Bug Report: Policy initiative defines unused and unneeded zoneId for Azure Container Registry

[juanandmsft]

Describe the bug The ESLZ policy initiative defines "azureAcrDataPrivateDnsZoneId": "{regionName}.data.privatelink.azurecr.io" in the "dnsZoneNames" parameter, but then is not used.

In fact is not needed, because the zone "{regionName}.data.privatelink.azurecr.io" is a subzone of "privatelink.azurecr.io" already addressed properly by "azureAcrPrivateDnsZoneId".

Steps to reproduce

1. Create ACR with private Endpoint
2. The PE contains both entries for "privatelink.azurecr.io" and "{regionName}.data.privatelink.azurecr.io", just with "azureAcrPrivateDnsZoneId", without "azureAcrDataPrivateDnsZoneId".

Screenshots

[Springstone]

@juanandmsft will add to the backlog.