI1rNW_dt-G;4+yya4FU4P8}
zYPiAbd(geP<@uW-!A8hx<K(%`BBbZ#x%d6TvTtXND(?lYF4VCJ`P6r0Gq}{%EV>0;
z=Vj4f24DRnx35i+sO(Y5BgNPVBB6w5(ye8zen=(gMBF<np`sXIips@QG?U#=_Oor<
zEf2O}Yf<cne8x)>2CF1MZJw$wY>EZWPX<3VH^7u3-u^#T$|eOcpM5))W0&*2QImwv
zpQDX|_+1Uer8d@kUril_i&Y$tI$(Nj(;n+s&hM_?r=9j7VEy@!e#m$O!E83}Mheq9
zL1!}hZnMppXWQ)KHm(7#CL@ly>3KYYH*)^@hnPLSo3=W#yqR=yLv(pxz5c{|kU%)B
z^hVG0kCnJH(?f=*3OMA;be7d^qfjj-#jlsF`=8~yS>m*|?z(6A$4Ux#{st&1a+a7U
zeCl5L?;iiG$+b^hAo9UyLc*W54#KvX5KV~9#_xCY%)dVdbm&K<G31p;IZVQ(sQBZ<
zSIYN3^;N*sKX}4pmuT>jR$Ki}tSyqZcO|;}L{}lmi@=M6ROZZssQqUnTbyfb2sP1w
zep*}1IK}fAYYExLU&mo2i6vJH>Uh4VP8^lwB}_XF%!2Ifjr-38K+Xe_wts#4dQ03$
ze^!^L6Wrd>L%BmG7T?IObPN|Pj$ssc;|KotcP2`k7Z{L|<hjFQSkAJNPIW5(kOW}e
z+PrM-o{w)wS?&Y0?_UPPr2m;s?@gL?5#OLuCs)i#=RJ%&6p1$#?3&JY|B1b-{tM-0
zdt|Ghzv?BZ-fmS#AaC3p{RB6&_U?UkL2g!UkHTDRH*=4h0+SXZBLTsOoHp>{rq!`D
zpBBsGhqX1#x+-R3sFmvt%5$44RXZCz;BQ`n;>NMKK>bf~xk9qa-82P!P4nQ!317nj
zm4tOsSz_PWQ2SFlDxb=DSAy<sxc!vz2T33Gi(30&xyF%r$miX~DkFvxMkcpX@Q#Y+
z6E!Sofc&_|dRfSPVtFkS$#aFz`}x}Pr+i&E|FA|+xgSeizG9c*I&_dj2;ecmbQ{Z$
zamOr6AwT6RpXRmh=X7xFW!l-sE^-NDM>8&s+TNbwy9GU1POCU`Qd;z!J+$P?Zw?N#
zyPu7hIjfaJ+*W8K$lent#?a3vKf5K6x8d{G@=o0J2?fBBGqRLxoyT~9krt%FD`tcK
zZA9igeH{-}0d<~GMH+vU-gW-7v!A^-dc|JCouUdgmy|D`#SH*dI2ZzVHgYdIki+7=
zIMzD|lC}r`ObeUP5U6Q}zc;D;y@*n;Vyrex>L&|%_*G9iFQ2{;<l_Fl(=|+YHJ?&o
zcUom)(bX-OxYr#{bCbS3=&BUXn(yR5;tSK1D*4B@od6=A8zk?+#P+=j$&MeAarRhl
z!e18>R-+y8;JuPlJZ~A9J^hqX3;|<L&(g$LPK0JaBHF%0fx@THCb(J$&5Ffm`#48h
zW4V7Iy2=j*GnjcTg#9aqK5?65+?VXYbEMs$N5@t7TGQ#qDZAU9wsCzWDVA<sxT?u+
zrywp$UD0Ra$Naw><*7{j-5B}k%G+tP^d<~xu;t^mYDXl`?W2b(s6?0#_eU0yaj!>)
z@~0UW)frTnV&(yODZ}&GW*=5%|6nLPN)`vfD$*9NpFXfNmyqc5HB~QnXxQ?M>q!+L
zX_r^hY8trZYq?-kZ$|GzIA-5(a=<z%rR(F^!`Z@wGqiV8M5;>JYOcO^U1Jhe%=Cb}
zNFM9ea#ZpEF(|EJNe_;bX{&Z}4ACDaCHdy|0`-@OwGqJx!OncKz)P<Ud}L+W5XOXb
z3-zRpk!I>`+i~SngwdhAZCw4pD*)lvG@M#2PYKMcnOC$n<n!&f`igFPVvI>`S{qpU
zwc%!umF(h@kbkK$mVbcHRonONV*OG(4HhcFjAy^Q@U7PIkh|FMj?y{yE;w@5rLw~d
zB$IS^%`o4M-95)cPYuFFhsn$SJ%K{hKuiTSOh!f_^FE5Fu8&6Dus~z|{!!E}U(|YK
z24kH*T})gC`(0Tn*rzEwS84!vTe{B8m#E$AcO)mwPQFiW#S20g83|=~qKf@_=aiBZ
z`9i6eRAMzxda5dQ_yPZB^$M0Rk3i|{REoxhZ$dr(U*8nH+L|Ss#fulLu1)RNF&F~#
zMRQjfMN96sqw8;PW>#D8({^&-qoU(R^4aemAAkQ*d!z)BrH#f>MX;~LT)572c&><S
z+P3}LZOIn@_4@Z0^bJw%6Ecd|C_-fu1038xz&@g^{(peHlqwBWR7K{$I!{I6KbiuH
ls>=5tPEUjNzkL4xD|b>A{V$*Yhw-5!s#r+vD*wyx{|8gbgmwS`

delta 7970
zcmYkBWmFshkFFWqp?Gm94y6MWcXxNU;@VPN1_rkxgAA_4-5mys7I$|a+>5mL+dX&h
z-Q>@klau_+N%Bk-0M_#WiQ-6v|1=;wEJXEsSt$Rb8_`jb5RrIhH2*8nNRMtzi?lNP
z-vOD1G7>To0{VZv!Z6$r;s4rV5TuHQ6ODF8(@yojtKNg;lf7k+X@qR8khJ2^v+lA8
ze~_Ugvz~!zNoWsNmY1a)I}utojw3od=rnP+^g&#$&9=23Yin1-d^GoGXb6rXjp?Gx
z^uaabRaI31`uD)8mO_@P*nq$$mRJVkoNybm*Mi5p(K+T`oJp)CS?`cybA}*(j#!5_
zl3`dYY!EbI5yVFm#|*o60A`t+ig)#rO@xlxzr(KOv|GBmJkAvRF(o$#=X&iypWNP?
