diff --git a/.github/workflows/arm-template-lint.yml b/.github/workflows/arm-template-lint.yml
index 8ccc7fb519..d91de89b1f 100644
--- a/.github/workflows/arm-template-lint.yml
+++ b/.github/workflows/arm-template-lint.yml
@@ -33,4 +33,4 @@ jobs:
         name: lint ${{ matrix.template }}
         with:
           github_token: ${{ secrets.github_token }}
-          workdir: "./deploy/azure/${{ matrix.template }}"
+          workdir: "./deploy/azure/${{ matrix.template }} -SkipByFile @{ '*' = '*ResourceIds should not contain*' }"
diff --git a/deploy/azure/ARM-for-single-account.dev.json b/deploy/azure/ARM-for-single-account.dev.json
index dc00e273bb..ffd54a39c2 100644
--- a/deploy/azure/ARM-for-single-account.dev.json
+++ b/deploy/azure/ARM-for-single-account.dev.json
@@ -52,7 +52,7 @@
             "apiVersion": "2022-09-01",
             "name": "[variables('roleAssignmentDeployment')]",
             "subscriptionId": "[subscription().subscriptionId]",
-            "resourceGroup": "[resourceGroup().name]",
+            "location": "[parameters('ResourceGroupLocation')]",
             "properties": {
                 "expressionEvaluationOptions": {
                     "scope": "inner"
@@ -84,7 +84,7 @@
                             "name": "[guid(subscription().id, parameters('ResourceGroupName'), deployment().name, 'securityaudit')]",
                             "properties": {
                                 "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
-                                "principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
+                                "principalId": "[reference(resourceId(subscription().subscriptionId, parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
                                 "principalType": "ServicePrincipal"
                             }
                         },
@@ -94,7 +94,7 @@
                             "name": "[guid(subscription().id, parameters('ResourceGroupName'), deployment().name, 'additional-role')]",
                             "properties": {
                                 "roleDefinitionId": "[concat('/providers/Microsoft.Authorization/roleDefinitions/', parameters('AdditionalRoleGUID'))]",
-                                "principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
+                                "principalId": "[reference(resourceId(subscription().subscriptionId, parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
                                 "principalType": "ServicePrincipal"
                             }
                         }
diff --git a/deploy/azure/ARM-for-single-account.json b/deploy/azure/ARM-for-single-account.json
index 0baa62ac97..6f0d4ad9ec 100644
--- a/deploy/azure/ARM-for-single-account.json
+++ b/deploy/azure/ARM-for-single-account.json
@@ -46,7 +46,7 @@
             "apiVersion": "2022-09-01",
             "name": "[variables('roleAssignmentDeployment')]",
             "subscriptionId": "[subscription().subscriptionId]",
-            "resourceGroup": "[resourceGroup().name]",
+            "location": "[parameters('ResourceGroupLocation')]",
             "properties": {
                 "expressionEvaluationOptions": {
                     "scope": "inner"
@@ -78,7 +78,7 @@
                             "name": "[guid(subscription().id, parameters('ResourceGroupName'), deployment().name, 'securityaudit')]",
                             "properties": {
                                 "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
-                                "principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
+                                "principalId": "[reference(resourceId(subscription().subscriptionId, parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
                                 "principalType": "ServicePrincipal"
                             }
                         },
@@ -88,7 +88,7 @@
                             "name": "[guid(subscription().id, parameters('ResourceGroupName'), deployment().name, 'additional-role')]",
                             "properties": {
                                 "roleDefinitionId": "[concat('/providers/Microsoft.Authorization/roleDefinitions/', parameters('AdditionalRoleGUID'))]",
-                                "principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
+                                "principalId": "[reference(resourceId(subscription().subscriptionId, parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
                                 "principalType": "ServicePrincipal"
                             }
                         }