Using resource group as scope

[EdersonSC]

Describe the bug

470 / 5.000
in my global.settings.jsonc file, I have two pacs:
A dev one that I point to an RG, and a QA one that I point to a subscription,

When I Plan with the DEV environment selected I get an error:

35 | throw "Invalid deploymentRootScope: $deploymentRootScope"
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Invalid deploymentRootScope:
| /subscriptions/XXXXXX-484a-4803-a635-XXXXXXXXXXXX/resourceGroups/police-test

To Reproduce
To reproduce, simply run a policy implementation in an RG, the global-settings.jsonc with the information:
{
"pacSelector": "DEV",
"cloud": "AzureCloud",
"tenantId": "XXXXXXXXX-4cef-b4da-7XXXXXXXXXXX",
"deploymentRootScope": "/subscriptions/XXXXXX-484a-4803-a635-XXXXXXXXXXX/resourceGroups/police-test",
"desiredState": {
"excludedPolicyDefinitions": [],
"excludedScopes": [],
"strategy": "ownedOnly",
"excludedPolicySetDefinitions": [],
"excludedPolicyAssignments": [],
"keepDfcSecurityAssignments": false
},
"globalNotScopes": [],
"managedIdentityLocation": "eastus"
},

Expected behavior
The expectation is that he would move past the planning phase and do the planning only to apply the policy to the RG..

Screenshots
If applicable, add screenshots to help explain your problem.

EPAC Version
10.5.8

[anwather]

EPAC doesn't support having the deploymentRootScope set to a resource group. Create another subscription and deploy your dev policies to that or for dev testing you can deploy assignments to the resource group. If you want to test changes to a policy in a development way - you would need to duplicate the definitions (essentially creating versions) if you are unable to use a different subscription as the dev deployment scope.

[EdersonSC]

Thanks for your support ! now I understood .