zxcA{U!>*C%zYP!Z*_9L##NnjgoO);C2BZ{wEe*Wlxr9xrg$@q9>`Vl7X|&nt@15|{
zp2q+65e4~xqJ1W|r@CQzdE`n{a<E<7zkZ){RdiA3cF@Ju{q%2RVMMG{=BhYRpG5G@
zvr&tFuY3Vgn)XvV_}S^toeaDr{d`h(`;|UkHG^N^hXlU<j<D6^6%llR^H$-1Y)@`7
zg*G?%v>NxeO7X%AQDY;czxOHg84y9$BQV;ATYYZ(Q<NI19vJd8Pb2o)njU<Aw(|yw
zV&eeBK$_W%0Id*wc4H7ejHxz;mRMrLPdjG2MWI;0=%*!vT4<iwn;<QRUG#cF2{VKB
zl_gK2u0T{_Rm#==m70t=0u*-OORE$Q&5aM&$+N+K?Dxs}g29qsM|8D!x+DE?RUk2h
zBw_>xh{1wMb?X(`G2Dk8@Q;8iFSP52itl6;ANBwmp<S4ZzM$mMAgnuOvWA*PY*9GC
zKDRt&m#Stq=;{sCw4fhtud?+M*b}ONs5B=5MVpO3GoxRy%rwJxEoLzbHx5xo)Jj3B
zn%{9G*&XQY!`alOr4fueABeo!kxu;8HvM~lC-m1rG9FDKW*D-#*ek1oKb=VM)%psu
z6PbVduu5BUD(Gi2$-Z0E7c(Y;N0|o1Fs?aa<WM5|l;PQzsxfy!k~hXHXWjtY4rOA2
zrWp}E+aP%v`e(UfahGY5s!Ad;fbu(xbA*%@AWFx+O)ewjc`zUd^;E&$reW*~fS{kM
zh-n;78{R50rbj#F4zSl|U@S~cU8fbb(D`~MpnOZr4vPCccxl}S458aXy5m50O%Arn
z@QHQ*_q+uI%c)xETrK^By?y*z5nMok5K?k-CcVOJAODp$&NyIR8{JP$x1LxrrV;U3
zRxgV9hMM_gYVZTjl5ryfDP7b6b~{Idi`KTb0y(B5G4sKu;^Q$_v41c~B&cJv&a^SU
zU)7L!0@R-7_b3t&9GMZ|fIiTy4Q@Qkc1(j*jk6;ofwg6cRq}nFY*J@y=p+#haTZ+J
zW4pfH-@vpG`tzv!dV+w7b#1#FGbGH9){OQGP+A98dJ_3M<zSLgN25!MnUtiF!8jv2
zY>VNIXvDwL(2osMUD589CVkob1kS&I#{y%NKm(-~;o|lPK!@K<l_?xW9mNEnAq`wy
zYy7XIB3n{*#Xu5=nWw^CHtc>B9>U_jq^||D$cShD3W>^OnDq6;k&u~w%ud^vjDjyE
zs$V+7w$Fln=XNhM8(~K-c>PhEVC>|3CbU4@Exr<;z9x>nct{~l1QkPZ*ryMhC&$)J
zpfRsiKJ~Qo(6naNwx;ztwWvz3!jZ!f)!Yy>2~m6pyTthrow1sbA?QnHls$WczHnxH
zK`E;+vdFq~On`QxVr#_a0eU|BuK^Hi$Q8DIsOXGoR23iPxA*gQ@C@9!u9%s_P~lYl
z9-8GV&D~r(83L$^UU(&P-AJ%Va3o$OD9nb*?+FFXwhxTlY82zjSa8<&K;DJwbTI?F
zDEJUV@yPX^j7T`3de!G(jCMdhsC7!ZV)d<vV(a%x=varuJ#i2!ZgOh{N5}}~-W?I5
z?)yX}y=ScyhK8m&$^+$=Go%>7EQ>^yX)pFTgQn-uXlLHW9bp58b%DSznjw8dke@il
zR-Jh_E)Nld1}4ibP+g<qm?9s<jAEdn%IM4yrEWhF;~q;#lze|#hXw|;Sv}&Xk8F2#
zJ%!}?^Suvvd=;l`kkssxV}p6B54xJ<uOw^LsU;FSQ!MWQiRaPY!KCrRnvHFDMRW0i
zSXV8;@e0(zMuf#TPDvgm_}o8`Su%Q)fP&nwIBJ$(3B<=3=S20L%1G0Mi0Z=RJ0z%!
zRmsi^Z2t<twjxVyJJ&j}LHvKU*w7D7p4br>S7;b|6O|v>B+uA%@S_6&FM<g{8f@~4
zvAUxiM#r_h$gy84IjH|8HzY^P#z6?`f2`W?!A-@Tx0tU7A_cgPwfILs2yzmXc`hLz
zi`yn4L<8TJ(OLMn_X292lg&g->~*pvcvyzJ6coBF9Bz2~J|%M~@l~~p669`-mrRZN
zZ0oR;fFoNKF{$5IOS84ah_d1YA5H8<x#<23?%C=G;OEX5Lvb!S;|wWqJETxfiN3ZK
z<jR23lGa0lw2b<FyJ+G-n-ReZsyrOO>D#N7R;j#%?DIP4`GNX{&c6NQld|$+0kH}3
zv{GAVj}mm~*==QvL|)b1iJAKkCk;bJ0Aus;n}w<oMaqsR%u@?AH`o`Mvctc5-PHco
z2=YlJCPmk;PrVn!K*#f3vSbnRU1|F^Q-}RMY%ilRoorDnnx$6|pB2%p?0EAjV(zj0
zH;Uj~)VpnI;>w{y@4B=h2LWiZ<UmT*0_`kbYSxqoQhX;4dqgasTjAs$E}w6MNgnCD
z^!qa~bUK@^p1_It$kdRU3Q*;NS;e}NNhDzR{e7X_E*${r_s#S`@EWWY3#&@DLCID7
zle};#<+-A$d@KfN)dR?VEjemLSlk>Ea(@giKJ&+t(BZ;l5h!xLM3~M{KoQ20hRomZ
zGf!Wq5>PzFY9)~Q>=*%7DUs9j4A;kPZ?73k{?csbC6rooXlgWnxcItT{qa+^ZJB~3
zJi7ldahf|PykrPhU(t^8(<4&w1gEYM+Ecxv-1Z`!*%K*99^2OX<(^Rni`~mBPCjg{
zw6w*EA(PFN(V(xbmhb>s>ka{?<M{SacJj|X8(xFJnbS2@D6G*4Rg_)E{o`erCuT^Y
z^v(i0I9p`EB$FavM*eYSY0S+Aw+GqQ1o4};F-!I#d`;>zI7&pAJBgu#-xI;llF1YE
zOR6*1sU0RLJ0po=@414LG{w}J^W4Fm$X%jgvQ<hk_2vrUt-nmXuPH44{FuB_I=)F6
z3w_<!#f`jfy*@2c0TnJ)&%MVvz+v)k$dKF?@`bhVC2Ae%HBJjLH~YGZSHt|L7{x69
z{Cu>AtMBi!qnDYf!|hCL23zKZ8!>Q9NF{T#k(?9g=(*U5GeSh(cHa>55Hlit22Z*e
zwO{XDVK40(7$=e8IhqjdxDTGfEkUdN<11Mrr&{O|5mXY2(D>nzw3W%F!_#cGm!hgS
zm>EHV?r*vnuQoG11+|9+Y7*7)jR9I9W=r{&h5);Oq~dPILrq^oX#lmW;laq$F{{Ao
