diff --git a/.github/workflows/github-action-test-nginxaas-deploy.yml b/.github/workflows/github-action-test-nginxaas-deploy.yml
index 700eecd..7f1a045 100644
--- a/.github/workflows/github-action-test-nginxaas-deploy.yml
+++ b/.github/workflows/github-action-test-nginxaas-deploy.yml
@@ -9,7 +9,7 @@ env:
   NGINX_DEPLOYMENT_NAME: github-action-test-dep
   NGINX_TRANSFORMED_CONFIG_DIR_PATH: /etc/nginx/
   NGINX_ROOT_CONFIG_FILE: nginx.conf
-  TEST_RESOURCE_GROUP_NAME: testenv-0da38993-workload
+  TEST_RESOURCE_GROUP_NAME: github-action-test
   NGINX_CERT_NAME: github-action-test-crt
   NGINX_VAULT_NAME: nlbtest-customer
 
@@ -24,7 +24,7 @@ jobs:
       - name: "Checkout repository"
         uses: actions/checkout@v2
       - name: "AZ CLI Login"
-        uses: azure/login@v1
+        uses: azure/login@v2
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -33,7 +33,7 @@ jobs:
       - name: "Update config - single file"
         shell: bash
         run: |
-          sed -i 's/000000/'"$GITHUB_RUN_NUMBER"'/g' github-action/test/configs/single/nginx.conf
+          sed -i 's/000000/'"$GITHUB_RUN_ID"'/g' github-action/test/configs/single/nginx.conf
           cat github-action/test/configs/single/nginx.conf
       - name: "Sync NGINX configuration to NGINXaaS for Azure - single file"
         uses: nginxinc/nginx-for-azure-deploy-action@v0.3.1
@@ -47,7 +47,7 @@ jobs:
       - name: "Validate config update - single file"
         shell: bash
         run: |
-          wget -O - -o /dev/null http://${{ secrets.NGINX_DEPLOYMENT_IP }} | jq '.request.headers."Github-Run-Id"  | test( "'"$GITHUB_RUN_NUMBER"'")'
+          curl -s -o /dev/null -D - http://${{ secrets.NGINX_DEPLOYMENT_IP }} | grep "Github-Run-Id: $GITHUB_RUN_ID"
       - name: "Update config - multi file"
         shell: bash
         run: |
@@ -70,12 +70,12 @@ jobs:
       - name: "Validate config update"
         shell: bash
         run: |
-          wget -O - -o /dev/null http://${{ secrets.NGINX_DEPLOYMENT_IP }} | jq '.request.headers."Github-Run-Id"  | test( "'"$GITHUB_RUN_ID"'")'
+          curl -s -o /dev/null -D - http://${{ secrets.NGINX_DEPLOYMENT_IP }} | grep "Github-Run-Id: $GITHUB_RUN_ID"
       - name: "Validate certificate update"
-        uses: azure/CLI@v1
+        uses: azure/cli@v2
         with:
           inlineScript: |
             echo "-----BEGIN CERTIFICATE-----" > /tmp/$GITHUB_RUN_ID.tmp
             az keyvault certificate show --vault-name $NGINX_VAULT_NAME  -n $NGINX_CERT_NAME | jq -r .cer | cat >> /tmp/$GITHUB_RUN_ID.tmp
             echo "-----END CERTIFICATE-----" >> /tmp/$GITHUB_RUN_ID.tmp
-            wget -O - -o /dev/null https://${{ secrets.NGINX_DEPLOYMENT_IP }} --ca-certificate=/tmp/$GITHUB_RUN_ID.tmp | jq '.request.headers."Github-Run-Id"  | test( "'"$GITHUB_RUN_ID"'")'
+            curl -s -o /dev/null -D - https://${{ secrets.NGINX_DEPLOYMENT_IP }} --cacert /tmp/$GITHUB_RUN_ID.tmp | grep "Github-Run-Id: $GITHUB_RUN_ID"
diff --git a/github-action/README.md b/github-action/README.md
index 54de2bc..82c281b 100644
--- a/github-action/README.md
+++ b/github-action/README.md
@@ -29,12 +29,12 @@ jobs:
       uses: actions/checkout@v2
 
     - name: 'Run Azure Login using an Azure service principal with a secret'
-      uses: azure/login@v1
+      uses: azure/login@v2
       with:
         creds: ${{ secrets.AZURE_CREDENTIALS }}
 
     - name: 'Sync the NGINX configuration from the GitHub repository to the NGINXaaS for Azure deployment'
-      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.0
+      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.1
       with:
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
         resource-group-name: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
@@ -69,14 +69,14 @@ jobs:
       uses: actions/checkout@v2
 
     - name: 'Run Azure Login using OIDC'
-      uses: azure/login@v1
+      uses: azure/login@v2
       with:
         client-id: ${{ secrets.AZURE_CLIENT_ID }}
         tenant-id: ${{ secrets.AZURE_TENANT_ID }}
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
     - name: 'Sync the NGINX configuration from the GitHub repository to the NGINXaaS for Azure deployment'
-      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.0
+      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.1
       with:
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
         resource-group-name: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
@@ -86,6 +86,9 @@ jobs:
         transformed-nginx-config-directory-path: /etc/nginx/
 ```
 
+> **Note:**
+The service principal being used for authenticating with Azure should have access to manage the NGINXaaS deployment. For simplicity, this guide assumes that the service principal has `Contributor` role to manage the deployment. Refer [prerequisites](https://docs.nginx.com/nginxaas/azure/getting-started/prerequisites/) for details.
