# Management Groups Module
# Creates Azure Management Groups hierarchy according to Well-Architected Framework

# Root Management Group (assumes it exists)
data "azurerm_management_group" "root" {
  name = var.root_management_group_id
}

# Production Management Group
resource "azurerm_management_group" "production" {
  name                       = "Production"
  display_name               = "Production"
  parent_management_group_id = data.azurerm_management_group.root.id
  
  subscription_ids = var.production_subscription_ids
}

# Non-Production Management Group
resource "azurerm_management_group" "non_production" {
  name                       = "Non-Production"
  display_name               = "Non-Production"
  parent_management_group_id = data.azurerm_management_group.root.id
  
  subscription_ids = var.non_production_subscription_ids
}

# Shared Services Management Group
resource "azurerm_management_group" "shared_services" {
  name                       = "SharedServices"
  display_name               = "Shared Services"
  parent_management_group_id = data.azurerm_management_group.root.id
  
  subscription_ids = var.shared_services_subscription_ids
}

# Sandbox Management Group
resource "azurerm_management_group" "sandbox" {
  name                       = "Sandbox"
  display_name               = "Sandbox"
  parent_management_group_id = data.azurerm_management_group.root.id
  
  subscription_ids = var.sandbox_subscription_ids
}

# Outputs
output "production_management_group_id" {
  value = azurerm_management_group.production.id
}

output "non_production_management_group_id" {
  value = azurerm_management_group.non_production.id
}

output "shared_services_management_group_id" {
  value = azurerm_management_group.shared_services.id
}

output "sandbox_management_group_id" {
  value = azurerm_management_group.sandbox.id
}