Validate managed identity passed in from outside

We have a managed identity that is passed in through external variables, e.g.
data “azurerm_user_assigned_identity” “identity” {
name =
resource_group_name = var.identity.resource_group
and we wish to validate that this identity has been assigned a particular (e.g. Owner or Contributer) role in the scope of a subscription, which is defined in the azurerm provider like this:
provider “azurerm” {
features {}
tenant_id = var.ids.tenant_id
subscription_id = var.ids.subscription_id

This role assignment is not done through Terraform but by a 3rd party using Azure portal/CLI. Is this kind of validation possible through Terraform? Ideally we are hoping when someone runs terraform apply it’s going to fail with an error saying the managed identity does not have the correct role assigned.