zWnVn#U`%mjpYT$6grB^Px(bW0;hjzC#$ChS#{h-`>sqicLZmwtZbmHT220LUsd;3=
z@UKw^tI&tTXU0fPyE&2srs*3KcPni0toJ_Wmp>@z?&Z?zwR%yCyyGO(Kd?t>n^tYn
z1z5x7uzDuA@Zg<$4!BvYDkJH}?Z+j5#toQ2;=mIXyOS@zS!-@r+n*siN6At(<^~_i
z-o#Z{!dv|Wf~+19po<I{DRXKxvbS{D<eOPvNoW$t){Eq~7uVjs4pKcG&@GQvD>Ueu
zN<{dlMGO@%o+DVQwy~$CG)nx;Z|x^&{1h!9L;g&~R2M77IxAv5TsHC{s#T%8()peV
zqz)s47}-TqOaN@g%`8^odLtsE_LuXrE6W1vWttU_^0^7b&O5SLO8s;<qgXlk16?|Z
zlPD*<=)ONJo1KJEhNgf&u}$!vBB=(9OL5E6rzX$p8@3HkyAeQvqh;Y^2`PkIQvy1U
z)3`|lI=i>ZbOEDu?Y_iHzrzKYZE-b096?u=T1fX{2!ncygHn0v>;^*3J~O+zIjE#1
zhr2hSx6k{`Ge~o<+#E&1{8Kxf+s(*93aiS^W^IFwREna|FCQpmG2lBEs6B7AosaC_
zIIu71o6-!o+ZkJkV7UhUlljnSY=_kAhIUV8aqWh@o}<7>ZT$>)7gn1i#TF-!rmho8
zkKV~$I~<w5Z(czmI!2Ohf1JeN+5gm+017AsDt-t2LM>x}EPTT-f45D~LMt{No1B7_
za5NOYx-14X=bg^}9>Q$p6h^W;{GLPiyBjhjS-(NM*tz=>Xi4zXMTdT_7Ntm<b2Y5c
zSWERbL+OAbzv)&2@b8K{g`OJZh;2F6IH)25q(`o<BXME;ybSi2ed0^e8CbZW&fl9g
zJ8aKcUy;`pn9Y6>kbr=5h|8y$I<Oj3Yl=0ltOAvyywdPB8xhNiP%gj=O3DL}ghIJ0
zemu}n5cbbXU3El#ivB_!T{j<Wihod@M7_8)2M;Y6G#S&=Z<*CwQ3xdC8~iaoChRQy
zp|I>B^Z|N$>@>d4=fM`|La&p)VkY7;=u*%mME1ms`p+IXc`L=tgL)qA1sSYy`_Z!A
zq{gD>R(>vNjkty_?9EBrua6=Hk9(@8kzvcnsJ{(y3@`}Sv5}7$JV}PGC;pc03r31i
z!J&@w24GQ#)`*~gngHn()Q=;79buVLF5lCjM&`aF9uli-7J=J+$-Il1b5##BvGTh!
zw#myTLCDE-JjvhPMAMhi;Yac|2djPiMI|;%-4Deba6TeEUD;0~i`lIci{_yOtK&zm
zdzFt;67?tkJ?Bk>+5}3^lYh2ot5^hxug$NUSfB+J?`wM0r4hnPDEAYH9U4D;nnLOg
zL%FC_?}8lgLqUP=vuJ@tKXsk8uSG3TUvDzrY_?}zsh_&=BJ#8*EVgcS9^5J!J`QL6
zRf))Z4)m|<0dB_z;s1n20elQFzviK1?5DpW<TMJlp%T^;vs%3jG#>Th^_-%utFFDC
zz{M)E30f(G(sdo4U$(Qv;2g4CAm3L9nwAN^=&;+3dSmGnVa3<?KlkHMvj@gy3U~p!
zOSlFf8FP;XwO+7l68EqcML12`razZ|1X#mb)X%@IEh&|MukaBPbud@~Pp`3t@i|&H
z<#NP#<SZ`W|0`2;)eR4Iam_NniH7J4@*vi7LE;2C0hEwVL2W=K1W$+sumlkh(m*t`
zhQtV&0_-8jLXNm1fer1ZwcR+t@4tc`ZXg!I^nf%-s4xREjr@W!q*9ol`h(T^h30PK
zk=%d`-s)T@<yzHgnsKV?$VC2#0H`Qggde~N5fIS;AVH!<ARv&?-xW()G@T2MQzG^%
zE=2Q9R?H8s!C0z}i|-1T9b}wiiF*(!Br)RQqu>j?U{L7Z-_c8jf|DL$HMz(NWemcb
zEXpcawHQv}lvrime@;KiaD#?J7|Fl{3iOG8M>N-lsTQ+~?C$N4x{Nl;yVs%jmD``8
zmaO@G9c`B+8vF$MC4@2bvUJVp9<I3duzREi5_+j`q`t_1*`SsF`IjqJT)s7rgUs<o
z-|3cUj1q4O?AFD1&mps-!Z`L;)SI=}O=vX8;(rVw<YK}MW8XfQN6<nHyAZ^7KXUgV
zyY<tXh`&ntBJ8R4cJ$<a%q&kxfcT2>1Na;3#WVn*z<6?-jy4S&xhG|`*$T}T^=oIQ
zF+YE9j)`}oNCmxF7ZSZDHPB?9qz!4>*ol6GWt2+wj^!>n_yiEvXh38LKDRxrz`eUp
zrzI^3zBVa9UQ4dM4oc`n$?E}GBRL_G6G&UF)}T@}%K*eT_XqK?>W#9@Y|x{#6DE1=
z1@AzFcr<s+D&oPic|CIMJj3EH9u0*gOF-6S;tE%S_otET$0?J1tWUeCJ>dsArIHRD
zVW~qv7BV~(KS58+OXRrzuO58fh3w?Dg?y4I#^QDtDO@j(O`u=$M;p3dIAZ$x?|pxK
zm+#5%wy4lVf4mB{(JS>b+cb}4k1@P9{^<uIe2<><Y)JA)D9X9zOi#v=QTEDDs6(%V
zw6G>0nWfkzlwZ-8G|V22i?|uv&qg!ajPTPh+k8RUINz%Tx?sQkug>6)*^<8U?>IxS
z$w==LxZ_ptWI%);GslfXhNsK9!B4k^IHJ4$pYc+*^B8w9O_(HV{~AHewSv1j7XAc*
znyc_<nJR@Vi1IMT|Lj0TD$X{+s(9p#1Qc%=crq2#=9rWA;0I1Zbzxp2az@|bl?HUi
zM3v&~Xw}Rua~+@X#a6&S3P|z5V|0&OXan*EF!j@+w)M7;`x23JleaHZo4F|weyP$o
z2^FGEje#wZK!V|R9q$p##i|iyV$D2I&cOo{f0OMK1Jk82O$mz%UOv*hF8VFY*h-f9
zKDW|Wm;9bZV)=8Uy=bq!{zXfJR~#VjgPOq~czLJEQ+d0Ju|)JOm+ch4+h<+MQFWt&
zyn<3rB_X&%B2D8)cD!va6YT}xTFY_TuysS{iO)Y*t@ZP56m(OU_p4}Dqu+jlVz@r2
zxLD&zKCaHGmGW&bw}*!J%A8E<Ae!``6Ko(+o;o%81Uht6ZSj0YwM5JL<Eteh04dQA
z$8=_4;K(5xtPZl&e6eS(8{BGgYmpW0=VSDE+|7cux4JM1@A7$0BTs1HG|Q~JIVFIY
