Role assignments are not deleted when using targetScope = 'resourceGroup'
and --mode Complete
#10460
Labels
Needs: Author Feedback
Awaiting feedback from the author of the issue
Bicep version
Describe the bug
When I remove a 'Microsoft.Authorization/roleAssignments@2022-04-01' from my Bicep template with
targetScope = 'resourceGroup'
and deploy usingaz deployment group create ... --mode Complete
the role assignment is not removed.To Reproduce
Steps to reproduce the behaviour:
az deployment group create ... --mode Complete
.az deployment group create ... --mode Complete
.Additional context
This fails without even as much as a warning, this should probably be classified as a security vulnerability.
The text was updated successfully, but these errors were encountered: