diff --git a/infrastructure/modules/backup/managed_disk/backup_instance.tf b/infrastructure/modules/backup/managed_disk/backup_instance.tf
index 22e004a..ecb12a7 100644
--- a/infrastructure/modules/backup/managed_disk/backup_instance.tf
+++ b/infrastructure/modules/backup/managed_disk/backup_instance.tf
@@ -3,12 +3,14 @@ resource "azurerm_role_assignment" "role_assignment_snapshot_contributor" {
   scope                = var.managed_disk_resource_group.id
   role_definition_name = "Disk Snapshot Contributor"
   principal_id         = var.vault.identity[0].principal_id
+  principal_type       = "ServicePrincipal"
 }
 
 resource "azurerm_role_assignment" "role_assignment_backup_reader" {
   scope                = var.managed_disk_id
   role_definition_name = "Disk Backup Reader"
   principal_id         = var.vault.identity[0].principal_id
+  principal_type       = "ServicePrincipal"
 }
 
 resource "azurerm_data_protection_backup_instance_disk" "backup_instance" {
diff --git a/infrastructure/modules/backup/postgresql_flexible_server/backup_instance.tf b/infrastructure/modules/backup/postgresql_flexible_server/backup_instance.tf
index d391a6e..fe1f5d0 100644
--- a/infrastructure/modules/backup/postgresql_flexible_server/backup_instance.tf
+++ b/infrastructure/modules/backup/postgresql_flexible_server/backup_instance.tf
@@ -3,12 +3,14 @@ resource "azurerm_role_assignment" "role_assignment_reader" {
   scope                = var.server_resource_group_id
   role_definition_name = "Reader"
   principal_id         = var.vault.identity[0].principal_id
+  principal_type       = "ServicePrincipal"
 }
 
 resource "azurerm_role_assignment" "role_assignment_long_term_retention_backup_role" {
   scope                = var.server_id
   role_definition_name = "PostgreSQL Flexible Server Long Term Retention Backup Role"
   principal_id         = var.vault.identity[0].principal_id
+  principal_type       = "ServicePrincipal"
 }
 
 resource "azurerm_data_protection_backup_instance_postgresql_flexible_server" "backup_instance" {