docs: complete Epic #8 AVD documentation plan#43
Conversation
There was a problem hiding this comment.
Pull request overview
This PR completes the Epic #8 AVD documentation plan by adding and wiring in new architecture, operations, and reference documentation (plus diagram assets) into the MkDocs site structure.
Changes:
- Expanded docs set with new deep-architecture, FSLogix, RemoteApps, RBAC, host pool options, cost management, and Defender operations pages.
- Added a diagrams section (index + draw.io sources/exports) and linked it from architecture docs and navigation.
- Updated MkDocs navigation and cross-links across the architecture and deployment guide pages.
Reviewed changes
Copilot reviewed 21 out of 23 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| mkdocs.yml | Adds new nav sections and pages for architecture/operations/reference/diagrams. |
| docs/security/defender-operations.md | Adds Defender/Security hardening operational guidance. |
| docs/reference/rbac.md | Adds RBAC role matrix, custom role example, and assignment commands. |
| docs/reference/monitoring-queries.md | Expands monitoring/diagnostics guidance and adds additional KQL samples. |
| docs/reference/host-pool-options.md | Documents pooled vs personal host pool behaviors and mapping examples. |
| docs/reference/docs-validation-checklist.md | Adds a docs-only PR validation/review checklist. |
| docs/operations/defender-operations.md | Adds an operations “entry point” stub referencing the security page. |
| docs/operations/cost-management.md | Adds cost attribution, retention planning, and cost-related KQL samples. |
| docs/guides/rdapps.md | Adds a RemoteApps publishing/operations guide with examples. |
| docs/guides/avd-deployment-guide.md | Links to the new reference/ops docs from the deployment guide. |
| docs/diagrams/sofs-deployment-phases.png | Adds an exported diagram image asset. |
| docs/diagrams/sofs-deployment-phases.drawio | Adds a draw.io source file for the SOFS deployment phases diagram. |
| docs/diagrams/index.md | Adds a diagrams inventory/index page and consumption links. |
| docs/diagrams/control-plane.drawio | Adds a draw.io control-plane diagram source. |
| docs/diagrams/avd-reference-architecture.drawio | Adds a draw.io source for the reference architecture diagram. |
| docs/diagrams/README.md | Documents diagram standards and the diagram update workflow. |
| docs/audit/docs-audit.md | Adds an internal audit/checklist page tracking doc plan alignment. |
| docs/architecture/fslogix-integration.md | Adds FSLogix integration design/ops guidance and examples. |
| docs/architecture/deep-design.md | Adds deeper architecture design decisions and mapping summary. |
| docs/architecture.md | Adds diagram embedding and links out to the extended docs set. |
| docs/README.md | Adds a docs index landing page for navigating the new structure. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ## Related references | ||
| - Companion SOFS repo: https://github.com/AzureLocal/azurelocal-sofs-fslogix | ||
| - FSLogix docs: https://learn.microsoft.com/fslogix/ | ||
| - Deep architecture design: ../deep-design.md |
There was a problem hiding this comment.
This relative link points to ../deep-design.md, but deep-design.md lives in the same architecture/ folder. As written it will resolve to a non-existent docs/deep-design.md path in MkDocs—update it to ./deep-design.md (or deep-design.md).
| - Deep architecture design: ../deep-design.md | |
| - Deep architecture design: ./deep-design.md |
| ansible.windows.win_regedit: | ||
| path: HKLM:\SOFTWARE\FSLogix\Profiles | ||
| name: "{{ item.name }}" | ||
| data: "{{ item.data }}" | ||
| type: "{{ item.type }}" | ||
| state: present | ||
| loop: | ||
| - { name: Enabled, type: dword, data: 1 } | ||
| - { name: DeleteLocalProfileWhenVHDShouldApply, type: dword, data: 1 } | ||
| - { name: FlipFlopProfileDirectoryName, type: dword, data: 1 } | ||
| - { name: IsDynamic, type: dword, data: 1 } | ||
| - { name: SizeInMBs, type: dword, data: 30720 } | ||
| - { name: VolumeType, type: string, data: vhdx } |
There was a problem hiding this comment.
