ekristen
diff --git a/‎.golangci.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.golangci.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cli-experimental.md‎
Lines changed: 36 additions & 5 deletions b/‎docs/cli-experimental.md‎
Lines changed: 36 additions & 5 deletions
diff --git a/‎docs/config-filtering.md‎
Lines changed: 67 additions & 9 deletions b/‎docs/config-filtering.md‎
Lines changed: 67 additions & 9 deletions
diff --git a/‎docs/features/filter-groups.md‎
Lines changed: 11 additions & 0 deletions b/‎docs/features/filter-groups.md‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎docs/resources/app-service-plan.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/resources/app-service-plan.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/resources/application-certificate.md‎
Lines changed: 1 addition & 0 deletions b/‎docs/resources/application-certificate.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docs/resources/application-federated-credential.md‎
Lines changed: 2 additions & 1 deletion b/‎docs/resources/application-federated-credential.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎docs/resources/application-gateway.md‎
Lines changed: 12 additions & 0 deletions b/‎docs/resources/application-gateway.md‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎docs/resources/application-secret.md‎
Lines changed: 5 additions & 4 deletions b/‎docs/resources/application-secret.md‎
Lines changed: 5 additions & 4 deletions
diff --git a/‎docs/resources/application.md‎
Lines changed: 1 addition & 0 deletions b/‎docs/resources/application.md‎
Lines changed: 1 addition & 0 deletions
@@ -38,7 +38,7 @@ linters:
     - bodyclose
     - dogsled
     - errcheck
-    - exportloopref
+    - copyloopvar
     - funlen
     - goconst
     - gocritic
 
@@ -2,22 +2,53 @@
 
 ## Overview
 
-These are the experimental features hidden behind feature flags that are currently available in aws-nuke. They are all
+These are the experimental features hidden behind feature flags that are currently available in azure-nuke. They are all
 disabled by default. These are switches that changes the actual behavior of the tool itself. Changing the behavior of
 a resource is done via resource settings.
 
 !!! note
-    The original tool had configuration options called `feature-flags` which were used to enable/disable certain
-    behaviors with resources, those are now called settings and `feature-flags` have been deprecated in the config.
+The original tool had configuration options called `feature-flags` which were used to enable/disable certain
+behaviors with resources, those are now called settings and `feature-flags` have been deprecated in the config.
 
 ## Usage
 
 ```console
-azure-nuke run --feature-flag "some-feature"
+azure-nuke run --feature-flag "wait-on-dependencies"
 ```
 
 **Note:** other CLI arguments are omitted for brevity.
 
 ## Available Feature Flags
 
-No available features at this time.
+- `filter-groups` - This feature flag will cause azure-nuke to filter based on a grouping method which allows for AND'ing
+  filters together.
+- `wait-on-dependencies` - This feature flag will cause azure-nuke to wait for all resource type dependencies to be
+  deleted before deleting the next resource type.
+
+### wait-on-dependencies
+
+This feature flag will cause azure-nuke to wait for all resource type dependencies to be deleted before deleting the next
+resource type. This is useful for resources that have dependencies on other resources. For example, an IAM Role that has
+an attached policy.
+
+The problem is that if you delete the IAM Role first, it will fail because it has a dependency on the policy.
+
+This feature flag will cause azure-nuke to wait for all resources of a given type to be deleted before deleting the next
+resource type. This will reduce the number of errors and unnecessary API calls.
+
+### filter-groups
+
+This feature flag will cause azure-nuke to filter resources based on a group method. This is useful when filters need
+to be AND'd together. For example, if you want to delete all resources that are tagged with `env:dev` and `namespace:test`
+you can use the following filter group:
+
+```yaml
+filters:
+  ResourceType:
+    - property: tag:env
+      value: dev
+      group: group1
+    - property: tag:namespace
+      value: test
+      group: group2
+```
@@ -1,6 +1,6 @@
 !!! warning
     Filtering is a powerful tool, but it is also a double-edged sword. It is easy to make mistakes in the filter
-    configuration. Also, since aws-nuke is in continuous development, there is always a possibility to introduce new
+    configuration. Also, since azure-nuke is in continuous development, there is always a possibility to introduce new
     bugs, no matter how careful we review new code.
 