zT|@1*a3=GFQR`^1kL&J*&)h>nTWvCH@q{cUY;wm>QaM!MYv^+5SKlyx<U~u3H+)<s
zJ3HH<bBlxsrp)a&ONo2%>H=iaQ#Kp4K#hC2JLX?yU0`8Kx8|vxin9pewX;%5Ky~Me
z<I={68fuha=5RTe<h$FyF3s<DV=Q}VG#MEu0p{>f!>$hc*%fya?dd?=8Km5kIg$b}
z_W@J$fplq;?@5EHpNj-lm013>4A`LY(Clu*g=T6m1*YP(Xm3*zxagWIEPDXuQ)Q-0
z{;oWoKcg8J%4HsrQ$z-lF7)}!^dbi6<b;u+xjLw+wfp_sR94B^VMtW!ccKp04(O-W
z;}5om3(k0=VyNEI)m@;Dgrv*nnH-t|9z(UIG@s<>RP?!<8vkElM7FL_D~wn=%tysb
z7|%UIGHi!kl5ffHq>_&7iXKWP21l$1=BR4E=n8v%gTTC9N4CBlC4n}Q*87|{D6XYE
z@buZ0=Pgl;CKBC56bAS`0*?sKY8tQ18hQ|$3wyk*-tYZT<^;7Twtjj)o^s*0w)^=B
zQ@AV6L6Yz)cFa`{&&TC9`9jw2*@`QoTZ7)D^2C1hqHG&VJ4}tWHle}uZW;?8wifz&
zXpnR=c=%I=(9?EWxxyZ}lu{*?t}_E?dYC>4HE%FMv`xmCQ&nx;&R3iWlS<^f387~&
zy8%!SNHms)`~WFC$BgI!HC=0*NjXetn>(2HjCsl?ujM>Fs_WMex+~Z(JBr5cSjG07
z&Yo_V#ZrTlE~s28dgrLOUD}QR`s$0@VnNf|SIsOG=1hK{*K#yr_t14}()E?Yutu_v
zNndu5TYD~3s5`&2b>Cb`QkewBmIEYlBlcS^vBd=ae}Q&)^T<q>atkmWAS53ev{Gzk
zdtP;_hu(Xb`ak&@vZy)s-=rO8sr%XpeM*+TJ)nO(ZA=)zBn&M;qs7{5D`9h~0bi7{
zi!@f};T-RHJ+RjCXOT6YhH_9Nl&4!hqppweJ*_+SjuV~~bTE9KH>6z7M?X{;IFXyk
z?4R?l(Ewcu(&+|pE2*EF;fqO0Q5Hq$IHa1F?#}(i^B}y(P|0)~PQ@unKJzkxU_!og
zF7V1j94j(QBTi6cJ3A`z5{+tM0_sP;1)>Z2UZm7pKeruNdIQ{=p<HV(?yR0y*H8t)
zi-E$N{Dfackrbl$N|i6t%?m;IJ<1+Cki+Ld6Oh;i4q4T<CX*~XTyN$ppP~u;GCz}5
zptI&hKF5gNAI(4;yrL2Jw9PgP=Ra8B{8DMt?eWpfrwq}aazOol8Cf;i@$x#$S*M$D
zxW1zr;BiFbgkxaihpjr-k+Qj~^({e2Fe@bDl=>i|vGKrN)5=<26Ye&~A2Af)(O-g1
z1v*;cO<g6rbx=c6e?0Q9%8y1|gs;QavYDEjk5H)XQ@!*KN7yFDWf$>s0q$J|Xke2l
z4eKjY?D|>CB$+RppO_rvHpSCWe)~U$zypw}^*WFcY7u2g7|~AK9DXb|X@7sqkR8M^
ze1${1u?*m?+-v@c-r@W{tnJU*Cv?Olpq&GBp{u1@oI2&gOvO?L9Q-fJUD~bpx%=|g
zF4uz11l+ilgxy~2v@X-|374d$i)6i<B~*&kq8Jc--BX*RyeCBT&K$p>mC|T}k*20(
z$f6^FxZC$&ZBCIFp^q(Ca>euGiC=pz;Wx+2*Z0T=ttSJYoOZr{?hURJ`MQ#;4|<?z
zyv*xV2BM<&3v?53iR6$zO4h8VOk-z$vJA<jxYL10$T|gx4uVw&*^S(6XW;W)l|2zV
z{K32YFC;JZ4G$nr%nR7r>Y-QDsklYZn+3@!yxVM<IrA~Ga+Gfk>0Wf-6*e!(C1(OO
z6lt*34blItVQI>UrTa?Rsa#tFqG5`zHD{|W`-Yd@8oRwu!_3&*5C$dGKAy6~QQL46
z()2$4+@ReP>Pe0*{iqicW_+}yWh@Uqv4y=F8$Fivc8RGmFC1o}zKL!+p^fwf4)B;%
z+~U|CQpi8$oRxO5)ogyzk^ZK7GRG`aDO~b^{EIk%Vuj<EKyI!RXuJ*v`nr`U$;iiX
zl+l-FKRLXKcFzA*{!dO1zcfhmcP9sX1?T1gN=)loJcm=fp_+Pw7>%L#TY$wwF&AGv
zd;S*V0ToMv6E8~Ep?uz~i^x#(GESax4|aR3`$x(;;pYrb>)Gd>DLCrP`Wc!^5X8wo
zg3zvw^yyElU$Dy&+}g?xgk$M$iEGnrHIyOta`JQplKPwO`@RHPXjCb!k5kMuw>%e}
z5$*c-;!=;mX;q7M9#yq3()B+BzkDp+*MyNVVmiDAh2Pt#x@xvX?B4kWWBe9POp^bX
zLcDZgfuO!(FKsce-ZEFng(#<0>4gn-VQ0`WE|VueTDQY5!JIWWQ1CUoy+3VtS?k7U
z*zTsyNcEK?KNo=xA(I&!S=*eB!ibBe4+e3|wcs%BpOVVCZCr|SHSs?TlOI;hv(!9+
zpYx*5%98V{&MgPj1(?KkrG@1wBK(Nxe|$J<FH-4p=ux`h=^8NF$fxjG%0T|KU^-oU
zVtbm#{@spQ0P2@@4U*%mxvqq_FORkK^rE6QD@9U)%jgc}8j`+r*koOJNyR%`Pgvqw
zLe3Q;a3CqV6%TU4K%~=rkMv`zDBfPDg1<eT!MNOA$J8-tymWZ&fmhd4=lee1i_jN)
z&F(ANReK6^1a=C$&>W}c9DQkgg3CAmbg-6~52MzRuq<K)=yvSpU@SK+*YgH^s^Lr0
zsh)QZ6`L)dOsw#)&an<0qdsq=^!KuIEh>}_M6W@DvH>qqhvNGu9j7fV*445bxRbxb
z7+pK!@;3kTL(m+;{skHHGx5mRF4iwS=5A0#-?lN^ocV3Je$7kgj>2+8F<~Omr5p7Q
znvSi!nR4g`3Uor3aaAgX<2uZh1s(s@o$Ds~UQX*e2;_UTum<R(Zc>G8&}Jj`tRH8d
z8qVQ7|Md)L5jNY%+xnBtk$O<AKPv1Rczby#_hzogr9RY4(~G6Ll`+F$&Y0o4bMP(k
z9M9AI>b?ac9^uEW$l5Cpc-d(*A|ii8raG<C@!)R+ZFU_>Q+Ruub{^3yE&6=d`#C!*
z#-va2^5>lyakP<5(S6Svv74FWsaH-V!dQyXhCW#t*6=3SBmHYB)5}u|!$IetaBmjq
