fixes requested during avm team review (#4)

* fix: requested fixes from AVM team

* fix: reference to managed identity

README.md

@@ -381,6 +381,10 @@ Default: `true`
 
 The following outputs are exported:
 
+### <a name="output_name"></a> [name](#output\_name)
+
+Description: The name of the parent resource.
+
 ### <a name="output_private_endpoints"></a> [private\_endpoints](#output\_private\_endpoints)
 
 Description: A map of private endpoints. The map key is the supplied input to var.private\_endpoints. The map value is the entire azurerm\_private\_endpoint resource.
@@ -389,6 +393,14 @@ Description: A map of private endpoints. The map key is the supplied input to va
 
 Description: This is the full output for the resource.
 
+### <a name="output_resource_id"></a> [resource\_id](#output\_resource\_id)
+
+Description: The resource id for the parent resource.
+
+### <a name="output_system_assigned_mi_principal_id"></a> [system\_assigned\_mi\_principal\_id](#output\_system\_assigned\_mi\_principal\_id)
+
+Description: The system assigned managed identity principal ID of the parent resource.
+
 ## Modules
 
 No modules.

examples/default/README.md

@@ -26,7 +26,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

examples/default/main.tf

@@ -20,7 +20,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

examples/geo-replication/README.md

@@ -28,7 +28,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

examples/geo-replication/main.tf

@@ -20,7 +20,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

examples/low-cost/README.md

@@ -28,7 +28,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

examples/low-cost/main.tf

@@ -20,7 +20,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

examples/private-endpoint/README.md

@@ -26,7 +26,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

examples/private-endpoint/main.tf

@@ -20,7 +20,11 @@ DESCRIPTION
 
 provider "azurerm" {
   skip_provider_registration = true
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 # This ensures we have unique CAF compliant names for our resources.

locals.tf

@@ -1,10 +1,5 @@
 locals {
-  resource_group_location            = try(data.azurerm_resource_group.parent[0].location, null)
-  role_definition_resource_substring = "/providers/Microsoft.Authorization/roleDefinitions"
-}
-
-# Private endpoint application security group associations
-locals {
+  # Private endpoint application security group associations
   private_endpoint_application_security_group_associations = { for assoc in flatten([
     for pe_k, pe_v in var.private_endpoints : [
       for asg_k, asg_v in pe_v.application_security_group_associations : {
@@ -14,4 +9,7 @@ locals {
       }
     ]
   ]) : "${assoc.pe_key}-${assoc.asg_key}" => assoc }
+
+  resource_group_location            = try(data.azurerm_resource_group.parent[0].location, null)
+  role_definition_resource_substring = "/providers/Microsoft.Authorization/roleDefinitions"
 }

locals.version.tf.json

@@ -1,5 +1,5 @@
 {
   "locals": {
-    "module_version": "0.0.1"
+    "module_version": "0.1.0"
   }
 }

outputs.tf

@@ -1,3 +1,20 @@
+# Minimum required outputs
+# https://azure.github.io/Azure-Verified-Modules/specs/shared/#id-rmfr7---category-outputs---minimum-required-outputs
+output "resource_id" {
+  description = "The resource id for the parent resource."
+  value       = azurerm_container_registry.this.id
+}
+
+output "name" {
+  description = "The name of the parent resource."
+  value       = azurerm_container_registry.this.name
+}
+
+output "system_assigned_mi_principal_id" {
+  description = "The system assigned managed identity principal ID of the parent resource."
+  value       = try(azurerm_container_registry.this.identity[0].principal_id, null)
+}
+
 output "private_endpoints" {
   description = "A map of private endpoints. The map key is the supplied input to var.private_endpoints. The map value is the entire azurerm_private_endpoint resource."
   value       = azurerm_private_endpoint.this