fix: allow parsing of role assignment value at auth scope [IAC-3033]

This is a relatively common case, fixing it should significantly cut
down on the number of errors for `azurerm_role_assignment`s.

internal/services/authorization/parse/role_assignment.go

@@ -146,6 +146,15 @@ func RoleAssignmentID(input string) (*RoleAssignmentId, error) {
 		}
 		roleAssignmentId.Name = idParts[1]
 		roleAssignmentId.ManagementGroup = strings.TrimPrefix(idParts[0], "/providers/Microsoft.Management/managementGroups/")
+	case strings.HasPrefix(input, "/providers/Microsoft.Authorization/"):
+		idParts := strings.Split(input, "/providers/Microsoft.Authorization/roleAssignments/")
+		if len(idParts) != 2 {
+			return nil, fmt.Errorf("could not parse Role Assignment ID %q for Authorization", input)
+		}
+		if idParts[1] == "" {
+			return nil, fmt.Errorf("ID was missing a value for the roleAssignments element")
+		}
+		roleAssignmentId.Name = idParts[1]
 	default:
 		return nil, fmt.Errorf("could not parse Role Assignment ID %q", input)
 	}

internal/services/authorization/parse/role_assignment_test.go

@@ -233,6 +233,20 @@ func TestRoleAssignmentID(t *testing.T) {
 				TenantId:         "34567812-3456-7653-6742-345678901234",
 			},
 		},
+		{
+			// valid Role Assignment value at the Authorization scope
+			Input: "/providers/Microsoft.Authorization/roleAssignments/115ee65a-a72f-4ade-bc87-21fc046e54e6",
+			Expected: &RoleAssignmentId{
+				SubscriptionID:      "",
+				ResourceGroup:       "",
+				ManagementGroup:     "",
+				ResourceScope:       "",
+				ResourceProvider:    "",
+				Name:                "115ee65a-a72f-4ade-bc87-21fc046e54e6",
+				TenantId:            "",
+				IsSubscriptionLevel: false,
+			},
+		},
 	}
 
 	for _, v := range testData {