File parsing error for Bicep subscriptionResourceId which is on multiple lines

[jonsamwell]

Describe the issue
checkov is unable to parse this bicep resource. I've narrowed it down to the newlines in the subscriptionResoureceId. If this is declared on a single line the file is parsed without issue. My code formatted in VsCode formats it this way automatically.

resource adminRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
  name: guid(keyVault.id, adminGroupObjectId, 'Key Vault Administrator')
  scope: keyVault
  properties: {
    roleDefinitionId: subscriptionResourceId(
      'Microsoft.Authorization/roleDefinitions',
      '00482a5a-887f-4fb3-b363-3b7fe8e74483'
    )
    principalId: adminGroupObjectId
    principalType: 'User'
  }
}

Examples
Parsing error:

resource adminRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
  name: guid(keyVault.id, adminGroupObjectId, 'Key Vault Administrator')
  scope: keyVault
  properties: {
    roleDefinitionId: subscriptionResourceId(
      'Microsoft.Authorization/roleDefinitions',
      '00482a5a-887f-4fb3-b363-3b7fe8e74483'
    )
    principalId: adminGroupObjectId
    principalType: 'User'
  }
}

Parses successfully:

resource adminRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
  name: guid(keyVault.id, adminGroupObjectId, 'Key Vault Administrator')
  scope: keyVault
  properties: {
    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '00482a5a-887f-4fb3-b363-3b7fe8e74483')
    principalId: adminGroupObjectId
    principalType: 'User'
  }
}

Exception Trace
Please share the trace for the exception and all relevant output by checkov.
To maximize the understanding, please run checkov with LOG_LEVEL set to debug
as follows:

LOG_LEVEL=DEBUG checkov ...

2025-02-07 14:35:12,290 [ThreadPoolEx] [INFO ]  [bicep] start to parse 1 files
2025-02-07 14:35:12,456 [ThreadPoolEx] [DEBUG]  [bicep] Couldn't parse key-vault.bicep
Traceback (most recent call last):
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/parsers/lalr_parser_state.py", line 77, in feed_token
    action, arg = states[state][token.type]
                  ~~~~~~~~~~~~~^^^^^^^^^^^^
KeyError: '_CPP_COMMENT_NL'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/checkov/bicep/parser.py", line 24, in parse
    template = self.bicep_parser.parse(text=content)
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/pycep/main.py", line 29, in parse
    tree = self._create_tree(text=text, file_path=file_path)
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/pycep/main.py", line 53, in _create_tree
    return self.lark_parser.parse(bicep_text)
           ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/lark.py", line 655, in parse
    return self.parser.parse(text, start=start, on_error=on_error)
           ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/parser_frontends.py", line 104, in parse
    return self.parser.parse(stream, chosen_start, **kw)
           ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/parsers/lalr_parser.py", line 42, in parse
    return self.parser.parse(lexer, start)
           ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/parsers/lalr_parser.py", line 88, in parse
    return self.parse_from_state(parser_state)
           ~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/parsers/lalr_parser.py", line 111, in parse_from_state
    raise e
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/parsers/lalr_parser.py", line 102, in parse_from_state
    state.feed_token(token)
    ~~~~~~~~~~~~~~~~^^^^^^^
  File "/opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/lark/parsers/lalr_parser_state.py", line 80, in feed_token
    raise UnexpectedToken(token, expected, state=self, interactive_parser=None)
lark.exceptions.UnexpectedToken: Unexpected token Token('_CPP_COMMENT_NL', '\n') at line 48, column 45.
Expected one of: 
        * RPAR
        * __ANON_55
        * __ANON_58
        * __ANON_60
        * __ANON_53
        * DOT
        * __ANON_61
        * LESSTHAN
        * __ANON_54
        * PLUS
        * QMARK
        * MORETHAN
        * STAR
        * __ANON_59
        * PERCENT
        * LSQB
        * SLASH
        * __ANON_56
        * __ANON_52
        * __ANON_57
        * COMMA
        * MINUS

2025-02-07 14:35:12,462 [ThreadPoolEx] [INFO ]  [bicep] successfully parsed 0 files
2025-02-07 14:35:12,466 [ThreadPoolEx] [INFO ]  Creating Bicep graph
2025-02-07 14:35:12,466 [ThreadPoolEx] [INFO ]  [BicepLocalGraph] created 0 vertices
2025-02-07 14:35:12,466 [ThreadPoolEx] [INFO ]  [BicepLocalGraph] created 0 edges
2025-02-07 14:35:12,466 [ThreadPoolEx] [DEBUG]  done evaluating edges
2025-02-07 14:35:12,466 [ThreadPoolEx] [DEBUG]  done evaluate_non_rendered_values
2025-02-07 14:35:12,466 [ThreadPoolEx] [INFO ]  Successfully created Bicep graph
2025-02-07 14:35:12,467 [ThreadPoolEx] [DEBUG]  Loading external checks from /opt/homebrew/Cellar/checkov/3.2.360/libexec/lib/python3.13/site-packages/checkov/bicep/checks/graph_checks
2025-02-07 14:35:12,467 [ThreadPoolEx] [DEBUG]  Searching through [] and ['__init__.py']
2025-02-07 14:35:12,473 [ThreadPoolEx] [DEBUG]  file key-vault.bicep results len 0
2025-02-07 14:35:12,473 [ThreadPoolEx] [DEBUG]  One of enriched secrets, repo path, or bucket are empty, aborting. values:enriched_secrets=Empty, repo_path=None, bucket=None
2025-02-07 14:35:12,473 [ThreadPoolEx] [DEBUG]  report fail checks len: 0
2025-02-07 14:35:12,473 [ThreadPoolEx] [INFO ]  Cleanup the whole temp directory: /var/folders/2y/4kcmt_4d7mn69_qkysw4bvgr0000gn/T/tmpi0u_u3xq
2025-02-07 14:35:12,473 [MainThread  ] [DEBUG]  Should run contributor metrics report: None
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Getting exit code for report secrets
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Soft fail severity threshold: None
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Soft fail checks: []
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Hard fail severity threshold: None
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Hard fail checks: []
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Use enforcement rules is FALSE
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  In get_exit_code; exit code thresholds: {'soft_fail': False, 'soft_fail_checks': [], 'soft_fail_threshold': None, 'hard_fail_checks': [], 'hard_fail_threshold': None}, hard_fail_on_parsing_errors: False
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  No failed checks in this report - returning 0
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Getting exit code for report bicep
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Soft fail severity threshold: None
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Soft fail checks: []
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Hard fail severity threshold: None
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Hard fail checks: []
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  Use enforcement rules is FALSE
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  In get_exit_code; exit code thresholds: {'soft_fail': False, 'soft_fail_checks': [], 'soft_fail_threshold': None, 'hard_fail_checks': [], 'hard_fail_threshold': None}, hard_fail_on_parsing_errors: False
2025-02-07 14:35:12,474 [MainThread  ] [DEBUG]  No failed checks in this report - returning 0

Desktop (please complete the following information):

• OS: mac
• Checkov Version 3.2.360