diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 000be46d..9304dc64 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,7 +15,7 @@ jobs:
       ## this will contain a matrix of all the combinations
       ## we wish to test again:
       matrix:
-        go-version: [ 1.23.x ]
+        go-version: [ 1.24.x ]
         platform: [ ubuntu-latest, macos-latest, windows-latest ]
 
     ## Defines the platform for each test run
@@ -26,13 +26,13 @@ jobs:
     steps:
       ## sets up go based on the version
       - name: Install Go
-        uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: ${{ matrix.go-version }}
 
       ## checks out our code locally, so we can work with the files
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       ## runs go test ./...
       - name: Build
@@ -43,6 +43,6 @@ jobs:
         run: go test ./... -coverprofile=./cover.out
 
       - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@e96185f4044c2f0cedf0f022454acf9811cf8057 # v5.4.0
+        uses: codecov/codecov-action@af09b5e394c93991b95a5e7646aeb90c1917f78f # v5.5.1
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index fe3941bb..a43c835b 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -39,11 +39,11 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@70df9def86d22bf0ea4e7f8b956e7b92e7c1ea22 # codeql-bundle-v2.20.7
+        uses: github/codeql-action/init@17783bfb99b07f70fae080b654aed0c514057477 # codeql-bundle-v2.23.3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -57,7 +57,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@70df9def86d22bf0ea4e7f8b956e7b92e7c1ea22 # codeql-bundle-v2.20.7
+        uses: github/codeql-action/autobuild@17783bfb99b07f70fae080b654aed0c514057477 # codeql-bundle-v2.23.3
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -70,4 +70,4 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@70df9def86d22bf0ea4e7f8b956e7b92e7c1ea22 # codeql-bundle-v2.20.7
+        uses: github/codeql-action/analyze@17783bfb99b07f70fae080b654aed0c514057477 # codeql-bundle-v2.23.3
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index eaba23f3..f1328622 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -6,13 +6,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Install Go
-        uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
-          go-version: 1.23.x
+          go-version: 1.24.x
       - name: Restore cache
-        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         with:
           path: ~/go/pkg/mod
           key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
@@ -23,7 +23,7 @@ jobs:
   test:
     strategy:
       matrix:
-        go-version: [ 1.23.x ]
+        go-version: [ 1.24.x ]
         platform: [ ubuntu-latest, macos-latest, windows-latest ]
     runs-on: ${{ matrix.platform }}
     steps:
@@ -31,13 +31,13 @@ jobs:
         with:
           terraform_version: 1.5.4
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Install Go
-        uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: ${{ matrix.go-version }}
       - name: Restore cache
-        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         with:
           path: ~/go/pkg/mod
           key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
@@ -51,8 +51,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Install Go
-        uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
-          go-version: 1.23.x
+          go-version: 1.24.x
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 0d13d272..c61d02ba 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -11,21 +11,21 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Unshallow
         run: git fetch --prune --unshallow
       - name: Set up Go
-        uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
-          go-version: 1.23
+          go-version: 1.24
       - name: Import GPG key
         id: import_gpg
-        uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.PASSPHRASE }}
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@90a3faa9d0182683851fbfa97ca1a2cb983bfca3 # v6.2.1
+        uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
         with:
           version: latest
           args: release --clean
@@ -41,16 +41,16 @@ jobs:
     needs:
       - goreleaser
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Publish to Registry
-        uses: elgohr/Publish-Docker-Github-Action@82556589c08f584cb95411629a94e6c2b68b9b80 # v5
+        uses: elgohr/Publish-Docker-Github-Action@32b6623ebb46c5fe6dcfc2281cfcd549a31366ce # v5
         with:
           name: jameswoolfenden/pike
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
           tags: "latest,${{ github.ref_name }}"
       - name: Update Docker Hub README
-        uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4.0.0
+        uses: peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa # v5.0.0
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
@@ -64,7 +64,7 @@ jobs:
       - goreleaser
     steps:
       - name: Repository Dispatch
-        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
+        uses: peter-evans/repository-dispatch@5fc4efd1a4797ddb68ffd0714a238564e4cc0e6f # v4.0.0
         with:
           token: ${{ secrets.PAT }}
           repository: jameswoolfenden/scoop
diff --git a/.github/workflows/resources.yml b/.github/workflows/resources.yml
index 0a13c46a..3bf07482 100644
--- a/.github/workflows/resources.yml
+++ b/.github/workflows/resources.yml
@@ -11,13 +11,13 @@ jobs:
       runs-on:  ubuntu-latest
       steps:
         - name: Install Go
-          uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+          uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
           with:
             go-version: ${{ matrix.go-version }}
 
         ## checks out our code locally, so we can work with the files
         - name: Checkout code
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+          uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
         ## runs go test ./...
         - name: Build
@@ -25,7 +25,7 @@ jobs:
 
 
         - name: Checkout AWS
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+          uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
           with:
             repository: hashicorp/terraform-provider-aws
             path: aws
@@ -34,7 +34,7 @@ jobs:
           run: ${{ github.workspace }}/pike parse -d ${{ github.workspace }}/aws -name aws
 
         - name: Checkout AZURERM
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+          uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
           with:
             repository: hashicorp/terraform-provider-azurerm
             path: azurerm
@@ -43,7 +43,7 @@ jobs:
           run: ${{ github.workspace }}/pike parse -d ${{ github.workspace }}/azurerm -name azurerm
 
         - name: Generate Google
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+          uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
           with:
             repository: hashicorp/terraform-provider-google
             path: google
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 663f980a..87ceda51 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -13,7 +13,7 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
+      - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0
         with:
           stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.'
           days-before-stale: 30
diff --git a/.gitignore b/.gitignore
index 02cd7d21..3e0edec4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,6 +15,9 @@ __debug_bin.exe
 provider.azure.tf
 provider.azurerm.tf
 terraform-provider-*
+terraform-provider-azurerm/
+terraform-provider-google/
+terraform-provider-aws/
 *.pem
 *.csr
 .destination
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 107e66b9..339dca20 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -29,7 +29,7 @@ repos:
     hooks:
       - id: shell-lint
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.44.0
+    rev: v0.45.0
     hooks:
       - id: markdownlint
         exclude: src/testdata|testdata
@@ -39,7 +39,7 @@ repos:
       - id: terraform-fmt
         language_version: python3.11
   - repo: https://github.com/gruntwork-io/pre-commit
-    rev: v0.1.26
+    rev: v0.1.29
     hooks:
       - id: gofmt
       - id: goimports
diff --git a/README.md b/README.md
index 12eefcc7..a860ae57 100644
--- a/README.md
+++ b/README.md
@@ -3,17 +3,22 @@
 ![alt text](pike.jfif "Pike")
 
 [![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)](https://GitHub.com/jameswoolfenden/pike/graphs/commit-activity)
-[![Build Status](https://github.com/JamesWoolfenden/pike/workflows/CI/badge.svg?branch=master)](https://github.com/JamesWoolfenden/pike)
+[![CI](https://github.com/JamesWoolfenden/pike/actions/workflows/ci.yml/badge.svg)](https://github.com/JamesWoolfenden/pike/actions/workflows/ci.yml)
 [![Latest Release](https://img.shields.io/github/release/JamesWoolfenden/pike.svg)](https://github.com/JamesWoolfenden/pike/releases/latest)
 [![GitHub tag (latest SemVer)](https://img.shields.io/github/tag/JamesWoolfenden/pike.svg?label=latest)](https://github.com/JamesWoolfenden/pike/releases/latest)
 ![Terraform Version](https://img.shields.io/badge/tf-%3E%3D0.14.0-blue.svg)
 [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)
 [![checkov](https://img.shields.io/badge/checkov-verified-brightgreen)](https://www.checkov.io/)
 [![Github All Releases](https://img.shields.io/github/downloads/jameswoolfenden/pike/total.svg)](https://github.com/JamesWoolfenden/pike/releases)
-[![codecov](https://codecov.io/gh/JamesWoolfenden/pike/graph/badge.svg?token=S5SW3BHIQQ)](https://codecov.io/gh/JamesWoolfenden/pike)
+[![codecov](https://codecov.io/gh/JamesWoolfenden/pike/branch/master/graph/badge.svg?token=S5SW3BHIQQ)](https://codecov.io/gh/JamesWoolfenden/pike)
 [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7032/badge)](https://www.bestpractices.dev/projects/7032)
 
-Pike is a tool to determine the minimum permissions required to run a TF/IAC run:
+Pike is a tool to determine the minimum permissions required to run a TF/IAC run.
+
+**What's new?**
+- json modules support.
+- GCP compare, checks IAC permissions required versus a deployed role.
+- Backend detection S3 and GCP.
 
 Pike currently supports Terraform and supports multiple providers (AWS, GCP and AZURE);
 Azure is the newest with AWS having the most supported resources
@@ -475,6 +480,8 @@ You can see an example here <https://github.com/jamesWoolfenden/terraform-aws-ac
 
 Want to check your deployed IAM policy against your IAC requirement?
 
+This works for AWS and GCP.
+
 >$./pike compare -d ../modules/aws/terraform-aws-appsync -a arn:aws:iam::680235478471:policy/basic
 
 ```markdown
diff --git a/bump.ps1 b/bump.ps1
old mode 100644
new mode 100755
diff --git a/go.mod b/go.mod
index b62c36ce..e4e7e273 100644
--- a/go.mod
+++ b/go.mod
@@ -1,74 +1,101 @@
 module github.com/jameswoolfenden/pike
 
-go 1.23.4
+go 1.24.2
 
 require (
 	github.com/JamesWoolfenden/arn v0.2.5
-	github.com/aws/aws-sdk-go v1.55.6
-	github.com/aws/aws-sdk-go-v2 v1.33.0
-	github.com/aws/aws-sdk-go-v2/config v1.29.1
-	github.com/aws/aws-sdk-go-v2/service/iam v1.38.7
-	github.com/go-git/go-git/v5 v5.13.1
+	github.com/aws/aws-sdk-go v1.55.7
+	github.com/aws/aws-sdk-go-v2 v1.36.5
+	github.com/aws/aws-sdk-go-v2/config v1.29.17
+	github.com/aws/aws-sdk-go-v2/service/iam v1.43.0
+	github.com/go-git/go-git/v5 v5.16.2
+	github.com/google/go-cmp v0.7.0
 	github.com/google/go-github/v47 v47.1.0
 	github.com/hashicorp/go-version v1.7.0
-	github.com/hashicorp/hc-install v0.9.1
-	github.com/hashicorp/hcl/v2 v2.23.0
-	github.com/hashicorp/terraform-exec v0.22.0
+	github.com/hashicorp/hc-install v0.9.2
+	github.com/hashicorp/hcl/v2 v2.23.1-0.20250203194505-ba0759438da2
+	github.com/hashicorp/terraform-exec v0.23.0
 	github.com/jameswoolfenden/identity v0.0.5
-	github.com/rs/zerolog v1.33.0
-	github.com/urfave/cli/v2 v2.27.5
-	golang.org/x/crypto v0.35.0
-	golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8
-	golang.org/x/net v0.36.0
-	golang.org/x/oauth2 v0.25.0
+	github.com/rs/zerolog v1.34.0
+	github.com/stretchr/testify v1.10.0
+	github.com/urfave/cli/v2 v2.27.7
+	golang.org/x/crypto v0.39.0
+	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b
+	golang.org/x/net v0.41.0
+	golang.org/x/oauth2 v0.30.0
+	google.golang.org/api v0.240.0
+	gopkg.in/ini.v1 v1.67.0
 )
 
 require (
-	dario.cat/mergo v1.0.1 // indirect
+	cloud.google.com/go/auth v0.16.2 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
+	cloud.google.com/go/compute/metadata v0.7.0 // indirect
+	dario.cat/mergo v1.0.2 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
-	github.com/ProtonMail/go-crypto v1.1.5 // indirect
+	github.com/ProtonMail/go-crypto v1.3.0 // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.54 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.24 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.28 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.28 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.9 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.24.11 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.10 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.33.9 // indirect
-	github.com/aws/smithy-go v1.22.2 // indirect
-	github.com/cloudflare/circl v1.5.0 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
-	github.com/cyphar/filepath-securejoin v0.4.0 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.70 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.32 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.17 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.25.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.34.0 // indirect
+	github.com/aws/smithy-go v1.22.4 // indirect
+	github.com/cloudflare/circl v1.6.1 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
+	github.com/cyphar/filepath-securejoin v0.4.1 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/fatih/color v1.18.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-git/go-billy/v5 v5.6.2 // indirect
+	github.com/go-logr/logr v1.4.3 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/google/s2a-go v0.1.9 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
+	github.com/googleapis/gax-go/v2 v2.14.2 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
-	github.com/hashicorp/terraform-json v0.24.0 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.8 // indirect
+	github.com/hashicorp/terraform-json v0.25.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
 	github.com/pjbgf/sha1cd v0.3.2 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
-	github.com/skeema/knownhosts v1.3.0 // indirect
+	github.com/sergi/go-diff v1.4.0 // indirect
+	github.com/skeema/knownhosts v1.3.1 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
-	github.com/zclconf/go-cty v1.16.2 // indirect
-	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/sync v0.11.0 // indirect
-	golang.org/x/sys v0.30.0 // indirect
-	golang.org/x/text v0.22.0 // indirect
-	golang.org/x/tools v0.29.0 // indirect
+	github.com/zclconf/go-cty v1.16.3 // indirect
+	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 // indirect
+	go.opentelemetry.io/otel v1.37.0 // indirect
+	go.opentelemetry.io/otel/metric v1.37.0 // indirect
+	go.opentelemetry.io/otel/trace v1.37.0 // indirect
+	golang.org/x/mod v0.25.0 // indirect
+	golang.org/x/sync v0.15.0 // indirect
+	golang.org/x/sys v0.33.0 // indirect
+	golang.org/x/text v0.26.0 // indirect
+	golang.org/x/tools v0.34.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect
+	google.golang.org/grpc v1.73.0 // indirect
+	google.golang.org/protobuf v1.36.6 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
 require (
diff --git a/go.sum b/go.sum
index ce3e333a..a1abcddd 100644
--- a/go.sum
+++ b/go.sum
@@ -1,12 +1,18 @@
-dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
-dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
+cloud.google.com/go/auth v0.16.2 h1:QvBAGFPLrDeoiNjyfVunhQ10HKNYuOwZ5noee0M5df4=
+cloud.google.com/go/auth v0.16.2/go.mod h1:sRBas2Y1fB1vZTdurouM0AzuYQBMZinrUYL8EufhtEA=
+cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc=
+cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c=
+cloud.google.com/go/compute/metadata v0.7.0 h1:PBWF+iiAerVNe8UCHxdOt6eHLVc3ydFeOCw78U8ytSU=
+cloud.google.com/go/compute/metadata v0.7.0/go.mod h1:j5MvL9PprKL39t166CoB1uVHfQMs4tFQZZcKwksXUjo=
+dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
+dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
 github.com/JamesWoolfenden/arn v0.2.5 h1:5QzdBn28X0znoefzpdtD1iWKA2OlJ1hRH12jA5VomuM=
 github.com/JamesWoolfenden/arn v0.2.5/go.mod h1:mvAV1GE5qXaYKYB6uQLpaGfaVwyhorsTHRrTRpng8xo=
 github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
 github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
 github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
-github.com/ProtonMail/go-crypto v1.1.5 h1:eoAQfK2dwL+tFSFpr7TbOaPNUbPiJj4fLYwwGE1FQO4=
-github.com/ProtonMail/go-crypto v1.1.5/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
+github.com/ProtonMail/go-crypto v1.3.0 h1:ILq8+Sf5If5DCpHQp4PbZdS1J7HDFRXz/+xKBiRGFrw=
+github.com/ProtonMail/go-crypto v1.3.0/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE=
 github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo=
 github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
 github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
@@ -15,55 +21,58 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew
 github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
-github.com/aws/aws-sdk-go v1.55.6 h1:cSg4pvZ3m8dgYcgqB97MrcdjUmZ1BeMYKUxMMB89IPk=
-github.com/aws/aws-sdk-go v1.55.6/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
-github.com/aws/aws-sdk-go-v2 v1.33.0 h1:Evgm4DI9imD81V0WwD+TN4DCwjUMdc94TrduMLbgZJs=
-github.com/aws/aws-sdk-go-v2 v1.33.0/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U=
-github.com/aws/aws-sdk-go-v2/config v1.29.1 h1:JZhGawAyZ/EuJeBtbQYnaoftczcb2drR2Iq36Wgz4sQ=
-github.com/aws/aws-sdk-go-v2/config v1.29.1/go.mod h1:7bR2YD5euaxBhzt2y/oDkt3uNRb6tjFp98GlTFueRwk=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.54 h1:4UmqeOqJPvdvASZWrKlhzpRahAulBfyTJQUaYy4+hEI=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.54/go.mod h1:RTdfo0P0hbbTxIhmQrOsC/PquBZGabEPnCaxxKRPSnI=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.24 h1:5grmdTdMsovn9kPZPI23Hhvp0ZyNm5cRO+IZFIYiAfw=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.24/go.mod h1:zqi7TVKTswH3Ozq28PkmBmgzG1tona7mo9G2IJg4Cis=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.28 h1:igORFSiH3bfq4lxKFkTSYDhJEUCYo6C8VKiWJjYwQuQ=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.28/go.mod h1:3So8EA/aAYm36L7XIvCVwLa0s5N0P7o2b1oqnx/2R4g=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.28 h1:1mOW9zAUMhTSrMDssEHS/ajx8JcAj/IcftzcmNlmVLI=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.28/go.mod h1:kGlXVIWDfvt2Ox5zEaNglmq0hXPHgQFNMix33Tw22jA=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
-github.com/aws/aws-sdk-go-v2/service/iam v1.38.7 h1:MLW6hgPcmbg73uoSFPXBcVhn/E6bW1CpSBmZJoLeF4E=
-github.com/aws/aws-sdk-go-v2/service/iam v1.38.7/go.mod h1:dgsc0h/uKL5OjfHSZz6z7WhkX83BbRQ2ZxYoWYg5LbA=
-github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y=
-github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.9 h1:TQmKDyETFGiXVhZfQ/I0cCFziqqX58pi4tKJGYGFSz0=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.9/go.mod h1:HVLPK2iHQBUx7HfZeOQSEu3v2ubZaAY2YPbAm5/WUyY=
-github.com/aws/aws-sdk-go-v2/service/sso v1.24.11 h1:kuIyu4fTT38Kj7YCC7ouNbVZSSpqkZ+LzIfhCr6Dg+I=
-github.com/aws/aws-sdk-go-v2/service/sso v1.24.11/go.mod h1:Ro744S4fKiCCuZECXgOi760TiYylUM8ZBf6OGiZzJtY=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.10 h1:l+dgv/64iVlQ3WsBbnn+JSbkj01jIi+SM0wYsj3y/hY=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.10/go.mod h1:Fzsj6lZEb8AkTE5S68OhcbBqeWPsR8RnGuKPr8Todl8=
-github.com/aws/aws-sdk-go-v2/service/sts v1.33.9 h1:BRVDbewN6VZcwr+FBOszDKvYeXY1kJ+GGMCcpghlw0U=
-github.com/aws/aws-sdk-go-v2/service/sts v1.33.9/go.mod h1:f6vjfZER1M17Fokn0IzssOTMT2N8ZSq+7jnNF0tArvw=
-github.com/aws/smithy-go v1.22.2 h1:6D9hW43xKFrRx/tXXfAlIZc4JI+yQe6snnWcQyxSyLQ=
-github.com/aws/smithy-go v1.22.2/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
-github.com/cloudflare/circl v1.5.0 h1:hxIWksrX6XN5a1L2TI/h53AGPhNHoUBo+TD1ms9+pys=
-github.com/cloudflare/circl v1.5.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
+github.com/aws/aws-sdk-go v1.55.7 h1:UJrkFq7es5CShfBwlWAC8DA077vp8PyVbQd3lqLiztE=
+github.com/aws/aws-sdk-go v1.55.7/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
+github.com/aws/aws-sdk-go-v2 v1.36.5 h1:0OF9RiEMEdDdZEMqF9MRjevyxAQcf6gY+E7vwBILFj0=
+github.com/aws/aws-sdk-go-v2 v1.36.5/go.mod h1:EYrzvCCN9CMUTa5+6lf6MM4tq3Zjp8UhSGR/cBsjai0=
+github.com/aws/aws-sdk-go-v2/config v1.29.17 h1:jSuiQ5jEe4SAMH6lLRMY9OVC+TqJLP5655pBGjmnjr0=
+github.com/aws/aws-sdk-go-v2/config v1.29.17/go.mod h1:9P4wwACpbeXs9Pm9w1QTh6BwWwJjwYvJ1iCt5QbCXh8=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.70 h1:ONnH5CM16RTXRkS8Z1qg7/s2eDOhHhaXVd72mmyv4/0=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.70/go.mod h1:M+lWhhmomVGgtuPOhO85u4pEa3SmssPTdcYpP/5J/xc=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.32 h1:KAXP9JSHO1vKGCr5f4O6WmlVKLFFXgWYAGoJosorxzU=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.32/go.mod h1:h4Sg6FQdexC1yYG9RDnOvLbW1a/P986++/Y/a+GyEM8=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36 h1:SsytQyTMHMDPspp+spo7XwXTP44aJZZAC7fBV2C5+5s=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36/go.mod h1:Q1lnJArKRXkenyog6+Y+zr7WDpk4e6XlR6gs20bbeNo=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36 h1:i2vNHQiXUvKhs3quBR6aqlgJaiaexz/aNvdCktW/kAM=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36/go.mod h1:UdyGa7Q91id/sdyHPwth+043HhmP6yP9MBHgbZM0xo8=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 h1:bIqFDwgGXXN1Kpp99pDOdKMTTb5d2KyU5X/BZxjOkRo=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3/go.mod h1:H5O/EsxDWyU+LP/V8i5sm8cxoZgc2fdNR9bxlOFrQTo=
+github.com/aws/aws-sdk-go-v2/service/iam v1.43.0 h1:/ZZo3N8iU/PLsRSCjjlT/J+n4N8kqfTO7BwW1GE+G50=
+github.com/aws/aws-sdk-go-v2/service/iam v1.43.0/go.mod h1:QRtwvoAGc59uxv4vQHPKr75SLzhYCRSoETxAA98r6O4=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.4 h1:CXV68E2dNqhuynZJPB80bhPQwAKqBWVer887figW6Jc=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.4/go.mod h1:/xFi9KtvBXP97ppCz1TAEvU1Uf66qvid89rbem3wCzQ=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.17 h1:t0E6FzREdtCsiLIoLCWsYliNsRBgyGD/MCK571qk4MI=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.17/go.mod h1:ygpklyoaypuyDvOM5ujWGrYWpAK3h7ugnmKCU/76Ys4=
+github.com/aws/aws-sdk-go-v2/service/sso v1.25.5 h1:AIRJ3lfb2w/1/8wOOSqYb9fUKGwQbtysJ2H1MofRUPg=
+github.com/aws/aws-sdk-go-v2/service/sso v1.25.5/go.mod h1:b7SiVprpU+iGazDUqvRSLf5XmCdn+JtT1on7uNL6Ipc=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.3 h1:BpOxT3yhLwSJ77qIY3DoHAQjZsc4HEGfMCE4NGy3uFg=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.3/go.mod h1:vq/GQR1gOFLquZMSrxUK/cpvKCNVYibNyJ1m7JrU88E=
+github.com/aws/aws-sdk-go-v2/service/sts v1.34.0 h1:NFOJ/NXEGV4Rq//71Hs1jC/NvPs1ezajK+yQmkwnPV0=
+github.com/aws/aws-sdk-go-v2/service/sts v1.34.0/go.mod h1:7ph2tGpfQvwzgistp2+zga9f+bCjlQJPkPUmMgDSD7w=
+github.com/aws/smithy-go v1.22.4 h1:uqXzVZNuNexwc/xrh6Tb56u89WDlJY6HS+KC0S4QSjw=
+github.com/aws/smithy-go v1.22.4/go.mod h1:t1ufH5HMublsJYulve2RKmHDC15xu1f26kHCp/HgceI=
+github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
+github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
-github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0=
-github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
-github.com/cyphar/filepath-securejoin v0.4.0 h1:PioTG9TBRSApBpYGnDU8HC+miIsX8vitBH9LGNNMoLQ=
-github.com/cyphar/filepath-securejoin v0.4.0/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
+github.com/cpuguy83/go-md2man/v2 v2.0.7 h1:zbFlGlXEAKlwXpmvle3d8Oe3YnkKIK4xSRTd3sHPnBo=
+github.com/cpuguy83/go-md2man/v2 v2.0.7/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
+github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s=
+github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/elazarl/goproxy v1.2.3 h1:xwIyKHbaP5yfT6O9KIeYJR5549MXRQkoQMRXGztz8YQ=
-github.com/elazarl/goproxy v1.2.3/go.mod h1:YfEbZtqP4AetfO6d40vWchF3znWX7C7Vd6ZMfdL8z64=
+github.com/elazarl/goproxy v1.7.2 h1:Y2o6urb7Eule09PjlhQRGNsqRfPmYI3KKQLFpCAV3+o=
+github.com/elazarl/goproxy v1.7.2/go.mod h1:82vkLNir0ALaW14Rc399OTTjyNREgmdL2cVoIbS6XaE=
 github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
 github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
-github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
-github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
+github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
+github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
+github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
 github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c=
 github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
@@ -72,8 +81,13 @@ github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UN
 github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
-github.com/go-git/go-git/v5 v5.13.1 h1:DAQ9APonnlvSWpvolXWIuV6Q6zXy2wHbN4cVlNR5Q+M=
-github.com/go-git/go-git/v5 v5.13.1/go.mod h1:qryJB4cSBoq3FRoBRf5A77joojuBcmPJ0qu3XXXVixc=
+github.com/go-git/go-git/v5 v5.16.2 h1:fT6ZIOjE5iEnkzKyxTHK1W4HGAsPhqEqiSAssSO77hM=
+github.com/go-git/go-git/v5 v5.16.2/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8=
+github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
+github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68=
 github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
@@ -87,32 +101,42 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU
 github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
 github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
 github.com/google/go-github/v47 v47.1.0 h1:Cacm/WxQBOa9lF0FT0EMjZ2BWMetQ1TQfyurn4yF1z8=
 github.com/google/go-github/v47 v47.1.0/go.mod h1:VPZBXNbFSJGjyjFRUKo9vZGawTajnWzC/YjGw/oFKi0=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
+github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
+github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4=
+github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA=
+github.com/googleapis/gax-go/v2 v2.14.2 h1:eBLnkZ9635krYIPD+ag1USrOAI0Nr0QYF3+/3GqO0k0=
+github.com/googleapis/gax-go/v2 v2.14.2/go.mod h1:ON64QhlJkhVtSqp4v1uaK92VyZ2gmvDQsweuyLV+8+w=
 github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
 github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
 github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
 github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
-github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
+github.com/hashicorp/go-retryablehttp v0.7.8 h1:ylXZWnqa7Lhqpk0L1P1LzDtGcCR0rPVUrx/c8Unxc48=
+github.com/hashicorp/go-retryablehttp v0.7.8/go.mod h1:rjiScheydd+CxvumBsIrFKlx3iS0jrZ7LvzFGFmuKbw=
 github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY=
 github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
-github.com/hashicorp/hc-install v0.9.1 h1:gkqTfE3vVbafGQo6VZXcy2v5yoz2bE0+nhZXruCuODQ=
-github.com/hashicorp/hc-install v0.9.1/go.mod h1:pWWvN/IrfeBK4XPeXXYkL6EjMufHkCK5DvwxeLKuBf0=
-github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3qos=
-github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA=
-github.com/hashicorp/terraform-exec v0.22.0 h1:G5+4Sz6jYZfRYUCg6eQgDsqTzkNXV+fP8l+uRmZHj64=
-github.com/hashicorp/terraform-exec v0.22.0/go.mod h1:bjVbsncaeh8jVdhttWYZuBGj21FcYw6Ia/XfHcNO7lQ=
-github.com/hashicorp/terraform-json v0.24.0 h1:rUiyF+x1kYawXeRth6fKFm/MdfBS6+lW4NbeATsYz8Q=
-github.com/hashicorp/terraform-json v0.24.0/go.mod h1:Nfj5ubo9xbu9uiAoZVBsNOjvNKB66Oyrvtit74kC7ow=
+github.com/hashicorp/hc-install v0.9.2 h1:v80EtNX4fCVHqzL9Lg/2xkp62bbvQMnvPQ0G+OmtO24=
+github.com/hashicorp/hc-install v0.9.2/go.mod h1:XUqBQNnuT4RsxoxiM9ZaUk0NX8hi2h+Lb6/c0OZnC/I=
+github.com/hashicorp/hcl/v2 v2.23.1-0.20250203194505-ba0759438da2 h1:JP8y98OtHTujECs4s/HxlKc5yql/RlC99Dt1Iz4R+lM=
+github.com/hashicorp/hcl/v2 v2.23.1-0.20250203194505-ba0759438da2/go.mod h1:k+HgkLpoWu9OS81sy4j1XKDXaWm/rLysG33v5ibdDnc=
+github.com/hashicorp/terraform-exec v0.23.0 h1:MUiBM1s0CNlRFsCLJuM5wXZrzA3MnPYEsiXmzATMW/I=
+github.com/hashicorp/terraform-exec v0.23.0/go.mod h1:mA+qnx1R8eePycfwKkCRk3Wy65mwInvlpAeOwmA7vlY=
+github.com/hashicorp/terraform-json v0.25.0 h1:rmNqc/CIfcWawGiwXmRuiXJKEiJu1ntGoxseG1hLhoQ=
+github.com/hashicorp/terraform-json v0.25.0/go.mod h1:sMKS8fiRDX4rVlR6EJUMudg1WcanxCMoWwTLkgZP/vc=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/jameswoolfenden/identity v0.0.5 h1:y7s6+Nvk21a81eHspwTteO0HVq49nZJFmNu9V72whnY=
 github.com/jameswoolfenden/identity v0.0.5/go.mod h1:kQfxlwgjvu8RKuFzd9QeudGeypQQglBXwRLUpk3VQnA=
@@ -157,26 +181,26 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
-github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
-github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
-github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
-github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
+github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
+github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
+github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0=
+github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY=
+github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
-github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
+github.com/sergi/go-diff v1.4.0 h1:n/SP9D5ad1fORl+llWyN+D6qoUETXNZARKjyY2/KVCw=
+github.com/sergi/go-diff v1.4.0/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
-github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY=
-github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M=
+github.com/skeema/knownhosts v1.3.1 h1:X2osQ+RAjK76shCbvhHHHVl3ZlgDm8apHEHFqRjnBY8=
+github.com/skeema/knownhosts v1.3.1/go.mod h1:r7KTdC8l4uxWRyK2TpQZ/1o5HaSzh06ePQNxPwTcfiY=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w=
-github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
+github.com/urfave/cli/v2 v2.27.7 h1:bH59vdhbjLv3LAvIu6gd0usJHgoTTPhCFib8qqOwXYU=
+github.com/urfave/cli/v2 v2.27.7/go.mod h1:CyNAG/xg+iAOg0N4MPGZqVmv2rCoP267496AOXUZjA4=
 github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
 github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw=
 github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
@@ -188,36 +212,50 @@ github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDf
 github.com/yudai/pp v2.0.1+incompatible h1:Q4//iY4pNF6yPLZIigmvcl7k/bPgrcTPIFIcmawg5bI=
 github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/zclconf/go-cty v1.16.2 h1:LAJSwc3v81IRBZyUVQDUdZ7hs3SYs9jv0eZJDWHD/70=
-github.com/zclconf/go-cty v1.16.2/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
+github.com/zclconf/go-cty v1.16.3 h1:osr++gw2T61A8KVYHoQiFbFd1Lh3JOCXc/jFLJXKTxk=
+github.com/zclconf/go-cty v1.16.3/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
 github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo=
 github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM=
+go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
+go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 h1:Hf9xI/XLML9ElpiHVDNwvqI0hIFlzV8dgIr35kV1kRU=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0/go.mod h1:NfchwuyNoMcZ5MLHwPrODwUF1HWCXWrL31s8gSAdIKY=
+go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ=
+go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I=
+go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE=
+go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E=
+go.opentelemetry.io/otel/sdk v1.37.0 h1:ItB0QUqnjesGRvNcmAcU0LyvkVyGJ2xftD29bWdDvKI=
+go.opentelemetry.io/otel/sdk v1.37.0/go.mod h1:VredYzxUvuo2q3WRcDnKDjbdvmO0sCzOvVAiY+yUkAg=
+go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFhbjxHHspCPc=
+go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps=
+go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4=
+go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs=
-golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ=
-golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 h1:yqrTHse8TCMW1M1ZCP+VAR/l0kKxwaAIqN/il7x4voA=
-golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU=
+golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
+golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
+golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b h1:M2rDM6z3Fhozi9O7NWsxAkg/yqS/lQJ6PmkyIV3YP+o=
+golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b/go.mod h1:3//PLf8L/X+8b4vuAfHzxeRUl04Adcb341+IGKfnqS8=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
-golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
+golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
+golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.36.0 h1:vWF2fRbw4qslQsQzgFqZff+BItCvGFQqKzKIzx1rmoA=
-golang.org/x/net v0.36.0/go.mod h1:bFmbeoIPfrw4sMHNhb4J9f6+tPziuGjq7Jk/38fxi1I=
-golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70=
-golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw=
+golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA=
+golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
+golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
-golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
+golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -236,36 +274,50 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
-golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
+golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU=
-golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s=
+golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
+golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
-golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
+golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
+golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE=
-golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588=
+golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
+golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.240.0 h1:PxG3AA2UIqT1ofIzWV2COM3j3JagKTKSwy7L6RHNXNU=
+google.golang.org/api v0.240.0/go.mod h1:cOVEm2TpdAGHL2z+UwyS+kmlGr3bVWQQ6sYEqkKje50=
+google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 h1:1tXaIXCracvtsRxSBsYDiSBN0cuJvM7QYW+MrpIRY78=
+google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:49MsLSx0oWMOZqcpB3uL8ZOkAh1+TndpJ8ONoCBWiZk=
+google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2 h1:vPV0tzlsK6EzEDHNNH5sa7Hs9bd7iXR7B1tSiPepkV0=
+google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:pKLAc5OolXC3ViWGI62vvC0n10CpwAtRcTNCFwTKBEw=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 h1:fc6jSaCT0vBduLYZHYrBBNY4dsWuvgyff9noRNDdBeE=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
+google.golang.org/grpc v1.73.0 h1:VIWSmpI2MegBtTuFt5/JWy2oXxtjJ/e89Z70ImfD2ok=
+google.golang.org/grpc v1.73.0/go.mod h1:50sbHOUqWoCQGI8V2HQLJM0B+LMlIUjNSZmow7EVBQc=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
+google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
+gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
diff --git a/main.go b/main.go
index efdacdc8..efcc7806 100644
--- a/main.go
+++ b/main.go
@@ -32,12 +32,15 @@ func main() {
 		workflow        string
 		name            string
 		provider        string
+		outfile         string
+		policyName      string
 	)
 
 	log.Logger = log.Output(zerolog.ConsoleWriter{Out: os.Stderr})
 	app := &cli.App{
 		EnableBashCompletion: true,
 		Flags:                []cli.Flag{},
+		UsageText:            "Pike is a CLI for investigating IAM permissions",
 		Commands: []*cli.Command{
 			{
 				Name:    "make",
@@ -54,11 +57,15 @@ func main() {
 				},
 				Action: func(*cli.Context) error {
 					arn, err := pike.Make(directory)
+					if err != nil {
+						return fmt.Errorf("make failed: %w", err)
+					}
+
 					if arn != nil {
-						log.Print(*arn)
+						fmt.Print(*arn)
 					}
 
-					return fmt.Errorf("make failed: %w", err)
+					return nil
 				},
 			},
 			{
@@ -166,13 +173,25 @@ func main() {
 						Usage:       "Filter results for just this provider (e.g. aws, gcp, azure)",
 						Destination: &provider,
 					},
+					&cli.StringFlag{
+						Name: "outfile",
+						//Aliases:     []string{""},
+						Usage:       "filepath you want to write to the policy to",
+						Destination: &outfile,
+					},
+					&cli.StringFlag{
+						Name: "policyName",
+						//Aliases:     []string{""},
+						Usage:       "the name of the policy you want to write",
+						Destination: &policyName,
+					},
 				},
 				Action: func(*cli.Context) error {
 					if file == "" {
-						return pike.Scan(directory, output, nil, init, write, enableResources, provider)
+						return pike.Scan(directory, output, nil, init, write, enableResources, provider, outfile, policyName)
 					}
 
-					return pike.Scan(directory, output, &file, init, write, enableResources, provider)
+					return pike.Scan(directory, output, &file, init, write, enableResources, provider, outfile, policyName)
 				},
 			},
 			{
@@ -190,8 +209,8 @@ func main() {
 					&cli.StringFlag{
 						Name:        "arn",
 						Aliases:     []string{"a"},
-						Usage:       "Policy identifier e.g. arn",
-						Value:       "arn:aws:iam::680235478471:policy/basic",
+						Usage:       "Policy identifier e.g. arn, gcp role path",
+						Required:    true,
 						Destination: &arn,
 						EnvVars:     []string{"ARN"},
 					},
@@ -204,7 +223,14 @@ func main() {
 				},
 				Action: func(*cli.Context) error {
 					theSame, err := pike.Compare(directory, arn, init)
-					log.Print("The same: ", theSame)
+					if err != nil {
+						log.Fatal().Msg(err.Error())
+						os.Exit(1)
+					}
+
+					if !theSame {
+						os.Exit(1)
+					}
 
 					return err
 				},
diff --git a/src/aws.go b/src/aws.go
index 81adde44..bf552bdc 100644
--- a/src/aws.go
+++ b/src/aws.go
@@ -60,6 +60,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
 	"aws_api_gateway_request_validator":                                awsAPIGatewayRestAPI,
 	"aws_api_gateway_resource":                                         awsApigatewayv2Api,
 	"aws_api_gateway_rest_api":                                         awsAPIGatewayRestAPI,
+	"aws_api_gateway_rest_api_put":                                     awsAPIGatewayRestAPI,
 	"aws_api_gateway_rest_api_policy":                                  awsApigatewayv2Api,
 	"aws_api_gateway_stage":                                            awsApigatewayv2Api,
 	"aws_api_gateway_usage_plan":                                       awsApigatewayv2Api,
@@ -1509,6 +1510,35 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
 	"aws_network_interface_permission":                                 awsNetworkInterfacePermission,
 	"aws_route53_records_exclusive":                                    awsRoute53RecordsExclusive,
 	"aws_athena_capacity_reservation":                                  awsAthenaCapacityReservation,
+	"aws_redshift_integration":                                         awsRedshiftIntegration,
+	"aws_backup_restore_testing_plan":                                  awsBackupRestoreTestingPlan,
+	"aws_ec2_default_credit_specification":                             awsEc2DefaultCreditSpecification,
+	"aws_bedrockagent_prompt":                                          awsBedrockagentPrompt,
+	"aws_cloudfrontkeyvaluestore_keys_exclusive":                       awsCloudfrontkeyvaluestoreKeysExclusive,
+	"aws_dataexchange_revision_assets":                                 awsDataexchangeRevisionAssets,
+	"aws_inspector2_filter":                                            awsInspector2Filter,
+	"aws_wafv2_api_key":                                                awsWafv2ApiKey,
+	"aws_notifications_channel_association":                            awsNotificationsChannelAssociation,
+	"aws_notifications_event_rule":                                     awsNotificationsEventRule,
+	"aws_notifications_notification_configuration":                     awsNotificationsNotificationConfiguration,
+	"aws_notifications_notification_hub":                               awsNotificationsNotificationHub,
+	"aws_notificationscontacts_email_contact":                          awsNotificationscontactsEmailContact,
+	"aws_quicksight_account_settings":                                  awsQuicksightAccountSettings,
+	"aws_workspacesweb_browser_settings":                               awsWorkspaceswebBrowserSettings,
+	"aws_workspacesweb_network_settings":                               awsWorkspaceswebNetworkSettings,
+	"aws_workspacesweb_user_settings":                                  awsWorkspaceswebUserSettings,
+	"aws_dsql_cluster":                                                 awsDsqlCluster,
+	"aws_dsql_cluster_peering":                                         awsDsqlClusterPeering,
+	"aws_lightsail_bucket_access_key":                                  awsLightsailBucketAccessKey,
+	"aws_prometheus_workspace_configuration":                           awsPrometheusWorkspaceConfiguration,
+	"aws_s3control_directory_bucket_access_point_scope":                awsS3controlDirectoryBucketAccessPointScope,
+	"aws_vpc_route_server":                                             awsVpcRouteServer,
+	"aws_vpc_route_server_association":                                 placeholder,
+	"aws_vpc_route_server_propagation":                                 awsVpcRouteServerPropagation,
+	"aws_vpc_route_server_vpc_association":                             awsVpcRouteServerVpcAssociation,
+	"aws_workspacesweb_data_protection_settings":                       awsWorkspaceswebDataProtectionSettings,
+	"aws_workspacesweb_ip_access_settings":                             awsWorkspaceswebIpAccessSettings,
+	"aws_workspacesweb_user_access_logging_settings":                   awsWorkspaceswebUserAccessLoggingSettings,
 }
 
 // GetAWSPermissions for AWS resources.
diff --git a/src/aws_datasource.go b/src/aws_datasource.go
index 3941c139..f4085bb1 100644
--- a/src/aws_datasource.go
+++ b/src/aws_datasource.go
@@ -2,6 +2,7 @@ package pike
 
 //goland:noinspection GoLinter
 var tFLookupDataAWS = map[string]interface{}{
+	"backend":                                                   dataBackend,
 	"aws_acm_certificate":                                       dataAwsAcmCertificate,
 	"aws_acmpca_certificate":                                    dataAwsAcmpcaCertificate,
 	"aws_acmpca_certificate_authority":                          dataAwsAcmpcaCertificateAuthority,
@@ -593,6 +594,50 @@ var tFLookupDataAWS = map[string]interface{}{
 	"aws_workspaces_bundle":                                                 dataAwsWorkspacesBundle,
 	"aws_workspaces_directory":                                              dataAwsWorkspaceDirectory,
 	"aws_workspaces_image":                                                  dataAwsWorkspaceImage,
+	"aws_vpc_endpoint_associations":                                         dataAwsVpcEndpointAssociations,
+	"aws_fis_experiment_templates":                                          dataAwsFisExperimentTemplates,
+	"aws_kms_public_key":                                                    dataAwsKmsPublicKey,
+	"aws_lambda_function_url":                                               dataAwsLambdaFunctionUrl,
+	"aws_lambda_functions":                                                  dataAwsLambdaFunctions,
+	"aws_lambda_layer_version":                                              dataAwsLambdaLayerVersion,
+	"aws_network_interface":                                                 dataAwsNetworkInterface,
+	"aws_waf_subscribed_rule_group":                                         dataAwsWafSubscribedRuleGroup,
+	"aws_wafregional_subscribed_rule_group":                                 dataAwsWafRegionalSubscribedRuleGroup,
+	"aws_elb":                                                               dataAwsElb,
+	"aws_account_primary_contact":                                           dataAwsAccountPrimaryContact,
+	"aws_dynamodb_tables":                                                   dataAwsDynamodbTables,
+	"aws_ecr_images":                                                        dataAwsEcrImages,
+	"aws_s3_access_point":                                                   dataAwsS3AccessPoint,
+	"aws_billing_views":                                                     dataAwsBillingViews,
+	"aws_media_convert_queue":                                               dataAwsMediaConvertQueue,
+	"aws_memorydb_acl":                                                      dataAwsMemorydbAcl,
+	"aws_memorydb_cluster":                                                  dataAwsMemorydbCluster,
+	"aws_memorydb_parameter_group":                                          dataAwsMemorydbParameterGroup,
+	"aws_memorydb_snapshot":                                                 dataAwsMemorydbSnapshot,
+	"aws_memorydb_subnet_group":                                             dataAwsMemorydbSubnetGroup,
+	"aws_memorydb_user":                                                     dataAwsMemorydbUser,
+	"aws_securityhub_standards_control_associations":                        dataAwsSecurityhubStandardsControlAssociations,
+	"aws_workspaces_workspace":                                              dataAwsWorkspacesWorkspace,
+	"aws_appconfig_application":                                             dataAwsAppconfigApplication,
+	"aws_odb_cloud_autonomous_vm_cluster":                                   dataAwsOdbCloudAutonomousVmCluster,
+	"aws_odb_cloud_autonomous_vm_clusters":                                  dataAwsOdbCloudAutonomousVmClusters,
+	"aws_odb_cloud_exadata_infrastructure":                                  dataAwsOdbCloudExadataInfrastructure,
+	"aws_odb_cloud_exadata_infrastructures":                                 dataAwsOdbCloudExadataInfrastructures,
+	"aws_odb_cloud_vm_cluster":                                              dataAwsOdbCloudVmCluster,
+	"aws_odb_cloud_vm_clusters":                                             dataAwsOdbCloudVmClusters,
+	"aws_odb_db_node":                                                       dataAwsOdbDbNode,
+	"aws_odb_db_nodes":                                                      dataAwsOdbDbNodes,
+	"aws_odb_db_server":                                                     dataAwsOdbServer,
+	"aws_odb_db_servers":                                                    dataAwsOdbServers,
+	"aws_odb_db_system_shapes":                                              dataAwsOdbDbSystemShapes,
+	"aws_odb_gi_versions":                                                   dataAwsOdbGiVersions,
+	"aws_odb_network":                                                       dataAwsOdbNetwork,
+	"aws_odb_network_peering_connection":                                    dataAwsOdbNetworkPeeringConnection,
+	"aws_odb_network_peering_connections":                                   dataAwsOdbNetworkPeeringConnections,
+	"aws_odb_networks":                                                      dataAwsOdbNetworks,
+	"aws_ecrpublic_images":                                                  dataAwsEcrPublicImages,
+	"aws_rds_global_cluster":                                                dataAwsRdsGlobalCluster,
+	"aws_vpn_connection":                                                    dataAwsVpnConnection,
 }
 
 // GetAWSDataPermissions gets permissions required for datasource's.
diff --git a/src/azure_policy_test.go b/src/azure_policy_test.go
index fc5e20d9..3e4b0426 100644
--- a/src/azure_policy_test.go
+++ b/src/azure_policy_test.go
@@ -1,10 +1,8 @@
-package pike_test
+package pike
 
 import (
 	_ "embed"
 	"testing"
-
-	pike "github.com/jameswoolfenden/pike/src"
 )
 
 //nolint:funlen
@@ -55,7 +53,7 @@ func TestAZUREPolicy(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.AZUREPolicy(tt.args.permissions, tt.args.policyName)
+			got, err := AZUREPolicy(tt.args.permissions, tt.args.policyName)
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("AZUREPolicy() error = %v, wantErr %v", err, tt.wantErr)
diff --git a/src/compare.go b/src/compare.go
index 93cbd54b..f7fa0067 100644
--- a/src/compare.go
+++ b/src/compare.go
@@ -3,26 +3,213 @@ package pike
 import (
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"os"
+	"regexp"
+	"slices"
 	"strings"
 	"time"
 
 	"github.com/aws/aws-sdk-go-v2/config"
 	"github.com/aws/aws-sdk-go-v2/service/iam"
+	"github.com/google/go-cmp/cmp"
+	"github.com/rs/zerolog/log"
 	diff "github.com/yudai/gojsondiff"
 	"github.com/yudai/gojsondiff/formatter"
+	gcpiam "google.golang.org/api/iam/v1"
+	"google.golang.org/api/serviceusage/v1"
 )
 
+// Replace hardcoded values with constants
+const (
+	defaultTimeout   = 30 * time.Second
+	gcpIAMAPIName    = "iam.googleapis.com"
+	awsARNPrefix     = "arn:"
+	gcpProjectPrefix = "projects/"
+)
+
+type invalidCloudError struct {
+	arn string
+}
+
+func (e *invalidCloudError) Error() string {
+	return fmt.Sprintf("Invalid Cloud: %v", e.arn)
+}
+
 // Compare IAC codebase to AWS policy.
 func Compare(directory string, arn string, init bool) (bool, error) {
-	valid, err := inputValidationCompare(directory, arn)
+	var result bool
+
+	result, err := inputValidationCompare(directory, arn)
 	if err != nil {
-		return valid, &inputValidationError{err}
+		log.Error().Msgf("Failed to validate input %v", err)
+		return false, &inputValidationError{err: err}
+	}
+
+	switch getCloudFromRole(arn) {
+	case "aws":
+		{
+			result, err = compareAWSRole(directory, arn, init)
+		}
+	case "gcp":
+		{
+			result, err = compareGCPRole(directory, arn, init)
+		}
+	default:
+		{
+			err = &invalidCloudError{arn}
+		}
+	}
+
+	return result, err
+}
+
+func getCloudFromRole(arn string) string {
+
+	var result string
+
+	if strings.Contains(arn, "arn:") {
+		result = "aws"
+	} else if strings.Contains(arn, "projects") {
+		result = "gcp"
+	} else {
+		result = "unknown"
+	}
+
+	return result
+}
+
+type apiNotFoundError struct {
+	API string
+}
+
+func (m *apiNotFoundError) Error() string {
+	return fmt.Sprintf("API %s not found", m.API)
+}
+
+type apiNotEnabledError struct {
+	API string
+}
+
+func (m *apiNotEnabledError) Error() string {
+	return fmt.Sprintf("API %s not enabled", m.API)
+}
+
+func compareGCPRole(directory string, arn string, init bool) (bool, error) {
+	// The resource name of the role in one of the following formats:
+	// `roles/{ROLE_NAME}`
+	// `organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
+	// `projects/{PROJECT_ID}/roles/{ROLE_NAME}`
+	err := verifyGCPRole(arn)
+
+	if err != nil {
+		return false, &gcpRoleNotVerified{arn}
+	}
+
+	iacPolicy, err := makePermissionBag(directory, nil, init, "")
+	if err != nil {
+		return false, &getIAMVersionError{err}
+	}
+
+	var projectID *string
+	projectID, err = GetEnv("GCP_PROJECT")
+
+	if err != nil {
+		return false, &EnvVariableNotSetError{"GCP_PROJECT"}
+	}
+
+	var API string
+	API = gcpIAMAPIName
+
+	enabled, err := isGCPAPIEnabled(*projectID, API)
+
+	if err != nil {
+		return enabled, &apiNotFoundError{API}
+	}
+
+	if !enabled {
+		return enabled, &apiNotEnabledError{API}
 	}
 
-	// Load the Shared AWS Configuration (~/.aws/config)
 	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	defer cancel()
+
+	iamService, err := gcpiam.NewService(ctx)
+	if err != nil {
+		return false, &iamServiceError{err}
+	}
+
+	Roles, err := iamService.Roles.Get(arn).Context(ctx).Do()
+
+	if Roles == nil {
+		return false, &gcpRoleNotFound{arn}
+	}
+
+	if err != nil {
+		return false, &gcpIAMRoleError{err}
+	}
+
+	return compareGCPPolicy(Roles, iacPolicy), nil
+}
+
+func compareGCPPolicy(Roles *gcpiam.Role, iacPolicy Sorted) bool {
+	slices.Sort(Roles.IncludedPermissions)
+	slices.Sort(iacPolicy.GCP)
+
+	results := cmp.Diff(Unique(Roles.IncludedPermissions), Unique(iacPolicy.GCP))
+	if results != "" {
+		replacer := strings.NewReplacer("[]string{", "", "}", "")
+		results = replacer.Replace(results)
+		fmt.Print("Policy Comparison mismatch mismatch (-excess +needs):")
+		fmt.Print(results)
+		return false
+	}
+	return true
+}
+
+type gcpIAMRoleError struct {
+	err error
+}
+
+func (m *gcpIAMRoleError) Error() string {
+	return fmt.Sprintf("IAM Role Error: %v", m.err)
+}
+
+type gcpRoleNotFound struct {
+	role string
+}
+
+func (e *gcpRoleNotFound) Error() string {
+	return fmt.Sprintf("IAM Role Error: %v", e.role)
+}
+
+type iamServiceError struct {
+	err error
+}
+
+func (m *iamServiceError) Error() string {
+	return m.err.Error()
+}
+
+func isGCPAPIEnabled(projectID string, want string) (bool, error) {
+	enabledAPIs, err := listEnabledAPIs(projectID)
+
+	if err != nil || enabledAPIs == nil {
+		log.Error().Msgf("Failed to list enabled APIs %v", err)
+	}
+
+	if !slices.Contains(enabledAPIs, want) {
+		return false, errors.New("API not enabled")
+	}
+
+	return true, nil
+}
+
+func compareAWSRole(directory string, arn string, init bool) (bool, error) {
+
+	// Load the Shared AWS Configuration (~/.aws/config)
+	ctx, cancel := context.WithTimeout(context.Background(), defaultTimeout)
 
 	defer cancel()
 
@@ -43,7 +230,7 @@ func Compare(directory string, arn string, init bool) (bool, error) {
 		return false, &getPolicyVersionError{err}
 	}
 
-	iacPolicy, err := MakePolicy(directory, nil, init, false, "")
+	iacPolicy, err := MakePolicy(directory, nil, init, false, "", "")
 	if err != nil {
 		return false, &getIAMVersionError{err}
 	}
@@ -61,22 +248,26 @@ func Compare(directory string, arn string, init bool) (bool, error) {
 
 func inputValidationCompare(directory string, arn string) (bool, error) {
 	if directory == "" {
+		log.Error().Msg("Directory cannot be empty")
 		return false, &emptyDirectoryError{}
 	}
 
-	if _, err := os.Stat(directory); os.IsNotExist(err) {
-		return false, &directoryNotFoundError{directory}
-	}
-
 	if arn == "" {
+		log.Error().Msg("ARN cannot be empty")
 		return false, &arnEmptyError{}
 	}
 
-	if !strings.HasPrefix(arn, "arn:") {
+	if _, err := os.Stat(directory); os.IsNotExist(err) {
+		log.Error().Msgf("Directory %s does not exist", directory)
+		return false, &directoryNotFoundError{directory}
+	}
+
+	if !strings.HasPrefix(arn, awsARNPrefix) && !strings.HasPrefix(arn, gcpProjectPrefix) {
+		log.Error().Msgf("Invalid ARN %s cant determine cloud in use", arn)
 		return false, &invalidARNError{arn}
 	}
 
-	return false, nil
+	return true, nil
 }
 
 type compareDifferenceError struct {
@@ -135,3 +326,72 @@ func showDifferences(policy string, compare diff.Diff) (bool, error) {
 
 	return false, nil
 }
+
+func listEnabledAPIs(projectID string) ([]string, error) {
+	ctx := context.Background()
+	serviceUsageService, err := serviceusage.NewService(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create Service Usage client: %v", err)
+	}
+
+	parent := fmt.Sprintf("projects/%s", projectID)
+	req := serviceUsageService.Services.List(parent).Filter("state:ENABLED")
+
+	var services []string
+	if err := req.Pages(ctx, func(page *serviceusage.ListServicesResponse) error {
+		for _, service := range page.Services {
+			services = append(services, service.Config.Name)
+		}
+		return nil
+	}); err != nil {
+		return nil, fmt.Errorf("failed to list services: %v", err)
+	}
+
+	return services, nil
+}
+
+type arnNotVerified struct {
+	arn string
+}
+
+func (e *arnNotVerified) Error() string {
+	fmt.Print("ARN must be in the following format:")
+	fmt.Print("arn:aws:iam::123456789012:role/role-name")
+	return fmt.Sprintf("ARN %s not verified", e.arn)
+}
+
+type gcpRoleNotVerified struct {
+	role string
+}
+
+func (e *gcpRoleNotVerified) Error() string {
+	fmt.Print(
+		`The resource name of the role in one of the following formats:
+        roles/{ROLE_NAME}
+        organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}
+        projects/{PROJECT_ID}/roles/{ROLE_NAME}`)
+	return e.role
+}
+
+func verifyGCPRole(role string) error {
+	r, err := regexp.Compile("projects/(.*\\S)/roles/(.*\\S)")
+	// Regex should be compiled once as package variable
+	if err == nil {
+		if r.MatchString(role) {
+			return nil
+		}
+	}
+
+	return &gcpRoleNotVerified{role}
+}
+
+func verifyAWSARN(ARN string) error {
+	r, err := regexp.Compile("arn:aws:iam::(.*\\S):role/(.*\\S)")
+	// Regex should be compiled once as package variable
+	if err == nil {
+		if r.MatchString(ARN) {
+			return nil
+		}
+	}
+	return &arnNotVerified{ARN}
+}
diff --git a/src/compare_internal_test.go b/src/compare_internal_test.go
new file mode 100644
index 00000000..c213f8e5
--- /dev/null
+++ b/src/compare_internal_test.go
@@ -0,0 +1,442 @@
+package pike
+
+import (
+	"errors"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	diff "github.com/yudai/gojsondiff"
+	gcpiam "google.golang.org/api/iam/v1"
+)
+
+type mockDiff struct {
+	diff.Diff
+}
+
+func (m mockDiff) Modified() bool {
+	return true
+}
+
+func TestCompareIAMPolicy(t *testing.T) {
+	t.Parallel()
+
+	type args struct {
+		Policy    string
+		OldPolicy string
+	}
+
+	tests := []struct {
+		name    string
+		args    args
+		want    bool
+		wantErr bool
+	}{
+		{
+			"same",
+			args{
+				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
+				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
+			},
+			true,
+			false,
+		},
+		{
+			"different",
+			args{
+				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
+				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:bogus\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
+			},
+			false,
+			false,
+		},
+		{
+			"not-json",
+			args{
+				"guff",
+				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:bogus\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
+			},
+			false,
+			true,
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			got, err := compareIAMPolicy(tt.args.Policy, tt.args.OldPolicy)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("CompareIAMPolicy() error = %v, wantErr %v", err, tt.wantErr)
+
+				return
+			}
+			if got != tt.want {
+				t.Errorf("CompareIAMPolicy() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestShowDifferences(t *testing.T) {
+	tests := []struct {
+		name        string
+		policy      string
+		diff        diff.Diff
+		wantBool    bool
+		wantErr     bool
+		description string
+	}{
+		{
+			name:        "Invalid JSON policy",
+			policy:      `{invalid-json}`,
+			diff:        &mockDiff{},
+			wantBool:    false,
+			wantErr:     true,
+			description: "Should return error for invalid JSON",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			gotBool, err := showDifferences(tt.policy, tt.diff)
+
+			if (err != nil) != tt.wantErr {
+				t.Errorf("ShowDifferences() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+
+			if gotBool != tt.wantBool {
+				t.Errorf("ShowDifferences() = %v, want %v", gotBool, tt.wantBool)
+			}
+		})
+	}
+}
+
+func TestInputValidationCompare(t *testing.T) {
+	// Create a temporary directory for testing
+	tmpDir, err := os.MkdirTemp("", "pike-test-*")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	tests := []struct {
+		name      string
+		directory string
+		arn       string
+		wantBool  bool
+		wantErr   error
+	}{
+		{
+			name:      "empty directory",
+			directory: "",
+			arn:       "arn:aws:iam::123456789012:policy/test",
+			wantBool:  false,
+			wantErr:   &emptyDirectoryError{},
+		},
+		{
+			name:      "non-existent directory",
+			directory: filepath.Join(tmpDir, "nonexistent"),
+			arn:       "arn:aws:iam::123456789012:policy/test",
+			wantBool:  false,
+			wantErr:   &directoryNotFoundError{filepath.Join(tmpDir, "nonexistent")},
+		},
+		{
+			name:      "empty ARN",
+			directory: tmpDir,
+			arn:       "",
+			wantBool:  false,
+			wantErr:   &arnEmptyError{},
+		},
+		{
+			name:      "invalid ARN format",
+			directory: tmpDir,
+			arn:       "invalid:arn",
+			wantBool:  false,
+			wantErr:   &invalidARNError{"invalid:arn"},
+		},
+		{
+			name:      "valid inputs",
+			directory: tmpDir,
+			arn:       "arn:aws:iam::123456789012:policy/test",
+			wantBool:  true,
+			wantErr:   nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			gotBool, gotErr := inputValidationCompare(tt.directory, tt.arn)
+			if gotBool != tt.wantBool {
+				t.Errorf("inputValidationCompare() bool = %v, want %v", gotBool, tt.wantBool)
+			}
+			if (gotErr == nil && tt.wantErr != nil) || (gotErr != nil && tt.wantErr == nil) {
+				t.Errorf("inputValidationCompare() error = %v, want %v", gotErr, tt.wantErr)
+			}
+			if gotErr != nil && tt.wantErr != nil && gotErr.Error() != tt.wantErr.Error() {
+				t.Errorf("inputValidationCompare() error = %v, want %v", gotErr, tt.wantErr)
+			}
+		})
+	}
+}
+
+func TestGetCloudFromRole(t *testing.T) {
+	tests := []struct {
+		name     string
+		arn      string
+		expected string
+	}{
+		{
+			name:     "AWS ARN",
+			arn:      "arn:aws:iam::123456789012:role/MyRole",
+			expected: "aws",
+		},
+		{
+			name:     "GCP project role",
+			arn:      "projects/my-project/roles/my-role",
+			expected: "gcp",
+		},
+		{
+			name:     "Unknown format",
+			arn:      "invalid-role-format",
+			expected: "unknown",
+		},
+		{
+			name:     "Empty string",
+			arn:      "",
+			expected: "unknown",
+		},
+		{
+			name:     "Partial AWS ARN",
+			arn:      "arn:something",
+			expected: "aws",
+		},
+		{
+			name:     "Partial GCP format",
+			arn:      "projects/test",
+			expected: "gcp",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := getCloudFromRole(tt.arn)
+			assert.Equal(t, tt.expected, result)
+		})
+	}
+}
+
+func TestVerifyGCPRole(t *testing.T) {
+	tests := []struct {
+		name        string
+		role        string
+		expectError bool
+	}{
+		{
+			name:        "valid GCP role format",
+			role:        "projects/my-project/roles/my-custom-role",
+			expectError: false,
+		},
+		{
+			name:        "valid GCP role with numbers and hyphens",
+			role:        "projects/my-project-123/roles/custom-role-456",
+			expectError: false,
+		},
+		{
+			name:        "valid GCP role with underscores",
+			role:        "projects/my_project/roles/my_role",
+			expectError: false,
+		},
+		{
+			name:        "invalid role - missing projects prefix",
+			role:        "my-project/roles/my-role",
+			expectError: true,
+		},
+		{
+			name:        "invalid role - missing roles section",
+			role:        "projects/my-project/my-role",
+			expectError: true,
+		},
+		{
+			name:        "invalid role - empty project name",
+			role:        "projects//roles/my-role",
+			expectError: true,
+		},
+		{
+			name:        "invalid role - empty role name",
+			role:        "projects/my-project/roles/",
+			expectError: true,
+		},
+		{
+			name:        "invalid role - completely empty",
+			role:        "",
+			expectError: true,
+		},
+		{
+			name:        "invalid role - wrong format",
+			role:        "organizations/123456789/roles/my-role",
+			expectError: true,
+		},
+		{
+			name:        "invalid role - predefined role format",
+			role:        "roles/viewer",
+			expectError: true,
+		},
+		{
+			name:        "invalid role - trailing whitespace in project",
+			role:        "projects/my-project /roles/my-role",
+			expectError: true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := verifyGCPRole(tt.role)
+
+			if tt.expectError {
+				if err == nil {
+					t.Errorf("expected error for role %q, but got nil", tt.role)
+				} else {
+					// Verify it's the correct error type
+					if _, ok := err.(*gcpRoleNotVerified); !ok {
+						t.Errorf("expected gcpRoleNotVerified error type, got %T", err)
+					}
+				}
+			} else {
+				if err != nil {
+					t.Errorf("expected no error for role %q, but got: %v", tt.role, err)
+				}
+			}
+		})
+	}
+}
+
+func TestVerifyGCPRole_ErrorMessage(t *testing.T) {
+	invalidRole := "invalid-role-format"
+	err := verifyGCPRole(invalidRole)
+
+	if err == nil {
+		t.Fatal("expected error but got nil")
+	}
+
+	gcpErr, ok := err.(*gcpRoleNotVerified)
+	if !ok {
+		t.Fatalf("expected gcpRoleNotVerified error type, got %T", err)
+	}
+
+	if gcpErr.role != invalidRole {
+		t.Errorf("expected error to contain role %q, got %q", invalidRole, gcpErr.role)
+	}
+}
+
+func Test_gcpIAMRoleError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"invoke", fields{err: &gcpRoleNotVerified{role: "test"}}, "IAM Role Error: test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &gcpIAMRoleError{
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_gcpRoleNotFound_Error(t *testing.T) {
+	type fields struct {
+		role string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"Invoke", fields{role: "test"}, "IAM Role Error: test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &gcpRoleNotFound{
+				role: tt.fields.role,
+			}
+			assert.Equalf(t, tt.want, e.Error(), "Error()")
+		})
+	}
+}
+
+func Test_compareDifferenceError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"Invoke", fields{errors.New("test")}, "compare difference failed: test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &compareDifferenceError{
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_iamServiceError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"invoke", fields{errors.New("test")}, "test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &iamServiceError{
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_compareGCPPolicy(t *testing.T) {
+	type args struct {
+		Roles     *gcpiam.Role
+		iacPolicy Sorted
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{"Pass",
+			args{Roles: &gcpiam.Role{IncludedPermissions: []string{"Fred"}},
+				iacPolicy: Sorted{GCP: []string{"Fred"}}},
+			true},
+		{"False",
+			args{Roles: &gcpiam.Role{IncludedPermissions: []string{"Fred"}},
+				iacPolicy: Sorted{GCP: []string{"Jane"}}},
+			false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			assert.Equalf(t, tt.want, compareGCPPolicy(tt.args.Roles, tt.args.iacPolicy), "compareGCPPolicy(%v, %v)", tt.args.Roles, tt.args.iacPolicy)
+		})
+	}
+}
diff --git a/src/compare_test.go b/src/compare_test.go
index 7db6cbd4..11237457 100644
--- a/src/compare_test.go
+++ b/src/compare_test.go
@@ -4,27 +4,20 @@ package pike
 
 import (
 	"os"
-	"path/filepath"
+	"reflect"
 	"testing"
-
-	diff "github.com/yudai/gojsondiff"
 )
 
-type mockDiff struct {
-	diff.Diff
-}
-
-func (m mockDiff) Modified() bool {
-	return true
-}
-
-func TestCompareIAMPolicy(t *testing.T) {
+func TestCompare(t *testing.T) {
 	t.Parallel()
 
 	type args struct {
-		Policy    string
-		OldPolicy string
+		directory string
+		arn       string
+		init      bool
 	}
+	os.Setenv("AWS_DEFAULT_PROFILE", "personal")
+	os.Setenv("GCP_PROJECT", "pike-412922")
 
 	tests := []struct {
 		name    string
@@ -32,194 +25,127 @@ func TestCompareIAMPolicy(t *testing.T) {
 		want    bool
 		wantErr bool
 	}{
-		{
-			"same",
-			args{
-				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
-				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
-			},
-			true,
-			false,
-		},
-		{
-			"different",
-			args{
-				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
-				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:bogus\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
-			},
-			false,
-			false,
-		},
-		{
-			"not-json",
-			args{
-				"guff",
-				"{\"Statement\":[{\"Action\":[\"cognito-idp:ListUserPoolClients\",\"cognito-idp:GetSigningCertificate\",\"cognito-idp:bogus\",\"cognito-idp:DescribeUserPoolClient\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"0\"}],\"Version\":\"2012-10-17\"}",
-			},
-			false,
-			true,
-		},
+		{"fail arn is empty", args{"./testdata/init/nicconf", "", false}, false, true},
+		{"fail arn is not policy", args{"./testdata/init/nicconf", "arn:aws:iam::680235478471:user/readonly", false}, false, true},
+		{"works but fails", args{"./testdata/init/nicconf", "arn:aws:iam::680235478471:policy/allows3", false}, false, false},
+		//code is not aws
+		{"gcp-basic-fail", args{"./testdata/gcp/basic", "basic", false}, false, true},
+		{"gcp-basic-exist-fail", args{"./testdata/gcp/basic", "projects/pike-412922/roles/terraform_pike", false}, false, false},
 	}
 
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
-			got, err := compareIAMPolicy(tt.args.Policy, tt.args.OldPolicy)
+			got, err := Compare(tt.args.directory, tt.args.arn, tt.args.init)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("CompareIAMPolicy() error = %v, wantErr %v", err, tt.wantErr)
-
+				t.Errorf("Compare() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			if got != tt.want {
-				t.Errorf("CompareIAMPolicy() = %v, want %v", got, tt.want)
+				t.Errorf("Compare() got = %v, want %v", got, tt.want)
 			}
 		})
 	}
 }
 
-func TestCompare(t *testing.T) {
-	t.Parallel()
-
+func Test_listEnabledAPIs(t *testing.T) {
 	type args struct {
-		directory string
-		arn       string
-		init      bool
+		projectID string
 	}
-
 	tests := []struct {
 		name    string
 		args    args
-		want    bool
+		want    []string
 		wantErr bool
 	}{
-		{"fail arn is empty", args{"./testdata/init/nicconf", "", false}, false, true},
-		{"fail arn is not policy", args{"./testdata/init/nicconf", "arn:aws:iam::680235478471:user/readonly", false}, false, true},
-		{"pass", args{"./testdata/init/nicconf", "arn:aws:iam::680235478471:policy/testdata", false}, true, false},
+		{"All", args{"pike-"}, nil, true},
+		{"Enabled", args{"488072219970"}, []string{"analyticshub.googleapis.com",
+			"artifactregistry.googleapis.com", "autoscaling.googleapis.com", "bigquery.googleapis.com",
+			"bigqueryconnection.googleapis.com", "bigquerydatapolicy.googleapis.com", "bigquerymigration.googleapis.com",
+			"bigqueryreservation.googleapis.com", "bigquerystorage.googleapis.com", "bigtable.googleapis.com",
+			"bigtableadmin.googleapis.com", "cloudapis.googleapis.com", "cloudbuild.googleapis.com",
+			"cloudfunctions.googleapis.com", "cloudkms.googleapis.com", "cloudresourcemanager.googleapis.com",
+			"cloudtrace.googleapis.com", "composer.googleapis.com", "compute.googleapis.com", "container.googleapis.com",
+			"containerfilesystem.googleapis.com", "containerregistry.googleapis.com", "dataform.googleapis.com",
+			"dataplex.googleapis.com", "datastore.googleapis.com", "dns.googleapis.com", "gkebackup.googleapis.com",
+			"iam.googleapis.com", "iamcredentials.googleapis.com", "logging.googleapis.com", "monitoring.googleapis.com",
+			"networkconnectivity.googleapis.com", "oslogin.googleapis.com", "pubsub.googleapis.com", "run.googleapis.com",
+			"servicehealth.googleapis.com", "servicemanagement.googleapis.com", "serviceusage.googleapis.com",
+			"source.googleapis.com", "sql-component.googleapis.com", "sqladmin.googleapis.com", "storage-api.googleapis.com",
+			"storage-component.googleapis.com",
+			"storage.googleapis.com"}, false},
 	}
-
 	for _, tt := range tests {
-		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
-			t.Parallel()
-			got, err := Compare(tt.args.directory, tt.args.arn, tt.args.init)
+			got, err := listEnabledAPIs(tt.args.projectID)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("Compare() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("listEnabledAPIs() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
-			if got != tt.want {
-				t.Errorf("Compare() got = %v, want %v", got, tt.want)
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("listEnabledAPIs() got = %v, want %v", got, tt.want)
 			}
 		})
 	}
 }
 
-func TestShowDifferences(t *testing.T) {
+func Test_compareGCPRole(t *testing.T) {
+	type args struct {
+		directory string
+		arn       string
+		init      bool
+	}
+
+	os.Setenv("GCP_PROJECT", "pike-412922")
 	tests := []struct {
-		name        string
-		policy      string
-		diff        diff.Diff
-		wantBool    bool
-		wantErr     bool
-		description string
+		name    string
+		args    args
+		want    bool
+		wantErr bool
 	}{
-		//{
-		//	name:        "Valid policy and diff",
-		//	policy:      `{"Version": "2012-10-17", "Statement": [{"Effect": "Allow"}]}`,
-		//	diff:        &mockDiff{},
-		//	wantBool:    false,
-		//	wantErr:     false,
-		//	description: "Should successfully format and display differences",
-		//},
-		{
-			name:        "Invalid JSON policy",
-			policy:      `{invalid-json}`,
-			diff:        &mockDiff{},
-			wantBool:    false,
-			wantErr:     true,
-			description: "Should return error for invalid JSON",
-		},
+		{"pass", args{"./testdata/gcp/basic", "projects/pike-412922/roles/terraform_pike", false}, false, false},
 	}
-
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			gotBool, err := showDifferences(tt.policy, tt.diff)
-
+			got, err := compareGCPRole(tt.args.directory, tt.args.arn, tt.args.init)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("ShowDifferences() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("compareGCPRole() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
-
-			if gotBool != tt.wantBool {
-				t.Errorf("ShowDifferences() = %v, want %v", gotBool, tt.wantBool)
+			if got != tt.want {
+				t.Errorf("compareGCPRole() got = %v, want %v", got, tt.want)
 			}
 		})
 	}
 }
 
-func TestInputValidationCompare(t *testing.T) {
-	// Create a temporary directory for testing
-	tmpDir, err := os.MkdirTemp("", "pike-test-*")
-	if err != nil {
-		t.Fatal(err)
+func TestVerifyRole(t *testing.T) {
+	type args struct {
+		role string
 	}
-	defer os.RemoveAll(tmpDir)
-
 	tests := []struct {
-		name      string
-		directory string
-		arn       string
-		wantBool  bool
-		wantErr   error
+		name    string
+		args    args
+		want    bool
+		wantErr bool
 	}{
-		{
-			name:      "empty directory",
-			directory: "",
-			arn:       "arn:aws:iam::123456789012:policy/test",
-			wantBool:  false,
-			wantErr:   &emptyDirectoryError{},
-		},
-		{
-			name:      "non-existent directory",
-			directory: filepath.Join(tmpDir, "nonexistent"),
-			arn:       "arn:aws:iam::123456789012:policy/test",
-			wantBool:  false,
-			wantErr:   &directoryNotFoundError{filepath.Join(tmpDir, "nonexistent")},
-		},
-		{
-			name:      "empty ARN",
-			directory: tmpDir,
-			arn:       "",
-			wantBool:  false,
-			wantErr:   &arnEmptyError{},
-		},
-		{
-			name:      "invalid ARN format",
-			directory: tmpDir,
-			arn:       "invalid:arn",
-			wantBool:  false,
-			wantErr:   &invalidARNError{},
-		},
-		{
-			name:      "valid inputs",
-			directory: tmpDir,
-			arn:       "arn:aws:iam::123456789012:policy/test",
-			wantBool:  false,
-			wantErr:   nil,
-		},
+		{"Fail", args{"projectsmine/duff/roles/mine"}, false, true},
+		{"Fail2", args{"projects/duff/noroles/mine"}, false, true},
+		{"Fail3", args{"projects/duff/roles"}, false, true},
+		{"Fail4", args{"projects/roles/a"}, false, true},
+		{"Fail5", args{"mine/duff/roles/mine"}, false, true},
+
+		{"Pass", args{"projects/a/roles/a"}, false, false},
+		{"Pass2", args{"projects/duff/roles/mine"}, false, false},
+		{"Pass3", args{role: "projects/pike-412922/roles/terraform_pike"}, false, false},
 	}
-
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			gotBool, gotErr := inputValidationCompare(tt.directory, tt.arn)
-			if gotBool != tt.wantBool {
-				t.Errorf("inputValidationCompare() bool = %v, want %v", gotBool, tt.wantBool)
-			}
-			if (gotErr == nil && tt.wantErr != nil) || (gotErr != nil && tt.wantErr == nil) {
-				t.Errorf("inputValidationCompare() error = %v, want %v", gotErr, tt.wantErr)
-			}
-			if gotErr != nil && tt.wantErr != nil && gotErr.Error() != tt.wantErr.Error() {
-				t.Errorf("inputValidationCompare() error = %v, want %v", gotErr, tt.wantErr)
+			err := verifyGCPRole(tt.args.role)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("VerifyRole() error = %v, wantErr %v", err, tt.wantErr)
+				return
 			}
 		})
 	}
diff --git a/src/coverage/aws.md b/src/coverage/aws.md
index 94044100..91a8c024 100644
--- a/src/coverage/aws.md
+++ b/src/coverage/aws.md
@@ -1,4 +1,72 @@
-# todo aws
+# AWS Resource Status
 
-Resource percentage coverage   99.93
-Datasource percentage coverage 99.31
+| Terraform  | Coverage % | Resources | Total Resources |
+|------------|------------|-----------|-----------------|
+| Resources  | 95.96      |  1498       |  1561            |
+| Datasource | 100.00      |   628       |   628             |
+
+```shell
+./resource.ps1 aws_appsync_api
+./resource.ps1 aws_appsync_channel_namespace
+./resource.ps1 aws_bedrockagent_flow
+./resource.ps1 aws_bedrockagentcore_agent_runtime
+./resource.ps1 aws_bedrockagentcore_agent_runtime_endpoint
+./resource.ps1 aws_bedrockagentcore_api_key_credential_provider
+./resource.ps1 aws_bedrockagentcore_browser
+./resource.ps1 aws_bedrockagentcore_code_interpreter
+./resource.ps1 aws_bedrockagentcore_gateway
+./resource.ps1 aws_bedrockagentcore_gateway_target
+./resource.ps1 aws_bedrockagentcore_memory
+./resource.ps1 aws_bedrockagentcore_memory_strategy
+./resource.ps1 aws_bedrockagentcore_oauth2_credential_provider
+./resource.ps1 aws_bedrockagentcore_token_vault_cmk
+./resource.ps1 aws_bedrockagentcore_workload_identity
+./resource.ps1 aws_cognito_log_delivery_configuration
+./resource.ps1 aws_cognito_managed_login_branding
+./resource.ps1 aws_connect_phone_number_contact_flow_association
+./resource.ps1 aws_controltower_baseline
+./resource.ps1 aws_ec2_allowed_images_settings
+./resource.ps1 aws_fis_target_account_configuration
+./resource.ps1 aws_fsx_s3_access_point_attachment
+./resource.ps1 aws_invoicing_invoice_unit
+./resource.ps1 aws_lakeformation_identity_center_configuration
+./resource.ps1 aws_lakeformation_lf_tag_expression
+./resource.ps1 aws_nat_gateway_eip_association
+./resource.ps1 aws_networkfirewall_firewall_transit_gateway_attachment_accepter
+./resource.ps1 aws_networkfirewall_vpc_endpoint_association
+./resource.ps1 aws_networkflowmonitor_monitor
+./resource.ps1 aws_networkflowmonitor_scope
+./resource.ps1 aws_observabilityadmin_centralization_rule_for_organization
+./resource.ps1 aws_odb_cloud_autonomous_vm_cluster
+./resource.ps1 aws_odb_cloud_exadata_infrastructure
+./resource.ps1 aws_odb_cloud_vm_cluster
+./resource.ps1 aws_odb_network
+./resource.ps1 aws_odb_network_peering_connection
+./resource.ps1 aws_prometheus_query_logging_configuration
+./resource.ps1 aws_prometheus_resource_policy
+./resource.ps1 aws_quicksight_custom_permissions
+./resource.ps1 aws_quicksight_ip_restriction
+./resource.ps1 aws_quicksight_key_registration
+./resource.ps1 aws_quicksight_role_custom_permission
+./resource.ps1 aws_quicksight_user_custom_permission
+./resource.ps1 aws_s3_bucket_metadata_configuration
+./resource.ps1 aws_timestreaminfluxdb_db_cluster
+./resource.ps1 aws_transfer_host_key
+./resource.ps1 aws_transfer_web_app
+./resource.ps1 aws_transfer_web_app_customization
+./resource.ps1 aws_vpc_route_server_endpoint
+./resource.ps1 aws_vpc_route_server_peer
+./resource.ps1 aws_wafv2_web_acl_rule_group_association
+./resource.ps1 aws_workspacesweb_browser_settings_association
+./resource.ps1 aws_workspacesweb_data_protection_settings_association
+./resource.ps1 aws_workspacesweb_identity_provider
+./resource.ps1 aws_workspacesweb_ip_access_settings_association
+./resource.ps1 aws_workspacesweb_network_settings_association
+./resource.ps1 aws_workspacesweb_portal
+./resource.ps1 aws_workspacesweb_session_logger
+./resource.ps1 aws_workspacesweb_session_logger_association
+./resource.ps1 aws_workspacesweb_trust_store
+./resource.ps1 aws_workspacesweb_trust_store_association
+./resource.ps1 aws_workspacesweb_user_access_logging_settings_association
+./resource.ps1 aws_workspacesweb_user_settings_association
+```
diff --git a/src/coverage/azure.md b/src/coverage/azure.md
index 63a230f7..c991e42e 100755
--- a/src/coverage/azure.md
+++ b/src/coverage/azure.md
@@ -1,8 +1,11 @@
-# todo azure
+# Azure Resource Status
 
-Resource percentage coverage   4.52
-Datasource percentage coverage 35.06
+| Terraform  | Coverage % | Resources | Total Resources |
+|------------|------------|-----------|-----------------|
+| Resources  | 4.39      |    49       |  1115            |
+| Datasource | 30.65      |   122       |   398             |
 
+```shell
 ./resource.ps1 azurerm_aadb2c_directory
 ./resource.ps1 azurerm_active_directory_domain_service
 ./resource.ps1 azurerm_active_directory_domain_service_replica_set
@@ -57,9 +60,15 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_api_management_product_policy
 ./resource.ps1 azurerm_api_management_product_tag
 ./resource.ps1 azurerm_api_management_redis_cache
+./resource.ps1 azurerm_api_management_standalone_gateway
 ./resource.ps1 azurerm_api_management_subscription
 ./resource.ps1 azurerm_api_management_tag
 ./resource.ps1 azurerm_api_management_user
+./resource.ps1 azurerm_api_management_workspace
+./resource.ps1 azurerm_api_management_workspace_api_version_set
+./resource.ps1 azurerm_api_management_workspace_certificate
+./resource.ps1 azurerm_api_management_workspace_policy
+./resource.ps1 azurerm_api_management_workspace_policy_fragment
 ./resource.ps1 azurerm_app_configuration_feature
 ./resource.ps1 azurerm_app_configuration_key
 ./resource.ps1 azurerm_app_service_active_slot
@@ -88,6 +97,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_application_insights_workbook_template
 ./resource.ps1 azurerm_application_load_balancer
 ./resource.ps1 azurerm_application_load_balancer_frontend
+./resource.ps1 azurerm_application_load_balancer_security_policy
 ./resource.ps1 azurerm_application_load_balancer_subnet_association
 ./resource.ps1 azurerm_application_security_group
 ./resource.ps1 azurerm_arc_kubernetes_cluster
@@ -240,6 +250,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_data_factory_credential_service_principal
 ./resource.ps1 azurerm_data_factory_credential_user_managed_identity
 ./resource.ps1 azurerm_data_factory_custom_dataset
+./resource.ps1 azurerm_data_factory_customer_managed_key
 ./resource.ps1 azurerm_data_factory_data_flow
 ./resource.ps1 azurerm_data_factory_dataset_azure_blob
 ./resource.ps1 azurerm_data_factory_dataset_azure_sql_table
@@ -352,10 +363,14 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_elastic_san_volume_group
 ./resource.ps1 azurerm_email_communication_service
 ./resource.ps1 azurerm_email_communication_service_domain
+./resource.ps1 azurerm_email_communication_service_domain_sender_username
 ./resource.ps1 azurerm_eventgrid_domain
 ./resource.ps1 azurerm_eventgrid_domain_topic
 ./resource.ps1 azurerm_eventgrid_event_subscription
 ./resource.ps1 azurerm_eventgrid_namespace
+./resource.ps1 azurerm_eventgrid_partner_configuration
+./resource.ps1 azurerm_eventgrid_partner_namespace
+./resource.ps1 azurerm_eventgrid_partner_registration
 ./resource.ps1 azurerm_eventgrid_system_topic
 ./resource.ps1 azurerm_eventgrid_system_topic_event_subscription
 ./resource.ps1 azurerm_eventgrid_topic
@@ -538,9 +553,12 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_managed_application_definition
 ./resource.ps1 azurerm_managed_disk_sas_token
 ./resource.ps1 azurerm_managed_lustre_file_system
+./resource.ps1 azurerm_managed_redis
+./resource.ps1 azurerm_managed_redis_geo_replication
 ./resource.ps1 azurerm_management_group_policy_assignment
 ./resource.ps1 azurerm_management_group_policy_exemption
 ./resource.ps1 azurerm_management_group_policy_remediation
+./resource.ps1 azurerm_management_group_policy_set_definition
 ./resource.ps1 azurerm_management_group_subscription_association
 ./resource.ps1 azurerm_management_group_template_deployment
 ./resource.ps1 azurerm_management_lock
@@ -562,6 +580,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_mobile_network_site
 ./resource.ps1 azurerm_mobile_network_slice
 ./resource.ps1 azurerm_mongo_cluster
+./resource.ps1 azurerm_mongo_cluster_firewall_rule
 ./resource.ps1 azurerm_monitor_aad_diagnostic_setting
 ./resource.ps1 azurerm_monitor_action_group
 ./resource.ps1 azurerm_monitor_activity_log_alert
@@ -598,6 +617,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_mssql_managed_instance_active_directory_administrator
 ./resource.ps1 azurerm_mssql_managed_instance_failover_group
 ./resource.ps1 azurerm_mssql_managed_instance_security_alert_policy
+./resource.ps1 azurerm_mssql_managed_instance_start_stop_schedule
 ./resource.ps1 azurerm_mssql_managed_instance_transparent_data_encryption
