From a05d83dfc5d6848e03c9397165f401073b16d16b Mon Sep 17 00:00:00 2001
From: harkirat22 <harkiratbhardwaj@gmail.com>
Date: Sat, 9 Jan 2021 08:17:14 -0500
Subject: [PATCH] adding an else condition to relate management lock with
 resource group

---
 .../rego/azure/azurerm_resource_group/resourceGroupLock.rego  | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/policies/opa/rego/azure/azurerm_resource_group/resourceGroupLock.rego b/pkg/policies/opa/rego/azure/azurerm_resource_group/resourceGroupLock.rego
index 2ab392054..8ba966def 100755
--- a/pkg/policies/opa/rego/azure/azurerm_resource_group/resourceGroupLock.rego
+++ b/pkg/policies/opa/rego/azure/azurerm_resource_group/resourceGroupLock.rego
@@ -24,4 +24,8 @@ resourceLockExist(resource_group) = exists {
     resource_group_name := sprintf("azurerm_resource_group.%s", [resource_group.name])
 	resource_lock_exist_set[resource_group_name]
     exists = true
+} else = exists {
+	resource_lock_exist_set := { resource_lock_id | resource_lock_id := split(input.azurerm_management_lock[i].config.scope, ".")[1] }
+	resource_lock_exist_set[resource_group.name]
+    exists = true
 }
\ No newline at end of file