From 515fbe4af64aaeaba38242f1b15bb0853861e4dc Mon Sep 17 00:00:00 2001
From: James Paterson <james.paterson@kinandcarta.com>
Date: Tue, 25 Mar 2025 16:18:27 +0000
Subject: [PATCH] chore: revert granting back office api permission to write to
 blob

This reverts commit ddad92449463eb55dbf5e84c34a094400d18aced.
---
 app/components/back-office-app-services/iam.tf | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/components/back-office-app-services/iam.tf b/app/components/back-office-app-services/iam.tf
index c8a7353d1..d3e880f47 100644
--- a/app/components/back-office-app-services/iam.tf
+++ b/app/components/back-office-app-services/iam.tf
@@ -28,9 +28,3 @@ resource "azurerm_role_assignment" "back_office_app_send_event_grid" {
   role_definition_name = "EventGrid Data Sender"
   principal_id         = module.app_service["back_office_api"].principal_id
 }
-
-resource "azurerm_role_assignment" "back_office_api_blob_data_writer" {
-  scope                = var.document_storage_back_office_document_service_uploads_container_resource_manager_id
-  role_definition_name = "Storage Blob Data Contributor"
-  principal_id         = module.app_service["back_office_api"].principal_id
-}