 ./resource.ps1 azurerm_mssql_managed_instance_vulnerability_assessment
 ./resource.ps1 azurerm_mssql_outbound_firewall_rule
@@ -646,16 +666,22 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_network_manager_connectivity_configuration
 ./resource.ps1 azurerm_network_manager_deployment
 ./resource.ps1 azurerm_network_manager_ipam_pool
+./resource.ps1 azurerm_network_manager_ipam_pool_static_cidr
 ./resource.ps1 azurerm_network_manager_management_group_connection
 ./resource.ps1 azurerm_network_manager_network_group
+./resource.ps1 azurerm_network_manager_routing_configuration
+./resource.ps1 azurerm_network_manager_routing_rule
+./resource.ps1 azurerm_network_manager_routing_rule_collection
 ./resource.ps1 azurerm_network_manager_scope_connection
 ./resource.ps1 azurerm_network_manager_security_admin_configuration
 ./resource.ps1 azurerm_network_manager_static_member
 ./resource.ps1 azurerm_network_manager_subscription_connection
 ./resource.ps1 azurerm_network_manager_verifier_workspace
+./resource.ps1 azurerm_network_manager_verifier_workspace_reachability_analysis_intent
 ./resource.ps1 azurerm_network_profile
 ./resource.ps1 azurerm_new_relic_monitor
 ./resource.ps1 azurerm_new_relic_tag_rule
+./resource.ps1 azurerm_nginx_api_key
 ./resource.ps1 azurerm_nginx_certificate
 ./resource.ps1 azurerm_nginx_configuration
 ./resource.ps1 azurerm_nginx_deployment
@@ -663,8 +689,13 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_notification_hub_authorization_rule
 ./resource.ps1 azurerm_notification_hub_namespace
 ./resource.ps1 azurerm_oracle_autonomous_database
+./resource.ps1 azurerm_oracle_autonomous_database_backup
+./resource.ps1 azurerm_oracle_autonomous_database_clone_from_backup
+./resource.ps1 azurerm_oracle_autonomous_database_clone_from_database
 ./resource.ps1 azurerm_oracle_cloud_vm_cluster
 ./resource.ps1 azurerm_oracle_exadata_infrastructure
+./resource.ps1 azurerm_oracle_exascale_database_storage_vault
+./resource.ps1 azurerm_oracle_resource_anchor
 ./resource.ps1 azurerm_orbital_contact
 ./resource.ps1 azurerm_orbital_contact_profile
 ./resource.ps1 azurerm_orbital_spacecraft
@@ -695,6 +726,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_postgresql_firewall_rule
 ./resource.ps1 azurerm_postgresql_flexible_server
 ./resource.ps1 azurerm_postgresql_flexible_server_active_directory_administrator
+./resource.ps1 azurerm_postgresql_flexible_server_backup
 ./resource.ps1 azurerm_postgresql_flexible_server_configuration
 ./resource.ps1 azurerm_postgresql_flexible_server_database
 ./resource.ps1 azurerm_postgresql_flexible_server_firewall_rule
@@ -724,6 +756,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_public_ip
 ./resource.ps1 azurerm_public_ip_prefix
 ./resource.ps1 azurerm_purview_account
+./resource.ps1 azurerm_qumulo_file_system
 ./resource.ps1 azurerm_recovery_services_vault
 ./resource.ps1 azurerm_recovery_services_vault_resource_guard_association
 ./resource.ps1 azurerm_redhat_openshift_cluster
@@ -804,6 +837,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_service_fabric_managed_cluster
 ./resource.ps1 azurerm_servicebus_namespace
 ./resource.ps1 azurerm_servicebus_namespace_authorization_rule
+./resource.ps1 azurerm_servicebus_namespace_customer_managed_key
 ./resource.ps1 azurerm_servicebus_namespace_disaster_recovery_config
 ./resource.ps1 azurerm_servicebus_queue
 ./resource.ps1 azurerm_servicebus_queue_authorization_rule
@@ -835,7 +869,6 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_site_recovery_vmware_replication_policy_association
 ./resource.ps1 azurerm_snapshot
 ./resource.ps1 azurerm_source_control_token
-./resource.ps1 azurerm_spatial_anchors_account
 ./resource.ps1 azurerm_spring_cloud_accelerator
 ./resource.ps1 azurerm_spring_cloud_active_deployment
 ./resource.ps1 azurerm_spring_cloud_api_portal
@@ -866,7 +899,6 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_spring_cloud_new_relic_application_performance_monitoring
 ./resource.ps1 azurerm_spring_cloud_service
 ./resource.ps1 azurerm_spring_cloud_storage
-./resource.ps1 azurerm_sql_database
 ./resource.ps1 azurerm_sql_firewall_rule
 ./resource.ps1 azurerm_sql_server
 ./resource.ps1 azurerm_sql_virtual_network_rule
@@ -914,6 +946,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_stream_analytics_function_javascript_udf
 ./resource.ps1 azurerm_stream_analytics_job
 ./resource.ps1 azurerm_stream_analytics_job_schedule
+./resource.ps1 azurerm_stream_analytics_job_storage_account
 ./resource.ps1 azurerm_stream_analytics_managed_private_endpoint
 ./resource.ps1 azurerm_stream_analytics_output_blob
 ./resource.ps1 azurerm_stream_analytics_output_cosmosdb
@@ -968,6 +1001,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_system_center_virtual_machine_manager_cloud
 ./resource.ps1 azurerm_system_center_virtual_machine_manager_server
 ./resource.ps1 azurerm_system_center_virtual_machine_manager_virtual_machine_instance
+./resource.ps1 azurerm_system_center_virtual_machine_manager_virtual_machine_instance_guest_agent
 ./resource.ps1 azurerm_system_center_virtual_machine_manager_virtual_machine_template
 ./resource.ps1 azurerm_system_center_virtual_machine_manager_virtual_network
 ./resource.ps1 azurerm_tenant_template_deployment
@@ -1030,6 +1064,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_web_pubsub_network_acl
 ./resource.ps1 azurerm_web_pubsub_service
 ./resource.ps1 azurerm_web_pubsub_shared_private_link_resource
+./resource.ps1 azurerm_web_pubsub_socketio
 ./resource.ps1 azurerm_windows_function_app
 ./resource.ps1 azurerm_windows_function_app_slot
 ./resource.ps1 azurerm_windows_web_app
@@ -1040,9 +1075,10 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_aadb2c_directory -type data
 ./resource.ps1 azurerm_active_directory_domain_service -type data
 ./resource.ps1 azurerm_advisor_recommendations -type data
+./resource.ps1 azurerm_api_connection -type data
 ./resource.ps1 azurerm_api_management_subscription -type data
 ./resource.ps1 azurerm_arc_resource_bridge_appliance -type data
-./resource.ps1 azurerm_attestation -type data
+./resource.ps1 azurerm_attestation_provider -type data
 ./resource.ps1 azurerm_automation_runbook -type data
 ./resource.ps1 azurerm_billing_enrollment_account_scope -type data
 ./resource.ps1 azurerm_billing_mca_account_scope -type data
@@ -1063,8 +1099,8 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_consumption_budget_resource_group -type data
 ./resource.ps1 azurerm_consumption_budget_subscription -type data
 ./resource.ps1 azurerm_container_app -type data
-./resource.ps1 azurerm_container_app_environment. -type data
-./resource.ps1 azurerm_container_app_environment_certificate. -type data
+./resource.ps1 azurerm_container_app_environment -type data
+./resource.ps1 azurerm_container_app_environment_certificate -type data
 ./resource.ps1 azurerm_container_app_environment_dapr_component. -type data
 ./resource.ps1 azurerm_container_group -type data
 ./resource.ps1 azurerm_container_registry -type data
@@ -1075,6 +1111,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_cosmosdb_mongo_database -type data
 ./resource.ps1 azurerm_cosmosdb_restorable_database_accounts -type data
 ./resource.ps1 azurerm_cosmosdb_sql_database -type data
+./resource.ps1 azurerm_cosmosdb_sql_role_definition -type data
 ./resource.ps1 azurerm_dashboard_grafana -type data
 ./resource.ps1 azurerm_data_factory -type data
 ./resource.ps1 azurerm_data_factory_trigger_schedule -type data
@@ -1090,11 +1127,22 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_data_share_dataset_kusto_database -type data
 ./resource.ps1 azurerm_database_migration_project -type data
 ./resource.ps1 azurerm_database_migration_service -type data
+./resource.ps1 azurerm_databox_edge_device -type data
 ./resource.ps1 azurerm_databricks_access_connector -type data
 ./resource.ps1 azurerm_databricks_workspace -type data
 ./resource.ps1 azurerm_databricks_workspace_private_endpoint_connection -type data
 ./resource.ps1 azurerm_dedicated_host -type data
 ./resource.ps1 azurerm_dedicated_host_group -type data
+./resource.ps1 azurerm_dev_center -type data
+./resource.ps1 azurerm_dev_center_attached_network -type data
+./resource.ps1 azurerm_dev_center_catalog -type data
+./resource.ps1 azurerm_dev_center_dev_box_definition -type data
+./resource.ps1 azurerm_dev_center_environment_type -type data
+./resource.ps1 azurerm_dev_center_gallery -type data
+./resource.ps1 azurerm_dev_center_network_connection -type data
+./resource.ps1 azurerm_dev_center_project -type data
+./resource.ps1 azurerm_dev_center_project_environment_type -type data
+./resource.ps1 azurerm_dev_center_project_pool -type data
 ./resource.ps1 azurerm_digital_twins_instance -type data
 ./resource.ps1 azurerm_disk_access -type data
 ./resource.ps1 azurerm_disk_encryption_set -type data
@@ -1109,16 +1157,19 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_dns_srv_record -type data
 ./resource.ps1 azurerm_dns_txt_record -type data
 ./resource.ps1 azurerm_dns_zone -type data
-./resource.ps1 azurerm_dynatrace_monitor. -type data
+./resource.ps1 azurerm_dynatrace_monitor -type data
 ./resource.ps1 azurerm_elastic_cloud_elasticsearch -type data
 ./resource.ps1 azurerm_elastic_san -type data
 ./resource.ps1 azurerm_elastic_san_volume_group -type data
 ./resource.ps1 azurerm_elastic_san_volume_snapshot -type data
 ./resource.ps1 azurerm_eventgrid_domain -type data
 ./resource.ps1 azurerm_eventgrid_domain_topic -type data
+./resource.ps1 azurerm_eventgrid_partner_namespace -type data
+./resource.ps1 azurerm_eventgrid_partner_registration -type data
 ./resource.ps1 azurerm_eventgrid_system_topic -type data
 ./resource.ps1 azurerm_eventgrid_topic -type data
 ./resource.ps1 azurerm_eventhub -type data
+./resource.ps1 azurerm_eventhub_authorization_rule -type data
 ./resource.ps1 azurerm_eventhub_cluster -type data
 ./resource.ps1 azurerm_eventhub_consumer_group -type data
 ./resource.ps1 azurerm_eventhub_namespace -type data
@@ -1132,6 +1183,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_firewall_policy -type data
 ./resource.ps1 azurerm_function_app -type data
 ./resource.ps1 azurerm_function_app_host_keys -type data
+./resource.ps1 azurerm_graph_services_account -type data
 ./resource.ps1 azurerm_hdinsight_cluster -type data
 ./resource.ps1 azurerm_healthcare_dicom_service -type data
 ./resource.ps1 azurerm_healthcare_fhir_service -type data
@@ -1164,6 +1216,7 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_local_network_gateway -type data
 ./resource.ps1 azurerm_location -type data
 ./resource.ps1 azurerm_log_analytics_workspace -type data
+./resource.ps1 azurerm_log_analytics_workspace_table -type data
 ./resource.ps1 azurerm_logic_app_integration_account -type data
 ./resource.ps1 azurerm_logic_app_standard -type data
 ./resource.ps1 azurerm_logic_app_workflow -type data
@@ -1172,9 +1225,23 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_managed_api -type data
 ./resource.ps1 azurerm_managed_application_definition -type data
 ./resource.ps1 azurerm_managed_disk -type data
+./resource.ps1 azurerm_managed_disks -type data
+./resource.ps1 azurerm_managed_redis -type data
 ./resource.ps1 azurerm_management_group -type data
 ./resource.ps1 azurerm_management_group_template_deployment -type data
 ./resource.ps1 azurerm_maps_account -type data
+./resource.ps1 azurerm_marketplace_agreement -type data
+./resource.ps1 azurerm_mobile_network -type data
+./resource.ps1 azurerm_mobile_network_attached_data_network -type data
+./resource.ps1 azurerm_mobile_network_data_network -type data
+./resource.ps1 azurerm_mobile_network_packet_core_control_plane -type data
+./resource.ps1 azurerm_mobile_network_packet_core_data_plane -type data
+./resource.ps1 azurerm_mobile_network_service -type data
+./resource.ps1 azurerm_mobile_network_sim -type data
+./resource.ps1 azurerm_mobile_network_sim_group -type data
+./resource.ps1 azurerm_mobile_network_sim_policy -type data
+./resource.ps1 azurerm_mobile_network_site -type data
+./resource.ps1 azurerm_mobile_network_slice -type data
 ./resource.ps1 azurerm_monitor_action_group -type data
 ./resource.ps1 azurerm_monitor_data_collection_endpoint -type data
 ./resource.ps1 azurerm_monitor_data_collection_rule -type data
@@ -1184,12 +1251,16 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_monitor_workspace -type data
 ./resource.ps1 azurerm_mssql_database -type data
 ./resource.ps1 azurerm_mssql_elasticpool -type data
+./resource.ps1 azurerm_mssql_failover_group -type data
 ./resource.ps1 azurerm_mssql_managed_database -type data
 ./resource.ps1 azurerm_mssql_managed_instance -type data
 ./resource.ps1 azurerm_mssql_server -type data
+./resource.ps1 azurerm_mysql_flexible_server -type data
 ./resource.ps1 azurerm_nat_gateway -type data
 ./resource.ps1 azurerm_netapp_account -type data
 ./resource.ps1 azurerm_netapp_account_encryption -type data
+./resource.ps1 azurerm_netapp_backup_policy -type data
+./resource.ps1 azurerm_netapp_backup_vault -type data
 ./resource.ps1 azurerm_netapp_pool -type data
 ./resource.ps1 azurerm_netapp_snapshot -type data
 ./resource.ps1 azurerm_netapp_snapshot_policy -type data
@@ -1199,9 +1270,13 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_netapp_volume_quota_rule -type data
 ./resource.ps1 azurerm_network_ddos_protection_plan -type data
 ./resource.ps1 azurerm_network_interface -type data
+./resource.ps1 azurerm_network_manager -type data
 ./resource.ps1 azurerm_network_manager_connectivity_configuration -type data
+./resource.ps1 azurerm_network_manager_ipam_pool -type data
+./resource.ps1 azurerm_network_manager_network_group -type data
 ./resource.ps1 azurerm_network_security_group -type data
 ./resource.ps1 azurerm_network_service_tags -type data
+./resource.ps1 azurerm_nginx_api_key -type data
 ./resource.ps1 azurerm_nginx_certificate -type data
 ./resource.ps1 azurerm_nginx_configuration -type data
 ./resource.ps1 azurerm_nginx_deployment -type data
@@ -1210,13 +1285,20 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_oracle_adbs_character_sets -type data
 ./resource.ps1 azurerm_oracle_adbs_national_character_sets -type data
 ./resource.ps1 azurerm_oracle_autonomous_database -type data
+./resource.ps1 azurerm_oracle_autonomous_database_backup -type data
+./resource.ps1 azurerm_oracle_autonomous_database_backups -type data
+./resource.ps1 azurerm_oracle_autonomous_database_clone_from_backup -type data
+./resource.ps1 azurerm_oracle_autonomous_database_clone_from_database -type data
 ./resource.ps1 azurerm_oracle_cloud_vm_cluster -type data
 ./resource.ps1 azurerm_oracle_db_nodes -type data
 ./resource.ps1 azurerm_oracle_db_servers -type data
 ./resource.ps1 azurerm_oracle_db_system_shapes -type data
 ./resource.ps1 azurerm_oracle_exadata_infrastructure -type data
+./resource.ps1 azurerm_oracle_exascale_database_storage_vault -type data
 ./resource.ps1 azurerm_oracle_gi_versions -type data
+./resource.ps1 azurerm_oracle_resource_anchor -type data
 ./resource.ps1 azurerm_orchestrated_virtual_machine_scale_set -type data
+./resource.ps1 azurerm_palo_alto_local_rulestack -type data
 ./resource.ps1 azurerm_platform_image -type data
 ./resource.ps1 azurerm_policy_assignment -type data
 ./resource.ps1 azurerm_policy_definition -type data
@@ -1248,18 +1330,22 @@ Datasource percentage coverage 35.06
 ./resource.ps1 azurerm_proximity_placement_group -type data
 ./resource.ps1 azurerm_public_maintenance_configurations -type data
 ./resource.ps1 azurerm_recovery_services_vault -type data
+./resource.ps1 azurerm_role_assignments -type data
 ./resource.ps1 azurerm_role_management_policy -type data
+./resource.ps1 azurerm_search_service -type data
 ./resource.ps1 azurerm_sentinel_alert_rule_anomaly -type data
 ./resource.ps1 azurerm_servicebus_namespace_disaster_recovery_config -type data
 ./resource.ps1 azurerm_servicebus_topic_authorization_rule -type data
+./resource.ps1 azurerm_site_recovery_replication_recovery_plan -type data
 ./resource.ps1 azurerm_stack_hci_storage_path -type data
 ./resource.ps1 azurerm_static_web_app -type data
 ./resource.ps1 azurerm_storage_queue -type data
 ./resource.ps1 azurerm_storage_table -type data
+./resource.ps1 azurerm_storage_table_entities -type data
 ./resource.ps1 azurerm_system_center_virtual_machine_manager_inventory_items -type data
+./resource.ps1 azurerm_trusted_signing_account -type data
 ./resource.ps1 azurerm_virtual_desktop_application_group -type data
 ./resource.ps1 azurerm_virtual_desktop_workspace -type data
 ./resource.ps1 azurerm_virtual_network_peering -type data
 ./resource.ps1 azurerm_vpn_server_configuration -type data
-./resource.ps1 netapp_backup_policy -type data
-./resource.ps1 netapp_backup_vault -type data
+```
diff --git a/src/coverage/coverage.go b/src/coverage/coverage.go
index b2237a09..a70dcd66 100644
--- a/src/coverage/coverage.go
+++ b/src/coverage/coverage.go
@@ -19,7 +19,7 @@ type members struct {
 func coverageAWS() error {
 	data := importMembers("../parse/aws-members.json")
 	missing := members{}
-	target := ""
+	target := "```shell\n"
 
 	for _, myData := range data.Resources {
 		if temp := pike.AwsLookup(myData); temp == nil {
@@ -38,11 +38,9 @@ func coverageAWS() error {
 			}
 		}
 	}
+	target += "```\n"
 
-	Prepend := "# todo aws \n\n"
-
-	Prepend += fmt.Sprintf("Resource percentage coverage   %3.2f \n", percent(missing.Resources, data.Resources))
-	Prepend += fmt.Sprintf("Datasource percentage coverage %3.2f \n\n", percent(missing.DataSources, data.DataSources))
+	Prepend := resourceTable(missing, data, "AWS")
 
 	target = Prepend + target
 	err := os.WriteFile("aws.md", []byte(target), 0o700)
@@ -65,7 +63,7 @@ func (e *fileWriteError) Error() string {
 func coverageAzure() error {
 	data := importMembers("../parse/azurerm-members.json")
 	missing := members{}
-	target := ""
+	target := "```shell\n"
 
 	for _, myData := range data.Resources {
 		if temp := pike.AzureLookup(myData); temp == nil {
@@ -80,12 +78,9 @@ func coverageAzure() error {
 			target += "./resource.ps1 " + myData + " -type data\n"
 		}
 	}
+	target += "```\n"
 
-	Prepend := "# todo azure \n\n"
-
-	Prepend += fmt.Sprintf("Resource percentage coverage   %3.2f \n", percent(missing.Resources, data.Resources))
-	Prepend += fmt.Sprintf("Datasource percentage coverage %3.2f \n\n", percent(missing.DataSources, data.DataSources))
-
+	Prepend := resourceTable(missing, data, "Azure")
 	target = Prepend + target
 	err := os.WriteFile("azure.md", []byte(target), 0o700)
 
@@ -100,7 +95,7 @@ func coverageAzure() error {
 func coverageGcp() error {
 	data := importMembers("../parse/google-members.json")
 	missing := members{}
-	target := ""
+	target := "```shell\n"
 
 	for _, myData := range data.Resources {
 		if temp := pike.GCPLookup(myData); temp == nil {
@@ -115,11 +110,9 @@ func coverageGcp() error {
 			target += "./resource.ps1 " + myData + " -type data\n"
 		}
 	}
+	target += "```\n"
 
-	Prepend := "# todo google \n\n"
-
-	Prepend += fmt.Sprintf("Resource percentage coverage   %3.2f \n", percent(missing.Resources, data.Resources))
-	Prepend += fmt.Sprintf("Datasource percentage coverage %3.2f \n\n", percent(missing.DataSources, data.DataSources))
+	Prepend := resourceTable(missing, data, "Google")
 
 	target = Prepend + target
 	err := os.WriteFile("google.md", []byte(target), 0o700)
@@ -132,6 +125,19 @@ func coverageGcp() error {
 	return nil
 }
 
+func resourceTable(missing members, data members, cloud string) string {
+	Prepend := fmt.Sprintf("# %s Resource Status\n\n", cloud)
+	Prepend += fmt.Sprintf("| Terraform  | Coverage %% | Resources | Total Resources |\n")
+	Prepend += fmt.Sprintf("|------------|------------|-----------|-----------------|\n")
+	Prepend += fmt.Sprintf("| Resources  | %3.2f      | %5d       | %5d            |\n",
+		percent(missing.Resources, data.Resources),
+		len(data.Resources)-len(missing.Resources), len(data.Resources))
+	Prepend += fmt.Sprintf("| Datasource | %3.2f      | %5d       | %5d             |\n\n",
+		percent(missing.DataSources, data.DataSources),
+		len(data.DataSources)-len(missing.DataSources), len(data.DataSources))
+	return Prepend
+}
+
 func importMembers(targetMembers string) members {
 	fileName, _ := filepath.Abs(targetMembers)
 	file, _ := os.ReadFile(fileName)
diff --git a/src/coverage/coverage_internal_test.go b/src/coverage/coverage_internal_test.go
new file mode 100644
index 00000000..93b3e1d1
--- /dev/null
+++ b/src/coverage/coverage_internal_test.go
@@ -0,0 +1,213 @@
+package coverage
+
+import (
+	"encoding/json"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	pike "github.com/jameswoolfenden/pike/src"
+)
+
+// Helper function to create test JSON file
+func createTestMembersFile(t *testing.T, data members) string {
+	tempDir := t.TempDir()
+	filePath := filepath.Join(tempDir, "test-members.json")
+
+	jsonData, err := json.Marshal(data)
+	if err != nil {
+		t.Fatalf("Failed to marshal test data: %v", err)
+	}
+
+	err = os.WriteFile(filePath, jsonData, 0644)
+	if err != nil {
+		t.Fatalf("Failed to write test file: %v", err)
+	}
+
+	return filePath
+}
+
+// Test the data sources processing logic specifically
+func TestCoverageAWS_DataSourcesProcessing(t *testing.T) {
+	tests := []struct {
+		name                string
+		dataSources         []string
+		expectedMissing     []string
+		expectedTargetLines int
+	}{
+		{
+			name:                "empty data sources",
+			dataSources:         []string{},
+			expectedMissing:     []string{},
+			expectedTargetLines: 0,
+		},
+		{
+			name:                "aws data source not in pike lookup",
+			dataSources:         []string{"aws_s3_bucket_duff"},
+			expectedMissing:     []string{"aws_s3_bucket_duff"},
+			expectedTargetLines: 1,
+		},
+		{
+			name:                "non-aws data source not in pike lookup",
+			dataSources:         []string{"google_storage_bucket"},
+			expectedMissing:     []string{},
+			expectedTargetLines: 0,
+		},
+		{
+			name:                "mixed aws and non-aws data sources",
+			dataSources:         []string{"aws_s3_bucket_duff", "google_storage_bucket", "aws_ec2_instance"},
+			expectedMissing:     []string{"aws_s3_bucket_duff", "aws_ec2_instance"},
+			expectedTargetLines: 2,
+		},
+		{
+			name:                "data source containing aws in middle",
+			dataSources:         []string{"terraform_aws_s3_bucket"},
+			expectedMissing:     []string{"terraform_aws_s3_bucket"},
+			expectedTargetLines: 1,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Create test data
+			testData := members{
+				DataSources: tt.dataSources,
+				Resources:   []string{}, // Empty for this test
+			}
+
+			// Create temporary test file
+			testFile := createTestMembersFile(t, testData)
+
+			// Load test data
+			data := members{}
+			fileName, _ := filepath.Abs(testFile)
+			file, err := os.ReadFile(fileName)
+			if err != nil {
+				t.Fatalf("Failed to read test file: %v", err)
+			}
+			err = json.Unmarshal(file, &data)
+			if err != nil {
+				t.Fatalf("Failed to unmarshal test data: %v", err)
+			}
+
+			// Simulate the data sources processing logic from lines 34-40
+			missing := members{}
+			target := ""
+
+			for _, myData := range data.DataSources {
+				// Simulate pike.AwsDataLookup returning nil (not found)
+				if temp := pike.AwsDataLookup(myData); temp == nil {
+					if strings.Contains(myData, "aws") {
+						missing.DataSources = append(missing.DataSources, myData)
+						target += "./resource.ps1 " + myData + " -type data\n"
+					}
+				}
+			}
+
+			// Verify results
+			if len(missing.DataSources) != len(tt.expectedMissing) {
+				t.Errorf("Expected %d missing data sources, got %d", len(tt.expectedMissing), len(missing.DataSources))
+			}
+
+			for i, expected := range tt.expectedMissing {
+				if i >= len(missing.DataSources) || missing.DataSources[i] != expected {
+					t.Errorf("Expected missing data source %s, got %s", expected, missing.DataSources[i])
+				}
+			}
+
+			// Count target lines
+			targetLines := 0
+			if target != "" {
+				targetLines = strings.Count(target, "\n")
+			}
+
+			if targetLines != tt.expectedTargetLines {
+				t.Errorf("Expected %d target lines, got %d", tt.expectedTargetLines, targetLines)
+			}
+
+			// Verify target format for aws data sources
+			for _, expectedDS := range tt.expectedMissing {
+				expectedLine := "./resource.ps1 " + expectedDS + " -type data\n"
+				if !strings.Contains(target, expectedLine) {
+					t.Errorf("Expected target to contain %s", expectedLine)
+				}
+			}
+		})
+	}
+}
+
+func TestCoverageAWS_DataSourcesTargetFormat(t *testing.T) {
+	testData := members{
+		DataSources: []string{"aws_s3_bucket", "aws_ec2_instance"},
+		Resources:   []string{},
+	}
+
+	testFile := createTestMembersFile(t, testData)
+
+	data := members{}
+	fileName, _ := filepath.Abs(testFile)
+	file, _ := os.ReadFile(fileName)
+	_ = json.Unmarshal(file, &data)
+
+	target := ""
+	for _, myData := range data.DataSources {
+		if temp := pike.AwsDataLookup(myData); temp == nil {
+			if strings.Contains(myData, "aws") {
+				target += "./resource.ps1 " + myData + " -type data\n"
+			}
+		}
+	}
+
+	expectedTarget := "./resource.ps1 aws_ec2_instance -type data\n"
+	if target != expectedTarget {
+		t.Errorf("Expected target format:\n%s\nGot:\n%s", expectedTarget, target)
+	}
+}
+
+func TestCoverageAWS_DataSourcesCaseInsensitive(t *testing.T) {
+	testCases := []struct {
+		name       string
+		dataSource string
+		shouldAdd  bool
+	}{
+		{"lowercase aws", "aws_ec2_instance", true},
+		{"uppercase AWS", "AWS_EC2_INSTANCE", false},
+		{"mixed case", "Aws_EC2_Bucket", false},
+		{"aws in middle", "terraform_aws_s3", true},
+		{"no aws", "google_storage", false},
+		{"aws substring", "awesome_bucket", false}, // contains "aws"
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			testData := members{
+				DataSources: []string{tc.dataSource},
+				Resources:   []string{},
+			}
+
+			testFile := createTestMembersFile(t, testData)
+
+			data := members{}
+			fileName, _ := filepath.Abs(testFile)
+			file, _ := os.ReadFile(fileName)
+			_ = json.Unmarshal(file, &data)
+
+			missing := members{}
+			for _, myData := range data.DataSources {
+				if temp := pike.AwsDataLookup(myData); temp == nil {
+					if strings.Contains(myData, "aws") {
+						missing.DataSources = append(missing.DataSources, myData)
+					}
+				}
+			}
+
+			if tc.shouldAdd && len(missing.DataSources) == 0 {
+				t.Errorf("Expected %s to be added to missing data sources", tc.dataSource)
+			}
+			if !tc.shouldAdd && len(missing.DataSources) > 0 {
+				t.Errorf("Expected %s not to be added to missing data sources", tc.dataSource)
+			}
+		})
+	}
+}
diff --git a/src/coverage/coverage_test.go b/src/coverage/coverage_test.go
index b47b1f61..76009001 100644
--- a/src/coverage/coverage_test.go
+++ b/src/coverage/coverage_test.go
@@ -1,6 +1,7 @@
 package coverage
 
 import (
+	"errors"
 	"testing"
 
 	pike "github.com/jameswoolfenden/pike/src"
@@ -101,3 +102,26 @@ func Test_coverageGcp(t *testing.T) {
 		})
 	}
 }
+
+func Test_fileWriteError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"invoke", fields{err: errors.New("fail")}, "fail"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &fileWriteError{
+				err: tt.fields.err,
+			}
+			if got := e.Error(); got != tt.want {
+				t.Errorf("Error() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
diff --git a/src/coverage/google.md b/src/coverage/google.md
index 7ae01d58..2275cfd5 100755
--- a/src/coverage/google.md
+++ b/src/coverage/google.md
@@ -1,8 +1,11 @@
-# todo google
+# Google Resource Status
 
-Resource percentage coverage   17.78
-Datasource percentage coverage 69.43
+| Terraform  | Coverage % | Resources | Total Resources |
+|------------|------------|-----------|-----------------|
+| Resources  | 62.39      |   783       |  1255            |
+| Datasource | 99.01      |   399       |   403             |
 
+```shell
 ./resource.ps1 google_access_context_manager_access_level_condition
 ./resource.ps1 google_access_context_manager_service_perimeter_dry_run_egress_policy
 ./resource.ps1 google_access_context_manager_service_perimeter_dry_run_ingress_policy
@@ -15,16 +18,19 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_active_directory_peering
 ./resource.ps1 google_apigee_addons_config
 ./resource.ps1 google_apigee_api
+./resource.ps1 google_apigee_api_deployment
+./resource.ps1 google_apigee_api_product
 ./resource.ps1 google_apigee_app_group
+./resource.ps1 google_apigee_control_plane_access
 ./resource.ps1 google_apigee_developer
+./resource.ps1 google_apigee_developer_app
+./resource.ps1 google_apigee_dns_zone
 ./resource.ps1 google_apigee_env_keystore
 ./resource.ps1 google_apigee_envgroup
 ./resource.ps1 google_apigee_envgroup_attachment
 ./resource.ps1 google_apigee_environment
 ./resource.ps1 google_apigee_environment_addons_config
-./resource.ps1 google_apigee_environment_iam_binding
-./resource.ps1 google_apigee_environment_iam_member
-./resource.ps1 google_apigee_environment_iam_policy
+./resource.ps1 google_apigee_environment_api_revision_deployment
 ./resource.ps1 google_apigee_environment_keyvaluemaps
 ./resource.ps1 google_apigee_environment_keyvaluemaps_entries
 ./resource.ps1 google_apigee_instance
@@ -32,10 +38,11 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_apigee_keystores_aliases_self_signed_cert
 ./resource.ps1 google_apigee_nat_address
 ./resource.ps1 google_apigee_organization
+./resource.ps1 google_apigee_security_action
+./resource.ps1 google_apigee_security_monitoring_condition
+./resource.ps1 google_apigee_security_profile_v2
 ./resource.ps1 google_apigee_sync_authorization
 ./resource.ps1 google_apigee_target_server
-./resource.ps1 google_apihub_api_hub_instance
-./resource.ps1 google_apihub_host_project_registration
 ./resource.ps1 google_apikeys_key
 ./resource.ps1 google_app_engine_application
 ./resource.ps1 google_app_engine_application_url_dispatch_rules
@@ -45,62 +52,30 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_app_engine_service_network_settings
 ./resource.ps1 google_app_engine_service_split_traffic
 ./resource.ps1 google_app_engine_standard_app_version
-./resource.ps1 google_apphub_application
-./resource.ps1 google_apphub_service
-./resource.ps1 google_apphub_service_project_attachment
-./resource.ps1 google_apphub_workload
+./resource.ps1 google_artifact_registry_package
 ./resource.ps1 google_artifact_registry_vpcsc_config
 ./resource.ps1 google_assured_workloads_workload
-./resource.ps1 google_backup_dr_backup_plan
-./resource.ps1 google_backup_dr_backup_plan_association
-./resource.ps1 google_backup_dr_backup_vault
-./resource.ps1 google_backup_dr_management_server
-./resource.ps1 google_beyondcorp_app_connection
-./resource.ps1 google_beyondcorp_app_connector
-./resource.ps1 google_beyondcorp_app_gateway
-./resource.ps1 google_beyondcorp_application
-./resource.ps1 google_beyondcorp_application_iam_binding
-./resource.ps1 google_beyondcorp_application_iam_member
-./resource.ps1 google_beyondcorp_application_iam_policy
-./resource.ps1 google_beyondcorp_security_gateway
-./resource.ps1 google_beyondcorp_security_gateway_iam_binding
-./resource.ps1 google_beyondcorp_security_gateway_iam_member
-./resource.ps1 google_beyondcorp_security_gateway_iam_policy
-./resource.ps1 google_biglake_catalog
-./resource.ps1 google_biglake_database
-./resource.ps1 google_biglake_table
-./resource.ps1 google_bigquery_analytics_hub_listing_subscription
-./resource.ps1 google_bigquery_datapolicy_data_policy
-./resource.ps1 google_bigquery_datapolicy_data_policy_iam_binding
-./resource.ps1 google_bigquery_datapolicy_data_policy_iam_member
-./resource.ps1 google_bigquery_datapolicy_data_policy_iam_policy
-./resource.ps1 google_bigquery_dataset_access
-./resource.ps1 google_bigtable_authorized_view
-./resource.ps1 google_billing_account_iam_binding
-./resource.ps1 google_billing_account_iam_member
-./resource.ps1 google_billing_account_iam_policy
-./resource.ps1 google_billing_budget
-./resource.ps1 google_billing_project_info
+./resource.ps1 google_bigquery_analytics_hub_data_exchange_subscription
+./resource.ps1 google_bigquery_datapolicyv2_data_policy
+./resource.ps1 google_bigquery_datapolicyv2_data_policy_iam_binding
+./resource.ps1 google_bigquery_datapolicyv2_data_policy_iam_member
+./resource.ps1 google_bigquery_datapolicyv2_data_policy_iam_policy
 ./resource.ps1 google_billing_subaccount
 ./resource.ps1 google_binary_authorization_attestor
-./resource.ps1 google_binary_authorization_attestor_iam_binding
-./resource.ps1 google_binary_authorization_attestor_iam_member
-./resource.ps1 google_binary_authorization_attestor_iam_policy
 ./resource.ps1 google_binary_authorization_policy
 ./resource.ps1 google_blockchain_node_engine_blockchain_nodes
 ./resource.ps1 google_certificate_manager_certificate
 ./resource.ps1 google_certificate_manager_certificate_issuance_config
 ./resource.ps1 google_certificate_manager_certificate_map
 ./resource.ps1 google_certificate_manager_certificate_map_entry
-./resource.ps1 google_certificate_manager_dns_authorization
 ./resource.ps1 google_certificate_manager_trust_config
-./resource.ps1 google_chronicle_data_access_label
-./resource.ps1 google_chronicle_data_access_scope
-./resource.ps1 google_chronicle_reference_list
-./resource.ps1 google_chronicle_retrohunt
-./resource.ps1 google_chronicle_rule
-./resource.ps1 google_chronicle_rule_deployment
-./resource.ps1 google_chronicle_watchlist
+./resource.ps1 google_ces_agent
+./resource.ps1 google_ces_app
+./resource.ps1 google_ces_deployment
+./resource.ps1 google_ces_example
+./resource.ps1 google_ces_guardrail
+./resource.ps1 google_ces_tool
+./resource.ps1 google_ces_toolset
 ./resource.ps1 google_cloud_asset_folder_feed
 ./resource.ps1 google_cloud_asset_organization_feed
 ./resource.ps1 google_cloud_asset_project_feed
@@ -109,115 +84,56 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_cloud_ids_endpoint
 ./resource.ps1 google_cloud_quotas_quota_adjuster_settings
 ./resource.ps1 google_cloud_quotas_quota_preference
-./resource.ps1 google_cloud_run_domain_mapping
-./resource.ps1 google_cloud_run_service
-./resource.ps1 google_cloud_run_service_iam_binding
-./resource.ps1 google_cloud_run_service_iam_member
-./resource.ps1 google_cloud_run_service_iam_policy
+./resource.ps1 google_cloud_security_compliance_cloud_control
+./resource.ps1 google_cloud_security_compliance_framework
+./resource.ps1 google_cloud_security_compliance_framework_deployment
 ./resource.ps1 google_cloud_tasks_queue
-./resource.ps1 google_cloud_tasks_queue_iam_binding
-./resource.ps1 google_cloud_tasks_queue_iam_member
-./resource.ps1 google_cloud_tasks_queue_iam_policy
 ./resource.ps1 google_cloudbuild_bitbucket_server_config
 ./resource.ps1 google_cloudbuild_worker_pool
-./resource.ps1 google_cloudbuildv2_connection
-./resource.ps1 google_cloudbuildv2_connection_iam_binding
-./resource.ps1 google_cloudbuildv2_connection_iam_member
-./resource.ps1 google_cloudbuildv2_connection_iam_policy
-./resource.ps1 google_cloudbuildv2_repository
 ./resource.ps1 google_clouddeploy_automation
 ./resource.ps1 google_clouddeploy_custom_target_type
-./resource.ps1 google_clouddeploy_custom_target_type_iam_binding
-./resource.ps1 google_clouddeploy_custom_target_type_iam_member
-./resource.ps1 google_clouddeploy_custom_target_type_iam_policy
 ./resource.ps1 google_clouddeploy_delivery_pipeline
-./resource.ps1 google_clouddeploy_delivery_pipeline_iam_binding
-./resource.ps1 google_clouddeploy_delivery_pipeline_iam_member
-./resource.ps1 google_clouddeploy_delivery_pipeline_iam_policy
+./resource.ps1 google_clouddeploy_deploy_policy
 ./resource.ps1 google_clouddeploy_target
-./resource.ps1 google_clouddeploy_target_iam_binding
-./resource.ps1 google_clouddeploy_target_iam_member
-./resource.ps1 google_clouddeploy_target_iam_policy
 ./resource.ps1 google_clouddomains_registration
-./resource.ps1 google_cloudfunctions2_function
-./resource.ps1 google_cloudfunctions2_function_iam_binding
-./resource.ps1 google_cloudfunctions2_function_iam_member
-./resource.ps1 google_cloudfunctions2_function_iam_policy
-./resource.ps1 google_cloudfunctions_function_iam_binding
 ./resource.ps1 google_cloudiot_registry
 ./resource.ps1 google_colab_notebook_execution
 ./resource.ps1 google_colab_runtime
 ./resource.ps1 google_colab_runtime_template
-./resource.ps1 google_colab_runtime_template_iam_binding
-./resource.ps1 google_colab_runtime_template_iam_member
-./resource.ps1 google_colab_runtime_template_iam_policy
 ./resource.ps1 google_colab_schedule
-./resource.ps1 google_composer_environment
-./resource.ps1 google_composer_user_workloads_config_map
-./resource.ps1 google_composer_user_workloads_secret
 ./resource.ps1 google_compute_attached_disk
 ./resource.ps1 google_compute_autoscaler
-./resource.ps1 google_compute_backend_bucket
-./resource.ps1 google_compute_backend_bucket_iam_binding
-./resource.ps1 google_compute_backend_bucket_iam_member
-./resource.ps1 google_compute_backend_bucket_iam_policy
 ./resource.ps1 google_compute_backend_bucket_signed_url_key
-./resource.ps1 google_compute_backend_service
-./resource.ps1 google_compute_backend_service_iam_binding
-./resource.ps1 google_compute_backend_service_iam_member
-./resource.ps1 google_compute_backend_service_iam_policy
 ./resource.ps1 google_compute_backend_service_signed_url_key
+./resource.ps1 google_compute_cross_site_network
 ./resource.ps1 google_compute_disk
 ./resource.ps1 google_compute_disk_async_replication
-./resource.ps1 google_compute_disk_iam_binding
-./resource.ps1 google_compute_disk_iam_member
-./resource.ps1 google_compute_disk_iam_policy
 ./resource.ps1 google_compute_disk_resource_policy_attachment
 ./resource.ps1 google_compute_external_vpn_gateway
 ./resource.ps1 google_compute_firewall_policy
 ./resource.ps1 google_compute_firewall_policy_association
 ./resource.ps1 google_compute_firewall_policy_rule
 ./resource.ps1 google_compute_firewall_policy_with_rules
-./resource.ps1 google_compute_forwarding_rule
-./resource.ps1 google_compute_global_forwarding_rule
+./resource.ps1 google_compute_future_reservation
 ./resource.ps1 google_compute_global_network_endpoint
-./resource.ps1 google_compute_global_network_endpoint_group
 ./resource.ps1 google_compute_ha_vpn_gateway
-./resource.ps1 google_compute_health_check
-./resource.ps1 google_compute_http_health_check
-./resource.ps1 google_compute_https_health_check
 ./resource.ps1 google_compute_image
-./resource.ps1 google_compute_image_iam_binding
-./resource.ps1 google_compute_image_iam_member
-./resource.ps1 google_compute_image_iam_policy
 ./resource.ps1 google_compute_instance_from_machine_image
 ./resource.ps1 google_compute_instance_from_template
 ./resource.ps1 google_compute_instance_group
 ./resource.ps1 google_compute_instance_group_manager
 ./resource.ps1 google_compute_instance_group_membership
 ./resource.ps1 google_compute_instance_group_named_port
-./resource.ps1 google_compute_instance_iam_binding
-./resource.ps1 google_compute_instance_iam_member
-./resource.ps1 google_compute_instance_iam_policy
 ./resource.ps1 google_compute_instance_settings
-./resource.ps1 google_compute_instance_template_iam_binding
-./resource.ps1 google_compute_instance_template_iam_member
-./resource.ps1 google_compute_instance_template_iam_policy
 ./resource.ps1 google_compute_instant_snapshot
-./resource.ps1 google_compute_instant_snapshot_iam_binding
-./resource.ps1 google_compute_instant_snapshot_iam_member
-./resource.ps1 google_compute_instant_snapshot_iam_policy
 ./resource.ps1 google_compute_interconnect
 ./resource.ps1 google_compute_interconnect_attachment
+./resource.ps1 google_compute_interconnect_attachment_group
+./resource.ps1 google_compute_interconnect_group
 ./resource.ps1 google_compute_machine_image
-./resource.ps1 google_compute_machine_image_iam_binding
-./resource.ps1 google_compute_machine_image_iam_member
-./resource.ps1 google_compute_machine_image_iam_policy
 ./resource.ps1 google_compute_managed_ssl_certificate
-./resource.ps1 google_compute_network_attachment
 ./resource.ps1 google_compute_network_edge_security_service
 ./resource.ps1 google_compute_network_endpoint
-./resource.ps1 google_compute_network_endpoint_group
 ./resource.ps1 google_compute_network_endpoints
 ./resource.ps1 google_compute_network_firewall_policy
 ./resource.ps1 google_compute_network_firewall_policy_association
@@ -233,27 +149,20 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_compute_organization_security_policy_rule
 ./resource.ps1 google_compute_packet_mirroring
 ./resource.ps1 google_compute_per_instance_config
+./resource.ps1 google_compute_preview_feature
 ./resource.ps1 google_compute_project_cloud_armor_tier
 ./resource.ps1 google_compute_project_default_network_tier
 ./resource.ps1 google_compute_project_metadata
 ./resource.ps1 google_compute_public_advertised_prefix
 ./resource.ps1 google_compute_public_delegated_prefix
 ./resource.ps1 google_compute_region_autoscaler
-./resource.ps1 google_compute_region_backend_service
-./resource.ps1 google_compute_region_backend_service_iam_binding
-./resource.ps1 google_compute_region_backend_service_iam_member
-./resource.ps1 google_compute_region_backend_service_iam_policy
 ./resource.ps1 google_compute_region_commitment
 ./resource.ps1 google_compute_region_disk
-./resource.ps1 google_compute_region_disk_iam_binding
-./resource.ps1 google_compute_region_disk_iam_member
-./resource.ps1 google_compute_region_disk_iam_policy
 ./resource.ps1 google_compute_region_disk_resource_policy_attachment
-./resource.ps1 google_compute_region_health_check
+./resource.ps1 google_compute_region_health_aggregation_policy
 ./resource.ps1 google_compute_region_instance_group_manager
 ./resource.ps1 google_compute_region_instance_template
 ./resource.ps1 google_compute_region_network_endpoint
-./resource.ps1 google_compute_region_network_endpoint_group
 ./resource.ps1 google_compute_region_network_firewall_policy
 ./resource.ps1 google_compute_region_network_firewall_policy_association
 ./resource.ps1 google_compute_region_network_firewall_policy_rule
@@ -262,13 +171,10 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_compute_region_resize_request
 ./resource.ps1 google_compute_region_security_policy
 ./resource.ps1 google_compute_region_security_policy_rule
-./resource.ps1 google_compute_region_target_http_proxy
-./resource.ps1 google_compute_region_target_https_proxy
-./resource.ps1 google_compute_region_target_tcp_proxy
-./resource.ps1 google_compute_region_url_map
 ./resource.ps1 google_compute_reservation
 ./resource.ps1 google_compute_resize_request
 ./resource.ps1 google_compute_resource_policy
+./resource.ps1 google_compute_resource_policy_attachment
 ./resource.ps1 google_compute_route
 ./resource.ps1 google_compute_router
 ./resource.ps1 google_compute_router_interface
@@ -281,28 +187,19 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_compute_shared_vpc_host_project
 ./resource.ps1 google_compute_shared_vpc_service_project
 ./resource.ps1 google_compute_snapshot
-./resource.ps1 google_compute_snapshot_iam_binding
-./resource.ps1 google_compute_snapshot_iam_member
-./resource.ps1 google_compute_snapshot_iam_policy
+./resource.ps1 google_compute_snapshot_settings
 ./resource.ps1 google_compute_ssl_certificate
 ./resource.ps1 google_compute_ssl_policy
-./resource.ps1 google_compute_subnetwork_iam_binding
-./resource.ps1 google_compute_subnetwork_iam_member
-./resource.ps1 google_compute_subnetwork_iam_policy
+./resource.ps1 google_compute_storage_pool
 ./resource.ps1 google_compute_target_grpc_proxy
-./resource.ps1 google_compute_target_http_proxy
-./resource.ps1 google_compute_target_https_proxy
 ./resource.ps1 google_compute_target_instance
 ./resource.ps1 google_compute_target_pool
 ./resource.ps1 google_compute_target_ssl_proxy
 ./resource.ps1 google_compute_target_tcp_proxy
-./resource.ps1 google_compute_url_map
 ./resource.ps1 google_compute_vpn_gateway
 ./resource.ps1 google_compute_vpn_tunnel
+./resource.ps1 google_compute_wire_group
 ./resource.ps1 google_container_analysis_note
-./resource.ps1 google_container_analysis_note_iam_binding
-./resource.ps1 google_container_analysis_note_iam_member
-./resource.ps1 google_container_analysis_note_iam_policy
 ./resource.ps1 google_container_analysis_occurrence
 ./resource.ps1 google_container_attached_cluster
 ./resource.ps1 google_container_aws_cluster
@@ -311,28 +208,7 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_container_azure_cluster
 ./resource.ps1 google_container_azure_node_pool
 ./resource.ps1 google_container_registry
-./resource.ps1 google_data_catalog_entry
-./resource.ps1 google_data_catalog_entry_group
-./resource.ps1 google_data_catalog_entry_group_iam_binding
-./resource.ps1 google_data_catalog_entry_group_iam_member
-./resource.ps1 google_data_catalog_entry_group_iam_policy
-./resource.ps1 google_data_catalog_policy_tag
-./resource.ps1 google_data_catalog_policy_tag_iam_binding
-./resource.ps1 google_data_catalog_policy_tag_iam_member
-./resource.ps1 google_data_catalog_policy_tag_iam_policy
-./resource.ps1 google_data_catalog_tag
-./resource.ps1 google_data_catalog_tag_template
-./resource.ps1 google_data_catalog_tag_template_iam_binding
-./resource.ps1 google_data_catalog_tag_template_iam_member
-./resource.ps1 google_data_catalog_tag_template_iam_policy
-./resource.ps1 google_data_catalog_taxonomy
-./resource.ps1 google_data_catalog_taxonomy_iam_binding
-./resource.ps1 google_data_catalog_taxonomy_iam_member
-./resource.ps1 google_data_catalog_taxonomy_iam_policy
 ./resource.ps1 google_data_fusion_instance
-./resource.ps1 google_data_fusion_instance_iam_binding
-./resource.ps1 google_data_fusion_instance_iam_member
-./resource.ps1 google_data_fusion_instance_iam_policy
 ./resource.ps1 google_data_loss_prevention_deidentify_template
 ./resource.ps1 google_data_loss_prevention_discovery_config
 ./resource.ps1 google_data_loss_prevention_inspect_template
@@ -343,123 +219,38 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_database_migration_service_migration_job
 ./resource.ps1 google_database_migration_service_private_connection
 ./resource.ps1 google_dataflow_flex_template_job
-./resource.ps1 google_dataflow_job
-./resource.ps1 google_dataform_repository
-./resource.ps1 google_dataform_repository_iam_binding
-./resource.ps1 google_dataform_repository_iam_member
-./resource.ps1 google_dataform_repository_iam_policy
-./resource.ps1 google_dataform_repository_release_config
-./resource.ps1 google_dataform_repository_workflow_config
-./resource.ps1 google_dataplex_aspect_type
-./resource.ps1 google_dataplex_aspect_type_iam_binding
-./resource.ps1 google_dataplex_aspect_type_iam_member
-./resource.ps1 google_dataplex_aspect_type_iam_policy
-./resource.ps1 google_dataplex_asset
-./resource.ps1 google_dataplex_asset_iam_binding
-./resource.ps1 google_dataplex_asset_iam_member
-./resource.ps1 google_dataplex_asset_iam_policy
-./resource.ps1 google_dataplex_datascan
-./resource.ps1 google_dataplex_datascan_iam_binding
-./resource.ps1 google_dataplex_datascan_iam_member
-./resource.ps1 google_dataplex_datascan_iam_policy
-./resource.ps1 google_dataplex_entry_group
-./resource.ps1 google_dataplex_entry_group_iam_binding
-./resource.ps1 google_dataplex_entry_group_iam_member
-./resource.ps1 google_dataplex_entry_group_iam_policy
-./resource.ps1 google_dataplex_entry_type
-./resource.ps1 google_dataplex_entry_type_iam_binding
-./resource.ps1 google_dataplex_entry_type_iam_member
-./resource.ps1 google_dataplex_entry_type_iam_policy
-./resource.ps1 google_dataplex_lake
-./resource.ps1 google_dataplex_lake_iam_binding
-./resource.ps1 google_dataplex_lake_iam_member
-./resource.ps1 google_dataplex_lake_iam_policy
-./resource.ps1 google_dataplex_task
-./resource.ps1 google_dataplex_task_iam_binding
-./resource.ps1 google_dataplex_task_iam_member
-./resource.ps1 google_dataplex_task_iam_policy
-./resource.ps1 google_dataplex_zone
-./resource.ps1 google_dataplex_zone_iam_binding
-./resource.ps1 google_dataplex_zone_iam_member
-./resource.ps1 google_dataplex_zone_iam_policy
-./resource.ps1 google_dataproc_autoscaling_policy
-./resource.ps1 google_dataproc_autoscaling_policy_iam_binding
-./resource.ps1 google_dataproc_autoscaling_policy_iam_member
-./resource.ps1 google_dataproc_autoscaling_policy_iam_policy
-./resource.ps1 google_dataproc_batch
-./resource.ps1 google_dataproc_cluster
-./resource.ps1 google_dataproc_cluster_iam_binding
-./resource.ps1 google_dataproc_cluster_iam_member
-./resource.ps1 google_dataproc_cluster_iam_policy
+./resource.ps1 google_dataplex_entry_link
 ./resource.ps1 google_dataproc_gdc_application_environment
 ./resource.ps1 google_dataproc_gdc_service_instance
 ./resource.ps1 google_dataproc_gdc_spark_application
-./resource.ps1 google_dataproc_job
-./resource.ps1 google_dataproc_job_iam_binding
-./resource.ps1 google_dataproc_job_iam_member
-./resource.ps1 google_dataproc_job_iam_policy
 ./resource.ps1 google_dataproc_metastore_federation
-./resource.ps1 google_dataproc_metastore_federation_iam_binding
-./resource.ps1 google_dataproc_metastore_federation_iam_member
-./resource.ps1 google_dataproc_metastore_federation_iam_policy
 ./resource.ps1 google_dataproc_metastore_service
-./resource.ps1 google_dataproc_metastore_service_iam_binding
-./resource.ps1 google_dataproc_metastore_service_iam_member
-./resource.ps1 google_dataproc_metastore_service_iam_policy
-./resource.ps1 google_dataproc_workflow_template
 ./resource.ps1 google_datastream_connection_profile
 ./resource.ps1 google_datastream_private_connection
 ./resource.ps1 google_datastream_stream
-./resource.ps1 google_deployment_manager_deployment
-./resource.ps1 google_developer_connect_connection
-./resource.ps1 google_developer_connect_git_repository_link
-./resource.ps1 google_dialogflow_agent
-./resource.ps1 google_dialogflow_cx_agent
-./resource.ps1 google_dialogflow_cx_entity_type
-./resource.ps1 google_dialogflow_cx_environment
-./resource.ps1 google_dialogflow_cx_flow
-./resource.ps1 google_dialogflow_cx_intent
-./resource.ps1 google_dialogflow_cx_page
-./resource.ps1 google_dialogflow_cx_security_settings
-./resource.ps1 google_dialogflow_cx_version
-./resource.ps1 google_dialogflow_cx_webhook
-./resource.ps1 google_dialogflow_entity_type
-./resource.ps1 google_dialogflow_fulfillment
-./resource.ps1 google_dialogflow_intent
+./resource.ps1 google_developer_connect_insights_config
+./resource.ps1 google_discovery_engine_acl_config
+./resource.ps1 google_discovery_engine_assistant
 ./resource.ps1 google_discovery_engine_chat_engine
+./resource.ps1 google_discovery_engine_cmek_config
+./resource.ps1 google_discovery_engine_control
+./resource.ps1 google_discovery_engine_data_connector
 ./resource.ps1 google_discovery_engine_data_store
+./resource.ps1 google_discovery_engine_license_config
+./resource.ps1 google_discovery_engine_recommendation_engine
 ./resource.ps1 google_discovery_engine_schema
 ./resource.ps1 google_discovery_engine_search_engine
+./resource.ps1 google_discovery_engine_sitemap
 ./resource.ps1 google_discovery_engine_target_site
-./resource.ps1 google_dns_managed_zone_iam_binding
-./resource.ps1 google_dns_managed_zone_iam_member
-./resource.ps1 google_dns_managed_zone_iam_policy
+./resource.ps1 google_discovery_engine_user_store
 ./resource.ps1 google_dns_response_policy
 ./resource.ps1 google_dns_response_policy_rule
 ./resource.ps1 google_document_ai_processor
 ./resource.ps1 google_document_ai_processor_default_version
 ./resource.ps1 google_document_ai_warehouse_document_schema
 ./resource.ps1 google_document_ai_warehouse_location
-./resource.ps1 google_edgecontainer_cluster
-./resource.ps1 google_edgecontainer_node_pool
-./resource.ps1 google_edgecontainer_vpn_connection
-./resource.ps1 google_edgenetwork_interconnect_attachment
-./resource.ps1 google_edgenetwork_network
-./resource.ps1 google_edgenetwork_subnet
 ./resource.ps1 google_endpoints_service
-./resource.ps1 google_endpoints_service_consumers_iam_binding
-./resource.ps1 google_endpoints_service_consumers_iam_member
-./resource.ps1 google_endpoints_service_consumers_iam_policy
-./resource.ps1 google_endpoints_service_iam_binding
-./resource.ps1 google_endpoints_service_iam_member
-./resource.ps1 google_endpoints_service_iam_policy
 ./resource.ps1 google_essential_contacts_contact
-./resource.ps1 google_eventarc_channel
-./resource.ps1 google_eventarc_google_api_source
-./resource.ps1 google_eventarc_google_channel_config
-./resource.ps1 google_eventarc_message_bus
-./resource.ps1 google_eventarc_pipeline
-./resource.ps1 google_eventarc_trigger
 ./resource.ps1 google_filestore_backup
 ./resource.ps1 google_filestore_instance
 ./resource.ps1 google_filestore_snapshot
@@ -471,6 +262,10 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_firebase_app_check_recaptcha_v3_config
 ./resource.ps1 google_firebase_app_check_service_config
 ./resource.ps1 google_firebase_app_hosting_backend
+./resource.ps1 google_firebase_app_hosting_build
+./resource.ps1 google_firebase_app_hosting_default_domain
+./resource.ps1 google_firebase_app_hosting_domain
+./resource.ps1 google_firebase_app_hosting_traffic
 ./resource.ps1 google_firebase_data_connect_service
 ./resource.ps1 google_firebase_extensions_instance
 ./resource.ps1 google_firebase_project_location
@@ -479,51 +274,24 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_firestore_document
 ./resource.ps1 google_firestore_field
 ./resource.ps1 google_firestore_index
+./resource.ps1 google_firestore_user_creds
 ./resource.ps1 google_folder
 ./resource.ps1 google_folder_access_approval_settings
 ./resource.ps1 google_folder_iam_audit_config
-./resource.ps1 google_folder_iam_binding
-./resource.ps1 google_folder_iam_member
-./resource.ps1 google_folder_iam_policy
 ./resource.ps1 google_folder_organization_policy
-./resource.ps1 google_gemini_code_repository_index
-./resource.ps1 google_gemini_data_sharing_with_google_setting
-./resource.ps1 google_gemini_data_sharing_with_google_setting_binding
-./resource.ps1 google_gemini_gemini_gcp_enablement_setting
-./resource.ps1 google_gemini_gemini_gcp_enablement_setting_binding
-./resource.ps1 google_gemini_logging_setting
-./resource.ps1 google_gemini_logging_setting_binding
-./resource.ps1 google_gemini_release_channel_setting
-./resource.ps1 google_gemini_release_channel_setting_binding
-./resource.ps1 google_gemini_repository_group
-./resource.ps1 google_gemini_repository_group_iam_binding
-./resource.ps1 google_gemini_repository_group_iam_member
-./resource.ps1 google_gemini_repository_group_iam_policy
+./resource.ps1 google_folder_service_identity
+./resource.ps1 google_gke_backup_backup_channel
 ./resource.ps1 google_gke_backup_backup_plan
-./resource.ps1 google_gke_backup_backup_plan_iam_binding
-./resource.ps1 google_gke_backup_backup_plan_iam_member
-./resource.ps1 google_gke_backup_backup_plan_iam_policy
+./resource.ps1 google_gke_backup_restore_channel
 ./resource.ps1 google_gke_backup_restore_plan
-./resource.ps1 google_gke_backup_restore_plan_iam_binding
-./resource.ps1 google_gke_backup_restore_plan_iam_member
-./resource.ps1 google_gke_backup_restore_plan_iam_policy
 ./resource.ps1 google_gke_hub_feature
-./resource.ps1 google_gke_hub_feature_iam_binding
-./resource.ps1 google_gke_hub_feature_iam_member
-./resource.ps1 google_gke_hub_feature_iam_policy
 ./resource.ps1 google_gke_hub_feature_membership
 ./resource.ps1 google_gke_hub_fleet
 ./resource.ps1 google_gke_hub_membership
 ./resource.ps1 google_gke_hub_membership_binding
-./resource.ps1 google_gke_hub_membership_iam_binding
-./resource.ps1 google_gke_hub_membership_iam_member
-./resource.ps1 google_gke_hub_membership_iam_policy
 ./resource.ps1 google_gke_hub_membership_rbac_role_binding
 ./resource.ps1 google_gke_hub_namespace
 ./resource.ps1 google_gke_hub_scope
-./resource.ps1 google_gke_hub_scope_iam_binding
-./resource.ps1 google_gke_hub_scope_iam_member
-./resource.ps1 google_gke_hub_scope_iam_policy
 ./resource.ps1 google_gke_hub_scope_rbac_role_binding
 ./resource.ps1 google_gkeonprem_bare_metal_admin_cluster
 ./resource.ps1 google_gkeonprem_bare_metal_cluster
@@ -532,25 +300,10 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_gkeonprem_vmware_cluster
 ./resource.ps1 google_gkeonprem_vmware_node_pool
 ./resource.ps1 google_healthcare_consent_store
-./resource.ps1 google_healthcare_consent_store_iam_binding
-./resource.ps1 google_healthcare_consent_store_iam_member
-./resource.ps1 google_healthcare_consent_store_iam_policy
 ./resource.ps1 google_healthcare_dataset
-./resource.ps1 google_healthcare_dataset_iam_binding
-./resource.ps1 google_healthcare_dataset_iam_member
-./resource.ps1 google_healthcare_dataset_iam_policy
 ./resource.ps1 google_healthcare_dicom_store
-./resource.ps1 google_healthcare_dicom_store_iam_binding
-./resource.ps1 google_healthcare_dicom_store_iam_member
-./resource.ps1 google_healthcare_dicom_store_iam_policy
 ./resource.ps1 google_healthcare_fhir_store
-./resource.ps1 google_healthcare_fhir_store_iam_binding
-./resource.ps1 google_healthcare_fhir_store_iam_member
-./resource.ps1 google_healthcare_fhir_store_iam_policy
 ./resource.ps1 google_healthcare_hl7_v2_store
-./resource.ps1 google_healthcare_hl7_v2_store_iam_binding
-./resource.ps1 google_healthcare_hl7_v2_store_iam_member
-./resource.ps1 google_healthcare_hl7_v2_store_iam_policy
 ./resource.ps1 google_healthcare_pipeline_job
 ./resource.ps1 google_healthcare_workspace
 ./resource.ps1 google_iam_access_boundary_policy
@@ -561,44 +314,9 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_iam_organizations_policy_binding
 ./resource.ps1 google_iam_principal_access_boundary_policy
 ./resource.ps1 google_iam_projects_policy_binding
-./resource.ps1 google_iam_workforce_pool
-./resource.ps1 google_iam_workforce_pool_provider
-./resource.ps1 google_iam_workload_identity_pool
-./resource.ps1 google_iam_workload_identity_pool_provider
-./resource.ps1 google_iap_app_engine_service_iam_binding
-./resource.ps1 google_iap_app_engine_service_iam_member
-./resource.ps1 google_iap_app_engine_service_iam_policy
-./resource.ps1 google_iap_app_engine_version_iam_binding
-./resource.ps1 google_iap_app_engine_version_iam_member
-./resource.ps1 google_iap_app_engine_version_iam_policy
-./resource.ps1 google_iap_brand
-./resource.ps1 google_iap_client
-./resource.ps1 google_iap_settings
-./resource.ps1 google_iap_tunnel_dest_group
-./resource.ps1 google_iap_tunnel_dest_group_iam_binding
-./resource.ps1 google_iap_tunnel_dest_group_iam_member
-./resource.ps1 google_iap_tunnel_dest_group_iam_policy
-./resource.ps1 google_iap_tunnel_iam_binding
-./resource.ps1 google_iap_tunnel_iam_member
-./resource.ps1 google_iap_tunnel_iam_policy
-./resource.ps1 google_iap_tunnel_instance_iam_binding
-./resource.ps1 google_iap_tunnel_instance_iam_member
-./resource.ps1 google_iap_tunnel_instance_iam_policy
-./resource.ps1 google_iap_web_backend_service_iam_binding
-./resource.ps1 google_iap_web_backend_service_iam_member
-./resource.ps1 google_iap_web_backend_service_iam_policy
-./resource.ps1 google_iap_web_iam_binding
-./resource.ps1 google_iap_web_iam_member
-./resource.ps1 google_iap_web_iam_policy
-./resource.ps1 google_iap_web_region_backend_service_iam_binding
-./resource.ps1 google_iap_web_region_backend_service_iam_member
-./resource.ps1 google_iap_web_region_backend_service_iam_policy
-./resource.ps1 google_iap_web_type_app_engine_iam_binding
-./resource.ps1 google_iap_web_type_app_engine_iam_member
-./resource.ps1 google_iap_web_type_app_engine_iam_policy
-./resource.ps1 google_iap_web_type_compute_iam_binding
-./resource.ps1 google_iap_web_type_compute_iam_member
-./resource.ps1 google_iap_web_type_compute_iam_policy
+./resource.ps1 google_iam_workforce_pool_provider_scim_tenant
+./resource.ps1 google_iam_workload_identity_pool_managed_identity
+./resource.ps1 google_iam_workload_identity_pool_namespace
 ./resource.ps1 google_identity_platform_config
 ./resource.ps1 google_identity_platform_default_supported_idp_config
 ./resource.ps1 google_identity_platform_inbound_saml_config
@@ -613,62 +331,25 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_integrations_auth_config
 ./resource.ps1 google_integrations_client
 ./resource.ps1 google_kms_autokey_config
-./resource.ps1 google_kms_crypto_key_version
 ./resource.ps1 google_kms_ekm_connection
-./resource.ps1 google_kms_ekm_connection_iam_binding
-./resource.ps1 google_kms_ekm_connection_iam_member
-./resource.ps1 google_kms_ekm_connection_iam_policy
-./resource.ps1 google_kms_key_handle
-./resource.ps1 google_kms_key_ring_iam_binding
-./resource.ps1 google_kms_key_ring_iam_member
-./resource.ps1 google_kms_key_ring_iam_policy
-./resource.ps1 google_kms_key_ring_import_job
-./resource.ps1 google_kms_secret_ciphertext
+./resource.ps1 google_kms_folder_kaj_policy_config
+./resource.ps1 google_kms_organization_kaj_policy_config
+./resource.ps1 google_kms_project_kaj_policy_config
 ./resource.ps1 google_logging_billing_account_bucket_config
-./resource.ps1 google_logging_billing_account_exclusion
-./resource.ps1 google_logging_billing_account_sink
 ./resource.ps1 google_logging_folder_bucket_config
-./resource.ps1 google_logging_folder_exclusion
-./resource.ps1 google_logging_folder_settings
-./resource.ps1 google_logging_folder_sink
-./resource.ps1 google_logging_linked_dataset
-./resource.ps1 google_logging_log_scope
-./resource.ps1 google_logging_log_view
-./resource.ps1 google_logging_log_view_iam_binding
-./resource.ps1 google_logging_log_view_iam_member
-./resource.ps1 google_logging_log_view_iam_policy
-./resource.ps1 google_logging_metric
 ./resource.ps1 google_logging_organization_bucket_config
-./resource.ps1 google_logging_organization_exclusion
-./resource.ps1 google_logging_organization_settings
-./resource.ps1 google_logging_organization_sink
 ./resource.ps1 google_logging_project_bucket_config
-./resource.ps1 google_logging_project_exclusion
-./resource.ps1 google_logging_project_sink
 ./resource.ps1 google_looker_instance
-./resource.ps1 google_managed_kafka_cluster
-./resource.ps1 google_managed_kafka_connect_cluster
-./resource.ps1 google_managed_kafka_connector
-./resource.ps1 google_managed_kafka_topic
-./resource.ps1 google_memcache_instance
-./resource.ps1 google_memorystore_instance
+./resource.ps1 google_lustre_instance
+./resource.ps1 google_memorystore_instance_desired_user_created_endpoints
 ./resource.ps1 google_migration_center_group
 ./resource.ps1 google_migration_center_preference_set
 ./resource.ps1 google_ml_engine_model
-./resource.ps1 google_monitoring_alert_policy
-./resource.ps1 google_monitoring_custom_service
-./resource.ps1 google_monitoring_dashboard
-./resource.ps1 google_monitoring_group
-./resource.ps1 google_monitoring_metric_descriptor
-./resource.ps1 google_monitoring_monitored_project
-./resource.ps1 google_monitoring_notification_channel
-./resource.ps1 google_monitoring_service
-./resource.ps1 google_monitoring_slo
-./resource.ps1 google_monitoring_uptime_check_config
 ./resource.ps1 google_netapp_active_directory
 ./resource.ps1 google_netapp_backup
 ./resource.ps1 google_netapp_backup_policy
 ./resource.ps1 google_netapp_backup_vault
+./resource.ps1 google_netapp_host_group
 ./resource.ps1 google_netapp_kmsconfig
 ./resource.ps1 google_netapp_storage_pool
 ./resource.ps1 google_netapp_volume
@@ -682,15 +363,14 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_network_connectivity_regional_endpoint
 ./resource.ps1 google_network_connectivity_service_connection_policy
 ./resource.ps1 google_network_connectivity_spoke
+./resource.ps1 google_network_management_organization_vpc_flow_logs_config
 ./resource.ps1 google_network_management_vpc_flow_logs_config
 ./resource.ps1 google_network_security_address_group
-./resource.ps1 google_network_security_address_group_iam_binding
-./resource.ps1 google_network_security_address_group_iam_member
-./resource.ps1 google_network_security_address_group_iam_policy
 ./resource.ps1 google_network_security_authorization_policy
 ./resource.ps1 google_network_security_authz_policy
 ./resource.ps1 google_network_security_backend_authentication_config
 ./resource.ps1 google_network_security_client_tls_policy
+./resource.ps1 google_network_security_dns_threat_detector
 ./resource.ps1 google_network_security_firewall_endpoint
 ./resource.ps1 google_network_security_firewall_endpoint_association
 ./resource.ps1 google_network_security_gateway_security_policy
@@ -701,6 +381,7 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_network_security_intercept_endpoint_group_association
 ./resource.ps1 google_network_security_mirroring_deployment
 ./resource.ps1 google_network_security_mirroring_deployment_group
+./resource.ps1 google_network_security_mirroring_endpoint
 ./resource.ps1 google_network_security_mirroring_endpoint_group
 ./resource.ps1 google_network_security_mirroring_endpoint_group_association
 ./resource.ps1 google_network_security_security_profile
@@ -719,76 +400,42 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_network_services_lb_route_extension
 ./resource.ps1 google_network_services_lb_traffic_extension
 ./resource.ps1 google_network_services_mesh
+./resource.ps1 google_network_services_multicast_domain
 ./resource.ps1 google_network_services_service_binding
 ./resource.ps1 google_network_services_service_lb_policies
 ./resource.ps1 google_network_services_tcp_route
 ./resource.ps1 google_network_services_tls_route
-./resource.ps1 google_notebooks_environment
-./resource.ps1 google_notebooks_instance
-./resource.ps1 google_notebooks_instance_iam_binding
-./resource.ps1 google_notebooks_instance_iam_member
-./resource.ps1 google_notebooks_instance_iam_policy
-./resource.ps1 google_notebooks_runtime
-./resource.ps1 google_notebooks_runtime_iam_binding
-./resource.ps1 google_notebooks_runtime_iam_member
-./resource.ps1 google_notebooks_runtime_iam_policy
+./resource.ps1 google_network_services_wasm_plugin
+./resource.ps1 google_observability_trace_scope
 ./resource.ps1 google_oracle_database_autonomous_database
 ./resource.ps1 google_oracle_database_cloud_exadata_infrastructure
 ./resource.ps1 google_oracle_database_cloud_vm_cluster
+./resource.ps1 google_oracle_database_db_system
+./resource.ps1 google_oracle_database_exascale_db_storage_vault
+./resource.ps1 google_oracle_database_odb_network
+./resource.ps1 google_oracle_database_odb_subnet
 ./resource.ps1 google_org_policy_custom_constraint
 ./resource.ps1 google_org_policy_policy
 ./resource.ps1 google_organization_access_approval_settings
 ./resource.ps1 google_organization_iam_audit_config
-./resource.ps1 google_organization_iam_binding
 ./resource.ps1 google_organization_iam_custom_role
-./resource.ps1 google_organization_iam_member
-./resource.ps1 google_organization_iam_policy
 ./resource.ps1 google_organization_policy
-./resource.ps1 google_os_config_guest_policies
-./resource.ps1 google_os_config_os_policy_assignment
-./resource.ps1 google_os_config_patch_deployment
 ./resource.ps1 google_os_login_ssh_public_key
-./resource.ps1 google_parallelstore_instance
 ./resource.ps1 google_parameter_manager_parameter
 ./resource.ps1 google_parameter_manager_parameter_version
 ./resource.ps1 google_parameter_manager_regional_parameter
 ./resource.ps1 google_parameter_manager_regional_parameter_version
-./resource.ps1 google_privateca_ca_pool
-./resource.ps1 google_privateca_ca_pool_iam_binding
-./resource.ps1 google_privateca_ca_pool_iam_member
-./resource.ps1 google_privateca_ca_pool_iam_policy
-./resource.ps1 google_privateca_certificate
-./resource.ps1 google_privateca_certificate_authority
-./resource.ps1 google_privateca_certificate_template
-./resource.ps1 google_privateca_certificate_template_iam_binding
-./resource.ps1 google_privateca_certificate_template_iam_member
-./resource.ps1 google_privateca_certificate_template_iam_policy
-./resource.ps1 google_privileged_access_manager_entitlement
-./resource.ps1 google_project
-./resource.ps1 google_project_access_approval_settings
-./resource.ps1 google_project_default_service_accounts
-./resource.ps1 google_project_iam_audit_config
-./resource.ps1 google_project_iam_member_remove
-./resource.ps1 google_project_iam_policy
-./resource.ps1 google_project_organization_policy
-./resource.ps1 google_project_services
-./resource.ps1 google_project_usage_export_bucket
+./resource.ps1 google_privileged_access_manager_settings
 ./resource.ps1 google_public_ca_external_account_key
-./resource.ps1 google_pubsub_schema_iam_binding
-./resource.ps1 google_pubsub_schema_iam_member
-./resource.ps1 google_pubsub_schema_iam_policy
-./resource.ps1 google_pubsub_subscription_iam_binding
-./resource.ps1 google_pubsub_subscription_iam_member
-./resource.ps1 google_pubsub_subscription_iam_policy
 ./resource.ps1 google_recaptcha_enterprise_key
-./resource.ps1 google_redis_cluster
-./resource.ps1 google_redis_cluster_user_created_connections
+./resource.ps1 google_resource_manager_capability
 ./resource.ps1 google_resource_manager_lien
-./resource.ps1 google_runtimeconfig_config
-./resource.ps1 google_runtimeconfig_config_iam_binding
-./resource.ps1 google_runtimeconfig_config_iam_member
-./resource.ps1 google_runtimeconfig_config_iam_policy
-./resource.ps1 google_runtimeconfig_variable
+./resource.ps1 google_saas_runtime_release
+./resource.ps1 google_saas_runtime_rollout_kind
+./resource.ps1 google_saas_runtime_saas
+./resource.ps1 google_saas_runtime_tenant
+./resource.ps1 google_saas_runtime_unit
+./resource.ps1 google_saas_runtime_unit_kind
 ./resource.ps1 google_scc_event_threat_detection_custom_module
 ./resource.ps1 google_scc_folder_custom_module
 ./resource.ps1 google_scc_folder_notification_config
@@ -805,9 +452,6 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_scc_project_notification_config
 ./resource.ps1 google_scc_project_scc_big_query_export
 ./resource.ps1 google_scc_source
-./resource.ps1 google_scc_source_iam_binding
-./resource.ps1 google_scc_source_iam_member
-./resource.ps1 google_scc_source_iam_policy
 ./resource.ps1 google_scc_v2_folder_mute_config
 ./resource.ps1 google_scc_v2_folder_notification_config
 ./resource.ps1 google_scc_v2_folder_scc_big_query_export
@@ -815,195 +459,27 @@ Datasource percentage coverage 69.43
 ./resource.ps1 google_scc_v2_organization_notification_config
 ./resource.ps1 google_scc_v2_organization_scc_big_query_export
 ./resource.ps1 google_scc_v2_organization_scc_big_query_exports
-./resource.ps1 google_scc_v2_organization_source_iam_binding
-./resource.ps1 google_scc_v2_organization_source_iam_member
-./resource.ps1 google_scc_v2_organization_source_iam_policy
 ./resource.ps1 google_scc_v2_project_mute_config
 ./resource.ps1 google_scc_v2_project_notification_config
 ./resource.ps1 google_scc_v2_project_scc_big_query_export
-./resource.ps1 google_secret_manager_regional_secret
-./resource.ps1 google_secret_manager_regional_secret_iam_binding
-./resource.ps1 google_secret_manager_regional_secret_iam_member
-./resource.ps1 google_secret_manager_regional_secret_iam_policy
-./resource.ps1 google_secret_manager_regional_secret_version
-./resource.ps1 google_secure_source_manager_branch_rule
-./resource.ps1 google_secure_source_manager_instance
-./resource.ps1 google_secure_source_manager_instance_iam_binding
-./resource.ps1 google_secure_source_manager_instance_iam_member
-./resource.ps1 google_secure_source_manager_instance_iam_policy
-./resource.ps1 google_secure_source_manager_repository
-./resource.ps1 google_secure_source_manager_repository_iam_binding
-./resource.ps1 google_secure_source_manager_repository_iam_member
-./resource.ps1 google_secure_source_manager_repository_iam_policy
+./resource.ps1 google_secure_source_manager_hook
 ./resource.ps1 google_security_scanner_scan_config
 ./resource.ps1 google_securityposture_posture
 ./resource.ps1 google_service_networking_peered_dns_domain
 ./resource.ps1 google_service_networking_vpc_service_controls
 ./resource.ps1 google_service_usage_consumer_quota_override
-./resource.ps1 google_site_verification_owner
-./resource.ps1 google_site_verification_web_resource
-./resource.ps1 google_sourcerepo_repository_iam_binding
-./resource.ps1 google_sourcerepo_repository_iam_member
-./resource.ps1 google_sourcerepo_repository_iam_policy
-./resource.ps1 google_spanner_backup_schedule
-./resource.ps1 google_spanner_instance_config
-./resource.ps1 google_spanner_instance_partition
 ./resource.ps1 google_sql_source_representation_instance
-./resource.ps1 google_sql_ssl_cert
 ./resource.ps1 google_storage_anywhere_cache
+./resource.ps1 google_storage_batch_operations_job
 ./resource.ps1 google_storage_folder
+./resource.ps1 google_storage_insights_dataset_config
 ./resource.ps1 google_storage_managed_folder
-./resource.ps1 google_storage_managed_folder_iam_binding
-./resource.ps1 google_storage_managed_folder_iam_member
-./resource.ps1 google_storage_managed_folder_iam_policy
 ./resource.ps1 google_storage_notification
 ./resource.ps1 google_storage_object_acl
 ./resource.ps1 google_storage_transfer_agent_pool
 ./resource.ps1 google_storage_transfer_job
-./resource.ps1 google_tags_location_tag_binding
-./resource.ps1 google_tags_tag_binding
-./resource.ps1 google_tags_tag_key
-./resource.ps1 google_tags_tag_key_iam_binding
-./resource.ps1 google_tags_tag_key_iam_member
-./resource.ps1 google_tags_tag_key_iam_policy
-./resource.ps1 google_tags_tag_value
-./resource.ps1 google_tags_tag_value_iam_binding
-./resource.ps1 google_tags_tag_value_iam_member
-./resource.ps1 google_tags_tag_value_iam_policy
-./resource.ps1 google_tpu_node
-./resource.ps1 google_tpu_v2_queued_resource
-./resource.ps1 google_tpu_v2_vm
-./resource.ps1 google_transcoder_job
-./resource.ps1 google_transcoder_job_template
-./resource.ps1 google_vertex_ai_deployment_resource_pool
-./resource.ps1 google_vertex_ai_index_endpoint_deployed_index
-./resource.ps1 google_vmwareengine_cluster
-./resource.ps1 google_vmwareengine_external_access_rule
-./resource.ps1 google_vmwareengine_external_address
-./resource.ps1 google_vmwareengine_network
-./resource.ps1 google_vmwareengine_network_peering
-./resource.ps1 google_vmwareengine_network_policy
-./resource.ps1 google_vmwareengine_private_cloud
-./resource.ps1 google_vmwareengine_subnet
-./resource.ps1 google_vpc_access_connector
-./resource.ps1 google_workbench_instance
-./resource.ps1 google_workbench_instance_iam_binding
-./resource.ps1 google_workbench_instance_iam_member
-./resource.ps1 google_workbench_instance_iam_policy
-./resource.ps1 google_workflows_workflow
-./resource.ps1 google_workstations_workstation
-./resource.ps1 google_workstations_workstation_cluster
-./resource.ps1 google_workstations_workstation_config
-./resource.ps1 google_workstations_workstation_config_iam_binding
-./resource.ps1 google_workstations_workstation_config_iam_member
-./resource.ps1 google_workstations_workstation_config_iam_policy
-./resource.ps1 google_workstations_workstation_iam_binding
-./resource.ps1 google_workstations_workstation_iam_member
-./resource.ps1 google_workstations_workstation_iam_policy
-./resource.ps1 google_access_context_manager_access_policy -type data
-./resource.ps1 google_alloydb_cluster -type data
-./resource.ps1 google_alloydb_instance -type data
-./resource.ps1 google_apphub_application -type data
-./resource.ps1 google_apphub_discovered_service -type data
-./resource.ps1 google_apphub_discovered_workload -type data
-./resource.ps1 google_artifact_registry_docker_image -type data
-./resource.ps1 google_artifact_registry_locations -type data
-./resource.ps1 google_backup_dr_backup -type data
-./resource.ps1 google_backup_dr_backup_plan_association -type data
-./resource.ps1 google_backup_dr_backup_vault -type data
-./resource.ps1 google_backup_dr_data_source -type data
-./resource.ps1 google_beyondcorp_application_iam_policy -type data
-./resource.ps1 google_beyondcorp_security_gateway_iam_policy -type data
-./resource.ps1 google_bigquery_tables -type data
-./resource.ps1 google_certificate_manager_certificates -type data
-./resource.ps1 google_cloud_identity_group_transitive_memberships -type data
-./resource.ps1 google_cloud_quotas_quota_info -type data
-./resource.ps1 google_cloud_quotas_quota_infos -type data
-./resource.ps1 google_clouddeploy_custom_target_type_iam_policy -type data
-./resource.ps1 google_clouddeploy_delivery_pipeline_iam_policy -type data
-./resource.ps1 google_clouddeploy_target_iam_policy -type data
-./resource.ps1 google_colab_runtime_template_iam_policy -type data
-./resource.ps1 google_composer_user_workloads_config_map -type data
-./resource.ps1 google_composer_user_workloads_secret -type data
-./resource.ps1 google_compute_forwarding_rules -type data
-./resource.ps1 google_compute_images -type data
-./resource.ps1 google_compute_instance_guest_attributes -type data
-./resource.ps1 google_compute_instance_template_iam_policy -type data
-./resource.ps1 google_compute_instant_snapshot_iam_policy -type data
-./resource.ps1 google_compute_machine_types -type data
-./resource.ps1 google_compute_region_instance_group_manager -type data
-./resource.ps1 google_compute_security_policy -type data
-./resource.ps1 google_compute_subnetworks -type data
-./resource.ps1 google_container_attached_install_manifest -type data
-./resource.ps1 google_container_aws_versions -type data
-./resource.ps1 google_container_azure_versions -type data
-./resource.ps1 google_dataplex_aspect_type_iam_policy -type data
-./resource.ps1 google_dataplex_entry_group_iam_policy -type data
-./resource.ps1 google_dataplex_entry_type_iam_policy -type data
-./resource.ps1 google_dns_managed_zones -type data
-./resource.ps1 google_firebase_web_app_config -type data
-./resource.ps1 google_folder -type data
-./resource.ps1 google_folder_iam_policy -type data
-./resource.ps1 google_folders -type data
-./resource.ps1 google_gemini_repository_group_iam_policy -type data
-./resource.ps1 google_iap_tunnel_dest_group_iam_policy -type data
-./resource.ps1 google_kms_autokey_config -type data
-./resource.ps1 google_kms_crypto_key_latest_version -type data
-./resource.ps1 google_kms_crypto_key_versions -type data
-./resource.ps1 google_kms_crypto_keys -type data
-./resource.ps1 google_kms_ekm_connection_iam_policy -type data
-./resource.ps1 google_kms_key_handle -type data
-./resource.ps1 google_kms_key_handles -type data
-./resource.ps1 google_kms_key_rings -type data
-./resource.ps1 google_logging_log_view_iam_policy -type data
-./resource.ps1 google_memorystore_instance -type data
-./resource.ps1 google_oracle_database_autonomous_database -type data
-./resource.ps1 google_oracle_database_autonomous_databases -type data
-./resource.ps1 google_oracle_database_cloud_exadata_infrastructure -type data
-./resource.ps1 google_oracle_database_cloud_exadata_infrastructures -type data
-./resource.ps1 google_oracle_database_cloud_vm_cluster -type data
-./resource.ps1 google_oracle_database_cloud_vm_clusters -type data
-./resource.ps1 google_oracle_database_db_nodes -type data
-./resource.ps1 google_oracle_database_db_servers -type data
-./resource.ps1 google_organization_iam_policy -type data
-./resource.ps1 google_organizations -type data
-./resource.ps1 google_parameter_manager_parameter -type data
-./resource.ps1 google_parameter_manager_parameter_version -type data
-./resource.ps1 google_parameter_manager_parameter_version_render -type data
-./resource.ps1 google_parameter_manager_parameters -type data
-./resource.ps1 google_parameter_manager_regional_parameter -type data
-./resource.ps1 google_parameter_manager_regional_parameter_version -type data
-./resource.ps1 google_parameter_manager_regional_parameter_version_render -type data
-./resource.ps1 google_parameter_manager_regional_parameters -type data
-./resource.ps1 google_privateca_ca_pool_iam_policy -type data
-./resource.ps1 google_privateca_certificate_authority -type data
-./resource.ps1 google_privateca_certificate_template_iam_policy -type data
-./resource.ps1 google_privileged_access_manager_entitlement -type data
-./resource.ps1 google_project_ancestry -type data
-./resource.ps1 google_project_iam_custom_role -type data
-./resource.ps1 google_project_iam_custom_roles -type data
-./resource.ps1 google_project_iam_policy -type data
-./resource.ps1 google_project_organization_policy -type data
-./resource.ps1 google_pubsub_schema_iam_policy -type data
-./resource.ps1 google_runtimeconfig_config -type data
-./resource.ps1 google_runtimeconfig_config_iam_policy -type data
-./resource.ps1 google_runtimeconfig_variable -type data
-./resource.ps1 google_scc_source_iam_policy -type data
-./resource.ps1 google_scc_v2_organization_source_iam_policy -type data
-./resource.ps1 google_secret_manager_regional_secret -type data
-./resource.ps1 google_secret_manager_regional_secret_iam_policy -type data
-./resource.ps1 google_secret_manager_regional_secret_version -type data
-./resource.ps1 google_secret_manager_regional_secret_version_access -type data
-./resource.ps1 google_secret_manager_regional_secrets -type data
-./resource.ps1 google_secure_source_manager_instance_iam_policy -type data
-./resource.ps1 google_secure_source_manager_repository_iam_policy -type data
-./resource.ps1 google_service_accounts -type data
-./resource.ps1 google_site_verification_token -type data
-./resource.ps1 google_spanner_database -type data
-./resource.ps1 google_storage_bucket_objects -type data
-./resource.ps1 google_storage_buckets -type data
-./resource.ps1 google_tags_tag_key_iam_policy -type data
-./resource.ps1 google_tags_tag_keys -type data
-./resource.ps1 google_tags_tag_value -type data
-./resource.ps1 google_tags_tag_value_iam_policy -type data
-./resource.ps1 google_tags_tag_values -type data
+./resource.ps1 google_artifact_registry_python_packages -type data
+./resource.ps1 google_cloud_identity_policy -type data
+./resource.ps1 google_compute_reservation_block -type data
+./resource.ps1 google_compute_reservation_sub_block -type data
+```
diff --git a/src/credentials_internal_test.go b/src/credentials_internal_test.go
new file mode 100644
index 00000000..ecd4e5bb
--- /dev/null
+++ b/src/credentials_internal_test.go
@@ -0,0 +1,37 @@
+package pike
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_emptyRegionError_Error(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+	}{
+		{"emptyRegionError", "region cannot be empty"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := emptyRegionError{}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_iamRoleEmptyError_Error(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+	}{
+		{"iamRoleEmptyError", "iamRole cannot be empty"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := iamRoleEmptyError{}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
diff --git a/src/data.go b/src/data.go
index 79721864..e3779a36 100644
--- a/src/data.go
+++ b/src/data.go
@@ -37,6 +37,11 @@ func GetResources(file string, dirName string) ([]ResourceV2, error) {
 		return Resources, err
 	}
 
+	moduleJson, err := GetModuleJson(filepath.Join(dirName, "/", ".terraform", "modules"))
+	if err != nil {
+		return Resources, err
+	}
+
 	for _, block := range temp.Blocks {
 		var resource ResourceV2
 		resource.TypeName = block.Type
@@ -50,14 +55,14 @@ func GetResources(file string, dirName string) ([]ResourceV2, error) {
 			}
 		case module:
 			{
-				LocalResources, err := GetLocalModules(block, dirName)
+				LocalResources, err := GetLocalModules(block, dirName, moduleJson)
 				if err == nil {
 					Resources = append(LocalResources, Resources...)
 				} else {
 					log.Info().Msg(err.Error())
 				}
 			}
-		case "output", "variable", "locals", "provider":
+		case "output", "variable", "locals", "provider", "import":
 			{
 				continue
 			}
@@ -106,6 +111,16 @@ func DetectBackend(resource ResourceV2, block *hclsyntax.Block, resources []Reso
 
 						return resources, nil
 					}
+
+					if terraform.Labels != nil && terraform.Labels[0] == "gcs" {
+						resource.Name = "backend"
+						resource.Provider = providerGCP
+						resource.Attributes = []string{"gcs"}
+						resources = append(resources, resource)
+
+						return resources, nil
+					}
+
 				}
 			}
 		}
@@ -137,7 +152,7 @@ func GetResourceBlocks(file string) (*hclsyntax.Body, error) {
 }
 
 // GetLocalModules return resource from a path.
