diff --git a/modules/Microsoft.Authorization/roleAssignments/managementGroup/deploy.bicep b/modules/Microsoft.Authorization/roleAssignments/managementGroup/deploy.bicep
index 07251accef..20a01686bd 100644
--- a/modules/Microsoft.Authorization/roleAssignments/managementGroup/deploy.bicep
+++ b/modules/Microsoft.Authorization/roleAssignments/managementGroup/deploy.bicep
@@ -357,7 +357,7 @@ resource roleAssignment 'Microsoft.Authorization/roleAssignments@2020-10-01-prev
 output name string = roleAssignment.name
 
 @sys.description('The resource ID of the Role Assignment.')
-output scope string = tenantResourceId('Microsoft.Management/managementGroups', managementGroupId)
+output resourceId string = extensionResourceId(tenantResourceId('Microsoft.Management/managementGroups', managementGroupId), 'Microsoft.Authorization/roleAssignments', roleAssignment.name)
 
 @sys.description('The scope this Role Assignment applies to.')
-output resourceId string = extensionResourceId(tenantResourceId('Microsoft.Management/managementGroups', managementGroupId), 'Microsoft.Authorization/roleAssignments', roleAssignment.name)
+output scope string = tenantResourceId('Microsoft.Management/managementGroups', managementGroupId)
diff --git a/modules/Microsoft.Authorization/roleAssignments/managementGroup/readme.md b/modules/Microsoft.Authorization/roleAssignments/managementGroup/readme.md
index f3840cc8a8..a0d2558c89 100644
--- a/modules/Microsoft.Authorization/roleAssignments/managementGroup/readme.md
+++ b/modules/Microsoft.Authorization/roleAssignments/managementGroup/readme.md
@@ -40,5 +40,5 @@ With this module you can perform role assignments on a management group level
 | Output Name | Type | Description |
 | :-- | :-- | :-- |
 | `name` | string | The GUID of the Role Assignment. |
-| `resourceId` | string | The scope this Role Assignment applies to. |
-| `scope` | string | The resource ID of the Role Assignment. |
+| `resourceId` | string | The resource ID of the Role Assignment. |
+| `scope` | string | The scope this Role Assignment applies to. |
diff --git a/modules/Microsoft.Authorization/roleAssignments/resourceGroup/deploy.bicep b/modules/Microsoft.Authorization/roleAssignments/resourceGroup/deploy.bicep
index 9314d1702e..e5cd422e5a 100644
--- a/modules/Microsoft.Authorization/roleAssignments/resourceGroup/deploy.bicep
+++ b/modules/Microsoft.Authorization/roleAssignments/resourceGroup/deploy.bicep
@@ -356,10 +356,10 @@ resource roleAssignment 'Microsoft.Authorization/roleAssignments@2020-10-01-prev
 output name string = roleAssignment.name
 
 @sys.description('The resource ID of the Role Assignment.')
-output scope string = resourceGroup().id
-
-@sys.description('The scope this Role Assignment applies to.')
 output resourceId string = az.resourceId(resourceGroupName, 'Microsoft.Authorization/roleAssignments', roleAssignment.name)
 
 @sys.description('The name of the resource group the role assignment was applied at.')
 output resourceGroupName string = resourceGroup().name
+
+@sys.description('The scope this Role Assignment applies to.')
+output scope string = resourceGroup().id
diff --git a/modules/Microsoft.Authorization/roleAssignments/resourceGroup/readme.md b/modules/Microsoft.Authorization/roleAssignments/resourceGroup/readme.md
index fced8d5490..0ea273c28a 100644
--- a/modules/Microsoft.Authorization/roleAssignments/resourceGroup/readme.md
+++ b/modules/Microsoft.Authorization/roleAssignments/resourceGroup/readme.md
@@ -41,5 +41,5 @@ With this module you can perform role assignments on a resource group level
 | :-- | :-- | :-- |
 | `name` | string | The GUID of the Role Assignment. |
 | `resourceGroupName` | string | The name of the resource group the role assignment was applied at. |
-| `resourceId` | string | The scope this Role Assignment applies to. |
-| `scope` | string | The resource ID of the Role Assignment. |
+| `resourceId` | string | The resource ID of the Role Assignment. |
+| `scope` | string | The scope this Role Assignment applies to. |
diff --git a/modules/Microsoft.Authorization/roleAssignments/subscription/deploy.bicep b/modules/Microsoft.Authorization/roleAssignments/subscription/deploy.bicep
index dfbd7f0597..2a8927bfca 100644
--- a/modules/Microsoft.Authorization/roleAssignments/subscription/deploy.bicep
+++ b/modules/Microsoft.Authorization/roleAssignments/subscription/deploy.bicep
@@ -357,7 +357,7 @@ resource roleAssignment 'Microsoft.Authorization/roleAssignments@2020-10-01-prev
 output name string = roleAssignment.name
 
