refactor: make Entra ID group mandatory for Bicep deployments

Remove conditional group checks - screening_manbrs_[environment] group must
exist before running resource-group-init. Script validation ensures clear
error messaging if prerequisites are missing.

Author: josielsouzanordcloud

infrastructure/terraform/resource_group_init/keyVault.bicep

@@ -60,7 +60,7 @@ resource miRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' =
 }]
 
 // Entra ID Group RBAC assignments using loop
-resource groupRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = [for role in groupRoleAssignments: if (!empty(userGroupPrincipalID)) {
+resource groupRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = [for role in groupRoleAssignments: {
   name: guid(subscription().subscriptionId, userGroupPrincipalID, role.roleName)
   properties: {
     roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', role.roleId)