-func GetLocalModules(block *hclsyntax.Block, dirName string) ([]ResourceV2, error) {
+func GetLocalModules(block *hclsyntax.Block, dirName string, listModulesJson ModuleJson) ([]ResourceV2, error) {
 	var Resources []ResourceV2
 
 	modulePath := GetModulePath(block)
@@ -147,9 +162,12 @@ func GetLocalModules(block *hclsyntax.Block, dirName string) ([]ResourceV2, erro
 		return nil, &gitReferenceError{modulePath}
 	}
 
+	// Module is coming from HCP Terraform Cloud
+	if strings.HasPrefix(modulePath, "app.terraform.io") {
+		modulePath = ReturnLocalAddrFromSource(modulePath, listModulesJson)
+	}
 	// have the path to the module
-	modulePath = filepath.Join(dirName, "/", modulePath)
-
+	modulePath = filepath.Join(dirName, modulePath)
 	// now process these extras
 	ExtraFiles, err := GetTF(modulePath)
 	if err != nil {
@@ -263,3 +281,7 @@ func GetPermission(result ResourceV2) (Sorted, error) {
 
 	return myPermission, err
 }
+
+func GetModuleJson(dir string) (ModuleJson, error) {
+	return ReadModuleJsonForDir(dir)
+}
diff --git a/src/data_internal_test.go b/src/data_internal_test.go
new file mode 100644
index 00000000..36c785cf
--- /dev/null
+++ b/src/data_internal_test.go
@@ -0,0 +1,22 @@
+package pike
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_fileStringEmptyError_Error(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+	}{
+		{"Invoke", "no file provided"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &fileStringEmptyError{}
+			assert.Equalf(t, tt.want, e.Error(), "Error()")
+		})
+	}
+}
diff --git a/src/data_test.go b/src/data_test.go
index 74d694e3..acbd64af 100644
--- a/src/data_test.go
+++ b/src/data_test.go
@@ -107,6 +107,7 @@ func Test_getLocalModules(t *testing.T) {
 	notLocal, _ := filepath.Abs("../testdata/modules/examples/notlocal")
 	notBlock := getInitialBlock(notLocal + "/module.local.tf")
 
+	moduleJson := make(pike.ModuleJson)
 	tests := []struct {
 		name    string
 		args    args
@@ -132,7 +133,7 @@ func Test_getLocalModules(t *testing.T) {
 	for _, tt := range tests {
 		// t.Parallel()
 		t.Run(tt.name, func(t *testing.T) {
-			got, err := pike.GetLocalModules(tt.args.block, tt.args.dirName)
+			got, err := pike.GetLocalModules(tt.args.block, tt.args.dirName, moduleJson)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("GetResources() error = %v, wantErr %v", err, tt.wantErr)
 
@@ -373,6 +374,7 @@ func TestGetPermission(t *testing.T) {
 				"compute.subnetworks.useExternalIp",
 				"compute.instances.setMetadata",
 				"compute.instances.delete",
+				"compute.instances.get",
 				"compute.instances.delete",
 			}},
 		},
diff --git a/src/error.go b/src/error.go
index dc4a2c95..32505bcb 100644
--- a/src/error.go
+++ b/src/error.go
@@ -183,7 +183,7 @@ type invalidARNError struct {
 }
 
 func (m *invalidARNError) Error() string {
-	return fmt.Sprintf("invalid ARN: %s", m.arn)
+	return fmt.Sprintf("invalid role or ARN: %s", m.arn)
 }
 
 type awsConfigError struct {
diff --git a/src/error_test.go b/src/error_test.go
index e1ccfed7..b02dc7e9 100644
--- a/src/error_test.go
+++ b/src/error_test.go
@@ -708,7 +708,7 @@ func TestARNErrors(t *testing.T) {
 
 		err := &invalidARNError{arn: "invalid:arn"}
 
-		expected := "invalid ARN: invalid:arn"
+		expected := "invalid role or ARN: invalid:arn"
 
 		if err.Error() != expected {
 			t.Errorf("expected %q, got %q", expected, err.Error())
diff --git a/src/files_aws.go b/src/files_aws.go
index 9e01ffd9..6544f1a6 100644
--- a/src/files_aws.go
+++ b/src/files_aws.go
@@ -822,3 +822,87 @@ var awsRoute53RecordsExclusive []byte
 
 //go:embed mapping/aws/resource/athena/aws_athena_capacity_reservation.json
 var awsAthenaCapacityReservation []byte
+
+//go:embed mapping/aws/resource/redshift/aws_redshift_integration.json
+var awsRedshiftIntegration []byte
+
+//go:embed mapping/aws/resource/backup/aws_backup_restore_testing_plan.json
+var awsBackupRestoreTestingPlan []byte
+
+//go:embed mapping/aws/resource/ec2/aws_ec2_default_credit_specification.json
+var awsEc2DefaultCreditSpecification []byte
+
+//go:embed mapping/aws/resource/bedrock/aws_bedrockagent_prompt.json
+var awsBedrockagentPrompt []byte
+
+//go:embed mapping/aws/resource/cloudfront-keyvaluestore/aws_cloudfrontkeyvaluestore_keys_exclusive.json
+var awsCloudfrontkeyvaluestoreKeysExclusive []byte
+
+//go:embed mapping/aws/resource/dataexchange/aws_dataexchange_revision_assets.json
+var awsDataexchangeRevisionAssets []byte
+
+//go:embed mapping/aws/resource/inspector2/aws_inspector2_filter.json
+var awsInspector2Filter []byte
+
+//go:embed mapping/aws/resource/wafv2/aws_wafv2_api_key.json
+var awsWafv2ApiKey []byte
+
+//go:embed mapping/aws/resource/notifications/aws_notifications_channel_association.json
+var awsNotificationsChannelAssociation []byte
+
+//go:embed mapping/aws/resource/notifications/aws_notifications_event_rule.json
+var awsNotificationsEventRule []byte
+
+//go:embed mapping/aws/resource/notifications/aws_notifications_notification_configuration.json
+var awsNotificationsNotificationConfiguration []byte
+
+//go:embed mapping/aws/resource/notifications/aws_notifications_notification_hub.json
+var awsNotificationsNotificationHub []byte
+
+//go:embed mapping/aws/resource/notifications-contacts/aws_notificationscontacts_email_contact.json
+var awsNotificationscontactsEmailContact []byte
+
+//go:embed mapping/aws/resource/quicksight/aws_quicksight_account_settings.json
+var awsQuicksightAccountSettings []byte
+
+//go:embed mapping/aws/resource/workspaces-web/aws_workspacesweb_browser_settings.json
+var awsWorkspaceswebBrowserSettings []byte
+
+//go:embed mapping/aws/resource/workspaces-web/aws_workspacesweb_network_settings.json
+var awsWorkspaceswebNetworkSettings []byte
+
+//go:embed mapping/aws/resource/workspaces-web/aws_workspacesweb_user_settings.json
+var awsWorkspaceswebUserSettings []byte
+
+//go:embed mapping/aws/resource/dsql/aws_dsql_cluster.json
+var awsDsqlCluster []byte
+
+//go:embed mapping/aws/resource/dsql/aws_dsql_cluster_peering.json
+var awsDsqlClusterPeering []byte
+
+//go:embed mapping/aws/resource/lightsail/aws_lightsail_bucket_access_key_access_key.json
+var awsLightsailBucketAccessKey []byte
+
+//go:embed mapping/aws/resource/aps/aws_prometheus_workspace_configuration.json
+var awsPrometheusWorkspaceConfiguration []byte
+
+//go:embed mapping/aws/resource/s3control/aws_s3control_directory_bucket_access_point_scope.json
+var awsS3controlDirectoryBucketAccessPointScope []byte
+
+//go:embed mapping/aws/resource/ec2/aws_vpc_route_server.json
+var awsVpcRouteServer []byte
+
+//go:embed mapping/aws/resource/ec2/aws_vpc_route_server_propagation.json
+var awsVpcRouteServerPropagation []byte
+
+//go:embed mapping/aws/resource/ec2/aws_vpc_route_server_vpc_association.json
+var awsVpcRouteServerVpcAssociation []byte
+
+//go:embed mapping/aws/resource/workspaces-web/aws_workspacesweb_data_protection_settings.json
+var awsWorkspaceswebDataProtectionSettings []byte
+
+//go:embed mapping/aws/resource/workspaces-web/aws_workspacesweb_ip_access_settings.json
+var awsWorkspaceswebIpAccessSettings []byte
+
+//go:embed mapping/aws/resource/workspaces-web/aws_workspacesweb_user_access_logging_settings.json
+var awsWorkspaceswebUserAccessLoggingSettings []byte
diff --git a/src/files_datasource.go b/src/files_datasource.go
index 0bfdc38a..fc15840f 100644
--- a/src/files_datasource.go
+++ b/src/files_datasource.go
@@ -1569,3 +1569,138 @@ var dataAwsIdentitystoreGroupMembership []byte
 
 //go:embed  mapping/aws/data/identitystore/aws_identitystore_user.json
 var dataAwsIdentitystoreGroupUsers []byte
+
+//go:embed  mapping/aws/data/ec2/aws_vpc_endpoint_associations.json
+var dataAwsVpcEndpointAssociations []byte
+
+//go:embed  mapping/aws/data/fis/aws_fis_experiment_templates.json
+var dataAwsFisExperimentTemplates []byte
+
+//go:embed  mapping/aws/data/kms/aws_kms_public_key.json
+var dataAwsKmsPublicKey []byte
+
+//go:embed  mapping/aws/data/lambda/aws_lambda_function_url.json
+var dataAwsLambdaFunctionUrl []byte
+
+//go:embed  mapping/aws/data/lambda/aws_lambda_functions.json
+var dataAwsLambdaFunctions []byte
+
+//go:embed  mapping/aws/data/lambda/aws_lambda_layer_version.json
+var dataAwsLambdaLayerVersion []byte
+
+//go:embed  mapping/aws/data/ec2/aws_network_interface.json
+var dataAwsNetworkInterface []byte
+
+//go:embed  mapping/aws/data/waf/aws_waf_subscribed_rule_group.json
+var dataAwsWafSubscribedRuleGroup []byte
+
+//go:embed  mapping/aws/data/wafregional/aws_wafregional_subscribed_rule_group.json
+var dataAwsWafRegionalSubscribedRuleGroup []byte
+
+//go:embed  mapping/aws/data/elasticloadbalancing/aws_elb.json
+var dataAwsElb []byte
+
+//go:embed  mapping/aws/data/account/aws_account_primary_contact.json
+var dataAwsAccountPrimaryContact []byte
+
+//go:embed  mapping/aws/data/dynamodb/aws_dynamodb_tables.json
+var dataAwsDynamodbTables []byte
+
+//go:embed  mapping/aws/data/backend/s3.json
+var dataBackend []byte
+
+//go:embed  mapping/aws/data/ecr/aws_ecr_images.json
+var dataAwsEcrImages []byte
+
+//go:embed  mapping/aws/data/s3/aws_s3_access_point.json
+var dataAwsS3AccessPoint []byte
+
+//go:embed  mapping/aws/data/billing/aws_billing_views.json
+var dataAwsBillingViews []byte
+
+//go:embed  mapping/aws/data/mediaconvert/aws_media_convert_queue.json
+var dataAwsMediaConvertQueue []byte
+
+//go:embed  mapping/aws/data/memorydb/aws_memorydb_acl.json
+var dataAwsMemorydbAcl []byte
+
+//go:embed  mapping/aws/data/memorydb/aws_memorydb_cluster.json
+var dataAwsMemorydbCluster []byte
+
+//go:embed  mapping/aws/data/memorydb/aws_memorydb_parameter_group.json
+var dataAwsMemorydbParameterGroup []byte
+
+//go:embed  mapping/aws/data/memorydb/aws_memorydb_snapshot.json
+var dataAwsMemorydbSnapshot []byte
+
+//go:embed  mapping/aws/data/memorydb/aws_memorydb_subnet_group.json
+var dataAwsMemorydbSubnetGroup []byte
+
+//go:embed  mapping/aws/data/memorydb/aws_memorydb_user.json
+var dataAwsMemorydbUser []byte
+
+//go:embed  mapping/aws/data/securityhub/aws_securityhub_standards_control_associations.json
+var dataAwsSecurityhubStandardsControlAssociations []byte
+
+//go:embed  mapping/aws/data/workspaces/aws_workspaces_workspace.json
+var dataAwsWorkspacesWorkspace []byte
+
+//go:embed  mapping/aws/data/appconfig/aws_appconfig_application.json
+var dataAwsAppconfigApplication []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_cluster.json
+var dataAwsOdbCloudAutonomousVmCluster []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_clusters.json
+var dataAwsOdbCloudAutonomousVmClusters []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructure.json
+var dataAwsOdbCloudExadataInfrastructure []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructures.json
+var dataAwsOdbCloudExadataInfrastructures []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_cloud_vm_cluster.json
+var dataAwsOdbCloudVmCluster []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_cloud_vm_clusters.json
+var dataAwsOdbCloudVmClusters []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_db_node.json
+var dataAwsOdbDbNode []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_db_nodes.json
+var dataAwsOdbDbNodes []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_db_server.json
+var dataAwsOdbServer []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_db_servers.json
+var dataAwsOdbServers []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_db_system_shapes.json
+var dataAwsOdbDbSystemShapes []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_gi_versions.json
+var dataAwsOdbGiVersions []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_network.json
+var dataAwsOdbNetwork []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_network_peering_connection.json
+var dataAwsOdbNetworkPeeringConnection []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_network_peering_connections.json
+var dataAwsOdbNetworkPeeringConnections []byte
+
+//go:embed  mapping/aws/data/odb/aws_odb_networks.json
+var dataAwsOdbNetworks []byte
+
+//go:embed  mapping/aws/data/ecr-public/aws_ecrpublic_images.json
+var dataAwsEcrPublicImages []byte
+
+//go:embed  mapping/aws/data/rds/aws_rds_global_cluster.json
+var dataAwsRdsGlobalCluster []byte
+
+//go:embed  mapping/aws/data/ec2/aws_vpn_connection.json
+var dataAwsVpnConnection []byte
diff --git a/src/files_gcp.go b/src/files_gcp.go
index 33fc5a4d..236176c1 100644
--- a/src/files_gcp.go
+++ b/src/files_gcp.go
@@ -298,9 +298,6 @@ var googleFirebaseProject []byte
 //go:embed mapping/google/resource/firebasestorage/google_firebase_storage_bucket.json
 var googleFirebaseStorageBucket []byte
 
-//go:embed mapping/google/resource/firebase/google_firebase_android_app.json
-var googleFirebaseWebApp []byte
-
 //go:embed mapping/google/resource/firebaserules/google_firebaserules_release.json
 var googleFirebaserulesRelease []byte
 
@@ -441,3 +438,1761 @@ var googleBigqueryRoutine []byte
 
 //go:embed mapping/google/resource/bigquery/google_bigquery_table_iam.json
 var googleBigqueryTableIam []byte
+
+//go:embed mapping/google/resource/composer/google_composer_environment.json
+var googleComposerEnvironment []byte
+
+//go:embed mapping/google/resource/iam/google_iam_workload_identity_pool.json
+var googleIamWorkloadIdentityPool []byte
+
+//go:embed mapping/google/resource/iam/google_iam_workload_identity_pool_provider.json
+var googleIamWorkloadIdentityPoolProvider []byte
+
+//go:embed mapping/google/resource/iam/google_project_iam_audit_config.json
+var googleProjectIamAuditConfig []byte
+
+//go:embed mapping/google/resource/bigquery/google_bigquery_table.json
+var googleBigQueryTable []byte
+
+//go:embed mapping/google/resource/backend/gcs.json
+var gcsBackend []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_ca_pool.json
+var googlePrivateCaPool []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_ca_pool_iam_binding.json
+var googlePrivateCaPoolIamBinding []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_ca_pool_iam_member.json
+var googlePrivateCaPoolIamMember []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_ca_pool_iam_policy.json
+var googlePrivateCaPoolIamPolicy []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_certificate_template.json
+var googlePrivatecaCertificateTemplate []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_certificate_template_iam_binding.json
+var googlePrivatecaCertificateTemplateIamBinding []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_certificate_template_iam_member.json
+var googlePrivatecaCertificateTemplateIamMember []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_certificate_template_iam_policy.json
+var googlePrivatecaCertificateTemplateIamPolicy []byte
+
+//go:embed mapping/google/resource/privilegedaccessmanager/google_privileged_access_manager_entitlement.json
+var googlePrivilegedAccessManagerEntitlement []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_domain_mapping.json
+var googleCloudRunDomainMapping []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_service.json
+var googleCloudRunService []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_service_iam_binding.json
+var googleCloudRunServiceIamBinding []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_service_iam_member.json
+var googleCloudRunServiceIamMember []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_service_iam_policy.json
+var googleCloudRunServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_v2_worker_pool.json
+var googleCloudRunV2WorkerPool []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_binding.json
+var googleCloudRunV2WorkerPoolIamBinding []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_member.json
+var googleCloudRunV2WorkerPoolIamMember []byte
+
+//go:embed mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_policy.json
+var googleCloudRunV2WorkerPoolIamPolicy []byte
+
+//go:embed mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy.json
+var googleBigqueryDatapolicyDataPolicy []byte
+
+//go:embed mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_binding.json
+var googleBigqueryDatapolicyDataPolicyIamBinding []byte
+
+//go:embed mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_member.json
+var googleBigqueryDatapolicyDataPolicyIamMember []byte
+
+//go:embed mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_policy.json
+var googleBigqueryDatapolicyDataPolicyIamPolicy []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_entry.json
+var googleDataCatalogEntry []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_entry_group.json
+var googleDataCatalogEntryGroup []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_member.json
+var googleDataCatalogEntryGroupIamMember []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_policy.json
+var googleDataCatalogEntryGroupIamPolicy []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_policy_tag.json
+var googleDataCatalogPolicyTag []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_member.json
+var googleDataCatalogPolicyTagIamMember []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_policy.json
+var googleDataCatalogPolicyTagIamPolicy []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_tag.json
+var googleDataCatalogTag []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_tag_template.json
+var googleDataCatalogTagTemplate []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_policy.json
+var googleDataCatalogTagTemplateIamPolicy []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_taxonomy.json
+var googleDataCatalogTaxonomy []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_policy.json
+var googleDataCatalogTaxonomyIamBinding []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_member.json
+var googleDataCatalogTaxonomyIamMember []byte
+
+//go:embed mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_policy.json
+var googleDataCatalogTaxonomyIamPolicy []byte
+
+//go:embed mapping/google/resource/cloudfunctions/google_cloudfunctions2_function.json
+var googleCloudfunction2Function []byte
+
+//go:embed mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_binding.json
+var googleCloudfunction2FunctionIamBinding []byte
+
+//go:embed mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_member.json
+var googleCloudfunction2FunctionIamMember []byte
+
+//go:embed mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_policy.json
+var googleCloudfunction2FunctionIamPolicy []byte
+
+//go:embed mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_binding.json
+var googleCloudfunctionsFunctionIamBinding []byte
+
+//go:embed mapping/google/resource/cloudkms/google_kms_crypto_key_version.json
+var googleKmsCryptoKeyVersions []byte
+
+//go:embed mapping/google/resource/cloudkms/google_kms_key_handle.json
+var googleKmsKeyHandle []byte
+
+//go:embed mapping/google/resource/cloudkms/google_kms_key_ring_iam_binding.json
+var googleKmsKeyRingIamBinding []byte
+
+//go:embed mapping/google/resource/cloudkms/google_kms_key_ring_iam_member.json
+var googleKmsKeyRingIamMember []byte
+
+//go:embed mapping/google/resource/cloudkms/google_kms_key_ring_iam_policy.json
+var googleKmsKeyRingIamPolicy []byte
+
+//go:embed mapping/google/resource/cloudkms/google_kms_key_ring_import_job.json
+var googleKmsKeyRingImportJob []byte
+
+//go:embed mapping/google/resource/cloudkms/google_kms_secret_ciphertext.json
+var googleKmsSecretCiphertext []byte
+
+//go:embed mapping/google/resource/compute/google_project_usage_export_bucket.json
+var googleProjectUsageExportBucket []byte
+
+//go:embed mapping/google/resource/iam/google_default_service_accounts.json
+var googleDefaultServiceAccounts []byte
+
+//go:embed mapping/google/resource/iam/google_project_default_service_accounts.json
+var googleProjectDefaultServiceAccounts []byte
+
+//go:embed mapping/google/resource/secretmanager/google_secret_manager_regional_secret.json
+var googleSecretManagerRegionalSecret []byte
+
+//go:embed mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_binding.json
+var googleSecretManagerRegionalSecretsIamBinding []byte
+
+//go:embed mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_member.json
+var googleSecretManagerRegionalSecretIamMember []byte
+
+//go:embed mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_policy.json
+var googleSecretManagerRegionalSecretIamPolicy []byte
+
+//go:embed mapping/google/resource/secretmanager/google_secret_manager_regional_secret_version.json
+var googleSecretManagerRegionalSecretVersion []byte
+
+//go:embed mapping/google/resource/spanner/google_spanner_backup_schedule.json
+var googleSpannerBackupSchedule []byte
+
+//go:embed mapping/google/resource/spanner/google_spanner_instance_config.json
+var googleSpannerInstanceConfig []byte
+
+//go:embed mapping/google/resource/spanner/google_spanner_instance_partition.json
+var googleSpannerInstancePartition []byte
+
+//go:embed mapping/google/resource/biglake/google_biglake_catalog.json
+var googleBiglakeCatalog []byte
+
+//go:embed mapping/google/resource/biglake/google_biglake_database.json
+var googleBiglakeDatabase []byte
+
+//go:embed mapping/google/resource/biglake/google_biglake_table.json
+var googleBiglakeTable []byte
+
+//go:embed mapping/google/resource/analyticshub/google_bigquery_analytics_hub_listing_subscription.json
+var googleBigqueryAnalyticsHubListingSubscription []byte
+
+//go:embed mapping/google/resource/bigquery/google_bigquery_dataset_access.json
+var googleBigqueryDatasetAccess []byte
+
+//go:embed mapping/google/resource/bigquery/google_bigquery_row_access_policy.json
+var googleBigqueryRowAccessPolicy []byte
+
+//go:embed mapping/google/resource/bigtable/google_bigtable_authorized_view.json
+var googleBigtableAuthorizedView []byte
+
+//go:embed mapping/google/resource/bigtable/google_bigtable_logical_view.json
+var googleBigtableLogicalView []byte
+
+//go:embed mapping/google/resource/bigtable/google_bigtable_materialized_view.json
+var googleBigtableMaterializedView []byte
+
+//go:embed mapping/google/resource/cloudbuild/google_cloudbuildv2_connection.json
+var googleCloudbuildv2Connection []byte
+
+//go:embed mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_binding.json
+var googleCloudbuildv2ConnectionIamBinding []byte
+
+//go:embed mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_member.json
+var googleCloudbuildv2ConnectionIamMember []byte
+
+//go:embed mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_policy.json
+var googleCloudbuildv2ConnectionIamPolicy []byte
+
+//go:embed mapping/google/resource/cloudbuild/google_cloudbuildv2_repository.json
+var googleCloudbuildv2Repository []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_asset.json
+var googleDataplexAsset []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_asset_iam_binding.json
+var googleDataplexAssetIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_asset_iam_member.json
+var googleDataplexAssetIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_asset_iam_policy.json
+var googleDataplexAssetIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_datascan.json
+var googleDataplexDatascan []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_datascan_iam_binding.json
+var googleDataplexDatascanIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_datascan_iam_member.json
+var googleDataplexDatascanIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_datascan_iam_policy.json
+var googleDataplexDatascanIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_glossary.json
+var googleDataplexGlossary []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_glossary_category.json
+var googleDataplexGlossaryCategory []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_glossary_term.json
+var googleDataplexGlossaryTerm []byte
+
+//go:embed mapping/google/resource/apigee/google_apigee_environment_iam_binding.json
+var googleApigeeEnvironmentIamBinding []byte
+
+//go:embed mapping/google/resource/apigee/google_apigee_environment_iam_member.json
+var googleApigeeEnvironmentIamMember []byte
+
+//go:embed mapping/google/resource/apigee/google_apigee_environment_iam_policy.json
+var googleApigeeEnvironmentIamPolicy []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_binding.json
+var googleBeyondcorpApplicationIamBinding []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_member.json
+var googleBeyondcorpApplicationIamMember []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_policy.json
+var googleBeyondcorpApplicationIamPolicy []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_binding.json
+var googleBeyondcorpSecurityGatewayApplicationIamBinding []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_member.json
+var googleBeyondcorpSecurityGatewayApplicationIamMember []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json
+var googleBeyondcorpSecurityGatewayApplicationIamPolicy []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_binding.json
+var googleBeyondcorpSecurityGatewayIamBinding []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_member.json
+var googleBeyondcorpSecurityGatewayIamMember []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json
+var googleBeyondcorpSecurityGatewayIamPolicy []byte
+
+//go:embed mapping/google/resource/billing/google_billing_account_iam_binding.json
+var googleBillingAccountIamBinding []byte
+
+//go:embed mapping/google/resource/billing/google_billing_account_iam_member.json
+var googleBillingAccountIamMember []byte
+
+//go:embed mapping/google/resource/billing/google_billing_account_iam_policy.json
+var googleBillingAccountIamPolicy []byte
+
+//go:embed mapping/google/resource/pubsub/google_pubsub_schema_iam_binding.json
+var googlePubsubSchemaIamBinding []byte
+
+//go:embed mapping/google/resource/pubsub/google_pubsub_schema_iam_member.json
+var googlePubsubSchemaIamMember []byte
+
+//go:embed mapping/google/resource/pubsub/google_pubsub_schema_iam_policy.json
+var googlePubsubSchemaIamPolicy []byte
+
+//go:embed mapping/google/resource/pubsub/google_pubsub_subscription_iam_binding.json
+var googlePubsubSubscriptionIamBinding []byte
+
+//go:embed mapping/google/resource/pubsub/google_pubsub_subscription_iam_member.json
+var googlePubsubSubscriptionIamMember []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_binding.json
+var googleSecureSourceManagerInstanceIamBinding []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_member.json
+var googleSecureSourceManagerInstanceIamMember []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_policy.json
+var googleSecureSourceManagerInstanceIamPolicy []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_binding.json
+var googleSecureSourceManagerRepositoryIamBinding []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_member.json
+var googleSecureSourceManagerRepositoryIamMember []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_policy.json
+var googleSecureSourceManagerRepositoryIamPolicy []byte
+
+//go:embed mapping/google/resource/source/google_sourcerepo_repository_iam_binding.json
+var googleSourcerepoRepositoryIamBinding []byte
+
+//go:embed mapping/google/resource/source/google_sourcerepo_repository_iam_member.json
+var googleSourcerepoRepositoryIamMember []byte
+
+//go:embed mapping/google/resource/source/google_sourcerepo_repository_iam_policy.json
+var googleSourcerepoRepositoryIamPolicy []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_key_iam_binding.json
+var googleTagsTagKeyIamBinding []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_key_iam_member.json
+var googleTagsTagKeyIamMember []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_key_iam_policy.json
+var googleTagsTagKeyIamPolicy []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_value_iam_binding.json
+var googleTagsTagValueIamBinding []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_value_iam_member.json
+var googleTagsTagValueIamMember []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_value_iam_policy.json
+var googleTagsTagValueIamPolicy []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_binding.json
+var googleVertexAIFeatureGroupIamBinding []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_member.json
+var googleVertexAIFeatureGroupIamMember []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_policy.json
+var googleVertexAIFeatureGroupIamPolicy []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_binding.json
+var googleVertexAIFeatureOnlineStoreFeatureviewIamBinding []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_member.json
+var googleVertexAIFeatureOnlineStoreFeatureviewIamMember []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json
+var googleVertexAIFeatureOnlineStoreFeatureviewIamPolicy []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_binding.json
+var googleVertexAIFeatureOnlineStoreIamBinding []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_member.json
+var googleVertexAIFeatureOnlineStoreIamMember []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json
+var googleVertexAIFeatureOnlineStoreIamPolicy []byte
+
+//go:embed mapping/google/resource/notebooks/google_workbench_instance_iam_binding.json
+var googleWorkbenchInstanceIamBinding []byte
+
+//go:embed mapping/google/resource/notebooks/google_workbench_instance_iam_member.json
+var googleWorkbenchInstanceIamMember []byte
+
+//go:embed mapping/google/resource/notebooks/google_workbench_instance_iam_policy.json
+var googleWorkbenchInstanceIamPolicy []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_config_iam_binding.json
+var googleWorkstationsWorkstationConfigIamBinding []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_config_iam_member.json
+var googleWorkstationsWorkstationConfigIamMember []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_config_iam_policy.json
+var googleWorkstationsWorkstationConfigIamPolicy []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_iam_binding.json
+var googleWorkstationsWorkstationIamBinding []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_iam_member.json
+var googleWorkstationsWorkstationIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instance_template_iam_binding.json
+var googleComputeInstanceTemplateIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instance_template_iam_member.json
+var googleComputeInstanceTemplateIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instance_template_iam_policy.json
+var googleComputeInstanceTemplateIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instant_snapshot_iam_binding.json
+var googleComputeInstanceSnapshotIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instant_snapshot_iam_member.json
+var googleComputeInstanceSnapshotIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instant_snapshot_iam_policy.json
+var googleComputeInstanceSnapshotIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_machine_image_iam_binding.json
+var googleComputeMachineImageIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_machine_image_iam_member.json
+var googleComputeMachineImageIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_machine_image_iam_policy.json
+var googleComputeMachineImageIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_backend_service_iam_binding.json
+var googleComputeRegionBackendServiceIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_backend_service_iam_member.json
+var googleComputeRegionBackendServiceIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_backend_service_iam_policy.json
+var googleComputeRegionBackendServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_disk_iam_binding.json
+var googleComputeRegionDiskIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_disk_iam_member.json
+var googleComputeRegionDiskIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_disk_iam_policy.json
+var googleComputeRegionDiskIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_snapshot_iam_binding.json
+var googleComputeSnapshotIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_snapshot_iam_member.json
+var googleComputeSnapshotIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_snapshot_iam_policy.json
+var googleComputeSnapshotIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_storage_pool_iam_binding.json
+var googleComputeStoragePoolIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_storage_pool_iam_member.json
+var googleComputeStoragePoolIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_storage_pool_iam_policy.json
+var googleComputeStoragePoolIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_subnetwork_iam_binding.json
+var googleComputeSubnetworkIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_subnetwork_iam_member.json
+var googleComputeSubnetworkIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_subnetwork_iam_policy.json
+var googleComputeSubnetworkIamPolicy []byte
+
+//go:embed mapping/google/resource/containeranalysis/google_container_analysis_note_iam_binding.json
+var googleContainerAnalysisNoteIamBinding []byte
+
+//go:embed mapping/google/resource/containeranalysis/google_container_analysis_note_iam_member.json
+var googleContainerAnalysisNoteIamMember []byte
+
+//go:embed mapping/google/resource/containeranalysis/google_container_analysis_note_iam_policy.json
+var googleContainerAnalysisNoteIamPolicy []byte
+
+//go:embed mapping/google/resource/dataform/google_dataform_repository_iam_binding.json
+var googleDataformRepositoryIamBinding []byte
+
+//go:embed mapping/google/resource/dataform/google_dataform_repository_iam_member.json
+var googleDataformRepositoryIamMember []byte
+
+//go:embed mapping/google/resource/dataform/google_dataform_repository_iam_policy.json
+var googleDataformRepositoryIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_binding.json
+var googleDataplexAspectTypeIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_member.json
+var googleDataplexAspectTypeIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_policy.json
+var googleDataplexAspectTypeIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_group_iam_binding.json
+var googleDataplexEntryGroupIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_group_iam_member.json
+var googleDataplexEntryGroupIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_group_iam_policy.json
+var googleDataplexEntryGroupIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_group_iam_binding.json
+var googleDataplexEntryTypeIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_group_iam_member.json
+var googleDataplexEntryTypeIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_group_iam_policy.json
+var googleDataplexEntryTypeIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_glossary_iam_binding.json
+var googleDataplexGlossaryIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_glossary_iam_member.json
+var googleDataplexGlossaryIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_glossary_iam_policy.json
+var googleDataplexGlossaryIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_lake_iam_binding.json
+var googleDataplexLakeIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_lake_iam_member.json
+var googleDataplexLakeIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_lake_iam_policy.json
+var googleDataplexLakeIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_task_iam_member.json
+var googleDataplexTaskIamMember []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_task_iam_policy.json
+var googleDataplexTaskIamPolicy []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_zone_iam_binding.json
+var googleDataplexZoneIamBinding []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_zone_iam_member.json
+var googleDataplexZoneIamMember []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_binding.json
+var googleDataprocAutoscalingPolicyIamBinding []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_member.json
+var googleDataprocAutoscalingPolicyIamMember []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_binding.json
+var googleDataprocAutoscalingPolicyIamPolicy []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_cluster_iam_binding.json
+var googleDataprocClusterIamBinding []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_cluster_iam_member.json
+var googleDataprocClusterIamMember []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_cluster_iam_policy.json
+var googleDataprocClusterIamPolicy []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_job_iam_binding.json
+var googleDataprocJobIamBinding []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_job_iam_member.json
+var googleDataprocJobIamMember []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_job_iam_policy.json
+var googleDataprocJobIamPolicy []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_database_iam_binding.json
+var googleDataprocMetastoreDatabaseIamBinding []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_database_iam_member.json
+var googleDataprocMetastoreDatabaseIamMember []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_database_iam_policy.json
+var googleDataprocMetastoreDatabaseIamPolicy []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_binding.json
+var googleDataprocMetastoreFederationIamBinding []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_member.json
+var googleDataprocMetastoreFederationIamMember []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_policy.json
+var googleDataprocMetastoreFederationIamPolicy []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_binding.json
+var googleDataprocMetastoreServiceIamBinding []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_service_iam_member.json
+var googleDataprocMetastoreServiceIamMember []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_policy.json
+var googleDataprocMetastoreServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_binding.json
+var googleDataprocMetastoreTableIamBinding []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_table_iam_member.json
+var googleDataprocMetastoreTableIamMember []byte
+
+//go:embed mapping/google/resource/metastore/google_dataproc_metastore_table_iam_policy.json
+var googleDataprocMetastoreTableIamPolicy []byte
+
+//go:embed mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_binding.json
+var googleBinaryAuthorizationAttestorIamBinding []byte
+
+//go:embed mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_member.json
+var googleBinaryAuthorizationAttestorIamMember []byte
+
+//go:embed mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_policy.json
+var googleBinaryAuthorizationAttestorIamPolicy []byte
+
+//go:embed mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_binding.json
+var googleCloudTasksQueueIamBinding []byte
+
+//go:embed mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_member.json
+var googleCloudTasksQueueIamMember []byte
+
+//go:embed mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_policy.json
+var googleCloudTasksQueueIamPolicy []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_binding.json
+var googleClouddeployCustomTargetTypeIamBinding []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_member.json
+var googleClouddeployCustomTargetTypeIamMember []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json
+var googleClouddeployCustomTargetTypeIamPolicy []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_binding.json
+var googleClouddeployDeliveryPipelineIamBinding []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_member.json
+var googleClouddeployDeliveryPipelineIamMember []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json
+var googleClouddeployDeliveryPipelineIamPolicy []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_binding.json
+var googleClouddeployTargetIamBinding []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_member.json
+var googleClouddeployTargetIamMember []byte
+
+//go:embed mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_policy.json
+var googleClouddeployTargetIamPolicy []byte
+
+//go:embed mapping/google/resource/aiplatform/google_colab_runtime_template_iam_member.json
+var googleColabRuntimeTemplateIamBinding []byte
+
+//go:embed mapping/google/resource/aiplatform/google_colab_runtime_template_iam_member.json
+var googleColabRuntimeTemplateIamMember []byte
+
+//go:embed mapping/google/resource/aiplatform/google_colab_runtime_template_iam_policy.json
+var googleColabRuntimeTemplateIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_bucket_iam_binding.json
+var googleComputeBackendBucketIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_bucket_iam_member.json
+var googleComputeBackendBucketIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_bucket_iam_policy.json
+var googleComputeBackendBucketIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_service_iam_binding.json
+var googleComputeBackendServiceIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_service_iam_member.json
+var googleComputeBackendServiceIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_service_iam_policy.json
+var googleComputeBackendServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_disk_iam_binding.json
+var googleComputeDiskIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_disk_iam_member.json
+var googleComputeDiskIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_image_iam_binding.json
+var googleComputeImageIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_image_iam_member.json
+var googleComputeImageIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_image_iam_policy.json
+var googleComputeImageIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instance_iam_binding.json
+var googleComputeInstanceIamBinding []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instance_iam_member.json
+var googleComputeInstanceIamMember []byte
+
+//go:embed mapping/google/resource/compute/google_compute_instance_iam_policy.json
+var googleComputeInstanceIamPolicy []byte
+
+//go:embed mapping/google/resource/datafusion/google_data_fusion_instance_iam_binding.json
+var googleDataFusionInstanceIamBinding []byte
+
+//go:embed mapping/google/resource/datafusion/google_data_fusion_instance_iam_member.json
+var googleDataFusionInstanceIamMember []byte
+
+//go:embed mapping/google/resource/datafusion/google_data_fusion_instance_iam_policy.json
+var googleDataFusionInstanceIamPolicy []byte
+
+//go:embed mapping/google/resource/dns/google_dns_managed_zone_iam_binding.json
+var googleDNSManagedZoneIamBinding []byte
+
+//go:embed mapping/google/resource/dns/google_dns_managed_zone_iam_member.json
+var googleDNSManagedZoneIamMember []byte
+
+//go:embed mapping/google/resource/dns/google_dns_managed_zone_iam_policy.json
+var googleDNSManagedZoneIamPolicy []byte
+
+//go:embed mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_binding.json
+var googleEndpointsServiceConsumersIamBinding []byte
+
+//go:embed mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_member.json
+var googleEndpointsServiceConsumersIamMember []byte
+
+//go:embed mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_policy.json
+var googleEndpointsServiceConsumersIamPolicy []byte
+
+//go:embed mapping/google/resource/servicemanagement/google_endpoints_service_iam_binding.json
+var googleEndpointsServiceIamBinding []byte
+
+//go:embed mapping/google/resource/servicemanagement/google_endpoints_service_iam_member.json
+var googleEndpointsServiceIamMember []byte
+
+//go:embed mapping/google/resource/servicemanagement/google_endpoints_service_iam_policy.json
+var googleEndpointsServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_folder_iam_binding.json
+var googleFolderIamBinding []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_folder_iam_member.json
+var googleFolderIamMember []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_folder_iam_policy.json
+var googleFolderIamPolicy []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_binding.json
+var googleGeminiRepositoryGroupIamBinding []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_member.json
+var googleGeminiRepositoryGroupIamMember []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_policy.json
+var googleGeminiRepositoryGroupIamPolicy []byte
+
+//go:embed mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_binding.json
+var googleGkeBackupBackupPlanIamBinding []byte
+
+//go:embed mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_member.json
+var googleGkeBackupBackupPlanIamMember []byte
+
+//go:embed mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_policy.json
+var googleGkeBackupBackupPlanIamPolicy []byte
+
+//go:embed mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_binding.json
+var googleGkeBackupRestorePlanIamBinding []byte
+
+//go:embed mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_member.json
+var googleGkeBackupRestorePlanIamMember []byte
+
+//go:embed mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_policy.json
+var googleGkeBackupRestorePlanIamPolicy []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_feature_iam_binding.json
+var googleGkeHubFeatureIamBinding []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_feature_iam_member.json
+var googleGkeHubFeatureIamMember []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_feature_iam_policy.json
+var googleGkeHubFeatureIamPolicy []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_membership_iam_binding.json
+var googleGkeHubMembershipIamBinding []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_membership_iam_member.json
+var googleGkeHubMembershipIamMember []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_membership_iam_policy.json
+var googleGkeHubMembershipIamPolicy []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_scope_iam_binding.json
+var googleGkeHubScopeIamBinding []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_scope_iam_member.json
+var googleGkeHubScopeIamMember []byte
+
+//go:embed mapping/google/resource/gkehub/google_gke_hub_scope_iam_policy.json
+var googleGkeHubScopeIamPolicy []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_consent_store_iam_binding.json
+var googleHealthcareConsentStoreIamBinding []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_consent_store_iam_member.json
+var googleHealthcareConsentStoreIamMember []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_consent_store_iam_policy.json
+var googleHealthcareConsentStoreIamPolicy []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_dataset_iam_binding.json
+var googleHealthcareDatasetIamBinding []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_dataset_iam_member.json
+var googleHealthcareDatasetIamMember []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_dataset_iam_policy.json
+var googleHealthcareDatasetIamPolicy []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_binding.json
+var googleHealthcareDicomStoreIamBinding []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_member.json
+var googleHealthcareDicomStoreIamMember []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_policy.json
+var googleHealthcareDicomStoreIamPolicy []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_binding.json
+var googleHealthcareFhirStoreIamBinding []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_member.json
+var googleHealthcareFhirStoreIamMember []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_policy.json
+var googleHealthcareFhirStoreIamPolicy []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_binding.json
+var googleHealthcareHl7V2StoreIamBinding []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_member.json
+var googleHealthcareHl7V2StoreIamMember []byte
+
+//go:embed mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_policy.json
+var googleHealthcareHl7V2StoreIamPolicy []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_binding.json
+var googleIamWorkloadIdentityPoolIamBinding []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_member.json
+var googleIamWorkloadIdentityPoolIamMember []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json
+var googleIamWorkloadIdentityPoolIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_app_engine_service_iam_binding.json
+var googleIapAppEngineServiceIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_app_engine_service_iam_member.json
+var googleIapAppEngineServiceIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_app_engine_service_iam_policy.json
+var googleIapAppEngineServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_app_engine_version_iam_binding.json
+var googleIapAppEngineVersionIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_app_engine_version_iam_member.json
+var googleIapAppEngineVersionIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_app_engine_version_iam_policy.json
+var googleIapAppEngineVersionIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_binding.json
+var googleIapTunnelDestGroupIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_member.json
+var googleIapTunnelDestGroupIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_policy.json
+var googleIapTunnelDestGroupIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_iam_binding.json
+var googleIapTunnelIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_iam_member.json
+var googleIapTunnelIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_iam_policy.json
+var googleIapTunnelIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_instance_iam_binding.json
+var googleIapTunnelInstanceIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_instance_iam_member.json
+var googleIapTunnelInstanceIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_instance_iam_policy.json
+var googleIapTunnelInstanceIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_backend_service_iam_binding.json
+var googleIapWebBackendServiceIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_backend_service_iam_member.json
+var googleIapWebBackendServiceIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_backend_service_iam_policy.json
+var googleIapWebBackendServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_binding.json
+var googleIapWebCloudRunServiceIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_member.json
+var googleIapWebCloudRunServiceIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_policy.json
+var googleIapWebCloudRunServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_iam_binding.json
+var googleIapWebIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_iam_member.json
+var googleIapWebIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_iam_policy.json
+var googleIapWebIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_region_backend_service_iam_binding.json
+var googleIapWebRegionBackendServiceIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_region_backend_service_iam_member.json
+var googleIapWebRegionBackendServiceIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_region_backend_service_iam_policy.json
+var googleIapWebRegionBackendServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_type_app_engine_iam_binding.json
+var googleIapWebTypeAppEngineIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_type_app_engine_iam_member.json
+var googleIapWebTypeAppEngineIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_type_app_engine_iam_policy.json
+var googleIapWebTypeAppEngineIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_type_compute_iam_binding.json
+var googleIapWebTypeComputeIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_type_compute_iam_member.json
+var googleIapWebTypeComputeIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_type_compute_iam_policy.json
+var googleIapWebTypeComputeIamPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_disk_iam_policy.json
+var googleComputeDiskIamPolicy []byte
+
+//go:embed mapping/google/resource/kms/google_kms_ekm_connection_iam_binding.json
+var googleKmsEkmConnectionIamBinding []byte
+
+//go:embed mapping/google/resource/kms/google_kms_ekm_connection_iam_member.json
+var googleKmsEkmConnectionIamMember []byte
+
+//go:embed mapping/google/resource/kms/google_kms_ekm_connection_iam_policy.json
+var googleKmsEkmConnectionIamPolicy []byte
+
+//go:embed mapping/google/resource/logging/google_logging_log_view_iam_binding.json
+var googleLoggingLogViewIamBinding []byte
+
+//go:embed mapping/google/resource/logging/google_logging_log_view_iam_member.json
+var googleLoggingLogViewIamMember []byte
+
+//go:embed mapping/google/resource/networksecurity/google_network_security_address_group_iam_binding.json
+var googleNetworkSecurityAddressGroupIamBinding []byte
+
+//go:embed mapping/google/resource/networksecurity/google_network_security_address_group_iam_member.json
+var googleNetworkSecurityAddressGroupIamMember []byte
+
+//go:embed mapping/google/resource/networksecurity/google_network_security_address_group_iam_policy.json
+var googleNetworkSecurityAddressGroupIamPolicy []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_instance_iam_binding.json
+var googleNotebooksInstanceIamBinding []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_instance_iam_member.json
+var googleNotebooksInstanceIamMember []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_instance_iam_policy.json
+var googleNotebooksInstanceIamPolicy []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_runtime_iam_binding.json
+var googleNotebooksRuntimeIamBinding []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_runtime_iam_member.json
+var googleNotebooksRuntimeIamMember []byte
+
+//go:embed mapping/google/resource/logging/google_logging_log_view_iam_policy.json
+var googleLoggingLogViewIamPolicy []byte
+
+//go:embed mapping/google/resource/pubsub/google_pubsub_subscription_iam_policy.json
+var googlePubsubSubscriptionIamPolicy []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_iam_policy.json
+var googleWorkstationsWorkstationIamPolicy []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_organization_iam_binding.json
+var googleOrganizationIamBinding []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_organization_iam_member.json
+var googleOrganizationIamMember []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_organization_iam_policy.json
+var googleOrganizationIamPolicy []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_project_iam_policy.json
+var googleProjectIamPolicy []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_runtime_iam_policy.json
+var googleNotebooksRuntimeIamPolicy []byte
+
+//go:embed mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_binding.json
+var googleRuntimeconfigConfigIamBinding []byte
+
+//go:embed mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_member.json
+var googleRuntimeconfigConfigIamMember []byte
+
+//go:embed mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_policy.json
+var googleRuntimeconfigConfigIamPolicy []byte
+
+//go:embed mapping/google/resource/securitycenter/google_scc_source_iam_binding.json
+var googleSccSourceIamBinding []byte
+
+//go:embed mapping/google/resource/securitycenter/google_scc_source_iam_member.json
+var googleSccSourceIamMember []byte
+
+//go:embed mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_binding.json
+var googleSccV2OrganizationSourceIamBinding []byte
+
+//go:embed mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_member.json
+var googleSccV2OrganizationSourceIamMember []byte
+
+//go:embed mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_policy.json
+var googleSccV2OrganizationSourceIamPolicy []byte
+
+//go:embed mapping/google/resource/storage/google_storage_managed_folder_iam_binding.json
+var googleStorageManagedFolderIamBinding []byte
+
+//go:embed mapping/google/resource/storage/google_storage_managed_folder_iam_member.json
+var googleStorageManagedFolderIamMember []byte
+
+//go:embed mapping/google/resource/storage/google_storage_managed_folder_iam_policy.json
+var googleStorageManagedFolderIamPolicy []byte
+
+//go:embed mapping/google/resource/securitycenter/google_scc_source_iam_policy.json
+var googleSccSourceIamPolicy []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_location_tag_binding.json
+var googleTagsLocationTagBinding []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_binding.json
+var googleTagsTagBinding []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_key.json
+var googleTagsTagKey []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_tags_tag_value.json
+var googleTagsTagValue []byte
+
+//go:embed mapping/google/resource/storage/google_storage_control_folder_intelligence_config.json
+var googleStorageControlFolderIntelligenceConfig []byte
+
+//go:embed mapping/google/resource/storage/google_storage_control_organization_intelligence_config.json
+var googleStorageControlOrganizationIntelligenceConfig []byte
+
+//go:embed mapping/google/resource/storage/google_storage_control_project_intelligence_config.json
+var googleStorageControlProjectIntelligenceConfig []byte
+
+//go:embed mapping/google/resource/runtimeconfig/google_runtimeconfig_config.json
+var googleRuntimeconfigConfig []byte
+
+//go:embed mapping/google/resource/runtimeconfig/google_runtimeconfig_variable.json
+var googleRuntimeconfigVariable []byte
+
+//go:embed mapping/google/resource/redis/google_redis_cluster.json
+var googleRedisCluster []byte
+
+//go:embed mapping/google/resource/redis/google_redis_cluster_user_created_connections.json
+var googleRedisClusterUserCreatedConnections []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_project.json
+var gooleProject []byte
+
+//go:embed mapping/google/resource/accessapproval/google_project_access_approval_settings.json
+var googleProjectAccessApprovalSettings []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_project_iam_member_remove.json
+var googleProjectIamMemberRemove []byte
+
+//go:embed mapping/google/resource/orgpolicy/google_project_organization_policy.json
+var googleProjectOrganizationPolicy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_forwarding_rule.json
+var googleComputeForwardingRule []byte
+
+//go:embed mapping/google/resource/compute/google_compute_global_forwarding_rule.json
+var googleComputeGlobalForwardingRule []byte
+
+//go:embed mapping/google/resource/compute/google_compute_health_check.json
+var googleComputeHealthcheck []byte
+
+//go:embed mapping/google/resource/compute/google_compute_http_health_check.json
+var googleComputeHttpHealthCheck []byte
+
+//go:embed mapping/google/resource/compute/google_compute_https_health_check.json
+var googleComputeHttpsHealthCheck []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_backend_service.json
+var googleComputeRgionBackendService []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_health_check.json
+var googleComputeRegioHealthCheck []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_target_http_proxy.json
+var googleComputeRegionTargetHttpProxy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_target_https_proxy.json
+var googleComputeRegionTargetHttpsProxy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_target_tcp_proxy.json
+var googleComputeRegionTargetTcpProxy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_url_map.json
+var googleComputeRegionUrlMap []byte
+
+//go:embed mapping/google/resource/compute/google_compute_target_http_proxy.json
+var googleComputeTargetHttpProxy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_target_https_proxy.json
+var googleComputeTargetHttpsProxy []byte
+
+//go:embed mapping/google/resource/compute/google_compute_url_map.json
+var googleComputeUrlMap []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_service.json
+var googleComputeBackendService []byte
+
+//go:embed mapping/google/resource/compute/google_compute_backend_bucket.json
+var googleComputeBackendBucket []byte
+
+//go:embed mapping/google/resource/compute/google_compute_global_network_endpoint_group.json
+var googleComputeGlobalNetworkEndpointGroup []byte
+
+//go:embed mapping/google/resource/compute/google_compute_network_endpoint_group.json
+var googleComputeNetworkEndpointGroup []byte
+
+//go:embed mapping/google/resource/compute/google_compute_region_network_endpoint_group.json
+var googleComputeRegionNetworkEndpointGroup []byte
+
+//go:embed mapping/google/resource/firebase/google_firebase_web_app.json
+var googleFirebaseWebApp []byte
+
+//go:embed mapping/google/resource/dataflow/google_dataflow_job.json
+var googleDataflowJob []byte
+
+//go:embed mapping/google/resource/dataform/google_dataform_repository.json
+var googleDataformRepository []byte
+
+//go:embed mapping/google/resource/dataform/google_dataform_repository_release_config.json
+var googleDataformRepositoryReleaseConfig []byte
+
+//go:embed mapping/google/resource/dataform/google_dataform_repository_workflow_config.json
+var googleDataformRepositoryWorkflowConfig []byte
+
+//go:embed mapping/google/resource/compute/google_compute_network_attachment.json
+var googleComputeNetworkAttachment []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_environment.json
+var googleNotebooksEnvironment []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_instance.json
+var googleNotebooksInstance []byte
+
+//go:embed mapping/google/resource/notebooks/google_notebooks_runtime.json
+var googleNotebooksRuntime []byte
+
+//go:embed mapping/google/resource/logging/google_logging_billing_account_exclusion.json
+var googleLoggingBillingAccountExclusion []byte
+
+//go:embed mapping/google/resource/logging/google_logging_billing_account_sink.json
+var googleLoggingBillingAccountSink []byte
+
+//go:embed mapping/google/resource/logging/google_logging_folder_exclusion.json
+var googleLoggingFolderExclusion []byte
+
+//go:embed mapping/google/resource/logging/google_logging_folder_settings.json
+var googleLoggingFolderSettings []byte
+
+//go:embed mapping/google/resource/logging/google_logging_folder_sink.json
+var googleLoggingFolderSink []byte
+
+//go:embed mapping/google/resource/logging/google_logging_linked_dataset.json
+var googleLoggingLinkedDataset []byte
+
+//go:embed mapping/google/resource/logging/google_logging_log_scope.json
+var googleLoggingLogScope []byte
+
+//go:embed mapping/google/resource/logging/google_logging_log_view.json
+var googleLoggingLogView []byte
+
+//go:embed mapping/google/resource/logging/google_logging_metric.json
+var googleLoggingMetric []byte
+
+//go:embed mapping/google/resource/logging/google_logging_organization_exclusion.json
+var googleLoggingOrganizationExclusion []byte
+
+//go:embed mapping/google/resource/logging/google_logging_organization_settings.json
+var googleLoggingOrganizationSettings []byte
+
+//go:embed mapping/google/resource/logging/google_logging_organization_sink.json
+var googleLoggingOrganizationSink []byte
+
+//go:embed mapping/google/resource/logging/google_logging_project_exclusion.json
+var googleLoggingProjectExclusion []byte
+
+//go:embed mapping/google/resource/logging/google_logging_project_sink.json
+var googleLoggingProjectSink []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_alert_policy.json
+var googleMonitoringAlertPolicy []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_custom_service.json
+var googleMonitoringCustomService []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_dashboard.json
+var googleMonitoringDashboard []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_group.json
+var googleMonitoringGroup []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_metric_descriptor.json
+var googleMonitoringMetricDescriptor []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_monitored_project.json
+var googleMonitoringMonitoredProject []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_notification_channel.json
+var googleMonitoringNotificationChannel []byte
+
+//go:embed mapping/google/resource/backupdr/google_backup_dr_backup_plan.json
+var googleBackupDRBackupPlan []byte
+
+//go:embed mapping/google/resource/backupdr/google_backup_dr_backup_plan_association.json
+var googleBackupDRBackupPlanAssociation []byte
+
+//go:embed mapping/google/resource/backupdr/google_backup_dr_backup_vault.json
+var googleBackupDRBackupVault []byte
+
+//go:embed mapping/google/resource/backupdr/google_backup_dr_management_server.json
+var googleBackupDRManagementServer []byte
+
+//go:embed mapping/google/resource/backupdr/google_backup_dr_service_config.json
+var googleBackupDRServiceConfig []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_service.json
+var googleMonitoringService []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_slo.json
+var googleMonitoringSLO []byte
+
+//go:embed mapping/google/resource/monitoring/google_monitoring_uptime_check_config.json
+var googleMonitoringUptimeCheckConfig []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_app_connection.json
+var googleBeyondcorpAppConnection []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_app_connector.json
+var googleBeyondcorpAppConnector []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_app_gateway.json
+var googleBeyondcorpAppGateway []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_application.json
+var googleBeyondcorpApplication []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway.json
+var googleBeyondcorpSecurityGateway []byte
+
+//go:embed mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application.json
+var googleBeyondcorpSecurityGatewayApplication []byte
+
+//go:embed mapping/google/resource/billing/google_billing_budget.json
+var googleBillingBudget []byte
+
+//go:embed mapping/google/resource/resourcemanager/google_billing_project_info.json
+var googleBillingProjectInfo []byte
+
+//go:embed mapping/google/resource/apihub/google_apihub_api_hub_instance.json
+var googleApihubInstance []byte
+
+//go:embed mapping/google/resource/apihub/google_apihub_curation.json
+var googleApihubCuration []byte
+
+//go:embed mapping/google/resource/apihub/google_apihub_host_project_registration.json
+var googleApihubHostProjectRegistration []byte
+
+//go:embed mapping/google/resource/apihub/google_apihub_plugin.json
+var googleApihubPlugin []byte
+
+//go:embed mapping/google/resource/apihub/google_apihub_plugin_instance.json
+var googleApihubPluginInstance []byte
+
+//go:embed mapping/google/resource/apphub/google_apphub_application.json
+var googleApphubApplication []byte
+
+//go:embed mapping/google/resource/apphub/google_apphub_service.json
+var googleApphubService []byte
+
+//go:embed mapping/google/resource/apphub/google_apphub_service_project_attachment.json
+var googleApphubServiceProjectAttachment []byte
+
+//go:embed mapping/google/resource/apphub/google_apphub_workload.json
+var googleApphubWorkload []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_aspect_type.json
+var googleDataplexAspectType []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry.json
+var googleDataplexEntry []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_group.json
+var googleDataplexEntryGroup []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_entry_type.json
+var googleDataplexEntryType []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_lake.json
+var googleDataplexLake []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_task.json
+var googleDataplexTask []byte
+
+//go:embed mapping/google/resource/dataplex/google_dataplex_zone.json
+var googleDataplexZone []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_cluster.json
+var googleVmwareengineCluster []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_external_access_rule.json
+var googleVmwareengineExternalAccessRule []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_external_address.json
+var googleVmwareengineExternalAddress []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_network.json
+var googleVmwareengineNetwork []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_network_peering.json
+var googleVmwareengineNetworkPeering []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_network_policy.json
+var googleVmwareengineNetworkPolicy []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_private_cloud.json
+var googleVmwareenginePrivateCloud []byte
+
+//go:embed mapping/google/resource/vmwareengine/google_vmwareengine_subnet.json
+var googleVmwareengineSubnet []byte
+
+//go:embed mapping/google/resource/workflows/google_workflows_workflow.json
+var googleWorkflowsWorkflow []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation.json
+var googleWorkstationsWorkstation []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_cluster.json
+var googleWorkstationsWorkstationCluster []byte
+
+//go:embed mapping/google/resource/workstations/google_workstations_workstation_config.json
+var googleWorkstationsWorkstationConfig []byte
+
+//go:embed mapping/google/resource/chronicle/google_chronicle_data_access_label.json
+var googleChronicleDataAccessLabel []byte
+
+//go:embed mapping/google/resource/chronicle/google_chronicle_data_access_scope.json
+var googleChronicleDataAccessScope []byte
+
+//go:embed mapping/google/resource/chronicle/google_chronicle_reference_list.json
+var googleChronicleReferenceList []byte
+
+//go:embed mapping/google/resource/chronicle/google_chronicle_retrohunt.json
+var googleChronicleRetrohunt []byte
+
+//go:embed mapping/google/resource/chronicle/google_chronicle_rule.json
+var googleChronicleRule []byte
+
+//go:embed mapping/google/resource/chronicle/google_chronicle_rule_deployment.json
+var googleChronicleRuleDeployment []byte
+
+//go:embed mapping/google/resource/chronicle/google_chronicle_watchlist.json
+var googleChronicleWatchlist []byte
+
+//go:embed mapping/google/resource/composer/google_composer_user_workloads_config_map.json
+var googleComposerUserWorkloadsConfigMap []byte
+
+//go:embed mapping/google/resource/composer/google_composer_user_workloads_secret.json
+var googleComposerUserWorkloadsSecret []byte
+
+//go:embed mapping/google/resource/contactcenterinsights/google_contact_center_insights_analysis_rule.json
+var googleContactCenterInsightsAnalysisRule []byte
+
+//go:embed mapping/google/resource/contactcenterinsights/google_contact_center_insights_view.json
+var googleContactCenterInsightsView []byte
+
+//go:embed mapping/google/resource/developerconnect/google_developer_connect_account_connector.json
+var googleDeveloperConnectAccountConnector []byte
+
+//go:embed mapping/google/resource/developerconnect/google_developer_connect_connection.json
+var googleDeveloperConnectConnection []byte
+
+//go:embed mapping/google/resource/developerconnect/google_developer_connect_git_repository_link.json
+var googleDeveloperConnectGitRepositoryLink []byte
+
+//go:embed mapping/google/resource/bigtable/google_bigtable_schema_bundle.json
+var googleBigtableSchemaBundle []byte
+
+//go:embed mapping/google/resource/memcache/google_memcache_instance.json
+var googleMemcacheInstance []byte
+
+//go:embed mapping/google/resource/memorystore/google_memorystore_instance.json
+var googleMemorystoreInstance []byte
+
+//go:embed mapping/google/resource/osconfig/google_os_config_guest_policies.json
+var googleOsConfigGuestPolicies []byte
+
+//go:embed mapping/google/resource/osconfig/google_os_config_os_policy_assignment.json
+var googleOsConfigOsPolicyAssignment []byte
+
+//go:embed mapping/google/resource/osconfig/google_os_config_patch_deployment.json
+var googleOsConfigPatchDeployment []byte
+
+//go:embed mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator.json
+var googleOsConfigV2PolicyOrchestrator []byte
+
+//go:embed mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_folder.json
+var googleOsConfigV2PolicyOrchestratorForFolder []byte
+
+//go:embed mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_organization.json
+var googleOsConfigV2PolicyOrchestratorForOrganization []byte
+
+//go:embed mapping/google/resource/parallelstore/google_parallelstore_instance.json
+var googleParallelstoreInstance []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_certificate.json
+var googlePrivatecaCertificate []byte
+
+//go:embed mapping/google/resource/privateca/google_privateca_certificate_authority.json
+var googlePrivatecaCertificateAuthority []byte
+
+//go:embed mapping/google/resource/cloudsql/google_sql_ssl_cert.json
+var googleSqlSslCert []byte
+
+//go:embed mapping/google/resource/tpu/google_tpu_node.json
+var googleTpuNode []byte
+
+//go:embed mapping/google/resource/tpu/google_tpu_v2_queued_resource.json
+var googleTpuV2QueuedResource []byte
+
+//go:embed mapping/google/resource/tpu/google_tpu_v2_vm.json
+var googleTpuV2Vm []byte
+
+//go:embed mapping/google/resource/transcoder/google_transcoder_job.json
+var googleTranscoderJob []byte
+
+//go:embed mapping/google/resource/transcoder/google_transcoder_job_template.json
+var googleTranscoderJobTemplate []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool.json
+var googleIamWorkforcePool []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_binding.json
+var googleIamWorkforcePoolIamBinding []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_member.json
+var googleIamWorkforcePoolIamMember []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json
+var googleIamWorkforcePoolIamPolicy []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider.json
+var googleIamWorkforcePoolProvider []byte
+
+//go:embed mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider_key.json
+var googleIamWorkforcePoolProviderKey []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_autoscaling_policy.json
+var googleDataprocAutoscalingPolicy []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_batch.json
+var googleDataprocBatch []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_cluster.json
+var googleDataprocCluster []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_job.json
+var googleDataprocJob []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_session_template.json
+var googleDataprocSessionTemplate []byte
+
+//go:embed mapping/google/resource/dataproc/google_dataproc_workflow_template.json
+var googleDataprocWorkflowTemplate []byte
+
+//go:embed mapping/google/resource/deploymentmanager/google_deployment_manager_deployment.json
+var googleDeploymentManagerDeployment []byte
+
+//go:embed mapping/google/resource/edgecontainer/google_edgecontainer_cluster.json
+var googleEdgecontainerCluster []byte
+
+//go:embed mapping/google/resource/edgecontainer/google_edgecontainer_node_pool.json
+var googleEdgecontainerNodePool []byte
+
+//go:embed mapping/google/resource/edgecontainer/google_edgecontainer_vpn_connection.json
+var googleEdgecontainerVpnConnection []byte
+
+//go:embed mapping/google/resource/edgenetwork/google_edgenetwork_interconnect_attachment.json
+var googleEdgecontainerInterconnectAttachment []byte
+
+//go:embed mapping/google/resource/edgenetwork/google_edgenetwork_network.json
+var googleEdgecontainerNetwork []byte
+
+//go:embed mapping/google/resource/edgenetwork/google_edgenetwork_subnet.json
+var googleEdgecontainerSubnet []byte
+
+//go:embed mapping/google/resource/eventarc/google_eventarc_channel.json
+var googleEventarcChannel []byte
+
+//go:embed mapping/google/resource/eventarc/google_eventarc_enrollment.json
+var googleEventarcEnrollment []byte
+
+//go:embed mapping/google/resource/eventarc/google_eventarc_google_api_source.json
+var googleEventarcGoogleApiSource []byte
+
+//go:embed mapping/google/resource/eventarc/google_eventarc_google_channel_config.json
+var googleEventarcGoogleChannelConfig []byte
+
+//go:embed mapping/google/resource/eventarc/google_eventarc_message_bus.json
+var googleEventarcMessageBus []byte
+
+//go:embed mapping/google/resource/eventarc/google_eventarc_pipeline.json
+var googleEventarcPipeline []byte
+
+//go:embed mapping/google/resource/eventarc/google_eventarc_trigger.json
+var googleEventarcTrigger []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_branch_rule.json
+var googleSecureSourceManagerBranchRule []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_instance.json
+var googleSecureSourceManagerInstance []byte
+
+//go:embed mapping/google/resource/securesourcemanager/google_secure_source_manager_repository.json
+var googleSecureSourceManagerRepository []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_agent.json
+var googleDialogflowAgent []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_conversation_profile.json
+var googleDialogflowConversationProfile []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_agent.json
+var googleDialogflowCxAgent []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_entity_type.json
+var googleDialogflowCxEntityType []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_environment.json
+var googleDialogflowCxEnvironment []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_flow.json
+var googleDialogflowCxFlow []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_generative_settings.json
+var googleDialogflowCxGenerativeSettings []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_generator.json
+var googleDialogflowCxGenerator []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_intent.json
+var googleDialogflowCxIntent []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_page.json
+var googleDialogflowCxPage []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_playbook.json
+var googleDialogflowCxPlaybook []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_security_settings.json
+var googleDialogflowCxSecuritySettings []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_tool.json
+var googleDialogflowCxTool []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_version.json
+var googleDialogflowCxVersion []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_cx_webhook.json
+var googleDialogflowCxWebhook []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_encryption_spec.json
+var googleDialogflowEncryptionSpec []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_entity_type.json
+var googleDialogflowEntityType []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_fulfillment.json
+var googleDialogflowFulfillment []byte
+
+//go:embed mapping/google/resource/dialogflow/google_dialogflow_intent.json
+var googleDialogflowIntent []byte
+
+//go:embed mapping/google/resource/managedkafka/google_managed_kafka_cluster.json
+var googleManagedKafkaCluster []byte
+
+//go:embed mapping/google/resource/managedkafka/google_managed_kafka_connect_cluster.json
+var googleManagedKafkaConnectCluster []byte
+
+//go:embed mapping/google/resource/managedkafka/google_managed_kafka_connector.json
+var googleManagedKafkaConnector []byte
+
+//go:embed mapping/google/resource/managedkafka/google_managed_kafka_topic.json
+var googleManagedKafkaTopics []byte
+
+//go:embed mapping/google/resource/modelarmor/google_model_armor_floorsetting.json
+var googleModelArmorFloorsetting []byte
+
+//go:embed mapping/google/resource/modelarmor/google_model_armor_template.json
+var googleModelArmorTemplate []byte
+
+//go:embed mapping/google/resource/managedkafka/google_managed_kafka_acl.json
+var googleManagedKafkaAcl []byte
+
+//go:embed mapping/google/resource/certificatemanager/google_certificate_manager_dns_authorization.json
+var googleCertificateManagerDnsAuthorization []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_binding.json
+var googleIapWebRegionForwardingRuleServiceIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_member.json
+var googleIapWebRegionForwardingRuleServiceIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json
+var googleIapWebRegionForwardingRuleServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/iap/google_iap_settings.json
+var googleIapSettings []byte
+
+//go:embed mapping/google/resource/iap/google_iap_tunnel_dest_group.json
+var googleIapTunnelDestGroup []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_binding.json
+var googleIapWebForwardingRuleServiceIamBinding []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_member.json
+var googleIapWebForwardingRuleServiceIamMember []byte
+
+//go:embed mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_policy.json
+var googleIapWebForwardingRuleServiceIamPolicy []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_code_repository_index.json
+var googleGeminiCodeRepositoryIndex []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting.json
+var googleGeminiCodeToolsSetting []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting_binding.json
+var googleGeminiCodeToolsSettingBinding []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting.json
+var googleGeminiDataSharingWithGoogleSetting []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting_binding.json
+var googleGeminiDataSharingWithGoogleSettingBinding []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting.json
+var googleGeminiGeminiGcpEnablementSetting []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting_binding.json
+var googleGeminiGeminiGcpEnablementSettingBinding []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_logging_setting.json
+var googleGeminiLoggingSetting []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_logging_setting_binding.json
+var googleGeminiLoggingSettingBinding []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting.json
+var googleGeminiReleaseChannelSetting []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting_binding.json
+var googleGeminiReleaseChannelSettingBinding []byte
+
+//go:embed mapping/google/resource/cloudaicompanion/google_gemini_repository_group.json
+var googleGeminiRepositoryGroup []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_cache_config.json
+var googleVertexAiCacheConfig []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_deployment_resource_pool.json
+var googleVertexAiDeploymentResourcePool []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_rag_engine_config.json
+var googleVertexAiRagEngineConfig []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_reasoning_engine.json
+var googleVertexAiReasoningEngine []byte
+
+//go:embed mapping/google/resource/vpcaccess/google_vpc_access_connector.json
+var googleVpcAccessConnector []byte
+
+//go:embed mapping/google/resource/notebooks/google_workbench_instance.json
+var googleWorkbenchInstance []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_endpoint_with_model_garden_deployment.json
+var googleVertexAiEndpointWithModelGardenDeployment []byte
+
+//go:embed mapping/google/resource/aiplatform/google_vertex_ai_index_endpoint_deployed_index.json
+var googleVertexAiIndexEndpointDeployedIndex []byte
diff --git a/src/files_gcp_datasource.go b/src/files_gcp_datasource.go
index 2c09c66e..fdd48fc0 100644
--- a/src/files_gcp_datasource.go
+++ b/src/files_gcp_datasource.go
@@ -445,10 +445,10 @@ var dataGoogleIapAppEngineVersionIamPolicy []byte
 //go:embed mapping/google/data/iap/google_iap_app_engine_service_iam_policy.json
 var dataGoogleIapAppEngineServiceIamPolicy []byte
 
-//go:embed mapping/google/data/iam/google_iam_workload_identity_pool_provider.json
+//go:embed mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool_provider.json
 var dataGoogleIamWorkloadIdentityPoolProvider []byte
 
-//go:embed mapping/google/data/iam/google_iam_workload_identity_pool.json
+//go:embed mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool.json
 var dataGoogleIamWorkloadIdentityPool []byte
 
 //go:embed mapping/google/data/dataplex/google_dataplex_asset_iam_policy.json
@@ -567,3 +567,432 @@ var dataGoogleDataformRepositoryIamPolicy []byte
 
 //go:embed mapping/google/data/servicemanagement/google_endpoints_service_iam_policy.json
 var dataGoogleEndpointsServiceIamPolicy []byte
+
+//go:embed mapping/google/data/secretmanager/google_secret_manager_regional_secret.json
+var dataGoogleSecretManagerRegionalSecret []byte
+
+//go:embed mapping/google/data/secretmanager/google_secret_manager_regional_secret_iam_policy.json
+var dataGoogleSecretManagerRegionalSecretIamPolicy []byte
+
+//go:embed mapping/google/data/secretmanager/google_secret_manager_regional_secret_version.json
+var dataGoogleSecretManagerRegionalSecretVersion []byte
+
+//go:embed mapping/google/data/secretmanager/google_secret_manager_regional_secret_version_access.json
+var dataGoogleSecretManagerRegionalSecretVersionAccess []byte
+
+//go:embed mapping/google/data/secretmanager/google_secret_manager_secrets.json
+var dataGoogleSecretManagerRegionalSecrets []byte
+
+//go:embed mapping/google/data/iam/google_service_accounts.json
+var dataGoogleServiceAccounts []byte
+
+//go:embed mapping/google/data/spanner/google_spanner_database.json
+var dataGoogleSpannerDatabase []byte
+
+//go:embed mapping/google/data/storage/google_storage_bucket_objects.json
+var dataGoogleStorageBucketObjects []byte
+
+//go:embed mapping/google/data/storage/google_storage_buckets.json
+var dataGoogleStorageBuckets []byte
+
+//go:embed mapping/google/data/privateca/google_privateca_ca_pool_iam_policy.json
+var dataGooglePrivatecaCaPoolIamPolicy []byte
+
+//go:embed mapping/google/data/privateca/google_privateca_certificate_authority.json
+var dataGooglePrivatecaCertificateAuthority []byte
+
+//go:embed mapping/google/data/privateca/google_privateca_certificate_template_iam_policy.json
+var dataGooglePrivatecaCertificateTemplateIamPolicy []byte
+
+//go:embed mapping/google/data/iam/google_project_iam_custom_role.json
+var dataGoogleProjectIamCustomRole []byte
+
+//go:embed mapping/google/data/iam/google_project_iam_custom_roles.json
+var dataGoogleProjectIamCustomRoles []byte
+
+//go:embed mapping/google/data/privilegedaccessmanager/google_privileged_access_manager_entitlement.json
+var dataGooglePrivilegedAccessManagerEntitlement []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_docker_image.json
+var dataGoogleArtifactRegistryDockerImage []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_locations.json
+var dataGoogleArtifactRegistryLocations []byte
+
+//go:embed mapping/google/data/certificatemanager/google_certificate_manager_certificates.json
+var dataGoogleCertificateManagerCertificates []byte
+
+//go:embed mapping/google/data/composer/google_composer_user_workloads_config_map.json
+var dataGoogleComposerUserWorkloadsConfigMap []byte
+
+//go:embed mapping/google/data/composer/google_composer_user_workloads_secret.json
+var dataGoogleComposerUserWorkloadsSecret []byte
+
+//go:embed mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json
+var dataGoogleIamWorkloadIdentityPoolIamPolicy []byte
+
+//go:embed mapping/google/data/cloudkms/google_kms_key_handle.json
+var dataGoogleKmsKeyHandle []byte
+
+//go:embed mapping/google/data/cloudkms/google_kms_key_handles.json
+var dataGoogleKmsKeyHandles []byte
+
+//go:embed mapping/google/data/cloudkms/google_kms_key_rings.json
+var dataGoogleKmsKeyRings []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_parameter.json
+var dataGoogleParameterManagerParameter []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_parameter_version.json
+var dataGoogleParameterManagerParameterVersion []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_parameter_version_render.json
+var dataGoogleParameterManagerParameterVersionRender []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_parameters.json
+var dataGoogleParameterManagerParameters []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_regional_parameter.json
+var dataGoogleParameterManagerRegionalParameter []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version.json
+var dataGoogleParameterManagerRegionalParameterVersion []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version_render.json
+var dataGoogleParameterManagerRegionalParameterVersionRender []byte
+
+//go:embed mapping/google/data/parametermanager/google_parameter_manager_regional_parameters.json
+var dataGoogleParameterManagerRegionalParameters []byte
+
+//go:embed mapping/google/data/cloudkms/google_kms_ekm_connection_iam_policy.json
+var dataGoogleEkmConnectionIamPolicy []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_autonomous_database.json
+var dataGoogleOracleDatabaseAutonomousDatabase []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_autonomous_databases.json
+var dataGoogleOracleDatabaseAutonomousDatabases []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructure.json
+var dataGoogleOracleDatabaseCloudExadataInfrastructure []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructures.json
+var dataGoogleOracleDatabaseCloudExadataInfrastructures []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_cluster.json
+var dataGoogleOracleDatabaseCloudVMCluster []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_clusters.json
+var dataGoogleOracleDatabaseCloudVMClusters []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_db_nodes.json
+var dataGoogleOracleDatabaseDBNodes []byte
+
+//go:embed mapping/google/data/oracledatabase/google_oracle_database_db_servers.json
+var dataGoogleOracleDatabaseDBServers []byte
+
+//go:embed mapping/google/data/compute/google_compute_forwarding_rules.json
+var dataGoogleComputeForwardingRules []byte
+
+//go:embed mapping/google/data/compute/google_compute_images.json
+var dataGoogleComputeImages []byte
+
+//go:embed mapping/google/data/compute/google_compute_instance_guest_attributes.json
+var dataGoogleComputeInstanceGuestAttributes []byte
+
+//go:embed mapping/google/data/compute/google_compute_instance_template_iam_policy.json
+var dataGoogleComputeInstanceTemplateIamPolicy []byte
+
+//go:embed mapping/google/data/compute/google_compute_instant_snapshot_iam_policy.json
+var dataGoogleComputeInstantSnapshotIamPolicy []byte
+
+//go:embed mapping/google/data/compute/google_compute_machine_types.json
+var dataGoogleComputeMachineTypes []byte
+
+//go:embed mapping/google/data/compute/google_compute_region_backend_service.json
+var dataGoogleComputeRegionBackendService []byte
+
+//go:embed mapping/google/data/compute/google_compute_region_instance_group_manager.json
+var dataGoogleComputeRegionInstanceGroupManager []byte
+
+//go:embed mapping/google/data/compute/google_compute_security_policy.json
+var dataGoogleComputeSecurityPolicy []byte
+
+//go:embed mapping/google/data/compute/google_compute_storage_pool_iam_policy.json
+var dataGoogleComputeStoragePoolIamPolicy []byte
+
+//go:embed mapping/google/data/compute/google_compute_storage_pool_types.json
+var dataGoogleComputeStoragePoolTypes []byte
+
+//go:embed mapping/google/data/compute/google_compute_subnetworks.json
+var dataGoogleComputeSubnetworks []byte
+
+//go:embed mapping/google/data/alloydb/google_alloydb_cluster.json
+var dataGoogleAlloydbCluster []byte
+
+//go:embed mapping/google/data/alloydb/google_alloydb_instance.json
+var dataGoogleAlloydbInstance []byte
+
+//go:embed mapping/google/data/apphub/google_apphub_application.json
+var dataGoogleApphubApplication []byte
+
+//go:embed mapping/google/data/apphub/google_apphub_discovered_service.json
+var dataGoogleApphubDiscoveredService []byte
+
+//go:embed mapping/google/data/apphub/google_apphub_discovered_workload.json
+var dataGoogleApphubDiscoveredWorkload []byte
+
+//go:embed mapping/google/data/backupdr/google_backup_dr_backup.json
+var dataGoogleBackupDrBackup []byte
+
+//go:embed mapping/google/data/backupdr/google_backup_dr_backup_plan_association.json
+var dataGoogleBackupDrPlanAssociation []byte
+
+//go:embed mapping/google/data/backupdr/google_backup_dr_backup_vault.json
+var dataGoogleBackupDrBackupVault []byte
+
+//go:embed mapping/google/data/backupdr/google_backup_dr_data_source.json
+var dataGoogleBackupDrDataSource []byte
+
+//go:embed mapping/google/data/beyondcorp/google_beyondcorp_application_iam_policy.json
+var dataGoogleBeyondcorpApplicationIamPolicy []byte
+
+//go:embed mapping/google/data/beyondcorp/google_beyondcorp_security_gateway.json
+var dataGoogleBeyondcorpSecurityGateway []byte
+
+//go:embed mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json
+var dataGoogleBeyondcorpSecurityGatewayApplicationIamPolicy []byte
+
+//go:embed mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json
+var dataGoogleBeyondcorpSecurityGatewayIamPolicy []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_v2_worker_pool.json
+var dataGoogleCloudRunV2WorkerPool []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_v2_worker_pool_iam_policy.json
+var dataGoogleCloudRunWorkerPoolIamPolicy []byte
+
+//go:embed mapping/google/data/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json
+var dataGoogleClouddeployCustomTargetTypeIamPolicy []byte
+
+//go:embed mapping/google/data/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json
+var dataGoogleClouddeployDeliveryPipelineIamPolicy []byte
+
+//go:embed mapping/google/data/clouddeploy/google_clouddeploy_target_iam_policy.json
+var dataGoogleClouddeployTargetIamPolicy []byte
+
+//go:embed mapping/google/data/aiplatform/google_colab_runtime_template_iam_policy.json
+var dataGoogleColabRuntimeTemplateIamPolicy []byte
+
+//go:embed mapping/google/data/gkemulticloud/google_container_attached_install_manifest.json
+var dataGoogleContainerAttachedInstallManifest []byte
+
+//go:embed mapping/google/data/gkemulticloud/google_container_aws_versions.json
+var dataGoogleContainerAwsVersions []byte
+
+//go:embed mapping/google/data/gkemulticloud/google_container_azure_versions.json
+var dataGoogleContainerAzureVersions []byte
+
+//go:embed mapping/google/data/dataplex/google_dataplex_aspect_type_iam_policy.json
+var dataGoogleDataplexAspectTypeIamPolicy []byte
+
+//go:embed mapping/google/data/dataplex/google_dataplex_entry_group_iam_policy.json
+var dataGoogleDataplexEntryGroupIamPolicy []byte
+
+//go:embed mapping/google/data/dataplex/google_dataplex_entry_type_iam_policy.json
+var dataGoogleDataplexEntryTypeIamPolicy []byte
+
+//go:embed mapping/google/data/dataplex/google_dataplex_glossary_iam_policy.json
+var dataGoogleDataplexGlossaryIamPolicy []byte
+
+//go:embed mapping/google/data/metastore/google_dataproc_metastore_database_iam_policy.json
+var dataGoogleDataprocMetastoreDatabaseIamPolicy []byte
+
+//go:embed mapping/google/data/metastore/google_dataproc_metastore_table_iam_policy.json
+var dataGoogleDataprocMetastoreTableIamPolicy []byte
+
+//go:embed mapping/google/data/resourcemanager/google_folder.json
+var dataGoogleFolder []byte
+
+//go:embed mapping/google/data/resourcemanager/google_folder_iam_policy.json
+var dataGoogleFolderIamPolicy []byte
+
+//go:embed mapping/google/data/resourcemanager/google_folders.json
+var dataGoogleFolders []byte
+
+//go:embed mapping/google/data/cloudaicompanion/google_gemini_repository_group_iam_policy.json
+var dataGoogleGeminiRepositoryGroupIamPolicy []byte
+
+//go:embed mapping/google/data/gkehub/google_gke_hub_feature.json
+var dataGoogleGkeHubFeature []byte
+
+//go:embed mapping/google/data/gkehub/google_gke_hub_membership.json
+var dataGoogleGkeHubMembership []byte
+
+//go:embed mapping/google/data/iap/google_iap_tunnel_dest_group_iam_policy.json
+var dataGoogleIapTunnelDestGroupIamPolicy []byte
+
+//go:embed mapping/google/data/iap/google_iap_web_cloud_run_service_iam_policy.json
+var dataGoogleIapWebCloudRunServiceIamPolicy []byte
+
+//go:embed mapping/google/data/lustre/google_lustre_instance.json
+var dataGoogleLustreInstance []byte
+
+//go:embed mapping/google/data/memcache/google_memcache_instance.json
+var dataGoogleMemcacheInstance []byte
+
+//go:embed mapping/google/data/memorystore/google_memorystore_instance.json
+var dataGoogleMemorystoreInstance []byte
+
+//go:embed mapping/google/data/orgpolicy/google_project_organization_policy.json
+var dataGoogleProjectOrganizationPolicy []byte
+
+//go:embed mapping/google/data/resourcemanager/google_organization_iam_policy.json
+var dataGoogleOrganizationIamPolicy []byte
+
+//go:embed mapping/google/data/resourcemanager/google_project_iam_policy.json
+var dataGoogleProjectIamPolicy []byte
+
+//go:embed mapping/google/data/runtimeconfig/google_runtimeconfig_config_iam_policy.json
+var dataGoogleRuntimeconfigConfigIamPolicy []byte
+
+//go:embed mapping/google/data/securitycenter/google_scc_source_iam_policy.json
+var dataGoogleSccSourceIamPolicy []byte
+
+//go:embed mapping/google/data/securitycenter/google_scc_v2_organization_source_iam_policy.json
+var dataGoogleSccV2OrganizationSourceIamPolicy []byte
+
+//go:embed mapping/google/data/securesourcemanager/google_secure_source_manager_instance_iam_policy.json
+var dataGoogleSecureSourceManagerInstanceIamPolicy []byte
+
+//go:embed mapping/google/data/securesourcemanager/google_secure_source_manager_repository_iam_policy.json
+var dataGoogleSecureSourceManagerRepositoryIamPolicy []byte
+
+//go:embed mapping/google/data/resourcemanager/google_tags_tag_key_iam_policy.json
+var dataGoogleTagsTagKeyIamPolicy []byte
+
+//go:embed mapping/google/data/aiplatform/google_vertex_ai_feature_group_iam_policy.json
+var dataGoogleVertexAiFeatureGroupIamPolicy []byte
+
+//go:embed mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json
+var dataGoogleVertexAiFeatureOnlineStoreFeatureviewIamPolicy []byte
+
+//go:embed mapping/google/data/tags/google_tags_tag_value_iam_policy.json
+var dataGoogleTagsTagValueIamPolicy []byte
+
+//go:embed mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json
+var dataGoogleVertexAiFeatureOnlineStoreIamPolicy []byte
+
+//go:embed mapping/google/data/resourcemanager/google_tags_tag_keys.json
+var dataGoogleTagsTagKeys []byte
+
+//go:embed mapping/google/data/resourcemanager/google_tags_tag_value.json
+var dataGoogleTagsTagValue []byte
+
+//go:embed mapping/google/data/resourcemanager/google_tags_tag_values.json
+var dataGoogleTagsTagValues []byte
+
+//go:embed mapping/google/data/storage/google_storage_control_folder_intelligence_config.json
+var dataGoogleStorageControlFolderIntelligenceConfig []byte
+
+//go:embed mapping/google/data/storage/google_storage_control_organization_intelligence_config.json
+var dataGoogleStorageControlOrganizationIntelligenceConfig []byte
+
+//go:embed mapping/google/data/storage/google_storage_control_project_intelligence_config.json
+var dataGoogleStorageControlProjectIntelligenceConfig []byte
+
+//go:embed mapping/google/resource/runtimeconfig/google_runtimeconfig_config.json
+var dataGoogleRuntimeconfigConfig []byte
+
+//go:embed mapping/google/resource/runtimeconfig/google_runtimeconfig_variable.json
+var dataGoogleRuntimeconfigVariable []byte
+
+//go:embed mapping/google/data/redis/google_redis_cluster.json
+var dataGoogleRedisCluster []byte
+
+//go:embed mapping/google/data/resourcemanager/google_project_ancestry.json
+var dataGoogleProjectAncestry []byte
+
+//go:embed mapping/google/data/dns/google_dns_managed_zones.json
+var dataGoogleDNSManagedZones []byte
+
+//go:embed mapping/google/data/accesscontextmanager/google_access_context_manager_access_policy.json
+var dataGoogleAccessContextManagerAccessPolicy []byte
+
+//go:embed mapping/google/data/dataplex/google_dataplex_data_quality_rules.json
+var dataGoogleDataplexDataQualityRules []byte
+
+//go:embed mapping/google/data/iam/google_organization_iam_custom_role.json
+var dataGoogleOrganizationIamCustomRole []byte
+
+//go:embed mapping/google/data/iam/google_organization_iam_custom_roles.json
+var dataGoogleOrganizationIamCustomRoles []byte
+
+//go:embed mapping/google/data/compute/google_compute_network_attachment.json
+var dataGoogleComputeNetworkAttachment []byte
+
+//go:embed mapping/google/data/storageinsights/google_storage_insights_dataset_config.json
+var dataGoogleStorageInsightsDatasetConfig []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_docker_images.json
+var dataGoogleArtifactRegistryDockerImages []byte
+
+//go:embed mapping/google/data/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json
+var dataGoogleIamWorkforcePoolIamPolicy []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_repositories.json
+var dataGoogleArtifactRegistryRepositories []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_version.json
+var dataGoogleArtifactRegistryVersion []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_versions.json
+var dataGoogleArtifactRegistryVersions []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_npm_package.json
+var dataGoogleArtifactRegistryNpmPackage []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_tags.json
+var dataGoogleArtifactRegistryTags []byte
+
+//go:embed mapping/google/data/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json
+var dataGoogleIapWebRegionForwardingRuleServiceIamPolicy []byte
+
+//go:embed mapping/google/data/certificatemanager/google_certificate_manager_dns_authorization.json
+var dataGoogleCertificateManagerDnsAuthorization []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_python_package.json
+var dataGoogleArtifactRegistryPythonPackage []byte
+
+//go:embed mapping/google/data/backupdr/google_backup_dr_backup_plan_associations.json
+var dataGoogleBackupDrPlanAssociations []byte
+
+//go:embed mapping/google/data/backupdr/google_backup_dr_data_source_reference.json
+var dataGoogleBackupDrDataSourceReference []byte
+
+//go:embed mapping/google/data/backupdr/google_backup_dr_data_source_references.json
+var dataGoogleBackupDrDataSourceReferences []byte
+
+//go:embed mapping/google/data/bigquery/google_bigquery_datapolicyv2_data_policy_iam_policy.json
+var dataGoogleBigqueryDatapolicyv2DataPolicyIamPolicy []byte
+
+//go:embed mapping/google/data/iap/google_iap_web_forwarding_rule_service_iam_policy.json
+var dataGoogleIapForwardingRuleServiceIamPolicy []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_maven_artifact.json
+var dataGoogleArtifactRegistryMavenArtifact []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_maven_artifacts.json
+var dataGoogleArtifactRegistryMavenArtifacts []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_npm_packages.json
+var dataGoogleArtifactRegistryNpmPackages []byte
+
+//go:embed mapping/google/data/compute/google_compute_interconnect_location.json
+var dataGoogleComputeInterconnectLocation []byte
+
+//go:embed mapping/google/data/compute/google_compute_interconnect_locations.json
+var dataGoogleComputeInterconnectLocations []byte
+
+//go:embed mapping/google/data/artifactregistry/google_artifact_registry_packages.json
+var dataGoogleArtifactRegistryPackages []byte
diff --git a/src/gcp.go b/src/gcp.go
index c6e69720..4193c863 100644
--- a/src/gcp.go
+++ b/src/gcp.go
@@ -20,7 +20,7 @@ func (m invalidPermissionMapError) Error() string {
 
 // getGCPPermissions for GCP resources.
