diff --git a/.github/workflows/ms.authorization.roleassignments.yml b/.github/workflows/ms.authorization.roleassignments.yml
index 7679d04a07..8d63e45957 100644
--- a/.github/workflows/ms.authorization.roleassignments.yml
+++ b/.github/workflows/ms.authorization.roleassignments.yml
@@ -109,8 +109,7 @@ jobs:
       - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
         uses: ./.github/actions/templates/validateModuleDeployment
         with:
-          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-          parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
           location: '${{ env.location }}'
           resourceGroupName: '${{ env.resourceGroupName }}'
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/dependencies.bicep
new file mode 100644
index 0000000000..d367770432
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/dependencies.bicep
@@ -0,0 +1,13 @@
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+  name: managedIdentityName
+  location: location
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/deploy.test.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/deploy.test.bicep
new file mode 100644
index 0000000000..ab1f7fcdc9
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/deploy.test.bicep
@@ -0,0 +1,45 @@
+targetScope = 'managementGroup'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.authorization.roleassignments-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'aramgcom'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+module resourceGroupResources 'interim.dependencies.bicep' = {
+  scope: subscription('<<subscriptionId>>')
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+    resourceGroupName: resourceGroupName
+    location: location
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../managementGroup/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    principalId: resourceGroupResources.outputs.managedIdentityPrincipalId
+    roleDefinitionIdOrName: 'Backup Reader'
+    description: 'Role Assignment (management group scope)'
+    managementGroupId: last(split(managementGroup().id, '/'))
+    principalType: 'ServicePrincipal'
+  }
+}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/interim.dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/interim.dependencies.bicep
new file mode 100644
index 0000000000..d3a4d815ea
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/mg.common/interim.dependencies.bicep
@@ -0,0 +1,27 @@
+targetScope = 'subscription'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Required. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: managedIdentityName
+  }
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = resourceGroupResources.outputs.managedIdentityPrincipalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.min.parameters.json b/modules/Microsoft.Authorization/roleAssignments/.test/mg.min.parameters.json
deleted file mode 100644
index 02a409875c..0000000000
--- a/modules/Microsoft.Authorization/roleAssignments/.test/mg.min.parameters.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "roleDefinitionIdOrName": {
-            "value": "Storage Queue Data Reader"
-        },
-        "principalId": {
-            "value": "<<deploymentSpId>>"
-        }
-    }
-}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/dependencies.bicep
new file mode 100644
index 0000000000..d367770432
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/dependencies.bicep
@@ -0,0 +1,13 @@
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+  name: managedIdentityName
+  location: location
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/deploy.test.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/deploy.test.bicep
new file mode 100644
index 0000000000..cff069bb26
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/deploy.test.bicep
@@ -0,0 +1,42 @@
+targetScope = 'managementGroup'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.authorization.roleassignments-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'aramgmin'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+module resourceGroupResources 'interim.dependencies.bicep' = {
+  scope: subscription('<<subscriptionId>>')
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+    resourceGroupName: resourceGroupName
+    location: location
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../managementGroup/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    principalId: resourceGroupResources.outputs.managedIdentityPrincipalId
+    roleDefinitionIdOrName: 'Storage Queue Data Reader'
+  }
+}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/interim.dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/interim.dependencies.bicep
new file mode 100644
index 0000000000..d3a4d815ea
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/mg.min/interim.dependencies.bicep
@@ -0,0 +1,27 @@
+targetScope = 'subscription'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Required. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: managedIdentityName
+  }
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = resourceGroupResources.outputs.managedIdentityPrincipalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/mg.parameters.json b/modules/Microsoft.Authorization/roleAssignments/.test/mg.parameters.json
deleted file mode 100644
index e6362b62aa..0000000000
--- a/modules/Microsoft.Authorization/roleAssignments/.test/mg.parameters.json
+++ /dev/null
@@ -1,21 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "roleDefinitionIdOrName": {
-            "value": "Backup Reader"
-        },
-        "description": {
-            "value": "Role Assignment (management group scope)"
-        },
-        "principalId": {
-            "value": "<<deploymentSpId>>"
-        },
-        "principalType": {
-            "value": "ServicePrincipal"
-        },
-        "managementGroupId": {
-            "value": "<<managementGroupId>>"
-        }
-    }
-}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/rg.common/dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/rg.common/dependencies.bicep
new file mode 100644
index 0000000000..5681a89989
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/rg.common/dependencies.bicep
@@ -0,0 +1,13 @@
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+  name: managedIdentityName
+  location: location
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/rg.common/deploy.test.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/rg.common/deploy.test.bicep
new file mode 100644
index 0000000000..69effbbad7
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/rg.common/deploy.test.bicep
@@ -0,0 +1,50 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.authorization.roleassignments-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'arargcom'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../resourceGroup/deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    principalId: resourceGroupResources.outputs.managedIdentityPrincipalId
+    roleDefinitionIdOrName: 'Backup Reader'
+    description: 'Role Assignment (resource group scope)'
+    principalType: 'ServicePrincipal'
+    resourceGroupName: resourceGroup.name
+    subscriptionId: subscription().subscriptionId
+  }
