Pulled policyAssignment template with UMI can't be deployed to Azure

[jsandquist]

This is a follow-up to #529 - which was addressed promptly indeed. Very grateful for that! :-)

I found a UMI in a policyAssignment in my environment and the jq-filter needs to be tweaked some more it seems.

The deployment fails with

The 'UserAssignedIdentities' property keys should only be empty json objects, null or the resource exisiting property. (Code:InvalidIdentityValues)

due to the following Identity representation it seems

...
      "identity": {
        "PrincipalId": null,
        "TenantId": null,
        "UserAssignedIdentities": {
          "/subscriptions/12345678-1234-1234-1234-8e97f1c77549/resourcegroups/rg-mi-mgmt-weu-001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/Deploy-VM-Backup": {
            "PrincipalId": "12345678-1234-abcd-1234-bc03e5f1c896",
            "ClientId": "12345678-1234-abcd-1234-afa4f4fcb749"
          }
        },
...

Steps to reproduce

1. A policyAssignment with UMI retrieved by the AzOps - Pull pipeline
2. The next validate/push fails with above error

Screenshots
(none this time)

[daltondhcp]

Thank you for reporting this - I can repro and it indeed seems like we have yet another issue where the RP is not following the principle of what you GET is what you PUT. Let's work on implementing the tweaked jq filter.