 func getGCPPermissions(result ResourceV2) ([]string, error) {
-	if result.TypeName == resource {
+	if result.TypeName == resource || result.TypeName == "terraform" {
 		return getGCPResourcePermissions(result)
 	}
 
@@ -51,198 +51,794 @@ func GCPLookup(result string) interface{} {
 }
 
 var gCPTfLookup = map[string]interface{}{
-	"google_access_context_manager_access_level":              googleAccessContextManagerAccessLevel,
-	"google_access_context_manager_access_levels":             googleAccessContextManagerAccessLevels,
-	"google_access_context_manager_access_policy":             googleAccessContextManagerAccessPolicy,
-	"google_access_context_manager_access_policy_iam_binding": googleAccessContextManagerAccessPolicyIam,
-	"google_access_context_manager_access_policy_iam_member":  googleAccessContextManagerAccessPolicyIam,
-	"google_access_context_manager_access_policy_iam_policy":  googleAccessContextManagerAccessPolicyIam,
-	"google_access_context_manager_authorized_orgs_desc":      googleAccessContextManagerAuthorizedOrgsDesc,
-	"google_access_context_manager_gcp_user_access_binding":   googleAccessContextManagerGcpUserAccessBinding,
-	"google_access_context_manager_service_perimeter":         googleAccessContextManagerServicePerimeter,
-	"google_access_context_manager_service_perimeters":        googleAccessContextManagerServicePerimeters,
-	"google_alloydb_backup":                                   googleAlloydbBackup,
-	"google_alloydb_cluster":                                  googleAlloydbCluster,
-	"google_alloydb_instance":                                 googleAlloydbInstance,
-	"google_alloydb_user":                                     googleAlloydbUser,
-	"google_api_gateway_api":                                  googleAPIGatewayAPI,
-	"google_api_gateway_api_config":                           googleAPIGatewayAPIConfig,
-	"google_api_gateway_api_config_iam_binding":               googleAPIGatewayAPIConfigIam,
-	"google_api_gateway_api_config_iam_member":                googleAPIGatewayAPIConfigIam,
-	"google_api_gateway_api_config_iam_policy":                googleAPIGatewayAPIConfigIam,
-	"google_api_gateway_api_iam_binding":                      googleAPIGatewayAPIIam,
-	"google_api_gateway_api_iam_member":                       googleAPIGatewayAPIIam,
-	"google_api_gateway_api_iam_policy":                       googleAPIGatewayAPIIam,
-	"google_api_gateway_gateway":                              googleAPIGatewayGateway,
-	"google_api_gateway_gateway_iam_binding":                  googleAPIGatewayGatewayIam,
-	"google_api_gateway_gateway_iam_member":                   googleAPIGatewayGatewayIam,
-	"google_api_gateway_gateway_iam_policy":                   googleAPIGatewayGatewayIam,
-	"google_artifact_registry_repository":                     googleArtifactRegistryRepository,
-	"google_artifact_registry_repository_iam_binding":         googleArtifactRegistryRepositoryIamBinding,
-	"google_artifact_registry_repository_iam_member":          googleArtifactRegistryRepositoryIamMember,
-	"google_artifact_registry_repository_iam_policy":          googleArtifactRegistryRepositoryIamPolicy,
-	"google_bigquery_dataset":                                 googleBigqueryDataset,
-	"google_bigquery_job":                                     googleBigqueryJob,
-	"google_bigquery_table":                                   placeholder,
-	"google_bigtable_app_profile":                             googleBigtableAppProfile,
-	"google_bigtable_gc_policy":                               googleBigtableGcPolicy,
-	"google_bigtable_instance":                                googleBigtableInstance,
-	"google_bigtable_instance_iam_binding":                    googleBigTableInstanceIam,
-	"google_bigtable_instance_iam_member":                     googleBigTableInstanceIam,
-	"google_bigtable_instance_iam_policy":                     googleBigTableInstanceIam,
-	"google_bigtable_table":                                   googleBigtableTable,
-	"google_bigtable_table_iam_binding":                       googleBigTableTableIam,
-	"google_bigtable_table_iam_member":                        googleBigTableTableIam,
-	"google_bigtable_table_iam_policy":                        googleBigTableTableIam,
-	"google_cloud_run_v2_job":                                 googleCloudRunV2Job,
-	"google_cloud_run_v2_job_iam_binding":                     googleCloudRunV2JobIam,
-	"google_cloud_run_v2_job_iam_member":                      googleCloudRunV2JobIam,
-	"google_cloud_run_v2_job_iam_policy":                      googleCloudRunV2JobIam,
-	"google_cloud_run_v2_service":                             googleCloudRunV2Service,
-	"google_cloud_run_v2_service_iam_binding":                 googleCloudRunV2ServiceIam,
-	"google_cloud_run_v2_service_iam_member":                  googleCloudRunV2ServiceIam,
-	"google_cloud_run_v2_service_iam_policy":                  googleCloudRunV2ServiceIam,
-	"google_cloud_scheduler_job":                              googleCloudSchedulerJob,
-	"google_cloudbuild_trigger":                               googleCloudbuildTrigger,
-	"google_cloudfunctions_function":                          googleCloudfunctionsFunction,
-	"google_cloudfunctions_function_iam_member":               googleCloudfunctionsFunctionIamPolicy,
-	"google_cloudfunctions_function_iam_policy":               googleCloudfunctionsFunctionIamPolicy,
-	"google_compute_address":                                  googleComputeAddress,
-	"google_compute_firewall":                                 googleComputeFirewall,
-	"google_compute_global_address":                           googleComputeGlobalAddress,
-	"google_compute_instance":                                 googleComputeInstance,
-	"google_compute_instance_template":                        googleComputeInstanceTemplate,
-	"google_compute_network":                                  googleComputeNetwork,
-	"google_compute_project_metadata_item":                    googleComputeProjectMetadataItem,
-	"google_compute_region_ssl_certificate":                   googleComputeRegionSslCertificate,
-	"google_compute_security_policy":                          googleComputeSecurityPolicy,
-	"google_compute_subnetwork":                               googleComputeSubnetwork,
-	"google_container_cluster":                                googleContainerCluster,
-	"google_container_node_pool":                              googleContainerNodePool,
-	"google_dns_managed_zone":                                 googleDnsmanagedZone,
-	"google_dns_policy":                                       googleDNSPolicy,
-	"google_dns_record_set":                                   googleDNSRecordSet,
-	"google_firebase_android_app":                             googleFirebaseAndroidApp,
-	"google_firebase_apple_app":                               googleFirebaseAppleApp,
-	"google_firebase_database_instance":                       googleFirebaseDatabaseInstance,
-	"google_firebase_hosting_channel":                         googleFirebaseHostingSite,
-	"google_firebase_hosting_custom_domain":                   googleFirebaseHostingSite,
-	"google_firebase_hosting_release":                         googleFirebaseHostingSite,
-	"google_firebase_hosting_site":                            googleFirebaseHostingSite,
-	"google_firebase_hosting_version":                         googleFirebaseHostingSite,
-	"google_firebase_project":                                 googleFirebaseProject,
-	"google_firebase_storage_bucket":                          googleFirebaseStorageBucket,
-	"google_firebase_web_app":                                 googleFirebaseWebApp,
-	"google_firebaserules_release":                            googleFirebaserulesRelease,
-	"google_firebaserules_ruleset":                            googleFirebaserulesRuleset,
-	"google_kms_crypto_key":                                   googleKmsCryptoKey,
-	"google_kms_crypto_key_iam_binding":                       googlekmsCryptoKeyIamBinding,
-	"google_kms_crypto_key_iam_member":                        googlekmsCryptoKeyIamMember,
-	"google_kms_crypto_key_iam_policy":                        googlekmsCryptoKeyIamPolicy,
-	"google_kms_key_ring":                                     googleKmsKeyRing,
-	"google_project_iam_binding":                              googleProjectIamBinding,
-	"google_project_iam_custom_role":                          googleProjectIamCustomRole,
-	"google_project_iam_member":                               googleProjectIamBinding,
-	"google_project_service":                                  googleProjectService,
-	"google_project_service_identity":                         placeholder,
-	"google_pubsub_lite_reservation":                          googlePubsubLiteReservation,
-	"google_pubsub_lite_subscription":                         googlePubsubLiteSubscription,
-	"google_pubsub_lite_topic":                                googlePubsubLiteTopic,
-	"google_pubsub_schema":                                    googlePubsubSchema,
-	"google_pubsub_subscription":                              googlePubsubSubscription,
-	"google_pubsub_topic":                                     googlePubsubTopic,
-	"google_pubsub_topic_iam_binding":                         googlePubsubTopicIam,
-	"google_pubsub_topic_iam_member":                          googlePubsubTopicIam,
-	"google_pubsub_topic_iam_policy":                          googlePubsubTopicIam,
-	"google_redis_instance":                                   googleRedisInstance,
-	"google_secret_manager_secret":                            googleSecretManagerSecret,
-	"google_secret_manager_secret_iam_binding":                googleSecretManagerSecretIam,
-	"google_secret_manager_secret_iam_member":                 googleSecretManagerSecretIam,
-	"google_secret_manager_secret_iam_policy":                 googleSecretManagerSecretIam,
-	"google_secret_manager_secret_version":                    googleSecretManagerSecretVersion,
-	"google_service_account":                                  googleServiceAccount,
-	"google_service_account_iam_binding":                      googleServiceAccountIamBinding,
-	"google_service_account_iam_member":                       googleServiceAccountIamMember,
-	"google_service_account_iam_policy":                       googleServiceAccountIamPolicy,
-	"google_service_account_key":                              googleServiceAccountKey,
-	"google_service_directory_endpoint":                       googleServiceDirectoryEndpoint,
-	"google_service_directory_namespace":                      googleServiceDirectoryNamespace,
-	"google_service_directory_namespace_iam_binding":          googleServiceDirectoryNamespaceIamBinding,
-	"google_service_directory_namespace_iam_member":           googleServiceDirectoryNamespaceIamMember,
-	"google_service_directory_namespace_iam_policy":           googleServiceDirectoryNamespaceIamPolicy,
-	"google_service_directory_service":                        googleServiceDirectoryService,
-	"google_service_directory_service_iam_binding":            googleServiceDirectoryServiceIamBinding,
-	"google_service_directory_service_iam_member":             googleServiceDirectoryServiceIamMember,
-	"google_service_directory_service_iam_policy":             googleServiceDirectoryServiceIamPolicy,
-	"google_service_networking_connection":                    googleServiceNetworkingConnection,
-	"google_sourcerepo_repository":                            googleSourcerepoRepository,
-	"google_spanner_database":                                 googleSpannerDatabase,
-	"google_spanner_database_iam_binding":                     googleSpannerDatabaseIam,
-	"google_spanner_database_iam_member":                      googleSpannerDatabaseIam,
-	"google_spanner_database_iam_policy":                      googleSpannerDatabaseIam,
-	"google_spanner_instance":                                 googleSpannerInstance,
-	"google_spanner_instance_iam_binding":                     googleSpannerInstanceIam,
-	"google_spanner_instance_iam_member":                      googleSpannerInstanceIam,
-	"google_spanner_instance_iam_policy":                      googleSpannerInstanceIam,
-	"google_sql_database":                                     googleSQLDatabase,
-	"google_sql_database_instance":                            googleSQLDatabaseInstance,
-	"google_sql_user":                                         googleSQLUser,
-	"google_storage_bucket":                                   googleStorageBucket,
-	"google_storage_bucket_access_control":                    googleStorageBucketAccessControl,
-	"google_storage_bucket_acl":                               googleStorageBucketACL,
-	"google_storage_bucket_iam_binding":                       googleStorageBucketIamBinding,
-	"google_storage_bucket_iam_member":                        googleStorageBucketIamMember,
-	"google_storage_bucket_iam_policy":                        googleStorageBucketIamPolicy,
-	"google_storage_bucket_object":                            googleStorageBucketObject,
-	"google_storage_default_object_access_control":            googleStorageDefaultObjectAccessControl,
-	"google_storage_default_object_acl":                       googleStorageDefaultObjectACL,
-	"google_storage_hmac_key":                                 googleStorageHmacKey,
-	"google_storage_insights_report_config":                   googleStorageInsightsReportConfig,
-	"google_storage_object_access_control":                    googleStorageObjectAccessControl,
-	"google_vertex_ai_dataset":                                googleVertexAiDataset,
-	"google_vertex_ai_endpoint":                               googleVertexAiEndpoint,
-	"google_vertex_ai_endpoint_iam_binding":                   googleVertexAiEndpointIam,
-	"google_vertex_ai_endpoint_iam_member":                    googleVertexAiEndpointIam,
-	"google_vertex_ai_endpoint_iam_policy":                    googleVertexAiEndpointIam,
-	"google_vertex_ai_feature_group":                          googleVertexAiFeatureGroup,
-	"google_vertex_ai_feature_group_feature":                  googleVertexAiFeatureGroupFeature,
-	"google_vertex_ai_feature_online_store":                   googleVertexAiFeatureOnlineStore,
-	"google_vertex_ai_feature_online_store_featureview":       googleVertexAiFeatureOnlineStoreFeatureview,
-	"google_vertex_ai_featurestore":                           googleVertexAiFeaturestore,
-	"google_vertex_ai_featurestore_entitytype":                googleVertexAiFeaturestoreEntitytype,
-	"google_vertex_ai_featurestore_entitytype_feature":        googleVertexAiFeaturestoreEntitytypeFeature,
-	"google_vertex_ai_featurestore_entitytype_iam_binding":    googleVertexAiFeaturestoreEntitytypeIam,
-	"google_vertex_ai_featurestore_entitytype_iam_member":     googleVertexAiFeaturestoreEntitytypeIam,
-	"google_vertex_ai_featurestore_entitytype_iam_policy":     googleVertexAiFeaturestoreEntitytypeIam,
-	"google_vertex_ai_featurestore_iam_binding":               googleVertexAiFeaturestoreIam,
-	"google_vertex_ai_featurestore_iam_member":                googleVertexAiFeaturestoreIam,
-	"google_vertex_ai_featurestore_iam_policy":                googleVertexAiFeaturestoreIam,
-	"google_vertex_ai_index":                                  googleVertexAiIndex,
-	"google_vertex_ai_index_endpoint":                         googleVertexAiIndexEndpoint,
-	"google_vertex_ai_metadata_store":                         googleVertexAiMetadataStore,
-	"google_vertex_ai_tensorboard":                            googleVertexAiTensorboard,
-	"google_bigquery_analytics_hub_data_exchange":             googleBigqueryAnalyticsHubDataExchange,
-	"google_bigquery_analytics_hub_data_exchange_iam_binding": googleBigqueryAnalyticsHubDataExchangeIam,
-	"google_bigquery_analytics_hub_data_exchange_iam_member":  googleBigqueryAnalyticsHubDataExchangeIam,
-	"google_bigquery_analytics_hub_data_exchange_iam_policy":  googleBigqueryAnalyticsHubDataExchangeIam,
-	"google_bigquery_analytics_hub_listing":                   googleBigqueryAnalyticsHubListing,
-	"google_bigquery_analytics_hub_listing_iam_binding":       googleBigqueryAnalyticsHubListingIam,
-	"google_bigquery_analytics_hub_listing_iam_member":        googleBigqueryAnalyticsHubListingIam,
-	"google_bigquery_analytics_hub_listing_iam_policy":        googleBigqueryAnalyticsHubListingIam,
-	"google_bigquery_bi_reservation":                          googleBigqueryBiReservation,
-	"google_bigquery_capacity_commitment":                     googleBigqueryCapacityCommitment,
-	"google_bigquery_connection":                              googleBigqueryConnection,
-	"google_bigquery_connection_iam_binding":                  googleBigqueryConnectionIam,
-	"google_bigquery_connection_iam_member":                   googleBigqueryConnectionIam,
-	"google_bigquery_connection_iam_policy":                   googleBigqueryConnectionIam,
-	"google_bigquery_data_transfer_config":                    googleBigqueryDataTransferConfig,
-	"google_bigquery_dataset_iam_binding":                     googleBigqueryDatasetIam,
-	"google_bigquery_dataset_iam_member":                      googleBigqueryDatasetIam,
-	"google_bigquery_dataset_iam_policy":                      googleBigqueryDatasetIam,
-	"google_bigquery_reservation":                             googleBigqueryReservation,
-	"google_bigquery_reservation_assignment":                  googleBigqueryReservationAssignment,
-	"google_bigquery_routine":                                 googleBigqueryRoutine,
-	"google_bigquery_table_iam_binding":                       googleBigqueryTableIam,
-	"google_bigquery_table_iam_member":                        googleBigqueryTableIam,
-	"google_bigquery_table_iam_policy":                        googleBigqueryTableIam,
+	"backend": gcsBackend,
+
+	"google_access_context_manager_access_level":                    googleAccessContextManagerAccessLevel,
+	"google_access_context_manager_access_levels":                   googleAccessContextManagerAccessLevels,
+	"google_access_context_manager_access_policy":                   googleAccessContextManagerAccessPolicy,
+	"google_access_context_manager_access_policy_iam_binding":       googleAccessContextManagerAccessPolicyIam,
+	"google_access_context_manager_access_policy_iam_member":        googleAccessContextManagerAccessPolicyIam,
+	"google_access_context_manager_access_policy_iam_policy":        googleAccessContextManagerAccessPolicyIam,
+	"google_access_context_manager_authorized_orgs_desc":            googleAccessContextManagerAuthorizedOrgsDesc,
+	"google_access_context_manager_gcp_user_access_binding":         googleAccessContextManagerGcpUserAccessBinding,
+	"google_access_context_manager_service_perimeter":               googleAccessContextManagerServicePerimeter,
+	"google_access_context_manager_service_perimeters":              googleAccessContextManagerServicePerimeters,
+	"google_alloydb_backup":                                         googleAlloydbBackup,
+	"google_alloydb_cluster":                                        googleAlloydbCluster,
+	"google_alloydb_instance":                                       googleAlloydbInstance,
+	"google_alloydb_user":                                           googleAlloydbUser,
+	"google_api_gateway_api":                                        googleAPIGatewayAPI,
+	"google_api_gateway_api_config":                                 googleAPIGatewayAPIConfig,
+	"google_api_gateway_api_config_iam_binding":                     googleAPIGatewayAPIConfigIam,
+	"google_api_gateway_api_config_iam_member":                      googleAPIGatewayAPIConfigIam,
+	"google_api_gateway_api_config_iam_policy":                      googleAPIGatewayAPIConfigIam,
+	"google_api_gateway_api_iam_binding":                            googleAPIGatewayAPIIam,
+	"google_api_gateway_api_iam_member":                             googleAPIGatewayAPIIam,
+	"google_api_gateway_api_iam_policy":                             googleAPIGatewayAPIIam,
+	"google_api_gateway_gateway":                                    googleAPIGatewayGateway,
+	"google_api_gateway_gateway_iam_binding":                        googleAPIGatewayGatewayIam,
+	"google_api_gateway_gateway_iam_member":                         googleAPIGatewayGatewayIam,
+	"google_api_gateway_gateway_iam_policy":                         googleAPIGatewayGatewayIam,
+	"google_apigee_environment_iam_binding":                         googleApigeeEnvironmentIamBinding,
+	"google_apigee_environment_iam_member":                          googleApigeeEnvironmentIamMember,
+	"google_apigee_environment_iam_policy":                          googleApigeeEnvironmentIamPolicy,
+	"google_apihub_api_hub_instance":                                googleApihubInstance,
+	"google_apihub_curation":                                        googleApihubCuration,
+	"google_apihub_host_project_registration":                       googleApihubHostProjectRegistration,
+	"google_apihub_plugin":                                          googleApihubPlugin,
+	"google_apihub_plugin_instance":                                 googleApihubPluginInstance,
+	"google_apphub_application":                                     googleApphubApplication,
+	"google_apphub_service":                                         googleApphubService,
+	"google_apphub_service_project_attachment":                      googleApphubServiceProjectAttachment,
+	"google_apphub_workload":                                        googleApphubWorkload,
+	"google_artifact_registry_repository":                           googleArtifactRegistryRepository,
+	"google_artifact_registry_repository_iam_binding":               googleArtifactRegistryRepositoryIamBinding,
+	"google_artifact_registry_repository_iam_member":                googleArtifactRegistryRepositoryIamMember,
+	"google_artifact_registry_repository_iam_policy":                googleArtifactRegistryRepositoryIamPolicy,
+	"google_backup_dr_backup_plan":                                  googleBackupDRBackupPlan,
+	"google_backup_dr_backup_plan_association":                      googleBackupDRBackupPlanAssociation,
+	"google_backup_dr_backup_vault":                                 googleBackupDRBackupVault,
+	"google_backup_dr_management_server":                            googleBackupDRManagementServer,
+	"google_backup_dr_service_config":                               googleBackupDRServiceConfig,
+	"google_beyondcorp_app_connection":                              googleBeyondcorpAppConnection,
+	"google_beyondcorp_app_connector":                               googleBeyondcorpAppConnector,
+	"google_beyondcorp_app_gateway":                                 googleBeyondcorpAppGateway,
+	"google_beyondcorp_application":                                 googleBeyondcorpApplication,
+	"google_beyondcorp_application_iam_binding":                     googleBeyondcorpApplicationIamBinding,
+	"google_beyondcorp_application_iam_member":                      googleBeyondcorpApplicationIamMember,
+	"google_beyondcorp_application_iam_policy":                      googleBeyondcorpApplicationIamPolicy,
+	"google_beyondcorp_security_gateway":                            googleBeyondcorpSecurityGateway,
+	"google_beyondcorp_security_gateway_application":                googleBeyondcorpSecurityGatewayApplication,
+	"google_beyondcorp_security_gateway_application_iam_binding":    googleBeyondcorpSecurityGatewayApplicationIamBinding,
+	"google_beyondcorp_security_gateway_application_iam_member":     googleBeyondcorpSecurityGatewayApplicationIamMember,
+	"google_beyondcorp_security_gateway_application_iam_policy":     googleBeyondcorpSecurityGatewayApplicationIamPolicy,
+	"google_beyondcorp_security_gateway_iam_binding":                googleBeyondcorpSecurityGatewayIamBinding,
+	"google_beyondcorp_security_gateway_iam_member":                 googleBeyondcorpSecurityGatewayIamMember,
+	"google_beyondcorp_security_gateway_iam_policy":                 googleBeyondcorpSecurityGatewayIamPolicy,
+	"google_biglake_catalog":                                        googleBiglakeCatalog,
+	"google_biglake_database":                                       googleBiglakeDatabase,
+	"google_biglake_table":                                          googleBiglakeTable,
+	"google_bigquery_analytics_hub_data_exchange":                   googleBigqueryAnalyticsHubDataExchange,
+	"google_bigquery_analytics_hub_data_exchange_iam_binding":       googleBigqueryAnalyticsHubDataExchangeIam,
+	"google_bigquery_analytics_hub_data_exchange_iam_member":        googleBigqueryAnalyticsHubDataExchangeIam,
+	"google_bigquery_analytics_hub_data_exchange_iam_policy":        googleBigqueryAnalyticsHubDataExchangeIam,
+	"google_bigquery_analytics_hub_listing":                         googleBigqueryAnalyticsHubListing,
+	"google_bigquery_analytics_hub_listing_iam_binding":             googleBigqueryAnalyticsHubListingIam,
+	"google_bigquery_analytics_hub_listing_iam_member":              googleBigqueryAnalyticsHubListingIam,
+	"google_bigquery_analytics_hub_listing_iam_policy":              googleBigqueryAnalyticsHubListingIam,
+	"google_bigquery_analytics_hub_listing_subscription":            googleBigqueryAnalyticsHubListingSubscription,
+	"google_bigquery_bi_reservation":                                googleBigqueryBiReservation,
+	"google_bigquery_capacity_commitment":                           googleBigqueryCapacityCommitment,
+	"google_bigquery_connection":                                    googleBigqueryConnection,
+	"google_bigquery_connection_iam_binding":                        googleBigqueryConnectionIam,
+	"google_bigquery_connection_iam_member":                         googleBigqueryConnectionIam,
+	"google_bigquery_connection_iam_policy":                         googleBigqueryConnectionIam,
+	"google_bigquery_data_transfer_config":                          googleBigqueryDataTransferConfig,
+	"google_bigquery_datapolicy_data_policy":                        googleBigqueryDatapolicyDataPolicy,
+	"google_bigquery_datapolicy_data_policy_iam_binding":            googleBigqueryDatapolicyDataPolicyIamBinding,
+	"google_bigquery_datapolicy_data_policy_iam_member":             googleBigqueryDatapolicyDataPolicyIamMember,
+	"google_bigquery_datapolicy_data_policy_iam_policy":             googleBigqueryDatapolicyDataPolicyIamPolicy,
+	"google_bigquery_dataset":                                       googleBigqueryDataset,
+	"google_bigquery_dataset_access":                                googleBigqueryDatasetAccess,
+	"google_bigquery_dataset_iam_binding":                           googleBigqueryDatasetIam,
+	"google_bigquery_dataset_iam_member":                            googleBigqueryDatasetIam,
+	"google_bigquery_dataset_iam_policy":                            googleBigqueryDatasetIam,
+	"google_bigquery_job":                                           googleBigqueryJob,
+	"google_bigquery_reservation":                                   googleBigqueryReservation,
+	"google_bigquery_reservation_assignment":                        googleBigqueryReservationAssignment,
+	"google_bigquery_routine":                                       googleBigqueryRoutine,
+	"google_bigquery_row_access_policy":                             googleBigqueryRowAccessPolicy,
+	"google_bigquery_table":                                         googleBigQueryTable,
+	"google_bigquery_table_iam_binding":                             googleBigqueryTableIam,
+	"google_bigquery_table_iam_member":                              googleBigqueryTableIam,
+	"google_bigquery_table_iam_policy":                              googleBigqueryTableIam,
+	"google_bigtable_app_profile":                                   googleBigtableAppProfile,
+	"google_bigtable_authorized_view":                               googleBigtableAuthorizedView,
+	"google_bigtable_gc_policy":                                     googleBigtableGcPolicy,
+	"google_bigtable_instance":                                      googleBigtableInstance,
+	"google_bigtable_instance_iam_binding":                          googleBigTableInstanceIam,
+	"google_bigtable_instance_iam_member":                           googleBigTableInstanceIam,
+	"google_bigtable_instance_iam_policy":                           googleBigTableInstanceIam,
+	"google_bigtable_logical_view":                                  googleBigtableLogicalView,
+	"google_bigtable_materialized_view":                             googleBigtableMaterializedView,
+	"google_bigtable_schema_bundle":                                 googleBigtableSchemaBundle,
+	"google_bigtable_table":                                         googleBigtableTable,
+	"google_bigtable_table_iam_binding":                             googleBigTableTableIam,
+	"google_bigtable_table_iam_member":                              googleBigTableTableIam,
+	"google_bigtable_table_iam_policy":                              googleBigTableTableIam,
+	"google_billing_account_iam_binding":                            googleBillingAccountIamBinding,
+	"google_billing_account_iam_member":                             googleBillingAccountIamMember,
+	"google_billing_account_iam_policy":                             googleBillingAccountIamPolicy,
+	"google_billing_budget":                                         googleBillingBudget,
+	"google_billing_project_info":                                   googleBillingProjectInfo,
+	"google_binary_authorization_attestor_iam_binding":              googleBinaryAuthorizationAttestorIamBinding,
+	"google_binary_authorization_attestor_iam_member":               googleBinaryAuthorizationAttestorIamMember,
+	"google_binary_authorization_attestor_iam_policy":               googleBinaryAuthorizationAttestorIamPolicy,
+	"google_chronicle_data_access_label":                            googleChronicleDataAccessLabel,
+	"google_chronicle_data_access_scope":                            googleChronicleDataAccessScope,
+	"google_chronicle_reference_list":                               googleChronicleReferenceList,
+	"google_chronicle_retrohunt":                                    googleChronicleRetrohunt,
+	"google_chronicle_rule":                                         googleChronicleRule,
+	"google_chronicle_rule_deployment":                              googleChronicleRuleDeployment,
+	"google_chronicle_watchlist":                                    googleChronicleWatchlist,
+	"google_cloud_run_domain_mapping":                               googleCloudRunDomainMapping,
+	"google_cloud_run_service":                                      googleCloudRunService,
+	"google_cloud_run_service_iam_binding":                          googleCloudRunServiceIamBinding,
+	"google_cloud_run_service_iam_member":                           googleCloudRunServiceIamMember,
+	"google_cloud_run_service_iam_policy":                           googleCloudRunServiceIamPolicy,
+	"google_cloud_run_v2_job":                                       googleCloudRunV2Job,
+	"google_cloud_run_v2_job_iam_binding":                           googleCloudRunV2JobIam,
+	"google_cloud_run_v2_job_iam_member":                            googleCloudRunV2JobIam,
+	"google_cloud_run_v2_job_iam_policy":                            googleCloudRunV2JobIam,
+	"google_cloud_run_v2_service":                                   googleCloudRunV2Service,
+	"google_cloud_run_v2_service_iam_binding":                       googleCloudRunV2ServiceIam,
+	"google_cloud_run_v2_service_iam_member":                        googleCloudRunV2ServiceIam,
+	"google_cloud_run_v2_service_iam_policy":                        googleCloudRunV2ServiceIam,
+	"google_cloud_run_v2_worker_pool":                               googleCloudRunV2WorkerPool,
+	"google_cloud_run_v2_worker_pool_iam_binding":                   googleCloudRunV2WorkerPoolIamBinding,
+	"google_cloud_run_v2_worker_pool_iam_member":                    googleCloudRunV2WorkerPoolIamMember,
+	"google_cloud_run_v2_worker_pool_iam_policy":                    googleCloudRunV2WorkerPoolIamPolicy,
+	"google_cloud_scheduler_job":                                    googleCloudSchedulerJob,
+	"google_cloud_tasks_queue_iam_binding":                          googleCloudTasksQueueIamBinding,
+	"google_cloud_tasks_queue_iam_member":                           googleCloudTasksQueueIamMember,
+	"google_cloud_tasks_queue_iam_policy":                           googleCloudTasksQueueIamPolicy,
+	"google_cloudbuild_trigger":                                     googleCloudbuildTrigger,
+	"google_cloudbuildv2_connection":                                googleCloudbuildv2Connection,
+	"google_cloudbuildv2_connection_iam_binding":                    googleCloudbuildv2ConnectionIamBinding,
+	"google_cloudbuildv2_connection_iam_member":                     googleCloudbuildv2ConnectionIamMember,
+	"google_cloudbuildv2_connection_iam_policy":                     googleCloudbuildv2ConnectionIamPolicy,
+	"google_cloudbuildv2_repository":                                googleCloudbuildv2Repository,
+	"google_clouddeploy_custom_target_type_iam_binding":             googleClouddeployCustomTargetTypeIamBinding,
+	"google_clouddeploy_custom_target_type_iam_member":              googleClouddeployCustomTargetTypeIamMember,
+	"google_clouddeploy_custom_target_type_iam_policy":              googleClouddeployCustomTargetTypeIamPolicy,
+	"google_clouddeploy_delivery_pipeline_iam_binding":              googleClouddeployDeliveryPipelineIamBinding,
+	"google_clouddeploy_delivery_pipeline_iam_member":               googleClouddeployDeliveryPipelineIamMember,
+	"google_clouddeploy_delivery_pipeline_iam_policy":               googleClouddeployDeliveryPipelineIamPolicy,
+	"google_clouddeploy_target_iam_binding":                         googleClouddeployTargetIamBinding,
+	"google_clouddeploy_target_iam_member":                          googleClouddeployTargetIamMember,
+	"google_clouddeploy_target_iam_policy":                          googleClouddeployTargetIamPolicy,
+	"google_cloudfunctions2_function":                               googleCloudfunction2Function,
+	"google_cloudfunctions2_function_iam_binding":                   googleCloudfunction2FunctionIamBinding,
+	"google_cloudfunctions2_function_iam_member":                    googleCloudfunction2FunctionIamMember,
+	"google_cloudfunctions2_function_iam_policy":                    googleCloudfunction2FunctionIamPolicy,
+	"google_cloudfunctions_function":                                googleCloudfunctionsFunction,
+	"google_cloudfunctions_function_iam_binding":                    googleCloudfunctionsFunctionIamBinding,
+	"google_cloudfunctions_function_iam_member":                     googleCloudfunctionsFunctionIamPolicy,
+	"google_cloudfunctions_function_iam_policy":                     googleCloudfunctionsFunctionIamPolicy,
+	"google_colab_runtime_template_iam_binding":                     googleColabRuntimeTemplateIamBinding,
+	"google_colab_runtime_template_iam_member":                      googleColabRuntimeTemplateIamMember,
+	"google_colab_runtime_template_iam_policy":                      googleColabRuntimeTemplateIamPolicy,
+	"google_composer_environment":                                   googleComposerEnvironment,
+	"google_composer_user_workloads_config_map":                     googleComposerUserWorkloadsConfigMap,
+	"google_composer_user_workloads_secret":                         googleComposerUserWorkloadsSecret,
+	"google_compute_address":                                        googleComputeAddress,
+	"google_compute_backend_bucket":                                 googleComputeBackendBucket,
+	"google_compute_backend_bucket_iam_binding":                     googleComputeBackendBucketIamBinding,
+	"google_compute_backend_bucket_iam_member":                      googleComputeBackendBucketIamMember,
+	"google_compute_backend_bucket_iam_policy":                      googleComputeBackendBucketIamPolicy,
+	"google_compute_backend_service":                                googleComputeBackendService,
+	"google_compute_backend_service_iam_binding":                    googleComputeBackendServiceIamBinding,
+	"google_compute_backend_service_iam_member":                     googleComputeBackendServiceIamMember,
+	"google_compute_backend_service_iam_policy":                     googleComputeBackendServiceIamPolicy,
+	"google_compute_disk_iam_binding":                               googleComputeDiskIamBinding,
+	"google_compute_disk_iam_member":                                googleComputeDiskIamMember,
+	"google_compute_disk_iam_policy":                                googleComputeDiskIamPolicy,
+	"google_compute_firewall":                                       googleComputeFirewall,
+	"google_compute_forwarding_rule":                                googleComputeForwardingRule,
+	"google_compute_global_address":                                 googleComputeGlobalAddress,
+	"google_compute_global_forwarding_rule":                         googleComputeGlobalForwardingRule,
+	"google_compute_global_network_endpoint_group":                  googleComputeGlobalNetworkEndpointGroup,
+	"google_compute_health_check":                                   googleComputeHealthcheck,
+	"google_compute_http_health_check":                              googleComputeHttpHealthCheck,
+	"google_compute_https_health_check":                             googleComputeHttpsHealthCheck,
+	"google_compute_image_iam_binding":                              googleComputeImageIamBinding,
+	"google_compute_image_iam_member":                               googleComputeImageIamMember,
+	"google_compute_image_iam_policy":                               googleComputeImageIamPolicy,
+	"google_compute_instance":                                       googleComputeInstance,
+	"google_compute_instance_iam_binding":                           googleComputeInstanceIamBinding,
+	"google_compute_instance_iam_member":                            googleComputeInstanceIamMember,
+	"google_compute_instance_iam_policy":                            googleComputeInstanceIamPolicy,
+	"google_compute_instance_template":                              googleComputeInstanceTemplate,
+	"google_compute_instance_template_iam_binding":                  googleComputeInstanceTemplateIamBinding,
+	"google_compute_instance_template_iam_member":                   googleComputeInstanceTemplateIamMember,
+	"google_compute_instance_template_iam_policy":                   googleComputeInstanceTemplateIamPolicy,
+	"google_compute_instant_snapshot_iam_binding":                   googleComputeInstanceSnapshotIamBinding,
+	"google_compute_instant_snapshot_iam_member":                    googleComputeInstanceSnapshotIamMember,
+	"google_compute_instant_snapshot_iam_policy":                    googleComputeInstanceSnapshotIamPolicy,
+	"google_compute_machine_image_iam_binding":                      googleComputeMachineImageIamBinding,
+	"google_compute_machine_image_iam_member":                       googleComputeMachineImageIamMember,
+	"google_compute_machine_image_iam_policy":                       googleComputeMachineImageIamPolicy,
+	"google_compute_network":                                        googleComputeNetwork,
+	"google_compute_network_attachment":                             googleComputeNetworkAttachment,
+	"google_compute_network_endpoint_group":                         googleComputeNetworkEndpointGroup,
+	"google_compute_project_metadata_item":                          googleComputeProjectMetadataItem,
+	"google_compute_region_backend_service":                         googleComputeRgionBackendService,
+	"google_compute_region_backend_service_iam_binding":             googleComputeRegionBackendServiceIamBinding,
+	"google_compute_region_backend_service_iam_member":              googleComputeRegionBackendServiceIamMember,
+	"google_compute_region_backend_service_iam_policy":              googleComputeRegionBackendServiceIamPolicy,
+	"google_compute_region_disk_iam_binding":                        googleComputeRegionDiskIamBinding,
+	"google_compute_region_disk_iam_member":                         googleComputeRegionDiskIamMember,
+	"google_compute_region_disk_iam_policy":                         googleComputeRegionDiskIamPolicy,
+	"google_compute_region_health_check":                            googleComputeRegioHealthCheck,
+	"google_compute_region_network_endpoint_group":                  googleComputeRegionNetworkEndpointGroup,
+	"google_compute_region_ssl_certificate":                         googleComputeRegionSslCertificate,
+	"google_compute_region_target_http_proxy":                       googleComputeRegionTargetHttpProxy,
+	"google_compute_region_target_https_proxy":                      googleComputeRegionTargetHttpsProxy,
+	"google_compute_region_target_tcp_proxy":                        googleComputeRegionTargetTcpProxy,
+	"google_compute_region_url_map":                                 googleComputeRegionUrlMap,
+	"google_compute_security_policy":                                googleComputeSecurityPolicy,
+	"google_compute_snapshot_iam_binding":                           googleComputeSnapshotIamBinding,
+	"google_compute_snapshot_iam_member":                            googleComputeSnapshotIamMember,
+	"google_compute_snapshot_iam_policy":                            googleComputeSnapshotIamPolicy,
+	"google_compute_storage_pool_iam_binding":                       googleComputeStoragePoolIamBinding,
+	"google_compute_storage_pool_iam_member":                        googleComputeStoragePoolIamMember,
+	"google_compute_storage_pool_iam_policy":                        googleComputeStoragePoolIamPolicy,
+	"google_compute_subnetwork":                                     googleComputeSubnetwork,
+	"google_compute_subnetwork_iam_binding":                         googleComputeSubnetworkIamBinding,
+	"google_compute_subnetwork_iam_member":                          googleComputeSubnetworkIamMember,
+	"google_compute_subnetwork_iam_policy":                          googleComputeSubnetworkIamPolicy,
+	"google_compute_target_http_proxy":                              googleComputeTargetHttpProxy,
+	"google_compute_target_https_proxy":                             googleComputeTargetHttpsProxy,
+	"google_compute_url_map":                                        googleComputeUrlMap,
+	"google_contact_center_insights_analysis_rule":                  googleContactCenterInsightsAnalysisRule,
+	"google_contact_center_insights_view":                           googleContactCenterInsightsView,
+	"google_container_analysis_note_iam_binding":                    googleContainerAnalysisNoteIamBinding,
+	"google_container_analysis_note_iam_member":                     googleContainerAnalysisNoteIamMember,
+	"google_container_analysis_note_iam_policy":                     googleContainerAnalysisNoteIamPolicy,
+	"google_container_cluster":                                      googleContainerCluster,
+	"google_container_node_pool":                                    googleContainerNodePool,
+	"google_data_catalog_entry":                                     googleDataCatalogEntry,
+	"google_data_catalog_entry_group":                               googleDataCatalogEntryGroup,
+	"google_data_catalog_entry_group_iam_binding":                   googleDataCatalogEntryGroupIamPolicy,
+	"google_data_catalog_entry_group_iam_member":                    googleDataCatalogEntryGroupIamMember,
+	"google_data_catalog_entry_group_iam_policy":                    googleDataCatalogEntryGroupIamPolicy,
+	"google_data_catalog_policy_tag":                                googleDataCatalogPolicyTag,
+	"google_data_catalog_policy_tag_iam_binding":                    googleDataCatalogPolicyTagIamPolicy,
+	"google_data_catalog_policy_tag_iam_member":                     googleDataCatalogPolicyTagIamMember,
+	"google_data_catalog_policy_tag_iam_policy":                     googleDataCatalogPolicyTagIamPolicy,
+	"google_data_catalog_tag":                                       googleDataCatalogTag,
+	"google_data_catalog_tag_template":                              googleDataCatalogTagTemplate,
+	"google_data_catalog_tag_template_iam_binding":                  googleDataCatalogTagTemplateIamPolicy,
+	"google_data_catalog_tag_template_iam_member":                   googleDataCatalogTagTemplateIamPolicy,
+	"google_data_catalog_tag_template_iam_policy":                   googleDataCatalogTagTemplateIamPolicy,
+	"google_data_catalog_taxonomy":                                  googleDataCatalogTaxonomy,
+	"google_data_catalog_taxonomy_iam_binding":                      googleDataCatalogTaxonomyIamBinding,
+	"google_data_catalog_taxonomy_iam_member":                       googleDataCatalogTaxonomyIamMember,
+	"google_data_catalog_taxonomy_iam_policy":                       googleDataCatalogTaxonomyIamPolicy,
+	"google_data_fusion_instance_iam_binding":                       googleDataFusionInstanceIamBinding,
+	"google_data_fusion_instance_iam_member":                        googleDataFusionInstanceIamMember,
+	"google_data_fusion_instance_iam_policy":                        googleDataFusionInstanceIamPolicy,
+	"google_dataflow_job":                                           googleDataflowJob,
+	"google_dataform_repository":                                    googleDataformRepository,
+	"google_dataform_repository_iam_binding":                        googleDataformRepositoryIamBinding,
+	"google_dataform_repository_iam_member":                         googleDataformRepositoryIamMember,
+	"google_dataform_repository_iam_policy":                         googleDataformRepositoryIamPolicy,
+	"google_dataform_repository_release_config":                     googleDataformRepositoryReleaseConfig,
+	"google_dataform_repository_workflow_config":                    googleDataformRepositoryWorkflowConfig,
+	"google_dataplex_aspect_type":                                   googleDataplexAspectType,
+	"google_dataplex_aspect_type_iam_binding":                       googleDataplexAspectTypeIamBinding,
+	"google_dataplex_aspect_type_iam_member":                        googleDataplexAspectTypeIamMember,
+	"google_dataplex_aspect_type_iam_policy":                        googleDataplexAspectTypeIamPolicy,
+	"google_dataplex_asset":                                         googleDataplexAsset,
+	"google_dataplex_asset_iam_binding":                             googleDataplexAssetIamBinding,
+	"google_dataplex_asset_iam_member":                              googleDataplexAssetIamMember,
+	"google_dataplex_asset_iam_policy":                              googleDataplexAssetIamPolicy,
+	"google_dataplex_datascan":                                      googleDataplexDatascan,
+	"google_dataplex_datascan_iam_binding":                          googleDataplexDatascanIamBinding,
+	"google_dataplex_datascan_iam_member":                           googleDataplexDatascanIamMember,
+	"google_dataplex_datascan_iam_policy":                           googleDataplexDatascanIamPolicy,
+	"google_dataplex_entry":                                         googleDataplexEntry,
+	"google_dataplex_entry_group":                                   googleDataplexEntryGroup,
+	"google_dataplex_entry_group_iam_binding":                       googleDataplexEntryGroupIamBinding,
+	"google_dataplex_entry_group_iam_member":                        googleDataplexEntryGroupIamMember,
+	"google_dataplex_entry_group_iam_policy":                        googleDataplexEntryGroupIamPolicy,
+	"google_dataplex_entry_type":                                    googleDataplexEntryType,
+	"google_dataplex_entry_type_iam_binding":                        googleDataplexEntryTypeIamBinding,
+	"google_dataplex_entry_type_iam_member":                         googleDataplexEntryTypeIamMember,
+	"google_dataplex_entry_type_iam_policy":                         googleDataplexEntryTypeIamPolicy,
+	"google_dataplex_glossary":                                      googleDataplexGlossary,
+	"google_dataplex_glossary_category":                             googleDataplexGlossaryCategory,
+	"google_dataplex_glossary_iam_binding":                          googleDataplexGlossaryIamBinding,
+	"google_dataplex_glossary_iam_member":                           googleDataplexGlossaryIamMember,
+	"google_dataplex_glossary_iam_policy":                           googleDataplexGlossaryIamPolicy,
+	"google_dataplex_glossary_term":                                 googleDataplexGlossaryTerm,
+	"google_dataplex_lake":                                          googleDataplexLake,
+	"google_dataplex_lake_iam_binding":                              googleDataplexLakeIamBinding,
+	"google_dataplex_lake_iam_member":                               googleDataplexLakeIamMember,
+	"google_dataplex_lake_iam_policy":                               googleDataplexLakeIamPolicy,
+	"google_dataplex_task":                                          googleDataplexTask,
+	"google_dataplex_task_iam_binding":                              googleDataplexLakeIamBinding,
+	"google_dataplex_task_iam_member":                               googleDataplexTaskIamMember,
+	"google_dataplex_task_iam_policy":                               googleDataplexTaskIamPolicy,
+	"google_dataplex_zone":                                          googleDataplexZone,
+	"google_dataplex_zone_iam_binding":                              googleDataplexZoneIamBinding,
+	"google_dataplex_zone_iam_member":                               googleDataplexZoneIamMember,
+	"google_dataplex_zone_iam_policy":                               googleDataplexLakeIamPolicy,
+	"google_dataproc_autoscaling_policy":                            googleDataprocAutoscalingPolicy,
+	"google_dataproc_autoscaling_policy_iam_binding":                googleDataprocAutoscalingPolicyIamBinding,
+	"google_dataproc_autoscaling_policy_iam_member":                 googleDataprocAutoscalingPolicyIamMember,
+	"google_dataproc_autoscaling_policy_iam_policy":                 googleDataprocAutoscalingPolicyIamPolicy,
+	"google_dataproc_batch":                                         googleDataprocBatch,
+	"google_dataproc_cluster":                                       googleDataprocCluster,
+	"google_dataproc_cluster_iam_binding":                           googleDataprocClusterIamBinding,
+	"google_dataproc_cluster_iam_member":                            googleDataprocClusterIamMember,
+	"google_dataproc_cluster_iam_policy":                            googleDataprocClusterIamPolicy,
+	"google_dataproc_job":                                           googleDataprocJob,
+	"google_dataproc_job_iam_binding":                               googleDataprocJobIamBinding,
+	"google_dataproc_job_iam_member":                                googleDataprocJobIamMember,
+	"google_dataproc_job_iam_policy":                                googleDataprocJobIamPolicy,
+	"google_dataproc_metastore_database_iam_binding":                googleDataprocMetastoreDatabaseIamBinding,
+	"google_dataproc_metastore_database_iam_member":                 googleDataprocMetastoreDatabaseIamMember,
+	"google_dataproc_metastore_database_iam_policy":                 googleDataprocMetastoreDatabaseIamPolicy,
+	"google_dataproc_metastore_federation_iam_binding":              googleDataprocMetastoreFederationIamBinding,
+	"google_dataproc_metastore_federation_iam_member":               googleDataprocMetastoreFederationIamMember,
+	"google_dataproc_metastore_federation_iam_policy":               googleDataprocMetastoreFederationIamPolicy,
+	"google_dataproc_metastore_service_iam_binding":                 googleDataprocMetastoreServiceIamBinding,
+	"google_dataproc_metastore_service_iam_member":                  googleDataprocMetastoreServiceIamMember,
+	"google_dataproc_metastore_service_iam_policy":                  googleDataprocMetastoreServiceIamPolicy,
+	"google_dataproc_metastore_table_iam_binding":                   googleDataprocMetastoreTableIamBinding,
+	"google_dataproc_metastore_table_iam_member":                    googleDataprocMetastoreTableIamMember,
+	"google_dataproc_metastore_table_iam_policy":                    googleDataprocMetastoreTableIamPolicy,
+	"google_dataproc_session_template":                              googleDataprocSessionTemplate,
+	"google_dataproc_workflow_template":                             googleDataprocWorkflowTemplate,
+	"google_default_service_accounts":                               googleDefaultServiceAccounts,
+	"google_deployment_manager_deployment":                          googleDeploymentManagerDeployment,
+	"google_developer_connect_account_connector":                    googleDeveloperConnectAccountConnector,
+	"google_developer_connect_connection":                           googleDeveloperConnectConnection,
+	"google_developer_connect_git_repository_link":                  googleDeveloperConnectGitRepositoryLink,
+	"google_dialogflow_agent":                                       googleDialogflowAgent,
+	"google_dialogflow_conversation_profile":                        googleDialogflowConversationProfile,
+	"google_dialogflow_cx_agent":                                    googleDialogflowCxAgent,
+	"google_dialogflow_cx_entity_type":                              googleDialogflowCxEntityType,
+	"google_dialogflow_cx_environment":                              googleDialogflowCxEnvironment,
+	"google_dialogflow_cx_flow":                                     googleDialogflowCxFlow,
+	"google_dialogflow_cx_generative_settings":                      googleDialogflowCxGenerativeSettings,
+	"google_dialogflow_cx_generator":                                googleDialogflowCxGenerator,
+	"google_dialogflow_cx_intent":                                   googleDialogflowCxIntent,
+	"google_dialogflow_cx_page":                                     googleDialogflowCxPage,
+	"google_dialogflow_cx_playbook":                                 googleDialogflowCxPlaybook,
+	"google_dialogflow_cx_security_settings":                        googleDialogflowCxSecuritySettings,
+	"google_dialogflow_cx_tool":                                     googleDialogflowCxTool,
+	"google_dialogflow_cx_version":                                  googleDialogflowCxVersion,
+	"google_dialogflow_cx_webhook":                                  googleDialogflowCxWebhook,
+	"google_dialogflow_encryption_spec":                             googleDialogflowEncryptionSpec,
+	"google_dialogflow_entity_type":                                 googleDialogflowEntityType,
+	"google_dialogflow_fulfillment":                                 googleDialogflowFulfillment,
+	"google_dialogflow_intent":                                      googleDialogflowIntent,
+	"google_dns_managed_zone":                                       googleDnsmanagedZone,
+	"google_dns_managed_zone_iam_binding":                           googleDNSManagedZoneIamBinding,
+	"google_dns_managed_zone_iam_member":                            googleDNSManagedZoneIamMember,
+	"google_dns_managed_zone_iam_policy":                            googleDNSManagedZoneIamPolicy,
+	"google_dns_policy":                                             googleDNSPolicy,
+	"google_dns_record_set":                                         googleDNSRecordSet,
+	"google_edgecontainer_cluster":                                  googleEdgecontainerCluster,
+	"google_edgecontainer_node_pool":                                googleEdgecontainerNodePool,
+	"google_edgecontainer_vpn_connection":                           googleEdgecontainerVpnConnection,
+	"google_edgenetwork_interconnect_attachment":                    googleEdgecontainerInterconnectAttachment,
+	"google_edgenetwork_network":                                    googleEdgecontainerNetwork,
+	"google_edgenetwork_subnet":                                     googleEdgecontainerSubnet,
+	"google_endpoints_service_consumers_iam_binding":                googleEndpointsServiceConsumersIamBinding,
+	"google_endpoints_service_consumers_iam_member":                 googleEndpointsServiceConsumersIamMember,
+	"google_endpoints_service_consumers_iam_policy":                 googleEndpointsServiceConsumersIamPolicy,
+	"google_endpoints_service_iam_binding":                          googleEndpointsServiceIamBinding,
+	"google_endpoints_service_iam_member":                           googleEndpointsServiceIamMember,
+	"google_endpoints_service_iam_policy":                           googleEndpointsServiceIamPolicy,
+	"google_eventarc_channel":                                       googleEventarcChannel,
+	"google_eventarc_enrollment":                                    googleEventarcEnrollment,
+	"google_eventarc_google_api_source":                             googleEventarcGoogleApiSource,
+	"google_eventarc_google_channel_config":                         googleEventarcGoogleChannelConfig,
+	"google_eventarc_message_bus":                                   googleEventarcMessageBus,
+	"google_eventarc_pipeline":                                      googleEventarcPipeline,
+	"google_eventarc_trigger":                                       googleEventarcTrigger,
+	"google_firebase_android_app":                                   googleFirebaseAndroidApp,
+	"google_firebase_apple_app":                                     googleFirebaseAppleApp,
+	"google_firebase_database_instance":                             googleFirebaseDatabaseInstance,
+	"google_firebase_hosting_channel":                               googleFirebaseHostingSite,
+	"google_firebase_hosting_custom_domain":                         googleFirebaseHostingSite,
+	"google_firebase_hosting_release":                               googleFirebaseHostingSite,
+	"google_firebase_hosting_site":                                  googleFirebaseHostingSite,
+	"google_firebase_hosting_version":                               googleFirebaseHostingSite,
+	"google_firebase_project":                                       googleFirebaseProject,
+	"google_firebase_storage_bucket":                                googleFirebaseStorageBucket,
+	"google_firebase_web_app":                                       googleFirebaseWebApp,
+	"google_firebaserules_release":                                  googleFirebaserulesRelease,
+	"google_firebaserules_ruleset":                                  googleFirebaserulesRuleset,
+	"google_folder_iam_binding":                                     googleFolderIamBinding,
+	"google_folder_iam_member":                                      googleFolderIamMember,
+	"google_folder_iam_policy":                                      googleFolderIamPolicy,
+	"google_gemini_repository_group_iam_binding":                    googleGeminiRepositoryGroupIamBinding,
+	"google_gemini_repository_group_iam_member":                     googleGeminiRepositoryGroupIamMember,
+	"google_gemini_repository_group_iam_policy":                     googleGeminiRepositoryGroupIamPolicy,
+	"google_gke_backup_backup_plan_iam_binding":                     googleGkeBackupBackupPlanIamBinding,
+	"google_gke_backup_backup_plan_iam_member":                      googleGkeBackupBackupPlanIamMember,
+	"google_gke_backup_backup_plan_iam_policy":                      googleGkeBackupBackupPlanIamPolicy,
+	"google_gke_backup_restore_plan_iam_binding":                    googleGkeBackupRestorePlanIamBinding,
+	"google_gke_backup_restore_plan_iam_member":                     googleGkeBackupRestorePlanIamMember,
+	"google_gke_backup_restore_plan_iam_policy":                     googleGkeBackupRestorePlanIamPolicy,
+	"google_gke_hub_feature_iam_binding":                            googleGkeHubFeatureIamBinding,
+	"google_gke_hub_feature_iam_member":                             googleGkeHubFeatureIamMember,
+	"google_gke_hub_feature_iam_policy":                             googleGkeHubFeatureIamPolicy,
+	"google_gke_hub_membership_iam_binding":                         googleGkeHubMembershipIamBinding,
+	"google_gke_hub_membership_iam_member":                          googleGkeHubMembershipIamMember,
+	"google_gke_hub_membership_iam_policy":                          googleGkeHubMembershipIamPolicy,
+	"google_gke_hub_scope_iam_binding":                              googleGkeHubScopeIamBinding,
+	"google_gke_hub_scope_iam_member":                               googleGkeHubScopeIamMember,
+	"google_gke_hub_scope_iam_policy":                               googleGkeHubScopeIamPolicy,
+	"google_healthcare_consent_store_iam_binding":                   googleHealthcareConsentStoreIamBinding,
+	"google_healthcare_consent_store_iam_member":                    googleHealthcareConsentStoreIamMember,
+	"google_healthcare_consent_store_iam_policy":                    googleHealthcareConsentStoreIamPolicy,
+	"google_healthcare_dataset_iam_binding":                         googleHealthcareDatasetIamBinding,
+	"google_healthcare_dataset_iam_member":                          googleHealthcareDatasetIamMember,
+	"google_healthcare_dataset_iam_policy":                          googleHealthcareDatasetIamPolicy,
+	"google_healthcare_dicom_store_iam_binding":                     googleHealthcareDicomStoreIamBinding,
+	"google_healthcare_dicom_store_iam_member":                      googleHealthcareDicomStoreIamMember,
+	"google_healthcare_dicom_store_iam_policy":                      googleHealthcareDicomStoreIamPolicy,
+	"google_healthcare_fhir_store_iam_binding":                      googleHealthcareFhirStoreIamBinding,
+	"google_healthcare_fhir_store_iam_member":                       googleHealthcareFhirStoreIamMember,
+	"google_healthcare_fhir_store_iam_policy":                       googleHealthcareFhirStoreIamPolicy,
+	"google_healthcare_hl7_v2_store_iam_binding":                    googleHealthcareHl7V2StoreIamBinding,
+	"google_healthcare_hl7_v2_store_iam_member":                     googleHealthcareHl7V2StoreIamMember,
+	"google_healthcare_hl7_v2_store_iam_policy":                     googleHealthcareHl7V2StoreIamPolicy,
+	"google_iam_workforce_pool":                                     googleIamWorkforcePool,
+	"google_iam_workforce_pool_iam_binding":                         googleIamWorkforcePoolIamBinding,
+	"google_iam_workforce_pool_iam_member":                          googleIamWorkforcePoolIamMember,
+	"google_iam_workforce_pool_iam_policy":                          googleIamWorkforcePoolIamPolicy,
+	"google_iam_workforce_pool_provider":                            googleIamWorkforcePoolProvider,
+	"google_iam_workforce_pool_provider_key":                        googleIamWorkforcePoolProviderKey,
+	"google_iam_workload_identity_pool":                             googleIamWorkloadIdentityPool,
+	"google_iam_workload_identity_pool_iam_binding":                 googleIamWorkloadIdentityPoolIamBinding,
+	"google_iam_workload_identity_pool_iam_member":                  googleIamWorkloadIdentityPoolIamMember,
+	"google_iam_workload_identity_pool_iam_policy":                  googleIamWorkloadIdentityPoolIamPolicy,
+	"google_iam_workload_identity_pool_provider":                    googleIamWorkloadIdentityPoolProvider,
+	"google_iap_app_engine_service_iam_binding":                     googleIapAppEngineServiceIamBinding,
+	"google_iap_app_engine_service_iam_member":                      googleIapAppEngineServiceIamMember,
+	"google_iap_app_engine_service_iam_policy":                      googleIapAppEngineServiceIamPolicy,
+	"google_iap_app_engine_version_iam_binding":                     googleIapAppEngineVersionIamBinding,
+	"google_iap_app_engine_version_iam_member":                      googleIapAppEngineVersionIamMember,
+	"google_iap_app_engine_version_iam_policy":                      googleIapAppEngineVersionIamPolicy,
+	"google_iap_tunnel_dest_group_iam_binding":                      googleIapTunnelDestGroupIamBinding,
+	"google_iap_tunnel_dest_group_iam_member":                       googleIapTunnelDestGroupIamMember,
+	"google_iap_tunnel_dest_group_iam_policy":                       googleIapTunnelDestGroupIamPolicy,
+	"google_iap_tunnel_iam_binding":                                 googleIapTunnelIamBinding,
+	"google_iap_tunnel_iam_member":                                  googleIapTunnelIamMember,
+	"google_iap_tunnel_iam_policy":                                  googleIapTunnelIamPolicy,
+	"google_iap_tunnel_instance_iam_binding":                        googleIapTunnelInstanceIamBinding,
+	"google_iap_tunnel_instance_iam_member":                         googleIapTunnelInstanceIamMember,
+	"google_iap_tunnel_instance_iam_policy":                         googleIapTunnelInstanceIamPolicy,
+	"google_iap_web_backend_service_iam_binding":                    googleIapWebBackendServiceIamBinding,
+	"google_iap_web_backend_service_iam_member":                     googleIapWebBackendServiceIamMember,
+	"google_iap_web_backend_service_iam_policy":                     googleIapWebBackendServiceIamPolicy,
+	"google_iap_web_cloud_run_service_iam_binding":                  googleIapWebCloudRunServiceIamBinding,
+	"google_iap_web_cloud_run_service_iam_member":                   googleIapWebCloudRunServiceIamMember,
+	"google_iap_web_cloud_run_service_iam_policy":                   googleIapWebCloudRunServiceIamPolicy,
+	"google_iap_web_iam_binding":                                    googleIapWebIamBinding,
+	"google_iap_web_iam_member":                                     googleIapWebIamMember,
+	"google_iap_web_iam_policy":                                     googleIapWebIamPolicy,
+	"google_iap_web_region_backend_service_iam_binding":             googleIapWebRegionBackendServiceIamBinding,
+	"google_iap_web_region_backend_service_iam_member":              googleIapWebRegionBackendServiceIamMember,
+	"google_iap_web_region_backend_service_iam_policy":              googleIapWebRegionBackendServiceIamPolicy,
+	"google_iap_web_type_app_engine_iam_binding":                    googleIapWebTypeAppEngineIamBinding,
+	"google_iap_web_type_app_engine_iam_member":                     googleIapWebTypeAppEngineIamMember,
+	"google_iap_web_type_app_engine_iam_policy":                     googleIapWebTypeAppEngineIamPolicy,
+	"google_iap_web_type_compute_iam_binding":                       googleIapWebTypeComputeIamBinding,
+	"google_iap_web_type_compute_iam_member":                        googleIapWebTypeComputeIamMember,
+	"google_iap_web_type_compute_iam_policy":                        googleIapWebTypeComputeIamPolicy,
+	"google_kms_crypto_key":                                         googleKmsCryptoKey,
+	"google_kms_crypto_key_iam_binding":                             googlekmsCryptoKeyIamBinding,
+	"google_kms_crypto_key_iam_member":                              googlekmsCryptoKeyIamMember,
+	"google_kms_crypto_key_iam_policy":                              googlekmsCryptoKeyIamPolicy,
+	"google_kms_crypto_key_version":                                 googleKmsCryptoKeyVersions,
+	"google_kms_ekm_connection_iam_binding":                         googleKmsEkmConnectionIamBinding,
+	"google_kms_ekm_connection_iam_member":                          googleKmsEkmConnectionIamMember,
+	"google_kms_ekm_connection_iam_policy":                          googleKmsEkmConnectionIamPolicy,
+	"google_kms_key_handle":                                         googleKmsKeyHandle,
+	"google_kms_key_ring":                                           googleKmsKeyRing,
+	"google_kms_key_ring_iam_binding":                               googleKmsKeyRingIamBinding,
+	"google_kms_key_ring_iam_member":                                googleKmsKeyRingIamMember,
+	"google_kms_key_ring_iam_policy":                                googleKmsKeyRingIamPolicy,
+	"google_kms_key_ring_import_job":                                googleKmsKeyRingImportJob,
+	"google_kms_secret_ciphertext":                                  googleKmsSecretCiphertext,
+	"google_logging_billing_account_exclusion":                      googleLoggingBillingAccountExclusion,
+	"google_logging_billing_account_sink":                           googleLoggingBillingAccountSink,
+	"google_logging_folder_exclusion":                               googleLoggingFolderExclusion,
+	"google_logging_folder_settings":                                googleLoggingFolderSettings,
+	"google_logging_folder_sink":                                    googleLoggingFolderSink,
+	"google_logging_linked_dataset":                                 googleLoggingLinkedDataset,
+	"google_logging_log_scope":                                      googleLoggingLogScope,
+	"google_logging_log_view":                                       googleLoggingLogView,
+	"google_logging_log_view_iam_binding":                           googleLoggingLogViewIamBinding,
+	"google_logging_log_view_iam_member":                            googleLoggingLogViewIamMember,
+	"google_logging_log_view_iam_policy":                            googleLoggingLogViewIamPolicy,
+	"google_logging_metric":                                         googleLoggingMetric,
+	"google_logging_organization_exclusion":                         googleLoggingOrganizationExclusion,
+	"google_logging_organization_settings":                          googleLoggingOrganizationSettings,
+	"google_logging_organization_sink":                              googleLoggingOrganizationSink,
+	"google_logging_project_exclusion":                              googleLoggingProjectExclusion,
+	"google_logging_project_sink":                                   googleLoggingProjectSink,
+	"google_managed_kafka_acl":                                      googleManagedKafkaAcl,
+	"google_managed_kafka_cluster":                                  googleManagedKafkaCluster,
+	"google_managed_kafka_connect_cluster":                          googleManagedKafkaConnectCluster,
+	"google_managed_kafka_connector":                                googleManagedKafkaConnector,
+	"google_managed_kafka_topic":                                    googleManagedKafkaTopics,
+	"google_memcache_instance":                                      googleMemcacheInstance,
+	"google_memorystore_instance":                                   googleMemorystoreInstance,
+	"google_model_armor_floorsetting":                               googleModelArmorFloorsetting,
+	"google_model_armor_template":                                   googleModelArmorTemplate,
+	"google_monitoring_alert_policy":                                googleMonitoringAlertPolicy,
+	"google_monitoring_custom_service":                              googleMonitoringCustomService,
+	"google_monitoring_dashboard":                                   googleMonitoringDashboard,
+	"google_monitoring_group":                                       googleMonitoringGroup,
+	"google_monitoring_metric_descriptor":                           googleMonitoringMetricDescriptor,
+	"google_monitoring_monitored_project":                           googleMonitoringMonitoredProject,
+	"google_monitoring_notification_channel":                        googleMonitoringNotificationChannel,
+	"google_monitoring_service":                                     googleMonitoringService,
+	"google_monitoring_slo":                                         googleMonitoringSLO,
+	"google_monitoring_uptime_check_config":                         googleMonitoringUptimeCheckConfig,
+	"google_network_security_address_group_iam_binding":             googleNetworkSecurityAddressGroupIamBinding,
+	"google_network_security_address_group_iam_member":              googleNetworkSecurityAddressGroupIamMember,
+	"google_network_security_address_group_iam_policy":              googleNetworkSecurityAddressGroupIamPolicy,
+	"google_notebooks_environment":                                  googleNotebooksEnvironment,
+	"google_notebooks_instance":                                     googleNotebooksInstance,
+	"google_notebooks_instance_iam_binding":                         googleNotebooksInstanceIamBinding,
+	"google_notebooks_instance_iam_member":                          googleNotebooksInstanceIamMember,
+	"google_notebooks_instance_iam_policy":                          googleNotebooksInstanceIamPolicy,
+	"google_notebooks_runtime":                                      googleNotebooksRuntime,
+	"google_notebooks_runtime_iam_binding":                          googleNotebooksRuntimeIamBinding,
+	"google_notebooks_runtime_iam_member":                           googleNotebooksRuntimeIamMember,
+	"google_notebooks_runtime_iam_policy":                           googleNotebooksRuntimeIamPolicy,
+	"google_organization_iam_binding":                               googleOrganizationIamBinding,
+	"google_organization_iam_member":                                googleOrganizationIamMember,
+	"google_organization_iam_policy":                                googleOrganizationIamPolicy,
+	"google_os_config_guest_policies":                               googleOsConfigGuestPolicies,
+	"google_os_config_os_policy_assignment":                         googleOsConfigOsPolicyAssignment,
+	"google_os_config_patch_deployment":                             googleOsConfigPatchDeployment,
+	"google_os_config_v2_policy_orchestrator":                       googleOsConfigV2PolicyOrchestrator,
+	"google_os_config_v2_policy_orchestrator_for_folder":            googleOsConfigV2PolicyOrchestratorForFolder,
+	"google_os_config_v2_policy_orchestrator_for_organization":      googleOsConfigV2PolicyOrchestratorForOrganization,
+	"google_parallelstore_instance":                                 googleParallelstoreInstance,
+	"google_privateca_ca_pool":                                      googlePrivateCaPool,
+	"google_privateca_ca_pool_iam_binding":                          googlePrivateCaPoolIamBinding,
+	"google_privateca_ca_pool_iam_member":                           googlePrivateCaPoolIamMember,
+	"google_privateca_ca_pool_iam_policy":                           googlePrivateCaPoolIamPolicy,
+	"google_privateca_certificate":                                  googlePrivatecaCertificate,
+	"google_privateca_certificate_authority":                        googlePrivatecaCertificateAuthority,
+	"google_privateca_certificate_template":                         googlePrivatecaCertificateTemplate,
+	"google_privateca_certificate_template_iam_binding":             googlePrivatecaCertificateTemplateIamBinding,
+	"google_privateca_certificate_template_iam_member":              googlePrivatecaCertificateTemplateIamMember,
+	"google_privateca_certificate_template_iam_policy":              googlePrivatecaCertificateTemplateIamPolicy,
+	"google_privileged_access_manager_entitlement":                  googlePrivilegedAccessManagerEntitlement,
+	"google_project":                                                gooleProject,
+	"google_project_access_approval_settings":                       googleProjectAccessApprovalSettings,
+	"google_project_default_service_accounts":                       googleProjectDefaultServiceAccounts,
+	"google_project_iam_audit_config":                               googleProjectIamAuditConfig,
+	"google_project_iam_binding":                                    googleProjectIamBinding,
+	"google_project_iam_custom_role":                                googleProjectIamCustomRole,
+	"google_project_iam_member":                                     googleProjectIamBinding,
+	"google_project_iam_member_remove":                              googleProjectIamMemberRemove,
+	"google_project_iam_policy":                                     googleProjectIamPolicy,
+	"google_project_organization_policy":                            googleProjectOrganizationPolicy,
+	"google_project_service":                                        googleProjectService,
+	"google_project_service_identity":                               placeholder,
+	"google_project_services":                                       placeholder,
+	"google_project_usage_export_bucket":                            googleProjectUsageExportBucket,
+	"google_pubsub_lite_reservation":                                googlePubsubLiteReservation,
+	"google_pubsub_lite_subscription":                               googlePubsubLiteSubscription,
+	"google_pubsub_lite_topic":                                      googlePubsubLiteTopic,
+	"google_pubsub_schema":                                          googlePubsubSchema,
+	"google_pubsub_schema_iam_binding":                              googlePubsubSchemaIamBinding,
+	"google_pubsub_schema_iam_member":                               googlePubsubSchemaIamMember,
+	"google_pubsub_schema_iam_policy":                               googlePubsubSchemaIamPolicy,
+	"google_pubsub_subscription":                                    googlePubsubSubscription,
+	"google_pubsub_subscription_iam_binding":                        googlePubsubSubscriptionIamBinding,
+	"google_pubsub_subscription_iam_member":                         googlePubsubSubscriptionIamMember,
+	"google_pubsub_subscription_iam_policy":                         googlePubsubSubscriptionIamPolicy,
+	"google_pubsub_topic":                                           googlePubsubTopic,
+	"google_pubsub_topic_iam_binding":                               googlePubsubTopicIam,
+	"google_pubsub_topic_iam_member":                                googlePubsubTopicIam,
+	"google_pubsub_topic_iam_policy":                                googlePubsubTopicIam,
+	"google_redis_cluster":                                          googleRedisCluster,
+	"google_redis_cluster_user_created_connections":                 googleRedisClusterUserCreatedConnections,
+	"google_redis_instance":                                         googleRedisInstance,
+	"google_runtimeconfig_config":                                   googleRuntimeconfigConfig,
+	"google_runtimeconfig_config_iam_binding":                       googleRuntimeconfigConfigIamBinding,
+	"google_runtimeconfig_config_iam_member":                        googleRuntimeconfigConfigIamMember,
+	"google_runtimeconfig_config_iam_policy":                        googleRuntimeconfigConfigIamPolicy,
+	"google_runtimeconfig_variable":                                 googleRuntimeconfigVariable,
+	"google_scc_source_iam_binding":                                 googleSccSourceIamBinding,
+	"google_scc_source_iam_member":                                  googleSccSourceIamMember,
+	"google_scc_source_iam_policy":                                  googleSccSourceIamPolicy,
+	"google_scc_v2_organization_source_iam_binding":                 googleSccV2OrganizationSourceIamBinding,
+	"google_scc_v2_organization_source_iam_member":                  googleSccV2OrganizationSourceIamMember,
+	"google_scc_v2_organization_source_iam_policy":                  googleSccV2OrganizationSourceIamPolicy,
+	"google_secret_manager_regional_secret":                         googleSecretManagerRegionalSecret,
+	"google_secret_manager_regional_secret_iam_binding":             googleSecretManagerRegionalSecretsIamBinding,
+	"google_secret_manager_regional_secret_iam_member":              googleSecretManagerRegionalSecretIamMember,
+	"google_secret_manager_regional_secret_iam_policy":              googleSecretManagerRegionalSecretIamPolicy,
+	"google_secret_manager_regional_secret_version":                 googleSecretManagerRegionalSecretVersion,
+	"google_secret_manager_secret":                                  googleSecretManagerSecret,
+	"google_secret_manager_secret_iam_binding":                      googleSecretManagerSecretIam,
+	"google_secret_manager_secret_iam_member":                       googleSecretManagerSecretIam,
+	"google_secret_manager_secret_iam_policy":                       googleSecretManagerSecretIam,
+	"google_secret_manager_secret_version":                          googleSecretManagerSecretVersion,
+	"google_secure_source_manager_branch_rule":                      googleSecureSourceManagerBranchRule,
+	"google_secure_source_manager_instance":                         googleSecureSourceManagerInstance,
+	"google_secure_source_manager_instance_iam_binding":             googleSecureSourceManagerInstanceIamBinding,
+	"google_secure_source_manager_instance_iam_member":              googleSecureSourceManagerInstanceIamMember,
+	"google_secure_source_manager_instance_iam_policy":              googleSecureSourceManagerInstanceIamPolicy,
+	"google_secure_source_manager_repository":                       googleSecureSourceManagerRepository,
+	"google_secure_source_manager_repository_iam_binding":           googleSecureSourceManagerRepositoryIamBinding,
+	"google_secure_source_manager_repository_iam_member":            googleSecureSourceManagerRepositoryIamMember,
+	"google_secure_source_manager_repository_iam_policy":            googleSecureSourceManagerRepositoryIamPolicy,
+	"google_service_account":                                        googleServiceAccount,
+	"google_service_account_iam_binding":                            googleServiceAccountIamBinding,
+	"google_service_account_iam_member":                             googleServiceAccountIamMember,
+	"google_service_account_iam_policy":                             googleServiceAccountIamPolicy,
+	"google_service_account_key":                                    googleServiceAccountKey,
+	"google_service_directory_endpoint":                             googleServiceDirectoryEndpoint,
+	"google_service_directory_namespace":                            googleServiceDirectoryNamespace,
+	"google_service_directory_namespace_iam_binding":                googleServiceDirectoryNamespaceIamBinding,
+	"google_service_directory_namespace_iam_member":                 googleServiceDirectoryNamespaceIamMember,
+	"google_service_directory_namespace_iam_policy":                 googleServiceDirectoryNamespaceIamPolicy,
+	"google_service_directory_service":                              googleServiceDirectoryService,
+	"google_service_directory_service_iam_binding":                  googleServiceDirectoryServiceIamBinding,
+	"google_service_directory_service_iam_member":                   googleServiceDirectoryServiceIamMember,
+	"google_service_directory_service_iam_policy":                   googleServiceDirectoryServiceIamPolicy,
+	"google_service_networking_connection":                          googleServiceNetworkingConnection,
+	"google_site_verification_owner":                                placeholder,
+	"google_site_verification_web_resource":                         placeholder,
+	"google_sourcerepo_repository":                                  googleSourcerepoRepository,
+	"google_sourcerepo_repository_iam_binding":                      googleSourcerepoRepositoryIamBinding,
+	"google_sourcerepo_repository_iam_member":                       googleSourcerepoRepositoryIamMember,
+	"google_sourcerepo_repository_iam_policy":                       googleSourcerepoRepositoryIamPolicy,
+	"google_spanner_backup_schedule":                                googleSpannerBackupSchedule,
+	"google_spanner_database":                                       googleSpannerDatabase,
+	"google_spanner_database_iam_binding":                           googleSpannerDatabaseIam,
+	"google_spanner_database_iam_member":                            googleSpannerDatabaseIam,
+	"google_spanner_database_iam_policy":                            googleSpannerDatabaseIam,
+	"google_spanner_instance":                                       googleSpannerInstance,
+	"google_spanner_instance_config":                                googleSpannerInstanceConfig,
+	"google_spanner_instance_iam_binding":                           googleSpannerInstanceIam,
+	"google_spanner_instance_iam_member":                            googleSpannerInstanceIam,
+	"google_spanner_instance_iam_policy":                            googleSpannerInstanceIam,
+	"google_spanner_instance_partition":                             googleSpannerInstancePartition,
+	"google_sql_database":                                           googleSQLDatabase,
+	"google_sql_database_instance":                                  googleSQLDatabaseInstance,
+	"google_sql_ssl_cert":                                           googleSqlSslCert,
+	"google_sql_user":                                               googleSQLUser,
+	"google_storage_bucket":                                         googleStorageBucket,
+	"google_storage_bucket_access_control":                          googleStorageBucketAccessControl,
+	"google_storage_bucket_acl":                                     googleStorageBucketACL,
+	"google_storage_bucket_iam_binding":                             googleStorageBucketIamBinding,
+	"google_storage_bucket_iam_member":                              googleStorageBucketIamMember,
+	"google_storage_bucket_iam_policy":                              googleStorageBucketIamPolicy,
+	"google_storage_bucket_object":                                  googleStorageBucketObject,
+	"google_storage_control_folder_intelligence_config":             googleStorageControlFolderIntelligenceConfig,
+	"google_storage_control_organization_intelligence_config":       googleStorageControlOrganizationIntelligenceConfig,
+	"google_storage_control_project_intelligence_config":            googleStorageControlProjectIntelligenceConfig,
+	"google_storage_default_object_access_control":                  googleStorageDefaultObjectAccessControl,
+	"google_storage_default_object_acl":                             googleStorageDefaultObjectACL,
+	"google_storage_hmac_key":                                       googleStorageHmacKey,
+	"google_storage_insights_report_config":                         googleStorageInsightsReportConfig,
+	"google_storage_managed_folder_iam_binding":                     googleStorageManagedFolderIamBinding,
+	"google_storage_managed_folder_iam_member":                      googleStorageManagedFolderIamMember,
+	"google_storage_managed_folder_iam_policy":                      googleStorageManagedFolderIamPolicy,
+	"google_storage_object_access_control":                          googleStorageObjectAccessControl,
+	"google_tags_location_tag_binding":                              googleTagsLocationTagBinding,
+	"google_tags_tag_binding":                                       googleTagsTagBinding,
+	"google_tags_tag_key":                                           googleTagsTagKey,
+	"google_tags_tag_key_iam_binding":                               googleTagsTagKeyIamBinding,
+	"google_tags_tag_key_iam_member":                                googleTagsTagKeyIamMember,
+	"google_tags_tag_key_iam_policy":                                googleTagsTagKeyIamPolicy,
+	"google_tags_tag_value":                                         googleTagsTagValue,
+	"google_tags_tag_value_iam_binding":                             googleTagsTagValueIamBinding,