+}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/rg.min.parameters.json b/modules/Microsoft.Authorization/roleAssignments/.test/rg.min.parameters.json
deleted file mode 100644
index 6011dc7e99..0000000000
--- a/modules/Microsoft.Authorization/roleAssignments/.test/rg.min.parameters.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "roleDefinitionIdOrName": {
-            "value": "Storage Queue Data Reader"
-        },
-        "principalId": {
-            "value": "<<deploymentSpId>>"
-        },
-        "subscriptionId": {
-            "value": "<<subscriptionId>>"
-        },
-        "resourceGroupName": {
-            "value": "<<resourceGroupName>>"
-        }
-    }
-}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/rg.min/dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/rg.min/dependencies.bicep
new file mode 100644
index 0000000000..5681a89989
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/rg.min/dependencies.bicep
@@ -0,0 +1,13 @@
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+  name: managedIdentityName
+  location: location
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/rg.min/deploy.test.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/rg.min/deploy.test.bicep
new file mode 100644
index 0000000000..f2361d9217
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/rg.min/deploy.test.bicep
@@ -0,0 +1,48 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.authorization.roleassignments-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'arargmin'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../resourceGroup/deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    principalId: resourceGroupResources.outputs.managedIdentityPrincipalId
+    roleDefinitionIdOrName: 'Storage Queue Data Reader'
+    resourceGroupName: resourceGroup.name
+    subscriptionId: subscription().subscriptionId
+  }
+}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/rg.parameters.json b/modules/Microsoft.Authorization/roleAssignments/.test/rg.parameters.json
deleted file mode 100644
index faf9fc3d90..0000000000
--- a/modules/Microsoft.Authorization/roleAssignments/.test/rg.parameters.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "roleDefinitionIdOrName": {
-            "value": "Backup Reader"
-        },
-        "description": {
-            "value": "Role Assignment (resource group scope)"
-        },
-        "principalId": {
-            "value": "<<deploymentSpId>>"
-        },
-        "principalType": {
-            "value": "ServicePrincipal"
-        },
-        "subscriptionId": {
-            "value": "<<subscriptionId>>"
-        },
-        "resourceGroupName": {
-            "value": "<<resourceGroupName>>"
-        }
-    }
-}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/sub.common/dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/sub.common/dependencies.bicep
new file mode 100644
index 0000000000..5681a89989
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/sub.common/dependencies.bicep
@@ -0,0 +1,13 @@
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+  name: managedIdentityName
+  location: location
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/sub.common/deploy.test.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/sub.common/deploy.test.bicep
new file mode 100644
index 0000000000..18516c090e
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/sub.common/deploy.test.bicep
@@ -0,0 +1,48 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.authorization.roleassignments-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'arasubcom'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../subscription/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    principalId: resourceGroupResources.outputs.managedIdentityPrincipalId
+    roleDefinitionIdOrName: 'Backup Reader'
+    description: 'Role Assignment (subscription scope)'
+    principalType: 'ServicePrincipal'
+    subscriptionId: subscription().subscriptionId
+  }
+}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/sub.min.parameters.json b/modules/Microsoft.Authorization/roleAssignments/.test/sub.min.parameters.json
deleted file mode 100644
index 2a90f97fb7..0000000000
--- a/modules/Microsoft.Authorization/roleAssignments/.test/sub.min.parameters.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "roleDefinitionIdOrName": {
-            "value": "Storage Queue Data Reader"
-        },
-        "principalId": {
-            "value": "<<deploymentSpId>>"
-        },
-        "subscriptionId": {
-            "value": "<<subscriptionId>>"
-        }
-    }
-}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/sub.min/dependencies.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/sub.min/dependencies.bicep
new file mode 100644
index 0000000000..5681a89989
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/sub.min/dependencies.bicep
@@ -0,0 +1,13 @@
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+@description('Optional. The location to deploy resources to.')
+param location string = resourceGroup().location
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+  name: managedIdentityName
+  location: location
+}
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/sub.min/deploy.test.bicep b/modules/Microsoft.Authorization/roleAssignments/.test/sub.min/deploy.test.bicep
new file mode 100644
index 0000000000..22b04f43fe
--- /dev/null
+++ b/modules/Microsoft.Authorization/roleAssignments/.test/sub.min/deploy.test.bicep
@@ -0,0 +1,46 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.authorization.roleassignments-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'arasubmin'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../subscription/deploy.bicep' = {
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    principalId: resourceGroupResources.outputs.managedIdentityPrincipalId
+    roleDefinitionIdOrName: 'Storage Queue Data Reader'
+    subscriptionId: subscription().subscriptionId
+  }
+}
diff --git a/modules/Microsoft.Authorization/roleAssignments/.test/sub.parameters.json b/modules/Microsoft.Authorization/roleAssignments/.test/sub.parameters.json
deleted file mode 100644
index 346ba64c04..0000000000
--- a/modules/Microsoft.Authorization/roleAssignments/.test/sub.parameters.json
+++ /dev/null
@@ -1,21 +0,0 @@
-{
-    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
-    "contentVersion": "1.0.0.0",
-    "parameters": {
-        "roleDefinitionIdOrName": {
-            "value": "Backup Reader"
-        },
-        "description": {
-            "value": "Role Assignment (subscription scope)"
-        },
-        "principalId": {
-            "value": "<<deploymentSpId>>"
-        },
-        "principalType": {
-            "value": "ServicePrincipal"
-        },
-        "subscriptionId": {
-            "value": "<<subscriptionId>>"
-        }
-    }
-}
diff --git a/modules/Microsoft.Authorization/roleAssignments/readme.md b/modules/Microsoft.Authorization/roleAssignments/readme.md
index 0caeec8267..87767df8aa 100644
--- a/modules/Microsoft.Authorization/roleAssignments/readme.md
+++ b/modules/Microsoft.Authorization/roleAssignments/readme.md
@@ -177,7 +177,7 @@ The following module usage examples are retrieved from the content of the files
 
    >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.
 
-<h3>Example 1: Mg Min</h3>
+<h3>Example 1: Mg.Common</h3>
 
 <details>
 
@@ -185,11 +185,15 @@ The following module usage examples are retrieved from the content of the files
 
 ```bicep
 module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-RoleAssignments'
+  name: '${uniqueString(deployment().name)}-test-aramgcom'
   params: {
     // Required parameters
-    principalId: '<<deploymentSpId>>'
-    roleDefinitionIdOrName: 'Storage Queue Data Reader'
+    principalId: '<principalId>'
+    roleDefinitionIdOrName: 'Backup Reader'
+    // Non-required parameters
+    description: 'Role Assignment (management group scope)'
+    managementGroupId: '<managementGroupId>'
+    principalType: 'ServicePrincipal'
   }
 }
 ```
@@ -208,10 +212,20 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
   "parameters": {
     // Required parameters
     "principalId": {
-      "value": "<<deploymentSpId>>"
+      "value": "<principalId>"
     },
     "roleDefinitionIdOrName": {
-      "value": "Storage Queue Data Reader"
+      "value": "Backup Reader"
+    },
+    // Non-required parameters
+    "description": {
+      "value": "Role Assignment (management group scope)"
+    },
+    "managementGroupId": {
+      "value": "<managementGroupId>"
+    },
+    "principalType": {
+      "value": "ServicePrincipal"
     }
   }
 }
@@ -220,7 +234,7 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 </details>
 <p>
 
