diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml
index bc14c7a7ad..21762587bd 100644
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@@ -6,7 +6,7 @@
   version: '3.7'
   services:
     rover:
-      image: aztfmod/rover:1.1.6-2202.2503
+      image: aztfmod/rover:1.1.7-2203.2311
       user: vscode
 
       labels:
diff --git a/.github/workflows/standalone-regressor-tf100.yaml b/.github/workflows/standalone-regressor-tf100.yaml
index c4a611e927..4f0ed3c3d3 100644
--- a/.github/workflows/standalone-regressor-tf100.yaml
+++ b/.github/workflows/standalone-regressor-tf100.yaml
@@ -55,7 +55,7 @@ jobs:
       matrix: ${{fromJSON(needs.load_scenarios.outputs.matrix)}}
 
     container:
-      image: aztfmod/rover:1.1.6-2202.2503
+      image: aztfmod/rover:1.1.7-2203.2311
       options: --user 0
 
     steps:
@@ -165,7 +165,7 @@ jobs:
     needs: [testcases]
 
     container:
-      image: aztfmod/rover:1.1.6-2202.2503
+      image: aztfmod/rover:1.1.7-2203.2311
       options: --user 0
 
     steps:
diff --git a/.github/workflows/standalone-regressor-tf15.yaml b/.github/workflows/standalone-regressor-tf15.yaml
index 9a83dc6394..247e67ccde 100644
--- a/.github/workflows/standalone-regressor-tf15.yaml
+++ b/.github/workflows/standalone-regressor-tf15.yaml
@@ -55,7 +55,7 @@ jobs:
       matrix: ${{fromJSON(needs.load_scenarios.outputs.matrix)}}
 
     container:
-      image: aztfmod/rover:0.15.5-2202.2503
+      image: aztfmod/rover:0.15.5-2203.2311
       options: --user 0
 
     steps:
@@ -165,7 +165,7 @@ jobs:
     needs: [testcases]
 
     container:
-      image: aztfmod/rover:0.15.5-2202.2503
+      image: aztfmod/rover:0.15.5-2203.2311
       options: --user 0
 
     steps:
diff --git a/.github/workflows/standalone-tf100.yaml b/.github/workflows/standalone-tf100.yaml
index b01745b52f..945f93ebc0 100644
--- a/.github/workflows/standalone-tf100.yaml
+++ b/.github/workflows/standalone-tf100.yaml
@@ -51,7 +51,7 @@ jobs:
       matrix: ${{fromJSON(needs.load_scenarios.outputs.matrix)}}
 
     container:
-      image: aztfmod/rover:1.1.6-2202.2503
+      image: aztfmod/rover:1.1.7-2203.2311
       options: --user 0
 
     steps:
@@ -130,7 +130,7 @@ jobs:
     needs: [testcases]
 
     container:
-      image: aztfmod/rover:1.1.6-2202.2503
+      image: aztfmod/rover:1.1.7-2203.2311
       options: --user 0
 
     steps:
diff --git a/.github/workflows/standalone-tf15.yaml b/.github/workflows/standalone-tf15.yaml
index ca3802d1ab..ac3cef4265 100644
--- a/.github/workflows/standalone-tf15.yaml
+++ b/.github/workflows/standalone-tf15.yaml
@@ -51,7 +51,7 @@ jobs:
       matrix: ${{fromJSON(needs.load_scenarios.outputs.matrix)}}
 
     container:
-      image: aztfmod/rover:0.15.5-2202.2503
+      image: aztfmod/rover:0.15.5-2203.2311
       options: --user 0
 
     steps:
@@ -130,7 +130,7 @@ jobs:
     needs: [testcases]
 
     container:
-      image: aztfmod/rover:0.15.5-2202.2503
+      image: aztfmod/rover:0.15.5-2203.2311
       options: --user 0
 
     steps:
diff --git a/examples/ci.sh b/examples/ci.sh
deleted file mode 100755
index 7b5d8bfdba..0000000000
--- a/examples/ci.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/bash
-
-set -e
-
-if [ "$(az account show --query 'user.type' -o tsv)"  == "servicePrincipal" ]; then
-  echo "Set security context for Service Principal..."
-  export ARM_CLIENT_ID=$(az account show --sdk-auth --only-show-errors | jq -r .clientId)
-  export ARM_CLIENT_SECRET=$(az account show --sdk-auth --only-show-errors | jq -r .clientSecret)
-  export ARM_SUBSCRIPTION_ID=$(az account show --sdk-auth --only-show-errors | jq -r .subscriptionId)
-  export ARM_TENANT_ID=$(az account show --sdk-auth --only-show-errors | jq -r .tenantId)
-fi
-
-current_folder=$(pwd)
-parameter_files=$(find ${current_folder} | grep .tfvars | sed 's/.*/-var-file &/' | xargs)
-
-cd ${2}
-
-terraform init -upgrade | grep -P '^- (?=Downloading|Using|Finding|Installing)|^[^-]'
-
-terraform apply \
-  ${parameter_files} \
-  -var tags='{testing_job_id='"${1}"'}' \
-  -var var_folder_path=${current_folder} \
-  -input=false \
-  -auto-approve
-
-
-terraform destroy \
-  ${parameter_files} \
-  -var tags='{testing_job_id='"${1}"'}' \
-  -var var_folder_path=${current_folder} \
-  -input=false \
-  -auto-approve
-
diff --git a/messaging_servicebus_namespaces.tf b/messaging_servicebus_namespaces.tf
index f0ace751a5..9bbf40c3d9 100644
--- a/messaging_servicebus_namespaces.tf
+++ b/messaging_servicebus_namespaces.tf
@@ -10,14 +10,13 @@ module "servicebus_namespaces" {
   resource_groups = local.combined_objects_resource_groups
 