+	"google_tags_tag_value_iam_member":                              googleTagsTagValueIamMember,
+	"google_tags_tag_value_iam_policy":                              googleTagsTagValueIamPolicy,
+	"google_tpu_node":                                               googleTpuNode,
+	"google_tpu_v2_queued_resource":                                 googleTpuV2QueuedResource,
+	"google_tpu_v2_vm":                                              googleTpuV2Vm,
+	"google_transcoder_job":                                         googleTranscoderJob,
+	"google_transcoder_job_template":                                googleTranscoderJobTemplate,
+	"google_vertex_ai_dataset":                                      googleVertexAiDataset,
+	"google_vertex_ai_endpoint":                                     googleVertexAiEndpoint,
+	"google_vertex_ai_endpoint_iam_binding":                         googleVertexAiEndpointIam,
+	"google_vertex_ai_endpoint_iam_member":                          googleVertexAiEndpointIam,
+	"google_vertex_ai_endpoint_iam_policy":                          googleVertexAiEndpointIam,
+	"google_vertex_ai_feature_group":                                googleVertexAiFeatureGroup,
+	"google_vertex_ai_feature_group_feature":                        googleVertexAiFeatureGroupFeature,
+	"google_vertex_ai_feature_group_iam_binding":                    googleVertexAIFeatureGroupIamBinding,
+	"google_vertex_ai_feature_group_iam_member":                     googleVertexAIFeatureGroupIamMember,
+	"google_vertex_ai_feature_group_iam_policy":                     googleVertexAIFeatureGroupIamPolicy,
+	"google_vertex_ai_feature_online_store":                         googleVertexAiFeatureOnlineStore,
+	"google_vertex_ai_feature_online_store_featureview":             googleVertexAiFeatureOnlineStoreFeatureview,
+	"google_vertex_ai_feature_online_store_featureview_iam_binding": googleVertexAIFeatureOnlineStoreFeatureviewIamBinding,
+	"google_vertex_ai_feature_online_store_featureview_iam_member":  googleVertexAIFeatureOnlineStoreFeatureviewIamMember,
+	"google_vertex_ai_feature_online_store_featureview_iam_policy":  googleVertexAIFeatureOnlineStoreFeatureviewIamPolicy,
+	"google_vertex_ai_feature_online_store_iam_binding":             googleVertexAIFeatureOnlineStoreIamBinding,
+	"google_vertex_ai_feature_online_store_iam_member":              googleVertexAIFeatureOnlineStoreIamMember,
+	"google_vertex_ai_feature_online_store_iam_policy":              googleVertexAIFeatureOnlineStoreIamPolicy,
+	"google_vertex_ai_featurestore":                                 googleVertexAiFeaturestore,
+	"google_vertex_ai_featurestore_entitytype":                      googleVertexAiFeaturestoreEntitytype,
+	"google_vertex_ai_featurestore_entitytype_feature":              googleVertexAiFeaturestoreEntitytypeFeature,
+	"google_vertex_ai_featurestore_entitytype_iam_binding":          googleVertexAiFeaturestoreEntitytypeIam,
+	"google_vertex_ai_featurestore_entitytype_iam_member":           googleVertexAiFeaturestoreEntitytypeIam,
+	"google_vertex_ai_featurestore_entitytype_iam_policy":           googleVertexAiFeaturestoreEntitytypeIam,
+	"google_vertex_ai_featurestore_iam_binding":                     googleVertexAiFeaturestoreIam,
+	"google_vertex_ai_featurestore_iam_member":                      googleVertexAiFeaturestoreIam,
+	"google_vertex_ai_featurestore_iam_policy":                      googleVertexAiFeaturestoreIam,
+	"google_vertex_ai_index":                                        googleVertexAiIndex,
+	"google_vertex_ai_index_endpoint":                               googleVertexAiIndexEndpoint,
+	"google_vertex_ai_metadata_store":                               googleVertexAiMetadataStore,
+	"google_vertex_ai_tensorboard":                                  googleVertexAiTensorboard,
+	"google_vmwareengine_cluster":                                   googleVmwareengineCluster,
+	"google_vmwareengine_external_access_rule":                      googleVmwareengineExternalAccessRule,
+	"google_vmwareengine_external_address":                          googleVmwareengineExternalAddress,
+	"google_vmwareengine_network":                                   googleVmwareengineNetwork,
+	"google_vmwareengine_network_peering":                           googleVmwareengineNetworkPeering,
+	"google_vmwareengine_network_policy":                            googleVmwareengineNetworkPolicy,
+	"google_vmwareengine_private_cloud":                             googleVmwareenginePrivateCloud,
+	"google_vmwareengine_subnet":                                    googleVmwareengineSubnet,
+	"google_workbench_instance_iam_binding":                         googleWorkbenchInstanceIamBinding,
+	"google_workbench_instance_iam_member":                          googleWorkbenchInstanceIamMember,
+	"google_workbench_instance_iam_policy":                          googleWorkbenchInstanceIamPolicy,
+	"google_workflows_workflow":                                     googleWorkflowsWorkflow,
+	"google_workstations_workstation":                               googleWorkstationsWorkstation,
+	"google_workstations_workstation_cluster":                       googleWorkstationsWorkstationCluster,
+	"google_workstations_workstation_config":                        googleWorkstationsWorkstationConfig,
+	"google_workstations_workstation_config_iam_binding":            googleWorkstationsWorkstationConfigIamBinding,
+	"google_workstations_workstation_config_iam_member":             googleWorkstationsWorkstationConfigIamMember,
+	"google_workstations_workstation_config_iam_policy":             googleWorkstationsWorkstationConfigIamPolicy,
+	"google_workstations_workstation_iam_binding":                   googleWorkstationsWorkstationIamBinding,
+	"google_workstations_workstation_iam_member":                    googleWorkstationsWorkstationIamMember,
+	"google_workstations_workstation_iam_policy":                    googleWorkstationsWorkstationIamPolicy,
+	"google_certificate_manager_dns_authorization":                  googleCertificateManagerDnsAuthorization,
+	"google_iap_web_region_forwarding_rule_service_iam_binding":     googleIapWebRegionForwardingRuleServiceIamBinding,
+	"google_iap_web_region_forwarding_rule_service_iam_member":      googleIapWebRegionForwardingRuleServiceIamMember,
+	"google_iap_web_region_forwarding_rule_service_iam_policy":      googleIapWebRegionForwardingRuleServiceIamPolicy,
+	"google_iap_brand":                                              placeholder, //being deprecated
+	"google_iap_client":                                             placeholder, //being deprecated
+	"google_iap_settings":                                           googleIapSettings,
+	"google_iap_tunnel_dest_group":                                  googleIapTunnelDestGroup,
+	"google_iap_web_forwarding_rule_service_iam_binding":            googleIapWebForwardingRuleServiceIamBinding,
+	"google_iap_web_forwarding_rule_service_iam_member":             googleIapWebForwardingRuleServiceIamMember,
+	"google_iap_web_forwarding_rule_service_iam_policy":             googleIapWebForwardingRuleServiceIamPolicy,
+	"google_gemini_code_repository_index":                           googleGeminiCodeRepositoryIndex,
+	"google_gemini_code_tools_setting":                              googleGeminiCodeToolsSetting,
+	"google_gemini_code_tools_setting_binding":                      googleGeminiCodeToolsSettingBinding,
+	"google_gemini_data_sharing_with_google_setting":                googleGeminiDataSharingWithGoogleSetting,
+	"google_gemini_data_sharing_with_google_setting_binding":        googleGeminiDataSharingWithGoogleSettingBinding,
+	"google_gemini_gemini_gcp_enablement_setting":                   googleGeminiGeminiGcpEnablementSetting,
+	"google_gemini_gemini_gcp_enablement_setting_binding":           googleGeminiGeminiGcpEnablementSettingBinding,
+	"google_gemini_logging_setting":                                 googleGeminiLoggingSetting,
+	"google_gemini_logging_setting_binding":                         googleGeminiLoggingSettingBinding,
+	"google_gemini_release_channel_setting":                         googleGeminiReleaseChannelSetting,
+	"google_gemini_release_channel_setting_binding":                 googleGeminiReleaseChannelSettingBinding,
+	"google_gemini_repository_group":                                googleGeminiRepositoryGroup,
+	"google_vertex_ai_cache_config":                                 googleVertexAiCacheConfig,
+	"google_vertex_ai_deployment_resource_pool":                     googleVertexAiDeploymentResourcePool,
+	"google_vertex_ai_rag_engine_config":                            googleVertexAiRagEngineConfig,
+	"google_vertex_ai_reasoning_engine":                             googleVertexAiReasoningEngine,
+	"google_vpc_access_connector":                                   googleVpcAccessConnector,
+	"google_workbench_instance":                                     googleWorkbenchInstance,
+	"google_vertex_ai_endpoint_with_model_garden_deployment":        googleVertexAiEndpointWithModelGardenDeployment,
+	"google_vertex_ai_index_endpoint_deployed_index":                googleVertexAiIndexEndpointDeployedIndex,
 }
diff --git a/src/gcp_datasource.go b/src/gcp_datasource.go
index 35604ebc..56a9a275 100644
--- a/src/gcp_datasource.go
+++ b/src/gcp_datasource.go
@@ -20,249 +20,409 @@ func GetGCPDataPermissions(result ResourceV2) ([]string, error) {
 
 func GCPDataLookup(result string) interface{} {
 	TFLookup := map[string]interface{}{
-		"google_alloydb_locations":                               dataGoogleAlloydbLocations,
-		"google_alloydb_supported_database_flags":                dataGoogleAlloydbSupportedDatabaseFlags,
-		"google_api_gateway_api_config_iam_policy":               placeholder,
-		"google_api_gateway_api_iam_policy":                      placeholder,
-		"google_api_gateway_gateway_iam_policy":                  placeholder,
-		"google_apigee_environment_iam_policy":                   placeholder,
-		"google_app_engine_default_service_account":              dataGoogleAppEngineDefaultServiceAccount,
-		"google_artifact_registry_repository":                    dataGoogleArtifactRegistryRepository,
-		"google_artifact_registry_repository_iam_policy":         dataGoogleArtifactRegistryRepositoryIamPolicy,
-		"google_beyondcorp_app_connection":                       dataGoogleBeyondcorpAppConnection,
-		"google_beyondcorp_app_connector":                        dataGoogleBeyondcorpAppConnector,
-		"google_beyondcorp_app_gateway":                          dataGoogleBeyondcorpAppGateway,
-		"google_bigquery_analytics_hub_data_exchange_iam_policy": dataGoogleBigqueryHubDataExchangeIamPolicy,
-		"google_bigquery_analytics_hub_listing_iam_policy":       dataGoogleBigqueryAnalyticsHubListingIamPolicy,
-		"google_bigquery_connection_iam_policy":                  placeholder,
-		"google_bigquery_datapolicy_data_policy_iam_policy":      dataGoogleBigqueryDatapolicyDataPolicyIamPolicy,
-		"google_bigquery_dataset_iam_policy":                     placeholder,
-		"google_bigquery_default_service_account":                dataGoogleBigqueryDefaultServiceAccount,
-		"google_bigquery_table_iam_policy":                       placeholder,
-		"google_bigtable_instance_iam_policy":                    dataGoogleBigtableInstanceIamPolicy,
-		"google_bigtable_table_iam_policy":                       placeholder,
-		"google_client_config":                                   placeholder,
-		"google_client_openid_userinfo":                          placeholder,
-		"google_cloud_run_locations":                             dataGoogleCloudRunLocations,
-		"google_cloud_run_service":                               dataGoogleCloudRunService,
-		"google_cloud_run_service_iam_policy":                    dataGoogleCloudRunServiceIamPolicy,
-		"google_cloud_run_v2_job":                                dataGoogleCloudRunV2Job,
-		"google_cloud_run_v2_job_iam_policy":                     dataGoogleCloudRunV2JobIamPolicy,
-		"google_cloud_run_v2_service":                            dataGoogleCloudRunV2Service,
-		"google_cloud_run_v2_service_iam_policy":                 dataGoogleCloudRunV2ServiceIamPolicy,
-		"google_cloudfunctions2_function":                        dataGoogleCloudfunctionsFunction,
-		"google_cloudfunctions2_function_iam_policy":             dataGoogleCloudfunctionsFunctionIamPolicy,
-		"google_cloudfunctions_function":                         dataGoogleCloudfunctionsFunction,
-		"google_cloudfunctions_function_iam_policy":              dataGoogleCloudfunctionsFunctionIamPolicy,
-		"google_compute_address":                                 dataGoogleComputeAddress,
-		"google_compute_addresses":                               dataGoogleComputeAddresses,
-		"google_compute_backend_bucket":                          dataGoogleComputeBackendBucket,
-		"google_compute_backend_bucket_iam_policy":               dataGoogleComputeBackendBucketIamPolicy,
-		"google_compute_backend_service":                         dataGoogleComputeBackendService,
-		"google_compute_backend_service_iam_policy":              dataGoogleComputeBackendServiceIamPolicy,
-		"google_compute_default_service_account":                 dataGoogleComputeDefaultServiceAccount,
-		"google_compute_disk":                                    dataGoogleComputeDisk,
-		"google_compute_disk_iam_policy":                         dataGoogleComputeDiskIamPolicy,
-		"google_compute_forwarding_rule":                         dataGoogleComputeForwardingRule,
-		"google_compute_global_address":                          dataGoogleComputeGlobalAddress,
-		"google_compute_global_forwarding_rule":                  dataGoogleComputeGlobalForwardingRule,
-		"google_compute_ha_vpn_gateway":                          dataGoogleComputeHaVpnGateway,
-		"google_compute_health_check":                            dataGoogleComputeHealthCheck,
-		"google_compute_image":                                   placeholder,
-		"google_compute_image_iam_policy":                        dataGoogleComputeImageIamPolicy,
-		"google_compute_instance":                                dataGoogleComputeInstance,
-		"google_compute_instance_group":                          dataGoogleComputeInstanceGroup,
-		"google_compute_instance_group_manager":                  dataGoogleComputeInstanceGroupManager,
-		"google_compute_instance_iam_policy":                     placeholder,
-		"google_compute_instance_serial_port":                    dataGoogleComputeInstanceSerialPort,
-		"google_compute_instance_template":                       dataGoogleComputeInstanceTemplate,
-		"google_compute_lb_ip_ranges":                            placeholder,
-		"google_compute_machine_image_iam_policy":                dataGoogleComputeMachineImageIamPolicy,
-		"google_compute_network":                                 dataGoogleComputeNetwork,
-		"google_compute_network_endpoint_group":                  dataGoogleComputeNetworkEndpointGroup,
-		"google_compute_network_peering":                         placeholder,
-		"google_compute_networks":                                dataGoogleComputeNetworks,
-		"google_compute_node_types":                              dataGoogleComputeNodeTypes,
-		"google_compute_region_backend_service_iam_policy":       dataGoogleComputeRegionBackendServiceIamPolicy,
-		"google_compute_region_disk_iam_policy":                  dataGoogleComputeRegionDiskIamPolicy,
-		"google_compute_region_instance_group":                   dataGoogleComputeRegionInstanceGroup,
-		"google_compute_region_instance_template":                dataGoogleComputeRegionInstanceTemplate,
-		"google_compute_region_network_endpoint_group":           dataGoogleComputeRegionNetworkEndpointGroup,
-		"google_compute_region_ssl_certificate":                  placeholder,
-		"google_compute_regions":                                 dataGoogleComputeRegions,
-		"google_compute_resource_policy":                         dataGoogleComputeResourcePolicy,
-		"google_compute_router":                                  dataGoogleComputeRouter,
-		"google_compute_router_nat":                              dataGoogleComputeRouterNat,
-		"google_compute_router_status":                           dataGoogleComputeRouterStatus,
-		"google_compute_snapshot":                                dataGoogleComputeSnapshot,
-		"google_compute_snapshot_iam_policy":                     dataGoogleComputeSnapshotIamPolicy,
-		"google_compute_ssl_certificate":                         dataGoogleComputeSslCertificate,
-		"google_compute_ssl_policy":                              dataGoogleComputeSslPolicy,
-		"google_compute_subnetwork":                              dataGoogleComputeSubnetwork,
-		"google_compute_subnetwork_iam_policy":                   dataGoogleComputeSubnetworkIamPolicy,
-		"google_compute_vpn_gateway":                             dataGoogleComputeVpnGateway,
-		"google_compute_zones":                                   dataGoogleComputeZones,
-		"google_container_analysis_note_iam_policy":              dataGoogleContainerAnalysisNoteIamPolicy,
-		"google_container_cluster":                               dataGoogleContainerCluster,
-		"google_container_engine_versions":                       placeholder,
-		"google_container_registry_image":                        placeholder,
-		"google_container_registry_repository":                   placeholder,
-		"google_dns_keys":                                        dataGoogleDNSKeys,
-		"google_dns_managed_zone":                                dataGoogleDNSManagedZone,
-		"google_dns_managed_zone_iam_policy":                     dataGoogleDNSManagedZoneIamPolicy,
-		"google_dns_record_set":                                  dataGoogleDNSRecordSet,
-		"google_gke_backup_backup_plan_iam_policy":               dataGoogleGkeBackupBackupPlanIamPolicy,
-		"google_gke_backup_restore_plan_iam_policy":              dataGoogleGkeBackupRestorePlanIamPolicy,
-		"google_gke_hub_feature_iam_policy":                      dataGoogleGkeHubFeatureIamPolicy,
-		"google_gke_hub_membership_iam_policy":                   dataGoogleGkeHubMembershipIamPolicy,
-		"google_gke_hub_scope_iam_policy":                        dataGoogleGkeHubScopeIamPolicy,
-		"google_iam_policy":                                      placeholder,
-		"google_iam_role":                                        placeholder,
-		"google_kms_crypto_key":                                  dataGoogleKmsCryptoKey,
-		"google_kms_crypto_key_iam_policy":                       dataGoogleKmsCryptoKeyIamPolicy,
-		"google_kms_crypto_key_version":                          dataGoogleKmsCryptoKeyVersion,
-		"google_kms_key_ring":                                    dataGoogleKmsKeyRing,
-		"google_kms_key_ring_iam_policy":                         dataGoogleKmsKeyRingIamPolicy,
-		"google_kms_secret":                                      dataGoogleKmsSecret,
-		"google_kms_secret_asymmetric":                           dataGoogleKmsSecretAsymnetric,
-		"google_kms_secret_ciphertext":                           placeholder,
-		"google_project":                                         dataGoogleProject,
-		"google_project_service":                                 dataGoogleProjectService,
-		"google_projects":                                        placeholder,
-		"google_pubsub_subscription":                             dataGooglePubsubSubscription,
-		"google_pubsub_subscription_iam_policy":                  dataGooglePubsubSubscriptionIamPolicy,
-		"google_pubsub_topic":                                    dataGooglePubsubTopic,
-		"google_pubsub_topic_iam_policy":                         dataGooglePubsubTopicIamPolicy,
-		"google_redis_instance":                                  dataGoogleRedisInstance,
-		"google_secret_manager_secret":                           dataGoogleSecretManagerSecret,
-		"google_secret_manager_secret_iam_policy":                dataGoogleSecretManagerSecretIamPolicy,
-		"google_secret_manager_secret_version":                   dataGoogleSecretManagerSecretVersion,
-		"google_secret_manager_secret_version_access":            dataGoogleManagerSecretVersionAccess,
-		"google_service_account":                                 dataGoogleServiceAccount,
-		"google_service_account_access_token":                    dataGoogleServiceAccountAccessToken,
-		"google_service_account_iam_policy":                      dataGoogleServiceAccountIamPolicy,
-		"google_service_account_id_token":                        placeholder,
-		"google_service_account_jwt":                             dataGoogleServiceAccountJwt,
-		"google_service_account_key":                             dataGoogleServiceAccountKey,
-		"google_sourcerepo_repository":                           dataGoogleSourcerepoRepository,
-		"google_sourcerepo_repository_iam_policy":                dataGoogleSourcerepoRepositoryIamPolicy,
-		"google_spanner_database_iam_policy":                     dataGoogleSpannerDatabaseIamPolicy,
-		"google_spanner_instance":                                dataGoogleSpannerInstance,
-		"google_spanner_instance_iam_policy":                     dataGoogleSpannerInstanceIamPolicy,
-		"google_sql_database":                                    dataGoogleSQLDatabase,
-		"google_sql_database_instance":                           dataGoogleSQLDatabaseInstance,
-		"google_sql_database_instances":                          dataGoogleSQLDatabaseInstances,
-		"google_sql_databases":                                   dataGoogleSQLDatabases,
-		"google_sql_tiers":                                       placeholder,
-		"google_storage_bucket":                                  dataGoogleStorageBucket,
-		"google_storage_bucket_iam_policy":                       dataGoogleStorageBucketIamPolicy,
-		"google_storage_bucket_object":                           dataGoogleStorageBucketObject,
-		"google_storage_bucket_object_content":                   dataGoogleStorageBucketObjectContent,
-		"google_storage_object_signed_url":                       placeholder,
-		"google_storage_project_service_account":                 dataGoogleStorageProjectServiceAccount,
-		"google_storage_transfer_project_service_account":        dataGoogleStorageTransferProjectServiceAccount,
-		"google_vertex_ai_featurestore_entitytype_iam_policy":    dataGoogleVertexAiFeaturestoreEntitytypeIamPolicy,
-		"google_vertex_ai_featurestore_iam_policy":               dataGoogleVertexAiFeaturestoreIamPolicy,
-		"google_cloudbuild_trigger":                              dataGoogleCloudbuildTrigger,
-		"google_cloudbuildv2_connection_iam_policy":              dataGoogleCloudbuildv2ConnectionIamPolicy,
-		"google_monitoring_istio_canonical_service":              dataGoogleMonitoringIstioCanonicalService,
-		"google_monitoring_mesh_istio_service":                   dataGoogleMonitoringMeshIstioService,
-		"google_monitoring_notification_channel":                 dataGoogleMonitoringNotificationChannel,
-		"google_monitoring_uptime_check_ips":                     placeholder,
-		"google_tpu_tensorflow_versions":                         dataGoogleTpuTensorflowVersions,
-		"google_tpu_v2_accelerator_types":                        dataGoogleTpuV2AcceleratorTypes,
-		"google_tpu_v2_runtime_versions":                         dataGoogleTpuV2RuntimeVersions,
-		"google_vmwareengine_cluster":                            placeholder,
-		"google_vmwareengine_network":                            dataGoogleVmwareengineNetwork,
-		"google_vmwareengine_private_cloud":                      dataGoogleVmwareenginePrivateCloud,
-		"google_vpc_access_connector":                            dataGoogleVpcAccessConnector,
-		"google_workstations_workstation_config_iam_policy":      dataGoogleWorkstationsWorkstationConfigIamPolicy,
-		"google_workstations_workstation_iam_policy":             dataGoogleWorkstationsWorkstationIamPolicy,
-		"google_netblock_ip_ranges":                              placeholder,
-		"google_notebooks_instance_iam_policy":                   dataGoogleNotebooksInstanceIamPolicy,
-		"google_notebooks_runtime_iam_policy":                    dataGoogleNotebooksRuntimeIamPolicy,
-		"google_organization":                                    placeholder,
-		"google_secret_manager_secrets":                          dataGoogleSecretManagerSecrets,
-		"google_tags_tag_key":                                    dataGoogleTagsTagKey,
-		"google_access_approval_folder_service_account":          placeholder,
-		"google_access_approval_organization_service_account":    placeholder,
-		"google_access_approval_project_service_account":         placeholder,
-		"google_access_context_manager_access_policy_iam_policy": placeholder,
-		"google_active_folder":                                   placeholder,
-		"google_bigquery_dataset":                                placeholder,
-		"google_billing_account_iam_policy":                      placeholder,
-		"google_binary_authorization_attestor_iam_policy":        dataGoogleBinaryAuthorizationAttestorIamPolicy,
-		"google_certificate_manager_certificate_map":             dataGoogleCertificateManagerCertificateMap,
-		"google_cloud_identity_group_lookup":                     placeholder,
-		"google_cloud_identity_group_memberships":                placeholder,
-		"google_cloud_identity_groups":                           placeholder,
-		"google_cloud_tasks_queue_iam_policy":                    dataGoogleCloudTasksQueueIamPolicy,
-		"google_composer_environment":                            dataGoogleComposerEnvironment,
-		"google_composer_image_versions":                         dataGoogleComposerImageVersions,
-		"google_container_attached_versions":                     dataGoogleContainerAttachedVersions,
-		"google_data_catalog_entry_group_iam_policy":             placeholder,
-		"google_data_catalog_policy_tag_iam_policy":              placeholder,
-		"google_data_catalog_tag_template_iam_policy":            placeholder,
-		"google_data_fusion_instance_iam_policy":                 dataGoogleDataFusionInstanceIamPolicy,
-		"google_dataplex_asset_iam_policy":                       dataGoogleDataplexAssetIamPolicy,
-		"google_dataplex_datascan_iam_policy":                    dataGoogleDataplexDatascanIamPolicy,
-		"google_dataplex_lake_iam_policy":                        dataGoogleDataplexLakeIamPolicy,
-		"google_dataplex_task_iam_policy":                        dataGoogleDataplexTaskIamPolicy,
-		"google_dataplex_zone_iam_policy":                        dataGoogleDataplexZoneIamPolicy,
-		"google_dataproc_autoscaling_policy_iam_policy":          placeholder,
-		"google_dataproc_cluster_iam_policy":                     placeholder,
-		"google_dataproc_job_iam_policy":                         placeholder,
-		"google_dataproc_metastore_federation_iam_policy":        dataGoogleDataprocMetaStoreFederationIamPolicy,
-		"google_dataproc_metastore_service":                      dataGoogleDataprocMetastoreService,
-		"google_dataproc_metastore_service_iam_policy":           dataGoogleDataprocMetastoreServiceIamPolicy,
-		"google_datastream_static_ips":                           dataGoogleDataStreamStaticIps,
-		"google_endpoints_service_consumers_iam_policy":          placeholder,
-		"google_folder_organization_policy":                      placeholder,
-		"google_healthcare_consent_store_iam_policy":             dataGoogleHealthcareConsentStoreIamPolicy,
-		"google_healthcare_dataset_iam_policy":                   dataGoogleHealthcareDatasetStoreIamPolicy,
-		"google_healthcare_dicom_store_iam_policy":               dataGoogleHealthcareDicomStoreIamPolicy,
-		"google_healthcare_fhir_store_iam_policy":                dataGoogleHealthcareFhirStoreIamPolicy,
-		"google_healthcare_hl7_v2_store_iam_policy":              dataGoogleHealthcareHl7V2StoreIamPolicy,
-		"google_iam_workload_identity_pool":                      dataGoogleIamWorkloadIdentityPool,
-		"google_iam_workload_identity_pool_provider":             dataGoogleIamWorkloadIdentityPoolProvider,
-		"google_iap_app_engine_service_iam_policy":               dataGoogleIapAppEngineServiceIamPolicy,
-		"google_iap_app_engine_version_iam_policy":               dataGoogleIapAppEngineVersionIamPolicy,
-		"google_iap_client":                                      placeholder,
-		"google_iap_tunnel_iam_policy":                           dataGoogleIapTunnelIamPolicy,
-		"google_iap_tunnel_instance_iam_policy":                  dataGoogleIapTunnelInstanceIamPolicy,
-		"google_iap_web_backend_service_iam_policy":              dataGoogleIapWebBackendServiceIamPolicy,
-		"google_iap_web_iam_policy":                              dataGoogleIapWebIamPolicy,
-		"google_iap_web_region_backend_service_iam_policy":       dataGoogleIapWebRegionBackendServiceIamPolicy,
-		"google_iap_web_type_app_engine_iam_policy":              dataGoogleIapWebTypeAppEngineIamPolicy,
-		"google_iap_web_type_compute_iam_policy":                 dataGoogleIapWebTypeComputeIamPolicy,
-		"google_logging_project_cmek_settings":                   dataGoogleLoggingProjectCmekSettings,
-		"google_monitoring_app_engine_service":                   dataGoogleMonitoringAppEngineService,
-		"google_monitoring_cluster_istio_service":                dataGoogleMonitoringClusterIstioService,
-		"google_vmwareengine_network_policy":                     dataGoogleVmwareengineNetworkPolicy,
-		"google_vmwareengine_network_peering":                    dataGoogleVmwareengineNetworkPeering,
-		"google_vertex_ai_endpoint_iam_policy":                   dataGoogleVertexAiEndpointIamPolicy,
-		"google_vmwareengine_external_address":                   dataGoogleVmwareengineExternalAddress,
-		"google_vmwareengine_nsx_credentials":                    dataGoogleVmwareengineNsxCredentials,
-		"google_vmwareengine_subnet":                             dataGoogleVmwareengineSubnet,
-		"google_vmwareengine_vcenter_credentials":                dataGoogleVmwareengineVcenterCredentials,
-		"google_workbench_instance_iam_policy":                   dataGoogleWorkbenchInstanceIamPolicy,
-		"google_vmwareengine_external_access_rule":               placeholder,
-		"google_compute_region_disk":                             dataGoogleComputeRegionDisk,
-		"google_compute_reservation":                             dataGoogleComputeReservation,
-		"google_filestore_instance":                              dataGoogleFilestoreInstance,
-		"google_logging_project_settings":                        dataGoogleLoggingProjectSettings,
-		"google_billing_account":                                 placeholder,
-		"google_logging_folder_settings":                         placeholder,
-		"google_logging_organization_settings":                   placeholder,
-		"google_network_security_address_group_iam_policy":       dataGoogleSecurityAddressGroupIamPolicy,
-		"google_service_directory_namespace_iam_policy":          dataGoogleServiceDirectoryNamespaceIamPolicy,
-		"google_service_directory_service_iam_policy":            dataGoogleServiceDirectoryServiceIamPolicy,
-		"google_sql_backup_run":                                  dataGoogleSQLBackupRun,
-		"google_sql_ca_certs":                                    placeholder,
-		"google_sql_database_instance_latest_recovery_time":      dataGoogleSQLDatabaseInstanceLatestRecoveryTime,
-		"google_data_catalog_taxonomy_iam_policy":                dataGoogleDataCatalogTaxonomyIamPolicy,
-		"google_dataform_repository_iam_policy":                  dataGoogleDataformRepositoryIamPolicy,
-		"google_endpoints_service_iam_policy":                    dataGoogleEndpointsServiceIamPolicy,
+		"google_access_approval_folder_service_account":                placeholder,
+		"google_access_approval_organization_service_account":          placeholder,
+		"google_access_approval_project_service_account":               placeholder,
+		"google_access_context_manager_access_policy_iam_policy":       placeholder,
+		"google_active_folder":                                         placeholder,
+		"google_alloydb_cluster":                                       dataGoogleAlloydbCluster,
+		"google_alloydb_instance":                                      dataGoogleAlloydbInstance,
+		"google_alloydb_locations":                                     dataGoogleAlloydbLocations,
+		"google_alloydb_supported_database_flags":                      dataGoogleAlloydbSupportedDatabaseFlags,
+		"google_api_gateway_api_config_iam_policy":                     placeholder,
+		"google_api_gateway_api_iam_policy":                            placeholder,
+		"google_api_gateway_gateway_iam_policy":                        placeholder,
+		"google_apigee_environment_iam_policy":                         placeholder,
+		"google_app_engine_default_service_account":                    dataGoogleAppEngineDefaultServiceAccount,
+		"google_apphub_application":                                    dataGoogleApphubApplication,
+		"google_apphub_discovered_service":                             dataGoogleApphubDiscoveredService,
+		"google_apphub_discovered_workload":                            dataGoogleApphubDiscoveredWorkload,
+		"google_artifact_registry_docker_image":                        dataGoogleArtifactRegistryDockerImage,
+		"google_artifact_registry_locations":                           dataGoogleArtifactRegistryLocations,
+		"google_artifact_registry_repository":                          dataGoogleArtifactRegistryRepository,
+		"google_artifact_registry_repository_iam_policy":               dataGoogleArtifactRegistryRepositoryIamPolicy,
+		"google_backup_dr_backup":                                      dataGoogleBackupDrBackup,
+		"google_backup_dr_backup_plan_association":                     dataGoogleBackupDrPlanAssociation,
+		"google_backup_dr_backup_vault":                                dataGoogleBackupDrBackupVault,
+		"google_backup_dr_data_source":                                 dataGoogleBackupDrDataSource,
+		"google_beyondcorp_app_connection":                             dataGoogleBeyondcorpAppConnection,
+		"google_beyondcorp_app_connector":                              dataGoogleBeyondcorpAppConnector,
+		"google_beyondcorp_app_gateway":                                dataGoogleBeyondcorpAppGateway,
+		"google_beyondcorp_application_iam_policy":                     dataGoogleBeyondcorpApplicationIamPolicy,
+		"google_beyondcorp_security_gateway":                           dataGoogleBeyondcorpSecurityGateway,
+		"google_beyondcorp_security_gateway_application_iam_policy":    dataGoogleBeyondcorpSecurityGatewayApplicationIamPolicy,
+		"google_beyondcorp_security_gateway_iam_policy":                dataGoogleBeyondcorpSecurityGatewayIamPolicy,
+		"google_bigquery_analytics_hub_data_exchange_iam_policy":       dataGoogleBigqueryHubDataExchangeIamPolicy,
+		"google_bigquery_analytics_hub_listing_iam_policy":             dataGoogleBigqueryAnalyticsHubListingIamPolicy,
+		"google_bigquery_connection_iam_policy":                        placeholder,
+		"google_bigquery_datapolicy_data_policy_iam_policy":            dataGoogleBigqueryDatapolicyDataPolicyIamPolicy,
+		"google_bigquery_dataset":                                      placeholder,
+		"google_bigquery_dataset_iam_policy":                           placeholder,
+		"google_bigquery_datasets":                                     placeholder,
+		"google_bigquery_default_service_account":                      dataGoogleBigqueryDefaultServiceAccount,
+		"google_bigquery_table":                                        placeholder,
+		"google_bigquery_table_iam_policy":                             placeholder,
+		"google_bigquery_tables":                                       placeholder,
+		"google_bigtable_instance_iam_policy":                          dataGoogleBigtableInstanceIamPolicy,
+		"google_bigtable_table_iam_policy":                             placeholder,
+		"google_billing_account":                                       placeholder,
+		"google_billing_account_iam_policy":                            placeholder,
+		"google_binary_authorization_attestor_iam_policy":              dataGoogleBinaryAuthorizationAttestorIamPolicy,
+		"google_certificate_manager_certificate_map":                   dataGoogleCertificateManagerCertificateMap,
+		"google_certificate_manager_certificates":                      dataGoogleCertificateManagerCertificates,
+		"google_client_config":                                         placeholder,
+		"google_client_openid_userinfo":                                placeholder,
+		"google_cloud_identity_group_lookup":                           placeholder,
+		"google_cloud_identity_group_memberships":                      placeholder,
+		"google_cloud_identity_groups":                                 placeholder,
+		"google_cloud_quotas_quota_info":                               placeholder,
+		"google_cloud_quotas_quota_infos":                              placeholder,
+		"google_cloud_run_locations":                                   dataGoogleCloudRunLocations,
+		"google_cloud_run_service":                                     dataGoogleCloudRunService,
+		"google_cloud_run_service_iam_policy":                          dataGoogleCloudRunServiceIamPolicy,
+		"google_cloud_run_v2_job":                                      dataGoogleCloudRunV2Job,
+		"google_cloud_run_v2_job_iam_policy":                           dataGoogleCloudRunV2JobIamPolicy,
+		"google_cloud_run_v2_service":                                  dataGoogleCloudRunV2Service,
+		"google_cloud_run_v2_service_iam_policy":                       dataGoogleCloudRunV2ServiceIamPolicy,
+		"google_cloud_run_v2_worker_pool":                              dataGoogleCloudRunV2WorkerPool,
+		"google_cloud_run_v2_worker_pool_iam_policy":                   dataGoogleCloudRunWorkerPoolIamPolicy,
+		"google_cloud_tasks_queue_iam_policy":                          dataGoogleCloudTasksQueueIamPolicy,
+		"google_cloudbuild_trigger":                                    dataGoogleCloudbuildTrigger,
+		"google_cloudbuildv2_connection_iam_policy":                    dataGoogleCloudbuildv2ConnectionIamPolicy,
+		"google_clouddeploy_custom_target_type_iam_policy":             dataGoogleClouddeployCustomTargetTypeIamPolicy,
+		"google_clouddeploy_delivery_pipeline_iam_policy":              dataGoogleClouddeployDeliveryPipelineIamPolicy,
+		"google_clouddeploy_target_iam_policy":                         dataGoogleClouddeployTargetIamPolicy,
+		"google_cloudfunctions2_function":                              dataGoogleCloudfunctionsFunction,
+		"google_cloudfunctions2_function_iam_policy":                   dataGoogleCloudfunctionsFunctionIamPolicy,
+		"google_cloudfunctions_function":                               dataGoogleCloudfunctionsFunction,
+		"google_cloudfunctions_function_iam_policy":                    dataGoogleCloudfunctionsFunctionIamPolicy,
+		"google_colab_runtime_template_iam_policy":                     dataGoogleColabRuntimeTemplateIamPolicy,
+		"google_composer_environment":                                  dataGoogleComposerEnvironment,
+		"google_composer_image_versions":                               dataGoogleComposerImageVersions,
+		"google_composer_user_workloads_config_map":                    dataGoogleComposerUserWorkloadsConfigMap,
+		"google_composer_user_workloads_secret":                        dataGoogleComposerUserWorkloadsSecret,
+		"google_compute_address":                                       dataGoogleComputeAddress,
+		"google_compute_addresses":                                     dataGoogleComputeAddresses,
+		"google_compute_backend_bucket":                                dataGoogleComputeBackendBucket,
+		"google_compute_backend_bucket_iam_policy":                     dataGoogleComputeBackendBucketIamPolicy,
+		"google_compute_backend_service":                               dataGoogleComputeBackendService,
+		"google_compute_backend_service_iam_policy":                    dataGoogleComputeBackendServiceIamPolicy,
+		"google_compute_default_service_account":                       dataGoogleComputeDefaultServiceAccount,
+		"google_compute_disk":                                          dataGoogleComputeDisk,
+		"google_compute_disk_iam_policy":                               dataGoogleComputeDiskIamPolicy,
+		"google_compute_forwarding_rule":                               dataGoogleComputeForwardingRule,
+		"google_compute_forwarding_rules":                              dataGoogleComputeForwardingRules,
+		"google_compute_global_address":                                dataGoogleComputeGlobalAddress,
+		"google_compute_global_forwarding_rule":                        dataGoogleComputeGlobalForwardingRule,
+		"google_compute_ha_vpn_gateway":                                dataGoogleComputeHaVpnGateway,
+		"google_compute_health_check":                                  dataGoogleComputeHealthCheck,
+		"google_compute_image":                                         placeholder,
+		"google_compute_image_iam_policy":                              dataGoogleComputeImageIamPolicy,
+		"google_compute_images":                                        dataGoogleComputeImages,
+		"google_compute_instance":                                      dataGoogleComputeInstance,
+		"google_compute_instance_group":                                dataGoogleComputeInstanceGroup,
+		"google_compute_instance_group_manager":                        dataGoogleComputeInstanceGroupManager,
+		"google_compute_instance_guest_attributes":                     dataGoogleComputeInstanceGuestAttributes,
+		"google_compute_instance_iam_policy":                           placeholder,
+		"google_compute_instance_serial_port":                          dataGoogleComputeInstanceSerialPort,
+		"google_compute_instance_template":                             dataGoogleComputeInstanceTemplate,
+		"google_compute_instance_template_iam_policy":                  dataGoogleComputeInstanceTemplateIamPolicy,
+		"google_compute_instant_snapshot_iam_policy":                   dataGoogleComputeInstantSnapshotIamPolicy,
+		"google_compute_lb_ip_ranges":                                  placeholder,
+		"google_compute_machine_image_iam_policy":                      dataGoogleComputeMachineImageIamPolicy,
+		"google_compute_machine_types":                                 dataGoogleComputeMachineTypes,
+		"google_compute_network":                                       dataGoogleComputeNetwork,
+		"google_compute_network_endpoint_group":                        dataGoogleComputeNetworkEndpointGroup,
+		"google_compute_network_peering":                               placeholder,
+		"google_compute_networks":                                      dataGoogleComputeNetworks,
+		"google_compute_node_types":                                    dataGoogleComputeNodeTypes,
+		"google_compute_region_backend_service":                        dataGoogleComputeRegionBackendService,
+		"google_compute_region_backend_service_iam_policy":             dataGoogleComputeRegionBackendServiceIamPolicy,
+		"google_compute_region_disk":                                   dataGoogleComputeRegionDisk,
+		"google_compute_region_disk_iam_policy":                        dataGoogleComputeRegionDiskIamPolicy,
+		"google_compute_region_instance_group":                         dataGoogleComputeRegionInstanceGroup,
+		"google_compute_region_instance_group_manager":                 dataGoogleComputeRegionInstanceGroupManager,
+		"google_compute_region_instance_template":                      dataGoogleComputeRegionInstanceTemplate,
+		"google_compute_region_network_endpoint_group":                 dataGoogleComputeRegionNetworkEndpointGroup,
+		"google_compute_region_ssl_certificate":                        placeholder,
+		"google_compute_regions":                                       dataGoogleComputeRegions,
+		"google_compute_reservation":                                   dataGoogleComputeReservation,
+		"google_compute_resource_policy":                               dataGoogleComputeResourcePolicy,
+		"google_compute_router":                                        dataGoogleComputeRouter,
+		"google_compute_router_nat":                                    dataGoogleComputeRouterNat,
+		"google_compute_router_status":                                 dataGoogleComputeRouterStatus,
+		"google_compute_security_policy":                               dataGoogleComputeSecurityPolicy,
+		"google_compute_snapshot":                                      dataGoogleComputeSnapshot,
+		"google_compute_snapshot_iam_policy":                           dataGoogleComputeSnapshotIamPolicy,
+		"google_compute_ssl_certificate":                               dataGoogleComputeSslCertificate,
+		"google_compute_ssl_policy":                                    dataGoogleComputeSslPolicy,
+		"google_compute_storage_pool_iam_policy":                       dataGoogleComputeStoragePoolIamPolicy,
+		"google_compute_storage_pool_types":                            dataGoogleComputeStoragePoolTypes,
+		"google_compute_subnetwork":                                    dataGoogleComputeSubnetwork,
+		"google_compute_subnetwork_iam_policy":                         dataGoogleComputeSubnetworkIamPolicy,
+		"google_compute_subnetworks":                                   dataGoogleComputeSubnetworks,
+		"google_compute_vpn_gateway":                                   dataGoogleComputeVpnGateway,
+		"google_compute_zones":                                         dataGoogleComputeZones,
+		"google_container_analysis_note_iam_policy":                    dataGoogleContainerAnalysisNoteIamPolicy,
+		"google_container_attached_install_manifest":                   dataGoogleContainerAttachedInstallManifest,
+		"google_container_attached_versions":                           dataGoogleContainerAttachedVersions,
+		"google_container_aws_versions":                                dataGoogleContainerAwsVersions,
+		"google_container_azure_versions":                              dataGoogleContainerAzureVersions,
+		"google_container_cluster":                                     dataGoogleContainerCluster,
+		"google_container_engine_versions":                             placeholder,
+		"google_container_registry_image":                              placeholder,
+		"google_container_registry_repository":                         placeholder,
+		"google_data_catalog_entry_group_iam_policy":                   placeholder,
+		"google_data_catalog_policy_tag_iam_policy":                    placeholder,
+		"google_data_catalog_tag_template_iam_policy":                  placeholder,
+		"google_data_catalog_taxonomy_iam_policy":                      dataGoogleDataCatalogTaxonomyIamPolicy,
+		"google_data_fusion_instance_iam_policy":                       dataGoogleDataFusionInstanceIamPolicy,
+		"google_dataform_repository_iam_policy":                        dataGoogleDataformRepositoryIamPolicy,
+		"google_dataplex_aspect_type_iam_policy":                       dataGoogleDataplexAspectTypeIamPolicy,
+		"google_dataplex_asset_iam_policy":                             dataGoogleDataplexAssetIamPolicy,
+		"google_dataplex_datascan_iam_policy":                          dataGoogleDataplexDatascanIamPolicy,
+		"google_dataplex_entry_group_iam_policy":                       dataGoogleDataplexEntryGroupIamPolicy,
+		"google_dataplex_entry_type_iam_policy":                        dataGoogleDataplexEntryTypeIamPolicy,
+		"google_dataplex_glossary_iam_policy":                          dataGoogleDataplexGlossaryIamPolicy,
+		"google_dataplex_lake_iam_policy":                              dataGoogleDataplexLakeIamPolicy,
+		"google_dataplex_task_iam_policy":                              dataGoogleDataplexTaskIamPolicy,
+		"google_dataplex_zone_iam_policy":                              dataGoogleDataplexZoneIamPolicy,
+		"google_dataproc_autoscaling_policy_iam_policy":                placeholder,
+		"google_dataproc_cluster_iam_policy":                           placeholder,
+		"google_dataproc_job_iam_policy":                               placeholder,
+		"google_dataproc_metastore_database_iam_policy":                dataGoogleDataprocMetastoreDatabaseIamPolicy,
+		"google_dataproc_metastore_federation_iam_policy":              dataGoogleDataprocMetaStoreFederationIamPolicy,
+		"google_dataproc_metastore_service":                            dataGoogleDataprocMetastoreService,
+		"google_dataproc_metastore_service_iam_policy":                 dataGoogleDataprocMetastoreServiceIamPolicy,
+		"google_dataproc_metastore_table_iam_policy":                   dataGoogleDataprocMetastoreTableIamPolicy,
+		"google_datastream_static_ips":                                 dataGoogleDataStreamStaticIps,
+		"google_dns_keys":                                              dataGoogleDNSKeys,
+		"google_dns_managed_zone":                                      dataGoogleDNSManagedZone,
+		"google_dns_managed_zones":                                     dataGoogleDNSManagedZones,
+		"google_dns_managed_zone_iam_policy":                           dataGoogleDNSManagedZoneIamPolicy,
+		"google_dns_record_set":                                        dataGoogleDNSRecordSet,
+		"google_endpoints_service_consumers_iam_policy":                placeholder,
+		"google_endpoints_service_iam_policy":                          dataGoogleEndpointsServiceIamPolicy,
+		"google_filestore_instance":                                    dataGoogleFilestoreInstance,
+		"google_folder":                                                dataGoogleFolder,
+		"google_folder_iam_policy":                                     dataGoogleFolderIamPolicy,
+		"google_folder_organization_policy":                            placeholder,
+		"google_folders":                                               dataGoogleFolders,
+		"google_gemini_repository_group_iam_policy":                    dataGoogleGeminiRepositoryGroupIamPolicy,
+		"google_gke_backup_backup_plan_iam_policy":                     dataGoogleGkeBackupBackupPlanIamPolicy,
+		"google_gke_backup_restore_plan_iam_policy":                    dataGoogleGkeBackupRestorePlanIamPolicy,
+		"google_gke_hub_feature":                                       dataGoogleGkeHubFeature,
+		"google_gke_hub_feature_iam_policy":                            dataGoogleGkeHubFeatureIamPolicy,
+		"google_gke_hub_membership":                                    dataGoogleGkeHubMembership,
+		"google_gke_hub_membership_iam_policy":                         dataGoogleGkeHubMembershipIamPolicy,
+		"google_gke_hub_scope_iam_policy":                              dataGoogleGkeHubScopeIamPolicy,
+		"google_healthcare_consent_store_iam_policy":                   dataGoogleHealthcareConsentStoreIamPolicy,
+		"google_healthcare_dataset_iam_policy":                         dataGoogleHealthcareDatasetStoreIamPolicy,
+		"google_healthcare_dicom_store_iam_policy":                     dataGoogleHealthcareDicomStoreIamPolicy,
+		"google_healthcare_fhir_store_iam_policy":                      dataGoogleHealthcareFhirStoreIamPolicy,
+		"google_healthcare_hl7_v2_store_iam_policy":                    dataGoogleHealthcareHl7V2StoreIamPolicy,
+		"google_iam_policy":                                            placeholder,
+		"google_iam_role":                                              placeholder,
+		"google_iam_workload_identity_pool":                            dataGoogleIamWorkloadIdentityPool,
+		"google_iam_workload_identity_pool_iam_policy":                 dataGoogleIamWorkloadIdentityPoolIamPolicy,
+		"google_iam_workload_identity_pool_provider":                   dataGoogleIamWorkloadIdentityPoolProvider,
+		"google_iap_app_engine_service_iam_policy":                     dataGoogleIapAppEngineServiceIamPolicy,
+		"google_iap_app_engine_version_iam_policy":                     dataGoogleIapAppEngineVersionIamPolicy,
+		"google_iap_client":                                            placeholder,
+		"google_iap_tunnel_dest_group_iam_policy":                      dataGoogleIapTunnelDestGroupIamPolicy,
+		"google_iap_tunnel_iam_policy":                                 dataGoogleIapTunnelIamPolicy,
+		"google_iap_tunnel_instance_iam_policy":                        dataGoogleIapTunnelInstanceIamPolicy,
+		"google_iap_web_backend_service_iam_policy":                    dataGoogleIapWebBackendServiceIamPolicy,
+		"google_iap_web_cloud_run_service_iam_policy":                  dataGoogleIapWebCloudRunServiceIamPolicy,
+		"google_iap_web_iam_policy":                                    dataGoogleIapWebIamPolicy,
+		"google_iap_web_region_backend_service_iam_policy":             dataGoogleIapWebRegionBackendServiceIamPolicy,
+		"google_iap_web_type_app_engine_iam_policy":                    dataGoogleIapWebTypeAppEngineIamPolicy,
+		"google_iap_web_type_compute_iam_policy":                       dataGoogleIapWebTypeComputeIamPolicy,
+		"google_kms_autokey_config":                                    placeholder,
+		"google_kms_crypto_key":                                        dataGoogleKmsCryptoKey,
+		"google_kms_crypto_key_iam_policy":                             dataGoogleKmsCryptoKeyIamPolicy,
+		"google_kms_crypto_key_latest_version":                         placeholder,
+		"google_kms_crypto_key_version":                                dataGoogleKmsCryptoKeyVersion,
+		"google_kms_crypto_key_versions":                               placeholder,
+		"google_kms_crypto_keys":                                       placeholder,
+		"google_kms_ekm_connection_iam_policy":                         dataGoogleEkmConnectionIamPolicy,
+		"google_kms_key_handle":                                        dataGoogleKmsKeyHandle,
+		"google_kms_key_handles":                                       dataGoogleKmsKeyHandles,
+		"google_kms_key_ring":                                          dataGoogleKmsKeyRing,
+		"google_kms_key_ring_iam_policy":                               dataGoogleKmsKeyRingIamPolicy,
+		"google_kms_key_rings":                                         dataGoogleKmsKeyRings,
+		"google_kms_secret":                                            dataGoogleKmsSecret,
+		"google_kms_secret_asymmetric":                                 dataGoogleKmsSecretAsymnetric,
+		"google_kms_secret_ciphertext":                                 placeholder,
+		"google_logging_folder_settings":                               placeholder,
+		"google_logging_log_view_iam_policy":                           placeholder,
+		"google_logging_organization_settings":                         placeholder,
+		"google_logging_project_cmek_settings":                         dataGoogleLoggingProjectCmekSettings,
+		"google_logging_project_settings":                              dataGoogleLoggingProjectSettings,
+		"google_lustre_instance":                                       dataGoogleLustreInstance,
+		"google_memcache_instance":                                     dataGoogleMemcacheInstance,
+		"google_memorystore_instance":                                  dataGoogleMemorystoreInstance,
+		"google_monitoring_app_engine_service":                         dataGoogleMonitoringAppEngineService,
+		"google_monitoring_cluster_istio_service":                      dataGoogleMonitoringClusterIstioService,
+		"google_monitoring_istio_canonical_service":                    dataGoogleMonitoringIstioCanonicalService,
+		"google_monitoring_mesh_istio_service":                         dataGoogleMonitoringMeshIstioService,
+		"google_monitoring_notification_channel":                       dataGoogleMonitoringNotificationChannel,
+		"google_monitoring_uptime_check_ips":                           placeholder,
+		"google_netblock_ip_ranges":                                    placeholder,
+		"google_network_security_address_group_iam_policy":             dataGoogleSecurityAddressGroupIamPolicy,
+		"google_notebooks_instance_iam_policy":                         dataGoogleNotebooksInstanceIamPolicy,
+		"google_notebooks_runtime_iam_policy":                          dataGoogleNotebooksRuntimeIamPolicy,
+		"google_oracle_database_autonomous_database":                   dataGoogleOracleDatabaseAutonomousDatabase,
+		"google_oracle_database_autonomous_databases":                  dataGoogleOracleDatabaseAutonomousDatabases,
+		"google_oracle_database_cloud_exadata_infrastructure":          dataGoogleOracleDatabaseCloudExadataInfrastructure,
+		"google_oracle_database_cloud_exadata_infrastructures":         dataGoogleOracleDatabaseCloudExadataInfrastructures,
+		"google_oracle_database_cloud_vm_cluster":                      dataGoogleOracleDatabaseCloudVMCluster,
+		"google_oracle_database_cloud_vm_clusters":                     dataGoogleOracleDatabaseCloudVMClusters,
+		"google_oracle_database_db_nodes":                              dataGoogleOracleDatabaseDBNodes,
+		"google_oracle_database_db_servers":                            dataGoogleOracleDatabaseDBServers,
+		"google_organization":                                          placeholder,
+		"google_organization_iam_policy":                               dataGoogleOrganizationIamPolicy,
+		"google_parameter_manager_parameter":                           dataGoogleParameterManagerParameter,
+		"google_parameter_manager_parameter_version":                   dataGoogleParameterManagerParameterVersion,
+		"google_parameter_manager_parameter_version_render":            dataGoogleParameterManagerParameterVersionRender,
+		"google_parameter_manager_parameters":                          dataGoogleParameterManagerParameters,
+		"google_parameter_manager_regional_parameter":                  dataGoogleParameterManagerRegionalParameter,
+		"google_parameter_manager_regional_parameter_version":          dataGoogleParameterManagerRegionalParameterVersion,
+		"google_parameter_manager_regional_parameter_version_render":   dataGoogleParameterManagerRegionalParameterVersionRender,
+		"google_parameter_manager_regional_parameters":                 dataGoogleParameterManagerRegionalParameters,
+		"google_privateca_ca_pool_iam_policy":                          dataGooglePrivatecaCaPoolIamPolicy,
+		"google_privateca_certificate_authority":                       dataGooglePrivatecaCertificateAuthority,
+		"google_privateca_certificate_template_iam_policy":             dataGooglePrivatecaCertificateTemplateIamPolicy,
+		"google_privileged_access_manager_entitlement":                 dataGooglePrivilegedAccessManagerEntitlement,
+		"google_project":                                               dataGoogleProject,
+		"google_project_iam_custom_role":                               dataGoogleProjectIamCustomRole,
+		"google_project_iam_custom_roles":                              dataGoogleProjectIamCustomRoles,
+		"google_project_iam_policy":                                    dataGoogleProjectIamPolicy,
+		"google_project_organization_policy":                           dataGoogleProjectOrganizationPolicy,
+		"google_project_service":                                       dataGoogleProjectService,
+		"google_projects":                                              placeholder,
+		"google_pubsub_schema_iam_policy":                              placeholder,
+		"google_pubsub_subscription":                                   dataGooglePubsubSubscription,
+		"google_pubsub_subscription_iam_policy":                        dataGooglePubsubSubscriptionIamPolicy,
+		"google_pubsub_topic":                                          dataGooglePubsubTopic,
+		"google_pubsub_topic_iam_policy":                               dataGooglePubsubTopicIamPolicy,
+		"google_redis_instance":                                        dataGoogleRedisInstance,
+		"google_runtimeconfig_config_iam_policy":                       dataGoogleRuntimeconfigConfigIamPolicy,
+		"google_scc_source_iam_policy":                                 dataGoogleSccSourceIamPolicy,
+		"google_scc_v2_organization_source_iam_policy":                 dataGoogleSccV2OrganizationSourceIamPolicy,
+		"google_secret_manager_regional_secret":                        dataGoogleSecretManagerRegionalSecret,
+		"google_secret_manager_regional_secret_iam_policy":             dataGoogleSecretManagerRegionalSecretIamPolicy,
+		"google_secret_manager_regional_secret_version":                dataGoogleSecretManagerRegionalSecretVersion,
+		"google_secret_manager_regional_secret_version_access":         dataGoogleSecretManagerRegionalSecretVersionAccess,
+		"google_secret_manager_regional_secrets":                       dataGoogleSecretManagerRegionalSecrets,
+		"google_secret_manager_secret":                                 dataGoogleSecretManagerSecret,
+		"google_secret_manager_secret_iam_policy":                      dataGoogleSecretManagerSecretIamPolicy,
+		"google_secret_manager_secret_version":                         dataGoogleSecretManagerSecretVersion,
+		"google_secret_manager_secret_version_access":                  dataGoogleManagerSecretVersionAccess,
+		"google_secret_manager_secrets":                                dataGoogleSecretManagerSecrets,
+		"google_secure_source_manager_instance_iam_policy":             dataGoogleSecureSourceManagerInstanceIamPolicy,
+		"google_secure_source_manager_repository_iam_policy":           dataGoogleSecureSourceManagerRepositoryIamPolicy,
+		"google_service_account":                                       dataGoogleServiceAccount,
+		"google_service_account_access_token":                          dataGoogleServiceAccountAccessToken,
+		"google_service_account_iam_policy":                            dataGoogleServiceAccountIamPolicy,
+		"google_service_account_id_token":                              placeholder,
+		"google_service_account_jwt":                                   dataGoogleServiceAccountJwt,
+		"google_service_account_key":                                   dataGoogleServiceAccountKey,
+		"google_service_accounts":                                      dataGoogleServiceAccounts,
+		"google_service_directory_namespace_iam_policy":                dataGoogleServiceDirectoryNamespaceIamPolicy,
+		"google_service_directory_service_iam_policy":                  dataGoogleServiceDirectoryServiceIamPolicy,
+		"google_sourcerepo_repository":                                 dataGoogleSourcerepoRepository,
+		"google_sourcerepo_repository_iam_policy":                      dataGoogleSourcerepoRepositoryIamPolicy,
+		"google_spanner_database":                                      dataGoogleSpannerDatabase,
+		"google_spanner_database_iam_policy":                           dataGoogleSpannerDatabaseIamPolicy,
+		"google_spanner_instance":                                      dataGoogleSpannerInstance,
+		"google_spanner_instance_iam_policy":                           dataGoogleSpannerInstanceIamPolicy,
+		"google_sql_backup_run":                                        dataGoogleSQLBackupRun,
+		"google_sql_ca_certs":                                          placeholder,
+		"google_sql_database":                                          dataGoogleSQLDatabase,
+		"google_sql_database_instance":                                 dataGoogleSQLDatabaseInstance,
+		"google_sql_database_instance_latest_recovery_time":            dataGoogleSQLDatabaseInstanceLatestRecoveryTime,
+		"google_sql_database_instances":                                dataGoogleSQLDatabaseInstances,
+		"google_sql_databases":                                         dataGoogleSQLDatabases,
+		"google_sql_tiers":                                             placeholder,
+		"google_storage_bucket":                                        dataGoogleStorageBucket,
+		"google_storage_bucket_iam_policy":                             dataGoogleStorageBucketIamPolicy,
+		"google_storage_bucket_object":                                 dataGoogleStorageBucketObject,
+		"google_storage_bucket_object_content":                         dataGoogleStorageBucketObjectContent,
+		"google_storage_bucket_objects":                                dataGoogleStorageBucketObjects,
+		"google_storage_buckets":                                       dataGoogleStorageBuckets,
+		"google_storage_object_signed_url":                             placeholder,
+		"google_storage_project_service_account":                       dataGoogleStorageProjectServiceAccount,
+		"google_storage_transfer_project_service_account":              dataGoogleStorageTransferProjectServiceAccount,
+		"google_tags_tag_key":                                          dataGoogleTagsTagKey,
+		"google_tags_tag_key_iam_policy":                               dataGoogleTagsTagKeyIamPolicy,
+		"google_tags_tag_value_iam_policy":                             dataGoogleTagsTagValueIamPolicy,
+		"google_tpu_tensorflow_versions":                               dataGoogleTpuTensorflowVersions,
+		"google_tpu_v2_accelerator_types":                              dataGoogleTpuV2AcceleratorTypes,
+		"google_tpu_v2_runtime_versions":                               dataGoogleTpuV2RuntimeVersions,
+		"google_vertex_ai_endpoint_iam_policy":                         dataGoogleVertexAiEndpointIamPolicy,
+		"google_vertex_ai_feature_group_iam_policy":                    dataGoogleVertexAiFeatureGroupIamPolicy,
+		"google_vertex_ai_feature_online_store_featureview_iam_policy": dataGoogleVertexAiFeatureOnlineStoreFeatureviewIamPolicy,
+		"google_vertex_ai_feature_online_store_iam_policy":             dataGoogleVertexAiFeatureOnlineStoreIamPolicy,
+		"google_vertex_ai_featurestore_entitytype_iam_policy":          dataGoogleVertexAiFeaturestoreEntitytypeIamPolicy,
+		"google_vertex_ai_featurestore_iam_policy":                     dataGoogleVertexAiFeaturestoreIamPolicy,
+		"google_vmwareengine_cluster":                                  placeholder,
+		"google_vmwareengine_external_access_rule":                     placeholder,
+		"google_vmwareengine_external_address":                         dataGoogleVmwareengineExternalAddress,
+		"google_vmwareengine_network":                                  dataGoogleVmwareengineNetwork,
+		"google_vmwareengine_network_peering":                          dataGoogleVmwareengineNetworkPeering,
+		"google_vmwareengine_network_policy":                           dataGoogleVmwareengineNetworkPolicy,
+		"google_vmwareengine_nsx_credentials":                          dataGoogleVmwareengineNsxCredentials,
+		"google_vmwareengine_private_cloud":                            dataGoogleVmwareenginePrivateCloud,
+		"google_vmwareengine_subnet":                                   dataGoogleVmwareengineSubnet,
+		"google_vmwareengine_vcenter_credentials":                      dataGoogleVmwareengineVcenterCredentials,
+		"google_vpc_access_connector":                                  dataGoogleVpcAccessConnector,
+		"google_workbench_instance_iam_policy":                         dataGoogleWorkbenchInstanceIamPolicy,
+		"google_workstations_workstation_config_iam_policy":            dataGoogleWorkstationsWorkstationConfigIamPolicy,
+		"google_workstations_workstation_iam_policy":                   dataGoogleWorkstationsWorkstationIamPolicy,
+		"google_tags_tag_keys":                                         dataGoogleTagsTagKeys,
+		"google_tags_tag_value":                                        dataGoogleTagsTagValue,
+		"google_tags_tag_values":                                       dataGoogleTagsTagValues,
+		"google_storage_control_folder_intelligence_config":            dataGoogleStorageControlFolderIntelligenceConfig,
+		"google_storage_control_organization_intelligence_config":      dataGoogleStorageControlOrganizationIntelligenceConfig,
+		"google_storage_control_project_intelligence_config":           dataGoogleStorageControlProjectIntelligenceConfig,
+		"google_site_verification_token":                               placeholder,
+		"google_runtimeconfig_config":                                  dataGoogleRuntimeconfigConfig,
+		"google_runtimeconfig_variable":                                dataGoogleRuntimeconfigVariable,
+		"google_redis_cluster":                                         dataGoogleRedisCluster,
+		"google_project_ancestry":                                      dataGoogleProjectAncestry,
+		"google_access_context_manager_access_policy":                  dataGoogleAccessContextManagerAccessPolicy,
+		"google_cloud_identity_group_transitive_memberships":           placeholder,
+		"google_dataplex_data_quality_rules":                           dataGoogleDataplexDataQualityRules,
+		"google_firebase_android_app_config":                           placeholder,
+		"google_firebase_apple_app_config":                             placeholder,
+		"google_firebase_web_app_config":                               placeholder,
+		"google_organizations":                                         placeholder,
+		"google_organization_iam_custom_role":                          dataGoogleOrganizationIamCustomRole,
+		"google_organization_iam_custom_roles":                         dataGoogleOrganizationIamCustomRoles,
+		"google_compute_network_attachment":                            dataGoogleComputeNetworkAttachment,
+		"google_storage_insights_dataset_config":                       dataGoogleStorageInsightsDatasetConfig,
+		"google_artifact_registry_docker_images":                       dataGoogleArtifactRegistryDockerImages,
+		"google_iam_workforce_pool_iam_policy":                         dataGoogleIamWorkforcePoolIamPolicy,
+		"google_artifact_registry_repositories":                        dataGoogleArtifactRegistryRepositories,
+		"google_artifact_registry_version":                             dataGoogleArtifactRegistryVersion,
+		"google_artifact_registry_versions":                            dataGoogleArtifactRegistryVersions,
+		"google_artifact_registry_npm_package":                         dataGoogleArtifactRegistryNpmPackage,
+		"google_artifact_registry_tags":                                dataGoogleArtifactRegistryTags,
+		"google_iap_web_region_forwarding_rule_service_iam_policy":     dataGoogleIapWebRegionForwardingRuleServiceIamPolicy,
+		"google_certificate_manager_dns_authorization":                 dataGoogleCertificateManagerDnsAuthorization,
+		"google_artifact_registry_python_package":                      dataGoogleArtifactRegistryPythonPackage,
+		"google_backup_dr_backup_plan_associations":                    dataGoogleBackupDrPlanAssociations,
+		"google_backup_dr_data_source_reference":                       dataGoogleBackupDrDataSourceReference,
+		"google_backup_dr_data_source_references":                      dataGoogleBackupDrDataSourceReferences,
+		"google_bigquery_datapolicyv2_data_policy_iam_policy":          dataGoogleBigqueryDatapolicyv2DataPolicyIamPolicy,
+		"google_iap_web_forwarding_rule_service_iam_policy":            dataGoogleIapForwardingRuleServiceIamPolicy,
+		"google_artifact_registry_maven_artifact":                      dataGoogleArtifactRegistryMavenArtifact,
+		"google_artifact_registry_maven_artifacts":                     dataGoogleArtifactRegistryMavenArtifacts,
+		"google_artifact_registry_npm_packages":                        dataGoogleArtifactRegistryNpmPackages,
+		"google_compute_interconnect_location":                         dataGoogleComputeInterconnectLocation,
+		"google_compute_interconnect_locations":                        dataGoogleComputeInterconnectLocations,
+		"google_artifact_registry_packages":                            dataGoogleArtifactRegistryPackages,
 	}
 
 	return TFLookup[result]
diff --git a/src/gcp_policy.go b/src/gcp_policy.go
index 4c12d89c..7dd80fd8 100644
--- a/src/gcp_policy.go
+++ b/src/gcp_policy.go
@@ -2,9 +2,18 @@ package pike
 
 import (
 	"bytes"
+	"context"
 	_ "embed" // required for embed
+	"os"
+	"path/filepath"
+	"runtime"
 	"strings"
 	"text/template"
+
+	//"github.com/go-git/go-git/v5/plumbing/format/config"
+	"golang.org/x/oauth2/google"
+	"google.golang.org/api/compute/v1"
+	"gopkg.in/ini.v1"
 )
 
 const (
@@ -17,8 +26,8 @@ const (
 var policyGCPTemplate []byte
 
 // GCPPolicy create an IAM policy.
-func GCPPolicy(permissions []string) (string, error) {
-	if permissions == nil {
+func GCPPolicy(permissions []string, policyName string) (string, error) {
+	if permissions == nil || len(permissions) == 0 {
 		return "", &emptyPermissionsError{}
 	}
 
@@ -32,11 +41,23 @@ func GCPPolicy(permissions []string) (string, error) {
 		Permissions string // Comma-separated list of permissions
 	}
 
-	PolicyName := defaultPolicyName
+	var PolicyName string
+
+	if policyName != "" {
+		PolicyName = policyName
+	} else {
+		PolicyName = defaultPolicyName
+	}
+
+	project, err := getCurrentProject()
+	if err != nil {
+		project = defaultProject
+	}
+
 	theDetails := gCPPolicyDetails{
 		Name:        PolicyName,
-		Project:     defaultProject,
-		RoleID:      defaultRoleID,
+		Project:     project,
+		RoleID:      PolicyName,
 		Permissions: test,
 	}
 
@@ -54,3 +75,45 @@ func GCPPolicy(permissions []string) (string, error) {
 
 	return output.String(), nil
 }
+
+func getCurrentProject() (string, error) {
+	//many different ways to ensure that a value for a GCP project is found
+	if os.Getenv("GOOGLE_CLOUD_PROJECT") != "" {
+		return os.Getenv("GOOGLE_CLOUD_PROJECT"), nil
+	}
+
+	if os.Getenv("GOOGLE_PROJECT") != "" {
+		return os.Getenv("GOOGLE_PROJECT"), nil
+	}
+
+	if os.Getenv("GCP_PROJECT") != "" {
+		return os.Getenv("GCP_PROJECT"), nil
+	}
+
+	ctx := context.Background()
+	credentials, err := google.FindDefaultCredentials(ctx, compute.ComputeScope)
+
+	var configPath string
+	if err != nil || credentials.ProjectID == "" {
+		//gcloud info --format='value(config.paths.global_config_dir)'
+		if runtime.GOOS != "windows" {
+			configPath = filepath.Join(os.Getenv("HOME"), ".config", "gcloud", "configurations", "config_default")
+		} else {
+			configPath = filepath.Join(os.Getenv("APPDATA"), "gcloud", "configurations", "config_default")
+		}
+
+		config, err := ini.Load(configPath)
+
+		if err != nil {
+			return "", err
+		}
+
+		projectID := config.Section("core").Key("project").String()
+
+		return projectID, nil
+	}
+	result := credentials.ProjectID
+
+	return result, nil
+
+}
diff --git a/src/gcp_policy_test.go b/src/gcp_policy_test.go
index f091ae54..16fdab3d 100644
--- a/src/gcp_policy_test.go
+++ b/src/gcp_policy_test.go
@@ -1,15 +1,16 @@
-package pike_test
+package pike
 
 import (
 	_ "embed"
+	"os"
+	"path/filepath"
+	"runtime"
 	"testing"
-
-	pike "github.com/jameswoolfenden/pike/src"
 )
 
 func TestGCPPolicy(t *testing.T) {
 	t.Parallel()
-
+	_ = os.Setenv("GCP_PROJECT", "pike-412922")
 	type args struct {
 		permissions []string
 	}
@@ -23,16 +24,22 @@ func TestGCPPolicy(t *testing.T) {
 		{
 			"basic",
 			args{[]string{"bigquery.datasets.create", "bigquery.jobs.create"}},
-			"resource\"google_project_iam_custom_role\"\"terraform_pike\"{project=\"pike\"role_id=\"terraform_pike\"title=\"terraform_pike\"description=\"Auserwithleastprivileges\"permissions=[\"bigquery.datasets.create\",\"bigquery.jobs.create\"]}",
+			"resource\"google_project_iam_custom_role\"\"terraform_pike\"{project=\"pike-412922\"role_id=\"terraform_pike\"title=\"terraform_pike\"description=\"Auserwithleastprivileges\"permissions=[\"bigquery.datasets.create\",\"bigquery.jobs.create\"]}",
 			false,
 		},
+		{
+			"empty",
+			args{[]string{}},
+			"",
+			true,
+		},
 	}
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.GCPPolicy(tt.args.permissions)
+			got, err := GCPPolicy(tt.args.permissions, "")
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("GCPPolicy() error = %v, wantErr %v", err, tt.wantErr)
@@ -50,3 +57,324 @@ func TestGCPPolicy(t *testing.T) {
 		})
 	}
 }
+
+func TestGetCurrentProject_EnvironmentVariables(t *testing.T) {
+	// Save original environment
+	originalGoogleCloudProject := os.Getenv("GOOGLE_CLOUD_PROJECT")
+	originalGoogleProject := os.Getenv("GOOGLE_PROJECT")
+	originalGcpProject := os.Getenv("GCP_PROJECT")
+
+	// Clean up after test
+	defer func() {
+		_ = os.Setenv("GOOGLE_CLOUD_PROJECT", originalGoogleCloudProject)
+		_ = os.Setenv("GOOGLE_PROJECT", originalGoogleProject)
+		_ = os.Setenv("GCP_PROJECT", originalGcpProject)
+	}()
+
+	tests := []struct {
+		name               string
+		googleCloudProject string
+		googleProject      string
+		gcpProject         string
+		expectedProject    string
+	}{
+		{
+			name:               "GOOGLE_CLOUD_PROJECT takes precedence",
+			googleCloudProject: "test-project-1",
+			googleProject:      "test-project-2",
+			gcpProject:         "test-project-3",
+			expectedProject:    "test-project-1",
+		},
+		{
+			name:            "GOOGLE_PROJECT when GOOGLE_CLOUD_PROJECT empty",
+			googleProject:   "test-project-2",
+			gcpProject:      "test-project-3",
+			expectedProject: "test-project-2",
+		},
+		{
+			name:            "GCP_PROJECT when others empty",
+			gcpProject:      "test-project-3",
+			expectedProject: "test-project-3",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Clear all environment variables
+			_ = os.Unsetenv("GOOGLE_CLOUD_PROJECT")
+			_ = os.Unsetenv("GOOGLE_PROJECT")
+			_ = os.Unsetenv("GCP_PROJECT")
+
+			// Set test values
+			if tt.googleCloudProject != "" {
+				_ = os.Setenv("GOOGLE_CLOUD_PROJECT", tt.googleCloudProject)
+			}
+			if tt.googleProject != "" {
+				_ = os.Setenv("GOOGLE_PROJECT", tt.googleProject)
+			}
+			if tt.gcpProject != "" {
+				_ = os.Setenv("GCP_PROJECT", tt.gcpProject)
+			}
+
+			project, err := getCurrentProject()
+			if err != nil {
+				t.Fatalf("Expected no error, got: %v", err)
+			}
+
+			if project != tt.expectedProject {
+				t.Errorf("Expected project %s, got %s", tt.expectedProject, project)
+			}
+		})
+	}
+}
+
+func TestGetCurrentProject_GcloudConfigFile(t *testing.T) {
+	// Save original environment
+	originalGoogleCloudProject := os.Getenv("GOOGLE_CLOUD_PROJECT")
+	originalGoogleProject := os.Getenv("GOOGLE_PROJECT")
+	originalGcpProject := os.Getenv("GCP_PROJECT")
+	originalHome := os.Getenv("HOME")
+	originalAppData := os.Getenv("APPDATA")
+
+	// Clean up after test
+	defer func() {
+		_ = os.Setenv("GOOGLE_CLOUD_PROJECT", originalGoogleCloudProject)
+		_ = os.Setenv("GOOGLE_PROJECT", originalGoogleProject)
+		_ = os.Setenv("GCP_PROJECT", originalGcpProject)
+		_ = os.Setenv("HOME", originalHome)
+		_ = os.Setenv("APPDATA", originalAppData)
+	}()
+
+	// Clear environment variables to force config file reading
+	_ = os.Unsetenv("GOOGLE_CLOUD_PROJECT")
+	_ = os.Unsetenv("GOOGLE_PROJECT")
+	_ = os.Unsetenv("GCP_PROJECT")
+
+	// Create temporary directory structure
+	tempDir := t.TempDir()
+
+	var configPath string
+	if runtime.GOOS != "windows" {
+		_ = os.Setenv("HOME", tempDir)
+		configPath = filepath.Join(tempDir, ".config", "gcloud", "configurations", "config_default")
+	} else {
+		_ = os.Setenv("APPDATA", tempDir)
+		configPath = filepath.Join(tempDir, "gcloud", "configurations", "config_default")
+	}
+
+	// Create directory structure
+	err := os.MkdirAll(filepath.Dir(configPath), 0755)
+	if err != nil {
+		t.Fatalf("Failed to create config directory: %v", err)
+	}
+
+	// Create config file with project
+	configContent := `[core]
+project = test-config-project
+account = test@example.com
+
+[compute]
+region = us-central1
+zone = us-central1-a
+`
+
+	err = os.WriteFile(configPath, []byte(configContent), 0644)
+	if err != nil {
+		t.Fatalf("Failed to write config file: %v", err)
+	}
+
+	project, err := getCurrentProject()
+	if err != nil {
+		t.Fatalf("Expected no error, got: %v", err)
+	}
+
+	if project != "test-config-project" {
+		t.Errorf("Expected project 'test-config-project', got '%s'", project)
+	}
+}
+
+func TestGetCurrentProject_EmptyEnvironmentVariables(t *testing.T) {
+	// Save original environment
+	originalGoogleCloudProject := os.Getenv("GOOGLE_CLOUD_PROJECT")
+	originalGoogleProject := os.Getenv("GOOGLE_PROJECT")
+	originalGcpProject := os.Getenv("GCP_PROJECT")
+
+	// Clean up after test
+	defer func() {
+		_ = os.Setenv("GOOGLE_CLOUD_PROJECT", originalGoogleCloudProject)
+		_ = os.Setenv("GOOGLE_PROJECT", originalGoogleProject)
+		_ = os.Setenv("GCP_PROJECT", originalGcpProject)
+	}()
+
+	// Test empty string environment variables (should be treated as not set)
+	_ = os.Setenv("GOOGLE_CLOUD_PROJECT", "")
+	_ = os.Setenv("GOOGLE_PROJECT", "")
+	_ = os.Setenv("GCP_PROJECT", "")
+
+	// This will likely fail due to no credentials or config file, but we're testing the logic
+	_, err := getCurrentProject()
+	// We expect an error since no valid project source is available
+	if err == nil {
+		t.Log("No error returned - likely found valid credentials or config file")
+	}
+}
+
+func TestGetCurrentProject_MissingConfigFile(t *testing.T) {
+	// Save original environment
+	originalGoogleCloudProject := os.Getenv("GOOGLE_CLOUD_PROJECT")
+	originalGoogleProject := os.Getenv("GOOGLE_PROJECT")
+	originalGcpProject := os.Getenv("GCP_PROJECT")
+	originalHome := os.Getenv("HOME")
+	originalAppData := os.Getenv("APPDATA")
+
+	// Clean up after test
+	defer func() {
+		_ = os.Setenv("GOOGLE_CLOUD_PROJECT", originalGoogleCloudProject)
+		_ = os.Setenv("GOOGLE_PROJECT", originalGoogleProject)
+		_ = os.Setenv("GCP_PROJECT", originalGcpProject)
+		_ = os.Setenv("HOME", originalHome)
+		_ = os.Setenv("APPDATA", originalAppData)
+	}()
+
+	// Clear environment variables
+	_ = os.Unsetenv("GOOGLE_CLOUD_PROJECT")
+	_ = os.Unsetenv("GOOGLE_PROJECT")
+	_ = os.Unsetenv("GCP_PROJECT")
+
+	// Set HOME/APPDATA to non-existent directory
+	tempDir := t.TempDir()
+	nonExistentDir := filepath.Join(tempDir, "nonexistent")
+
+	if runtime.GOOS != "windows" {
+		_ = os.Setenv("HOME", nonExistentDir)
+	} else {
+		_ = os.Setenv("APPDATA", nonExistentDir)
+	}
+
+	_, err := getCurrentProject()
+	if err == nil {
+		t.Log("No error returned - likely found valid credentials")
+	}
+}
+
+func TestGetCurrentProject_InvalidConfigFile(t *testing.T) {
+	// Save original environment
+	originalGoogleCloudProject := os.Getenv("GOOGLE_CLOUD_PROJECT")
+	originalGoogleProject := os.Getenv("GOOGLE_PROJECT")
+	originalGcpProject := os.Getenv("GCP_PROJECT")
+	originalHome := os.Getenv("HOME")
+	originalAppData := os.Getenv("APPDATA")
+
+	// Clean up after test
+	defer func() {
+		_ = os.Setenv("GOOGLE_CLOUD_PROJECT", originalGoogleCloudProject)
+		_ = os.Setenv("GOOGLE_PROJECT", originalGoogleProject)
+		_ = os.Setenv("GCP_PROJECT", originalGcpProject)
+		_ = os.Setenv("HOME", originalHome)
+		_ = os.Setenv("APPDATA", originalAppData)
+	}()
+
+	// Clear environment variables
+	_ = os.Unsetenv("GOOGLE_CLOUD_PROJECT")
+	_ = os.Unsetenv("GOOGLE_PROJECT")
+	_ = os.Unsetenv("GCP_PROJECT")
+
+	// Create temporary directory structure
+	tempDir := t.TempDir()
+
+	var configPath string
+	if runtime.GOOS != "windows" {
+		_ = os.Setenv("HOME", tempDir)
+		configPath = filepath.Join(tempDir, ".config", "gcloud", "configurations", "config_default")
+	} else {
+		_ = os.Setenv("APPDATA", tempDir)
+		configPath = filepath.Join(tempDir, "gcloud", "configurations", "config_default")
+	}
+
+	// Create directory structure
+	err := os.MkdirAll(filepath.Dir(configPath), 0755)
+	if err != nil {
+		t.Fatalf("Failed to create config directory: %v", err)
+	}
+
+	// Create invalid config file
+	invalidConfigContent := `[core
+project = test-project
+invalid ini format
+`
+
+	err = os.WriteFile(configPath, []byte(invalidConfigContent), 0644)
+	if err != nil {
+		t.Fatalf("Failed to write invalid config file: %v", err)
+	}
+
+	_, err = getCurrentProject()
+	if err == nil {
+		t.Log("No error returned - likely found valid credentials or ini parser was lenient")
+	}
+}
+
+func TestGetCurrentProject_ConfigFileWithoutProject(t *testing.T) {
+	// Save original environment
+	originalGoogleCloudProject := os.Getenv("GOOGLE_CLOUD_PROJECT")
+	originalGoogleProject := os.Getenv("GOOGLE_PROJECT")
+	originalGcpProject := os.Getenv("GCP_PROJECT")
+	originalHome := os.Getenv("HOME")
+	originalAppData := os.Getenv("APPDATA")
+
+	// Clean up after test
+	defer func() {
+		_ = os.Setenv("GOOGLE_CLOUD_PROJECT", originalGoogleCloudProject)
+		_ = os.Setenv("GOOGLE_PROJECT", originalGoogleProject)
+		_ = os.Setenv("GCP_PROJECT", originalGcpProject)
+		_ = os.Setenv("HOME", originalHome)
+		_ = os.Setenv("APPDATA", originalAppData)
+	}()
+
+	// Clear environment variables
+	_ = os.Unsetenv("GOOGLE_CLOUD_PROJECT")
+	_ = os.Unsetenv("GOOGLE_PROJECT")
+	_ = os.Unsetenv("GCP_PROJECT")
+
+	// Create temporary directory structure
+	tempDir := t.TempDir()
+
+	var configPath string
+	if runtime.GOOS != "windows" {
+		_ = os.Setenv("HOME", tempDir)
+		configPath = filepath.Join(tempDir, ".config", "gcloud", "configurations", "config_default")
+	} else {
+		_ = os.Setenv("APPDATA", tempDir)
+		configPath = filepath.Join(tempDir, "gcloud", "configurations", "config_default")
+	}
+
+	// Create directory structure
+	err := os.MkdirAll(filepath.Dir(configPath), 0755)
+	if err != nil {
+		t.Fatalf("Failed to create config directory: %v", err)
+	}
+
+	// Create config file without project
+	configContent := `[core]
+account = test@example.com
+
+[compute]
+region = us-central1
+zone = us-central1-a
+`
+
+	err = os.WriteFile(configPath, []byte(configContent), 0644)
+	if err != nil {
+		t.Fatalf("Failed to write config file: %v", err)
+	}
+
+	project, err := getCurrentProject()
+	if err != nil {
+		t.Fatalf("Expected no error, got: %v", err)
+	}
+
+	// Should return empty string when no project is set in config
+	if project != "" {
+		t.Errorf("Expected empty project, got '%s'", project)
+	}
+}
diff --git a/src/gcp_test.go b/src/gcp_test.go
index 7a8b5074..455a2a36 100644
--- a/src/gcp_test.go
+++ b/src/gcp_test.go
@@ -61,6 +61,7 @@ func TestGetGCPPermissions(t *testing.T) {
 				"compute.subnetworks.useExternalIp",
 				"compute.instances.setMetadata",
 				"compute.instances.delete",
+				"compute.instances.get",
 				"compute.instances.delete",
 			},
 		},
@@ -116,6 +117,7 @@ func TestGetGCPResourcePermissions(t *testing.T) {
 				"compute.subnetworks.useExternalIp",
 				"compute.instances.setMetadata",
 				"compute.instances.delete",
+				"compute.instances.get",
 				"compute.instances.delete",
 			},
 		},
diff --git a/src/gitHub.go b/src/gitHub.go
index 5a2a7933..718aec96 100644
--- a/src/gitHub.go
+++ b/src/gitHub.go
@@ -80,7 +80,7 @@ func InvokeGithubDispatchEvent(repository string, workflowFileName string, branc
 
 	url := "https://api.github.com/repos/" + owner + "/" + repo + "/actions/workflows/" + workflowFileName
 
-	err = VerifyURL(url)
+	err = verifyURL(url)
 	if err != nil {
 		log.Error().Err(err)
 
@@ -180,8 +180,8 @@ func (m *branchNotFoundError) Error() string {
 	return fmt.Sprintf("branch %s not found for repo %s", m.branch, m.repo)
 }
 
-// VerifyURL tests a url.
-func VerifyURL(url string) error {
+// verifyURL tests a url.