+
 ## Handling NGINX configuration file paths
 
 To facilitate the migration of the existing NGINX configuration, NGINXaaS for Azure supports multiple-files configuration with each file uniquely identified by a file path, just like how NGINX configuration files are created and used in a self-hosting machine. An NGINX configuration file can include another file using the [include directive](https://docs.nginx.com/nginx/admin-guide/basic-functionality/managing-configuration-files/). The file path used in an `include` directive can either be an absolute path or a relative path to the [prefix path](https://www.nginx.com/resources/wiki/start/topics/tutorials/installoptions/).
@@ -101,7 +104,7 @@ To use this action to sync the configuration files from this example, the direct
 
 ```yaml
     - name: 'Sync the NGINX configuration from the GitHub repository to the NGINXaaS for Azure deployment'
-      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.0
+      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.1
       with:
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
         resource-group-name: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
@@ -133,7 +136,7 @@ The action supports an optional input `transformed-nginx-config-directory-path`
 
 ```yaml
     - name: 'Sync the NGINX configuration from the Git repository to the NGINXaaS for Azure deployment'
-      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.0
+      uses: nginxinc/nginx-for-azure-deploy-action@v0.3.1
       with:
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
         resource-group-name: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
@@ -151,11 +154,11 @@ The transformed paths of the two configuration files in the NGINXaaS for Azure d
 
 ## Handling NGINX certificates
 
-Since certificates are secrets, it is assumed they are stored in Azure key vault. One can provide multiple certificate entries to the github action as an array of JSON objects with keys: 
+Since certificates are secrets, it is assumed they are stored in Azure key vault. One can provide multiple certificate entries to the github action as an array of JSON objects with keys:
 
 `certificateName`- A unique name for the certificate entry
 
-`keyvaultSecret`- The secret ID for the certificate on Azure key vault 
+`keyvaultSecret`- The secret ID for the certificate on Azure key vault
 
 `certificateVirtualPath`- This path must match one or more ssl_certificate directive file arguments in your Nginx configuration; and must be unique between certificates within the same deployment
 
@@ -165,7 +168,7 @@ See the example below
 
 ```yaml
 - name: "Sync NGINX certificates to NGINXaaS for Azure"
-        uses: nginxinc/nginx-for-azure-deploy-action@v0.3.0
+        uses: nginxinc/nginx-for-azure-deploy-action@v0.3.1
         with:
           subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
           resource-group-name: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
@@ -178,7 +181,7 @@ See the example below
 
 ```yaml
  - name: "Sync NGINX configuration- multi file and certificate to NGINXaaS for Azure"
-        uses: nginxinc/nginx-for-azure-deploy-action@v0.3.0
+        uses: nginxinc/nginx-for-azure-deploy-action@v0.3.1
         with:
           subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
           resource-group-name: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
@@ -188,4 +191,4 @@ See the example below
           nginx-root-config-file: nginx.conf
           transformed-nginx-config-directory-path: /etc/nginx/
           nginx-certificates: '[{"certificateName": "$NGINX_CERT_NAME", "keyvaultSecret": "https://$NGINX_VAULT_NAME.vault.azure.net/secrets/$NGINX_CERT_NAME", "certificateVirtualPath": "/etc/nginx/ssl/my-cert.crt", "keyVirtualPath": "/etc/nginx/ssl/my-cert.key"  } ]'
-```
\ No newline at end of file
+```
diff --git a/github-action/action.yml b/github-action/action.yml
index 50fa38b..ff13017 100644
--- a/github-action/action.yml
+++ b/github-action/action.yml
@@ -23,22 +23,26 @@ inputs:
     default: "nginx.conf"
   transformed-nginx-config-directory-path:
     description: >
-      'The transformed absolute path of the NGINX configuration directory in NGINXaaS for Azure deployment, example: "/etc/nginx/". 