-<h3>Example 2: Mg</h3>
+<h3>Example 2: Mg.Min</h3>
 
 <details>
 
@@ -228,15 +242,11 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 
 ```bicep
 module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-RoleAssignments'
+  name: '${uniqueString(deployment().name)}-test-aramgmin'
   params: {
     // Required parameters
-    principalId: '<<deploymentSpId>>'
-    roleDefinitionIdOrName: 'Backup Reader'
-    // Non-required parameters
-    description: 'Role Assignment (management group scope)'
-    managementGroupId: '<<managementGroupId>>'
-    principalType: 'ServicePrincipal'
+    principalId: '<principalId>'
+    roleDefinitionIdOrName: 'Storage Queue Data Reader'
   }
 }
 ```
@@ -255,20 +265,10 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
   "parameters": {
     // Required parameters
     "principalId": {
-      "value": "<<deploymentSpId>>"
+      "value": "<principalId>"
     },
     "roleDefinitionIdOrName": {
-      "value": "Backup Reader"
-    },
-    // Non-required parameters
-    "description": {
-      "value": "Role Assignment (management group scope)"
-    },
-    "managementGroupId": {
-      "value": "<<managementGroupId>>"
-    },
-    "principalType": {
-      "value": "ServicePrincipal"
+      "value": "Storage Queue Data Reader"
     }
   }
 }
@@ -277,7 +277,7 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 </details>
 <p>
 
-<h3>Example 3: Rg Min</h3>
+<h3>Example 3: Rg.Common</h3>
 
 <details>
 
@@ -285,14 +285,16 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 
 ```bicep
 module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-RoleAssignments'
+  name: '${uniqueString(deployment().name)}-test-arargcom'
   params: {
     // Required parameters
-    principalId: '<<deploymentSpId>>'
-    roleDefinitionIdOrName: 'Storage Queue Data Reader'
+    principalId: '<principalId>'
+    roleDefinitionIdOrName: 'Backup Reader'
     // Non-required parameters
-    resourceGroupName: '<<resourceGroupName>>'
-    subscriptionId: '<<subscriptionId>>'
+    description: 'Role Assignment (resource group scope)'
+    principalType: 'ServicePrincipal'
+    resourceGroupName: '<resourceGroupName>'
+    subscriptionId: '<subscriptionId>'
   }
 }
 ```
@@ -311,17 +313,23 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
   "parameters": {
     // Required parameters
     "principalId": {
-      "value": "<<deploymentSpId>>"
+      "value": "<principalId>"
     },
     "roleDefinitionIdOrName": {
-      "value": "Storage Queue Data Reader"
+      "value": "Backup Reader"
     },
     // Non-required parameters
+    "description": {
+      "value": "Role Assignment (resource group scope)"
+    },
+    "principalType": {
+      "value": "ServicePrincipal"
+    },
     "resourceGroupName": {
-      "value": "<<resourceGroupName>>"
+      "value": "<resourceGroupName>"
     },
     "subscriptionId": {
-      "value": "<<subscriptionId>>"
+      "value": "<subscriptionId>"
     }
   }
 }
@@ -330,7 +338,7 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 </details>
 <p>
 