+func verifyURL(url string) error {
 	if //goland:noinspection HttpUrlsUsage
 	strings.Contains(strings.ToLower(url), "http://") {
 		return &insecureProtocolError{}
diff --git a/src/gitHub_internal_test.go b/src/gitHub_internal_test.go
new file mode 100644
index 00000000..33c4c757
--- /dev/null
+++ b/src/gitHub_internal_test.go
@@ -0,0 +1,170 @@
+package pike
+
+import (
+	"errors"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestVerifyURL(t *testing.T) {
+	type args struct {
+		url string
+	}
+	//goland:noinspection HttpUrlsUsage
+	tests := []struct {
+		name    string
+		args    args
+		wantErr bool
+	}{
+		{"google", args{"www.google.com"}, true},
+		{"http", args{"http://www.google.com"}, true},
+		{"https", args{"https://www.google.com"}, false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if err := verifyURL(tt.args.url); (err != nil) != tt.wantErr {
+				t.Errorf("verifyURL() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
+
+func Test_gitHubRateLimitingError_Error(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+	}{
+		{"Invoke", "you are being GitHub Rate-limited"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &gitHubRateLimitingError{}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_insecureProtocolError_Error(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+	}{
+		{"Invoke", "insecure protocol"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &insecureProtocolError{}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_nilResponseError_Error(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+	}{
+		{"Invoke", "nil response"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &nilResponseError{}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_nonSuccessError_Error(t *testing.T) {
+	type fields struct {
+		response string
+		err      error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"Invoke", fields{"test", errors.New("test")}, "non success response test test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &nonSuccessError{
+				response: tt.fields.response,
+				err:      tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_verifyBranchError_Error(t *testing.T) {
+	type fields struct {
+		branch string
+		repo   string
+		owner  string
+		err    error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"Invoke", fields{"branchtest", "repotest", "ownertest", errors.New("test")}, "failed to verify branch branchtest repotest ownertest test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &verifyBranchError{
+				branch: tt.fields.branch,
+				repo:   tt.fields.repo,
+				owner:  tt.fields.owner,
+				err:    tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_verifyURLError_Error(t *testing.T) {
+	type fields struct {
+		url string
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"Invoke", fields{"https://www.google.com", errors.New("test")}, "failed to verify URL https://www.google.com test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &verifyURLError{
+				url: tt.fields.url,
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_workflowInvokeError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"Invoke", fields{errors.New("test")}, "failed to invoke workflow test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &workflowInvokeError{
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
diff --git a/src/gitHub_test.go b/src/gitHub_test.go
index 8a78fd02..3f8c6590 100644
--- a/src/gitHub_test.go
+++ b/src/gitHub_test.go
@@ -38,26 +38,3 @@ func TestInvokeGithubDispatchEvent(t *testing.T) {
 		})
 	}
 }
-
-func TestVerifyURL(t *testing.T) {
-	type args struct {
-		url string
-	}
-	//goland:noinspection HttpUrlsUsage
-	tests := []struct {
-		name    string
-		args    args
-		wantErr bool
-	}{
-		{"google", args{"www.google.com"}, true},
-		{"http", args{"http://www.google.com"}, true},
-		{"https", args{"https://www.google.com"}, false},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			if err := pike.VerifyURL(tt.args.url); (err != nil) != tt.wantErr {
-				t.Errorf("VerifyURL() error = %v, wantErr %v", err, tt.wantErr)
-			}
-		})
-	}
-}
diff --git a/src/inspect.go b/src/inspect.go
index 4b0e87cb..6367f664 100644
--- a/src/inspect.go
+++ b/src/inspect.go
@@ -44,7 +44,7 @@ func Inspect(directory string, init bool) (PolicyDiff, error) {
 
 	var Difference PolicyDiff
 
-	rawIACPolicy, err := MakePolicy(directory, nil, init, false, "")
+	rawIACPolicy, err := MakePolicy(directory, nil, init, false, "", "")
 	if err != nil {
 		if errors.Is(err, &emptyIACError{}) {
 			log.Info().Msgf("nothing to do for IAC as %s for directory %s", err, directory)
diff --git a/src/inspect_internal_test.go b/src/inspect_internal_test.go
new file mode 100644
index 00000000..581c16ad
--- /dev/null
+++ b/src/inspect_internal_test.go
@@ -0,0 +1,274 @@
+package pike
+
+import (
+	"errors"
+	"reflect"
+	"testing"
+
+	Identity "github.com/jameswoolfenden/identity/src"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_compareAllowError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{
+			"invoke", fields{errors.New("basic")}, "compare allow error basic",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &compareAllowError{
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_getIAMError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"invoke", fields{errors.New("test")}, "get IAM error test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &getIAMError{
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func Test_identityParseError_Error(t *testing.T) {
+	type fields struct {
+		err error
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"invoke", fields{errors.New("test")}, "Identity parsing error test"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			m := &identityParseError{
+				err: tt.fields.err,
+			}
+			assert.Equalf(t, tt.want, m.Error(), "Error()")
+		})
+	}
+}
+
+func TestCompareAllow(t *testing.T) {
+	type args struct {
+		identity Identity.IAM
+		policy   Identity.Policy
+	}
+
+	var identity Identity.IAM
+	var moreIdentity Identity.IAM
+	moreIdentity.Policies = make([]Identity.Policy, 1)
+	moreIdentity.Policies[0].Statements = make([]Identity.Statement, 1)
+	moreIdentity.Policies[0].Statements[0] = Identity.Statement{
+		Sid:      "",
+		Effect:   "Allow",
+		Action:   []string{"s3:*", "s3-object-lambda:*"},
+		Resource: []string{"*"},
+	}
+	var policy Identity.Policy
+
+	statements := make([]Identity.Statement, 1)
+	statements[0] = Identity.Statement{
+		Sid:      "",
+		Effect:   "Allow",
+		Action:   []string{"s3:*", "s3-object-lambda:*"},
+		Resource: []string{"*"},
+	}
+
+	var morePolicy Identity.Policy
+	morePolicy.Statements = statements
+
+	tests := []struct {
+		name    string
+		args    args
+		want    PolicyDiff
+		wantErr bool
+	}{
+		{
+			"pass empty",
+			args{identity, policy},
+			PolicyDiff{},
+			true,
+		},
+		{
+			"pass not empty",
+			args{identity, morePolicy},
+			PolicyDiff{nil, nil},
+			true,
+		},
+		{
+			"pass",
+			args{moreIdentity, morePolicy},
+			PolicyDiff{},
+			false,
+		},
+		{
+			"different",
+			args{moreIdentity, policy},
+			PolicyDiff{nil, nil},
+			true,
+		},
+		//todo more testcases
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := compareAllow(tt.args.identity, tt.args.policy)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("CompareAllow() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("CompareAllow() got = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_contains(t *testing.T) {
+	type args struct {
+		s []string
+		e string
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{"found", args{[]string{"foo", "bar"}, "foo"}, true},
+		{"not found", args{[]string{"foo", "bar"}, "bart"}, false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := contains(tt.args.s, tt.args.e); got != tt.want {
+				t.Errorf("contains() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestPolicyDiff_Empty(t *testing.T) {
+	tests := []struct {
+		name string
+		pd   PolicyDiff
+		want bool
+	}{
+		{
+			name: "both nil",
+			pd:   PolicyDiff{nil, nil},
+			want: true,
+		},
+		{
+			name: "empty slices",
+			pd:   PolicyDiff{[]string{}, []string{}},
+			want: true,
+		},
+		{
+			name: "over nil under empty",
+			pd:   PolicyDiff{nil, []string{}},
+			want: true,
+		},
+		{
+			name: "over empty under nil",
+			pd:   PolicyDiff{[]string{}, nil},
+			want: true,
+		},
+		{
+			name: "over with content",
+			pd:   PolicyDiff{[]string{"s3:GetObject"}, nil},
+			want: false,
+		},
+		{
+			name: "under with content",
+			pd:   PolicyDiff{nil, []string{"s3:PutObject"}},
+			want: false,
+		},
+		{
+			name: "both with content",
+			pd:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
+			want: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := len(tt.pd.Over) == 0 && len(tt.pd.Under) == 0
+			if got != tt.want {
+				t.Errorf("PolicyDiff empty check = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestPolicyDiff_Equal(t *testing.T) {
+	tests := []struct {
+		name     string
+		first    PolicyDiff
+		second   PolicyDiff
+		wantSame bool
+	}{
+		{
+			name:     "identical empty",
+			first:    PolicyDiff{},
+			second:   PolicyDiff{},
+			wantSame: true,
+		},
+		{
+			name:     "identical with content",
+			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
+			second:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
+			wantSame: true,
+		},
+		{
+			name:     "different over",
+			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
+			second:   PolicyDiff{[]string{"s3:ListBucket"}, []string{"s3:PutObject"}},
+			wantSame: false,
+		},
+		{
+			name:     "different under",
+			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
+			second:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:DeleteObject"}},
+			wantSame: false,
+		},
+		{
+			name:     "different lengths",
+			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
+			second:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject", "s3:DeleteObject"}},
+			wantSame: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := reflect.DeepEqual(tt.first, tt.second)
+			if got != tt.wantSame {
+				t.Errorf("PolicyDiff equality check = %v, want %v", got, tt.wantSame)
+			}
+		})
+	}
+}
diff --git a/src/inspect_test.go b/src/inspect_test.go
index c4cc2972..b509db28 100644
--- a/src/inspect_test.go
+++ b/src/inspect_test.go
@@ -49,13 +49,13 @@ func TestCompareAllow(t *testing.T) {
 			"pass empty",
 			args{identity, policy},
 			PolicyDiff{},
-			false,
+			true,
 		},
 		{
 			"pass not empty",
 			args{identity, morePolicy},
-			PolicyDiff{nil, []string{"s3:*", "s3-object-lambda:*"}},
-			false,
+			PolicyDiff{nil, nil},
+			true,
 		},
 		{
 			"pass",
@@ -66,9 +66,10 @@ func TestCompareAllow(t *testing.T) {
 		{
 			"different",
 			args{moreIdentity, policy},
-			PolicyDiff{[]string{"s3:*", "s3-object-lambda:*"}, nil},
-			false,
+			PolicyDiff{nil, nil},
+			true,
 		},
+		//todo more testcases
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -113,130 +114,6 @@ func TestInspect(t *testing.T) {
 	}
 }
 
-func Test_contains(t *testing.T) {
-	type args struct {
-		s []string
-		e string
-	}
-	tests := []struct {
-		name string
-		args args
-		want bool
-	}{
-		{"found", args{[]string{"foo", "bar"}, "foo"}, true},
-		{"not found", args{[]string{"foo", "bar"}, "bart"}, false},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			if got := contains(tt.args.s, tt.args.e); got != tt.want {
-				t.Errorf("contains() = %v, want %v", got, tt.want)
-			}
-		})
-	}
-}
-
-func TestPolicyDiff_Empty(t *testing.T) {
-	tests := []struct {
-		name string
-		pd   PolicyDiff
-		want bool
-	}{
-		{
-			name: "both nil",
-			pd:   PolicyDiff{nil, nil},
-			want: true,
-		},
-		{
-			name: "empty slices",
-			pd:   PolicyDiff{[]string{}, []string{}},
-			want: true,
-		},
-		{
-			name: "over nil under empty",
-			pd:   PolicyDiff{nil, []string{}},
-			want: true,
-		},
-		{
-			name: "over empty under nil",
-			pd:   PolicyDiff{[]string{}, nil},
-			want: true,
-		},
-		{
-			name: "over with content",
-			pd:   PolicyDiff{[]string{"s3:GetObject"}, nil},
-			want: false,
-		},
-		{
-			name: "under with content",
-			pd:   PolicyDiff{nil, []string{"s3:PutObject"}},
-			want: false,
-		},
-		{
-			name: "both with content",
-			pd:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
-			want: false,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			got := len(tt.pd.Over) == 0 && len(tt.pd.Under) == 0
-			if got != tt.want {
-				t.Errorf("PolicyDiff empty check = %v, want %v", got, tt.want)
-			}
-		})
-	}
-}
-
-func TestPolicyDiff_Equal(t *testing.T) {
-	tests := []struct {
-		name     string
-		first    PolicyDiff
-		second   PolicyDiff
-		wantSame bool
-	}{
-		{
-			name:     "identical empty",
-			first:    PolicyDiff{},
-			second:   PolicyDiff{},
-			wantSame: true,
-		},
-		{
-			name:     "identical with content",
-			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
-			second:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
-			wantSame: true,
-		},
-		{
-			name:     "different over",
-			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
-			second:   PolicyDiff{[]string{"s3:ListBucket"}, []string{"s3:PutObject"}},
-			wantSame: false,
-		},
-		{
-			name:     "different under",
-			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
-			second:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:DeleteObject"}},
-			wantSame: false,
-		},
-		{
-			name:     "different lengths",
-			first:    PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject"}},
-			second:   PolicyDiff{[]string{"s3:GetObject"}, []string{"s3:PutObject", "s3:DeleteObject"}},
-			wantSame: false,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			got := reflect.DeepEqual(tt.first, tt.second)
-			if got != tt.wantSame {
-				t.Errorf("PolicyDiff equality check = %v, want %v", got, tt.wantSame)
-			}
-		})
-	}
-}
-
 func TestInspectExtended(t *testing.T) {
 	type args struct {
 		directory string
diff --git a/src/make.go b/src/make.go
index e820a05e..242e70f8 100644
--- a/src/make.go
+++ b/src/make.go
@@ -19,7 +19,7 @@ func Make(directory string) (*string, error) {
 		return nil, &directoryNotFoundError{directory: directory}
 	}
 
-	err := Scan(directory, "terraform", nil, true, true, false, "")
+	err := Scan(directory, "terraform", nil, true, true, false, "", "", "")
 	if err != nil {
 		return nil, fmt.Errorf("failed to scan directory: %w", err)
 	}
@@ -29,7 +29,7 @@ func Make(directory string) (*string, error) {
 		return nil, &absolutePathError{directory, err}
 	}
 
-	policyPath, err := filepath.Abs(path.Join(directory, ".pike/"))
+	policyPath, err := filepath.Abs(path.Join(directory, ".pike"))
 	if err != nil {
 		return nil, &absolutePathError{directory, err}
 	}
diff --git a/src/make_internal_test.go b/src/make_internal_test.go
new file mode 100644
index 00000000..c16d7781
--- /dev/null
+++ b/src/make_internal_test.go
@@ -0,0 +1,43 @@
+package pike
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_arnNotFoundInStateError_Error(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+	}{
+		{"Invoke", "no arn found in state"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &arnNotFoundInStateError{}
+			assert.Equalf(t, tt.want, e.Error(), "Error()")
+		})
+	}
+}
+
+func Test_castToStringError_Error(t *testing.T) {
+	type fields struct {
+		value string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"Invoke", fields{"test"}, "cannot convert test to a string"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &castToStringError{
+				value: tt.fields.value,
+			}
+			assert.Equalf(t, tt.want, e.Error(), "Error()")
+		})
+	}
+}
diff --git a/src/mapping/aws/data/account/aws_account_primary_contact.json b/src/mapping/aws/data/account/aws_account_primary_contact.json
new file mode 100644
index 00000000..f47acf5a
--- /dev/null
+++ b/src/mapping/aws/data/account/aws_account_primary_contact.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "account:GetContactInformation"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/appconfig/aws_appconfig_application.json b/src/mapping/aws/data/appconfig/aws_appconfig_application.json
new file mode 100644
index 00000000..d1cdcebd
--- /dev/null
+++ b/src/mapping/aws/data/appconfig/aws_appconfig_application.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "appconfig:ListApplications"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/backend/s3.json b/src/mapping/aws/data/backend/s3.json
new file mode 100644
index 00000000..263db0b4
--- /dev/null
+++ b/src/mapping/aws/data/backend/s3.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "dynamodb:PutItem",
+      "dynamodb:DeleteItem",
+      "dynamodb:GetItem",
+      "dynamodb:DescribeTable",
+      "s3:ListBucket",
+      "s3:PutObject",
+      "s3:GetObject",
+      "s3:DeleteObject"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/data/billing/aws_billing_views.json b/src/mapping/aws/data/billing/aws_billing_views.json
new file mode 100644
index 00000000..349f67c9
--- /dev/null
+++ b/src/mapping/aws/data/billing/aws_billing_views.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "billing:ListBillingViews"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/dynamodb/aws_dynamodb_tables.json b/src/mapping/aws/data/dynamodb/aws_dynamodb_tables.json
new file mode 100644
index 00000000..af7469db
--- /dev/null
+++ b/src/mapping/aws/data/dynamodb/aws_dynamodb_tables.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dynamodb:ListTables"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/ec2/aws_network_interface.json b/src/mapping/aws/data/ec2/aws_network_interface.json
new file mode 100644
index 00000000..8abbb17d
--- /dev/null
+++ b/src/mapping/aws/data/ec2/aws_network_interface.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "ec2:DescribeNetworkInterfaces"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/ec2/aws_vpc_endpoint_associations.json b/src/mapping/aws/data/ec2/aws_vpc_endpoint_associations.json
new file mode 100644
index 00000000..4f8ca3f7
--- /dev/null
+++ b/src/mapping/aws/data/ec2/aws_vpc_endpoint_associations.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "ec2:DescribeVpcEndpointAssociations"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/ec2/aws_vpn_connection.json b/src/mapping/aws/data/ec2/aws_vpn_connection.json
new file mode 100644
index 00000000..8d297004
--- /dev/null
+++ b/src/mapping/aws/data/ec2/aws_vpn_connection.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "ec2:DescribeVpnConnections"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/ecr-public/aws_ecrpublic_images.json b/src/mapping/aws/data/ecr-public/aws_ecrpublic_images.json
new file mode 100644
index 00000000..007d998a
--- /dev/null
+++ b/src/mapping/aws/data/ecr-public/aws_ecrpublic_images.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "ecr-public:DescribeImages"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/ecr/aws_ecr_images.json b/src/mapping/aws/data/ecr/aws_ecr_images.json
new file mode 100644
index 00000000..f5aaf48e
--- /dev/null
+++ b/src/mapping/aws/data/ecr/aws_ecr_images.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "ecr:ListImages"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/elasticloadbalancing/aws_elb.json b/src/mapping/aws/data/elasticloadbalancing/aws_elb.json
new file mode 100644
index 00000000..9235b33d
--- /dev/null
+++ b/src/mapping/aws/data/elasticloadbalancing/aws_elb.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "elasticloadbalancing:DescribeLoadBalancers"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/fis/aws_fis_experiment_templates.json b/src/mapping/aws/data/fis/aws_fis_experiment_templates.json
new file mode 100644
index 00000000..ed6b1d15
--- /dev/null
+++ b/src/mapping/aws/data/fis/aws_fis_experiment_templates.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "fis:ListExperimentTemplates"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/kms/aws_kms_public_key.json b/src/mapping/aws/data/kms/aws_kms_public_key.json
new file mode 100644
index 00000000..46cc46bb
--- /dev/null
+++ b/src/mapping/aws/data/kms/aws_kms_public_key.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "kms:GetPublicKey"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/lambda/aws_lambda_function_url.json b/src/mapping/aws/data/lambda/aws_lambda_function_url.json
new file mode 100644
index 00000000..1a68e69b
--- /dev/null
+++ b/src/mapping/aws/data/lambda/aws_lambda_function_url.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "lambda:GetFunctionUrlConfig"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/lambda/aws_lambda_functions.json b/src/mapping/aws/data/lambda/aws_lambda_functions.json
new file mode 100644
index 00000000..459333dd
--- /dev/null
+++ b/src/mapping/aws/data/lambda/aws_lambda_functions.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "lambda:ListFunctions"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/lambda/aws_lambda_layer_version.json b/src/mapping/aws/data/lambda/aws_lambda_layer_version.json
new file mode 100644
index 00000000..e209baca
--- /dev/null
+++ b/src/mapping/aws/data/lambda/aws_lambda_layer_version.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "lambda:ListLayerVersions"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/mediaconvert/aws_media_convert_queue.json b/src/mapping/aws/data/mediaconvert/aws_media_convert_queue.json
new file mode 100644
index 00000000..39894073
--- /dev/null
+++ b/src/mapping/aws/data/mediaconvert/aws_media_convert_queue.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "mediaconvert:GetQueue",
+      "mediaconvert:ListTagsForResource"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/memorydb/aws_memorydb_acl.json b/src/mapping/aws/data/memorydb/aws_memorydb_acl.json
new file mode 100644
index 00000000..4105d11d
--- /dev/null
+++ b/src/mapping/aws/data/memorydb/aws_memorydb_acl.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memorydb:DescribeACLs"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/memorydb/aws_memorydb_cluster.json b/src/mapping/aws/data/memorydb/aws_memorydb_cluster.json
new file mode 100644
index 00000000..c71d85b7
--- /dev/null
+++ b/src/mapping/aws/data/memorydb/aws_memorydb_cluster.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memorydb:DescribeClusters"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/memorydb/aws_memorydb_parameter_group.json b/src/mapping/aws/data/memorydb/aws_memorydb_parameter_group.json
new file mode 100644
index 00000000..86534bb6
--- /dev/null
+++ b/src/mapping/aws/data/memorydb/aws_memorydb_parameter_group.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memorydb:DescribeParameterGroups"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/memorydb/aws_memorydb_snapshot.json b/src/mapping/aws/data/memorydb/aws_memorydb_snapshot.json
new file mode 100644
index 00000000..e566c281
--- /dev/null
+++ b/src/mapping/aws/data/memorydb/aws_memorydb_snapshot.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memorydb:DescribeSnapshots"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/memorydb/aws_memorydb_subnet_group.json b/src/mapping/aws/data/memorydb/aws_memorydb_subnet_group.json
new file mode 100644
index 00000000..42557913
--- /dev/null
+++ b/src/mapping/aws/data/memorydb/aws_memorydb_subnet_group.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memorydb:DescribeSubnetGroups",
+      "memorydb:ListTags"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/memorydb/aws_memorydb_user.json b/src/mapping/aws/data/memorydb/aws_memorydb_user.json
new file mode 100644
index 00000000..d02d86d1
--- /dev/null
+++ b/src/mapping/aws/data/memorydb/aws_memorydb_user.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memorydb:DescribeUser",
+      "memorydb:DescribeUsers"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_cluster.json b/src/mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_cluster.json
new file mode 100644
index 00000000..8801ad3e
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_cluster.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:GetCloudAutonomousVmCluster"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_clusters.json b/src/mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_clusters.json
new file mode 100644
index 00000000..d6618a15
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_cloud_autonomous_vm_clusters.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "odb:ListCloudAutonomousVmClusters"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructure.json b/src/mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructure.json
new file mode 100644
index 00000000..82a5d5b9
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructure.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:GetCloudExadataInfrastructure"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructures.json b/src/mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructures.json
new file mode 100644
index 00000000..c1bf5b45
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_cloud_exadata_infrastructures.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListCloudExadataInfrastructures"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_cloud_vm_cluster.json b/src/mapping/aws/data/odb/aws_odb_cloud_vm_cluster.json
new file mode 100644
index 00000000..ab260bb3
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_cloud_vm_cluster.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:GetCloudVmCluster"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_cloud_vm_clusters.json b/src/mapping/aws/data/odb/aws_odb_cloud_vm_clusters.json
new file mode 100644
index 00000000..62411a36
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_cloud_vm_clusters.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListCloudVmClusters"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_db_node.json b/src/mapping/aws/data/odb/aws_odb_db_node.json
new file mode 100644
index 00000000..a0623069
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_db_node.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:GetDbNode"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_db_nodes.json b/src/mapping/aws/data/odb/aws_odb_db_nodes.json
new file mode 100644
index 00000000..25958de7
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_db_nodes.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListDbNodes"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_db_server.json b/src/mapping/aws/data/odb/aws_odb_db_server.json
new file mode 100644
index 00000000..f0ac70e7
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_db_server.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:GetDbServer"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_db_servers.json b/src/mapping/aws/data/odb/aws_odb_db_servers.json
new file mode 100644
index 00000000..b1f3353b
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_db_servers.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListDbServers"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_db_system_shapes.json b/src/mapping/aws/data/odb/aws_odb_db_system_shapes.json
new file mode 100644
index 00000000..242f5197
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_db_system_shapes.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListDbSystemShapes"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_gi_versions.json b/src/mapping/aws/data/odb/aws_odb_gi_versions.json
new file mode 100644
index 00000000..1d081824
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_gi_versions.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListGiVersions"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_network.json b/src/mapping/aws/data/odb/aws_odb_network.json
new file mode 100644
index 00000000..f35f18b9
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_network.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:GetOdbNetwork"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_network_peering_connection.json b/src/mapping/aws/data/odb/aws_odb_network_peering_connection.json
new file mode 100644
index 00000000..af5cab86
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_network_peering_connection.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:GetOdbPeeringConnection"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_network_peering_connections.json b/src/mapping/aws/data/odb/aws_odb_network_peering_connections.json
new file mode 100644
index 00000000..a20f3921
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_network_peering_connections.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListOdbPeeringConnections"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/odb/aws_odb_networks.json b/src/mapping/aws/data/odb/aws_odb_networks.json
new file mode 100644
index 00000000..b30f96b4
--- /dev/null
+++ b/src/mapping/aws/data/odb/aws_odb_networks.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "odb:ListOdbNetworks"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/rds/aws_rds_global_cluster.json b/src/mapping/aws/data/rds/aws_rds_global_cluster.json
new file mode 100644
index 00000000..ca56de67
--- /dev/null
+++ b/src/mapping/aws/data/rds/aws_rds_global_cluster.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "rds:DescribeGlobalClusters"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/s3/aws_s3_access_point.json b/src/mapping/aws/data/s3/aws_s3_access_point.json
new file mode 100644
index 00000000..4015f339
--- /dev/null
+++ b/src/mapping/aws/data/s3/aws_s3_access_point.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "s3:ListAccessPoints"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/securityhub/aws_securityhub_standards_control_associations.json b/src/mapping/aws/data/securityhub/aws_securityhub_standards_control_associations.json
new file mode 100644
index 00000000..87efd3b5
--- /dev/null
+++ b/src/mapping/aws/data/securityhub/aws_securityhub_standards_control_associations.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securityhub:ListStandardsControlAssociations",
+      "securityhub:DescribeStandardsControls"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/waf/aws_waf_subscribed_rule_group.json b/src/mapping/aws/data/waf/aws_waf_subscribed_rule_group.json
new file mode 100644
index 00000000..66e4c99a
--- /dev/null
+++ b/src/mapping/aws/data/waf/aws_waf_subscribed_rule_group.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "waf:ListSubscribedRuleGroups"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/wafregional/aws_wafregional_subscribed_rule_group.json b/src/mapping/aws/data/wafregional/aws_wafregional_subscribed_rule_group.json
new file mode 100644
index 00000000..98570317
--- /dev/null
+++ b/src/mapping/aws/data/wafregional/aws_wafregional_subscribed_rule_group.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "waf-regional:ListSubscribedRuleGroups"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/workspaces/aws_workspaces_workspace.json b/src/mapping/aws/data/workspaces/aws_workspaces_workspace.json
new file mode 100644
index 00000000..19b29c26
--- /dev/null
+++ b/src/mapping/aws/data/workspaces/aws_workspaces_workspace.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "workspaces:DescribeWorkspaces"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/airflow/aws_mwaa_environment.json b/src/mapping/aws/resource/airflow/aws_mwaa_environment.json
index 6edfcd24..49a0f5d7 100644
--- a/src/mapping/aws/resource/airflow/aws_mwaa_environment.json
+++ b/src/mapping/aws/resource/airflow/aws_mwaa_environment.json
@@ -1,19 +1,45 @@
-[
-  {
-    "apply": [
-      "airflow:CreateEnvironment",
-      "airflow:DeleteEnvironment",
-      "airflow:GetEnvironment",
-      "airflow:UpdateEnvironment"
-    ],
-    "attributes": {
-      "tags": [
-        "airflow:TagResource",
-        "airflow:UntagResource"
-      ]
-    },
-    "destroy": [],
-    "modify": [],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "airflow:CreateEnvironment",
+      "airflow:DeleteEnvironment",
+      "airflow:GetEnvironment",
+      "airflow:UpdateEnvironment",
+      "iam:PassRole",
+      "iam:ListRoles",
+      "iam:CreatePolicy",
+      "iam:AttachRolePolicy",
+      "iam:CreateRole",
+      "iam:CreateServiceLinkedRole",
+      "s3:GetBucketLocation",
+      "s3:ListAllMyBuckets",
+      "s3:ListBucket",
+      "s3:ListBucketVersions",
+      "s3:CreateBucket",
+      "s3:PutObject",
+      "s3:GetEncryptionConfiguration",
+      "ec2:DescribeSecurityGroups",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeVpcs",
+      "ec2:DescribeRouteTables",
+      "ec2:AuthorizeSecurityGroupIngress",
+      "ec2:CreateSecurityGroup",
+      "ec2:CreateVpcEndpoint",
+      "ec2:CreateNetworkInterface"
+    ],
+    "attributes": {
+      "kms_key": [
+        "kms:CreateGrant",
+        "kms:DescribeKey",
+        "kms:ListAliases"
+      ],
+      "tags": [
+        "airflow:TagResource",
+        "airflow:UntagResource"
+      ]
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/appconfig/aws_appconfig_extension.json b/src/mapping/aws/resource/appconfig/aws_appconfig_extension.json
index 142383f4..f5eed5c3 100644
--- a/src/mapping/aws/resource/appconfig/aws_appconfig_extension.json
+++ b/src/mapping/aws/resource/appconfig/aws_appconfig_extension.json
@@ -20,7 +20,8 @@
       "appconfig:UpdateExtension"
     ],
     "plan": [
-      "appconfig:GetExtension"
+      "appconfig:GetExtension",
+      "appconfig:ListTagsForResource"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/appconfig/aws_appconfig_extension_association.json b/src/mapping/aws/resource/appconfig/aws_appconfig_extension_association.json
index 09c7f313..4e07402b 100644
--- a/src/mapping/aws/resource/appconfig/aws_appconfig_extension_association.json
+++ b/src/mapping/aws/resource/appconfig/aws_appconfig_extension_association.json
@@ -19,7 +19,8 @@
       "appconfig:UpdateExtensionAssociation"
     ],
     "plan": [
-      "appconfig:GetExtensionAssociation"
+      "appconfig:GetExtensionAssociation",
+      "appconfig:ListTagsForResource"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/aps/aws_prometheus_workspace.json b/src/mapping/aws/resource/aps/aws_prometheus_workspace.json
index 3da49d1a..e3eccc61 100644
--- a/src/mapping/aws/resource/aps/aws_prometheus_workspace.json
+++ b/src/mapping/aws/resource/aps/aws_prometheus_workspace.json
@@ -3,7 +3,8 @@
     "apply": [
       "aps:CreateWorkspace",
       "aps:DescribeWorkspace",
-      "aps:ListTagsForResource"
+      "aps:ListTagsForResource",
+      "aps:DescribeLoggingConfiguration"
     ],
     "attributes": {
       "kms_key_arn": [
@@ -39,7 +40,8 @@
     ],
     "plan": [
       "aps:DescribeWorkspace",
-      "aps:ListTagsForResource"
+      "aps:ListTagsForResource",
+      "aps:DescribeLoggingConfiguration"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/aps/aws_prometheus_workspace_configuration.json b/src/mapping/aws/resource/aps/aws_prometheus_workspace_configuration.json
new file mode 100644
index 00000000..159f6c28
--- /dev/null
+++ b/src/mapping/aws/resource/aps/aws_prometheus_workspace_configuration.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aps:UpdateWorkspaceConfiguration",
+      "aps:DescribeWorkspaceConfiguration"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_prometheus_query_logging_configuration.json b/src/mapping/aws/resource/aws_prometheus_query_logging_configuration.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/aws/resource/aws_prometheus_query_logging_configuration.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/backup/aws_backup_framework.json b/src/mapping/aws/resource/backup/aws_backup_framework.json
index a309510f..e3aa2df3 100644
--- a/src/mapping/aws/resource/backup/aws_backup_framework.json
+++ b/src/mapping/aws/resource/backup/aws_backup_framework.json
@@ -2,21 +2,21 @@
   {
     "apply": [
       "ec2:DescribeAccountAttributes",
-      "Backup:CreateFramework",
-      "Backup:DescribeFramework",
-      "Backup:DeleteFramework",
-      "Backup:ListTags",
+      "backup:CreateFramework",
+      "backup:DescribeFramework",
+      "backup:DeleteFramework",
+      "backup:ListTags",
       "iam:CreateServiceLinkedRole"
     ],
     "attributes": {
       "tags": [
-        "Backup:UntagResource",
-        "Backup:TagResource"
+        "backup:UntagResource",
+        "backup:TagResource"
       ]
     },
     "destroy": [],
     "modify": [
-      "Backup:UpdateFramework"
+      "backup:UpdateFramework"
     ],
     "plan": []
   }
diff --git a/src/mapping/aws/resource/backup/aws_backup_global_settings.json b/src/mapping/aws/resource/backup/aws_backup_global_settings.json
index c68cb715..3a679339 100644
--- a/src/mapping/aws/resource/backup/aws_backup_global_settings.json
+++ b/src/mapping/aws/resource/backup/aws_backup_global_settings.json
@@ -2,8 +2,8 @@
   {
     "apply": [
       "ec2:DescribeAccountAttributes",
-      "Backup:UpdateGlobalSettings",
-      "Backup:DescribeGlobalSettings"
+      "backup:UpdateGlobalSettings",
+      "backup:DescribeGlobalSettings"
     ],
     "attributes": {
       "tags": []
diff --git a/src/mapping/aws/resource/backup/aws_backup_plan.json b/src/mapping/aws/resource/backup/aws_backup_plan.json
index bd4a6755..4e976733 100644
--- a/src/mapping/aws/resource/backup/aws_backup_plan.json
+++ b/src/mapping/aws/resource/backup/aws_backup_plan.json
@@ -2,19 +2,19 @@
   {
     "apply": [
       "ec2:DescribeAccountAttributes",
-      "Backup:CreateBackupPlan",
-      "Backup:GetBackupPlan",
-      "Backup:ListTags",
-      "Backup:DeleteBackupPlan"
+      "backup:CreateBackupPlan",
+      "backup:GetBackupPlan",
+      "backup:ListTags",
+      "backup:DeleteBackupPlan"
     ],
     "attributes": {
       "tags": [
-        "Backup:UntagResource",
-        "Backup:TagResource"
+        "backup:UntagResource",
+        "backup:TagResource"
       ]
     },
     "destroy": [
-      "Backup:UpdateBackupPlan"
+      "backup:UpdateBackupPlan"
     ],
     "modify": [],
     "plan": []
diff --git a/src/mapping/aws/resource/backup/aws_backup_region_settings.json b/src/mapping/aws/resource/backup/aws_backup_region_settings.json
index 7a6c1816..e7c28e24 100644
--- a/src/mapping/aws/resource/backup/aws_backup_region_settings.json
+++ b/src/mapping/aws/resource/backup/aws_backup_region_settings.json
@@ -2,8 +2,8 @@
   {
     "apply": [
       "ec2:DescribeAccountAttributes",
-      "Backup:UpdateRegionSettings",
-      "Backup:DescribeRegionSettings"
+      "backup:UpdateRegionSettings",
+      "backup:DescribeRegionSettings"
     ],
     "attributes": {
       "tags": []
diff --git a/src/mapping/aws/resource/backup/aws_backup_report_plan.json b/src/mapping/aws/resource/backup/aws_backup_report_plan.json
index 4b9c436c..5da77311 100644
--- a/src/mapping/aws/resource/backup/aws_backup_report_plan.json
+++ b/src/mapping/aws/resource/backup/aws_backup_report_plan.json
@@ -2,22 +2,22 @@
   {
     "apply": [
       "ec2:DescribeAccountAttributes",
-      "Backup:DescribeReportPlan",
-      "Backup:CreateReportPlan",
-      "Backup:DeleteReportPlan",
+      "backup:DescribeReportPlan",
+      "backup:CreateReportPlan",
+      "backup:DeleteReportPlan",
       "s3:ListBucket",
-      "Backup:ListTags",
+      "backup:ListTags",
       "iam:CreateServiceLinkedRole",
       "backup:UpdateReportPlan"
     ],
     "attributes": {
       "tags": [
-        "Backup:UntagResource",
-        "Backup:TagResource"
+        "backup:UntagResource",
+        "backup:TagResource"
       ]
     },
     "destroy": [
-      "Backup:DeleteReportPlan"
+      "backup:DeleteReportPlan"
     ],
     "modify": [
       "backup:UpdateReportPlan"
diff --git a/src/mapping/aws/resource/backup/aws_backup_restore_testing_plan.json b/src/mapping/aws/resource/backup/aws_backup_restore_testing_plan.json
new file mode 100644
index 00000000..c52938c2
--- /dev/null
+++ b/src/mapping/aws/resource/backup/aws_backup_restore_testing_plan.json
@@ -0,0 +1,30 @@
+[
+  {
+    "apply": [
+      "backup:CreateRestoreTestingPlan",
+      "backup:GetRestoreTestingPlan",
+      "backup:DeleteRestoreTestingPlan",
+      "backup:UpdateRestoreTestingPlan",
+      "backup:ListTags"
+    ],
+    "attributes": {
+      "tags": [
+        "backup:TagResource",
+        "backup:UntagResource"
+      ]
+    },
+    "destroy": [
+      "backup:DeleteRestoreTestingPlan",
+      "backup:GetRestoreTestingPlan"
+    ],
+    "modify": [
+      "backup:UpdateRestoreTestingPlan",
+      "backup:GetRestoreTestingPlan",
+      "backup:ListTags"
+    ],
+    "plan": [
+      "backup:GetRestoreTestingPlan",
+      "backup:ListTags"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/backup/aws_backup_selection.json b/src/mapping/aws/resource/backup/aws_backup_selection.json
index b8e39a54..5ea84b75 100644
--- a/src/mapping/aws/resource/backup/aws_backup_selection.json
+++ b/src/mapping/aws/resource/backup/aws_backup_selection.json
@@ -2,9 +2,9 @@
   {
     "apply": [
       "ec2:DescribeAccountAttributes",
-      "Backup:CreateBackupSelection",
-      "Backup:DeleteBackupSelection",
-      "Backup:GetBackupSelection",
+      "backup:CreateBackupSelection",
+      "backup:DeleteBackupSelection",
+      "backup:GetBackupSelection",
       "iam:GetRole",
       "iam:PassRole",
       "iam:CreateServiceLinkedRole"
@@ -13,11 +13,11 @@
       "tags": []
     },
     "destroy": [
-      "Backup:DeleteBackupSelection"
+      "backup:DeleteBackupSelection"
     ],
     "modify": [],
     "plan": [
-      "Backup:GetBackupSelection"
+      "backup:GetBackupSelection"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/backup/aws_backup_vault_notifications.json b/src/mapping/aws/resource/backup/aws_backup_vault_notifications.json
index c0cc56a0..a2363d36 100644
--- a/src/mapping/aws/resource/backup/aws_backup_vault_notifications.json
+++ b/src/mapping/aws/resource/backup/aws_backup_vault_notifications.json
@@ -8,7 +8,7 @@
     },
     "destroy": [
       "backup:DeleteBackupVaultNotifications",
-      "Backup:GetBackupVaultNotifications"
+      "backup:GetBackupVaultNotifications"
     ],
     "modify": [],
     "plan": []
diff --git a/src/mapping/aws/resource/batch/aws_batch_compute_environment.json b/src/mapping/aws/resource/batch/aws_batch_compute_environment.json
index 49befa02..7d8f688c 100644
--- a/src/mapping/aws/resource/batch/aws_batch_compute_environment.json
+++ b/src/mapping/aws/resource/batch/aws_batch_compute_environment.json
@@ -20,7 +20,7 @@
     ],
     "attributes": {
       "eks_configuration": [
-        "Eks:DescribeCluster"
+        "eks:DescribeCluster"
       ],
       "tags": [
         "batch:TagResource",
diff --git a/src/mapping/aws/resource/bedrock/aws_bedrockagent_prompt.json b/src/mapping/aws/resource/bedrock/aws_bedrockagent_prompt.json
new file mode 100644
index 00000000..82e8cc9d
--- /dev/null
+++ b/src/mapping/aws/resource/bedrock/aws_bedrockagent_prompt.json
@@ -0,0 +1,30 @@
+[
+  {
+    "apply": [
+      "bedrock:CreatePrompt",
+      "bedrock:DeletePrompt",
+      "bedrock:UpdatePrompt",
+      "bedrock:GetPrompt",
+      "bedrock:ListTagsForResource"
+    ],
+    "attributes": {
+      "customer_encryption_key_arn": [
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
+      ],
+      "tags": [
+        "bedrock:UntagResource",
+        "bedrock:TagResource"
+      ]
+    },
+    "destroy": [
+      "bedrock:DeletePrompt"
+    ],
+    "modify": [
+      "bedrock:UpdatePrompt"
+    ],
+    "plan": [
+      "bedrock:GetPrompt"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/ce/aws_ce_anomaly_monitor.json b/src/mapping/aws/resource/ce/aws_ce_anomaly_monitor.json
index 8fc4f750..cd59f357 100644
--- a/src/mapping/aws/resource/ce/aws_ce_anomaly_monitor.json
+++ b/src/mapping/aws/resource/ce/aws_ce_anomaly_monitor.json
@@ -19,6 +19,9 @@
     "modify": [
       "ce:UpdateAnomalyMonitor"
     ],
-    "plan": []
+    "plan": [
+      "ce:GetAnomalyMonitors",
+      "ce:ListTagsForResource"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/ce/aws_ce_anomaly_subscription.json b/src/mapping/aws/resource/ce/aws_ce_anomaly_subscription.json
index c9b3b641..35b18bbe 100644
--- a/src/mapping/aws/resource/ce/aws_ce_anomaly_subscription.json
+++ b/src/mapping/aws/resource/ce/aws_ce_anomaly_subscription.json
@@ -4,7 +4,8 @@
       "ce:CreateAnomalySubscription",
       "ce:GetAnomalySubscriptions",
       "ce:DeleteAnomalySubscription",
-      "ce:UpdateAnomalySubscription"
+      "ce:UpdateAnomalySubscription",
+      "ce:ListTagsForResource"
     ],
     "attributes": {
       "tags": [
@@ -19,7 +20,8 @@
       "ce:UpdateAnomalySubscription"
     ],
     "plan": [
-      "ce:GetAnomalySubscriptions"
+      "ce:GetAnomalySubscriptions",
+      "ce:ListTagsForResource"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/cloudfront-keyvaluestore/aws_cloudfrontkeyvaluestore_keys_exclusive.json b/src/mapping/aws/resource/cloudfront-keyvaluestore/aws_cloudfrontkeyvaluestore_keys_exclusive.json
new file mode 100644
index 00000000..e9eaf4ba
--- /dev/null
+++ b/src/mapping/aws/resource/cloudfront-keyvaluestore/aws_cloudfrontkeyvaluestore_keys_exclusive.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "cloudfront-keyvaluestore:DescribeKeyValueStore",
+      "cloudfront-keyvaluestore:ListKeys",
+      "cloudfront-keyvaluestore:UpdateKeys"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/cloudtrail/aws_cloudtrail_event_data_store.json b/src/mapping/aws/resource/cloudtrail/aws_cloudtrail_event_data_store.json
index 9beee5ba..12f9b06a 100644
--- a/src/mapping/aws/resource/cloudtrail/aws_cloudtrail_event_data_store.json
+++ b/src/mapping/aws/resource/cloudtrail/aws_cloudtrail_event_data_store.json
@@ -5,10 +5,10 @@
       "cloudtrail:AddTags",
       "cloudtrail:GetEventDataStore",
       "cloudtrail:ListTags",
-      "CloudTrail:ListEventDataStores",
+      "cloudtrail:ListEventDataStores",
       "cloudtrail:DeleteEventDataStore",
       "cloudtrail:UpdateEventDataStore",
-      "CloudTrail:RestoreEventDataStore"
+      "cloudtrail:RestoreEventDataStore"
     ],
     "attributes": {
       "kms_key_id": [
@@ -17,16 +17,16 @@
         "kms:DescribeKey"
       ],
       "multi_region_enabled": [
-        "CloudTrail:EnableFederation",
-        "CloudTrail:DisableFederation"
+        "cloudtrail:EnableFederation",
+        "cloudtrail:DisableFederation"
       ],
       "organization_enabled": [
         "organizations:DescribeOrganization",
         "organizations:ListAWSServiceAccessForOrganization"
       ],
       "tags": [
-        "CloudTrail:AddTags",
-        "CloudTrail:RemoveTags"
+        "cloudtrail:AddTags",
+        "cloudtrail:RemoveTags"
       ]
     },
     "destroy": [
@@ -34,7 +34,7 @@
     ],
     "modify": [
       "cloudtrail:UpdateEventDataStore",
-      "CloudTrail:RestoreEventDataStore"
+      "cloudtrail:RestoreEventDataStore"
     ],
     "plan": []
   }
diff --git a/src/mapping/aws/resource/dataexchange/aws_dataexchange_revision_assets.json b/src/mapping/aws/resource/dataexchange/aws_dataexchange_revision_assets.json
new file mode 100644
index 00000000..dfa336c0
--- /dev/null
+++ b/src/mapping/aws/resource/dataexchange/aws_dataexchange_revision_assets.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "dataexchange:ListTagsForResource",
+      "dataexchange:CreateRevision",
+      "dataexchange:DeleteRevision",
+      "dataexchange:UpdateRevision",
+      "dataexchange:GetRevision"
+    ],
+    "attributes": {
+      "tags": [
+        "dataexchange:TagResource",
+        "dataexchange:UntagResource"
+      ]
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/dsql/aws_dsql_cluster.json b/src/mapping/aws/resource/dsql/aws_dsql_cluster.json
new file mode 100644
index 00000000..f25e2f10
--- /dev/null
+++ b/src/mapping/aws/resource/dsql/aws_dsql_cluster.json
@@ -0,0 +1,28 @@
+[
+  {
+    "apply": [
+      "dsql:CreateCluster",
+      "dsql:GetCluster",
+      "iam:CreateServiceLinkedRole",
+      "dsql:GetVpcEndpointServiceName",
+      "dsql:ListTagsForResource",
+      "dsql:UpdateCluster",
+      "dsql:DeleteCluster"
+    ],
+    "attributes": {
+      "tags": [
+        "dsql:TagResource",
+        "dsql:UntagResource"
+      ]
+    },
+    "destroy": [
+      "dsql:DeleteCluster"
+    ],
+    "modify": [
+      "dsql:UpdateCluster"
+    ],
+    "plan": [
+      "dsql:GetCluster"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/dsql/aws_dsql_cluster_peering.json b/src/mapping/aws/resource/dsql/aws_dsql_cluster_peering.json
new file mode 100644
index 00000000..787885f0
--- /dev/null
+++ b/src/mapping/aws/resource/dsql/aws_dsql_cluster_peering.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dsql:AddPeerCluster",
+      "dsql:RemovePeerCluster"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "dsql:RemovePeerCluster"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/dynamodb/aws_dynamodb_table.json b/src/mapping/aws/resource/dynamodb/aws_dynamodb_table.json
index dbf51d6a..aeb97f7d 100644
--- a/src/mapping/aws/resource/dynamodb/aws_dynamodb_table.json
+++ b/src/mapping/aws/resource/dynamodb/aws_dynamodb_table.json
@@ -17,6 +17,9 @@
         "kms:Encrypt",
         "kms:RevokeGrant"
       ],
+      "point_in_time_recovery": [
+        "dynamodb:UpdateContinuousBackups"
+      ],
       "replica": [
         "dynamodb:CreateTableReplica",
         "dynamodb:Query",
@@ -52,6 +55,8 @@
       "dynamodb:UpdateTable",
       "dynamodb:UpdateTimeToLive"
     ],
-    "plan": []
+    "plan": [
+      "dynamodb:DescribeTable"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/ec2/aws_ec2_default_credit_specification.json b/src/mapping/aws/resource/ec2/aws_ec2_default_credit_specification.json
new file mode 100644
index 00000000..e68fcd5a
--- /dev/null
+++ b/src/mapping/aws/resource/ec2/aws_ec2_default_credit_specification.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "ec2:GetDefaultCreditSpecification",
+      "ec2:ModifyDefaultCreditSpecification"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/ec2/aws_ec2_managed_prefix_list.json b/src/mapping/aws/resource/ec2/aws_ec2_managed_prefix_list.json
index 158c794a..7a01087c 100644
--- a/src/mapping/aws/resource/ec2/aws_ec2_managed_prefix_list.json
+++ b/src/mapping/aws/resource/ec2/aws_ec2_managed_prefix_list.json
@@ -1,23 +1,23 @@
 [
   {
     "apply": [
-      "EC2:CreateManagedPrefixList",
-      "EC2:DescribeManagedPrefixLists",
-      "EC2:DeleteManagedPrefixList",
-      "EC2:GetManagedPrefixListEntries",
-      "EC2:ModifyManagedPrefixList"
+      "ec2:CreateManagedPrefixList",
+      "ec2:DescribeManagedPrefixLists",
+      "ec2:DeleteManagedPrefixList",
+      "ec2:GetManagedPrefixListEntries",
+      "ec2:ModifyManagedPrefixList"
     ],
     "attributes": {
       "tags": [
-        "EC2:CreateTags"
+        "ec2:CreateTags"
       ]
     },
     "destroy": [
-      "EC2:DeleteManagedPrefixList"
+      "ec2:DeleteManagedPrefixList"
     ],
     "modify": [
-      "EC2:GetManagedPrefixListEntries",
-      "EC2:ModifyManagedPrefixList"
+      "ec2:GetManagedPrefixListEntries",
+      "ec2:ModifyManagedPrefixList"
     ],
     "plan": []
   }
diff --git a/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_connect.json b/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_connect.json
index c4f0dc14..4e5b6e2a 100644
--- a/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_connect.json
+++ b/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_connect.json
@@ -3,7 +3,8 @@
     "apply": [
       "ec2:CreateTransitGatewayConnect",
       "ec2:DescribeTransitGatewayConnects",
-      "ec2:DeleteTransitGatewayConnect"
+      "ec2:DeleteTransitGatewayConnect",
+      "ec2:DescribeTags"
     ],
     "attributes": {
       "tags": [
@@ -14,7 +15,10 @@
     "destroy": [
       "ec2:DeleteTransitGatewayConnect"
     ],
-    "modify": [],
+    "modify": [
+      "ec2:DescribeTransitGatewayConnects",
+      "ec2:DescribeTags"
+    ],
     "plan": [
       "ec2:DescribeTransitGatewayConnects"
     ]
diff --git a/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_multicast_domain.json b/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_multicast_domain.json
index b1d0cfe5..b5172605 100644
--- a/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_multicast_domain.json
+++ b/src/mapping/aws/resource/ec2/aws_ec2_transit_gateway_multicast_domain.json
@@ -2,7 +2,8 @@
   {
     "apply": [
       "ec2:DescribeTransitGatewayMulticastDomains",
-      "ec2:CreateTransitGatewayMulticastDomain"
+      "ec2:CreateTransitGatewayMulticastDomain",
+      "ec2:DescribeTags"
     ],
     "attributes": {
       "tags": [
@@ -11,11 +12,16 @@
       ]
     },
     "destroy": [
-      "ec2:DeleteTransitGatewayMulticastDomain"
+      "ec2:DeleteTransitGatewayMulticastDomain",
+      "ec2:DescribeTags"
+    ],
+    "modify": [
+      "ec2:DescribeTransitGatewayMulticastDomains",
+      "ec2:DescribeTags"
     ],
-    "modify": [],
     "plan": [
-      "ec2:DescribeTransitGatewayMulticastDomains"
+      "ec2:DescribeTransitGatewayMulticastDomains",
+      "ec2:DescribeTags"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/ec2/aws_vpc_endpoint.json b/src/mapping/aws/resource/ec2/aws_vpc_endpoint.json
index fb062df0..4bbbfcb2 100644
--- a/src/mapping/aws/resource/ec2/aws_vpc_endpoint.json
+++ b/src/mapping/aws/resource/ec2/aws_vpc_endpoint.json
@@ -9,7 +9,8 @@
       "ec2:DescribeSubnets",
       "ec2:DescribeSecurityGroups",
       "vpc-lattice:CreateServiceNetworkVpcEndpointAssociation",
-      "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation"
+      "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation",
+      "vpce:AllowMultiRegion"
     ],
     "attributes": {
       "tags": [
@@ -18,11 +19,27 @@
       ]
     },
     "destroy": [
-      "ec2:DeleteVpcEndpoints"
+      "ec2:DeleteVpcEndpoints",
+      "ec2:DescribeVpcEndpoints",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeSecurityGroups",
+      "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation",
+      "vpce:AllowMultiRegion"
     ],
     "modify": [
-      "ec2:ModifyVpcEndpoint"
+      "ec2:ModifyVpcEndpoint",
+      "ec2:DescribeVpcEndpoints",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeSecurityGroups",
+      "vpc-lattice:CreateServiceNetworkVpcEndpointAssociation",
+      "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation",
+      "vpce:AllowMultiRegion"
     ],
-    "plan": []
+    "plan": [
+      "ec2:DescribeVpcEndpoints",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeSecurityGroups",
+      "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/ec2/aws_vpc_route_server.json b/src/mapping/aws/resource/ec2/aws_vpc_route_server.json
new file mode 100644
index 00000000..d3405f9c
--- /dev/null
+++ b/src/mapping/aws/resource/ec2/aws_vpc_route_server.json
@@ -0,0 +1,31 @@
+[
+  {
+    "apply": [
+      "ec2:DescribeRouteServers",
+      "ec2:DeleteRouteServer",
+      "ec2:CreateRouteServer",
+      "ec2:DisassociateRouteServer",
+      "ec2:ModifyRouteServer"
+    ],
+    "attributes": {
+      "sns_notifications_enabled": [
+        "sns:DeleteTopic",
+        "sns:CreateTopic"
+      ],
+      "tags": [
+        "ec2:CreateTags",
+        "ec2:DeleteTags"
+      ]
+    },
+    "destroy": [
+      "ec2:DeleteRouteServer",
+      "ec2:DisassociateRouteServer"
+    ],
+    "modify": [
+      "ec2:ModifyRouteServer"
+    ],
+    "plan": [
+      "ec2:DescribeRouteServers"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/ec2/aws_vpc_route_server_endpoint.json b/src/mapping/aws/resource/ec2/aws_vpc_route_server_endpoint.json
new file mode 100644
index 00000000..0dd6ac21
--- /dev/null
+++ b/src/mapping/aws/resource/ec2/aws_vpc_route_server_endpoint.json
@@ -0,0 +1,33 @@
+[
+  {
+    "apply": [
+      "ec2:CreateRouteServerEndpoint",
+      "ec2:DeleteRouteServerEndpoint",
+      "ec2:DescribeRouteServerEndpoints",
+      "ec2:CreateSecurityGroup",
+      "ec2:DescribeSecurityGroups",
+      "ec2:DescribeAccountAttributes",
+      "ec2:DescribeNetworkInterfaces",
+      "ec2:DeleteSecurityGroup",
+      "ec2:AuthorizeSecurityGroupIngress",
+      "ec2:RevokeSecurityGroupIngress",
+      "ec2:AuthorizeSecurityGroupEgress",
+      "ec2:RevokeSecurityGroupEgress",
+      "ec2:CreateNetworkInterface",
+      "ec2:DescribeNetworkInterfaces",
+      "ec2:DeleteNetworkInterface",
+      "ec2:ModifyNetworkInterfaceAttribute",
+      "ec2:UnassignIpv6Addresses",
+      "ec2:AssignIpv6Addresses",
+      "ec2:UnassignPrivateIpAddresses",
+      "ec2:AssignPrivateIpAddresses",
+      "ec2:ModifyPublicIpDnsNameOptions"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/ec2/aws_vpc_route_server_peer.json b/src/mapping/aws/resource/ec2/aws_vpc_route_server_peer.json
new file mode 100644
index 00000000..c6c89167
--- /dev/null
+++ b/src/mapping/aws/resource/ec2/aws_vpc_route_server_peer.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "ec2:DescribeRouteServerPeers",
+      "ec2:CreateRouteServerPeer",
+      "ec2:DeleteRouteServerPeer"
+    ],
+    "attributes": {
+      "tags": [
+        "ec2:CreateTags",
+        "ec2:DeleteTags"
+      ]
+    },
+    "destroy": [
+      "ec2:DeleteRouteServerPeer"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/ec2/aws_vpc_route_server_propagation.json b/src/mapping/aws/resource/ec2/aws_vpc_route_server_propagation.json
new file mode 100644
index 00000000..d41f85d4
--- /dev/null
+++ b/src/mapping/aws/resource/ec2/aws_vpc_route_server_propagation.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "ec2:DisableRouteServerPropagation",
+      "ec2:EnableRouteServerPropagation",
+      "ec2:GetRouteServerPropagations"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "ec2:DisableRouteServerPropagation"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/ec2/aws_vpc_route_server_vpc_association.json b/src/mapping/aws/resource/ec2/aws_vpc_route_server_vpc_association.json
new file mode 100644
index 00000000..59959c0a
--- /dev/null
+++ b/src/mapping/aws/resource/ec2/aws_vpc_route_server_vpc_association.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "ec2:AssociateRouteServer",
+      "ec2:DisassociateRouteServer"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/events/aws_cloudwatch_event_archive.json b/src/mapping/aws/resource/events/aws_cloudwatch_event_archive.json
new file mode 100644
index 00000000..947e4b2e
--- /dev/null
+++ b/src/mapping/aws/resource/events/aws_cloudwatch_event_archive.json
@@ -0,0 +1,31 @@
+[
+  {
+    "apply": [
+      "events:DescribeArchive",
+      "events:CreateArchive",
+      "kms:DescribeKey",
+      "kms:GenerateDataKey",
+      "kms:Decrypt"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "events:DescribeArchive",
+      "events:DeleteArchive"
+    ],
+    "modify": [
+      "events:DescribeArchive",
+      "events:UpdateArchive",
+      "kms:DescribeKey",
+      "kms:GenerateDataKey",
+      "kms:Decrypt",
+      "kms:ReEncryptTo",
+      "kms:ReEncryptFrom"
+    ],
+    "plan": [
+      "events:DescribeArchive",
+      "kms:Decrypt"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/events/aws_cloudwatch_event_connection.json b/src/mapping/aws/resource/events/aws_cloudwatch_event_connection.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/aws/resource/events/aws_cloudwatch_event_connection.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/gamelift/aws_gamelift_alias.json b/src/mapping/aws/resource/gamelift/aws_gamelift_alias.json
index 29b63345..d4818433 100644
--- a/src/mapping/aws/resource/gamelift/aws_gamelift_alias.json
+++ b/src/mapping/aws/resource/gamelift/aws_gamelift_alias.json
@@ -4,10 +4,14 @@
       "gamelift:CreateAlias",
       "gamelift:UpdateAlias",
       "gamelift:DeleteAlias",
-      "gamelift:DescribeAlias"
+      "gamelift:DescribeAlias",
+      "gamelift:ListTagsForResource"
     ],
     "attributes": {
-      "tags": []
+      "tags": [
+        "gamelift:TagResource",
+        "gamelift:UntagResource"
+      ]
     },
     "destroy": [
       "gamelift:DeleteAlias"
@@ -16,7 +20,8 @@
       "gamelift:UpdateAlias"
     ],
     "plan": [
-      "gamelift:DescribeAlias"
+      "gamelift:DescribeAlias",
+      "gamelift:ListTagsForResource"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/gamelift/aws_gamelift_build.json b/src/mapping/aws/resource/gamelift/aws_gamelift_build.json
index 7ffd245d..93e9a0c4 100644
--- a/src/mapping/aws/resource/gamelift/aws_gamelift_build.json
+++ b/src/mapping/aws/resource/gamelift/aws_gamelift_build.json
@@ -5,10 +5,14 @@
       "gamelift:CreateBuild",
       "gamelift:DescribeBuild",
       "gamelift:DeleteBuild",
-      "gamelift:UpdateBuild"
+      "gamelift:UpdateBuild",
+      "gamelift:ListTagsForResource"
     ],
     "attributes": {
-      "tags": []
+      "tags": [
+        "gamelift:TagResource",
+        "gamelift:UntagResource"
+      ]
     },
     "destroy": [
       "gamelift:DescribeBuild",
diff --git a/src/mapping/aws/resource/gamelift/aws_gamelift_game_session_queue.json b/src/mapping/aws/resource/gamelift/aws_gamelift_game_session_queue.json
index b4853a05..f19f023f 100644
--- a/src/mapping/aws/resource/gamelift/aws_gamelift_game_session_queue.json
+++ b/src/mapping/aws/resource/gamelift/aws_gamelift_game_session_queue.json
@@ -4,7 +4,8 @@
       "gamelift:CreateGameSessionQueue",
       "gamelift:ListTagsForResource",
       "gamelift:DescribeGameSessionQueues",
-      "gamelift:UpdateGameSessionQueue"
+      "gamelift:UpdateGameSessionQueue",
+      "gamelift:DeleteGameSessionQueue"
     ],
     "attributes": {
       "tags": [
@@ -16,7 +17,8 @@
       "gamelift:DeleteGameSessionQueue"
     ],
     "modify": [
-      "gamelift:UpdateGameSessionQueue"
+      "gamelift:UpdateGameSessionQueue",
+      "gamelift:DescribeGameSessionQueues"
     ],
     "plan": [
       "gamelift:DescribeGameSessionQueues"
diff --git a/src/mapping/aws/resource/inspector2/aws_inspector2_filter.json b/src/mapping/aws/resource/inspector2/aws_inspector2_filter.json
new file mode 100644
index 00000000..723f89f5
--- /dev/null
+++ b/src/mapping/aws/resource/inspector2/aws_inspector2_filter.json
@@ -0,0 +1,26 @@
+[
+  {
+    "apply": [
+      "inspector2:ListTagsForResource",
+      "inspector2:CreateFilter",
+      "inspector2:ListFilters",
+      "inspector2:DeleteFilter",
+      "inspector2:UpdateFilter"
+    ],
+    "attributes": {
+      "tags": [
+        "inspector2:TagResource",
+        "inspector2:UntagResource"
+      ]
+    },
+    "destroy": [
+      "inspector2:DeleteFilter"
+    ],
+    "modify": [
+      "inspector2:UpdateFilter"
+    ],
+    "plan": [
+      "inspector2:ListFilters"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/kafka/aws_msk_cluster.json b/src/mapping/aws/resource/kafka/aws_msk_cluster.json
index b1f21175..fda2cf22 100644
--- a/src/mapping/aws/resource/kafka/aws_msk_cluster.json
+++ b/src/mapping/aws/resource/kafka/aws_msk_cluster.json
@@ -1,42 +1,42 @@
 [
   {
     "apply": [
-      "Kafka:CreateCluster",
+      "kafka:CreateCluster",
       "ec2:DescribeSubnets",
       "ec2:DescribeVpcs",
       "ec2:DescribeSecurityGroups",
       "iam:CreateServiceLinkedRole",
-      "Kafka:DescribeClusterV2",
-      "Kafka:DescribeCluster",
-      "Kafka:ListTagsForResource",
-      "Kafka:GetBootstrapBrokers",
-      "Kafka:DeleteCluster",
+      "kafka:DescribeClusterV2",
+      "kafka:DescribeCluster",
+      "kafka:ListTagsForResource",
+      "kafka:GetBootstrapBrokers",
+      "kafka:DeleteCluster",
       "ec2:DeleteVpcEndpoints",
       "ec2:DescribeVpcAttribute",
       "ec2:DescribeVpcEndpoints",
-      "Kafka:DescribeClusterOperation"
+      "kafka:DescribeClusterOperation"
     ],
     "attributes": {
       "tags": [
-        "Kafka:TagResource",
-        "Kafka:UntagResource"
+        "kafka:TagResource",
+        "kafka:UntagResource"
       ]
     },
     "destroy": [
-      "Kafka:DeleteCluster",
+      "kafka:DeleteCluster",
       "ec2:DeleteVpcEndpoints"
     ],
     "modify": [
-      "Kafka:UpdateSecurity",
-      "Kafka:UpdateBrokerCount",
-      "Kafka:UpdateBrokerStorage",
-      "Kafka:UpdateBrokerType",
-      "Kafka:UpdateClusterConfiguration",
-      "Kafka:UpdateClusterKafkaVersion",
-      "Kafka:UpdateConnectivity",
-      "Kafka:UpdateMonitoring",
-      "Kafka:UpdateSecurity",
-      "Kafka:UpdateStorage"
+      "kafka:UpdateSecurity",
+      "kafka:UpdateBrokerCount",
+      "kafka:UpdateBrokerStorage",
+      "kafka:UpdateBrokerType",
+      "kafka:UpdateClusterConfiguration",
+      "kafka:UpdateClusterKafkaVersion",
+      "kafka:UpdateConnectivity",
+      "kafka:UpdateMonitoring",
+      "kafka:UpdateSecurity",
+      "kafka:UpdateStorage"
     ],
     "plan": []
   }
diff --git a/src/mapping/aws/resource/kafka/aws_msk_configuration.json b/src/mapping/aws/resource/kafka/aws_msk_configuration.json
index c1d48b47..bd3188ea 100644
--- a/src/mapping/aws/resource/kafka/aws_msk_configuration.json
+++ b/src/mapping/aws/resource/kafka/aws_msk_configuration.json
@@ -1,22 +1,22 @@
 [
   {
     "apply": [
-      "Kafka:CreateConfiguration",
-      "Kafka:DeleteConfiguration",
-      "Kafka:DescribeConfiguration",
-      "Kafka:DescribeConfigurationRevision"
+      "kafka:CreateConfiguration",
+      "kafka:DeleteConfiguration",
+      "kafka:DescribeConfiguration",
+      "kafka:DescribeConfigurationRevision"
     ],
     "attributes": {
       "tags": []
     },
     "destroy": [
-      "Kafka:DeleteConfiguration"
+      "kafka:DeleteConfiguration"
     ],
     "modify": [
-      "Kafka:UpdateConfiguration",
-      "Kafka:DescribeConfigurationRevision",
-      "Kafka:UpdateClusterConfiguration",
-      "Kafka:UpdateConfiguration"
+      "kafka:UpdateConfiguration",
+      "kafka:DescribeConfigurationRevision",
+      "kafka:UpdateClusterConfiguration",
+      "kafka:UpdateConfiguration"
     ],
     "plan": []
   }
diff --git a/src/mapping/aws/resource/kafka/aws_msk_scram_secret_association.json b/src/mapping/aws/resource/kafka/aws_msk_scram_secret_association.json
index 08a3e57e..56202483 100644
--- a/src/mapping/aws/resource/kafka/aws_msk_scram_secret_association.json
+++ b/src/mapping/aws/resource/kafka/aws_msk_scram_secret_association.json
@@ -3,15 +3,15 @@
     "apply": [
       "kms:DescribeKey",
       "kms:CreateGrant",
-      "Kafka:BatchAssociateScramSecret",
-      "Kafka:BatchDisassociateScramSecret",
-      "Kafka:ListScramSecrets"
+      "kafka:BatchAssociateScramSecret",
+      "kafka:BatchDisassociateScramSecret",
+      "kafka:ListScramSecrets"
     ],
     "attributes": {
       "tags": []
     },
     "destroy": [
-      "Kafka:BatchDisassociateScramSecret"
+      "kafka:BatchDisassociateScramSecret"
     ],
     "modify": [],
     "plan": []
diff --git a/src/mapping/aws/resource/kafka/aws_msk_serverless_cluster.json b/src/mapping/aws/resource/kafka/aws_msk_serverless_cluster.json
index 17855ad6..a5a80913 100644
--- a/src/mapping/aws/resource/kafka/aws_msk_serverless_cluster.json
+++ b/src/mapping/aws/resource/kafka/aws_msk_serverless_cluster.json
@@ -1,7 +1,7 @@
 [
   {
     "apply": [
-      "Kafka:CreateClusterV2",
+      "kafka:CreateClusterV2",
       "ec2:CreateVpcEndpoint",
       "ec2:DeleteVpcEndpoints",
       "ec2:DescribeSecurityGroups",
@@ -9,9 +9,9 @@
       "ec2:DescribeVpcAttribute",
       "ec2:DescribeVpcEndpoints",
       "ec2:DescribeVpcs",
-      "Kafka:DescribeClusterV2",
-      "Kafka:ListTagsForResource",
-      "Kafka:DeleteCluster",
+      "kafka:DescribeClusterV2",
+      "kafka:ListTagsForResource",
+      "kafka:DeleteCluster",
       "ec2:DeleteVpcEndpoints",
       "ec2:DescribeVpcAttribute",
       "ec2:DescribeVpcEndpoints"
@@ -20,12 +20,12 @@
       "tags": [
         "ec2:CreateTags",
         "ec2:DeleteTags",
-        "Kafka:TagResource",
-        "Kafka:UntagResource"
+        "kafka:TagResource",
+        "kafka:UntagResource"
       ]
     },
     "destroy": [
-      "Kafka:DeleteCluster",
+      "kafka:DeleteCluster",
       "ec2:DeleteVpcEndpoints",
       "ec2:DescribeVpcAttribute",
       "ec2:DescribeVpcEndpoints"
diff --git a/src/mapping/aws/resource/kms/aws_kms_key.json b/src/mapping/aws/resource/kms/aws_kms_key.json
index 46438b02..c8a35a32 100644
--- a/src/mapping/aws/resource/kms/aws_kms_key.json
+++ b/src/mapping/aws/resource/kms/aws_kms_key.json
@@ -4,6 +4,9 @@
       "kms:CreateKey"
     ],
     "attributes": {
+      "description": [
+        "kms:UpdateKeyDescription"
+      ],
       "enable_key_rotation": [
         "kms:EnableKeyRotation"
       ],
diff --git a/src/mapping/aws/resource/lambda/aws_lambda_event_source_mapping.json b/src/mapping/aws/resource/lambda/aws_lambda_event_source_mapping.json
index 7041a62c..2e573ddd 100644
--- a/src/mapping/aws/resource/lambda/aws_lambda_event_source_mapping.json
+++ b/src/mapping/aws/resource/lambda/aws_lambda_event_source_mapping.json
@@ -1,21 +1,33 @@
 [
   {
     "apply": [
-      "ec2:DescribeAccountAttributes",
       "lambda:CreateEventSourceMapping",
       "lambda:GetEventSourceMapping",
       "lambda:DeleteEventSourceMapping",
-      "lambda:UpdateEventSourceMapping"
+      "lambda:UpdateEventSourceMapping",
+      "lambda:ListTags"
     ],
     "attributes": {
-      "tags": []
+      "kms_key_arn": [
+        "kms:DescribeKey",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
+      ],
+      "tags": [
+        "lambda:TagResource",
+        "lambda:UntagResource"
+      ]
     },
     "destroy": [
-      "lambda:DeleteEventSourceMapping"
+      "lambda:DeleteEventSourceMapping",
+      "lambda:GetEventSourceMapping"
     ],
     "modify": [
       "lambda:UpdateEventSourceMapping"
     ],
-    "plan": []
+    "plan": [
+      "lambda:GetEventSourceMapping",
+      "lambda:ListTags"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/lightsail/aws_lightsail_bucket_access_key.json b/src/mapping/aws/resource/lightsail/aws_lightsail_bucket_access_key.json
new file mode 100644
index 00000000..0ba465f9
--- /dev/null
+++ b/src/mapping/aws/resource/lightsail/aws_lightsail_bucket_access_key.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "lightsail:CreateBucketAccessKey",
+      "lightsail:DeleteBucketAccessKey",
+      "lightsail:GetBucketAccessKeys"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/memorydb/aws_memorydb_acl.json b/src/mapping/aws/resource/memorydb/aws_memorydb_acl.json
index 0dee3abd..347e0f09 100644
--- a/src/mapping/aws/resource/memorydb/aws_memorydb_acl.json
+++ b/src/mapping/aws/resource/memorydb/aws_memorydb_acl.json
@@ -6,7 +6,8 @@
       "memorydb:ListTags",
       "memorydb:ModifyReplicationGroup",
       "memorydb:DeleteACL",
-      "memorydb:UpdateACL"
+      "memorydb:UpdateACL",
+      "iam:CreateServiceLinkedRole"
     ],
     "attributes": {
       "tags": [
@@ -22,6 +23,9 @@
     "modify": [
       "memorydb:UpdateACL"
     ],
-    "plan": []
+    "plan": [
+      "memorydb:DescribeACLs",
+      "memorydb:ListTags"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/memorydb/aws_memorydb_cluster.json b/src/mapping/aws/resource/memorydb/aws_memorydb_cluster.json
index 27866ce54..3dacb277 100644
--- a/src/mapping/aws/resource/memorydb/aws_memorydb_cluster.json
+++ b/src/mapping/aws/resource/memorydb/aws_memorydb_cluster.json
@@ -4,20 +4,30 @@
       "memorydb:CreateCluster",
       "memorydb:DescribeClusters",
       "memorydb:DeleteCluster",
-      "memorydb:ListTags"
+      "memorydb:ListTags",
+      "iam:CreateServiceLinkedRole"
     ],
     "attributes": {
+      "kms_key_arn": [
+        "kms:DescribeKey",
+        "kms:CreateGrant"
+      ],
       "tags": [
         "memorydb:TagResource",
         "memorydb:UntagResource"
       ]
     },
     "destroy": [
-      "memorydb:DeleteCluster"
+      "memorydb:DeleteCluster",
+      "memorydb:DescribeClusters"
     ],
     "modify": [
-      "memorydb:UpdateCluster"
+      "memorydb:UpdateCluster",
+      "memorydb:DescribeClusters"
     ],
-    "plan": []
+    "plan": [
+      "memorydb:DescribeClusters",
+      "memorydb:ListTags"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/memorydb/aws_memorydb_multi_region_cluster.json b/src/mapping/aws/resource/memorydb/aws_memorydb_multi_region_cluster.json
index c96eccc5..04216116 100644
--- a/src/mapping/aws/resource/memorydb/aws_memorydb_multi_region_cluster.json
+++ b/src/mapping/aws/resource/memorydb/aws_memorydb_multi_region_cluster.json
@@ -5,7 +5,8 @@
       "memorydb:DescribeMultiRegionClusters",
       "memorydb:DeleteMultiRegionCluster",
       "memorydb:UpdateMultiRegionCluster",
-      "memorydb:ListTags"
+      "memorydb:ListTags",
+      "iam:CreateServiceLinkedRole"
     ],
     "attributes": {
       "tags": [
diff --git a/src/mapping/aws/resource/memorydb/aws_memorydb_parameter_group.json b/src/mapping/aws/resource/memorydb/aws_memorydb_parameter_group.json
index 640e9d90..b2402c59 100644
--- a/src/mapping/aws/resource/memorydb/aws_memorydb_parameter_group.json
+++ b/src/mapping/aws/resource/memorydb/aws_memorydb_parameter_group.json
@@ -6,7 +6,8 @@
       "memorydb:ListTags",
       "memorydb:UpdateParameterGroup",
       "memorydb:DescribeParameters",
-      "memorydb:DescribeClusters"
+      "memorydb:DescribeClusters",
+      "iam:CreateServiceLinkedRole"
     ],
     "attributes": {
       "tags": [
diff --git a/src/mapping/aws/resource/memorydb/aws_memorydb_subnet_group.json b/src/mapping/aws/resource/memorydb/aws_memorydb_subnet_group.json
index 5ac15162..b4e78704 100644
--- a/src/mapping/aws/resource/memorydb/aws_memorydb_subnet_group.json
+++ b/src/mapping/aws/resource/memorydb/aws_memorydb_subnet_group.json
@@ -4,7 +4,8 @@
       "memorydb:CreateSubnetGroup",
       "memorydb:DescribeSubnetGroups",
       "memorydb:ListTags",
-      "memorydb:DeleteSubnetGroup"
+      "memorydb:DeleteSubnetGroup",
+      "iam:CreateServiceLinkedRole"
     ],
     "attributes": {
       "tags": [
diff --git a/src/mapping/aws/resource/memorydb/aws_memorydb_user.json b/src/mapping/aws/resource/memorydb/aws_memorydb_user.json
index f22628b1..afecb602 100644
--- a/src/mapping/aws/resource/memorydb/aws_memorydb_user.json
+++ b/src/mapping/aws/resource/memorydb/aws_memorydb_user.json
@@ -4,7 +4,8 @@
       "memorydb:CreateUser",
       "memorydb:DescribeUsers",
       "memorydb:ListTags",
-      "memorydb:DeleteUser"
+      "memorydb:DeleteUser",
+      "iam:CreateServiceLinkedRole"
     ],
     "attributes": {
       "tags": [
@@ -12,8 +13,18 @@
         "memorydb:UntagResource"
       ]
     },
-    "destroy": [],
-    "modify": [],
-    "plan": []
+    "destroy": [
+      "memorydb:DeleteUser",
+      "memorydb:DescribeUsers"
+    ],
+    "modify": [
+      "memorydb:UpdateUser",
+      "memorydb:DescribeUsers",
+      "memorydb:ListTags"
+    ],
+    "plan": [
+      "memorydb:DescribeUsers",
+      "memorydb:ListTags"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/mq/aws_mq_configuration.json b/src/mapping/aws/resource/mq/aws_mq_configuration.json
index bf2bea38..d6de62d3 100644
--- a/src/mapping/aws/resource/mq/aws_mq_configuration.json
+++ b/src/mapping/aws/resource/mq/aws_mq_configuration.json
@@ -3,6 +3,7 @@
     "apply": [
       "mq:CreateConfiguration",
       "mq:UpdateConfiguration",
+      "mq:DeleteConfiguration",
       "mq:DescribeConfiguration",
       "mq:DescribeConfigurationRevision",
       "mq:RebootBroker",
@@ -14,7 +15,9 @@
         "mq:DeleteTags"
       ]
     },
-    "destroy": [],
+    "destroy": [
+      "mq:DeleteConfiguration"
+    ],
     "modify": [
       "mq:UpdateConfiguration"
     ],
diff --git a/src/mapping/aws/resource/notifications-contacts/aws_notificationscontacts_email_contact.json b/src/mapping/aws/resource/notifications-contacts/aws_notificationscontacts_email_contact.json
new file mode 100644
index 00000000..e6f425e9
--- /dev/null
+++ b/src/mapping/aws/resource/notifications-contacts/aws_notificationscontacts_email_contact.json
@@ -0,0 +1,24 @@
+[
+  {
+    "apply": [
+      "notifications-contacts:CreateEmailContact",
+      "notifications-contacts:GetEmailContact",
+      "notifications-contacts:SendActivationCode",
+      "notifications-contacts:ListTagsForResource",
+      "notifications-contacts:DeleteEmailContact"
+    ],
+    "attributes": {
+      "tags": [
+        "notifications-contacts:TagResource",
+        "notifications-contacts:UntagResource"
+      ]
+    },
+    "destroy": [
+      "notifications-contacts:DeleteEmailContact"
+    ],
+    "modify": [],
+    "plan": [
+      "notifications-contacts:GetEmailContact"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/notifications/aws_notifications_channel_association.json b/src/mapping/aws/resource/notifications/aws_notifications_channel_association.json
new file mode 100644
index 00000000..af10fbdd
--- /dev/null
+++ b/src/mapping/aws/resource/notifications/aws_notifications_channel_association.json
@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "notifications:AssociateChannel",
+      "notifications:DisassociateChannel",
+      "notifications:ListChannels"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "notifications:DisassociateChannel"
+    ],
+    "modify": [],
+    "plan": [
+      "notifications:ListChannels"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/notifications/aws_notifications_event_rule.json b/src/mapping/aws/resource/notifications/aws_notifications_event_rule.json
new file mode 100644
index 00000000..75e4a382
--- /dev/null
+++ b/src/mapping/aws/resource/notifications/aws_notifications_event_rule.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "notifications:CreateEventRule",
+      "notifications:GetEventRule",
+      "notifications:DeleteEventRule"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "notifications:DeleteEventRule"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/notifications/aws_notifications_notification_configuration.json b/src/mapping/aws/resource/notifications/aws_notifications_notification_configuration.json
new file mode 100644
index 00000000..f79244f5
--- /dev/null
+++ b/src/mapping/aws/resource/notifications/aws_notifications_notification_configuration.json
@@ -0,0 +1,26 @@
+[
+  {
+    "apply": [
+      "notifications:ListTagsForResource",
+      "notifications:CreateNotificationConfiguration",
+      "notifications:GetNotificationConfiguration",
+      "notifications:DeleteNotificationConfiguration",
+      "notifications:UpdateNotificationConfiguration"
+    ],
+    "attributes": {
+      "tags": [
+        "notifications:TagResource",
+        "notifications:UntagResource"
+      ]
+    },
+    "destroy": [
+      "notifications:DeleteNotificationConfiguration"
+    ],
+    "modify": [
+      "notifications:UpdateNotificationConfiguration"
+    ],
+    "plan": [
+      "notifications:GetNotificationConfiguration"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/notifications/aws_notifications_notification_hub.json b/src/mapping/aws/resource/notifications/aws_notifications_notification_hub.json
new file mode 100644
index 00000000..7431d8fc
--- /dev/null
+++ b/src/mapping/aws/resource/notifications/aws_notifications_notification_hub.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "notifications:RegisterNotificationHub",
+      "notifications:DeregisterNotificationHub",
+      "iam:CreateServiceLinkedRole",
+      "notifications:ListNotificationHubs"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "notifications:DeregisterNotificationHub"
+    ],
+    "modify": [],
+    "plan": [
+      "notifications:ListNotificationHubs"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/quicksight/aws_quicksight_account_settings.json b/src/mapping/aws/resource/quicksight/aws_quicksight_account_settings.json
new file mode 100644
index 00000000..5709f942
--- /dev/null
+++ b/src/mapping/aws/resource/quicksight/aws_quicksight_account_settings.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "quicksight:UpdateAccountSettings"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/redshift-serverless/aws_redshiftserverless_workgroup.json b/src/mapping/aws/resource/redshift-serverless/aws_redshiftserverless_workgroup.json
index 6ae53961..c317a930 100644
--- a/src/mapping/aws/resource/redshift-serverless/aws_redshiftserverless_workgroup.json
+++ b/src/mapping/aws/resource/redshift-serverless/aws_redshiftserverless_workgroup.json
@@ -14,7 +14,9 @@
       "redshift-serverless:GetNamespace",
       "redshift-serverless:DeleteWorkgroup",
       "redshift-serverless:UpdateWorkgroup",
-      "redshift-serverless:ListTagsForResource"
+      "redshift-serverless:ListTagsForResource",
+      "redshift-serverless:RestoreFromSnapshot",
+      "redshift-serverless:RestoreFromRecoveryPoint"
     ],
     "attributes": {
       "tags": [
@@ -35,7 +37,9 @@
       "redshift-serverless:DeleteWorkgroup"
     ],
     "modify": [
-      "redshift-serverless:UpdateWorkgroup"
+      "redshift-serverless:UpdateWorkgroup",
+      "redshift-serverless:RestoreFromSnapshot",
+      "redshift-serverless:RestoreFromRecoveryPoint"
     ],
     "plan": []
   }
diff --git a/src/mapping/aws/resource/redshift/aws_redshift_integration.json b/src/mapping/aws/resource/redshift/aws_redshift_integration.json
new file mode 100644
index 00000000..e8870c6a
--- /dev/null
+++ b/src/mapping/aws/resource/redshift/aws_redshift_integration.json
@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "redshift:CreateIntegration",
+      "redshift:DescribeIntegrations",
+      "redshift:DeleteIntegration",
+      "redshift:ModifyIntegration"
+    ],
+    "attributes": {
+      "tags": [
+        "redshift:CreateTags",
+        "redshift:DeleteTags"
+      ]
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/route53-recovery-readiness/aws_route53recoverycontrolconfig_cluster.json b/src/mapping/aws/resource/route53-recovery-readiness/aws_route53recoverycontrolconfig_cluster.json
index ce042d56..37a29942 100644
--- a/src/mapping/aws/resource/route53-recovery-readiness/aws_route53recoverycontrolconfig_cluster.json
+++ b/src/mapping/aws/resource/route53-recovery-readiness/aws_route53recoverycontrolconfig_cluster.json
@@ -16,7 +16,11 @@
       "route53-recovery-control-config:DescribeCluster",
       "route53-recovery-control-config:DeleteCluster"
     ],
-    "modify": [],
+    "modify": [
+      "route53-recovery-control-config:DescribeCluster",
+      "route53-recovery-control-config:ListTagsForResource",
+      "route53-recovery-control-config:UpdateCluster"
+    ],
     "plan": [
       "route53-recovery-control-config:DescribeCluster",
       "route53-recovery-control-config:ListTagsForResource"
diff --git a/src/mapping/aws/resource/route53resolver/aws_route53_resolver_query_log_config.json b/src/mapping/aws/resource/route53resolver/aws_route53_resolver_query_log_config.json
index 47006653..97f044e3 100644
--- a/src/mapping/aws/resource/route53resolver/aws_route53_resolver_query_log_config.json
+++ b/src/mapping/aws/resource/route53resolver/aws_route53_resolver_query_log_config.json
@@ -15,12 +15,14 @@
       "resolverquerylogging:GetConfig",
       "resolverquerylogging:ListConfig",
       "route53resolver:DeleteResolverQueryLogConfig",
-      "route53resolver:GetResolverQueryLogConfig"
+      "route53resolver:GetResolverQueryLogConfig",
+      "route53resolver:ListTagsForResource",
+      "route53resolver:ListResolverQueryLogConfigs"
     ],
     "attributes": {
       "tags": [
-        "route53resolver:ListTagsForResource",
-        "route53resolver:TagResource"
+        "route53resolver:TagResource",
+        "route53resolver:UntagResource"
       ]
     },
     "destroy": [
@@ -29,6 +31,11 @@
       "resolverquerylogging:ListConfig"
     ],
     "modify": [],
-    "plan": []
+    "plan": [
+      "resolverquerylogging:GetConfig",
+      "route53resolver:GetResolverQueryLogConfig",
+      "route53resolver:ListTagsForResource",
+      "route53resolver:ListResolverQueryLogConfigs"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/s3/aws_s3_bucket_ownership_controls.json b/src/mapping/aws/resource/s3/aws_s3_bucket_ownership_controls.json
index ba178a1a..c5e7395a 100644
--- a/src/mapping/aws/resource/s3/aws_s3_bucket_ownership_controls.json
+++ b/src/mapping/aws/resource/s3/aws_s3_bucket_ownership_controls.json
@@ -1,9 +1,8 @@
 [
   {
     "apply": [
-      "s3:GetIntelligentTieringConfiguration",
-      "s3:PutIntelligentTieringConfiguration",
-      "ec2:DescribeAccountAttributes"
+      "s3:PutBucketOwnershipControls",
+      "s3:GetBucketOwnershipControls"
     ],
     "attributes": {
       "tags": []
diff --git a/src/mapping/aws/resource/s3control/aws_s3control_directory_bucket_access_point_scope.json b/src/mapping/aws/resource/s3control/aws_s3control_directory_bucket_access_point_scope.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/aws/resource/s3control/aws_s3control_directory_bucket_access_point_scope.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/s3tables/aws_s3tables_table_bucket.json b/src/mapping/aws/resource/s3tables/aws_s3tables_table_bucket.json
index a2967b75..f8ef7441 100644
--- a/src/mapping/aws/resource/s3tables/aws_s3tables_table_bucket.json
+++ b/src/mapping/aws/resource/s3tables/aws_s3tables_table_bucket.json
@@ -3,8 +3,11 @@
     "apply": [
       "s3tables:CreateTableBucket",
       "s3tables:PutTableBucketMaintenanceConfiguration",
+      "s3tables:PutTableBucketEncryption",
       "s3tables:GetTableBucket",
       "s3tables:GetTableBucketMaintenanceConfiguration",
+      "s3tables:GetTableBucketEncryption",
+      "kms:DescribeKey",
       "s3tables:DeleteTableBucket"
     ],
     "attributes": {
@@ -15,12 +18,16 @@
     ],
     "modify": [
       "s3tables:PutTableBucketMaintenanceConfiguration",
+      "s3tables:PutTableBucketEncryption",
+      "s3tables:GetTableBucketMaintenanceConfiguration",
+      "s3tables:GetTableBucketEncryption",
       "s3tables:GetTableBucket",
-      "s3tables:GetTableBucketMaintenanceConfiguration"
+      "kms:DescribeKey"
     ],
     "plan": [
       "s3tables:GetTableBucket",
-      "s3tables:GetTableBucketMaintenanceConfiguration"
+      "s3tables:GetTableBucketMaintenanceConfiguration",
+      "s3tables:GetTableBucketEncryption"
     ]
   }
 ]
diff --git a/src/mapping/aws/resource/wafv2/aws_wafv2_api_key.json b/src/mapping/aws/resource/wafv2/aws_wafv2_api_key.json
new file mode 100644
index 00000000..24bd6ce1
--- /dev/null
+++ b/src/mapping/aws/resource/wafv2/aws_wafv2_api_key.json
@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "wafv2:CreateAPIKey",
+      "wafv2:DeleteAPIKey",
+      "wafv2:ListAPIKeys"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "wafv2:DeleteAPIKey"
+    ],
+    "modify": [],
+    "plan": [
+      "wafv2:ListAPIKeys"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/wafv2/aws_wafv2_web_acl_association.json b/src/mapping/aws/resource/wafv2/aws_wafv2_web_acl_association.json
index c198cc5d..3d8f3385 100644
--- a/src/mapping/aws/resource/wafv2/aws_wafv2_web_acl_association.json
+++ b/src/mapping/aws/resource/wafv2/aws_wafv2_web_acl_association.json
@@ -3,6 +3,10 @@
     "apply": [
       "wafv2:AssociateWebACL",
       "wafv2:GetWebACLForResource",
+      "wafv2:GetWebACL",
+      "wafv2:DisassociateWebACL",
+      "wafv2:PutPermissionPolicy",
+      "wafv2:GetPermissionPolicy",
       "apigateway:SetWebACL",
       "elasticloadbalancing:SetWebAcl",
       "appsync:SetWebACL",
@@ -11,17 +15,75 @@
       "cognito-idp:ListResourcesForWebACL",
       "apprunner:ListAssociatedServicesForWebAcl",
       "apprunner:AssociateWebAcl",
-      "apprunner:DescribeWebAclForService"
+      "apprunner:DescribeWebAclForService",
+      "ec2:AssociateVerifiedAccessInstanceWebAcl",
+      "ec2:DisassociateVerifiedAccessInstanceWebAcl",
+      "ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
+      "ec2:GetVerifiedAccessInstanceWebAcl"
     ],
     "attributes": {
       "tags": []
     },
     "destroy": [
+      "wafv2:AssociateWebACL",
+      "wafv2:GetWebACLForResource",
+      "wafv2:GetWebACL",
+      "wafv2:DisassociateWebACL",
+      "wafv2:PutPermissionPolicy",
+      "elasticloadbalancing:SetWebACL",
+      "apigateway:SetWebACL",
+      "appsync:SetWebACL",
+      "cognito-idp:AssociateWebACL",
+      "cognito-idp:DisassociateWebACL",
+      "cognito-idp:GetWebACLForResource",
+      "apprunner:AssociateWebAcl",
+      "apprunner:DisassociateWebAcl",
+      "apprunner:DescribeWebAclForService",
+      "ec2:AssociateVerifiedAccessInstanceWebAcl",
+      "ec2:DisassociateVerifiedAccessInstanceWebAcl",
+      "ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
+      "ec2:GetVerifiedAccessInstanceWebAcl",
+      "amplify:DisassociateWebACL",
+      "amplify:GetWebACLForResource"
+    ],
+    "modify": [
+      "wafv2:AssociateWebACL",
+      "wafv2:GetWebACLForResource",
+      "wafv2:GetWebACL",
+      "wafv2:DisassociateWebACL",
+      "elasticloadbalancing:SetWebACL",
+      "apigateway:SetWebACL",
+      "appsync:SetWebACL",
+      "cognito-idp:AssociateWebACL",
       "cognito-idp:DisassociateWebACL",
+      "cognito-idp:GetWebACLForResource",
+      "apprunner:AssociateWebAcl",
       "apprunner:DisassociateWebAcl",
-      "wafv2:DisassociateWebACL"
+      "apprunner:DescribeWebAclForService",
+      "ec2:AssociateVerifiedAccessInstanceWebAcl",
+      "ec2:DisassociateVerifiedAccessInstanceWebAcl",
+      "ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
+      "ec2:GetVerifiedAccessInstanceWebAcl"
     ],
-    "modify": [],
-    "plan": []
+    "plan": [
+      "wafv2:AssociateWebACL",
+      "wafv2:GetWebACLForResource",
+      "wafv2:GetWebACL",
+      "wafv2:DisassociateWebACL",
+      "elasticloadbalancing:SetWebACL",
+      "apigateway:SetWebACL",
+      "appsync:SetWebACL",
+      "cognito-idp:AssociateWebACL",
+      "cognito-idp:DisassociateWebACL",
+      "cognito-idp:GetWebACLForResource",
+      "apprunner:AssociateWebAcl",
+      "apprunner:DisassociateWebAcl",
+      "apprunner:DescribeWebAclForService",
+      "ec2:AssociateVerifiedAccessInstanceWebAcl",
+      "ec2:DisassociateVerifiedAccessInstanceWebAcl",
+      "ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
+      "ec2:GetVerifiedAccessInstanceWebAcl",
+      "amplify:GetWebACLForResource"
+    ]
   }
 ]
diff --git a/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_browser_settings.json b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_browser_settings.json
new file mode 100644
index 00000000..c0e0be44
--- /dev/null
+++ b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_browser_settings.json
@@ -0,0 +1,23 @@
+[
+  {
+    "apply": [
+      "workspaces-web:CreateBrowserSettings",
+      "workspaces-web:GetBrowserSettings",
+      "workspaces-web:ListTagsForResource",
+      "workspaces-web:DeleteBrowserSettings"
+    ],
+    "attributes": {
+      "tags": [
+        "workspaces-web:TagResource",
+        "workspaces-web:UntagResource"
+      ]
+    },
+    "destroy": [
+      "workspaces-web:DeleteBrowserSettings"
+    ],
+    "modify": [],
+    "plan": [
+      "workspaces-web:GetBrowserSettings"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_data_protection_settings.json b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_data_protection_settings.json
new file mode 100644
index 00000000..6eec7e6d
--- /dev/null
+++ b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_data_protection_settings.json
@@ -0,0 +1,34 @@
+[
+  {
+    "apply": [
+      "workspaces-web:GetDataProtectionSettings",
+      "workspaces-web:AssociateDataProtectionSettings",
+      "workspaces-web:CreateDataProtectionSettings",
+      "workspaces-web:DeleteDataProtectionSettings",
+      "workspaces-web:DisassociateDataProtectionSettings",
+      "workspaces-web:UpdateDataProtectionSettings",
+      "workspaces-web:ListTagsForResource"
+    ],
+    "attributes": {
+      "customer_managed_key": [
+        "kms:DescribeKey",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
+      ],
+      "tags": [
+        "workspaces-web:TagResource",
+        "workspaces-web:UntagResource"
+      ]
+    },
+    "destroy": [
+      "workspaces-web:DeleteDataProtectionSettings",
+      "workspaces-web:DisassociateDataProtectionSettings"
+    ],
+    "modify": [
+      "workspaces-web:UpdateDataProtectionSettings"
+    ],
+    "plan": [
+      "workspaces-web:GetDataProtectionSettings"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_ip_access_settings.json b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_ip_access_settings.json
new file mode 100644
index 00000000..51311ff4
--- /dev/null
+++ b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_ip_access_settings.json
@@ -0,0 +1,34 @@
+[
+  {
+    "apply": [
+      "workspaces-web:GetIpAccessSettings",
+      "workspaces-web:AssociateIpAccessSettings",
+      "workspaces-web:CreateIpAccessSettings",
+      "workspaces-web:DeleteIpAccessSettings",
+      "workspaces-web:DisassociateIpAccessSettings",
+      "workspaces-web:UpdateIpAccessSettings",
+      "workspaces-web:ListTagsForResource"
+    ],
+    "attributes": {
+      "customer_managed_key": [
+        "kms:DescribeKey",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
+      ],
+      "tags": [
+        "workspaces-web:TagResource",
+        "workspaces-web:UntagResource"
+      ]
+    },
+    "destroy": [
+      "workspaces-web:DeleteIpAccessSettings",
+      "workspaces-web:DisassociateIpAccessSettings"
+    ],
+    "modify": [
+      "workspaces-web:UpdateIpAccessSettings"
+    ],
+    "plan": [
+      "workspaces-web:GetIpAccessSettings"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_network_settings.json b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_network_settings.json
new file mode 100644
index 00000000..80c8088b
--- /dev/null
+++ b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_network_settings.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "workspaces-web:CreateNetworkSettings",
+      "iam:CreateServiceLinkedRole",
+      "workspaces-web:GetNetworkSettings",
+      "workspaces-web:DeleteNetworkSettings"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "workspaces-web:DeleteNetworkSettings"
+    ],
+    "modify": [],
+    "plan": [
+      "workspaces-web:GetNetworkSettings"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_user_access_logging_settings.json b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_user_access_logging_settings.json
new file mode 100644
index 00000000..199da10c
--- /dev/null
+++ b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_user_access_logging_settings.json
@@ -0,0 +1,29 @@
+[
+  {
+    "apply": [
+      "workspaces-web:GetUserAccessLoggingSettings",
+      "workspaces-web:AssociateUserAccessLoggingSettings",
+      "workspaces-web:CreateUserAccessLoggingSettings",
+      "workspaces-web:DeleteUserAccessLoggingSettings",
+      "workspaces-web:DisassociateUserAccessLoggingSettings",
+      "workspaces-web:UpdateUserAccessLoggingSettings",
+      "workspaces-web:ListTagsForResource"
+    ],
+    "attributes": {
+      "tags": [
+        "workspaces-web:TagResource",
+        "workspaces-web:UntagResource"
+      ]
+    },
+    "destroy": [
+      "workspaces-web:DeleteUserAccessLoggingSettings",
+      "workspaces-web:DisassociateUserAccessLoggingSettings"
+    ],
+    "modify": [
+      "workspaces-web:UpdateUserAccessLoggingSettings"
+    ],
+    "plan": [
+      "workspaces-web:GetUserAccessLoggingSettings"
+    ]
+  }
+]
diff --git a/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_user_settings.json b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_user_settings.json
new file mode 100644
index 00000000..e7f33392
--- /dev/null
+++ b/src/mapping/aws/resource/workspaces-web/aws_workspacesweb_user_settings.json
@@ -0,0 +1,25 @@
+[
+  {
+    "apply": [
+      "workspaces-web:CreateUserSettings",
+      "workspaces-web:GetUserSettings",
+      "workspaces-web:DeleteUserSettings"
+    ],
+    "attributes": {
+      "customer_managed_key": [
+        "kms:CreateGrant",
+        "kms:Decrypt",
+        "kms:GenerateDataKey"
+      ],
+      "tags": [
+        "workspaces-web:TagResource",
+        "workspaces-web:UntagResource"
+      ]
+    },
+    "destroy": [
+      "workspaces-web:DeleteUserSettings"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/data/accesscontextmanager/google_access_context_manager_access_policy.json b/src/mapping/google/data/accesscontextmanager/google_access_context_manager_access_policy.json
new file mode 100644
index 00000000..afae021d
--- /dev/null
+++ b/src/mapping/google/data/accesscontextmanager/google_access_context_manager_access_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "accesscontextmanager.accessPolicies.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/aiplatform/google_colab_runtime_template_iam_policy.json b/src/mapping/google/data/aiplatform/google_colab_runtime_template_iam_policy.json
new file mode 100644
index 00000000..3da82268
--- /dev/null
+++ b/src/mapping/google/data/aiplatform/google_colab_runtime_template_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.notebookRuntimeTemplates.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/aiplatform/google_vertex_ai_endpoint_iam_policy.json b/src/mapping/google/data/aiplatform/google_vertex_ai_endpoint_iam_policy.json
index 06c1511a..ea1d619b 100644
--- a/src/mapping/google/data/aiplatform/google_vertex_ai_endpoint_iam_policy.json
+++ b/src/mapping/google/data/aiplatform/google_vertex_ai_endpoint_iam_policy.json
@@ -1,13 +1,13 @@
-[
-  {
-    "apply": [],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [],
-    "modify": [],
-    "plan": [
-      "aiplatform.endpoints.getIamPolicy"
-    ]
-  }
-]
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.endpoints.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/aiplatform/google_vertex_ai_feature_group_iam_policy.json b/src/mapping/google/data/aiplatform/google_vertex_ai_feature_group_iam_policy.json
new file mode 100644
index 00000000..ccf0b032
--- /dev/null
+++ b/src/mapping/google/data/aiplatform/google_vertex_ai_feature_group_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.featureGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json b/src/mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json
new file mode 100644
index 00000000..127bb5ee
--- /dev/null
+++ b/src/mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.featureViews.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json b/src/mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json
new file mode 100644
index 00000000..c74a5567
--- /dev/null
+++ b/src/mapping/google/data/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.featureOnlineStores.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/alloydb/google_alloydb_cluster.json b/src/mapping/google/data/alloydb/google_alloydb_cluster.json
new file mode 100644
index 00000000..1cce33cc
--- /dev/null
+++ b/src/mapping/google/data/alloydb/google_alloydb_cluster.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "alloydb.clusters.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/alloydb/google_alloydb_instance.json b/src/mapping/google/data/alloydb/google_alloydb_instance.json
new file mode 100644
index 00000000..7274b00b
--- /dev/null
+++ b/src/mapping/google/data/alloydb/google_alloydb_instance.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "alloydb.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/apphub/google_apphub_application.json b/src/mapping/google/data/apphub/google_apphub_application.json
new file mode 100644
index 00000000..2ec65918
--- /dev/null
+++ b/src/mapping/google/data/apphub/google_apphub_application.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "apphub.applications.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/apphub/google_apphub_discovered_service.json b/src/mapping/google/data/apphub/google_apphub_discovered_service.json
new file mode 100644
index 00000000..e3666bc5
--- /dev/null
+++ b/src/mapping/google/data/apphub/google_apphub_discovered_service.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "apphub.discoveredServices.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/apphub/google_apphub_discovered_workload.json b/src/mapping/google/data/apphub/google_apphub_discovered_workload.json
new file mode 100644
index 00000000..8e927429
--- /dev/null
+++ b/src/mapping/google/data/apphub/google_apphub_discovered_workload.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "apphub.discoveredWorkloads.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_docker_image.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_docker_image.json
new file mode 100644
index 00000000..69011de9
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_docker_image.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.dockerimages.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_docker_images.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_docker_images.json
new file mode 100644
index 00000000..69011de9
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_docker_images.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.dockerimages.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_locations.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_locations.json
new file mode 100644
index 00000000..4891926d
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_locations.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.locations.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_maven_artifact.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_maven_artifact.json
new file mode 100644
index 00000000..ddb1f11f
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_maven_artifact.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.mavenartifacts.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_maven_artifacts.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_maven_artifacts.json
new file mode 100644
index 00000000..ddb1f11f
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_maven_artifacts.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.mavenartifacts.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_npm_package.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_npm_package.json
new file mode 100644
index 00000000..41734918
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_npm_package.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.npmpackages.get",
+      "artifactregistry.npmpackages.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_npm_packages.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_npm_packages.json
new file mode 100644
index 00000000..24f09962
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_npm_packages.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.npmpackages.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_packages.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_packages.json
new file mode 100644
index 00000000..b84e9205
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_packages.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.packages.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_python_package.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_python_package.json
new file mode 100644
index 00000000..ae771808
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_python_package.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.pythonpackages.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_repositories.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_repositories.json
new file mode 100644
index 00000000..798dcfba
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_repositories.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.repositories.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_tags.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_tags.json
new file mode 100644
index 00000000..802bc9f8
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_tags.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.tags.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_version.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_version.json
new file mode 100644
index 00000000..f3593703
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_version.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.versions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/artifactregistry/google_artifact_registry_versions.json b/src/mapping/google/data/artifactregistry/google_artifact_registry_versions.json
new file mode 100644
index 00000000..b99feff0
--- /dev/null
+++ b/src/mapping/google/data/artifactregistry/google_artifact_registry_versions.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "artifactregistry.versions.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/backend/gcs.json b/src/mapping/google/data/backend/gcs.json
new file mode 100644
index 00000000..d9f17369
--- /dev/null
+++ b/src/mapping/google/data/backend/gcs.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "storage.buckets.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/data/backupdr/google_backup_dr_backup.json b/src/mapping/google/data/backupdr/google_backup_dr_backup.json
new file mode 100644
index 00000000..105f695d
--- /dev/null
+++ b/src/mapping/google/data/backupdr/google_backup_dr_backup.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "backupdr.bvbackups.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/backupdr/google_backup_dr_backup_plan_association.json b/src/mapping/google/data/backupdr/google_backup_dr_backup_plan_association.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/data/backupdr/google_backup_dr_backup_plan_association.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/data/backupdr/google_backup_dr_backup_plan_associations.json b/src/mapping/google/data/backupdr/google_backup_dr_backup_plan_associations.json
new file mode 100644
index 00000000..bdc9afa1
--- /dev/null
+++ b/src/mapping/google/data/backupdr/google_backup_dr_backup_plan_associations.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "backupdr.backupPlanAssociations.fetchForAlloydbCluster",
+      "backupdr.backupPlanAssociations.fetchForCloudSqlInstance",
+      "backupdr.backupPlanAssociations.fetchForComputeDisk",
+      "backupdr.backupPlanAssociations.fetchForComputeInstance",
+      "backupdr.backupPlanAssociations.getForAlloydbCluster",
+      "backupdr.backupPlanAssociations.getForCloudSqlInstance",
+      "backupdr.backupPlanAssociations.getForComputeDisk",
+      "backupdr.backupPlanAssociations.getForComputeInstance"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/backupdr/google_backup_dr_backup_vault.json b/src/mapping/google/data/backupdr/google_backup_dr_backup_vault.json
new file mode 100644
index 00000000..b168f19b
--- /dev/null
+++ b/src/mapping/google/data/backupdr/google_backup_dr_backup_vault.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "backupdr.backupVaults.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/backupdr/google_backup_dr_data_source.json b/src/mapping/google/data/backupdr/google_backup_dr_data_source.json
new file mode 100644
index 00000000..aa3071ae
--- /dev/null
+++ b/src/mapping/google/data/backupdr/google_backup_dr_data_source.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "backupdr.bvdataSources.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/backupdr/google_backup_dr_data_source_reference.json b/src/mapping/google/data/backupdr/google_backup_dr_data_source_reference.json
new file mode 100644
index 00000000..8e13b3a7
--- /dev/null
+++ b/src/mapping/google/data/backupdr/google_backup_dr_data_source_reference.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "backupdr.dataSourceReferences.fetchForAlloydbCluster",
+      "backupdr.dataSourceReferences.fetchForCloudSqlInstance"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/backupdr/google_backup_dr_data_source_references.json b/src/mapping/google/data/backupdr/google_backup_dr_data_source_references.json
new file mode 100644
index 00000000..8e13b3a7
--- /dev/null
+++ b/src/mapping/google/data/backupdr/google_backup_dr_data_source_references.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "backupdr.dataSourceReferences.fetchForAlloydbCluster",
+      "backupdr.dataSourceReferences.fetchForCloudSqlInstance"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/beyondcorp/google_beyondcorp_application_iam_policy.json b/src/mapping/google/data/beyondcorp/google_beyondcorp_application_iam_policy.json
new file mode 100644
index 00000000..0b458b2b
--- /dev/null
+++ b/src/mapping/google/data/beyondcorp/google_beyondcorp_application_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "beyondcorp.sgApplications.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway.json b/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway.json
new file mode 100644
index 00000000..c1445d5f
--- /dev/null
+++ b/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "beyondcorp.securityGateways.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json b/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json
new file mode 100644
index 00000000..fe15993f
--- /dev/null
+++ b/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "beyondcorp.sgApplications.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json b/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json
new file mode 100644
index 00000000..a044be57
--- /dev/null
+++ b/src/mapping/google/data/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "beyondcorp.securityGateways.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/bigquery/google_bigquery_datapolicyv2_data_policy_iam_policy.json b/src/mapping/google/data/bigquery/google_bigquery_datapolicyv2_data_policy_iam_policy.json
new file mode 100644
index 00000000..7fb8dfed
--- /dev/null
+++ b/src/mapping/google/data/bigquery/google_bigquery_datapolicyv2_data_policy_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "bigquery.dataPolicies.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/binaryauthorization/google_binary_authorization_attestor_iam_policy.json b/src/mapping/google/data/binaryauthorization/google_binary_authorization_attestor_iam_policy.json
index fdd86e07..74f73db3 100644
--- a/src/mapping/google/data/binaryauthorization/google_binary_authorization_attestor_iam_policy.json
+++ b/src/mapping/google/data/binaryauthorization/google_binary_authorization_attestor_iam_policy.json
@@ -1,13 +1,13 @@
-[
-  {
-    "apply": [],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [],
-    "modify": [],
-    "plan": [
-      "binaryauthorization.attestors.getIamPolicy"
-    ]
-  }
-]
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "binaryauthorization.attestors.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/certificatemanager/google_certificate_manager_certificates.json b/src/mapping/google/data/certificatemanager/google_certificate_manager_certificates.json
new file mode 100644
index 00000000..ba630f21
--- /dev/null
+++ b/src/mapping/google/data/certificatemanager/google_certificate_manager_certificates.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "certificatemanager.certs.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/certificatemanager/google_certificate_manager_dns_authorization.json b/src/mapping/google/data/certificatemanager/google_certificate_manager_dns_authorization.json
new file mode 100644
index 00000000..4a9a2317
--- /dev/null
+++ b/src/mapping/google/data/certificatemanager/google_certificate_manager_dns_authorization.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "certificatemanager.operations.get",
+      "certificatemanager.dnsauthorizations.get",
+      "certificatemanager.dnsauthorizations.list",
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/cloudaicompanion/google_gemini_repository_group_iam_policy.json b/src/mapping/google/data/cloudaicompanion/google_gemini_repository_group_iam_policy.json
new file mode 100644
index 00000000..5476b8c9
--- /dev/null
+++ b/src/mapping/google/data/cloudaicompanion/google_gemini_repository_group_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudaicompanion.repositoryGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json b/src/mapping/google/data/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json
new file mode 100644
index 00000000..73c9b912
--- /dev/null
+++ b/src/mapping/google/data/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "clouddeploy.customTargetTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json b/src/mapping/google/data/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json
new file mode 100644
index 00000000..31272d00
--- /dev/null
+++ b/src/mapping/google/data/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "clouddeploy.deliveryPipelines.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/clouddeploy/google_clouddeploy_target_iam_policy.json b/src/mapping/google/data/clouddeploy/google_clouddeploy_target_iam_policy.json
new file mode 100644
index 00000000..eebf7fb2
--- /dev/null
+++ b/src/mapping/google/data/clouddeploy/google_clouddeploy_target_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "clouddeploy.targets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/cloudkms/google_kms_ekm_connection_iam_policy.json b/src/mapping/google/data/cloudkms/google_kms_ekm_connection_iam_policy.json
new file mode 100644
index 00000000..0734c60f
--- /dev/null
+++ b/src/mapping/google/data/cloudkms/google_kms_ekm_connection_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.ekmConnections.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/cloudkms/google_kms_key_handle.json b/src/mapping/google/data/cloudkms/google_kms_key_handle.json
new file mode 100644
index 00000000..3bbad249
--- /dev/null
+++ b/src/mapping/google/data/cloudkms/google_kms_key_handle.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.keyHandles.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/cloudkms/google_kms_key_handles.json b/src/mapping/google/data/cloudkms/google_kms_key_handles.json
new file mode 100644
index 00000000..25f97c9b
--- /dev/null
+++ b/src/mapping/google/data/cloudkms/google_kms_key_handles.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.keyHandles.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/cloudkms/google_kms_key_rings.json b/src/mapping/google/data/cloudkms/google_kms_key_rings.json
new file mode 100644
index 00000000..2432d185
--- /dev/null
+++ b/src/mapping/google/data/cloudkms/google_kms_key_rings.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.keyRings.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/cloudtasks/google_cloud_tasks_queue_iam_policy.json b/src/mapping/google/data/cloudtasks/google_cloud_tasks_queue_iam_policy.json
index 7870ac9d..4acf6298 100644
--- a/src/mapping/google/data/cloudtasks/google_cloud_tasks_queue_iam_policy.json
+++ b/src/mapping/google/data/cloudtasks/google_cloud_tasks_queue_iam_policy.json
@@ -7,6 +7,7 @@
     "destroy": [],
     "modify": [],
     "plan": [
+      "cloudtasks.queues.getIamPolicy",
       "cloudtasks.queues.list"
     ]
   }
diff --git a/src/mapping/google/data/composer/google_composer_user_workloads_config_map.json b/src/mapping/google/data/composer/google_composer_user_workloads_config_map.json
new file mode 100644
index 00000000..2a775b35
--- /dev/null
+++ b/src/mapping/google/data/composer/google_composer_user_workloads_config_map.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "composer.userworkloadsconfigmaps.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/composer/google_composer_user_workloads_secret.json b/src/mapping/google/data/composer/google_composer_user_workloads_secret.json
new file mode 100644
index 00000000..f44e79bf
--- /dev/null
+++ b/src/mapping/google/data/composer/google_composer_user_workloads_secret.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "composer.userworkloadssecrets.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_forwarding_rules.json b/src/mapping/google/data/compute/google_compute_forwarding_rules.json
new file mode 100644
index 00000000..6c5fb9f7
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_forwarding_rules.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.forwardingRules.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_images.json b/src/mapping/google/data/compute/google_compute_images.json
new file mode 100644
index 00000000..ab20d72f
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_images.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.images.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_instance_guest_attributes.json b/src/mapping/google/data/compute/google_compute_instance_guest_attributes.json
new file mode 100644
index 00000000..97fa2bf9
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_instance_guest_attributes.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_instance_template_iam_policy.json b/src/mapping/google/data/compute/google_compute_instance_template_iam_policy.json
new file mode 100644
index 00000000..44b739bd
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_instance_template_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.instanceTemplates.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_instant_snapshot_iam_policy.json b/src/mapping/google/data/compute/google_compute_instant_snapshot_iam_policy.json
new file mode 100644
index 00000000..675666dd
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_instant_snapshot_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.instantSnapshots.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_interconnect_location.json b/src/mapping/google/data/compute/google_compute_interconnect_location.json
new file mode 100644
index 00000000..17999352
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_interconnect_location.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.interconnectLocations.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_interconnect_locations.json b/src/mapping/google/data/compute/google_compute_interconnect_locations.json
new file mode 100644
index 00000000..22c47504
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_interconnect_locations.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.interconnectLocations.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_machine_types.json b/src/mapping/google/data/compute/google_compute_machine_types.json
new file mode 100644
index 00000000..e30d0e42
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_machine_types.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.machineTypes.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_network.json b/src/mapping/google/data/compute/google_compute_network.json
index 017647b0..23f83a54 100644
--- a/src/mapping/google/data/compute/google_compute_network.json
+++ b/src/mapping/google/data/compute/google_compute_network.json
@@ -1,13 +1,13 @@
-[
-  {
-    "apply": [
-      "compute.networks.get"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [],
-    "modify": [],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.networks.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_network_attachment.json b/src/mapping/google/data/compute/google_compute_network_attachment.json
new file mode 100644
index 00000000..af2e79f8
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_network_attachment.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.networkAttachments.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_region_backend_service.json b/src/mapping/google/data/compute/google_compute_region_backend_service.json
new file mode 100644
index 00000000..d78140f0
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_region_backend_service.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.regionBackendServices.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_region_instance_group_manager.json b/src/mapping/google/data/compute/google_compute_region_instance_group_manager.json
new file mode 100644
index 00000000..6811400c
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_region_instance_group_manager.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.instanceGroupManagers.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_security_policy.json b/src/mapping/google/data/compute/google_compute_security_policy.json
new file mode 100644
index 00000000..5dd2e4dd