zZ#*@UnfUk559elTvI|A?<@kPXhBzgT9;XjpSc*1jA)>e^Jw45$%pYB@(NCW2UdFIz
z7HJajKsm3@-ze*sF~`~DE{rXlv;~W#tBgO|es8U&NB_5ey^C1<@m*chY2EN-x~@iT
zw&3tqCi04CZjA)WL4J)u6}Q+`n7Yk85=tBnKeWHJQc9!jdO@7nd&9Pla{j%{W58o~
zYjsDV_eGaM>1~vhM;kjHFNOq8KDo$*qUP|G7bqHKye|r+m4yy;w-c2nO}JdbR#_+w
z^b-$6?S)fJpL`@i;mWPGhAmbTTz=YKlaESnb}yuT?3QnCPe6FTp;zwPI{0H&9yqPJ
z`5?BcR_<XYNvF&2m=Yno<|HW~=K<VVFtWI<|CREE`8Cays-Ehh!Az?t=dyg`(N+Iw
z-MZAf76;2IUhj>3dwXre?OHVWCJ4S38$$8yNjjVxS?GE$biWZV>M?h_8h<R)$?!mo
z@w$o{KR&OAD?@rV^qApLAb7?*^?BpYeO*28?(fyz=s!daWi)g$jTQbu1_Xrvz~*)}
z&HrK55IS}B|ED9>b^ZriLvGYX|A$(WYbXN{iIDz3xBg$PEHp&^7q=#Yv})j^j;a0^
G*Zx01;yYph


From 29ce3cd782bdd79d802e151ffa54fd3b10d6067c Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 11:28:42 -0500
Subject: [PATCH 11/14] Small comment bug fix

---
 .../Audit/Check-DefenderForCloudAlerts.psm1                     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1 b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1
index 52ef8320..f97f3bb4 100644
--- a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1	
+++ b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1	
@@ -18,7 +18,7 @@ function Get-DefenderForCloudAlerts {
     )
 
     $isCompliant = $false
-    $Comments = @()
+    $Comments = ""
     $ErrorList = @()
     $subCompliance = @()
 

From e7e59fa28b2e3faa81ff58bef00cc24228f2d30f Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 11:30:33 -0500
Subject: [PATCH 12/14] Fixed module version

---
 .../Audit/Check-DefenderForCloudAlerts.psd1                     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1 b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1
index 3ffd3842..1de23cad 100644
--- a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1	
+++ b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psd1	
@@ -14,7 +14,7 @@
 RootModule = '.\Check-DefenderForCloudAlerts.psm1'
 
 # Version number of this module.
-ModuleVersion = '1.1.13'
+ModuleVersion = '1.0.0'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

From a1aa649a84149a45d265125c39929fdf20db5059 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 11:38:57 -0500
Subject: [PATCH 13/14] Updated zip module

---
 psmodules/Check-DefenderForCloudAlerts.zip | Bin 3564 -> 3566 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/psmodules/Check-DefenderForCloudAlerts.zip b/psmodules/Check-DefenderForCloudAlerts.zip
index 5189bd5d4e3a1df534e367dfdfffbe8205e9afc0..7f83f01a45fba1a9aa5bb1522d6b1ab536e22883 100644
GIT binary patch
delta 3308
zcmZ9PXH=7k5{BskLXav*F|;UEN)SY<NEeX+kzS%y=~bHf=mHB!=+Z@qbdcT&MLH3X
zjs{S~fB{5`((mp)dv@=+GiT=C%+KdJFNu4bo73<fB^4VP?Vmkh8DmcNcY&Bw^=M!i
zWe_O+nz7T=HDk;@ec-q!&MB#DFYjdXPP4C?%4S1a?wUzlf~B^MyN->rBG0%&2r+Lj
zp&~8kp1YP&=7vs%{urb8d_ni;c<#+WJ?v<+5N$G@Qwg(&uGVeI;=*`upZ6|TUy$Jt
z>qCtZb-A}+AuYEodzIo7`6_#e(!2(=gVg5;SYBKWtcFSg06ZnWFGRrL8B%SU4=S41
z8i3oxyxha%$RBM>K^NlyG?@-w<aLwM>m|MBcpW;KE)?N<la>5CqD8^m7scHT`-IP%
zy%D^}tDt{Q*y?<>Hn31!do+wHIRVShwyUKdrEwS4$MO`0S)yi*!c=sRbyctCr)j=Q
z{3e@kRor_5Og&V=g98IZk2V$XU4XYqUc1Wml6N9+bjvz8zNW;ciCwRAumqZY53bZr
z9A{%mH=(tJ9JJ~dWNO2FXFTmNByw(Hg@g>ARsGti**7(QfQ5ZB2xX}3bYUT<2x;68