-      If the "include" directive in the NGINX configuration files uses absolute paths, the path transformation 
+      'The transformed absolute path of the NGINX configuration directory in NGINXaaS for Azure deployment, example: "/etc/nginx/".
+      If the "include" directive in the NGINX configuration files uses absolute paths, the path transformation
       can be used to overwrite the file paths when the action synchronizes the files to the NGINXaaS for Azure deployment.'
     required: false
     default: ""
   nginx-certificates:
     description: 'An array of JSON objects each with keys nginx_cert_name, keyvault_secret, certificate_virtual_path and key_virtual_path. Example: [{"certificateName": "server1", "keyvaultSecret": "https://...", "certificateVirtualPath": "/etc/ssl/certs/server1.crt", "keyVirtualPath": "/etc/ssl/certs/server1.key"  }, {"name": "server2", "keyvaultSecret": "https://...", "certificateVirtualPath": "/etc/ssl/certs/server2.crt", "keyVirtualPath": "/etc/ssl/certs/server2.key"  }] '
     required: false
+  debug:
+    description: "Enable/Disable debug output."
+    required: false
+    default: "false"
 runs:
   using: "composite"
   steps:
     - name: "Synchronize NGINX certificate(s) from the Git repository to an NGINXaaS for Azure deployment"
-      run: ${{github.action_path}}/src/deploy-certificate.sh --subscription_id=${{ inputs.subscription-id }} --resource_group_name=${{ inputs.resource-group-name }} --nginx_deployment_name=${{ inputs.nginx-deployment-name }} --nginx_resource_location=${{ inputs.nginx-deployment-location }}  --certificates=${{ toJSON(inputs.nginx-certificates) }}
+      run: ${{github.action_path}}/src/deploy-certificate.sh --subscription_id=${{ inputs.subscription-id }} --resource_group_name=${{ inputs.resource-group-name }} --nginx_deployment_name=${{ inputs.nginx-deployment-name }} --nginx_resource_location=${{ inputs.nginx-deployment-location }}  --certificates=${{ toJSON(inputs.nginx-certificates) }} --debug=${{ inputs.debug }}
       if: ${{ inputs.nginx-deployment-location != '' && inputs.nginx-certificates != '' }}
       shell: bash
     - name: "Synchronize NGINX configuration from the Git repository to an NGINXaaS for Azure deployment"
-      run: ${{github.action_path}}/src/deploy-config.sh --subscription_id=${{ inputs.subscription-id }} --resource_group_name=${{ inputs.resource-group-name }} --nginx_deployment_name=${{ inputs.nginx-deployment-name }} --config_dir_path=${{ inputs.nginx-config-directory-path }} --root_config_file=${{ inputs.nginx-root-config-file }} --transformed_config_dir_path=${{ inputs.transformed-nginx-config-directory-path }}
+      run: ${{github.action_path}}/src/deploy-config.sh --subscription_id=${{ inputs.subscription-id }} --resource_group_name=${{ inputs.resource-group-name }} --nginx_deployment_name=${{ inputs.nginx-deployment-name }} --config_dir_path=${{ inputs.nginx-config-directory-path }} --root_config_file=${{ inputs.nginx-root-config-file }} --transformed_config_dir_path=${{ inputs.transformed-nginx-config-directory-path }} --debug=${{ inputs.debug }}
       if: ${{ inputs.nginx-config-directory-path != '' }}
       shell: bash
diff --git a/github-action/src/deploy-certificate.sh b/github-action/src/deploy-certificate.sh
old mode 100644
new mode 100755
index a552b72..3402431
--- a/github-action/src/deploy-certificate.sh
+++ b/github-action/src/deploy-certificate.sh
@@ -7,23 +7,27 @@ do
 case $i in
     --subscription_id=*)
     subscription_id="${i#*=}"
-    shift 
+    shift
     ;;
     --resource_group_name=*)
     resource_group_name="${i#*=}"
-    shift 
+    shift
     ;;
     --nginx_deployment_name=*)
     nginx_deployment_name="${i#*=}"
-    shift 
+    shift
     ;;
     --nginx_resource_location=*)
     nginx_resource_location="${i#*=}"
-    shift 
+    shift
     ;;
     --certificates=*)
     certificates="${i#*=}"
-    shift 
+    shift
+    ;;
+    --debug=*)
+    debug="${i#*=}"
+    shift
     ;;
     *)
     echo "Not matched option '${i#*=}' passed in."