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_security_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.securityPolicies.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_storage_pool_iam_policy.json b/src/mapping/google/data/compute/google_compute_storage_pool_iam_policy.json
new file mode 100644
index 00000000..bff552c7
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_storage_pool_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.storagePools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_storage_pool_types.json b/src/mapping/google/data/compute/google_compute_storage_pool_types.json
new file mode 100644
index 00000000..8c87d2b7
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_storage_pool_types.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.storagePoolTypes.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/compute/google_compute_subnetworks.json b/src/mapping/google/data/compute/google_compute_subnetworks.json
new file mode 100644
index 00000000..74c16c70
--- /dev/null
+++ b/src/mapping/google/data/compute/google_compute_subnetworks.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.subnetworks.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/dataplex/google_dataplex_aspect_type_iam_policy.json b/src/mapping/google/data/dataplex/google_dataplex_aspect_type_iam_policy.json
new file mode 100644
index 00000000..da60ec9c
--- /dev/null
+++ b/src/mapping/google/data/dataplex/google_dataplex_aspect_type_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.aspectTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/dataplex/google_dataplex_data_quality_rules.json b/src/mapping/google/data/dataplex/google_dataplex_data_quality_rules.json
new file mode 100644
index 00000000..36049b2e
--- /dev/null
+++ b/src/mapping/google/data/dataplex/google_dataplex_data_quality_rules.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.datascans.getData"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/dataplex/google_dataplex_entry_group_iam_policy.json b/src/mapping/google/data/dataplex/google_dataplex_entry_group_iam_policy.json
new file mode 100644
index 00000000..a8c69d9a
--- /dev/null
+++ b/src/mapping/google/data/dataplex/google_dataplex_entry_group_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.entryGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/dataplex/google_dataplex_entry_type_iam_policy.json b/src/mapping/google/data/dataplex/google_dataplex_entry_type_iam_policy.json
new file mode 100644
index 00000000..087e095f
--- /dev/null
+++ b/src/mapping/google/data/dataplex/google_dataplex_entry_type_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.entryTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/dataplex/google_dataplex_glossary_iam_policy.json b/src/mapping/google/data/dataplex/google_dataplex_glossary_iam_policy.json
new file mode 100644
index 00000000..b62f41cd
--- /dev/null
+++ b/src/mapping/google/data/dataplex/google_dataplex_glossary_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.glossaries.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/dns/google_dns_managed_zones.json b/src/mapping/google/data/dns/google_dns_managed_zones.json
new file mode 100644
index 00000000..3b2acf9e
--- /dev/null
+++ b/src/mapping/google/data/dns/google_dns_managed_zones.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dns.managedZones.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/gkehub/google_gke_hub_feature.json b/src/mapping/google/data/gkehub/google_gke_hub_feature.json
new file mode 100644
index 00000000..cce9a51f
--- /dev/null
+++ b/src/mapping/google/data/gkehub/google_gke_hub_feature.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkehub.features.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/gkehub/google_gke_hub_membership.json b/src/mapping/google/data/gkehub/google_gke_hub_membership.json
new file mode 100644
index 00000000..dfb486d1
--- /dev/null
+++ b/src/mapping/google/data/gkehub/google_gke_hub_membership.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkehub.memberships.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/gkemulticloud/google_container_attached_install_manifest.json b/src/mapping/google/data/gkemulticloud/google_container_attached_install_manifest.json
new file mode 100644
index 00000000..83957a8f
--- /dev/null
+++ b/src/mapping/google/data/gkemulticloud/google_container_attached_install_manifest.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkemulticloud.attachedClusters.generateInstallManifest"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/gkemulticloud/google_container_aws_versions.json b/src/mapping/google/data/gkemulticloud/google_container_aws_versions.json
new file mode 100644
index 00000000..48130687
--- /dev/null
+++ b/src/mapping/google/data/gkemulticloud/google_container_aws_versions.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkemulticloud.awsServerConfigs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/gkemulticloud/google_container_azure_versions.json b/src/mapping/google/data/gkemulticloud/google_container_azure_versions.json
new file mode 100644
index 00000000..a9f29ccf
--- /dev/null
+++ b/src/mapping/google/data/gkemulticloud/google_container_azure_versions.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkemulticloud.azureServerConfigs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/google_cloud_identity_policy.json b/src/mapping/google/data/google_cloud_identity_policy.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/data/google_cloud_identity_policy.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/data/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json b/src/mapping/google/data/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json
new file mode 100644
index 00000000..ce5cc002
--- /dev/null
+++ b/src/mapping/google/data/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.googleapis.com/workforcePools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iam/google_iam_workload_identity_pool.json b/src/mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool.json
similarity index 100%
rename from src/mapping/google/data/iam/google_iam_workload_identity_pool.json
rename to src/mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool.json
diff --git a/src/mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json b/src/mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json
new file mode 100644
index 00000000..0b36a48c
--- /dev/null
+++ b/src/mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.googleapis.com/workloadIdentityPools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iam/google_iam_workload_identity_pool_provider.json b/src/mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool_provider.json
similarity index 100%
rename from src/mapping/google/data/iam/google_iam_workload_identity_pool_provider.json
rename to src/mapping/google/data/iam.googleapis.com/google_iam_workload_identity_pool_provider.json
diff --git a/src/mapping/google/data/iam/google_organization_iam_custom_role.json b/src/mapping/google/data/iam/google_organization_iam_custom_role.json
new file mode 100644
index 00000000..a4b42a91
--- /dev/null
+++ b/src/mapping/google/data/iam/google_organization_iam_custom_role.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.roles.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iam/google_organization_iam_custom_roles.json b/src/mapping/google/data/iam/google_organization_iam_custom_roles.json
new file mode 100644
index 00000000..d410a5bd
--- /dev/null
+++ b/src/mapping/google/data/iam/google_organization_iam_custom_roles.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.roles.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iam/google_project_iam_custom_role.json b/src/mapping/google/data/iam/google_project_iam_custom_role.json
new file mode 100644
index 00000000..a4b42a91
--- /dev/null
+++ b/src/mapping/google/data/iam/google_project_iam_custom_role.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.roles.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iam/google_project_iam_custom_roles.json b/src/mapping/google/data/iam/google_project_iam_custom_roles.json
new file mode 100644
index 00000000..d410a5bd
--- /dev/null
+++ b/src/mapping/google/data/iam/google_project_iam_custom_roles.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.roles.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iam/google_service_accounts.json b/src/mapping/google/data/iam/google_service_accounts.json
new file mode 100644
index 00000000..e6331753
--- /dev/null
+++ b/src/mapping/google/data/iam/google_service_accounts.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.serviceAccounts.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iap/google_iap_tunnel_dest_group_iam_policy.json b/src/mapping/google/data/iap/google_iap_tunnel_dest_group_iam_policy.json
new file mode 100644
index 00000000..a3f66273
--- /dev/null
+++ b/src/mapping/google/data/iap/google_iap_tunnel_dest_group_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.tunnelDestGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iap/google_iap_web_cloud_run_service_iam_policy.json b/src/mapping/google/data/iap/google_iap_web_cloud_run_service_iam_policy.json
new file mode 100644
index 00000000..72ef31a8
--- /dev/null
+++ b/src/mapping/google/data/iap/google_iap_web_cloud_run_service_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iap/google_iap_web_forwarding_rule_service_iam_policy.json b/src/mapping/google/data/iap/google_iap_web_forwarding_rule_service_iam_policy.json
new file mode 100644
index 00000000..72ef31a8
--- /dev/null
+++ b/src/mapping/google/data/iap/google_iap_web_forwarding_rule_service_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json b/src/mapping/google/data/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json
new file mode 100644
index 00000000..56c6462a
--- /dev/null
+++ b/src/mapping/google/data/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "certificatemanager.dnsauthorizations.list",
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/lustre/google_lustre_instance.json b/src/mapping/google/data/lustre/google_lustre_instance.json
new file mode 100644
index 00000000..43668d45
--- /dev/null
+++ b/src/mapping/google/data/lustre/google_lustre_instance.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "lustre.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/memcache/google_memcache_instance.json b/src/mapping/google/data/memcache/google_memcache_instance.json
new file mode 100644
index 00000000..3dc1c2c7
--- /dev/null
+++ b/src/mapping/google/data/memcache/google_memcache_instance.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memcache.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/memorystore/google_memorystore_instance.json b/src/mapping/google/data/memorystore/google_memorystore_instance.json
new file mode 100644
index 00000000..16c890f6
--- /dev/null
+++ b/src/mapping/google/data/memorystore/google_memorystore_instance.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "memorystore.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/metastore/google_dataproc_metastore_database_iam_policy.json b/src/mapping/google/data/metastore/google_dataproc_metastore_database_iam_policy.json
new file mode 100644
index 00000000..6618762d
--- /dev/null
+++ b/src/mapping/google/data/metastore/google_dataproc_metastore_database_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "metastore.databases.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/metastore/google_dataproc_metastore_table_iam_policy.json b/src/mapping/google/data/metastore/google_dataproc_metastore_table_iam_policy.json
new file mode 100644
index 00000000..d96a9f02
--- /dev/null
+++ b/src/mapping/google/data/metastore/google_dataproc_metastore_table_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "metastore.tables.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_autonomous_database.json b/src/mapping/google/data/oracledatabase/google_oracle_database_autonomous_database.json
new file mode 100644
index 00000000..0318e71c
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_autonomous_database.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.autonomousDatabases.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_autonomous_databases.json b/src/mapping/google/data/oracledatabase/google_oracle_database_autonomous_databases.json
new file mode 100644
index 00000000..a80550ac
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_autonomous_databases.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.autonomousDatabases.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructure.json b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructure.json
new file mode 100644
index 00000000..361a930b
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructure.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.cloudExadataInfrastructures.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructures.json b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructures.json
new file mode 100644
index 00000000..ed0e0e4e
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_exadata_infrastructures.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.cloudExadataInfrastructures.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_cluster.json b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_cluster.json
new file mode 100644
index 00000000..39d79136
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_cluster.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.cloudVmClusters.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_clusters.json b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_clusters.json
new file mode 100644
index 00000000..46586a68
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_cloud_vm_clusters.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.cloudVmClusters.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_db_nodes.json b/src/mapping/google/data/oracledatabase/google_oracle_database_db_nodes.json
new file mode 100644
index 00000000..5a130844
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_db_nodes.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.dbNodes.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/oracledatabase/google_oracle_database_db_servers.json b/src/mapping/google/data/oracledatabase/google_oracle_database_db_servers.json
new file mode 100644
index 00000000..41fd0de2
--- /dev/null
+++ b/src/mapping/google/data/oracledatabase/google_oracle_database_db_servers.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "oracledatabase.dbServers.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/orgpolicy/google_project_organization_policy.json b/src/mapping/google/data/orgpolicy/google_project_organization_policy.json
new file mode 100644
index 00000000..9a854f86
--- /dev/null
+++ b/src/mapping/google/data/orgpolicy/google_project_organization_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "orgpolicy.policy.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_parameter.json b/src/mapping/google/data/parametermanager/google_parameter_manager_parameter.json
new file mode 100644
index 00000000..0346ede8
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_parameter.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameters.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_parameter_version.json b/src/mapping/google/data/parametermanager/google_parameter_manager_parameter_version.json
new file mode 100644
index 00000000..93b688e5
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_parameter_version.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameterVersions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_parameter_version_render.json b/src/mapping/google/data/parametermanager/google_parameter_manager_parameter_version_render.json
new file mode 100644
index 00000000..81f8bbb9
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_parameter_version_render.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameterVersions.render"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_parameters.json b/src/mapping/google/data/parametermanager/google_parameter_manager_parameters.json
new file mode 100644
index 00000000..2a9ff86b
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_parameters.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameters.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter.json b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter.json
new file mode 100644
index 00000000..0346ede8
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameters.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version.json b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version.json
new file mode 100644
index 00000000..93b688e5
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameterVersions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version_render.json b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version_render.json
new file mode 100644
index 00000000..81f8bbb9
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameter_version_render.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameterVersions.render"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameters.json b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameters.json
new file mode 100644
index 00000000..2a9ff86b
--- /dev/null
+++ b/src/mapping/google/data/parametermanager/google_parameter_manager_regional_parameters.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "parametermanager.parameters.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/privateca/google_privateca_ca_pool_iam_policy.json b/src/mapping/google/data/privateca/google_privateca_ca_pool_iam_policy.json
new file mode 100644
index 00000000..23a8225f
--- /dev/null
+++ b/src/mapping/google/data/privateca/google_privateca_ca_pool_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "privateca.caPools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/privateca/google_privateca_certificate_authority.json b/src/mapping/google/data/privateca/google_privateca_certificate_authority.json
new file mode 100644
index 00000000..ef7b2c73
--- /dev/null
+++ b/src/mapping/google/data/privateca/google_privateca_certificate_authority.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "privateca.certificateAuthorities.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/privateca/google_privateca_certificate_template_iam_policy.json b/src/mapping/google/data/privateca/google_privateca_certificate_template_iam_policy.json
new file mode 100644
index 00000000..ac7c2df8
--- /dev/null
+++ b/src/mapping/google/data/privateca/google_privateca_certificate_template_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "privateca.certificateTemplates.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/privilegedaccessmanager/google_privileged_access_manager_entitlement.json b/src/mapping/google/data/privilegedaccessmanager/google_privileged_access_manager_entitlement.json
new file mode 100644
index 00000000..8ba411c9
--- /dev/null
+++ b/src/mapping/google/data/privilegedaccessmanager/google_privileged_access_manager_entitlement.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "privilegedaccessmanager.entitlements.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/pubsub/google_pubsub_schema_iam_policy.json b/src/mapping/google/data/pubsub/google_pubsub_schema_iam_policy.json
new file mode 100644
index 00000000..0b16235a
--- /dev/null
+++ b/src/mapping/google/data/pubsub/google_pubsub_schema_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "pubsub.schemas.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/redis/google_redis_cluster.json b/src/mapping/google/data/redis/google_redis_cluster.json
new file mode 100644
index 00000000..baedb999
--- /dev/null
+++ b/src/mapping/google/data/redis/google_redis_cluster.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "redis.clusters.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_folder.json b/src/mapping/google/data/resourcemanager/google_folder.json
new file mode 100644
index 00000000..3d88bd22
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_folder.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.folders.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_folder_iam_policy.json b/src/mapping/google/data/resourcemanager/google_folder_iam_policy.json
new file mode 100644
index 00000000..b79b946e
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_folder_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.folders.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_folders.json b/src/mapping/google/data/resourcemanager/google_folders.json
new file mode 100644
index 00000000..8877de37
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_folders.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.folders.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_organization_iam_policy.json b/src/mapping/google/data/resourcemanager/google_organization_iam_policy.json
new file mode 100644
index 00000000..74978faa
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_organization_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.organizations.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_project_ancestry.json b/src/mapping/google/data/resourcemanager/google_project_ancestry.json
new file mode 100644
index 00000000..31acf779
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_project_ancestry.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.projects.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_project_iam_policy.json b/src/mapping/google/data/resourcemanager/google_project_iam_policy.json
new file mode 100644
index 00000000..8f43eb49
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_project_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.projects.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_tags_tag_key_iam_policy.json b/src/mapping/google/data/resourcemanager/google_tags_tag_key_iam_policy.json
new file mode 100644
index 00000000..b6b83a17
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_tags_tag_key_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.tagKeys.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_tags_tag_keys.json b/src/mapping/google/data/resourcemanager/google_tags_tag_keys.json
new file mode 100644
index 00000000..f2b1df56
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_tags_tag_keys.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.tagKeys.list",
+      "resourcemanager.tagKeys.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_tags_tag_value.json b/src/mapping/google/data/resourcemanager/google_tags_tag_value.json
new file mode 100644
index 00000000..6017c8ad
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_tags_tag_value.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.tagValues.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_tags_tag_value_iam_policy.json b/src/mapping/google/data/resourcemanager/google_tags_tag_value_iam_policy.json
new file mode 100644
index 00000000..fce4cb1e
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_tags_tag_value_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.tagValues.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/resourcemanager/google_tags_tag_values.json b/src/mapping/google/data/resourcemanager/google_tags_tag_values.json
new file mode 100644
index 00000000..cc10ab59
--- /dev/null
+++ b/src/mapping/google/data/resourcemanager/google_tags_tag_values.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.tagValues.get",
+      "resourcemanager.tagValues.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_v2_worker_pool.json b/src/mapping/google/data/run/google_cloud_run_v2_worker_pool.json
new file mode 100644
index 00000000..a5ae60fc
--- /dev/null
+++ b/src/mapping/google/data/run/google_cloud_run_v2_worker_pool.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.workerpools.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_v2_worker_pool_iam_policy.json b/src/mapping/google/data/run/google_cloud_run_v2_worker_pool_iam_policy.json
new file mode 100644
index 00000000..b7565183
--- /dev/null
+++ b/src/mapping/google/data/run/google_cloud_run_v2_worker_pool_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.workerpools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/runtimeconfig/google_runtimeconfig_config_iam_policy.json b/src/mapping/google/data/runtimeconfig/google_runtimeconfig_config_iam_policy.json
new file mode 100644
index 00000000..8ba4dc44
--- /dev/null
+++ b/src/mapping/google/data/runtimeconfig/google_runtimeconfig_config_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "runtimeconfig.configs.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/runtimeconfig/google_runtimeconfig_variable.json b/src/mapping/google/data/runtimeconfig/google_runtimeconfig_variable.json
new file mode 100644
index 00000000..a09592de
--- /dev/null
+++ b/src/mapping/google/data/runtimeconfig/google_runtimeconfig_variable.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "runtimeconfig.variables.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret.json b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret.json
new file mode 100644
index 00000000..65f8f575
--- /dev/null
+++ b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "secretmanager.secrets.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_iam_policy.json b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_iam_policy.json
new file mode 100644
index 00000000..bbe5224a
--- /dev/null
+++ b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "secretmanager.secrets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_version.json b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_version.json
new file mode 100644
index 00000000..400ae8d3
--- /dev/null
+++ b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_version.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "secretmanager.versions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_version_access.json b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_version_access.json
new file mode 100644
index 00000000..65c61c3b
--- /dev/null
+++ b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secret_version_access.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "secretmanager.versions.access"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/secretmanager/google_secret_manager_regional_secrets.json b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secrets.json
new file mode 100644
index 00000000..0c129994
--- /dev/null
+++ b/src/mapping/google/data/secretmanager/google_secret_manager_regional_secrets.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "secretmanager.secrets.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/securesourcemanager/google_secure_source_manager_instance_iam_policy.json b/src/mapping/google/data/securesourcemanager/google_secure_source_manager_instance_iam_policy.json
new file mode 100644
index 00000000..7994fea8
--- /dev/null
+++ b/src/mapping/google/data/securesourcemanager/google_secure_source_manager_instance_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securesourcemanager.instances.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/securesourcemanager/google_secure_source_manager_repository_iam_policy.json b/src/mapping/google/data/securesourcemanager/google_secure_source_manager_repository_iam_policy.json
new file mode 100644
index 00000000..2c744cd2
--- /dev/null
+++ b/src/mapping/google/data/securesourcemanager/google_secure_source_manager_repository_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securesourcemanager.repositories.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/securitycenter/google_scc_source_iam_policy.json b/src/mapping/google/data/securitycenter/google_scc_source_iam_policy.json
new file mode 100644
index 00000000..404b7c3f
--- /dev/null
+++ b/src/mapping/google/data/securitycenter/google_scc_source_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securitycenter.sources.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/securitycenter/google_scc_v2_organization_source_iam_policy.json b/src/mapping/google/data/securitycenter/google_scc_v2_organization_source_iam_policy.json
new file mode 100644
index 00000000..404b7c3f
--- /dev/null
+++ b/src/mapping/google/data/securitycenter/google_scc_v2_organization_source_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securitycenter.sources.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/spanner/google_spanner_database.json b/src/mapping/google/data/spanner/google_spanner_database.json
new file mode 100644
index 00000000..73d45178
--- /dev/null
+++ b/src/mapping/google/data/spanner/google_spanner_database.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "spanner.databases.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/storage/google_storage_bucket_iam_member.json b/src/mapping/google/data/storage/google_storage_bucket_iam_member.json
new file mode 100644
index 00000000..8ca1edde
--- /dev/null
+++ b/src/mapping/google/data/storage/google_storage_bucket_iam_member.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storage.buckets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/storage/google_storage_bucket_objects.json b/src/mapping/google/data/storage/google_storage_bucket_objects.json
new file mode 100644
index 00000000..262f2968
--- /dev/null
+++ b/src/mapping/google/data/storage/google_storage_bucket_objects.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storage.objects.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/storage/google_storage_buckets.json b/src/mapping/google/data/storage/google_storage_buckets.json
new file mode 100644
index 00000000..de353ee5
--- /dev/null
+++ b/src/mapping/google/data/storage/google_storage_buckets.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storage.buckets.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/storage/google_storage_control_folder_intelligence_config.json b/src/mapping/google/data/storage/google_storage_control_folder_intelligence_config.json
new file mode 100644
index 00000000..669384ff
--- /dev/null
+++ b/src/mapping/google/data/storage/google_storage_control_folder_intelligence_config.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storage.intelligenceConfigs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/storage/google_storage_control_organization_intelligence_config.json b/src/mapping/google/data/storage/google_storage_control_organization_intelligence_config.json
new file mode 100644
index 00000000..d823c837
--- /dev/null
+++ b/src/mapping/google/data/storage/google_storage_control_organization_intelligence_config.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storage.intelligenceConfigs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/storage/google_storage_control_project_intelligence_config.json b/src/mapping/google/data/storage/google_storage_control_project_intelligence_config.json
new file mode 100644
index 00000000..669384ff
--- /dev/null
+++ b/src/mapping/google/data/storage/google_storage_control_project_intelligence_config.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storage.intelligenceConfigs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/storageinsights/google_storage_insights_dataset_config.json b/src/mapping/google/data/storageinsights/google_storage_insights_dataset_config.json
new file mode 100644
index 00000000..91409b52
--- /dev/null
+++ b/src/mapping/google/data/storageinsights/google_storage_insights_dataset_config.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storageinsights.reportConfigs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/tags/google_tags_tag_value_iam_policy.json b/src/mapping/google/data/tags/google_tags_tag_value_iam_policy.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/data/tags/google_tags_tag_value_iam_policy.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/accessapproval/google_project_access_approval_settings.json b/src/mapping/google/resource/accessapproval/google_project_access_approval_settings.json
new file mode 100644
index 00000000..1a338b9e
--- /dev/null
+++ b/src/mapping/google/resource/accessapproval/google_project_access_approval_settings.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "accessapproval.settings.delete",
+      "accessapproval.settings.get",
+      "accessapproval.settings.create",
+      "accessapproval.settings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeter.json b/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeter.json
index 3e46e973..45e4fdaf 100644
--- a/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeter.json
+++ b/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeter.json
@@ -1,20 +1,11 @@
 [
   {
-    "apply": [
-      "accesscontextmanager.servicePerimeters.create",
-      "accesscontextmanager.servicePerimeters.delete",
-      "accesscontextmanager.servicePerimeters.get",
-      "accesscontextmanager.servicePerimeters.update"
-    ],
+    "apply": [],
     "attributes": {
       "tags": []
     },
-    "destroy": [
-      "accesscontextmanager.servicePerimeters.delete"
-    ],
-    "modify": [
-      "accesscontextmanager.servicePerimeters.update"
-    ],
+    "destroy": [],
+    "modify": [],
     "plan": []
   }
 ]
diff --git a/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeters.json b/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeters.json
index 3e46e973..45e4fdaf 100644
--- a/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeters.json
+++ b/src/mapping/google/resource/accesscontextmanager/google_access_context_manager_service_perimeters.json
@@ -1,20 +1,11 @@
 [
   {
-    "apply": [
-      "accesscontextmanager.servicePerimeters.create",
-      "accesscontextmanager.servicePerimeters.delete",
-      "accesscontextmanager.servicePerimeters.get",
-      "accesscontextmanager.servicePerimeters.update"
-    ],
+    "apply": [],
     "attributes": {
       "tags": []
     },
-    "destroy": [
-      "accesscontextmanager.servicePerimeters.delete"
-    ],
-    "modify": [
-      "accesscontextmanager.servicePerimeters.update"
-    ],
+    "destroy": [],
+    "modify": [],
     "plan": []
   }
 ]
diff --git a/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_binding.json b/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_binding.json
new file mode 100644
index 00000000..63082202
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.notebookRuntimeTemplates.getIamPolicy",
+      "aiplatform.notebookRuntimeTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_member.json b/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_member.json
new file mode 100644
index 00000000..63082202
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.notebookRuntimeTemplates.getIamPolicy",
+      "aiplatform.notebookRuntimeTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_policy.json b/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_policy.json
new file mode 100644
index 00000000..6881b52b
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_colab_runtime_template_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.notebookRuntimeTemplates.getIamPolicy",
+      "aiplatform.notebookRuntimeTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.notebookRuntimeTemplates.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_cache_config.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_cache_config.json
new file mode 100644
index 00000000..04986d07
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_cache_config.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.cacheConfigs.get",
+      "aiplatform.cacheConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_deployment_resource_pool.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_deployment_resource_pool.json
new file mode 100644
index 00000000..102ccb5e
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_deployment_resource_pool.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.deploymentResourcePools.create",
+      "aiplatform.deploymentResourcePools.delete",
+      "aiplatform.deploymentResourcePools.get",
+      "aiplatform.deploymentResourcePools.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_endpoint_iam_policy.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_endpoint_iam_policy.json
new file mode 100644
index 00000000..ea1d619b
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_endpoint_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.endpoints.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_endpoint_with_model_garden_deployment.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_endpoint_with_model_garden_deployment.json
new file mode 100644
index 00000000..15e8f492
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_endpoint_with_model_garden_deployment.json
@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "aiplatform.endpoints.create",
+      "aiplatform.endpoints.delete",
+      "aiplatform.endpoints.get",
+      "aiplatform.endpoints.update",
+      "aiplatform.endpoints.deploy",
+      "aiplatform.endpoints.undeploy",
+      "aiplatform.models.upload"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_binding.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_binding.json
new file mode 100644
index 00000000..46cf7206
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureGroups.getIamPolicy",
+      "aiplatform.featureGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_member.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_member.json
new file mode 100644
index 00000000..46cf7206
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureGroups.getIamPolicy",
+      "aiplatform.featureGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_policy.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_policy.json
new file mode 100644
index 00000000..3a519936
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_group_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureGroups.getIamPolicy",
+      "aiplatform.featureGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.featureGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_binding.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_binding.json
new file mode 100644
index 00000000..5b985b83
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureViews.getIamPolicy",
+      "aiplatform.featureViews.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_member.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_member.json
new file mode 100644
index 00000000..5b985b83
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureViews.getIamPolicy",
+      "aiplatform.featureViews.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json
new file mode 100644
index 00000000..aac47776
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_featureview_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureViews.getIamPolicy",
+      "aiplatform.featureViews.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.featureViews.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_binding.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_binding.json
new file mode 100644
index 00000000..9e41eda3
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureOnlineStores.getIamPolicy",
+      "aiplatform.featureOnlineStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_member.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_member.json
new file mode 100644
index 00000000..9e41eda3
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureOnlineStores.getIamPolicy",
+      "aiplatform.featureOnlineStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json
new file mode 100644
index 00000000..03893b3b
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_feature_online_store_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.featureOnlineStores.getIamPolicy",
+      "aiplatform.featureOnlineStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.featureOnlineStores.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_entitytype_iam_policy.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_entitytype_iam_policy.json
new file mode 100644
index 00000000..a0112fb2
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_entitytype_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.entityTypes.getIamPolicy",
+      "aiplatform.entityTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.entityTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_iam.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_iam.json
index 562b2f1f..2098ec8a 100644
--- a/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_iam.json
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_iam.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "aiplatform.featurestores.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_iam_policy.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_iam_policy.json
new file mode 100644
index 00000000..b69e35a4
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_featurestore_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.featurestores.getIamPolicy",
+      "aiplatform.featurestores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "aiplatform.featurestores.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_index_endpoint_deployed_index.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_index_endpoint_deployed_index.json
new file mode 100644
index 00000000..c9713836
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_index_endpoint_deployed_index.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "aiplatform.indexEndpoints.delete",
+      "aiplatform.indexEndpoints.deploy",
+      "aiplatform.indexEndpoints.get",
+      "aiplatform.indexEndpoints.undeploy",
+      "aiplatform.indexEndpoints.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_rag_engine_config.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_rag_engine_config.json
new file mode 100644
index 00000000..ab534ee7
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_rag_engine_config.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "aiplatform.ragEngineConfigs.get",
+      "aiplatform.ragEngineConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/aiplatform/google_vertex_ai_reasoning_engine.json b/src/mapping/google/resource/aiplatform/google_vertex_ai_reasoning_engine.json
new file mode 100644
index 00000000..23d19e60
--- /dev/null
+++ b/src/mapping/google/resource/aiplatform/google_vertex_ai_reasoning_engine.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "aiplatform.reasoningEngines.create",
+      "aiplatform.reasoningEngines.delete",
+      "aiplatform.reasoningEngines.get",
+      "aiplatform.reasoningEngines.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/alloydb/google_alloydb_cluster.json b/src/mapping/google/resource/alloydb/google_alloydb_cluster.json
index b2321593..6f0dc601 100644
--- a/src/mapping/google/resource/alloydb/google_alloydb_cluster.json
+++ b/src/mapping/google/resource/alloydb/google_alloydb_cluster.json
@@ -1,21 +1,23 @@
-[
-  {
-    "apply": [
-      "alloydb.clusters.create",
-      "alloydb.clusters.delete",
-      "alloydb.clusters.get",
-      "alloydb.clusters.update",
-      "alloydb.operations.get"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "alloydb.clusters.delete"
-    ],
-    "modify": [
-      "alloydb.clusters.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "alloydb.clusters.create",
+      "alloydb.clusters.delete",
+      "alloydb.clusters.get",
+      "alloydb.clusters.update",
+      "alloydb.operations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "alloydb.clusters.delete"
+    ],
+    "modify": [
+      "alloydb.clusters.update"
+    ],
+    "plan": [
+      "alloydb.clusters.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/alloydb/google_alloydb_instance.json b/src/mapping/google/resource/alloydb/google_alloydb_instance.json
index d53113e8..f5ee84cf 100644
--- a/src/mapping/google/resource/alloydb/google_alloydb_instance.json
+++ b/src/mapping/google/resource/alloydb/google_alloydb_instance.json
@@ -1,20 +1,22 @@
-[
-  {
-    "apply": [
-      "alloydb.instances.create",
-      "alloydb.instances.delete",
-      "alloydb.instances.get",
-      "alloydb.instances.update"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "alloydb.instances.delete"
-    ],
-    "modify": [
-      "alloydb.instances.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "alloydb.instances.create",
+      "alloydb.instances.delete",
+      "alloydb.instances.get",
+      "alloydb.instances.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "alloydb.instances.delete"
+    ],
+    "modify": [
+      "alloydb.instances.update"
+    ],
+    "plan": [
+      "alloydb.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/analyticshub/google_bigquery_analytics_hub_listing_subscription.json b/src/mapping/google/resource/analyticshub/google_bigquery_analytics_hub_listing_subscription.json
new file mode 100644
index 00000000..e674d29a
--- /dev/null
+++ b/src/mapping/google/resource/analyticshub/google_bigquery_analytics_hub_listing_subscription.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "analyticshub.subscriptions.get",
+      "analyticshub.subscriptions.update",
+      "analyticshub.subscriptions.delete",
+      "analyticshub.subscriptions.create",
+      "analyticshub.listings.subscribe"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apigee/google_apigee_environment_iam_binding.json b/src/mapping/google/resource/apigee/google_apigee_environment_iam_binding.json
new file mode 100644
index 00000000..68b0624b
--- /dev/null
+++ b/src/mapping/google/resource/apigee/google_apigee_environment_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "apigee.environments.setIamPolicy",
+      "apigee.environments.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apigee/google_apigee_environment_iam_member.json b/src/mapping/google/resource/apigee/google_apigee_environment_iam_member.json
new file mode 100644
index 00000000..68b0624b
--- /dev/null
+++ b/src/mapping/google/resource/apigee/google_apigee_environment_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "apigee.environments.setIamPolicy",
+      "apigee.environments.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apigee/google_apigee_environment_iam_policy.json b/src/mapping/google/resource/apigee/google_apigee_environment_iam_policy.json
new file mode 100644
index 00000000..68b0624b
--- /dev/null
+++ b/src/mapping/google/resource/apigee/google_apigee_environment_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "apigee.environments.setIamPolicy",
+      "apigee.environments.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apihub/google_apihub_api_hub_instance.json b/src/mapping/google/resource/apihub/google_apihub_api_hub_instance.json
new file mode 100644
index 00000000..13e28441
--- /dev/null
+++ b/src/mapping/google/resource/apihub/google_apihub_api_hub_instance.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "apihub.apiHubInstances.create",
+      "apihub.apiHubInstances.delete",
+      "apihub.apiHubInstances.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apihub/google_apihub_curation.json b/src/mapping/google/resource/apihub/google_apihub_curation.json
new file mode 100644
index 00000000..d4a1294c
--- /dev/null
+++ b/src/mapping/google/resource/apihub/google_apihub_curation.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "apihub.curations.create",
+      "apihub.curations.delete",
+      "apihub.curations.get",
+      "apihub.curations.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apihub/google_apihub_host_project_registration.json b/src/mapping/google/resource/apihub/google_apihub_host_project_registration.json
new file mode 100644
index 00000000..e9d49a9d
--- /dev/null
+++ b/src/mapping/google/resource/apihub/google_apihub_host_project_registration.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "apihub.hostProjectRegistrations.create",
+      "apihub.hostProjectRegistrations.delete",
+      "apihub.hostProjectRegistrations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apihub/google_apihub_plugin.json b/src/mapping/google/resource/apihub/google_apihub_plugin.json
new file mode 100644
index 00000000..4e33337b
--- /dev/null
+++ b/src/mapping/google/resource/apihub/google_apihub_plugin.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "apihub.plugins.create",
+      "apihub.plugins.get",
+      "apihub.plugins.update",
+      "apihub.plugins.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apihub/google_apihub_plugin_instance.json b/src/mapping/google/resource/apihub/google_apihub_plugin_instance.json
new file mode 100644
index 00000000..e182dccd
--- /dev/null
+++ b/src/mapping/google/resource/apihub/google_apihub_plugin_instance.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "apihub.plugininstances.create",
+      "apihub.plugininstances.delete",
+      "apihub.plugininstances.update",
+      "apihub.plugininstances.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apphub/google_apphub_application.json b/src/mapping/google/resource/apphub/google_apphub_application.json
new file mode 100644
index 00000000..801b1414
--- /dev/null
+++ b/src/mapping/google/resource/apphub/google_apphub_application.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "apphub.applications.create",
+      "apphub.applications.delete",
+      "apphub.applications.get",
+      "apphub.applications.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apphub/google_apphub_service.json b/src/mapping/google/resource/apphub/google_apphub_service.json
new file mode 100644
index 00000000..86e2e1be
--- /dev/null
+++ b/src/mapping/google/resource/apphub/google_apphub_service.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "apphub.services.create",
+      "apphub.services.delete",
+      "apphub.services.get",
+      "apphub.services.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apphub/google_apphub_service_project_attachment.json b/src/mapping/google/resource/apphub/google_apphub_service_project_attachment.json
new file mode 100644
index 00000000..97798eb0
--- /dev/null
+++ b/src/mapping/google/resource/apphub/google_apphub_service_project_attachment.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "apphub.serviceProjectAttachments.attach",
+      "apphub.serviceProjectAttachments.create",
+      "apphub.serviceProjectAttachments.delete",
+      "apphub.serviceProjectAttachments.detach",
+      "apphub.serviceProjectAttachments.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/apphub/google_apphub_workload.json b/src/mapping/google/resource/apphub/google_apphub_workload.json
new file mode 100644
index 00000000..74f51753
--- /dev/null
+++ b/src/mapping/google/resource/apphub/google_apphub_workload.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "apphub.workloads.create",
+      "apphub.workloads.get",
+      "apphub.workloads.update",
+      "apphub.workloads.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/artifactregistry/google_artifact_registry_repository_iam_policy.json b/src/mapping/google/resource/artifactregistry/google_artifact_registry_repository_iam_policy.json
index 685cf1d4..fa4d79b3 100644
--- a/src/mapping/google/resource/artifactregistry/google_artifact_registry_repository_iam_policy.json
+++ b/src/mapping/google/resource/artifactregistry/google_artifact_registry_repository_iam_policy.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "artifactregistry.repositories.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/backend/gcs.json b/src/mapping/google/resource/backend/gcs.json
new file mode 100644
index 00000000..d9f17369
--- /dev/null
+++ b/src/mapping/google/resource/backend/gcs.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "storage.buckets.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/backupdr/google_backup_dr_backup_plan.json b/src/mapping/google/resource/backupdr/google_backup_dr_backup_plan.json
new file mode 100644
index 00000000..8ddc374e
--- /dev/null
+++ b/src/mapping/google/resource/backupdr/google_backup_dr_backup_plan.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "backupdr.backupPlans.create",
+      "backupdr.backupPlans.delete",
+      "backupdr.backupPlans.get",
+      "backupdr.backupPlans.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/backupdr/google_backup_dr_backup_plan_association.json b/src/mapping/google/resource/backupdr/google_backup_dr_backup_plan_association.json
new file mode 100644
index 00000000..9a8d07d1
--- /dev/null
+++ b/src/mapping/google/resource/backupdr/google_backup_dr_backup_plan_association.json
@@ -0,0 +1,27 @@
+[
+  {
+    "apply": [
+      "backupdr.backupPlanAssociations.createForCloudSqlInstance",
+      "backupdr.backupPlanAssociations.createForComputeDisk",
+      "backupdr.backupPlanAssociations.createForComputeInstance",
+      "backupdr.backupPlanAssociations.deleteForCloudSqlInstance",
+      "backupdr.backupPlanAssociations.deleteForComputeDisk",
+      "backupdr.backupPlanAssociations.deleteForComputeInstance",
+      "backupdr.backupPlanAssociations.fetchForCloudSqlInstance",
+      "backupdr.backupPlanAssociations.get",
+      "backupdr.backupPlanAssociations.getForCloudSqlInstance",
+      "backupdr.backupPlanAssociations.getForComputeDisk",
+      "backupdr.backupPlanAssociations.triggerBackupForCloudSqlInstance",
+      "backupdr.backupPlanAssociations.triggerBackupForComputeDisk",
+      "backupdr.backupPlanAssociations.triggerBackupForComputeInstance",
+      "backupdr.backupPlanAssociations.updateForComputeDisk",
+      "backupdr.backupPlanAssociations.updateForComputeInstance"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/backupdr/google_backup_dr_backup_vault.json b/src/mapping/google/resource/backupdr/google_backup_dr_backup_vault.json
new file mode 100644
index 00000000..282eb8ad
--- /dev/null
+++ b/src/mapping/google/resource/backupdr/google_backup_dr_backup_vault.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "backupdr.backupVaults.create",
+      "backupdr.backupVaults.delete",
+      "backupdr.backupVaults.get",
+      "backupdr.backupVaults.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/backupdr/google_backup_dr_management_server.json b/src/mapping/google/resource/backupdr/google_backup_dr_management_server.json
new file mode 100644
index 00000000..d7e9c334
--- /dev/null
+++ b/src/mapping/google/resource/backupdr/google_backup_dr_management_server.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "backupdr.managementServers.create",
+      "backupdr.managementServers.get",
+      "backupdr.managementServers.update",
+      "backupdr.managementServers.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/backupdr/google_backup_dr_service_config.json b/src/mapping/google/resource/backupdr/google_backup_dr_service_config.json
new file mode 100644
index 00000000..6e6363db
--- /dev/null
+++ b/src/mapping/google/resource/backupdr/google_backup_dr_service_config.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "backupdr.resourceBackupConfigs.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_connection.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_connection.json
new file mode 100644
index 00000000..c357d106
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_connection.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.appConnections.create",
+      "beyondcorp.appConnections.delete",
+      "beyondcorp.appConnections.get",
+      "beyondcorp.appConnections.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_connector.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_connector.json
new file mode 100644
index 00000000..19896bc7
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_connector.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.appConnectors.create",
+      "beyondcorp.appConnectors.get",
+      "beyondcorp.appConnectors.delete",
+      "beyondcorp.appConnectors.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_gateway.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_gateway.json
new file mode 100644
index 00000000..b337d7f8
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_app_gateway.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.appGateways.create",
+      "beyondcorp.appGateways.delete",
+      "beyondcorp.appGateways.update",
+      "beyondcorp.appGateways.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_application.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application.json
new file mode 100644
index 00000000..0083e5f6
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.sgApplications.create",
+      "beyondcorp.sgApplications.delete",
+      "beyondcorp.sgApplications.get",
+      "beyondcorp.sgApplications.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_binding.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_binding.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_binding.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_member.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_member.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_member.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_policy.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_policy.json
new file mode 100644
index 00000000..1b7d6db6
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_application_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.sgApplications.getIamPolicy",
+      "beyondcorp.sgApplications.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "beyondcorp.sgApplications.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway.json
new file mode 100644
index 00000000..04455491
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.securityGateways.create",
+      "beyondcorp.securityGateways.get",
+      "beyondcorp.securityGateways.update",
+      "beyondcorp.securityGateways.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application.json
new file mode 100644
index 00000000..0083e5f6
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.sgApplications.create",
+      "beyondcorp.sgApplications.delete",
+      "beyondcorp.sgApplications.get",
+      "beyondcorp.sgApplications.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_binding.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_binding.json
new file mode 100644
index 00000000..1b5ad869
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "beyondcorp.sgApplications.getIamPolicy",
+      "beyondcorp.sgApplications.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_member.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_member.json
new file mode 100644
index 00000000..1b5ad869
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "beyondcorp.sgApplications.getIamPolicy",
+      "beyondcorp.sgApplications.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json
new file mode 100644
index 00000000..fb891754
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_application_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.sgApplications.getIamPolicy",
+      "beyondcorp.sgApplications.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "beyondcorp.sgApplications.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_binding.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_binding.json
new file mode 100644
index 00000000..87b1b386
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "beyondcorp.securityGateways.getIamPolicy",
+      "beyondcorp.securityGateways.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_member.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_member.json
new file mode 100644
index 00000000..3055048a
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "beyondcorp.securityGateways.getIamPolicy",
+      "beyondcorp.securityGateways.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json
new file mode 100644
index 00000000..33e8296b
--- /dev/null
+++ b/src/mapping/google/resource/beyondcorp/google_beyondcorp_security_gateway_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "beyondcorp.securityGateways.getIamPolicy",
+      "beyondcorp.securityGateways.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "beyondcorp.securityGateways.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/biglake/google_biglake_catalog.json b/src/mapping/google/resource/biglake/google_biglake_catalog.json
new file mode 100644
index 00000000..19598023
--- /dev/null
+++ b/src/mapping/google/resource/biglake/google_biglake_catalog.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "biglake.catalogs.create",
+      "biglake.catalogs.delete",
+      "biglake.catalogs.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "biglake.catalogs.delete"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/biglake/google_biglake_database.json b/src/mapping/google/resource/biglake/google_biglake_database.json
new file mode 100644
index 00000000..966ea125
--- /dev/null
+++ b/src/mapping/google/resource/biglake/google_biglake_database.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "biglake.databases.create",
+      "biglake.databases.delete",
+      "biglake.databases.get",
+      "biglake.databases.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "biglake.databases.delete"
+    ],
+    "modify": [
+      "biglake.databases.update"
+    ],
+    "plan": [
+      "biglake.databases.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/biglake/google_biglake_table.json b/src/mapping/google/resource/biglake/google_biglake_table.json
new file mode 100644
index 00000000..c4a66859
--- /dev/null
+++ b/src/mapping/google/resource/biglake/google_biglake_table.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "biglake.tables.create",
+      "biglake.tables.delete",
+      "biglake.tables.get",
+      "biglake.tables.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "biglake.tables.delete"
+    ],
+    "modify": [
+      "biglake.tables.update"
+    ],
+    "plan": [
+      "biglake.tables.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/bigquery/google_bigquery_connection.json b/src/mapping/google/resource/bigquery/google_bigquery_connection.json
index 6045e5b7..06fd549f 100644
--- a/src/mapping/google/resource/bigquery/google_bigquery_connection.json
+++ b/src/mapping/google/resource/bigquery/google_bigquery_connection.json
@@ -4,21 +4,15 @@
       "bigquery.connections.get",
       "bigquery.connections.create",
       "bigquery.connections.delete",
-      "bigquery.connections.update",
-      "accesscontextmanager.servicePerimeters.create",
-      "accesscontextmanager.servicePerimeters.delete",
-      "accesscontextmanager.servicePerimeters.get",
-      "accesscontextmanager.servicePerimeters.update"
+      "bigquery.connections.update"
     ],
     "attributes": {
       "tags": []
     },
     "destroy": [
-      "accesscontextmanager.servicePerimeters.delete",
       "bigquery.connections.delete"
     ],
     "modify": [
-      "accesscontextmanager.servicePerimeters.update",
       "bigquery.connections.update"
     ],
     "plan": []
diff --git a/src/mapping/google/resource/bigquery/google_bigquery_dataset_access.json b/src/mapping/google/resource/bigquery/google_bigquery_dataset_access.json
new file mode 100644
index 00000000..2c57bc06
--- /dev/null
+++ b/src/mapping/google/resource/bigquery/google_bigquery_dataset_access.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "bigquery.datasets.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/bigquery/google_bigquery_row_access_policy.json b/src/mapping/google/resource/bigquery/google_bigquery_row_access_policy.json
new file mode 100644
index 00000000..2c57bc06
--- /dev/null
+++ b/src/mapping/google/resource/bigquery/google_bigquery_row_access_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "bigquery.datasets.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/bigtable/google_bigtable_authorized_view.json b/src/mapping/google/resource/bigtable/google_bigtable_authorized_view.json
new file mode 100644
index 00000000..94e79e45
--- /dev/null
+++ b/src/mapping/google/resource/bigtable/google_bigtable_authorized_view.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "bigtable.authorizedViews.create",
+      "bigtable.authorizedViews.delete",
+      "bigtable.authorizedViews.get",
+      "bigtable.authorizedViews.update",
+      "bigtable.tables.mutateRows",
+      "bigtable.tables.readRows"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "bigtable.authorizedViews.delete"
+    ],
+    "modify": [
+      "bigtable.authorizedViews.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/bigtable/google_bigtable_logical_view.json b/src/mapping/google/resource/bigtable/google_bigtable_logical_view.json
new file mode 100644
index 00000000..ca61e4ce
--- /dev/null
+++ b/src/mapping/google/resource/bigtable/google_bigtable_logical_view.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "bigtable.logicalViews.create",
+      "bigtable.logicalViews.delete",
+      "bigtable.logicalViews.get",
+      "bigtable.logicalViews.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "bigtable.logicalViews.delete"
+    ],
+    "modify": [
+      "bigtable.logicalViews.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/bigtable/google_bigtable_materialized_view.json b/src/mapping/google/resource/bigtable/google_bigtable_materialized_view.json
new file mode 100644
index 00000000..3b43d47e
--- /dev/null
+++ b/src/mapping/google/resource/bigtable/google_bigtable_materialized_view.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "bigtable.materializedViews.create",
+      "bigtable.materializedViews.delete",
+      "bigtable.materializedViews.get",
+      "bigtable.materializedViews.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "bigtable.materializedViews.delete"
+    ],
+    "modify": [
+      "bigtable.materializedViews.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/bigtable/google_bigtable_schema_bundle.json b/src/mapping/google/resource/bigtable/google_bigtable_schema_bundle.json
new file mode 100644
index 00000000..dc80c15c
--- /dev/null
+++ b/src/mapping/google/resource/bigtable/google_bigtable_schema_bundle.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "bigtable.schemaBundles.get",
+      "bigtable.schemaBundles.create",
+      "bigtable.schemaBundles.delete",
+      "bigtable.schemaBundles.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/billing/google_billing_account_iam_binding.json b/src/mapping/google/resource/billing/google_billing_account_iam_binding.json
new file mode 100644
index 00000000..6fbf215f
--- /dev/null
+++ b/src/mapping/google/resource/billing/google_billing_account_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "billing.accounts.getIamPolicy",
+      "billing.accounts.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/billing/google_billing_account_iam_member.json b/src/mapping/google/resource/billing/google_billing_account_iam_member.json
new file mode 100644
index 00000000..6fbf215f
--- /dev/null
+++ b/src/mapping/google/resource/billing/google_billing_account_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "billing.accounts.getIamPolicy",
+      "billing.accounts.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/billing/google_billing_account_iam_policy.json b/src/mapping/google/resource/billing/google_billing_account_iam_policy.json
new file mode 100644
index 00000000..6fbf215f
--- /dev/null
+++ b/src/mapping/google/resource/billing/google_billing_account_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "billing.accounts.getIamPolicy",
+      "billing.accounts.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/billing/google_billing_budget.json b/src/mapping/google/resource/billing/google_billing_budget.json
new file mode 100644
index 00000000..41305e00
--- /dev/null
+++ b/src/mapping/google/resource/billing/google_billing_budget.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "billing.budgets.create",
+      "billing.budgets.get",
+      "billing.budgets.update",
+      "billing.budgets.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_binding.json b/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_binding.json
new file mode 100644
index 00000000..ba707022
--- /dev/null
+++ b/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "binaryauthorization.attestors.getIamPolicy",
+      "binaryauthorization.attestors.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_member.json b/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_member.json
new file mode 100644
index 00000000..ba707022
--- /dev/null
+++ b/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "binaryauthorization.attestors.getIamPolicy",
+      "binaryauthorization.attestors.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_policy.json b/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_policy.json
new file mode 100644
index 00000000..05dc7ce7
--- /dev/null
+++ b/src/mapping/google/resource/binaryauthorization/google_binary_authorization_attestor_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "binaryauthorization.attestors.getIamPolicy",
+      "binaryauthorization.attestors.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "binaryauthorization.attestors.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/certificatemanager/google_certificate_manager_dns_authorization.json b/src/mapping/google/resource/certificatemanager/google_certificate_manager_dns_authorization.json
new file mode 100644
index 00000000..f9aba094
--- /dev/null
+++ b/src/mapping/google/resource/certificatemanager/google_certificate_manager_dns_authorization.json
@@ -0,0 +1,18 @@
+[
+  {
+    "apply": [
+      "certificatemanager.dnsauthorizations.create",
+      "certificatemanager.operations.delete",
+      "certificatemanager.dnsauthorizations.get",
+      "certificatemanager.dnsauthorizations.delete",
+      "certificatemanager.dnsauthorizations.update",
+      "certificatemanager.dnsauthorizations.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/chronicle/google_chronicle_data_access_label.json b/src/mapping/google/resource/chronicle/google_chronicle_data_access_label.json
new file mode 100644
index 00000000..71f9c22e
--- /dev/null
+++ b/src/mapping/google/resource/chronicle/google_chronicle_data_access_label.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "chronicle.dataAccessLabels.create",
+      "chronicle.dataAccessLabels.delete",
+      "chronicle.dataAccessLabels.get",
+      "chronicle.dataAccessLabels.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/chronicle/google_chronicle_data_access_scope.json b/src/mapping/google/resource/chronicle/google_chronicle_data_access_scope.json
new file mode 100644
index 00000000..85431001
--- /dev/null
+++ b/src/mapping/google/resource/chronicle/google_chronicle_data_access_scope.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "chronicle.dataAccessScopes.create",
+      "chronicle.dataAccessScopes.delete",
+      "chronicle.dataAccessScopes.get",
+      "chronicle.dataAccessScopes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/chronicle/google_chronicle_reference_list.json b/src/mapping/google/resource/chronicle/google_chronicle_reference_list.json
new file mode 100644
index 00000000..1dfcafd2
--- /dev/null
+++ b/src/mapping/google/resource/chronicle/google_chronicle_reference_list.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "chronicle.referenceLists.create",
+      "chronicle.referenceLists.get",
+      "chronicle.referenceLists.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/chronicle/google_chronicle_retrohunt.json b/src/mapping/google/resource/chronicle/google_chronicle_retrohunt.json
new file mode 100644
index 00000000..715fcfe2
--- /dev/null
+++ b/src/mapping/google/resource/chronicle/google_chronicle_retrohunt.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "chronicle.retrohunts.create",
+      "chronicle.retrohunts.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/chronicle/google_chronicle_rule.json b/src/mapping/google/resource/chronicle/google_chronicle_rule.json
new file mode 100644
index 00000000..1574ad23
--- /dev/null
+++ b/src/mapping/google/resource/chronicle/google_chronicle_rule.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "chronicle.rules.create",
+      "chronicle.rules.delete",
+      "chronicle.rules.get",
+      "chronicle.rules.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/chronicle/google_chronicle_rule_deployment.json b/src/mapping/google/resource/chronicle/google_chronicle_rule_deployment.json
new file mode 100644
index 00000000..dbb01ffe
--- /dev/null
+++ b/src/mapping/google/resource/chronicle/google_chronicle_rule_deployment.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "chronicle.ruleDeployments.get",
+      "chronicle.ruleDeployments.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/chronicle/google_chronicle_watchlist.json b/src/mapping/google/resource/chronicle/google_chronicle_watchlist.json
new file mode 100644
index 00000000..7d50435b
--- /dev/null
+++ b/src/mapping/google/resource/chronicle/google_chronicle_watchlist.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "chronicle.watchlists.create",
+      "chronicle.watchlists.delete",
+      "chronicle.watchlists.get",
+      "chronicle.watchlists.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_code_repository_index.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_code_repository_index.json
new file mode 100644
index 00000000..76fc2a6d
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_code_repository_index.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.codeRepositoryIndexes.create",
+      "cloudaicompanion.codeRepositoryIndexes.delete",
+      "cloudaicompanion.codeRepositoryIndexes.get",
+      "cloudaicompanion.codeRepositoryIndexes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting.json
new file mode 100644
index 00000000..68b8a4a0
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.codeToolsSettings.create",
+      "cloudaicompanion.codeToolsSettings.delete",
+      "cloudaicompanion.codeToolsSettings.get",
+      "cloudaicompanion.codeToolsSettings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting_binding.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting_binding.json
new file mode 100644
index 00000000..e77b08a5
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_code_tools_setting_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.settingBindings.codeToolsSettingsCreate",
+      "cloudaicompanion.settingBindings.codeToolsSettingsDelete",
+      "cloudaicompanion.settingBindings.codeToolsSettingsGet",
+      "cloudaicompanion.settingBindings.codeToolsSettingsUpdate"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting.json
new file mode 100644
index 00000000..6a25e1ad
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.dataSharingWithGoogleSettings.create",
+      "cloudaicompanion.dataSharingWithGoogleSettings.delete",
+      "cloudaicompanion.dataSharingWithGoogleSettings.get",
+      "cloudaicompanion.dataSharingWithGoogleSettings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting_binding.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting_binding.json
new file mode 100644
index 00000000..35104cd6
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_data_sharing_with_google_setting_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsCreate",
+      "cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsDelete",
+      "cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsGet",
+      "cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUpdate"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting.json
new file mode 100644
index 00000000..8b4cab83
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.geminiGcpEnablementSettings.create",
+      "cloudaicompanion.geminiGcpEnablementSettings.delete",
+      "cloudaicompanion.geminiGcpEnablementSettings.get",
+      "cloudaicompanion.geminiGcpEnablementSettings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting_binding.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting_binding.json
new file mode 100644
index 00000000..d0298df6
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_gemini_gcp_enablement_setting_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.settingBindings.geminiGcpEnablementSettingsCreate",
+      "cloudaicompanion.settingBindings.geminiGcpEnablementSettingsDelete",
+      "cloudaicompanion.settingBindings.geminiGcpEnablementSettingsGet",
+      "cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUpdate"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_logging_setting.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_logging_setting.json
new file mode 100644
index 00000000..fcee370f
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_logging_setting.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.loggingSettings.create",
+      "cloudaicompanion.loggingSettings.delete",
+      "cloudaicompanion.loggingSettings.get",
+      "cloudaicompanion.loggingSettings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_logging_setting_binding.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_logging_setting_binding.json
new file mode 100644
index 00000000..ca33e164
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_logging_setting_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.settingBindings.loggingSettingsCreate",
+      "cloudaicompanion.settingBindings.loggingSettingsDelete",
+      "cloudaicompanion.settingBindings.loggingSettingsGet",
+      "cloudaicompanion.settingBindings.loggingSettingsUpdate"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting.json
new file mode 100644
index 00000000..c4adcb70
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.releaseChannelSettings.create",
+      "cloudaicompanion.releaseChannelSettings.delete",
+      "cloudaicompanion.releaseChannelSettings.get",
+      "cloudaicompanion.releaseChannelSettings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting_binding.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting_binding.json
new file mode 100644
index 00000000..0f059b11
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_release_channel_setting_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.settingBindings.releaseChannelSettingsCreate",
+      "cloudaicompanion.settingBindings.releaseChannelSettingsDelete",
+      "cloudaicompanion.settingBindings.releaseChannelSettingsGet",
+      "cloudaicompanion.settingBindings.releaseChannelSettingsUpdate"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group.json
new file mode 100644
index 00000000..6652c195
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.repositoryGroups.create",
+      "cloudaicompanion.repositoryGroups.delete",
+      "cloudaicompanion.repositoryGroups.get",
+      "cloudaicompanion.repositoryGroups.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_binding.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_binding.json
new file mode 100644
index 00000000..6d39c3bc
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.repositoryGroups.getIamPolicy",
+      "cloudaicompanion.repositoryGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudaicompanion.repositoryGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_member.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_member.json
new file mode 100644
index 00000000..6d39c3bc
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_member.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.repositoryGroups.getIamPolicy",
+      "cloudaicompanion.repositoryGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudaicompanion.repositoryGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_policy.json b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_policy.json
new file mode 100644
index 00000000..6d39c3bc
--- /dev/null
+++ b/src/mapping/google/resource/cloudaicompanion/google_gemini_repository_group_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudaicompanion.repositoryGroups.getIamPolicy",
+      "cloudaicompanion.repositoryGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudaicompanion.repositoryGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudbuild/google_cloudbuild_trigger.json b/src/mapping/google/resource/cloudbuild/google_cloudbuild_trigger.json
index e5051fe5..6a8c36df 100644
--- a/src/mapping/google/resource/cloudbuild/google_cloudbuild_trigger.json
+++ b/src/mapping/google/resource/cloudbuild/google_cloudbuild_trigger.json
@@ -10,6 +10,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "cloudbuild.builds.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection.json b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection.json
new file mode 100644
index 00000000..ddeb47ed
--- /dev/null
+++ b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "cloudbuild.connections.create",
+      "cloudbuild.connections.delete",
+      "cloudbuild.connections.get",
+      "cloudbuild.connections.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudbuild.connections.delete"
+    ],
+    "modify": [
+      "cloudbuild.connections.update"
+    ],
+    "plan": [
+      "cloudbuild.connections.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_binding.json b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_binding.json
new file mode 100644
index 00000000..3633066a
--- /dev/null
+++ b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_binding.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "cloudbuild.connections.getIamPolicy",
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "modify": [
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "plan": [
+      "cloudbuild.connections.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_member.json b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_member.json
new file mode 100644
index 00000000..3633066a
--- /dev/null
+++ b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_member.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "cloudbuild.connections.getIamPolicy",
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "modify": [
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "plan": [
+      "cloudbuild.connections.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_policy.json b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_policy.json
new file mode 100644
index 00000000..3633066a
--- /dev/null
+++ b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_connection_iam_policy.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "cloudbuild.connections.getIamPolicy",
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "modify": [
+      "cloudbuild.connections.setIamPolicy"
+    ],
+    "plan": [
+      "cloudbuild.connections.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_repository.json b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_repository.json
new file mode 100644
index 00000000..2b616422
--- /dev/null
+++ b/src/mapping/google/resource/cloudbuild/google_cloudbuildv2_repository.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudbuild.repositories.create",
+      "cloudbuild.repositories.delete",
+      "cloudbuild.repositories.fetchGitRefs",
+      "cloudbuild.repositories.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_binding.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_binding.json
new file mode 100644
index 00000000..4f97f84e
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "clouddeploy.customTargetTypes.getIamPolicy",
+      "clouddeploy.customTargetTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_member.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_member.json
new file mode 100644
index 00000000..4f97f84e
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "clouddeploy.customTargetTypes.getIamPolicy",
+      "clouddeploy.customTargetTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json
new file mode 100644
index 00000000..86c94851
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_custom_target_type_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "clouddeploy.customTargetTypes.getIamPolicy",
+      "clouddeploy.customTargetTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "clouddeploy.customTargetTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_binding.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_binding.json
new file mode 100644
index 00000000..252345bd
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "clouddeploy.deliveryPipelines.getIamPolicy",
+      "clouddeploy.deliveryPipelines.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_member.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_member.json
new file mode 100644
index 00000000..252345bd
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "clouddeploy.deliveryPipelines.getIamPolicy",
+      "clouddeploy.deliveryPipelines.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json
new file mode 100644
index 00000000..1d753cd9
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_delivery_pipeline_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "clouddeploy.deliveryPipelines.getIamPolicy",
+      "clouddeploy.deliveryPipelines.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "clouddeploy.deliveryPipelines.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_binding.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_binding.json
new file mode 100644
index 00000000..c4fff3fc
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "clouddeploy.targets.getIamPolicy",
+      "clouddeploy.targets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_member.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_member.json
new file mode 100644
index 00000000..c4fff3fc
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "clouddeploy.targets.getIamPolicy",
+      "clouddeploy.targets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_policy.json b/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_policy.json
new file mode 100644
index 00000000..57830ad4
--- /dev/null
+++ b/src/mapping/google/resource/clouddeploy/google_clouddeploy_target_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "clouddeploy.targets.getIamPolicy",
+      "clouddeploy.targets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "clouddeploy.targets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function.json b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function.json
new file mode 100644
index 00000000..794beaf2
--- /dev/null
+++ b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function.json
@@ -0,0 +1,24 @@
+[
+  {
+    "apply": [
+      "cloudfunctions.functions.create",
+      "cloudfunctions.functions.get",
+      "cloudfunctions.functions.update",
+      "cloudfunctions.functions.delete",
+      "cloudfunctions.operations.get",
+      "storage.objects.list"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudfunctions.functions.delete"
+    ],
+    "modify": [
+      "cloudfunctions.functions.update"
+    ],
+    "plan": [
+      "cloudfunctions.functions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_binding.json b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_binding.json
new file mode 100644
index 00000000..bbce8658
--- /dev/null
+++ b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "run.services.getIamPolicy",
+      "run.services.setIamPolicy",
+      "cloudfunctions.functions.getIamPolicy",
+      "cloudfunctions.functions.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_member.json b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_member.json
new file mode 100644
index 00000000..bbce8658
--- /dev/null
+++ b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_member.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "run.services.getIamPolicy",
+      "run.services.setIamPolicy",
+      "cloudfunctions.functions.getIamPolicy",
+      "cloudfunctions.functions.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_policy.json b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_policy.json
new file mode 100644
index 00000000..bbce8658
--- /dev/null
+++ b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions2_function_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "run.services.getIamPolicy",
+      "run.services.setIamPolicy",
+      "cloudfunctions.functions.getIamPolicy",
+      "cloudfunctions.functions.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function.json b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function.json
index d61d264e..29a714c2 100644
--- a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function.json
+++ b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function.json
@@ -1,12 +1,12 @@
 [
   {
     "apply": [
-      "iam.serviceAccounts.actAs",
       "cloudfunctions.functions.create",
       "cloudfunctions.operations.get",
       "cloudfunctions.functions.get",
       "cloudfunctions.functions.delete",
-      "cloudfunctions.functions.update"
+      "cloudfunctions.functions.update",
+      "storage.objects.list"
     ],
     "attributes": {
       "tags": []
@@ -15,6 +15,8 @@
       "cloudfunctions.functions.delete"
     ],
     "modify": [],
-    "plan": []
+    "plan": [
+      "cloudfunctions.functions.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_binding.json b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_binding.json
new file mode 100644
index 00000000..77663d7d
--- /dev/null
+++ b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "cloudfunctions.functions.setIamPolicy",
+      "cloudfunctions.functions.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_policy.json b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_policy.json
index 77663d7d..d77d4ada 100644
--- a/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_policy.json
+++ b/src/mapping/google/resource/cloudfunctions/google_cloudfunctions_function_iam_policy.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "cloudfunctions.functions.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_crypto_key.json b/src/mapping/google/resource/cloudkms/google_kms_crypto_key.json
index fb8cf48f..3bb2dae4 100644
--- a/src/mapping/google/resource/cloudkms/google_kms_crypto_key.json
+++ b/src/mapping/google/resource/cloudkms/google_kms_crypto_key.json
@@ -1,21 +1,23 @@
-[
-  {
-    "apply": [
-      "cloudkms.cryptoKeys.create",
-      "cloudkms.cryptoKeys.get",
-      "cloudkms.cryptoKeyVersions.list",
-      "cloudkms.cryptoKeyVersions.destroy",
-      "cloudkms.cryptoKeys.update"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "cloudkms.cryptoKeyVersions.destroy"
-    ],
-    "modify": [
-      "cloudkms.cryptoKeys.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "cloudkms.cryptoKeys.create",
+      "cloudkms.cryptoKeys.get",
+      "cloudkms.cryptoKeyVersions.list",
+      "cloudkms.cryptoKeyVersions.destroy",
+      "cloudkms.cryptoKeys.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudkms.cryptoKeyVersions.destroy"
+    ],
+    "modify": [
+      "cloudkms.cryptoKeys.update"
+    ],
+    "plan": [
+      "cloudkms.cryptoKeys.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_crypto_key_iam_policy.json b/src/mapping/google/resource/cloudkms/google_kms_crypto_key_iam_policy.json
index 43ac0ca3..6f09d3e1 100644
--- a/src/mapping/google/resource/cloudkms/google_kms_crypto_key_iam_policy.json
+++ b/src/mapping/google/resource/cloudkms/google_kms_crypto_key_iam_policy.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "cloudkms.cryptoKeys.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_crypto_key_version.json b/src/mapping/google/resource/cloudkms/google_kms_crypto_key_version.json
new file mode 100644
index 00000000..19b78ad9
--- /dev/null
+++ b/src/mapping/google/resource/cloudkms/google_kms_crypto_key_version.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudkms.cryptoKeyVersions.create",
+      "cloudkms.cryptoKeyVersions.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.cryptoKeyVersions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_key_handle.json b/src/mapping/google/resource/cloudkms/google_kms_key_handle.json
new file mode 100644
index 00000000..0559ad5c
--- /dev/null
+++ b/src/mapping/google/resource/cloudkms/google_kms_key_handle.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudkms.keyHandles.create",
+      "cloudkms.keyHandles.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.keyHandles.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_key_ring.json b/src/mapping/google/resource/cloudkms/google_kms_key_ring.json
index 0b29db2b..49f3ef53 100644
--- a/src/mapping/google/resource/cloudkms/google_kms_key_ring.json
+++ b/src/mapping/google/resource/cloudkms/google_kms_key_ring.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "cloudkms.keyRings.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_binding.json b/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_binding.json
new file mode 100644
index 00000000..01220ead
--- /dev/null
+++ b/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "cloudkms.keyRings.setIamPolicy",
+      "cloudkms.keyRings.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_member.json b/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_member.json
new file mode 100644
index 00000000..01220ead
--- /dev/null
+++ b/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "cloudkms.keyRings.setIamPolicy",
+      "cloudkms.keyRings.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_policy.json b/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_policy.json
new file mode 100644
index 00000000..cf15ca2c
--- /dev/null
+++ b/src/mapping/google/resource/cloudkms/google_kms_key_ring_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudkms.keyRings.setIamPolicy",
+      "cloudkms.keyRings.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.keyRings.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_key_ring_import_job.json b/src/mapping/google/resource/cloudkms/google_kms_key_ring_import_job.json
new file mode 100644
index 00000000..a962d24e
--- /dev/null
+++ b/src/mapping/google/resource/cloudkms/google_kms_key_ring_import_job.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "cloudkms.importJobs.create",
+      "cloudkms.importJobs.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudkms.importJobs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudkms/google_kms_secret_ciphertext.json b/src/mapping/google/resource/cloudkms/google_kms_secret_ciphertext.json
new file mode 100644
index 00000000..4eb63999
--- /dev/null
+++ b/src/mapping/google/resource/cloudkms/google_kms_secret_ciphertext.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "cloudkms.cryptoKeyVersions.useToEncrypt"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudsql/google_sql_database.json b/src/mapping/google/resource/cloudsql/google_sql_database.json
index 6b085c74..8f2db262 100644
--- a/src/mapping/google/resource/cloudsql/google_sql_database.json
+++ b/src/mapping/google/resource/cloudsql/google_sql_database.json
@@ -1,20 +1,22 @@
-[
-  {
-    "apply": [
-      "cloudsql.databases.create",
-      "cloudsql.databases.delete",
-      "cloudsql.databases.get",
-      "cloudsql.databases.update"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "cloudsql.databases.delete"
-    ],
-    "modify": [
-      "cloudsql.databases.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "cloudsql.databases.create",
+      "cloudsql.databases.delete",
+      "cloudsql.databases.get",
+      "cloudsql.databases.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudsql.databases.delete"
+    ],
+    "modify": [
+      "cloudsql.databases.update"
+    ],
+    "plan": [
+      "cloudsql.databases.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudsql/google_sql_database_instance.json b/src/mapping/google/resource/cloudsql/google_sql_database_instance.json
index f6c73287..dfdf682c 100644
--- a/src/mapping/google/resource/cloudsql/google_sql_database_instance.json
+++ b/src/mapping/google/resource/cloudsql/google_sql_database_instance.json
@@ -1,22 +1,24 @@
-[
-  {
-    "apply": [
-      "cloudsql.instances.create",
-      "cloudsql.instances.get",
-      "cloudsql.instances.delete",
-      "cloudsql.instances.update",
-      "cloudsql.users.list",
-      "cloudsql.users.delete"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "cloudsql.instances.delete"
-    ],
-    "modify": [
-      "cloudsql.instances.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "cloudsql.instances.create",
+      "cloudsql.instances.get",
+      "cloudsql.instances.delete",
+      "cloudsql.instances.update",
+      "cloudsql.users.list",
+      "cloudsql.users.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudsql.instances.delete"
+    ],
+    "modify": [
+      "cloudsql.instances.update"
+    ],
+    "plan": [
+      "cloudsql.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/cloudsql/google_sql_ssl_cert.json b/src/mapping/google/resource/cloudsql/google_sql_ssl_cert.json
new file mode 100644
index 00000000..28b71a1c
--- /dev/null
+++ b/src/mapping/google/resource/cloudsql/google_sql_ssl_cert.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "cloudsql.sslCerts.create",
+      "cloudsql.sslCerts.delete",
+      "cloudsql.sslCerts.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_binding.json b/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_binding.json
new file mode 100644
index 00000000..b75e4d12
--- /dev/null
+++ b/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "cloudtasks.queues.getIamPolicy",
+      "cloudtasks.queues.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_member.json b/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_member.json
new file mode 100644
index 00000000..b75e4d12
--- /dev/null
+++ b/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "cloudtasks.queues.getIamPolicy",
+      "cloudtasks.queues.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_policy.json b/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_policy.json
new file mode 100644
index 00000000..54013553
--- /dev/null
+++ b/src/mapping/google/resource/cloudtasks/google_cloud_tasks_queue_iam_policy.json
@@ -0,0 +1,18 @@
+[
+  {
+    "apply": [
+      "cloudtasks.queues.getIamPolicy",
+      "cloudtasks.queues.setIamPolicy",
+      "cloudtasks.queues.list"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudtasks.queues.getIamPolicy",
+      "cloudtasks.queues.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/composer/google_composer_environment.json b/src/mapping/google/resource/composer/google_composer_environment.json
new file mode 100644
index 00000000..6f510229
--- /dev/null
+++ b/src/mapping/google/resource/composer/google_composer_environment.json
@@ -0,0 +1,24 @@
+[
+  {
+    "apply": [
+      "composer.environments.create",
+      "composer.environments.delete",
+      "composer.environments.get",
+      "composer.environments.update",
+      "iam.serviceAccounts.actAs",
+      "composer.operations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "composer.environments.delete"
+    ],
+    "modify": [
+      "composer.environments.update"
+    ],
+    "plan": [
+      "composer.environments.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/composer/google_composer_user_workloads_config_map.json b/src/mapping/google/resource/composer/google_composer_user_workloads_config_map.json
new file mode 100644
index 00000000..cfa782e7
--- /dev/null
+++ b/src/mapping/google/resource/composer/google_composer_user_workloads_config_map.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "composer.userworkloadsconfigmaps.create",
+      "composer.userworkloadsconfigmaps.delete",
+      "composer.userworkloadsconfigmaps.get",
+      "composer.userworkloadsconfigmaps.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/composer/google_composer_user_workloads_secret.json b/src/mapping/google/resource/composer/google_composer_user_workloads_secret.json
new file mode 100644
index 00000000..084a11c7
--- /dev/null
+++ b/src/mapping/google/resource/composer/google_composer_user_workloads_secret.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "composer.userworkloadssecrets.create",
+      "composer.userworkloadssecrets.delete",
+      "composer.userworkloadssecrets.get",
+      "composer.userworkloadssecrets.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_address.json b/src/mapping/google/resource/compute/google_compute_address.json
index 7cae8c18..3ee6d9c6 100644
--- a/src/mapping/google/resource/compute/google_compute_address.json
+++ b/src/mapping/google/resource/compute/google_compute_address.json
@@ -17,6 +17,8 @@
       "compute.addresses.delete"
     ],
     "modify": [],
-    "plan": []
+    "plan": [
+      "compute.addresses.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_bucket.json b/src/mapping/google/resource/compute/google_compute_backend_bucket.json
new file mode 100644
index 00000000..2358f189
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_bucket.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.backendBuckets.create",
+      "compute.backendBuckets.get",
+      "compute.backendBuckets.update",
+      "compute.backendBuckets.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_binding.json b/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_binding.json
new file mode 100644
index 00000000..7b36fd5b
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.backendBuckets.setIamPolicy",
+      "compute.backendBuckets.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_member.json b/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_member.json
new file mode 100644
index 00000000..7b36fd5b
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.backendBuckets.setIamPolicy",
+      "compute.backendBuckets.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_policy.json b/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_policy.json
new file mode 100644
index 00000000..53546a85
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_bucket_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.backendBuckets.setIamPolicy",
+      "compute.backendBuckets.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.backendBuckets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_service.json b/src/mapping/google/resource/compute/google_compute_backend_service.json
new file mode 100644
index 00000000..71507945
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_service.json
@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "compute.backendServices.create",
+      "compute.backendServices.get",
+      "compute.backendServices.update",
+      "compute.backendServices.delete",
+      "compute.httpHealthChecks.useReadOnly",
+      "compute.healthChecks.useReadOnly",
+      "compute.httpsHealthChecks.useReadOnly"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_service_iam_binding.json b/src/mapping/google/resource/compute/google_compute_backend_service_iam_binding.json
new file mode 100644
index 00000000..9453ec82
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.backendServices.setIamPolicy",
+      "compute.backendServices.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_service_iam_member.json b/src/mapping/google/resource/compute/google_compute_backend_service_iam_member.json
new file mode 100644
index 00000000..9453ec82
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.backendServices.setIamPolicy",
+      "compute.backendServices.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_backend_service_iam_policy.json b/src/mapping/google/resource/compute/google_compute_backend_service_iam_policy.json
new file mode 100644
index 00000000..a4069e30
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_backend_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.backendServices.setIamPolicy",
+      "compute.backendServices.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.backendServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_disk_iam_binding.json b/src/mapping/google/resource/compute/google_compute_disk_iam_binding.json
new file mode 100644
index 00000000..710e90de
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_disk_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.disks.getIamPolicy",
+      "compute.disks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_disk_iam_member.json b/src/mapping/google/resource/compute/google_compute_disk_iam_member.json
new file mode 100644
index 00000000..710e90de
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_disk_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.disks.getIamPolicy",
+      "compute.disks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_disk_iam_policy.json b/src/mapping/google/resource/compute/google_compute_disk_iam_policy.json
new file mode 100644
index 00000000..85e1fa03
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_disk_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.disks.getIamPolicy",
+      "compute.disks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.disks.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_forwarding_rule.json b/src/mapping/google/resource/compute/google_compute_forwarding_rule.json
new file mode 100644
index 00000000..ccaae82b
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_forwarding_rule.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.forwardingRules.delete",
+      "compute.forwardingRules.create",
+      "compute.forwardingRules.get",
+      "compute.forwardingRules.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_global_address.json b/src/mapping/google/resource/compute/google_compute_global_address.json
index 5b2b2490..187f3bd4 100644
--- a/src/mapping/google/resource/compute/google_compute_global_address.json
+++ b/src/mapping/google/resource/compute/google_compute_global_address.json
@@ -15,6 +15,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "compute.globalAddresses.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/compute/google_compute_global_forwarding_rule.json b/src/mapping/google/resource/compute/google_compute_global_forwarding_rule.json
new file mode 100644
index 00000000..98ef98a8
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_global_forwarding_rule.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.globalForwardingRules.delete",
+      "compute.globalForwardingRules.create",
+      "compute.globalForwardingRules.get",
+      "compute.globalForwardingRules.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_global_network_endpoint_group.json b/src/mapping/google/resource/compute/google_compute_global_network_endpoint_group.json
new file mode 100644
index 00000000..fbecb55f
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_global_network_endpoint_group.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.globalNetworkEndpointGroups.delete",
+      "compute.globalNetworkEndpointGroups.get",
+      "compute.globalNetworkEndpointGroups.create",
+      "compute.globalOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_health_check.json b/src/mapping/google/resource/compute/google_compute_health_check.json
new file mode 100644
index 00000000..3ec76cfd
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_health_check.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "compute.healthChecks.create",
+      "compute.healthChecks.delete",
+      "compute.healthChecks.update",
+      "compute.healthChecks.get",
+      "compute.globalOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_http_health_check.json b/src/mapping/google/resource/compute/google_compute_http_health_check.json
new file mode 100644
index 00000000..842e0a6f
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_http_health_check.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.httpHealthChecks.create",
+      "compute.httpHealthChecks.get",
+      "compute.httpHealthChecks.update",
+      "compute.httpHealthChecks.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_https_health_check.json b/src/mapping/google/resource/compute/google_compute_https_health_check.json
new file mode 100644
index 00000000..9152f969
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_https_health_check.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "compute.httpsHealthChecks.create",
+      "compute.httpsHealthChecks.get",
+      "compute.httpsHealthChecks.update",
+      "compute.httpsHealthChecks.delete",
+      "compute.globalOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_image_iam_binding.json b/src/mapping/google/resource/compute/google_compute_image_iam_binding.json
new file mode 100644
index 00000000..8ec5191f
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_image_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.images.getIamPolicy",
+      "compute.images.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_image_iam_member.json b/src/mapping/google/resource/compute/google_compute_image_iam_member.json
new file mode 100644
index 00000000..8ec5191f
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_image_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.images.getIamPolicy",
+      "compute.images.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_image_iam_policy.json b/src/mapping/google/resource/compute/google_compute_image_iam_policy.json
new file mode 100644
index 00000000..ef9898b4
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_image_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.images.getIamPolicy",
+      "compute.images.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.images.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instance.json b/src/mapping/google/resource/compute/google_compute_instance.json
index 111ca465..8600589f 100644
--- a/src/mapping/google/resource/compute/google_compute_instance.json
+++ b/src/mapping/google/resource/compute/google_compute_instance.json
@@ -20,6 +20,8 @@
       "compute.instances.delete"
     ],
     "modify": [],
-    "plan": []
+    "plan": [
+      "compute.instances.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/compute/google_compute_instance_iam_binding.json b/src/mapping/google/resource/compute/google_compute_instance_iam_binding.json
new file mode 100644
index 00000000..4334d995
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instance_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.instances.getIamPolicy",
+      "compute.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instance_iam_member.json b/src/mapping/google/resource/compute/google_compute_instance_iam_member.json
new file mode 100644
index 00000000..4334d995
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instance_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.instances.getIamPolicy",
+      "compute.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instance_iam_policy.json b/src/mapping/google/resource/compute/google_compute_instance_iam_policy.json
new file mode 100644
index 00000000..4334d995
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instance_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.instances.getIamPolicy",
+      "compute.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instance_template.json b/src/mapping/google/resource/compute/google_compute_instance_template.json
index cc2d5d4b..4e86c569 100644
--- a/src/mapping/google/resource/compute/google_compute_instance_template.json
+++ b/src/mapping/google/resource/compute/google_compute_instance_template.json
@@ -13,6 +13,8 @@
       "compute.instanceTemplates.delete"
     ],
     "modify": [],
-    "plan": []
+    "plan": [
+      "compute.instanceTemplates.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/compute/google_compute_instance_template_iam_binding.json b/src/mapping/google/resource/compute/google_compute_instance_template_iam_binding.json
new file mode 100644
index 00000000..1aab841c
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instance_template_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.instanceTemplates.getIamPolicy",
+      "compute.instanceTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instance_template_iam_member.json b/src/mapping/google/resource/compute/google_compute_instance_template_iam_member.json
new file mode 100644
index 00000000..1aab841c
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instance_template_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.instanceTemplates.getIamPolicy",
+      "compute.instanceTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instance_template_iam_policy.json b/src/mapping/google/resource/compute/google_compute_instance_template_iam_policy.json
new file mode 100644
index 00000000..54187607
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instance_template_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.instanceTemplates.getIamPolicy",
+      "compute.instanceTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.instanceTemplates.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_binding.json b/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_binding.json
new file mode 100644
index 00000000..54a48d6c
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.instantSnapshots.getIamPolicy",
+      "compute.instantSnapshots.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_member.json b/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_member.json
new file mode 100644
index 00000000..54a48d6c
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.instantSnapshots.getIamPolicy",
+      "compute.instantSnapshots.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_policy.json b/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_policy.json
new file mode 100644
index 00000000..055038da
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_instant_snapshot_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.instantSnapshots.getIamPolicy",
+      "compute.instantSnapshots.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.instantSnapshots.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_machine_image_iam_binding.json b/src/mapping/google/resource/compute/google_compute_machine_image_iam_binding.json
new file mode 100644
index 00000000..7f170c84
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_machine_image_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.machineImages.getIamPolicy",
+      "compute.machineImages.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_machine_image_iam_member.json b/src/mapping/google/resource/compute/google_compute_machine_image_iam_member.json
new file mode 100644
index 00000000..7f170c84
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_machine_image_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.machineImages.getIamPolicy",
+      "compute.machineImages.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_machine_image_iam_policy.json b/src/mapping/google/resource/compute/google_compute_machine_image_iam_policy.json
new file mode 100644
index 00000000..4faa0149
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_machine_image_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.machineImages.getIamPolicy",
+      "compute.machineImages.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.machineImages.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_network.json b/src/mapping/google/resource/compute/google_compute_network.json
index 61516d5f..627bb0fa 100644
--- a/src/mapping/google/resource/compute/google_compute_network.json
+++ b/src/mapping/google/resource/compute/google_compute_network.json
@@ -1,16 +1,18 @@
-[
-  {
-    "apply": [
-      "compute.networks.create",
-      "compute.networks.get"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "compute.networks.delete"
-    ],
-    "modify": [],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "compute.networks.create",
+      "compute.networks.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "compute.networks.delete"
+    ],
+    "modify": [],
+    "plan": [
+      "compute.networks.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_network_attachment.json b/src/mapping/google/resource/compute/google_compute_network_attachment.json
new file mode 100644
index 00000000..10dc9ec7
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_network_attachment.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.networkAttachments.create",
+      "compute.networkAttachments.delete",
+      "compute.networkAttachments.update",
+      "compute.networkAttachments.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_network_endpoint_group.json b/src/mapping/google/resource/compute/google_compute_network_endpoint_group.json
new file mode 100644
index 00000000..42356cd8
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_network_endpoint_group.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "compute.networkEndpointGroups.create",
+      "compute.networkEndpointGroups.get",
+      "compute.networkEndpointGroups.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_backend_service.json b/src/mapping/google/resource/compute/google_compute_region_backend_service.json
new file mode 100644
index 00000000..8a41913d
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_backend_service.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "compute.regionBackendServices.create",
+      "compute.regionBackendServices.get",
+      "compute.regionBackendServices.update",
+      "compute.regionBackendServices.delete",
+      "compute.healthChecks.useReadOnly",
+      "compute.httpHealthChecks.useReadOnly",
+      "compute.httpsHealthChecks.useReadOnly",
+      "compute.regionHealthChecks.useReadOnly"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_binding.json b/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_binding.json
new file mode 100644
index 00000000..c5f8e63b
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.regionBackendServices.getIamPolicy",
+      "compute.regionBackendServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_member.json b/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_member.json
new file mode 100644
index 00000000..c5f8e63b
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.regionBackendServices.getIamPolicy",
+      "compute.regionBackendServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_policy.json b/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_policy.json
new file mode 100644
index 00000000..9c0e8c4f
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_backend_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.regionBackendServices.getIamPolicy",
+      "compute.regionBackendServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.regionBackendServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_disk_iam_binding.json b/src/mapping/google/resource/compute/google_compute_region_disk_iam_binding.json
new file mode 100644
index 00000000..710e90de
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_disk_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.disks.getIamPolicy",
+      "compute.disks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_disk_iam_member.json b/src/mapping/google/resource/compute/google_compute_region_disk_iam_member.json
new file mode 100644
index 00000000..710e90de
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_disk_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.disks.getIamPolicy",
+      "compute.disks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_disk_iam_policy.json b/src/mapping/google/resource/compute/google_compute_region_disk_iam_policy.json
new file mode 100644
index 00000000..c257cb5f
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_disk_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.disks.getIamPolicy",
+      "compute.disks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.disks.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_health_check.json b/src/mapping/google/resource/compute/google_compute_region_health_check.json
new file mode 100644
index 00000000..203d7af2
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_health_check.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.regionHealthChecks.create",
+      "compute.regionHealthChecks.delete",
+      "compute.regionHealthChecks.update",
+      "compute.regionHealthChecks.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_network_endpoint_group.json b/src/mapping/google/resource/compute/google_compute_region_network_endpoint_group.json
new file mode 100644
index 00000000..7aaaa748
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_network_endpoint_group.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.regionNetworkEndpointGroups.create",
+      "compute.regionNetworkEndpointGroups.get",
