Move docs to new folder

README.md

@@ -14,7 +14,7 @@ This project has a companion set of articles that describe challenges, design pa
 
 The implementation presented here is the *minimum recommended baseline for most AKS clusters*. This implementation integrates with Azure services that will deliver observability, provide a network topology that will support multiregional growth, and keep the in-cluster traffic secure as well. This architecture should be considered your starting point for preproduction and production stages.
 
-The material here is relatively dense. We strongly encourage you to dedicate time to walk through these instructions, with a mind to learning. Therefore, we do NOT provide any "one click" deployment here. To understand the relationship between the deployed resources, we suggest that you consult the [detailed architecture overview](/networking/aks-baseline_details.drawio.svg) while exploring your deployment. Once you've understood the components involved and identified the shared responsibilities between your team and your great organization, it is encouraged that you build suitable, auditable deployment processes around your final infrastructure.
+The material here is relatively dense. We strongly encourage you to dedicate time to walk through these instructions, with a mind to learning. Therefore, we do NOT provide any "one click" deployment here. To understand the relationship between the deployed resources, we suggest that you consult the [detailed architecture overview](./docs/aks-baseline_details.drawio.svg) while exploring your deployment. Once you've understood the components involved and identified the shared responsibilities between your team and your great organization, it is encouraged that you build suitable, auditable deployment processes around your final infrastructure.
 
 Throughout the reference implementation, you will see reference to *Contoso Bicycle*. They are a fictional small and fast-growing startup that provides online web services to its clientele on the west coast of North America. They have no on-premises datacenters and all their containerized line of business applications are now about to be orchestrated by secure, enterprise-ready AKS clusters. You can read more about [their requirements and their IT team composition](./contoso-bicycle/README.md). This narrative provides grounding for some implementation details, naming conventions, and so on. You should adapt as you see fit.
 
@@ -47,7 +47,7 @@ Finally, this implementation uses the [ASP.NET Core Docker sample web app](https
 
 ![Network diagram depicting a hub-spoke network with two peered VNets and main Azure resources used in the architecture.](https://learn.microsoft.com/azure/architecture/reference-architectures/containers/aks/images/secure-baseline-architecture.svg)
 
-Also do not forget to view the [detailed architecture diagram](/networking/aks-baseline_details.drawio.svg) to understand how the deployed resources work together in this reference architecture.
+Also do not forget to view the [detailed architecture diagram](./docs/aks-baseline_details.drawio.svg) to understand how the deployed resources work together in this reference architecture.
 
 ## Deploy the reference implementation
 
@@ -59,45 +59,45 @@ A deployment of AKS-hosted workloads typically experiences a separation of dutie
 
 There are considerations that must be addressed before you start deploying your cluster. Do I have enough permissions in my subscription and AD tenant to do a deployment of this size? How much of this will be handled by my team directly vs having another team be responsible?
 
-- [ ] Begin by ensuring you [install and meet the prerequisites](./01-prerequisites.md)
-- [ ] [Procure client-facing and AKS Ingress Controller TLS certificates](./02-ca-certificates.md)
-- [ ] [Plan your Microsoft Entra ID integration](./03-microsoft-entra-id.md)
+- [ ] Begin by ensuring you [install and meet the prerequisites](./docs/deploy/01-prerequisites.md)
+- [ ] [Procure client-facing and AKS Ingress Controller TLS certificates](./docs/deploy/02-ca-certificates.md)
+- [ ] [Plan your Microsoft Entra ID integration](./docs/deploy/03-microsoft-entra-id.md)
 
 ### 2. Build target network
 
 Microsoft recommends AKS be deployed into a carefully planned network; sized appropriately for your needs and with proper network observability. Organizations typically favor a traditional hub-spoke model, which is reflected in this implementation. While this is a standard hub-spoke model, there are fundamental sizing and portioning considerations included that should be understood.
 
-- [ ] [Build the hub-spoke network](./04-networking.md)
+- [ ] [Build the hub-spoke network](./docs/deploy/04-networking.md)
 
 ### 3. Deploying the cluster
 
 This is the heart of the guidance in this reference implementation; paired with prior network topology guidance. Here you will deploy the Azure resources for your cluster and the adjacent services such as Azure Application Gateway WAF, Azure Monitor, Azure Container Registry, and Azure Key Vault. This is also where you will validate the cluster is bootstrapped.
 
-- [ ] [Prep for cluster bootstrapping](./05-bootstrap-prep.md)
-- [ ] [Deploy the AKS cluster and supporting services](./06-aks-cluster.md)
-- [ ] [Validate cluster bootsrapping](./07-bootstrap-validation.md)
+- [ ] [Prep for cluster bootstrapping](./docs/deploy/05-bootstrap-prep.md)
+- [ ] [Deploy the AKS cluster and supporting services](./docs/deploy/06-aks-cluster.md)
+- [ ] [Validate cluster bootstrapping](./docs/deploy/07-bootstrap-validation.md)
 
 We perform the prior steps manually here for you to understand the involved components, but we advocate for an automated DevOps process. Therefore, incorporate the prior steps into your CI/CD pipeline, as you would any infrastructure as code (IaC). See the dedicated [AKS baseline automation guidance](https://github.com/Azure/aks-baseline-automation#aks-baseline-automation) for additional details.
 