 @sys.description('The resource ID of the Role Assignment.')
-output scope string = subscription().id
+output resourceId string = subscriptionResourceId(subscriptionId, 'Microsoft.Authorization/roleAssignments', roleAssignment.name)
 
 @sys.description('The scope this Role Assignment applies to.')
-output resourceId string = subscriptionResourceId(subscriptionId, 'Microsoft.Authorization/roleAssignments', roleAssignment.name)
+output scope string = subscription().id
diff --git a/modules/Microsoft.Authorization/roleAssignments/subscription/readme.md b/modules/Microsoft.Authorization/roleAssignments/subscription/readme.md
index 8467450e91..19acd7eed8 100644
--- a/modules/Microsoft.Authorization/roleAssignments/subscription/readme.md
+++ b/modules/Microsoft.Authorization/roleAssignments/subscription/readme.md
@@ -40,5 +40,5 @@ With this module you can perform role assignments on a subscription level
 | Output Name | Type | Description |
 | :-- | :-- | :-- |
 | `name` | string | The GUID of the Role Assignment. |
-| `resourceId` | string | The scope this Role Assignment applies to. |
-| `scope` | string | The resource ID of the Role Assignment. |
+| `resourceId` | string | The resource ID of the Role Assignment. |
+| `scope` | string | The scope this Role Assignment applies to. |
diff --git a/modules/Microsoft.Authorization/roleDefinitions/deploy.bicep b/modules/Microsoft.Authorization/roleDefinitions/deploy.bicep
index 052c570948..9786701808 100644
--- a/modules/Microsoft.Authorization/roleDefinitions/deploy.bicep
+++ b/modules/Microsoft.Authorization/roleDefinitions/deploy.bicep
@@ -107,4 +107,4 @@ output name string = empty(subscriptionId) && empty(resourceGroupName) ? roleDef
 output resourceId string = empty(subscriptionId) && empty(resourceGroupName) ? roleDefinition_mg.outputs.resourceId : (!empty(subscriptionId) && empty(resourceGroupName) ? roleDefinition_sub.outputs.resourceId : roleDefinition_rg.outputs.resourceId)
 
 @sys.description('The scope this Role Definition applies to.')
-output roleDefinitionScope string = empty(subscriptionId) && empty(resourceGroupName) ? roleDefinition_mg.outputs.scope : (!empty(subscriptionId) && empty(resourceGroupName) ? roleDefinition_sub.outputs.scope : roleDefinition_rg.outputs.scope)
+output scope string = empty(subscriptionId) && empty(resourceGroupName) ? roleDefinition_mg.outputs.scope : (!empty(subscriptionId) && empty(resourceGroupName) ? roleDefinition_sub.outputs.scope : roleDefinition_rg.outputs.scope)
diff --git a/modules/Microsoft.Authorization/roleDefinitions/readme.md b/modules/Microsoft.Authorization/roleDefinitions/readme.md
index a7566ea2e3..1af3c4a999 100644
--- a/modules/Microsoft.Authorization/roleDefinitions/readme.md
+++ b/modules/Microsoft.Authorization/roleDefinitions/readme.md
@@ -159,7 +159,7 @@ module roledefinition 'yourpath/modules/Microsoft.Authorization.roleDefinitions/
 | :-- | :-- | :-- |
 | `name` | string | The GUID of the Role Definition. |
 | `resourceId` | string | The resource ID of the Role Definition. |
-| `roleDefinitionScope` | string | The scope this Role Definition applies to. |
+| `scope` | string | The scope this Role Definition applies to. |
 
 ## Considerations