-<h3>Example 4: Rg</h3>
+<h3>Example 4: Rg.Min</h3>
 
 <details>
 
@@ -338,16 +346,14 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 
 ```bicep
 module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-RoleAssignments'
+  name: '${uniqueString(deployment().name)}-test-arargmin'
   params: {
     // Required parameters
-    principalId: '<<deploymentSpId>>'
-    roleDefinitionIdOrName: 'Backup Reader'
+    principalId: '<principalId>'
+    roleDefinitionIdOrName: 'Storage Queue Data Reader'
     // Non-required parameters
-    description: 'Role Assignment (resource group scope)'
-    principalType: 'ServicePrincipal'
-    resourceGroupName: '<<resourceGroupName>>'
-    subscriptionId: '<<subscriptionId>>'
+    resourceGroupName: '<resourceGroupName>'
+    subscriptionId: '<subscriptionId>'
   }
 }
 ```
@@ -366,23 +372,17 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
   "parameters": {
     // Required parameters
     "principalId": {
-      "value": "<<deploymentSpId>>"
+      "value": "<principalId>"
     },
     "roleDefinitionIdOrName": {
-      "value": "Backup Reader"
+      "value": "Storage Queue Data Reader"
     },
     // Non-required parameters
-    "description": {
-      "value": "Role Assignment (resource group scope)"
-    },
-    "principalType": {
-      "value": "ServicePrincipal"
-    },
     "resourceGroupName": {
-      "value": "<<resourceGroupName>>"
+      "value": "<resourceGroupName>"
     },
     "subscriptionId": {
-      "value": "<<subscriptionId>>"
+      "value": "<subscriptionId>"
     }
   }
 }
@@ -391,7 +391,7 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 </details>
 <p>
 
-<h3>Example 5: Sub Min</h3>
+<h3>Example 5: Sub.Common</h3>
 
 <details>
 
@@ -399,13 +399,15 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 
 ```bicep
 module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-RoleAssignments'
+  name: '${uniqueString(deployment().name)}-test-arasubcom'
   params: {
     // Required parameters
-    principalId: '<<deploymentSpId>>'
-    roleDefinitionIdOrName: 'Storage Queue Data Reader'
+    principalId: '<principalId>'
+    roleDefinitionIdOrName: 'Backup Reader'
     // Non-required parameters
-    subscriptionId: '<<subscriptionId>>'
+    description: 'Role Assignment (subscription scope)'
+    principalType: 'ServicePrincipal'
+    subscriptionId: '<subscriptionId>'
   }
 }
 ```
@@ -424,14 +426,20 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
   "parameters": {
     // Required parameters
     "principalId": {
-      "value": "<<deploymentSpId>>"
+      "value": "<principalId>"
     },
     "roleDefinitionIdOrName": {
-      "value": "Storage Queue Data Reader"
+      "value": "Backup Reader"
     },
     // Non-required parameters
+    "description": {
+      "value": "Role Assignment (subscription scope)"
+    },
+    "principalType": {
+      "value": "ServicePrincipal"
+    },
     "subscriptionId": {
-      "value": "<<subscriptionId>>"
+      "value": "<subscriptionId>"
     }
   }
 }
@@ -440,7 +448,7 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 </details>
 <p>
 
-<h3>Example 6: Sub</h3>
+<h3>Example 6: Sub.Min</h3>
 
 <details>
 
@@ -448,15 +456,13 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
 
 ```bicep
 module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep' = {
-  name: '${uniqueString(deployment().name)}-RoleAssignments'
+  name: '${uniqueString(deployment().name)}-test-arasubmin'
   params: {
     // Required parameters
-    principalId: '<<deploymentSpId>>'
-    roleDefinitionIdOrName: 'Backup Reader'
+    principalId: '<principalId>'
+    roleDefinitionIdOrName: 'Storage Queue Data Reader'
     // Non-required parameters
-    description: 'Role Assignment (subscription scope)'
-    principalType: 'ServicePrincipal'
-    subscriptionId: '<<subscriptionId>>'
+    subscriptionId: '<subscriptionId>'
   }
 }
 ```
@@ -475,20 +481,14 @@ module roleAssignments './Microsoft.Authorization/roleAssignments/deploy.bicep'
   "parameters": {
     // Required parameters
     "principalId": {
-      "value": "<<deploymentSpId>>"
+      "value": "<principalId>"
     },
     "roleDefinitionIdOrName": {
-      "value": "Backup Reader"
+      "value": "Storage Queue Data Reader"
     },
     // Non-required parameters
-    "description": {
-      "value": "Role Assignment (subscription scope)"
-    },
-    "principalType": {
-      "value": "ServicePrincipal"
-    },
     "subscriptionId": {
-      "value": "<<subscriptionId>>"
+      "value": "<subscriptionId>"
     }
   }
 }