aztfmod · shanoor · Jun 17, 2024 · Jul 2, 2024 · Jul 8, 2024 · Jul 8, 2024
diff --git a/.github/workflows/standalone-scenarios.json b/.github/workflows/standalone-scenarios.json
@@ -68,6 +68,7 @@
     "maintenance_configuration/200-maintenance-configuration-assignment-vm-windows",
     "maintenance_configuration/201-maintenance-configuration-assignment-vm-linux",
     "managed_service_identity/100-msi-levels",
+    "management_lock/100-basic-lock",
     "maps/101-azure-maps-account",
     "messaging/eventgrid/100-simple-eventgrid-topic",
     "messaging/eventgrid/101-simple-eventgrid-topic-private-endpoint",

diff --git a/examples/azuread/107-azuread-application-with-single-page-application/configuration.tfvars b/examples/azuread/107-azuread-application-with-single-page-application/configuration.tfvars
@@ -56,8 +56,8 @@ azuread_applications = {
           admin_consent_description  = "Allow to administer app2."
           admin_consent_display_name = "Administer app2"
           enabled                    = true
-          type  = "Admin"
-          value = "app2"
+          type                       = "Admin"
+          value                      = "app2"
         }
       ]
     }

diff --git a/examples/management_lock/100-basic-lock/configuration.tfvars b/examples/management_lock/100-basic-lock/configuration.tfvars
@@ -0,0 +1,40 @@
+global_settings = {
+  default_region = "region1"
+  regions = {
+    region1 = "francecentral"
+  }
+}
+
+resource_groups = {
+  rg1 = {
+    name   = "rg1"
+    region = "region1"
+  }
+}
+
+storage_accounts = {
+  sa1 = {
+    name                     = "5116e929eed5"
+    resource_group_key       = "rg1"
+    account_kind             = "BlobStorage"
+    account_tier             = "Standard"
+    account_replication_type = "LRS"
+  }
+}
+
+management_locks = {
+  resource_groups = {
+    rg1 = {
+      name  = "rg-lock"
+      key   = "rg1"
+      level = "ReadOnly"
+    }
+  }
+  storage_accounts = {
+    sa1 = {
+      name  = "sa-lock"
+      key   = "sa1"
+      level = "CanNotDelete"
+    }
+  }
+}
diff --git a/modules/management_lock/main.tf b/modules/management_lock/main.tf
@@ -0,0 +1,9 @@
+resource "azurerm_management_lock" "lock" {
+  name = var.name
+  scope = coalesce(
+    var.resource_id,
+    var.remote_objects[var.resource_type][var.resource_lz_key][var.resource_key].id
+  )
+  lock_level = var.lock_level
+  notes      = var.notes
+}
diff --git a/modules/management_lock/output.tf b/modules/management_lock/output.tf
@@ -0,0 +1,3 @@
+output "id" {
+  value = azurerm_management_lock.lock.id
+}
diff --git a/modules/management_lock/variables.tf b/modules/management_lock/variables.tf
@@ -0,0 +1,29 @@
+variable "global_settings" {
+  description = "Global settings object (see module README.md)"
+}
+
+variable "client_config" {
+  description = "Client configuration object."
+  default     = {}
+}
+
+variable "remote_objects" {
+  default = {}
+}
+variable "name" {}
+variable "resource_type" {
+  default = ""
+}
+variable "resource_lz_key" {
+  default = ""
+}
+variable "resource_key" {
+  default = ""
+}
+variable "resource_id" {
+  default = ""
+}
+variable "lock_level" {}
+variable "notes" {
+  default = null
+}
diff --git a/variables.tf b/variables.tf
@@ -450,3 +450,6 @@
   default     = {}
 }
 
+variable "management_locks" {
+  default = {}
+}