   remote_objects = {
-    resource_groups   = local.combined_objects_resource_groups
-    vnets             = local.combined_objects_networking
-    private_dns       = local.combined_objects_private_dns
-    private_endpoints = try(each.value.private_endpoints, {})
+    resource_groups = local.combined_objects_resource_groups
+    vnets           = local.combined_objects_networking
+    private_dns     = local.combined_objects_private_dns
   }
 
 }
 
 output "servicebus_namespaces" {
   value = module.servicebus_namespaces
-}
\ No newline at end of file
+}
diff --git a/modules/messaging/servicebus/namespace/network_rule_set/network_rule_set.tf b/modules/messaging/servicebus/namespace/network_rule_set/network_rule_set.tf
index ca63ba9e12..5f2a66b29b 100644
--- a/modules/messaging/servicebus/namespace/network_rule_set/network_rule_set.tf
+++ b/modules/messaging/servicebus/namespace/network_rule_set/network_rule_set.tf
@@ -3,12 +3,15 @@ resource "azurerm_servicebus_namespace_network_rule_set" "rule_set" {
   resource_group_name = var.remote_objects.resource_group_name
   default_action      = var.settings.default_action
   ip_rules            = var.settings.ip_rules
+  # TODO - to enable with provider upgrade
+  # public_network_access_enabled = try(var.settings.public_network_access_enabled, null)
+  trusted_services_allowed = try(var.settings.trusted_services_allowed, null)
 
   dynamic "network_rules" {
-    for_each = try(var.settings.network_rules, {})
+    for_each = try(var.settings.subnets, {})
     content {
-      subnet_id                            = can(var.remote_objects.vnets[network_rules.value.lz_key][network_rules.value.vnet_key].subnets[network_rules.value.subnet_key].id) ? var.remote_objects.vnets[network_rules.value.lz_key][network_rules.value.vnet_key].subnets[network_rules.value.subnet_key].id : var.remote_objects.vnets[var.client_config.landingzone_key][network_rules.value.vnet_key].subnets[network_rules.value.subnet_key].id
-      ignore_missing_vnet_service_endpoint = network_rules.value.ignore_missing_vnet_service_endpoint
+      subnet_id                            = can(network_rules.value.id) ? network_rules.value.id : var.remote_objects.vnets[try(network_rules.value.lz_key, var.client_config.landingzone_key)][network_rules.value.vnet_key].subnets[network_rules.value.subnet_key].id
+      ignore_missing_vnet_service_endpoint = try(network_rules.value.ignore_missing_vnet_service_endpoint, null)
     }
   }
 }
diff --git a/modules/messaging/servicebus/namespace/private_endpoints.tf b/modules/messaging/servicebus/namespace/private_endpoints.tf
index 606d733f2f..6c26f1c5f6 100644
--- a/modules/messaging/servicebus/namespace/private_endpoints.tf
+++ b/modules/messaging/servicebus/namespace/private_endpoints.tf
@@ -1,15 +1,15 @@
 module "private_endpoint" {
   source   = "../../../networking/private_endpoint"
-  for_each = var.remote_objects.private_endpoints
+  for_each = try(var.settings.private_endpoints, {})
 
-  resource_id     = azurerm_servicebus_namespace.namespace.id
-  name            = each.value.name
-  resource_groups = var.resource_groups
-  subnet_id       = try(var.remote_objects.vnets[var.client_config.landingzone_key][each.value.vnet_key].subnets[each.value.subnet_key].id, var.remote_objects.vnets[each.value.lz_key][each.value.vnet_key].subnets[each.value.subnet_key].id)
-  settings        = each.value
-  global_settings = var.global_settings
   base_tags       = local.base_tags
-  private_dns     = var.remote_objects.private_dns
   client_config   = var.client_config
+  global_settings = var.global_settings
   location        = local.location
+  name            = each.value.name
+  private_dns     = can(each.value.private_dns) ? var.remote_objects.private_dns : {}
+  resource_groups = var.resource_groups
+  resource_id     = azurerm_servicebus_namespace.namespace.id
+  settings        = each.value
+  subnet_id       = var.remote_objects.vnets[try(each.value.lz_key, var.client_config.landingzone_key)][each.value.vnet_key].subnets[each.value.subnet_key].id
 }
diff --git a/rover_on_ssh_host.yml b/rover_on_ssh_host.yml
index ea73d966fa..d0aca1f454 100644
--- a/rover_on_ssh_host.yml
+++ b/rover_on_ssh_host.yml
@@ -11,7 +11,7 @@
 version: '3.7'
 services:
   rover:
-    image: aztfmod/rover:1.1.6-2202.2503
+    image: aztfmod/rover:1.1.7-2203.2311
 
     user: vscode