@@ -35,27 +39,27 @@ done
 if [[ ! -v subscription_id ]];
 then
     echo "Please set 'subscription-id' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v resource_group_name ]];
 then
     echo "Please set 'resource-group-name' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v nginx_deployment_name ]];
 then
     echo "Please set 'nginx-deployment-name' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v nginx_resource_location ]];
 then
     echo "Please set 'nginx-resource-location' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v certificates ]];
 then
     echo "Please set 'nginx-certificates' ..."
-    exit 1 
+    exit 1
 fi
 
 arm_template_file="nginx-for-azure-certificate-template.json"
@@ -69,13 +73,13 @@ echo ""
 
 az account set -s "$subscription_id" --verbose
 
-count=$(echo $certificates | jq '. | length')
+count=$(echo "$certificates" | jq '. | length')
 for (( i=0; i<count; i++ ));
 do
-    nginx_cert_name=$(echo $certificates | jq -r '.['"$i"'].certificateName')
-    nginx_cert_file=$(echo $certificates | jq -r '.['"$i"'].certificateVirtualPath')
-    nginx_key_file=$(echo $certificates | jq -r '.['"$i"'].keyVirtualPath')
-    keyvault_secret=$(echo $certificates | jq -r '.['"$i"'].keyvaultSecret')
+    nginx_cert_name=$(echo "$certificates" | jq -r '.['"$i"'].certificateName')
+    nginx_cert_file=$(echo "$certificates" | jq -r '.['"$i"'].certificateVirtualPath')
+    nginx_key_file=$(echo "$certificates" | jq -r '.['"$i"'].keyVirtualPath')
+    keyvault_secret=$(echo "$certificates" | jq -r '.['"$i"'].keyvaultSecret')
 
     do_nginx_arm_deployment=1
     err_msg=" "
@@ -103,9 +107,9 @@ do
     uuid="$(cat /proc/sys/kernel/random/uuid)"
     template_file="template-$uuid.json"
     template_deployment_name="${nginx_deployment_name:0:20}-$uuid"
-    
+
     cp "$arm_template_file" "$template_file"
-    
+
     echo "Synchronizing NGINX certificate"
     echo "Subscription ID: $subscription_id"
     echo "Resource group name: $resource_group_name"
@@ -120,11 +124,32 @@ do
 
     if [ $do_nginx_arm_deployment -eq 1 ]
     then
+        az_cmd=(
+            "az"
+            "deployment"
+            "group"
+            "create"
+            "--name" "$template_deployment_name"
+            "--resource-group" "$resource_group_name"
+            "--template-file" "$template_file"
+            "--parameters"
+            "name=$nginx_cert_name"
+            "location=$nginx_resource_location"
+            "nginxDeploymentName=$nginx_deployment_name"
+            "certificateVirtualPath=$nginx_cert_file"
+            "keyVirtualPath=$nginx_key_file"
+            "keyVaultSecretID=$keyvault_secret"
+            "--verbose"
+        )
+        if [[ "$debug" == true ]]; then
+            az_cmd+=("--debug")
+        fi
+        echo "${az_cmd[@]}"
         set +e
-        az deployment group create --name "$template_deployment_name" --resource-group "$resource_group_name" --template-file "$template_file" --parameters name="$nginx_cert_name" location="$nginx_resource_location" nginxDeploymentName="$nginx_deployment_name" certificateVirtualPath="$nginx_cert_file" keyVirtualPath="$nginx_key_file" keyVaultSecretID="$keyvault_secret" --verbose
-        set -e  
-    else 
+        "${az_cmd[@]}"
+        set -e
+    else
         echo "Skipping JSON object $i cert deployment with error:$err_msg"
         echo ""
-    fi     
+    fi
 done
diff --git a/github-action/src/deploy-config.sh b/github-action/src/deploy-config.sh
old mode 100644
new mode 100755
index c147182..3f4fa4e
--- a/github-action/src/deploy-config.sh
+++ b/github-action/src/deploy-config.sh
@@ -8,27 +8,31 @@ do
 case $i in
     --subscription_id=*)
     subscription_id="${i#*=}"
-    shift 
+    shift
     ;;
     --resource_group_name=*)
     resource_group_name="${i#*=}"
-    shift 
+    shift
     ;;
     --nginx_deployment_name=*)
     nginx_deployment_name="${i#*=}"
-    shift 
+    shift
     ;;
     --config_dir_path=*)
     config_dir_path="${i#*=}"
-    shift 
+    shift
     ;;
     --root_config_file=*)
     root_config_file="${i#*=}"
-    shift 
+    shift
     ;;
     --transformed_config_dir_path=*)
     transformed_config_dir_path="${i#*=}"
-    shift 
+    shift
+    ;;
+    --debug=*)
+    debug="${i#*=}"
+    shift
     ;;
     *)
     echo "Not matched option '${i#*=}' passed in."