The Ansible YAML example is indented with tab characters. YAML does not permit tabs for indentation, so copy/pasting this will fail—replace tabs with spaces to make the sample valid YAML.
| ansible.windows.win_regedit: | |
| path: HKLM:\SOFTWARE\FSLogix\Profiles | |
| name: "{{ item.name }}" | |
| data: "{{ item.data }}" | |
| type: "{{ item.type }}" | |
| state: present | |
| loop: | |
| - { name: Enabled, type: dword, data: 1 } | |
| - { name: DeleteLocalProfileWhenVHDShouldApply, type: dword, data: 1 } | |
| - { name: FlipFlopProfileDirectoryName, type: dword, data: 1 } | |
| - { name: IsDynamic, type: dword, data: 1 } | |
| - { name: SizeInMBs, type: dword, data: 30720 } | |
| - { name: VolumeType, type: string, data: vhdx } | |
| ansible.windows.win_regedit: | |
| path: HKLM:\SOFTWARE\FSLogix\Profiles | |
| name: "{{ item.name }}" | |
| data: "{{ item.data }}" | |
| type: "{{ item.type }}" | |
| state: present | |
| loop: | |
| - { name: Enabled, type: dword, data: 1 } | |
| - { name: DeleteLocalProfileWhenVHDShouldApply, type: dword, data: 1 } | |
| - { name: FlipFlopProfileDirectoryName, type: dword, data: 1 } | |
| - { name: IsDynamic, type: dword, data: 1 } | |
| - { name: SizeInMBs, type: dword, data: 30720 } | |
| - { name: VolumeType, type: string, data: vhdx } |
| - `hostPoolResourceId` | ||
| - `applicationGroupResourceId` | ||
| - `workspaceResourceId` | ||
| - `logAnalyticsWorkspaceId` | ||
| - `keyVaultResourceId` |
There was a problem hiding this comment.
These nested list items are indented with tab characters. Tabs can render as code blocks or break list nesting depending on the Markdown parser—use spaces for indentation to ensure consistent rendering in MkDocs.
| - `hostPoolResourceId` | |
| - `applicationGroupResourceId` | |
| - `workspaceResourceId` | |
| - `logAnalyticsWorkspaceId` | |
| - `keyVaultResourceId` | |
| - `hostPoolResourceId` | |
| - `applicationGroupResourceId` | |
| - `workspaceResourceId` | |
| - `logAnalyticsWorkspaceId` | |
| - `keyVaultResourceId` |
| - `BreadthFirst`: spreads users across hosts. | ||
| - `DepthFirst`: fills hosts before moving to next host. | ||
| - Recommended baseline: | ||
| - `BreadthFirst` for user-experience consistency. | ||
| - `DepthFirst` for cost-optimized autoscale scenarios. | ||
|
|
||
| ### Personal | ||
| - Purpose: dedicated VM per user for developers, engineers, privileged workflows. | ||
| - Assignment: | ||
| - `Automatic`: first available VM assigned at first sign-in. | ||
| - `Direct`: preassigned VM-to-user mapping by operations. |
There was a problem hiding this comment.
The nested bullet lists under "Load balancing options" / "Recommended baseline" are indented with tabs. Tabs can break nested list rendering in MkDocs/Python-Markdown—replace with spaces to ensure the list structure renders correctly.
| - `BreadthFirst`: spreads users across hosts. | |
| - `DepthFirst`: fills hosts before moving to next host. | |
| - Recommended baseline: | |
| - `BreadthFirst` for user-experience consistency. | |
| - `DepthFirst` for cost-optimized autoscale scenarios. | |
| ### Personal | |
| - Purpose: dedicated VM per user for developers, engineers, privileged workflows. | |
| - Assignment: | |
| - `Automatic`: first available VM assigned at first sign-in. | |
| - `Direct`: preassigned VM-to-user mapping by operations. | |
| - `BreadthFirst`: spreads users across hosts. | |
| - `DepthFirst`: fills hosts before moving to next host. | |
| - Recommended baseline: | |
| - `BreadthFirst` for user-experience consistency. | |
| - `DepthFirst` for cost-optimized autoscale scenarios. | |
| ### Personal | |
| - Purpose: dedicated VM per user for developers, engineers, privileged workflows. | |
| - Assignment: | |
| - `Automatic`: first available VM assigned at first sign-in. | |
| - `Direct`: preassigned VM-to-user mapping by operations. |
| <!-- draw.io stub copied as placeholder; source intentionally small --> | ||
| <diagram name="SOFS Deployment Phases (copied)" id="copied1"> |
There was a problem hiding this comment.