 # Filtering
@@ -23,12 +23,12 @@ a resource does NOT have any filters defined, the `__global__` ones will still b
 
 ### Example
 
-In this example, we are ignoring all resources that have the tag `aws-nuke` set to `ignore`. Additionally filtering
+In this example, we are ignoring all resources that have the tag `azure-nuke` set to `ignore`. Additionally filtering
 a specific instance by its `id`. When the `EC2Instance` resource is processed, it will have both filters applied. These
 
 ```yaml
 __global__:
-  - property: tag:aws-nuke
+  - property: tag:azure-nuke
     value: "ignore"
 
 EC2Instance:
@@ -40,10 +40,68 @@ This will ultimately render as the following filters for the `EC2Instance` resou
 ```yaml
 EC2Instance:
   - "i-01b489457a60298dd"
-  - property: tag:aws-nuke
+  - property: tag:azure-nuke
     value: "ignore"
 ```
 
+## Filter Groups
+
+!!! important
+Filter groups are an experimental feature and are disabled by default. To enable filter groups, use the
+`--feature-flag filter-groups` flag.
+
+Filter groups are used to group filters together. This is useful when filters need to be AND'd together. For example,
+if you want to delete all resources that are tagged with `env:dev` and `namespace:test` you can use the following filter
+group:
+
+```yaml
+presets:
+  example:
+    filters:
+      ResourceType:
+        - property: tag:env
+          value: dev
+          group: group1
+        - property: tag:namespace
+          value: test
+          group: group2
+```
+
+In this example, the `group1` and `group2` filters are AND'd together. This means that a resource must match both filters
+to be excluded from deletion.
+
+Only a single filter in a group is required to match. This means that if a resource matches any filter in a group it will
+count as a match for the group.
+
+### Example
+
+In this example, we are ignoring all resources that have the tag `azure-nuke` set to `ignore`. Additionally filtering
+a specific instance by its `id`. When the `EC2Instance` resource is processed, it will have both filters applied. These
+
+```yaml
+presets:
+  example:
+    filters:
+      __global__:
+        - property: tag:azure-nuke
+          value: "ignore"
+      EC2Instance:
+        - "i-01b489457a60298dd"
+```
+
+This will ultimately render as the following filters for the `EC2Instance` resource:
+
+```yaml
+presets:
+  example:
+    filters:
+      EC2Instance:
+        - "i-01b489457a60298dd"
+        - property: tag:azure-nuke
+          value: "ignore"
+```
+
+
 ## Types
 
 The following are comparisons  that you can use to filter resources. These are used in the configuration file.
@@ -143,7 +201,7 @@ EC2Image:
 ## Properties
 
 By default, when writing a filter if you do not specify a property, it will use the `Name` property. However, resources
-that do no support Properties, aws-nuke will fall back to what is called the `Legacy String`, it's essentially a
+that do no support Properties, azure-nuke will fall back to what is called the `Legacy String`, it's essentially a
 function that returns a string representation of the resource. 
 
 Some resources support filtering via properties. When a resource support these properties, they will be listed in
@@ -175,7 +233,7 @@ ResourceGroup:
     invert: true
 ```
 
-In this case *any* ResourceGroup ***but*** the ones called "foo" will be filtered. Be aware that *aws-nuke*
+In this case *any* ResourceGroup ***but*** the ones called "foo" will be filtered. Be aware that *azure-nuke*
 internally takes every resource and applies every filter on it. If a filter matches, it marks the node as filtered.
 
 ## Example
@@ -194,12 +252,12 @@ ResourceGroup:
 
 It is possible to filter this is important for not deleting the current user for example or for resources like S3
 Buckets which have a globally shared namespace and might be hard to recreate. Currently, the filtering is based on
-the resource identifier. The identifier will be printed as the first step of *aws-nuke* (eg `i-01b489457a60298dd` 
+the resource identifier. The identifier will be printed as the first step of *azure-nuke* (eg `i-01b489457a60298dd` 
 for an EC2 instance).
 
 !!! warning
-    **Even with filters you should not run aws-nuke on any AWS account, where you cannot afford to lose all resources.
-    It is easy to make mistakes in the filter configuration. Also, since aws-nuke is in continuous development, there is
+    **Even with filters you should not run azure-nuke on any AWS account, where you cannot afford to lose all resources.
+    It is easy to make mistakes in the filter configuration. Also, since azure-nuke is in continuous development, there is
     always a possibility to introduce new bugs, no matter how careful we review new code.**
 
 The filters are part of the account-specific configuration and are grouped by resource types. This is an example of a
 
@@ -0,0 +1,11 @@
+# Filter Groups
+
+!!! important
+This feature is experimental and is disabled by default. To enable it, use the `--feature-flag "filter-groups"` CLI argument.
+
+Filter groups allow you to filter resources based on a grouping method which allows for AND'ing filters together. By
+default, all filters belong to the same group, but you can specify a group name to group filters together.
+
+All filters within a group are OR'd together, and all groups are AND'd together.
+
+[Full Documentation](../config-filtering.md#filter-groups)
@@ -7,5 +7,5 @@
 
 ## Properties
 
-- **`ResourceGroup`**: No description provided
+- **`BaseResource`**: No description provided
 - **`Name`**: No description provided
@@ -7,6 +7,7 @@
 
 ## Properties
 
+- **`BaseResource`**: No description provided
 - **`ID`**: No description provided
 - **`Name`**: No description provided
 - **`AppID`**: No description provided
@@ -7,7 +7,8 @@
 
 ## Properties
 
+- **`BaseResource`**: No description provided
 - **`ID`**: No description provided
 - **`Name`**: No description provided
 - **`AppID`**: No description provided
-- **`AppUniqueName`**: No description provided
+- **`DisplayName`**: No description provided
@@ -0,0 +1,12 @@
+# Application Gateway
+
+## Details
+
+- **Type:** `ApplicationGateway`
+- **Scope:** resource-group
+
+## Properties
+
+- **`BaseResource`**: No description provided
+- **`ID`**: No description provided
+- **`Name`**: No description provided
@@ -7,7 +7,8 @@
 
 ## Properties
 
-- **`ID`**: No description provided
-- **`Name`**: No description provided
-- **`AppID`**: No description provided
-- **`AppName`**: No description provided
+- **`AppID`**: The unique ID of the Application to which the secret belongs
+- **`AppName`**: The display name of the Application to which the secret belongs
+- **`BaseResource`**: No description provided
+- **`KeyID`**: The unique ID of the Application Secret Key
+- **`Name`**: The display name of the Application Secret
@@ -7,5 +7,6 @@
 
 ## Properties
 
+- **`BaseResource`**: No description provided
 - **`ID`**: No description provided
 - **`Name`**: No description provided