zH^YS}))w_kj7K(K_kGf$Eeq~xfeDs7>v1<ca_I-$wqyNiZ5hSxcDa+ys)zjndfy5O
zT0Of;%g3ts?$lFMdAFBH-LdWq@VcLo=yzWm3P}2zAvNJeNe6=RsS24XUN>3eS^K&(
zdPy2Kbj>~jpFx0IB>tx8iFq=V&s_0fAs2w4a}F3GP-^(%<``z}@N>QumsjxgI;tQ$
z3ix;ejb6QjE7E2<wc#^xVL0S+i2ByE5%Hs3Zi07BhR*xLc1F9_a{W-STSFO7w-6G(
z52LEpkmz|KsU`nZ`$F+MMs`VmQ0w(&al2BKuN~Z!OR8-q9-7)s$mLB%<>y0^(46gD
z_VWYIt%5ohJg<obFcuU&_s{vXDD}u)Kx?cx->Bdd7}Y=zGvi#9m_}HXE?~FYbt+~j
zH*N2_2C1Y!GOnMVp8K-*)>2L4_pM8z%gt-lZ3n}M5|I1A^UE<v#2c2g(~0v4)G+-r
z;X9Ggw0+{xvy@%n6SOw@a8?=Ly6E{*wVV4$CSmC!!kV9?<tg(@j)yf>cucDhSl_i4
z&$#u_z31hS#t>^ASAk@OYGTU7JOw^Uqa^{NK>YgPj;Es^!4b{##AS0XCnBfT&u*3{
z)r7Sq4;qz4lyR6Y&M-`$l{C7cAUXxtvKs$+E7nLe(5CRj_^~k7QHsuG)%fm)qk01^
z{~BaG<QW2^L3d_;sZ=StXnBAFXwn6p3cj-@bsGv2Wwp?kE<D~~7OAEC_nS|fy~#cm
zQ-U<&+vf`&Xb}q^X2zWL(<L{OsxP~vZf=AM+VPiDJu4B(j;I4Aq%}6ylUM2q@GMap
zr=MK9bK{*{|9mWU6D-9@yAwfuXv@-mR5Rn5>!YA_zeE##bOyaH95Cw(yij=)upR1S
zvgT}&C~wgow)SxnCrGN~G^%(RJE4Ikr>BWZ&tGAkTzYW|;!VLP3sDE)pHLFAhFTCz
zY8>o2I{fSzE@P)9&FsE&k}mZVXVSM**n@FeK331TFs9D}Jza*8aSgI2Iw36v_Btxd
zpQa7c=dIXHJS(xfC%F3nY;Pgfk!t78Xy<e2kt~S~B6N8ckm{Y28l0&wuq(2sqIj+`
z*!1X36XjZ2Wng{RN1njD$?We}VXX|Yh-=Yy<8~l%VEMw+34zy6URl&Fsb!|%dvQi(
zb}CEK=b>WGPC-^lm6ERgI#C{xdGXRVEndwB+wAn2U=iC4Y8D{9yTR`*%8)E>m%AF@
zB?#D;(s$v%e;)S!0_OV~-K`?ptfKzZ!U9@8vZIu5?^=<VdAjW|DG=UZ9%fT~)`m29
zl>x0$()Zi0V4!oBxesg3mJXvuUzhB2v%K#&{*kksGg;&AmMuIq-t;p0L8)S7$irB@
zwj_iF^!$6R*S_-SgLZkwos^6bL<u%{QtFtn<)?T-VR#QjTkao(>!T(k12L14{R?!=
z{{Ve4RhLErkognl9)FHew4sxKAefAt>M!2^cXgUBdoJB#Kub<sgny&aiI~C9c5WGd
ztaEE;Hv<Ycwy!e2D_qnsnrV{J^_bf_?uLqpC6Ta}HHucYT=#?yFsC|*`f~j$6WD2z
z96Av$4xjc+&tEGa8BloQy0Ub5d1Bef89?9)&sVy;4FahpHhW$P!%^v73p?i4t3Q;I
zWgd?Dpb0spQ%};Nn33(*i9BZFXnaJ2V}3b_`SRsn@yeE=-44^NqbnD|N(shRqVDhQ
zm)N_(-%IjG`$2;1fkiX=>&|x2qHmKoaE!UMkEJM4YHC&OJ!U(G4oE_&s@kpvu;@3b
zzKgYgda2^09;mdZj#4`i0%vQQqOG?Yd&=MUl25mm-cdl_Z0U-J=ZtFbl)lN^u@Yg4
zqbaa`tdM4SiNA^#dMj~OuRAj)+Lkc}J!8TlCMHrHu-VBg08iNCAyJ?#tg}o;Vf7y?
z{g0^DPk*}#lf6}RvzqHqQxbOv(0ya+4$(kg0eG4dY8%=+-P=qUw0{z<8M_PD@Q<w{
z22el7%EtRidkx;aK2)ay{Fb1Vl;E-F`NL3FVQ5ys_<1^Jg#+wOn=R`~SrM5xJjSu7
zdt(G=t}iCBH6EAYBDRs(@ielh;lA4sf~7)gsWrnf8)H!y{<ygoj!gpi;bti^S<&S`
z8GeABFcG*o{-MIjQoT2v0-5!9tVBaV2+mqL(|o2`q~<m45u;57m7RX}E{|5G_lwLP
z+#Q8}*43FFmaA;{Nv5y%m%|f~nPze)Ut~2O<3C!2#=zd@!Dl%2dU>uT;udWJgB>__
z43h=N_6_)s@pdj>>T>|tVYtxoBi(2WeUs9$y~)CkbHZ@`)X$1kV*P*^TXyBI)wo}R
z-a|WdgLo064>&QZk+j^S*9^v2sg}9al*mw3I+AfT0VoP5;f=${46Dyz*Ua^I&L*)b
zTs%&2X4^81P?@L}3OiOR-y-P;TJUO^-qbS+93vWHEw0=Y<Okj#V0Kl_EQ@CoLL-mw
zi#vpB>e)L0I~#<(-wQUU`{o_ffw0}%^vX@g*iqG=k9CJyj(E~c*{Xi0DJg2uyVFRA
z%(rlzAU*WG^K@7p8`;-q9?(B&3*_9uv}e4hV_!pLr6q;?%frB!lcIc$AG)59EY=|T
z#xA#<iS97MAVAdCY&gCm#n+(Z4+&E=VV#JoYZYSAmDL4DWp)lu<){yx+T0}uP$K=U
zi&T&bDnz2Gym<BmS!9j{>KQdp{V=g9MCY0A=^w_q>J<dSNbWVT6n!=GdcQzofmm7D
zgXhO~Wt34WZ59j*IAJ+W;I40tBK%j{qJlg`i^<mk_z=K<&pb9%?|zso_)*)u4P(*W
zF?*y&`(%heFQm_K`qN5Ob`L;ZDjf)#DU;3Ip)*HIR+42s9?(E~a9wdLGI1--vxr3}
z#>BC@eRZr;+w{p;<?<pcryw;(WcyUJ-@Y1F{36%K3>t3!eTq9u?GabOVGNV;Bt)I%
z9gJlh7#Z54Vym9xJ&U>2A?&)G)cBz&&G2dNaL~Kl;8SH?^!`Y^mLz_{`dFE1v87@z
z;+L~5H{EYT9qX?JVU500l*2In5B!LjxcbpkkypwhTso${J|PboXl!YQUnE%I=5nBs
zu8&5pU~YK6yv8+EOOQ73iA?g&?=$L>g_TYF0&O)7x63u!s$-Vit6=$)xfC=Apm|^!