 ### 4. Deploy your workload
 
 Without a workload deployed to the cluster it will be hard to see how these decisions come together to work as a reliable application platform for your business. The deployment of this workload would typically follow a CI/CD pattern and may involve even more advanced deployment strategies (such as blue/green). The following steps represent a manual deployment, suitable for illustration purposes of this infrastructure.
 
-- [ ] Just like the cluster, there are [workload prerequisites to address](./08-workload-prerequisites.md)
-- [ ] [Configure AKS Ingress Controller with Azure Key Vault integration](./09-secret-management-and-ingress-controller.md)
-- [ ] [Deploy the workload](./10-workload.md)
+- [ ] Just like the cluster, there are [workload prerequisites to address](./docs/deploy/08-workload-prerequisites.md)
+- [ ] [Configure AKS Ingress Controller with Azure Key Vault integration](./docs/deploy/09-secret-management-and-ingress-controller.md)
+- [ ] [Deploy the workload](./docs/deploy/10-workload.md)
 
 ### 5. :checkered_flag: Validation
 
 Now that the cluster and the sample workload is deployed; it's time to look at how the cluster is functioning.
 
-- [ ] [Perform end-to-end deployment validation](./11-validation.md)
+- [ ] [Perform end-to-end deployment validation](./docs/deploy/11-validation.md)
 
 ## :broom: Clean up resources
 
 Most of the Azure resources deployed in the prior steps will incur ongoing charges unless removed.
 
-- [ ] [Cleanup all resources](./12-cleanup.md)
+- [ ] [Clean up all resources](./docs/deploy/12-cleanup.md)
 
 ## Preview and additional features
 

04-networking.md → docs/deploy/04-networking.md

@@ -1,6 +1,6 @@
 # Deploy the hub-spoke network topology
 
-The prerequisites for the [AKS baseline cluster](./) are now completed with [Microsoft Entra group and user work](./03-microsoft-entra-id.md) performed in the prior steps. Now we will start with our first Azure resource deployment, the network resources.
+The prerequisites for the [AKS baseline cluster](../../) are now completed with [Microsoft Entra group and user work](./03-microsoft-entra-id.md) performed in the prior steps. Now we will start with our first Azure resource deployment, the network resources.
 
 ## Subscription and resource group topology
 

05-bootstrap-prep.md → docs/deploy/05-bootstrap-prep.md

@@ -1,6 +1,6 @@
 # Prep for cluster bootstrapping
 
-Now that the [hub-spoke network is provisioned](./04-networking.md), the next step in the [AKS baseline reference implementation](./) is preparing what your AKS cluster should be bootstrapped with.
+Now that the [hub-spoke network is provisioned](./04-networking.md), the next step in the [AKS baseline reference implementation](../../) is preparing what your AKS cluster should be bootstrapped with.
 
 ## Expected results
 

06-aks-cluster.md → docs/deploy/06-aks-cluster.md

@@ -1,6 +1,6 @@
 # Deploy the AKS cluster
 
-Now that your [Azure Container Registry instance is deployed and ready to support cluster bootstrapping](./05-bootstrap-prep.md), the next step in the [AKS baseline reference implementation](./) is deploying the AKS cluster and its remaining adjacent Azure resources.
+Now that your [Azure Container Registry instance is deployed and ready to support cluster bootstrapping](./05-bootstrap-prep.md), the next step in the [AKS baseline reference implementation](../../) is deploying the AKS cluster and its remaining adjacent Azure resources.
 
 ## Steps
 

08-workload-prerequisites.md → docs/deploy/08-workload-prerequisites.md

@@ -1,6 +1,6 @@
 # Workload prerequisites
 
-The AKS Cluster has been [bootstrapped](./07-bootstrap-validation.md), wrapping up the infrastructure focus of the [AKS baseline reference implementation](./). Follow these steps to import the TLS certificate that the ingress controller will serve for Application Gateway to connect to your web app.
+The AKS Cluster has been [bootstrapped](./07-bootstrap-validation.md), wrapping up the infrastructure focus of the [AKS baseline reference implementation](../../). Follow these steps to import the TLS certificate that the ingress controller will serve for Application Gateway to connect to your web app.
 
 ## Steps
 

11-validation.md → docs/deploy/11-validation.md

@@ -1,6 +1,6 @@
 # End-to-end validation
 
-Now that you have a workload deployed, the [ASP.NET Core sample web app](./10-workload.md), you can start validating and exploring this reference implementation of the [AKS baseline cluster](./). In addition to the workload, there is some observability validation you can perform as well.
+Now that you have a workload deployed, the [ASP.NET Core sample web app](./10-workload.md), you can start validating and exploring this reference implementation of the [AKS baseline cluster](../../). In addition to the workload, there is some observability validation you can perform as well.
 
 ## Validate the web app
 

12-cleanup.md → docs/deploy/12-cleanup.md

@@ -1,6 +1,6 @@
 # Clean up
 
-After you are done exploring your deployed [AKS baseline cluster](./), you'll want to delete the created Azure resources to prevent undesired costs from accruing. Follow these steps to delete all resources created as part of this reference implementation.
+After you are done exploring your deployed [AKS baseline cluster](../../), you'll want to delete the created Azure resources to prevent undesired costs from accruing. Follow these steps to delete all resources created as part of this reference implementation.
 
 ## Steps