@@ -40,27 +44,27 @@ done
 if [[ ! -v subscription_id ]];
 then
     echo "Please set 'subscription-id' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v resource_group_name ]];
 then
     echo "Please set 'resource-group-name' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v nginx_deployment_name ]];
 then
     echo "Please set 'nginx-deployment-name' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v config_dir_path ]];
 then
     echo "Please set 'nginx-config-directory-path' ..."
-    exit 1 
+    exit 1
 fi
 if [[ ! -v root_config_file ]];
 then
     echo "Please set 'nginx-root-config-file' ..."
-    exit 1 
+    exit 1
 fi
 
 # Validation and preprocessing
@@ -78,7 +82,7 @@ fi
 if [[ -d "$config_dir_path" ]]
 then
     echo "The NGINX configuration directory '$config_dir_path' was found."
-else 
+else
     echo "The NGINX configuration directory '$config_dir_path' does not exist."
     exit 1
 fi
@@ -96,7 +100,7 @@ root_config_file_repo_path="$config_dir_path$root_config_file"
 if [[ -f "$root_config_file_repo_path" ]]
 then
     echo "The root NGINX configuration file '$root_config_file_repo_path' was found."
-else 
+else
     echo "The root NGINX configuration file '$root_config_file_repo_path' does not exist."
     exit 1
 fi
@@ -152,4 +156,25 @@ echo "ARM template deployment name: $template_deployment_name"
 echo ""
 
 az account set -s "$subscription_id" --verbose
-az deployment group create --name "$template_deployment_name" --resource-group "$resource_group_name" --template-file "$template_file" --parameters nginxDeploymentName="$nginx_deployment_name" rootFile="$transformed_root_config_file_path" tarball="$encoded_config_tarball" --verbose
+
+az_cmd=(
+    "az"
+    "deployment"
+    "group"
+    "create"
+    "--name" "$template_deployment_name"
+    "--resource-group" "$resource_group_name"
+    "--template-file" "$template_file"
+    "--parameters"
+    "nginxDeploymentName=$nginx_deployment_name"
+    "rootFile=$transformed_root_config_file_path"
+    "tarball=$encoded_config_tarball"
+    "--verbose"
+)
+
+if [[ "$debug" == true ]]; then
+    az_cmd+=("--debug")
+fi
+
+echo "${az_cmd[@]}"
+"${az_cmd[@]}"
diff --git a/github-action/test/configs/multi/nginx.conf b/github-action/test/configs/multi/nginx.conf
index 0366ce8..83378b8 100644
--- a/github-action/test/configs/multi/nginx.conf
+++ b/github-action/test/configs/multi/nginx.conf
@@ -2,7 +2,7 @@ http {
     upstream app {
         zone app 64k;
         least_conn;
-        server 10.0.1.4:8000;
+        server 127.0.0.1:8000;
     }
 
     server {
@@ -19,7 +19,7 @@ http {
     server {
         listen 443 ssl default_server;
         server_name example.com;
-        
+
         ssl_certificate /etc/nginx/ssl/000000/my-cert.crt;
         ssl_certificate_key /etc/nginx/ssl/000000/my-cert.key;
 
@@ -29,4 +29,13 @@ http {
             health_check;
         }
     }
-}
\ No newline at end of file
+
+    server {
+        listen 8000;
+
+        location / {
+            add_header Github-Run-Id 000000;
+            return 200 "Hello World";
+        }
+    }
+}
diff --git a/github-action/test/configs/single/nginx.conf b/github-action/test/configs/single/nginx.conf
index af7d309..497fe11 100644
--- a/github-action/test/configs/single/nginx.conf
+++ b/github-action/test/configs/single/nginx.conf
@@ -2,7 +2,7 @@ http {
     upstream app {
         zone app 64k;
         least_conn;
-        server 10.0.1.4:8000;
+        server 127.0.0.1:8000;
     }
 
     server {
@@ -21,6 +21,14 @@ http {
             proxy_pass http://app;
             health_check;
         }
-        
     }
-}
\ No newline at end of file
+
+    server {
+        listen 8000;
+
+        location / {
+            add_header Github-Run-Id 000000;
+            return 200 "Hello World";
+        }
+    }
+}