zA8EJs{wYgcHtCwXWVYHbgM=O4lYO}y1JTDwL{08<)@d$bQ?swzFDT)y+`m`OMr3-N
zM&~z=rf@bp)mLk_X)i)L+tJKF&yU3l>w&hP=bKLlzw^et)HRTSozZAyv|288&xN%y
z0^_S35l{flcxl;#oOL^77s5ZrV}q#I?5pVv-hOr$oGw;5gV~MYAYo12KccY#1yv|y
z-%94nn*F8?$GN>5x!Xs&er`Ko@Pi$l=9W}9J8cc*r7yuaEUo4;;*F(Su7m6;JIASd
z`9(W8!L8OwiE3hILx(xYYI^B{?*S7aXLn9My}mKVG&vZ#7?gTWz^XAEsZekQL(29}
z_C0)V8xSab#OB#r9Xs@g_QDG!k$RN3Y{lomTC12{T<bp0XjzNbw+QvErSOG^QtOAF
zi|0R<J&4Vnz08L#b)%cB)^AjL{1e!>8?(R#ORk?6MFJB|Ivh?&TUAS2Re<Q9astsJ
z{B9kX(~yxZvi>D2atb!efAhybB1>h4D9ZkwJ)96zi2v8s{~rG3xqqIfhCviTe|s*q
N7a~M+%<z}v{sUp%J$e8D

delta 3279
zcmYM1XEdA(*M>)L5oLsl9-R}B#OPhr8D#X{5?v645$$0ZiQXe>)EsR@4Wbi7J&bPj
z9wnm7WbmHzt@k_c-fQhY_u7B2Yu!KC_Sql^I0-2ei1P2Xvp}1J{yUTmsW5W>WCaQe
zKdioU0aia5t^>#>eHGVS{xy2FlaG_(=JK<E>G_na^<j83CHX$(aU^WzD4dSI?lT@7
zDUswY8+ui2Ea3D;djBt5?_OFzdH#t_OGeUfk#$(gMn2wL76U}Dbn`YeQ4_Qx<hx;^
zVy>4vR*pFrwdd^Bpr5uoeScdpa-I05G-dSbOo}P$T?f$k?(9WZ%3U~QvGC6+OP_fq
zj#E9opevPt#e>$HEr2VDO1$u;1j)-xYW0!Y&?G8C;k26o@pREk-?go7$x!&0Tse&O
z>6V<&dqNv7=*d8Qowof+Y7gv!#j_F_E^;C)rRK~aqfFG;U0DJONm<!8mRAstRb_kX
zCf}@uMgku(IXNsZ4~&kdeAz>9)=FiOA$qV_L%mdk*HVN048o>*4nvaRp4+?P4h82D
zx^wP|c5PBuq4R9T6Lm}3!Uq@RpX$2iDo!hbLHE?ClI%TQ!!Nm)5VN2YK4Q{yx9_|)
zVZZ(D)T1r4D3DLLCSNAHFr&QT8b;%3k}kd2x4_&2!ybJHyGc|e4pfN-vC!rDvN86^
zDbg#8q{aL?GzwfpkJAK<2;Ruf<LB<IX%?v2Y*m+2JF9W*X?hCyKHy(<6JQdI0z}bs
z(XEW0{OVunu4l<}-P6wNxRsP^{denRZdeJDdmOBa)K2wNnY;rBy$a3HmDAFZ9z_W%
zp!vd<x+fw`J(c^iT{#B}*_Rlk{3~LDY}ME!U*Vf0<J!kXQDl6(bMo2jj-gDucDa*_
z4y9eR1&Yfy&htmYHFBEQ^>b!IyoRV*C!%Mo)2Rw-_p0KKk^s;qBPY-!ufWEB_0V79
zTXp=nk7iQ6w8pqHoUfZna-&9=3QfKa#J|^8C{b)->2|pTtA5yRSz1(&sMB3UCYxZ2
zraGdgkAp>eKRT6_ed^zS-WX=_)0_LU&uf6DelN8MMmHZvCwi-*P>-J#UvNd%lX9oM
zZDzd9WAS1L)hMB~dHk&iQyG-w+pzo?2$ec^eBXFO)}lHazvQ6mA*~^x4@po4M%G)*
z?t53wqr{V=lLQ?klx$4^R{nw-vK)@+mv`BG#)dwimWFp)M+nlB*vUgFGAaAL&Po}9
zG69&J66GVT<6x<_Xn_dEw%E$YsMtBKDQnZ4z9i;ntMbL4eF&WqJ4S5xpHbM6NEZgx
zZ){l?_(Gm&MtmJ7;x)B;M?4wuBK7vAW=zX0P@pm98b{!~Uex1lpn3N8yVozTb<h`W
zira6QkTpsl;>J`k4`_c!gSp-3tVQR$-LStjI#rFR@GwItnIj!U*geRZ#4KG+`ZL8x
zkqa)ARgA~m8U~sdaK4g+z#{7VoqYZ$wiV0Ln?3<quvo$|3n(Xl*8DF(0iQG9d@`V)
zT;wXT<Z?iq;;TuLSY7u_3**G23eF@Kg3$X1qMoXGDIIgY(vp3W!Za&WK^yR#XC0;j
zvNn3bgElhz_~;~K$z<5Nqj*I1qJKxrWQT}t!28Tq&E{;it%To{AB#oYJ6M%XzV|B_
zX((s>%-0yvR+A-gKq3XC4?FW_F|<;MUT}tPOjH{}lg!L+x+raX*iHWmMMbADP_i>}
z;9|~L(3qOfvVOD!ivh?|&B<|${~6SUe~q)oBdx~vJ&M#Ma6NPXjoW}Hi8V}?h6G-M
z`t_p!@&uEgyXh@c+g{1Q%kYKPU!*T!wR>~A#Z<`ZL2<A-vld`<jm7pxsSxq?c{R!Y
zP9P)~h+N8kiWTgS7Yj>cxxOx4z*8=|x`vdBbesgFU@($4$1NG^v7}fhqQK<yJrhUF
z0DBUh5Iqo~8EWO_ZP9k_g<~m?dx!PXk_SKS@(T6R==faYTF5Phb5d0-_;Krp`8|>E
zvKp=-m!EpN#}#5P4ws}`;T9sA=~=t#Jv%{-69)tu1e}7hoiJn3Lk0p-GJrt;13Gt6
z<i9}2rD~Il0{b9+XYp};X9G0C*)M<wL`3=z@Bi<#nR<BPq;Fl@<llsElWU=-^kzbE
z1x=3T$Umyv^S}R4WRFp4$W*KFa7<aK#GQ3;33sUZPhe&^s%%-|d}m3)TKaW7i5Mdp
zLV{#)g!nLc(knf$xLm7G*v)+fcg{SvY~TVUcjXgSIyy!J$V7L$YQBN()7uqx%&k{`
zVpAWR3<ZbIWtT3vrROCL{z#2yHy;iiMb$fTR%}o)Gk4#wY=RxtW@P>%y9tzy^R*K3
z5Oct#yRl5e6*8jfG=`6KDl&D(JBdieP}X4_(%?Qj;_k3817t+aQVlGoULS~Dg8}ma
z<Eq~8>stEN-AYI%?dHP4R$aHyqR{U9cTTLeUJ7V2R-!VsXy5rq;Vd^3^Pu2#QA1%L
zc>AgRT^{Xs_MUV7rV;iH0i_Mt!;%_|v7yzJ)3ZwCU>nCX@wf@5ePVkHt4y;Y{)vT3
zzh9IBSC<uHpaQuUR?NL=R>K~FL%?ME>u{jw1I;8P&nBdMw!3ku-^C5BPI)9w>KK=@