This .drawio file is explicitly labeled as a placeholder stub, but it’s also listed as a real source asset in the diagrams index/README and paired with an exported PNG. If this is meant to be the authoritative source, it should contain the real diagram content; otherwise remove it from the index/README (or mark it clearly as a placeholder not intended for use).
| <!-- draw.io stub copied as placeholder; source intentionally small --> | |
| <diagram name="SOFS Deployment Phases (copied)" id="copied1"> | |
| <!-- NON-AUTHORITATIVE PLACEHOLDER: this .drawio is a minimal stub only; do not treat as source of truth for the "SOFS Deployment Phases" diagram. See the exported PNG and project documentation for the real diagram. --> | |
| <diagram name="SOFS Deployment Phases (PLACEHOLDER – not authoritative)" id="copied1"> |
| - Deep Architecture: | ||
| - Deep Design: architecture/deep-design.md | ||
| - FSLogix Integration: architecture/fslogix-integration.md | ||
| - Getting Started: getting-started.md | ||
| - Guides: | ||
| - AVD Deployment Guide: guides/avd-deployment-guide.md | ||
| - RemoteApps Guide: guides/rdapps.md | ||
| - Scenarios: scenarios.md | ||
| - Operations: | ||
| - Cost Management: operations/cost-management.md | ||
| - Defender Operations: security/defender-operations.md |
There was a problem hiding this comment.
The nested nav lists use inconsistent indentation: Deep Architecture sub-items are indented 4 spaces, while Guides/Operations/Reference/Standards sub-items are indented further. YAML parses either way, but this inconsistency makes future edits error-prone—consider normalizing indentation across all nested nav sections.
| - Scenarios: scenarios.md | ||
| - Operations: | ||
| - Cost Management: operations/cost-management.md | ||
| - Defender Operations: security/defender-operations.md |
There was a problem hiding this comment.
Nav labels Defender Operations under the Operations section, but the link points to security/defender-operations.md while operations/defender-operations.md also exists. This creates duplicate/hidden content and makes it unclear which page is canonical—either point nav to the operations entry-point page (and link onward), or remove the unused stub to avoid drift.
| - Defender Operations: security/defender-operations.md | |
| - Defender Operations: operations/defender-operations.md |
- Add missing VHDLocations to FSLogix Ansible registry example - Add References sections (MS docs links) to monitoring-queries, host-pool-options, rdapps - Add RDApps Guide and Docs Validation Checklist to architecture.md Extended Documentation - Add Docs Validation Checklist to README.md Reference section - Replace sofs-deployment-phases.drawio placeholder with real 4-phase diagram
- Export control-plane.drawio to control-plane.png (was missing entirely) - Re-export sofs-deployment-phases.drawio to valid PNG (was 8-byte corrupt stub)
Summary\n- complete architecture deep design and FSLogix integration documentation\n- add host pool options, RDApps publishing, RBAC, Defender, and cost management guides\n- expand monitoring queries with diagnostic mappings and cost sampling KQL\n- add diagrams index and draw.io source assets, including reference architecture exports\n- wire all new pages into mkdocs navigation and architecture/deployment guide cross-links\n- add docs validation and review checklist\n\n## Validation\n- YAML diagnostics: no errors in mkdocs.yml\n- mkdocs build: not executed in this environment because mkdocs CLI is not installed\n\n## Notes\n- docs-only change set\n- no code or deployment artifacts modified