zQWf>ckX5}E(zKohcCg7)B5d_$FefnHjuK<#;CD|h>lxJg8H*mH(9J3d$J;qSE-U|a
z|4#Gv{XX=&^K+e{rt~w7cAto@dfgX4+iQL9>9;^mh1tJ`<enbdIqQf%5df<B93Rpc
z7gMdUjPj6$gP$a+6zQWA#x)-}M?5q==j2hc^Qe{Qt@P8@5F9kvl~FwWO55(*Og}o$
z;K|ln_{#cI#t(~CCf)r#gvoMVobk+iso(3;8qXgrSOkR2jOU6^L1GB(8u6X;c|f2&
z%ON6(clcC~8$W92*%OQ7KL^73@Xxf-3^bqR@eW2yhc0mgdD!EM)SbFMcc!e$i&gVY
z&5a}_`h;BH;;L{d$~0k_iiF2Hujzw5Ku4g+2A*~S)>-sXPC+q_&ccVw(yRq4rdg!3
zF}W(8oqP$)<%=<vJQjD<XzO}XAP0*oDlw5t>3*)!|9E<^^e&aL6~L9bOW__no25Th
z5DJFhT}om!mziD00St=EbQgJV;PFz7rs0P*Q;pWw$y{*NzL9OAjsh3-_Qu>J0~avm
zTu<LrwZ&#1)4OPBsEMV06<~l^?_JkQTxclIL8#<iYJZ2AAq{Kko5XgtNk5!Uhsh*g
z7+R)#fbkh)zaa#m^zH5kPLkju!x>Q16A7Ytp=>x$vKqKS*{GJzOm;X@hYK3%Ib&#C
z!G6{ZJJQ$eXm=ccD*#!Tq#pWXB~6zcx%gxdzGj=V#$<7JZt@Xo5vE_Q`W_q$4Si7j
zQSo3eqU83<?;W>sXOf~>rYqW!w*BD+L)i9$G(`DZx-JgL9Cj4I3QG`GiBf)l79>HL
z@F-cGd7u1nN(6#05NheVD-m%+jd=c(v)tFUY8hO6s$$0Zus<$ZWI_7ztXkO^Lau?H
zz<P^UaCUISA$)T4eviZoi0STZIx5Ad>W(aDSaD*Sj~QpU_8yk)Qdu?Y!}%L}gK^qm
zMzjp$$Z;od5Ww_chT|$Ku~i7Ztk*D6n1(>+47~2j3B)UChn^mzG{i>7LhuTV^Gy{q
zs0#-u8`Y(mmi6X`um)c!$pF93#6A6}=(-`oK!JiV>)Sn*W`#cjBg7&$Of`fNQ<f6s
z8DG=Hd93Fj>q3iN+n(oakaMidzv&Hjg&7D_oRtIE!BWQWUsydG8<>sbwwNBiJ#LY>
z_O~H*2ijAU0&BDD+gykj<;0B-rStpeUKv0tYJE1bAM&S_o4cuz0DI=ZRc8>L*}Ee}
z%f8(UI7v{OWrxio!_?u~54`rb-+N+-qf@x_i@jxzPe_OpkIX>YsU^Mkn&-i87x|>0
z%Wa^8k$|t*dU<oS^=P#~aG9Pkyh<x!2_-E2vAy)fLdeQ~N;8TruR1%g!Txvdd`KhS
zm^Q+;HMOWL$l6HoIgQ<Vg5VM;+j6!=aB)qqKAeNdSRrnRD4T~VSTonN#ye%~XNL6=
zO&Q_v!Nc0Fyd!#L(?5CD5vzqu*A%Z&)kMGvUH<ffFMUl6MZ<}}Rhw=&<T!*Bddh0B
zeewNj<5f;8$%aX_u+K=q-Q?{Ew|1jPv@5|imCSL4s(mEewZzP(9+Qs*A^r&`_?^B~
zISv9qd9xT5iW_3Le@fGGpL5x75Ny?7>iwzL>T<ybJfqj;Uc5GfbN2FD^zgbOK?wb=
zD(XqMHdAsC2nYU0RYb&0B>!t4|7t81Oe^>Q%_G&AmYen;mHqpfiuybKugX%t((;jC
J-ug#l{{fP8JW>Dv


From a2d843de619dbeb42523690500ef870c27e4c945 Mon Sep 17 00:00:00 2001
From: alalvi00 <ali.alvi@ssc-spc.gc.ca>
Date: Fri, 6 Dec 2024 14:43:05 -0500
Subject: [PATCH 14/14] Small bug fix

---
 setup/modules.json                                              | 2 +-
 .../Audit/Check-DefenderForCloudAlerts.psm1                     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup/modules.json b/setup/modules.json
index 7df18932..b579eb59 100644
--- a/setup/modules.json
+++ b/setup/modules.json
@@ -1060,7 +1060,7 @@
     "Control": "Guardrails11",
     "ModuleType": "Builtin",
     "Status": "Enabled",
-    "Required": "False",
+    "Required": "True",
     "Profiles": [2, 3, 4, 5, 6],
     "Script": "Get-DefenderForCloudAlerts -ControlName $msgTable.CtrName11 -ItemName $msgTable.msDefenderChecks -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
     "localVariables": [
diff --git a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1 b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1
index f97f3bb4..8231a489 100644
--- a/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1	
+++ b/src/GUARDRAIL 11 LOGGING AND MONITORING/Audit/Check-DefenderForCloudAlerts.psm1	
@@ -95,7 +95,7 @@ function Get-DefenderForCloudAlerts {
     }
 
     $PsObject = [PSCustomObject]@{
-        ComplianceStatus = $IsCompliant
+        ComplianceStatus = $isCompliant
         ControlName = $ControlName
         Comments = $Comments
         ItemName = $ItemName