+      "compute.regionNetworkEndpointGroups.delete",
+      "compute.regionOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_target_http_proxy.json b/src/mapping/google/resource/compute/google_compute_region_target_http_proxy.json
new file mode 100644
index 00000000..4839531e
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_target_http_proxy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.regionTargetHttpProxies.create",
+      "compute.regionTargetHttpProxies.get",
+      "compute.regionTargetHttpProxies.update",
+      "compute.regionTargetHttpProxies.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_target_https_proxy.json b/src/mapping/google/resource/compute/google_compute_region_target_https_proxy.json
new file mode 100644
index 00000000..be23d36e
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_target_https_proxy.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "compute.regionTargetHttpsProxies.create",
+      "compute.regionTargetHttpsProxies.get",
+      "compute.regionTargetHttpsProxies.update",
+      "compute.regionTargetHttpsProxies.delete"
+    ],
+    "attributes": {
+      "ssl_certificates": [
+        "compute.regionSslCertificates.get",
+        "compute.regionTargetHttpsProxies.setSslCertificates"
+      ],
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_target_tcp_proxy.json b/src/mapping/google/resource/compute/google_compute_region_target_tcp_proxy.json
new file mode 100644
index 00000000..6257df9c
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_target_tcp_proxy.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "compute.regionTargetTcpProxies.create",
+      "compute.regionTargetTcpProxies.get",
+      "compute.regionTargetTcpProxies.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_region_url_map.json b/src/mapping/google/resource/compute/google_compute_region_url_map.json
new file mode 100644
index 00000000..2f8325fc
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_region_url_map.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "compute.regionBackendServices.use",
+      "compute.regionUrlMaps.create",
+      "compute.regionUrlMaps.get",
+      "compute.regionUrlMaps.update",
+      "compute.regionUrlMaps.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_snapshot_iam_binding.json b/src/mapping/google/resource/compute/google_compute_snapshot_iam_binding.json
new file mode 100644
index 00000000..d98fcab2
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_snapshot_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.snapshots.getIamPolicy",
+      "compute.snapshots.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_snapshot_iam_member.json b/src/mapping/google/resource/compute/google_compute_snapshot_iam_member.json
new file mode 100644
index 00000000..d98fcab2
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_snapshot_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.snapshots.getIamPolicy",
+      "compute.snapshots.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_snapshot_iam_policy.json b/src/mapping/google/resource/compute/google_compute_snapshot_iam_policy.json
new file mode 100644
index 00000000..81f35406
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_snapshot_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.snapshots.getIamPolicy",
+      "compute.snapshots.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.snapshots.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_storage_pool_iam_binding.json b/src/mapping/google/resource/compute/google_compute_storage_pool_iam_binding.json
new file mode 100644
index 00000000..7714b4b3
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_storage_pool_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.storagePools.getIamPolicy",
+      "compute.storagePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_storage_pool_iam_member.json b/src/mapping/google/resource/compute/google_compute_storage_pool_iam_member.json
new file mode 100644
index 00000000..7714b4b3
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_storage_pool_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.storagePools.getIamPolicy",
+      "compute.storagePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_storage_pool_iam_policy.json b/src/mapping/google/resource/compute/google_compute_storage_pool_iam_policy.json
new file mode 100644
index 00000000..cb3f877a
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_storage_pool_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.storagePools.getIamPolicy",
+      "compute.storagePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.storagePools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_subnetwork.json b/src/mapping/google/resource/compute/google_compute_subnetwork.json
index d2d7e58e..efac1fa8 100644
--- a/src/mapping/google/resource/compute/google_compute_subnetwork.json
+++ b/src/mapping/google/resource/compute/google_compute_subnetwork.json
@@ -13,6 +13,8 @@
       "compute.subnetworks.delete"
     ],
     "modify": [],
-    "plan": []
+    "plan": [
+      "compute.subnetworks.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/compute/google_compute_subnetwork_iam_binding.json b/src/mapping/google/resource/compute/google_compute_subnetwork_iam_binding.json
new file mode 100644
index 00000000..18d45216
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_subnetwork_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "compute.subnetworks.getIamPolicy",
+      "compute.subnetworks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_subnetwork_iam_member.json b/src/mapping/google/resource/compute/google_compute_subnetwork_iam_member.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_subnetwork_iam_member.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_subnetwork_iam_policy.json b/src/mapping/google/resource/compute/google_compute_subnetwork_iam_policy.json
new file mode 100644
index 00000000..5575bb10
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_subnetwork_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.subnetworks.getIamPolicy",
+      "compute.subnetworks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "compute.subnetworks.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_target_http_proxy.json b/src/mapping/google/resource/compute/google_compute_target_http_proxy.json
new file mode 100644
index 00000000..889d00d3
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_target_http_proxy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.targetHttpProxies.create",
+      "compute.targetHttpProxies.delete",
+      "compute.targetHttpProxies.update",
+      "compute.targetHttpProxies.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_target_https_proxy.json b/src/mapping/google/resource/compute/google_compute_target_https_proxy.json
new file mode 100644
index 00000000..8ec69317
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_target_https_proxy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "compute.targetHttpsProxies.create",
+      "compute.targetHttpsProxies.delete",
+      "compute.targetHttpsProxies.update",
+      "compute.targetHttpsProxies.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_compute_url_map.json b/src/mapping/google/resource/compute/google_compute_url_map.json
new file mode 100644
index 00000000..481225c1
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_compute_url_map.json
@@ -0,0 +1,18 @@
+[
+  {
+    "apply": [
+      "compute.backendBuckets.use",
+      "compute.backendServices.use",
+      "compute.urlMaps.create",
+      "compute.urlMaps.get",
+      "compute.urlMaps.update",
+      "compute.urlMaps.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/compute/google_project_usage_export_bucket.json b/src/mapping/google/resource/compute/google_project_usage_export_bucket.json
new file mode 100644
index 00000000..6031d67b
--- /dev/null
+++ b/src/mapping/google/resource/compute/google_project_usage_export_bucket.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "compute.projects.setUsageExportBucket",
+      "compute.globalOperations.get",
+      "compute.projects.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/contactcenterinsights/google_contact_center_insights_analysis_rule.json b/src/mapping/google/resource/contactcenterinsights/google_contact_center_insights_analysis_rule.json
new file mode 100644
index 00000000..9ecc7e83
--- /dev/null
+++ b/src/mapping/google/resource/contactcenterinsights/google_contact_center_insights_analysis_rule.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "contactcenterinsights.analysisRules.create",
+      "contactcenterinsights.analysisRules.delete",
+      "contactcenterinsights.analysisRules.get",
+      "contactcenterinsights.analysisRules.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/contactcenterinsights/google_contact_center_insights_view.json b/src/mapping/google/resource/contactcenterinsights/google_contact_center_insights_view.json
new file mode 100644
index 00000000..9d63fe76
--- /dev/null
+++ b/src/mapping/google/resource/contactcenterinsights/google_contact_center_insights_view.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "contactcenterinsights.views.create",
+      "contactcenterinsights.views.delete",
+      "contactcenterinsights.views.get",
+      "contactcenterinsights.views.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/container/google_container_cluster.json b/src/mapping/google/resource/container/google_container_cluster.json
index 59446403..5ac2b910 100644
--- a/src/mapping/google/resource/container/google_container_cluster.json
+++ b/src/mapping/google/resource/container/google_container_cluster.json
@@ -1,22 +1,24 @@
-[
-  {
-    "apply": [
-      "container.clusters.create",
-      "container.operations.get",
-      "container.clusters.get",
-      "compute.instanceGroupManagers.get",
-      "container.clusters.delete",
-      "container.clusters.update"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "container.clusters.delete"
-    ],
-    "modify": [
-      "container.clusters.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "container.clusters.create",
+      "container.operations.get",
+      "container.clusters.get",
+      "compute.instanceGroupManagers.get",
+      "container.clusters.delete",
+      "container.clusters.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "container.clusters.delete"
+    ],
+    "modify": [
+      "container.clusters.update"
+    ],
+    "plan": [
+      "container.clusters.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_binding.json b/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_binding.json
new file mode 100644
index 00000000..6b0f4bc4
--- /dev/null
+++ b/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "containeranalysis.notes.getIamPolicy",
+      "containeranalysis.notes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_member.json b/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_member.json
new file mode 100644
index 00000000..6b0f4bc4
--- /dev/null
+++ b/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "containeranalysis.notes.getIamPolicy",
+      "containeranalysis.notes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_policy.json b/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_policy.json
new file mode 100644
index 00000000..cc44d773
--- /dev/null
+++ b/src/mapping/google/resource/containeranalysis/google_container_analysis_note_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "containeranalysis.notes.getIamPolicy",
+      "containeranalysis.notes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "containeranalysis.notes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy.json b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy.json
new file mode 100644
index 00000000..f4482a6f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.setIamPolicy",
+      "datacatalog.tagTemplates.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_binding.json b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_binding.json
new file mode 100644
index 00000000..f4482a6f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.setIamPolicy",
+      "datacatalog.tagTemplates.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_member.json b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_member.json
new file mode 100644
index 00000000..f4482a6f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.setIamPolicy",
+      "datacatalog.tagTemplates.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_policy.json b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_policy.json
new file mode 100644
index 00000000..f4482a6f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_bigquery_datapolicy_data_policy_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.setIamPolicy",
+      "datacatalog.tagTemplates.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_entry.json b/src/mapping/google/resource/datacatalog/google_data_catalog_entry.json
new file mode 100644
index 00000000..bfdc63a3
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_entry.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "datacatalog.entries.create",
+      "datacatalog.entries.get",
+      "datacatalog.entries.update",
+      "datacatalog.entries.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "datacatalog.entries.delete"
+    ],
+    "modify": [
+      "datacatalog.entries.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group.json b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group.json
new file mode 100644
index 00000000..05f217a1
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "datacatalog.entryGroups.create",
+      "datacatalog.entryGroups.get",
+      "datacatalog.entryGroups.update",
+      "datacatalog.entryGroups.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "datacatalog.entryGroups.delete"
+    ],
+    "modify": [
+      "datacatalog.entryGroups.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_binding.json b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_binding.json
new file mode 100644
index 00000000..506d3f61
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.entryGroups.setIamPolicy",
+      "datacatalog.entryGroups.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_member.json b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_member.json
new file mode 100644
index 00000000..506d3f61
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.entryGroups.setIamPolicy",
+      "datacatalog.entryGroups.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_policy.json b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_policy.json
new file mode 100644
index 00000000..506d3f61
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_entry_group_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.entryGroups.setIamPolicy",
+      "datacatalog.entryGroups.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag.json b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_binding.json b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_binding.json
new file mode 100644
index 00000000..c3c2c148
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.categories.getIamPolicy",
+      "datacatalog.categories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_member.json b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_member.json
new file mode 100644
index 00000000..ee196a44
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.categories.getIamPolicy",
+      "datacatalog.categories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_policy.json b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_policy.json
new file mode 100644
index 00000000..c3c2c148
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_policy_tag_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.categories.getIamPolicy",
+      "datacatalog.categories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_tag.json b/src/mapping/google/resource/datacatalog/google_data_catalog_tag.json
new file mode 100644
index 00000000..77b6b2d3
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_tag.json
@@ -0,0 +1,21 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.get",
+      "datacatalog.tagTemplates.getTag",
+      "datacatalog.tagTemplates.use",
+      "datacatalog.tagTemplates.delete",
+      "datacatalog.entries.updateTag"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "datacatalog.tagTemplates.delete"
+    ],
+    "modify": [
+      "datacatalog.entries.updateTag"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template.json b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template.json
new file mode 100644
index 00000000..ad05a33f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.create",
+      "datacatalog.tagTemplates.getIamPolicy",
+      "datacatalog.tagTemplates.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_binding.json b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_binding.json
new file mode 100644
index 00000000..f4482a6f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.setIamPolicy",
+      "datacatalog.tagTemplates.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_member.json b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_member.json
new file mode 100644
index 00000000..f4482a6f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.setIamPolicy",
+      "datacatalog.tagTemplates.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_policy.json b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_policy.json
new file mode 100644
index 00000000..f4482a6f
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_tag_template_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.tagTemplates.setIamPolicy",
+      "datacatalog.tagTemplates.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy.json b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy.json
new file mode 100644
index 00000000..9ad67899
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "datacatalog.taxonomies.create",
+      "datacatalog.taxonomies.get",
+      "datacatalog.taxonomies.update",
+      "datacatalog.taxonomies.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "datacatalog.taxonomies.delete"
+    ],
+    "modify": [
+      "datacatalog.taxonomies.update"
+    ],
+    "plan": [
+      "datacatalog.taxonomies.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_binding.json b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_binding.json
new file mode 100644
index 00000000..cfab57bb
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.taxonomies.setIamPolicy",
+      "datacatalog.taxonomies.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_member.json b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_member.json
new file mode 100644
index 00000000..cfab57bb
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datacatalog.taxonomies.setIamPolicy",
+      "datacatalog.taxonomies.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_policy.json b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_policy.json
new file mode 100644
index 00000000..c257ce68
--- /dev/null
+++ b/src/mapping/google/resource/datacatalog/google_data_catalog_taxonomy_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "datacatalog.taxonomies.setIamPolicy",
+      "datacatalog.taxonomies.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "datacatalog.taxonomies.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataflow/google_dataflow_job.json b/src/mapping/google/resource/dataflow/google_dataflow_job.json
new file mode 100644
index 00000000..4562a75f
--- /dev/null
+++ b/src/mapping/google/resource/dataflow/google_dataflow_job.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "resourcemanager.projects.get",
+      "dataflow.jobs.create",
+      "dataflow.jobs.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataform/google_dataform_repository.json b/src/mapping/google/resource/dataform/google_dataform_repository.json
new file mode 100644
index 00000000..da37c3fb
--- /dev/null
+++ b/src/mapping/google/resource/dataform/google_dataform_repository.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "dataform.repositories.create",
+      "dataform.repositories.get",
+      "dataform.repositories.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataform/google_dataform_repository_iam_binding.json b/src/mapping/google/resource/dataform/google_dataform_repository_iam_binding.json
new file mode 100644
index 00000000..945538b1
--- /dev/null
+++ b/src/mapping/google/resource/dataform/google_dataform_repository_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataform.repositories.getIamPolicy",
+      "dataform.repositories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataform/google_dataform_repository_iam_member.json b/src/mapping/google/resource/dataform/google_dataform_repository_iam_member.json
new file mode 100644
index 00000000..945538b1
--- /dev/null
+++ b/src/mapping/google/resource/dataform/google_dataform_repository_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataform.repositories.getIamPolicy",
+      "dataform.repositories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataform/google_dataform_repository_iam_policy.json b/src/mapping/google/resource/dataform/google_dataform_repository_iam_policy.json
new file mode 100644
index 00000000..f84ffe5e
--- /dev/null
+++ b/src/mapping/google/resource/dataform/google_dataform_repository_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataform.repositories.getIamPolicy",
+      "dataform.repositories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataform.repositories.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataform/google_dataform_repository_release_config.json b/src/mapping/google/resource/dataform/google_dataform_repository_release_config.json
new file mode 100644
index 00000000..038bee36
--- /dev/null
+++ b/src/mapping/google/resource/dataform/google_dataform_repository_release_config.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataform.releaseConfigs.create",
+      "dataform.releaseConfigs.get",
+      "dataform.releaseConfigs.update",
+      "dataform.releaseConfigs.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataform/google_dataform_repository_workflow_config.json b/src/mapping/google/resource/dataform/google_dataform_repository_workflow_config.json
new file mode 100644
index 00000000..1bb346ec
--- /dev/null
+++ b/src/mapping/google/resource/dataform/google_dataform_repository_workflow_config.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataform.workflowConfigs.create",
+      "dataform.workflowConfigs.get",
+      "dataform.workflowConfigs.update",
+      "dataform.workflowConfigs.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_binding.json b/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_binding.json
new file mode 100644
index 00000000..a70aae7c
--- /dev/null
+++ b/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datafusion.instances.getIamPolicy",
+      "datafusion.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_member.json b/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_member.json
new file mode 100644
index 00000000..a70aae7c
--- /dev/null
+++ b/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "datafusion.instances.getIamPolicy",
+      "datafusion.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_policy.json b/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_policy.json
new file mode 100644
index 00000000..b89ee453
--- /dev/null
+++ b/src/mapping/google/resource/datafusion/google_data_fusion_instance_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "datafusion.instances.getIamPolicy",
+      "datafusion.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "datafusion.instances.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_aspect_type.json b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type.json
new file mode 100644
index 00000000..c37476af
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.aspectTypes.create",
+      "dataplex.aspectTypes.delete",
+      "dataplex.aspectTypes.get",
+      "dataplex.aspectTypes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_binding.json
new file mode 100644
index 00000000..05fc6b20
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.aspectTypes.getIamPolicy",
+      "dataplex.aspectTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_member.json
new file mode 100644
index 00000000..05fc6b20
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.aspectTypes.getIamPolicy",
+      "dataplex.aspectTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_policy.json
new file mode 100644
index 00000000..7c76e4b5
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_aspect_type_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.aspectTypes.getIamPolicy",
+      "dataplex.aspectTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.aspectTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_asset.json b/src/mapping/google/resource/dataplex/google_dataplex_asset.json
new file mode 100644
index 00000000..fd5bce16
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_asset.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.assets.create",
+      "dataplex.assets.delete",
+      "dataplex.assets.get",
+      "dataplex.assets.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_binding.json
new file mode 100644
index 00000000..373e1c4b
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.assets.getIamPolicy",
+      "dataplex.assets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_member.json
new file mode 100644
index 00000000..373e1c4b
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.assets.getIamPolicy",
+      "dataplex.assets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_policy.json
new file mode 100644
index 00000000..d80ff76c
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_asset_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.assets.getIamPolicy",
+      "dataplex.assets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.assets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_datascan.json b/src/mapping/google/resource/dataplex/google_dataplex_datascan.json
new file mode 100644
index 00000000..18e60a74
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_datascan.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.datascans.create",
+      "dataplex.datascans.delete",
+      "dataplex.datascans.get",
+      "dataplex.datascans.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_binding.json
new file mode 100644
index 00000000..54172815
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.datascans.getIamPolicy",
+      "dataplex.datascans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_member.json
new file mode 100644
index 00000000..54172815
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.datascans.getIamPolicy",
+      "dataplex.datascans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_policy.json
new file mode 100644
index 00000000..b2e1eef7
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_datascan_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.datascans.getIamPolicy",
+      "dataplex.datascans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.datascans.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry.json b/src/mapping/google/resource/dataplex/google_dataplex_entry.json
new file mode 100644
index 00000000..cf24b229
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.entries.create",
+      "dataplex.entries.delete",
+      "dataplex.entries.get",
+      "dataplex.entries.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_group.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_group.json
new file mode 100644
index 00000000..a4b1b19c
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_group.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.entryGroups.create",
+      "dataplex.entryGroups.delete",
+      "dataplex.entryGroups.get",
+      "dataplex.entryGroups.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_binding.json
new file mode 100644
index 00000000..71fca963
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.entryGroups.getIamPolicy",
+      "dataplex.entryGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_member.json
new file mode 100644
index 00000000..71fca963
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.entryGroups.getIamPolicy",
+      "dataplex.entryGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_policy.json
new file mode 100644
index 00000000..22829f17
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_group_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.entryGroups.getIamPolicy",
+      "dataplex.entryGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.entryGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_type.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_type.json
new file mode 100644
index 00000000..b7c13bb1
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_type.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.entryTypes.create",
+      "dataplex.entryTypes.delete",
+      "dataplex.entryTypes.get",
+      "dataplex.entryTypes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_binding.json
new file mode 100644
index 00000000..025abc2c
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.entryTypes.getIamPolicy",
+      "dataplex.entryTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_member.json
new file mode 100644
index 00000000..025abc2c
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.entryTypes.getIamPolicy",
+      "dataplex.entryTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_policy.json
new file mode 100644
index 00000000..c08904bf
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_entry_type_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.entryTypes.getIamPolicy",
+      "dataplex.entryTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.entryTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_glossary.json b/src/mapping/google/resource/dataplex/google_dataplex_glossary.json
new file mode 100644
index 00000000..d7452cbb
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_glossary.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "dataplex.glossaries.create",
+      "dataplex.glossaries.get",
+      "dataplex.glossaries.update",
+      "dataplex.operations.get",
+      "dataplex.glossaries.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_glossary_category.json b/src/mapping/google/resource/dataplex/google_dataplex_glossary_category.json
new file mode 100644
index 00000000..bbbc5abd
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_glossary_category.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.glossaryCategories.create",
+      "dataplex.glossaryCategories.get",
+      "dataplex.glossaryCategories.update",
+      "dataplex.glossaryCategories.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_binding.json
new file mode 100644
index 00000000..a80e4286
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.glossaries.getIamPolicy",
+      "dataplex.glossaries.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_member.json
new file mode 100644
index 00000000..a80e4286
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.glossaries.getIamPolicy",
+      "dataplex.glossaries.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_policy.json
new file mode 100644
index 00000000..d44a08bf
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_glossary_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.glossaries.getIamPolicy",
+      "dataplex.glossaries.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.glossaries.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_glossary_term.json b/src/mapping/google/resource/dataplex/google_dataplex_glossary_term.json
new file mode 100644
index 00000000..5865073a
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_glossary_term.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.glossaryTerms.create",
+      "dataplex.glossaryTerms.get",
+      "dataplex.glossaryTerms.update",
+      "dataplex.glossaryTerms.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_lake.json b/src/mapping/google/resource/dataplex/google_dataplex_lake.json
new file mode 100644
index 00000000..278ae353
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_lake.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.lakes.create",
+      "dataplex.lakes.delete",
+      "dataplex.lakes.get",
+      "dataplex.lakes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_binding.json
new file mode 100644
index 00000000..d2e1276d
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.lakes.setIamPolicy",
+      "dataplex.lakes.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_member.json
new file mode 100644
index 00000000..d2e1276d
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.lakes.setIamPolicy",
+      "dataplex.lakes.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_policy.json
new file mode 100644
index 00000000..4800f72e
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_lake_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.lakes.setIamPolicy",
+      "dataplex.lakes.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.lakes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_task.json b/src/mapping/google/resource/dataplex/google_dataplex_task.json
new file mode 100644
index 00000000..d0a43fa1
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_task.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.tasks.create",
+      "dataplex.tasks.delete",
+      "dataplex.tasks.get",
+      "dataplex.tasks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_task_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_task_iam_binding.json
new file mode 100644
index 00000000..a0487f9a
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_task_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.tasks.getIamPolicy",
+      "dataplex.tasks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_task_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_task_iam_member.json
new file mode 100644
index 00000000..a0487f9a
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_task_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.tasks.getIamPolicy",
+      "dataplex.tasks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_task_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_task_iam_policy.json
new file mode 100644
index 00000000..89c0645e
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_task_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.tasks.getIamPolicy",
+      "dataplex.tasks.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.tasks.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_zone.json b/src/mapping/google/resource/dataplex/google_dataplex_zone.json
new file mode 100644
index 00000000..eb4b730c
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_zone.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.zones.create",
+      "dataplex.zones.delete",
+      "dataplex.zones.get",
+      "dataplex.zones.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_binding.json b/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_binding.json
new file mode 100644
index 00000000..27938fa5
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.zones.getIamPolicy",
+      "dataplex.zones.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_member.json b/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_member.json
new file mode 100644
index 00000000..27938fa5
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataplex.zones.getIamPolicy",
+      "dataplex.zones.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_policy.json b/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_policy.json
new file mode 100644
index 00000000..54a95c83
--- /dev/null
+++ b/src/mapping/google/resource/dataplex/google_dataplex_zone_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataplex.zones.getIamPolicy",
+      "dataplex.zones.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dataplex.zones.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy.json b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy.json
new file mode 100644
index 00000000..e09fa3f6
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataproc.autoscalingPolicies.update",
+      "dataproc.autoscalingPolicies.get",
+      "dataproc.autoscalingPolicies.delete",
+      "dataproc.autoscalingPolicies.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_binding.json b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_binding.json
new file mode 100644
index 00000000..5254b2d9
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.autoscalingPolicies.getIamPolicy",
+      "dataproc.autoscalingPolicies.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_member.json b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_member.json
new file mode 100644
index 00000000..5254b2d9
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.autoscalingPolicies.getIamPolicy",
+      "dataproc.autoscalingPolicies.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_policy.json b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_policy.json
new file mode 100644
index 00000000..5254b2d9
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_autoscaling_policy_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.autoscalingPolicies.getIamPolicy",
+      "dataproc.autoscalingPolicies.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_batch.json b/src/mapping/google/resource/dataproc/google_dataproc_batch.json
new file mode 100644
index 00000000..5b72d8f0
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_batch.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "dataproc.batches.get",
+      "dataproc.batches.delete",
+      "dataproc.batches.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_cluster.json b/src/mapping/google/resource/dataproc/google_dataproc_cluster.json
new file mode 100644
index 00000000..30e38690
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_cluster.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataproc.clusters.update",
+      "dataproc.clusters.get",
+      "dataproc.clusters.delete",
+      "dataproc.clusters.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_binding.json b/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_binding.json
new file mode 100644
index 00000000..30eeb478
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.clusters.getIamPolicy",
+      "dataproc.clusters.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_member.json b/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_member.json
new file mode 100644
index 00000000..30eeb478
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.clusters.getIamPolicy",
+      "dataproc.clusters.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_policy.json b/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_policy.json
new file mode 100644
index 00000000..30eeb478
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_cluster_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.clusters.getIamPolicy",
+      "dataproc.clusters.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_job.json b/src/mapping/google/resource/dataproc/google_dataproc_job.json
new file mode 100644
index 00000000..153afa8d
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_job.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataproc.jobs.update",
+      "dataproc.jobs.get",
+      "dataproc.jobs.delete",
+      "dataproc.jobs.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_job_iam_binding.json b/src/mapping/google/resource/dataproc/google_dataproc_job_iam_binding.json
new file mode 100644
index 00000000..382d37ce
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_job_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.jobs.getIamPolicy",
+      "dataproc.jobs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_job_iam_member.json b/src/mapping/google/resource/dataproc/google_dataproc_job_iam_member.json
new file mode 100644
index 00000000..382d37ce
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_job_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.jobs.getIamPolicy",
+      "dataproc.jobs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_job_iam_policy.json b/src/mapping/google/resource/dataproc/google_dataproc_job_iam_policy.json
new file mode 100644
index 00000000..382d37ce
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_job_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dataproc.jobs.getIamPolicy",
+      "dataproc.jobs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_session_template.json b/src/mapping/google/resource/dataproc/google_dataproc_session_template.json
new file mode 100644
index 00000000..ea0a508b
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_session_template.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataproc.sessionTemplates.update",
+      "dataproc.sessionTemplates.get",
+      "dataproc.sessionTemplates.delete",
+      "dataproc.sessionTemplates.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dataproc/google_dataproc_workflow_template.json b/src/mapping/google/resource/dataproc/google_dataproc_workflow_template.json
new file mode 100644
index 00000000..dac21daa
--- /dev/null
+++ b/src/mapping/google/resource/dataproc/google_dataproc_workflow_template.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dataproc.workflowTemplates.update",
+      "dataproc.workflowTemplates.get",
+      "dataproc.workflowTemplates.delete",
+      "dataproc.workflowTemplates.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/deploymentmanager/google_deployment_manager_deployment.json b/src/mapping/google/resource/deploymentmanager/google_deployment_manager_deployment.json
new file mode 100644
index 00000000..e091a4a0
--- /dev/null
+++ b/src/mapping/google/resource/deploymentmanager/google_deployment_manager_deployment.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "deploymentmanager.deployments.create",
+      "deploymentmanager.deployments.delete",
+      "deploymentmanager.deployments.get",
+      "deploymentmanager.deployments.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/developerconnect/google_developer_connect_account_connector.json b/src/mapping/google/resource/developerconnect/google_developer_connect_account_connector.json
new file mode 100644
index 00000000..f6eaca18
--- /dev/null
+++ b/src/mapping/google/resource/developerconnect/google_developer_connect_account_connector.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "developerconnect.accountConnectors.create",
+      "developerconnect.accountConnectors.delete",
+      "developerconnect.accountConnectors.get",
+      "developerconnect.accountConnectors.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/developerconnect/google_developer_connect_connection.json b/src/mapping/google/resource/developerconnect/google_developer_connect_connection.json
new file mode 100644
index 00000000..c2f369cc
--- /dev/null
+++ b/src/mapping/google/resource/developerconnect/google_developer_connect_connection.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "developerconnect.connections.create",
+      "developerconnect.connections.delete",
+      "developerconnect.connections.update",
+      "developerconnect.connections.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/developerconnect/google_developer_connect_git_repository_link.json b/src/mapping/google/resource/developerconnect/google_developer_connect_git_repository_link.json
new file mode 100644
index 00000000..48125aeb
--- /dev/null
+++ b/src/mapping/google/resource/developerconnect/google_developer_connect_git_repository_link.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "developerconnect.gitRepositoryLinks.create",
+      "developerconnect.gitRepositoryLinks.delete",
+      "developerconnect.gitRepositoryLinks.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_agent.json b/src/mapping/google/resource/dialogflow/google_dialogflow_agent.json
new file mode 100644
index 00000000..3071aad8
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_agent.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.agents.get",
+      "dialogflow.agents.create",
+      "dialogflow.agents.update",
+      "dialogflow.agents.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_conversation_profile.json b/src/mapping/google/resource/dialogflow/google_dialogflow_conversation_profile.json
new file mode 100644
index 00000000..4f8ea4b4
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_conversation_profile.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.conversationProfiles.update",
+      "dialogflow.conversationProfiles.get",
+      "dialogflow.conversationProfiles.delete",
+      "dialogflow.conversationProfiles.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_agent.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_agent.json
new file mode 100644
index 00000000..3071aad8
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_agent.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.agents.get",
+      "dialogflow.agents.create",
+      "dialogflow.agents.update",
+      "dialogflow.agents.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_entity_type.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_entity_type.json
new file mode 100644
index 00000000..dfa858e8
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_entity_type.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.entityTypes.update",
+      "dialogflow.entityTypes.get",
+      "dialogflow.entityTypes.delete",
+      "dialogflow.entityTypes.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_environment.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_environment.json
new file mode 100644
index 00000000..4db2c7b5
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_environment.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.environments.create",
+      "dialogflow.environments.get",
+      "dialogflow.environments.update",
+      "dialogflow.environments.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_flow.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_flow.json
new file mode 100644
index 00000000..89d3febf
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_flow.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.flows.create",
+      "dialogflow.flows.get",
+      "dialogflow.flows.update",
+      "dialogflow.flows.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_generative_settings.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_generative_settings.json
new file mode 100644
index 00000000..c3c0dcdb
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_generative_settings.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.securitySettings.create",
+      "dialogflow.securitySettings.get",
+      "dialogflow.securitySettings.update",
+      "dialogflow.securitySettings.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_generator.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_generator.json
new file mode 100644
index 00000000..bedd2afe
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_generator.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.generators.create",
+      "dialogflow.generators.get",
+      "dialogflow.generators.update",
+      "dialogflow.generators.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_intent.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_intent.json
new file mode 100644
index 00000000..eadc2c22
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_intent.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.intents.create",
+      "dialogflow.intents.get",
+      "dialogflow.intents.update",
+      "dialogflow.intents.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_page.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_page.json
new file mode 100644
index 00000000..78836a3b
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_page.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.pages.create",
+      "dialogflow.pages.get",
+      "dialogflow.pages.delete",
+      "dialogflow.pages.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_playbook.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_playbook.json
new file mode 100644
index 00000000..3630f068
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_playbook.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.playbooks.create",
+      "dialogflow.playbooks.get",
+      "dialogflow.playbooks.update",
+      "dialogflow.playbooks.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_security_settings.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_security_settings.json
new file mode 100644
index 00000000..c3c0dcdb
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_security_settings.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.securitySettings.create",
+      "dialogflow.securitySettings.get",
+      "dialogflow.securitySettings.update",
+      "dialogflow.securitySettings.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_tool.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_tool.json
new file mode 100644
index 00000000..7715a638
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_tool.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.tools.create",
+      "dialogflow.tools.get",
+      "dialogflow.tools.update",
+      "dialogflow.tools.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_version.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_version.json
new file mode 100644
index 00000000..c9e9d35b
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_version.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "dialogflow.versions.create",
+      "dialogflow.versions.get",
+      "dialogflow.versions.update",
+      "dialogflow.versions.delete",
+      "dialogflow.operations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_cx_webhook.json b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_webhook.json
new file mode 100644
index 00000000..623db5bb
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_cx_webhook.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.webhooks.create",
+      "dialogflow.webhooks.delete",
+      "dialogflow.webhooks.get",
+      "dialogflow.webhooks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_encryption_spec.json b/src/mapping/google/resource/dialogflow/google_dialogflow_encryption_spec.json
new file mode 100644
index 00000000..4bf8dcfc
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_encryption_spec.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dialogflow.encryptionspec.update",
+      "dialogflow.encryptionspec.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_entity_type.json b/src/mapping/google/resource/dialogflow/google_dialogflow_entity_type.json
new file mode 100644
index 00000000..dfa858e8
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_entity_type.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.entityTypes.update",
+      "dialogflow.entityTypes.get",
+      "dialogflow.entityTypes.delete",
+      "dialogflow.entityTypes.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_fulfillment.json b/src/mapping/google/resource/dialogflow/google_dialogflow_fulfillment.json
new file mode 100644
index 00000000..8a802c3d
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_fulfillment.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "dialogflow.fulfillments.update",
+      "dialogflow.fulfillments.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dialogflow/google_dialogflow_intent.json b/src/mapping/google/resource/dialogflow/google_dialogflow_intent.json
new file mode 100644
index 00000000..9cbde953
--- /dev/null
+++ b/src/mapping/google/resource/dialogflow/google_dialogflow_intent.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dialogflow.intents.update",
+      "dialogflow.intents.get",
+      "dialogflow.intents.delete",
+      "dialogflow.intents.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dns/google_dns_managed_zone.json b/src/mapping/google/resource/dns/google_dns_managed_zone.json
index b4dfe956..bf5b674d 100644
--- a/src/mapping/google/resource/dns/google_dns_managed_zone.json
+++ b/src/mapping/google/resource/dns/google_dns_managed_zone.json
@@ -1,27 +1,29 @@
-[
-  {
-    "apply": [
-      "dns.managedZones.get",
-      "dns.managedZones.create",
-      "dns.managedZones.delete",
-      "dns.managedZones.update"
-    ],
-    "attributes": {
-      "gke_clusters": [
-        "dns.gkeClusters.bindPrivateDNSZone"
-      ],
-      "private_visibility_config": [
-        "dns.networks.bindPrivateDNSZone",
-        "dns.networks.targetWithPeeringZone"
-      ],
-      "tags": []
-    },
-    "destroy": [
-      "dns.managedZones.delete"
-    ],
-    "modify": [],
-    "plan": [
-      "dns.managedZones.update"
-    ]
-  }
-]
+[
+  {
+    "apply": [
+      "dns.managedZones.get",
+      "dns.managedZones.create",
+      "dns.managedZones.delete",
+      "dns.managedZones.update"
+    ],
+    "attributes": {
+      "gke_clusters": [
+        "dns.gkeClusters.bindPrivateDNSZone"
+      ],
+      "private_visibility_config": [
+        "dns.networks.bindPrivateDNSZone",
+        "dns.networks.targetWithPeeringZone"
+      ],
+      "tags": []
+    },
+    "destroy": [
+      "dns.managedZones.delete"
+    ],
+    "modify": [
+      "dns.managedZones.update"
+    ],
+    "plan": [
+      "dns.managedZones.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/dns/google_dns_managed_zone_iam_binding.json b/src/mapping/google/resource/dns/google_dns_managed_zone_iam_binding.json
new file mode 100644
index 00000000..a7122ffc
--- /dev/null
+++ b/src/mapping/google/resource/dns/google_dns_managed_zone_iam_binding.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "dns.managedZones.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dns/google_dns_managed_zone_iam_member.json b/src/mapping/google/resource/dns/google_dns_managed_zone_iam_member.json
new file mode 100644
index 00000000..a7122ffc
--- /dev/null
+++ b/src/mapping/google/resource/dns/google_dns_managed_zone_iam_member.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "dns.managedZones.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/dns/google_dns_managed_zone_iam_policy.json b/src/mapping/google/resource/dns/google_dns_managed_zone_iam_policy.json
new file mode 100644
index 00000000..089e1bb6
--- /dev/null
+++ b/src/mapping/google/resource/dns/google_dns_managed_zone_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "dns.managedZones.getIamPolicy",
+      "dns.managedZones.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "dns.managedZones.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/edgecontainer/google_edgecontainer_cluster.json b/src/mapping/google/resource/edgecontainer/google_edgecontainer_cluster.json
new file mode 100644
index 00000000..496d10b4
--- /dev/null
+++ b/src/mapping/google/resource/edgecontainer/google_edgecontainer_cluster.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "edgecontainer.clusters.create",
+      "edgecontainer.clusters.delete",
+      "edgecontainer.clusters.get",
+      "edgecontainer.clusters.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/edgecontainer/google_edgecontainer_node_pool.json b/src/mapping/google/resource/edgecontainer/google_edgecontainer_node_pool.json
new file mode 100644
index 00000000..2fc0156c
--- /dev/null
+++ b/src/mapping/google/resource/edgecontainer/google_edgecontainer_node_pool.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "edgecontainer.nodePools.create",
+      "edgecontainer.nodePools.delete",
+      "edgecontainer.nodePools.get",
+      "edgecontainer.nodePools.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/edgecontainer/google_edgecontainer_vpn_connection.json b/src/mapping/google/resource/edgecontainer/google_edgecontainer_vpn_connection.json
new file mode 100644
index 00000000..0c74247b
--- /dev/null
+++ b/src/mapping/google/resource/edgecontainer/google_edgecontainer_vpn_connection.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "edgecontainer.vpnConnections.create",
+      "edgecontainer.vpnConnections.delete",
+      "edgecontainer.vpnConnections.get",
+      "edgecontainer.vpnConnections.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/edgenetwork/google_edgenetwork_interconnect_attachment.json b/src/mapping/google/resource/edgenetwork/google_edgenetwork_interconnect_attachment.json
new file mode 100644
index 00000000..a75f395d
--- /dev/null
+++ b/src/mapping/google/resource/edgenetwork/google_edgenetwork_interconnect_attachment.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "edgenetwork.interconnectAttachments.create",
+      "edgenetwork.interconnectAttachments.delete",
+      "edgenetwork.interconnectAttachments.get",
+      "edgenetwork.interconnectAttachments.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/edgenetwork/google_edgenetwork_network.json b/src/mapping/google/resource/edgenetwork/google_edgenetwork_network.json
new file mode 100644
index 00000000..b3cf845d
--- /dev/null
+++ b/src/mapping/google/resource/edgenetwork/google_edgenetwork_network.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "edgenetwork.networks.create",
+      "edgenetwork.networks.delete",
+      "edgenetwork.networks.get",
+      "edgenetwork.networks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/edgenetwork/google_edgenetwork_subnet.json b/src/mapping/google/resource/edgenetwork/google_edgenetwork_subnet.json
new file mode 100644
index 00000000..82fd35d2
--- /dev/null
+++ b/src/mapping/google/resource/edgenetwork/google_edgenetwork_subnet.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "edgenetwork.subnetworks.create",
+      "edgenetwork.subnetworks.delete",
+      "edgenetwork.subnetworks.get",
+      "edgenetwork.subnetworks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/eventarc/google_eventarc_channel.json b/src/mapping/google/resource/eventarc/google_eventarc_channel.json
new file mode 100644
index 00000000..0f3cb13a
--- /dev/null
+++ b/src/mapping/google/resource/eventarc/google_eventarc_channel.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "eventarc.channels.create",
+      "eventarc.channels.delete",
+      "eventarc.channels.get",
+      "eventarc.channels.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/eventarc/google_eventarc_enrollment.json b/src/mapping/google/resource/eventarc/google_eventarc_enrollment.json
new file mode 100644
index 00000000..046eae72
--- /dev/null
+++ b/src/mapping/google/resource/eventarc/google_eventarc_enrollment.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "eventarc.enrollments.create",
+      "eventarc.enrollments.delete",
+      "eventarc.enrollments.get",
+      "eventarc.enrollments.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/eventarc/google_eventarc_google_api_source.json b/src/mapping/google/resource/eventarc/google_eventarc_google_api_source.json
new file mode 100644
index 00000000..c2d6763a
--- /dev/null
+++ b/src/mapping/google/resource/eventarc/google_eventarc_google_api_source.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "eventarc.googleApiSources.create",
+      "eventarc.googleApiSources.delete",
+      "eventarc.googleApiSources.get",
+      "eventarc.googleApiSources.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/eventarc/google_eventarc_google_channel_config.json b/src/mapping/google/resource/eventarc/google_eventarc_google_channel_config.json
new file mode 100644
index 00000000..0ed64a36
--- /dev/null
+++ b/src/mapping/google/resource/eventarc/google_eventarc_google_channel_config.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "eventarc.googleChannelConfigs.get",
+      "eventarc.googleChannelConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/eventarc/google_eventarc_message_bus.json b/src/mapping/google/resource/eventarc/google_eventarc_message_bus.json
new file mode 100644
index 00000000..818325e9
--- /dev/null
+++ b/src/mapping/google/resource/eventarc/google_eventarc_message_bus.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "eventarc.messageBuses.create",
+      "eventarc.messageBuses.delete",
+      "eventarc.messageBuses.get",
+      "eventarc.messageBuses.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/eventarc/google_eventarc_pipeline.json b/src/mapping/google/resource/eventarc/google_eventarc_pipeline.json
new file mode 100644
index 00000000..f2c85918
--- /dev/null
+++ b/src/mapping/google/resource/eventarc/google_eventarc_pipeline.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "eventarc.pipelines.create",
+      "eventarc.pipelines.delete",
+      "eventarc.pipelines.get",
+      "eventarc.pipelines.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/eventarc/google_eventarc_trigger.json b/src/mapping/google/resource/eventarc/google_eventarc_trigger.json
new file mode 100644
index 00000000..b0d0ffdc
--- /dev/null
+++ b/src/mapping/google/resource/eventarc/google_eventarc_trigger.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "eventarc.triggers.update",
+      "eventarc.triggers.get",
+      "eventarc.triggers.delete",
+      "eventarc.triggers.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/firebase/google_firebase_web_app.json b/src/mapping/google/resource/firebase/google_firebase_web_app.json
new file mode 100644
index 00000000..47a73452
--- /dev/null
+++ b/src/mapping/google/resource/firebase/google_firebase_web_app.json
@@ -0,0 +1,24 @@
+[
+  {
+    "apply": [
+      "resourcemanager.projects.get",
+      "serviceusage.services.enable",
+      "serviceusage.services.get",
+      "firebase.clients.create",
+      "firebase.clients.delete",
+      "firebase.clients.update",
+      "firebase.clients.get",
+      "clientauthconfig.clients.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "firebase.clients.delete"
+    ],
+    "modify": [
+      "firebase.clients.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_binding.json b/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_binding.json
new file mode 100644
index 00000000..15ec09a7
--- /dev/null
+++ b/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkebackup.backupPlans.getIamPolicy",
+      "gkebackup.backupPlans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_member.json b/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_member.json
new file mode 100644
index 00000000..15ec09a7
--- /dev/null
+++ b/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkebackup.backupPlans.getIamPolicy",
+      "gkebackup.backupPlans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_policy.json b/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_policy.json
new file mode 100644
index 00000000..01cf86c3
--- /dev/null
+++ b/src/mapping/google/resource/gkebackup/google_gke_backup_backup_plan_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "gkebackup.backupPlans.getIamPolicy",
+      "gkebackup.backupPlans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkebackup.backupPlans.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_binding.json b/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_binding.json
new file mode 100644
index 00000000..3c4be9c1
--- /dev/null
+++ b/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkebackup.restorePlans.getIamPolicy",
+      "gkebackup.restorePlans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_member.json b/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_member.json
new file mode 100644
index 00000000..3c4be9c1
--- /dev/null
+++ b/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkebackup.restorePlans.getIamPolicy",
+      "gkebackup.restorePlans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_policy.json b/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_policy.json
new file mode 100644
index 00000000..bcf9e5d8
--- /dev/null
+++ b/src/mapping/google/resource/gkebackup/google_gke_backup_restore_plan_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "gkebackup.restorePlans.getIamPolicy",
+      "gkebackup.restorePlans.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkebackup.restorePlans.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_binding.json b/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_binding.json
new file mode 100644
index 00000000..a628e4aa
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkehub.features.getIamPolicy",
+      "gkehub.features.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_member.json b/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_member.json
new file mode 100644
index 00000000..a628e4aa
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkehub.features.getIamPolicy",
+      "gkehub.features.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_policy.json b/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_policy.json
new file mode 100644
index 00000000..a8ca6a93
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_feature_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "gkehub.features.getIamPolicy",
+      "gkehub.features.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkehub.features.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_binding.json b/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_binding.json
new file mode 100644
index 00000000..76b22174
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkehub.memberships.getIamPolicy",
+      "gkehub.memberships.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_member.json b/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_member.json
new file mode 100644
index 00000000..76b22174
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkehub.memberships.getIamPolicy",
+      "gkehub.memberships.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_policy.json b/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_policy.json
new file mode 100644
index 00000000..cd6cd3f7
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_membership_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "gkehub.memberships.getIamPolicy",
+      "gkehub.memberships.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkehub.memberships.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_binding.json b/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_binding.json
new file mode 100644
index 00000000..ac65a607
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkehub.scopes.getIamPolicy",
+      "gkehub.scopes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_member.json b/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_member.json
new file mode 100644
index 00000000..ac65a607
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "gkehub.scopes.getIamPolicy",
+      "gkehub.scopes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_policy.json b/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_policy.json
new file mode 100644
index 00000000..b248451d
--- /dev/null
+++ b/src/mapping/google/resource/gkehub/google_gke_hub_scope_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "gkehub.scopes.getIamPolicy",
+      "gkehub.scopes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "gkehub.scopes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/google_apigee_environment.json b/src/mapping/google/resource/google_apigee_environment.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/google_apigee_environment.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_binding.json b/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_binding.json
new file mode 100644
index 00000000..add4b9fe
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.consentStores.getIamPolicy",
+      "healthcare.consentStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_member.json b/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_member.json
new file mode 100644
index 00000000..add4b9fe
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.consentStores.getIamPolicy",
+      "healthcare.consentStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_policy.json b/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_policy.json
new file mode 100644
index 00000000..e1f8cdb4
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_consent_store_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "healthcare.consentStores.getIamPolicy",
+      "healthcare.consentStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "healthcare.consentStores.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_binding.json b/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_binding.json
new file mode 100644
index 00000000..534516d8
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.datasets.getIamPolicy",
+      "healthcare.datasets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_member.json b/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_member.json
new file mode 100644
index 00000000..534516d8
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.datasets.getIamPolicy",
+      "healthcare.datasets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_policy.json b/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_policy.json
new file mode 100644
index 00000000..0272db19
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_dataset_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "healthcare.datasets.getIamPolicy",
+      "healthcare.datasets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "healthcare.datasets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_binding.json b/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_binding.json
new file mode 100644
index 00000000..44ad44c3
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.dicomStores.getIamPolicy",
+      "healthcare.dicomStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_member.json b/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_member.json
new file mode 100644
index 00000000..44ad44c3
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.dicomStores.getIamPolicy",
+      "healthcare.dicomStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_policy.json b/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_policy.json
new file mode 100644
index 00000000..791029e5
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_dicom_store_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "healthcare.dicomStores.getIamPolicy",
+      "healthcare.dicomStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "healthcare.dicomStores.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_binding.json b/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_binding.json
new file mode 100644
index 00000000..4f956554
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.fhirStores.getIamPolicy",
+      "healthcare.fhirStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_member.json b/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_member.json
new file mode 100644
index 00000000..4f956554
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.fhirStores.getIamPolicy",
+      "healthcare.fhirStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_policy.json b/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_policy.json
new file mode 100644
index 00000000..9eea946b
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_fhir_store_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "healthcare.fhirStores.getIamPolicy",
+      "healthcare.fhirStores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "healthcare.fhirStores.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_binding.json b/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_binding.json
new file mode 100644
index 00000000..1db1c90c
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.hl7V2Stores.getIamPolicy",
+      "healthcare.hl7V2Stores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_member.json b/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_member.json
new file mode 100644
index 00000000..1db1c90c
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "healthcare.hl7V2Stores.getIamPolicy",
+      "healthcare.hl7V2Stores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_policy.json b/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_policy.json
new file mode 100644
index 00000000..6a08f9c3
--- /dev/null
+++ b/src/mapping/google/resource/healthcare/google_healthcare_hl7_v2_store_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "healthcare.hl7V2Stores.getIamPolicy",
+      "healthcare.hl7V2Stores.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "healthcare.hl7V2Stores.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool.json
new file mode 100644
index 00000000..9c4820c2
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePools.update",
+      "iam.googleapis.com/workforcePools.get",
+      "iam.googleapis.com/workforcePools.create",
+      "iam.googleapis.com/workforcePools.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_binding.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_binding.json
new file mode 100644
index 00000000..220eb8cc
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePools.getIamPolicy",
+      "iam.googleapis.com/workforcePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_member.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_member.json
new file mode 100644
index 00000000..220eb8cc
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePools.getIamPolicy",
+      "iam.googleapis.com/workforcePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json
new file mode 100644
index 00000000..220eb8cc
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePools.getIamPolicy",
+      "iam.googleapis.com/workforcePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider.json
new file mode 100644
index 00000000..a62fa309
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePoolProviders.create",
+      "iam.googleapis.com/workforcePoolProviders.delete",
+      "iam.googleapis.com/workforcePoolProviders.get",
+      "iam.googleapis.com/workforcePoolProviders.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider_key.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider_key.json
new file mode 100644
index 00000000..bd16b01e
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workforce_pool_provider_key.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePoolProviderKeys.create",
+      "iam.googleapis.com/workforcePoolProviderKeys.delete",
+      "iam.googleapis.com/workforcePoolProviderKeys.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_binding.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_binding.json
new file mode 100644
index 00000000..220eb8cc
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePools.getIamPolicy",
+      "iam.googleapis.com/workforcePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_member.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_member.json
new file mode 100644
index 00000000..220eb8cc
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workforcePools.getIamPolicy",
+      "iam.googleapis.com/workforcePools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json b/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json
new file mode 100644
index 00000000..8b851596
--- /dev/null
+++ b/src/mapping/google/resource/iam.googleapis.com/google_iam_workload_identity_pool_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iam.googleapis.com/workloadIdentityPools.getIamPolicy",
+      "iam.googleapis.com/workloadIdentityPools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iam.googleapis.com/workloadIdentityPools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iam/google_default_service_accounts.json b/src/mapping/google/resource/iam/google_default_service_accounts.json
new file mode 100644
index 00000000..eb272b93
--- /dev/null
+++ b/src/mapping/google/resource/iam/google_default_service_accounts.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iam.serviceAccounts.disable",
+      "iam.serviceAccounts.enable"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam/google_iam_workload_identity_pool.json b/src/mapping/google/resource/iam/google_iam_workload_identity_pool.json
new file mode 100644
index 00000000..fd610d72
--- /dev/null
+++ b/src/mapping/google/resource/iam/google_iam_workload_identity_pool.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "iam.workloadIdentityPools.create",
+      "iam.workloadIdentityPools.delete",
+      "iam.workloadIdentityPools.get",
+      "iam.workloadIdentityPools.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "iam.workloadIdentityPools.delete"
+    ],
+    "modify": [
+      "iam.workloadIdentityPools.update"
+    ],
+    "plan": [
+      "iam.workloadIdentityPools.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iam/google_iam_workload_identity_pool_provider.json b/src/mapping/google/resource/iam/google_iam_workload_identity_pool_provider.json
new file mode 100644
index 00000000..78350df1
--- /dev/null
+++ b/src/mapping/google/resource/iam/google_iam_workload_identity_pool_provider.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "iam.workloadIdentityPoolProviders.create",
+      "iam.workloadIdentityPoolProviders.delete",
+      "iam.workloadIdentityPoolProviders.get",
+      "iam.workloadIdentityPoolProviders.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "iam.workloadIdentityPoolProviders.delete"
+    ],
+    "modify": [
+      "iam.workloadIdentityPoolProviders.update"
+    ],
+    "plan": [
+      "iam.workloadIdentityPoolProviders.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iam/google_project_default_service_accounts.json b/src/mapping/google/resource/iam/google_project_default_service_accounts.json
new file mode 100644
index 00000000..763c2cef
--- /dev/null
+++ b/src/mapping/google/resource/iam/google_project_default_service_accounts.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "iam.serviceAccounts.list"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam/google_project_iam_audit_config.json b/src/mapping/google/resource/iam/google_project_iam_audit_config.json
new file mode 100644
index 00000000..81ef0c90
--- /dev/null
+++ b/src/mapping/google/resource/iam/google_project_iam_audit_config.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.projects.getIamPolicy",
+      "resourcemanager.projects.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iam/google_project_iam_custom_role.json b/src/mapping/google/resource/iam/google_project_iam_custom_role.json
index 8f0ce2e1..c1e3f457 100644
--- a/src/mapping/google/resource/iam/google_project_iam_custom_role.json
+++ b/src/mapping/google/resource/iam/google_project_iam_custom_role.json
@@ -1,18 +1,20 @@
-[
-  {
-    "apply": [
-      "iam.roles.get",
-      "iam.roles.create"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "iam.roles.delete"
-    ],
-    "modify": [
-      "iam.roles.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "iam.roles.get",
+      "iam.roles.create"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "iam.roles.delete"
+    ],
+    "modify": [
+      "iam.roles.update"
+    ],
+    "plan": [
+      "iam.roles.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iam/google_service_account.json b/src/mapping/google/resource/iam/google_service_account.json
index 0f5d3f50..5b6691a9 100644
--- a/src/mapping/google/resource/iam/google_service_account.json
+++ b/src/mapping/google/resource/iam/google_service_account.json
@@ -13,6 +13,8 @@
     "modify": [
       "iam.serviceAccounts.update"
     ],
-    "plan": []
+    "plan": [
+      "iam.serviceAccounts.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/iam/google_service_account_iam_policy.json b/src/mapping/google/resource/iam/google_service_account_iam_policy.json
index 60650881..6befb2e7 100644
--- a/src/mapping/google/resource/iam/google_service_account_iam_policy.json
+++ b/src/mapping/google/resource/iam/google_service_account_iam_policy.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "iam.serviceAccounts.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/iam/google_service_account_key.json b/src/mapping/google/resource/iam/google_service_account_key.json
index 96625498..c7ebf1a4 100644
--- a/src/mapping/google/resource/iam/google_service_account_key.json
+++ b/src/mapping/google/resource/iam/google_service_account_key.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "iam.serviceAccountKeys.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_binding.json b/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_binding.json
new file mode 100644
index 00000000..187c96ae
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_member.json b/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_member.json
new file mode 100644
index 00000000..886fd193
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_policy.json b/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_policy.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_app_engine_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_binding.json b/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_binding.json
new file mode 100644
index 00000000..187c96ae
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_member.json b/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_member.json
new file mode 100644
index 00000000..187c96ae
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_policy.json b/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_policy.json
new file mode 100644
index 00000000..0ab53f8d
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_app_engine_version_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServiceVersions.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_settings.json b/src/mapping/google/resource/iap/google_iap_settings.json
new file mode 100644
index 00000000..d9abc424
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_settings.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getSettings",
+      "iap.webServices.updateSettings"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_dest_group.json b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group.json
new file mode 100644
index 00000000..3b5e3fe2
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.tunnelDestGroups.create",
+      "iap.tunnelDestGroups.delete",
+      "iap.tunnelDestGroups.get",
+      "iap.tunnelDestGroups.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_binding.json b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_binding.json
new file mode 100644
index 00000000..5a4139da
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.tunnelDestGroups.getIamPolicy",
+      "iap.tunnelDestGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_member.json b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_member.json
new file mode 100644
index 00000000..5a4139da
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.tunnelDestGroups.getIamPolicy",
+      "iap.tunnelDestGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_policy.json b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_policy.json
new file mode 100644
index 00000000..1ef22e4e
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_dest_group_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.tunnelDestGroups.getIamPolicy",
+      "iap.tunnelDestGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.tunnelDestGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_iam_binding.json b/src/mapping/google/resource/iap/google_iap_tunnel_iam_binding.json
new file mode 100644
index 00000000..16ac30bb
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.tunnel.getIamPolicy",
+      "iap.tunnel.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_iam_member.json b/src/mapping/google/resource/iap/google_iap_tunnel_iam_member.json
new file mode 100644
index 00000000..16ac30bb
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.tunnel.getIamPolicy",
+      "iap.tunnel.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_iam_policy.json b/src/mapping/google/resource/iap/google_iap_tunnel_iam_policy.json
new file mode 100644
index 00000000..733c71c6
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.tunnel.getIamPolicy",
+      "iap.tunnel.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.tunnel.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_binding.json b/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_binding.json
new file mode 100644
index 00000000..82821da3
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.tunnelInstances.getIamPolicy",
+      "iap.tunnelInstances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_member.json b/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_member.json
new file mode 100644
index 00000000..82821da3
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.tunnelInstances.getIamPolicy",
+      "iap.tunnelInstances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_policy.json b/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_policy.json
new file mode 100644
index 00000000..5557cda3
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_tunnel_instance_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.tunnelInstances.getIamPolicy",
+      "iap.tunnelInstances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.tunnelInstances.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_binding.json
new file mode 100644
index 00000000..886fd193
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_member.json
new file mode 100644
index 00000000..886fd193
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_policy.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_backend_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_binding.json
new file mode 100644
index 00000000..37814a4f
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_member.json
new file mode 100644
index 00000000..37814a4f
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_member.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_policy.json
new file mode 100644
index 00000000..37814a4f
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_cloud_run_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_binding.json
new file mode 100644
index 00000000..187c96ae
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_member.json
new file mode 100644
index 00000000..187c96ae
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_policy.json
new file mode 100644
index 00000000..187c96ae
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_forwarding_rule_service_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_iam_binding.json
new file mode 100644
index 00000000..331f5f94
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.web.getIamPolicy",
+      "iap.web.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_iam_member.json
new file mode 100644
index 00000000..331f5f94
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.web.getIamPolicy",
+      "iap.web.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_iam_policy.json
new file mode 100644
index 00000000..de36f83c
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.web.getIamPolicy",
+      "iap.web.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.web.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_binding.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_member.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_member.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_policy.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_region_backend_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_binding.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_member.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_member.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json
new file mode 100644
index 00000000..45d8a940
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_region_forwarding_rule_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webServices.getIamPolicy",
+      "iap.webServices.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webServices.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_binding.json
new file mode 100644
index 00000000..f92ccd33
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webTypes.getIamPolicy",
+      "iap.webTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_member.json
new file mode 100644
index 00000000..f92ccd33
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webTypes.getIamPolicy",
+      "iap.webTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_policy.json
new file mode 100644
index 00000000..0794b0fd
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_type_app_engine_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webTypes.getIamPolicy",
+      "iap.webTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_binding.json b/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_binding.json
new file mode 100644
index 00000000..f92ccd33
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webTypes.getIamPolicy",
+      "iap.webTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_member.json b/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_member.json
new file mode 100644
index 00000000..f92ccd33
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "iap.webTypes.getIamPolicy",
+      "iap.webTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_policy.json b/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_policy.json
new file mode 100644
index 00000000..0794b0fd
--- /dev/null
+++ b/src/mapping/google/resource/iap/google_iap_web_type_compute_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "iap.webTypes.getIamPolicy",
+      "iap.webTypes.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "iap.webTypes.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_binding.json b/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_binding.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_binding.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_member.json b/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_member.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_member.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_policy.json b/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_policy.json
new file mode 100644
index 00000000..45e4fdaf
--- /dev/null
+++ b/src/mapping/google/resource/kms/google_kms_ekm_connection_iam_policy.json
@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_billing_account_exclusion.json b/src/mapping/google/resource/logging/google_logging_billing_account_exclusion.json
new file mode 100644
index 00000000..3f642a0d
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_billing_account_exclusion.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.exclusions.create",
+      "logging.exclusions.delete",
+      "logging.exclusions.get",
+      "logging.exclusions.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_billing_account_sink.json b/src/mapping/google/resource/logging/google_logging_billing_account_sink.json
new file mode 100644
index 00000000..42fe9b37
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_billing_account_sink.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.sinks.create",
+      "logging.sinks.delete",
+      "logging.sinks.get",
+      "logging.sinks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_folder_exclusion.json b/src/mapping/google/resource/logging/google_logging_folder_exclusion.json
new file mode 100644
index 00000000..3f642a0d
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_folder_exclusion.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.exclusions.create",
+      "logging.exclusions.delete",
+      "logging.exclusions.get",
+      "logging.exclusions.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_folder_settings.json b/src/mapping/google/resource/logging/google_logging_folder_settings.json
new file mode 100644
index 00000000..cf6a6a52
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_folder_settings.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "logging.settings.get",
+      "logging.settings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_folder_sink.json b/src/mapping/google/resource/logging/google_logging_folder_sink.json
new file mode 100644
index 00000000..42fe9b37
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_folder_sink.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.sinks.create",
+      "logging.sinks.delete",
+      "logging.sinks.get",
+      "logging.sinks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_linked_dataset.json b/src/mapping/google/resource/logging/google_logging_linked_dataset.json
new file mode 100644
index 00000000..5bfe5ce2
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_linked_dataset.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "logging.links.create",
+      "logging.links.delete",
+      "logging.links.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_log_scope.json b/src/mapping/google/resource/logging/google_logging_log_scope.json
new file mode 100644
index 00000000..b9f3b151
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_log_scope.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.logScopes.create",
+      "logging.logScopes.delete",
+      "logging.logScopes.get",
+      "logging.logScopes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_log_view.json b/src/mapping/google/resource/logging/google_logging_log_view.json
new file mode 100644
index 00000000..91574519
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_log_view.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.views.create",
+      "logging.views.delete",
+      "logging.views.get",
+      "logging.views.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_log_view_iam_binding.json b/src/mapping/google/resource/logging/google_logging_log_view_iam_binding.json
new file mode 100644
index 00000000..0078a88b
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_log_view_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "logging.views.getIamPolicy",
+      "logging.views.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_log_view_iam_member.json b/src/mapping/google/resource/logging/google_logging_log_view_iam_member.json
new file mode 100644
index 00000000..0078a88b
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_log_view_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "logging.views.getIamPolicy",
+      "logging.views.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_log_view_iam_policy.json b/src/mapping/google/resource/logging/google_logging_log_view_iam_policy.json
new file mode 100644
index 00000000..0078a88b
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_log_view_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "logging.views.getIamPolicy",
+      "logging.views.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_metric.json b/src/mapping/google/resource/logging/google_logging_metric.json
new file mode 100644
index 00000000..6f25ab17
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_metric.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.logMetrics.create",
+      "logging.logMetrics.delete",
+      "logging.logMetrics.get",
+      "logging.logMetrics.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_organization_exclusion.json b/src/mapping/google/resource/logging/google_logging_organization_exclusion.json
new file mode 100644
index 00000000..3f642a0d
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_organization_exclusion.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.exclusions.create",
+      "logging.exclusions.delete",
+      "logging.exclusions.get",
+      "logging.exclusions.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_organization_settings.json b/src/mapping/google/resource/logging/google_logging_organization_settings.json
new file mode 100644
index 00000000..cf6a6a52
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_organization_settings.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "logging.settings.get",
+      "logging.settings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_organization_sink.json b/src/mapping/google/resource/logging/google_logging_organization_sink.json
new file mode 100644
index 00000000..42fe9b37
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_organization_sink.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.sinks.create",
+      "logging.sinks.delete",
+      "logging.sinks.get",
+      "logging.sinks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_project_exclusion.json b/src/mapping/google/resource/logging/google_logging_project_exclusion.json
new file mode 100644
index 00000000..3f642a0d
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_project_exclusion.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.exclusions.create",
+      "logging.exclusions.delete",
+      "logging.exclusions.get",
+      "logging.exclusions.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/logging/google_logging_project_sink.json b/src/mapping/google/resource/logging/google_logging_project_sink.json
new file mode 100644
index 00000000..42fe9b37
--- /dev/null
+++ b/src/mapping/google/resource/logging/google_logging_project_sink.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "logging.sinks.create",
+      "logging.sinks.delete",
+      "logging.sinks.get",
+      "logging.sinks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/managedkafka/google_managed_kafka_acl.json b/src/mapping/google/resource/managedkafka/google_managed_kafka_acl.json
new file mode 100644
index 00000000..ae47c306
--- /dev/null
+++ b/src/mapping/google/resource/managedkafka/google_managed_kafka_acl.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "managedkafka.acls.create",
+      "managedkafka.acls.get",
+      "managedkafka.acls.update",
+      "managedkafka.acls.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/managedkafka/google_managed_kafka_cluster.json b/src/mapping/google/resource/managedkafka/google_managed_kafka_cluster.json
new file mode 100644
index 00000000..173c7ce4
--- /dev/null
+++ b/src/mapping/google/resource/managedkafka/google_managed_kafka_cluster.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "managedkafka.operations.get",
+      "managedkafka.clusters.create",
+      "managedkafka.clusters.delete",
+      "managedkafka.clusters.get",
+      "managedkafka.clusters.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/managedkafka/google_managed_kafka_connect_cluster.json b/src/mapping/google/resource/managedkafka/google_managed_kafka_connect_cluster.json
new file mode 100644
index 00000000..9153e8c6
--- /dev/null
+++ b/src/mapping/google/resource/managedkafka/google_managed_kafka_connect_cluster.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "managedkafka.connectClusters.create",
+      "managedkafka.connectClusters.delete",
+      "managedkafka.connectClusters.get",
+      "managedkafka.connectClusters.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/managedkafka/google_managed_kafka_connector.json b/src/mapping/google/resource/managedkafka/google_managed_kafka_connector.json
new file mode 100644
index 00000000..7aaff0e7
--- /dev/null
+++ b/src/mapping/google/resource/managedkafka/google_managed_kafka_connector.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "managedkafka.connectors.create",
+      "managedkafka.connectors.delete",
+      "managedkafka.connectors.get",
+      "managedkafka.connectors.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/managedkafka/google_managed_kafka_topic.json b/src/mapping/google/resource/managedkafka/google_managed_kafka_topic.json
new file mode 100644
index 00000000..0e883415
--- /dev/null
+++ b/src/mapping/google/resource/managedkafka/google_managed_kafka_topic.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "managedkafka.topics.create",
+      "managedkafka.topics.delete",
+      "managedkafka.topics.get",
+      "managedkafka.topics.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/memcache/google_memcache_instance.json b/src/mapping/google/resource/memcache/google_memcache_instance.json
new file mode 100644
index 00000000..9d41770b
--- /dev/null
+++ b/src/mapping/google/resource/memcache/google_memcache_instance.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "memcache.instances.create",
+      "memcache.instances.delete",
+      "memcache.instances.get",
+      "memcache.instances.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/memorystore/google_memorystore_instance.json b/src/mapping/google/resource/memorystore/google_memorystore_instance.json
new file mode 100644
index 00000000..373399d3
--- /dev/null
+++ b/src/mapping/google/resource/memorystore/google_memorystore_instance.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "memorystore.instances.create",
+      "memorystore.instances.delete",
+      "memorystore.instances.get",
+      "memorystore.instances.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_binding.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_binding.json
new file mode 100644
index 00000000..92a6e38d
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.databases.getIamPolicy",
+      "metastore.databases.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_member.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_member.json
new file mode 100644
index 00000000..92a6e38d
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.databases.getIamPolicy",
+      "metastore.databases.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_policy.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_policy.json
new file mode 100644
index 00000000..c00e781b
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_database_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "metastore.databases.getIamPolicy",
+      "metastore.databases.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "metastore.databases.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_binding.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_binding.json
new file mode 100644
index 00000000..83c21eb8
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.federations.getIamPolicy",
+      "metastore.federations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_member.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_member.json
new file mode 100644
index 00000000..bde192e8
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.federations.getIamPolicy",
+      "metastore.federations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_policy.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_policy.json
new file mode 100644
index 00000000..dbe537fa
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_federation_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "metastore.federations.getIamPolicy",
+      "metastore.federations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "metastore.federations.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_binding.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_binding.json
new file mode 100644
index 00000000..fd29e0ce
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.services.getIamPolicy",
+      "metastore.services.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_member.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_member.json
new file mode 100644
index 00000000..fd29e0ce
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.services.getIamPolicy",
+      "metastore.services.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_policy.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_policy.json
new file mode 100644
index 00000000..47253269
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "metastore.services.getIamPolicy",
+      "metastore.services.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "metastore.services.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_binding.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_binding.json
new file mode 100644
index 00000000..16dc262b
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.tables.getIamPolicy",
+      "metastore.tables.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_member.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_member.json
new file mode 100644
index 00000000..16dc262b
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "metastore.tables.getIamPolicy",
+      "metastore.tables.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_policy.json b/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_policy.json
new file mode 100644
index 00000000..f8d3a2b6
--- /dev/null
+++ b/src/mapping/google/resource/metastore/google_dataproc_metastore_table_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "metastore.tables.getIamPolicy",
+      "metastore.tables.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "metastore.tables.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/modelarmor/google_model_armor_floorsetting.json b/src/mapping/google/resource/modelarmor/google_model_armor_floorsetting.json
new file mode 100644
index 00000000..f015b70c
--- /dev/null
+++ b/src/mapping/google/resource/modelarmor/google_model_armor_floorsetting.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "modelarmor.floorSettings.get",
+      "modelarmor.floorSettings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/modelarmor/google_model_armor_template.json b/src/mapping/google/resource/modelarmor/google_model_armor_template.json
new file mode 100644
index 00000000..2b5199b6
--- /dev/null
+++ b/src/mapping/google/resource/modelarmor/google_model_armor_template.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "modelarmor.templates.create",
+      "modelarmor.templates.delete",
+      "modelarmor.templates.get",
+      "modelarmor.templates.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_alert_policy.json b/src/mapping/google/resource/monitoring/google_monitoring_alert_policy.json
new file mode 100644
index 00000000..f7005cac
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_alert_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.alertPolicies.update",
+      "monitoring.alertPolicies.create",
+      "monitoring.alertPolicies.delete",
+      "monitoring.alertPolicies.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_custom_service.json b/src/mapping/google/resource/monitoring/google_monitoring_custom_service.json
new file mode 100644
index 00000000..02f27609
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_custom_service.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.services.create",
+      "monitoring.services.get",
+      "monitoring.services.delete",
+      "monitoring.services.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_dashboard.json b/src/mapping/google/resource/monitoring/google_monitoring_dashboard.json
new file mode 100644
index 00000000..c5e327fc
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_dashboard.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.dashboards.delete",
+      "monitoring.dashboards.create",
+      "monitoring.dashboards.update",
+      "monitoring.dashboards.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_group.json b/src/mapping/google/resource/monitoring/google_monitoring_group.json
new file mode 100644
index 00000000..0dbd4c5b
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_group.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.groups.create",
+      "monitoring.groups.delete",
+      "monitoring.groups.get",
+      "monitoring.groups.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_metric_descriptor.json b/src/mapping/google/resource/monitoring/google_monitoring_metric_descriptor.json
new file mode 100644
index 00000000..6cc7876f
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_metric_descriptor.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "monitoring.metricDescriptors.create",
+      "monitoring.metricDescriptors.delete",
+      "monitoring.metricDescriptors.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_monitored_project.json b/src/mapping/google/resource/monitoring/google_monitoring_monitored_project.json
new file mode 100644
index 00000000..76ea4abf
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_monitored_project.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "monitoring.metricsScopes.link"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_notification_channel.json b/src/mapping/google/resource/monitoring/google_monitoring_notification_channel.json
new file mode 100644
index 00000000..1f31388e
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_notification_channel.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.notificationChannels.create",
+      "monitoring.notificationChannels.delete",
+      "monitoring.notificationChannels.get",
+      "monitoring.notificationChannels.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_service.json b/src/mapping/google/resource/monitoring/google_monitoring_service.json
new file mode 100644
index 00000000..ea5a0a16
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_service.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.services.create",
+      "monitoring.services.delete",
+      "monitoring.services.get",
+      "monitoring.services.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_slo.json b/src/mapping/google/resource/monitoring/google_monitoring_slo.json
new file mode 100644
index 00000000..71690592
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_slo.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.slos.create",
+      "monitoring.slos.delete",
+      "monitoring.slos.get",
+      "monitoring.slos.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/monitoring/google_monitoring_uptime_check_config.json b/src/mapping/google/resource/monitoring/google_monitoring_uptime_check_config.json
new file mode 100644
index 00000000..714992ef
--- /dev/null
+++ b/src/mapping/google/resource/monitoring/google_monitoring_uptime_check_config.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "monitoring.uptimeCheckConfigs.create",
+      "monitoring.uptimeCheckConfigs.delete",
+      "monitoring.uptimeCheckConfigs.get",
+      "monitoring.uptimeCheckConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_binding.json b/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_binding.json
new file mode 100644
index 00000000..edec3438
--- /dev/null
+++ b/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "networksecurity.addressGroups.getIamPolicy",
+      "networksecurity.addressGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_member.json b/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_member.json
new file mode 100644
index 00000000..edec3438
--- /dev/null
+++ b/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "networksecurity.addressGroups.getIamPolicy",
+      "networksecurity.addressGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_policy.json b/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_policy.json
new file mode 100644
index 00000000..a5853ef4
--- /dev/null
+++ b/src/mapping/google/resource/networksecurity/google_network_security_address_group_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "networksecurity.addressGroups.getIamPolicy",
+      "networksecurity.addressGroups.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "networksecurity.addressGroups.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_environment.json b/src/mapping/google/resource/notebooks/google_notebooks_environment.json
new file mode 100644
index 00000000..dcb902ad
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_environment.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "notebooks.environments.create",
+      "notebooks.environments.get",
+      "notebooks.environments.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_instance.json b/src/mapping/google/resource/notebooks/google_notebooks_instance.json
new file mode 100644
index 00000000..c7dfcaac
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_instance.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.create",
+      "notebooks.instances.delete",
+      "notebooks.instances.update",
+      "notebooks.instances.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_binding.json b/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_binding.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_member.json b/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_member.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_policy.json b/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_policy.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_instance_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_runtime.json b/src/mapping/google/resource/notebooks/google_notebooks_runtime.json
new file mode 100644
index 00000000..075657d4
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_runtime.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "notebooks.runtimes.create",
+      "notebooks.runtimes.delete",
+      "notebooks.runtimes.get",
+      "notebooks.runtimes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_binding.json b/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_binding.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_member.json b/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_member.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_policy.json b/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_policy.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_notebooks_runtime_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_workbench_instance.json b/src/mapping/google/resource/notebooks/google_workbench_instance.json
new file mode 100644
index 00000000..4369cd64
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_workbench_instance.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.create",
+      "notebooks.instances.delete",
+      "notebooks.instances.get",
+      "notebooks.instances.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_workbench_instance_iam_binding.json b/src/mapping/google/resource/notebooks/google_workbench_instance_iam_binding.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_workbench_instance_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_workbench_instance_iam_member.json b/src/mapping/google/resource/notebooks/google_workbench_instance_iam_member.json
new file mode 100644
index 00000000..23967943
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_workbench_instance_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/notebooks/google_workbench_instance_iam_policy.json b/src/mapping/google/resource/notebooks/google_workbench_instance_iam_policy.json
new file mode 100644
index 00000000..f5265a27
--- /dev/null
+++ b/src/mapping/google/resource/notebooks/google_workbench_instance_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "notebooks.instances.getIamPolicy",
+      "notebooks.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "notebooks.instances.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/orgpolicy/google_project_organization_policy.json b/src/mapping/google/resource/orgpolicy/google_project_organization_policy.json
new file mode 100644
index 00000000..527d46c2
--- /dev/null
+++ b/src/mapping/google/resource/orgpolicy/google_project_organization_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "orgpolicy.policy.set",
+      "orgpolicy.policy.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/osconfig/google_os_config_guest_policies.json b/src/mapping/google/resource/osconfig/google_os_config_guest_policies.json
new file mode 100644
index 00000000..034ffd3f
--- /dev/null
+++ b/src/mapping/google/resource/osconfig/google_os_config_guest_policies.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "osconfig.guestPolicies.create",
+      "osconfig.guestPolicies.delete",
+      "osconfig.guestPolicies.get",
+      "osconfig.guestPolicies.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/osconfig/google_os_config_os_policy_assignment.json b/src/mapping/google/resource/osconfig/google_os_config_os_policy_assignment.json
new file mode 100644
index 00000000..ff6ec407
--- /dev/null
+++ b/src/mapping/google/resource/osconfig/google_os_config_os_policy_assignment.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "osconfig.osPolicyAssignments.create",
+      "osconfig.osPolicyAssignments.delete",
+      "osconfig.osPolicyAssignments.get",
+      "osconfig.osPolicyAssignments.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/osconfig/google_os_config_patch_deployment.json b/src/mapping/google/resource/osconfig/google_os_config_patch_deployment.json
new file mode 100644
index 00000000..76d305f0
--- /dev/null
+++ b/src/mapping/google/resource/osconfig/google_os_config_patch_deployment.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "osconfig.patchDeployments.create",
+      "osconfig.patchDeployments.delete",
+      "osconfig.patchDeployments.update",
+      "osconfig.patchDeployments.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator.json b/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator.json
new file mode 100644
index 00000000..14e8558b
--- /dev/null
+++ b/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "osconfig.policyOrchestrators.create",
+      "osconfig.policyOrchestrators.delete",
+      "osconfig.policyOrchestrators.get",
+      "osconfig.policyOrchestrators.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_folder.json b/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_folder.json
new file mode 100644
index 00000000..14e8558b
--- /dev/null
+++ b/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_folder.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "osconfig.policyOrchestrators.create",
+      "osconfig.policyOrchestrators.delete",
+      "osconfig.policyOrchestrators.get",
+      "osconfig.policyOrchestrators.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_organization.json b/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_organization.json
new file mode 100644
index 00000000..14e8558b
--- /dev/null
+++ b/src/mapping/google/resource/osconfig/google_os_config_v2_policy_orchestrator_for_organization.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "osconfig.policyOrchestrators.create",
+      "osconfig.policyOrchestrators.delete",
+      "osconfig.policyOrchestrators.get",
+      "osconfig.policyOrchestrators.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/parallelstore/google_parallelstore_instance.json b/src/mapping/google/resource/parallelstore/google_parallelstore_instance.json
new file mode 100644
index 00000000..1a3aadf0
--- /dev/null
+++ b/src/mapping/google/resource/parallelstore/google_parallelstore_instance.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "parallelstore.instances.create",
+      "parallelstore.instances.get",
+      "parallelstore.instances.update",
+      "parallelstore.instances.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_ca_pool.json b/src/mapping/google/resource/privateca/google_privateca_ca_pool.json
new file mode 100644
index 00000000..f2023311
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_ca_pool.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "privateca.caPools.create",
+      "privateca.caPools.get",
+      "privateca.caPools.delete",
+      "privateca.caPools.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "privateca.caPools.delete"
+    ],
+    "modify": [
+      "privateca.caPools.update"
+    ],
+    "plan": [
+      "privateca.caPools.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_binding.json b/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_binding.json
new file mode 100644
index 00000000..d4e6b1a1
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "privateca.caPools.getIamPolicy",
+      "privateca.caPools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_member.json b/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_member.json
new file mode 100644
index 00000000..d4e6b1a1
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "privateca.caPools.getIamPolicy",
+      "privateca.caPools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_policy.json b/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_policy.json
new file mode 100644
index 00000000..7ddb7897
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_ca_pool_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "privateca.caPools.getIamPolicy",
+      "privateca.caPools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "privateca.caPools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_certificate.json b/src/mapping/google/resource/privateca/google_privateca_certificate.json
new file mode 100644
index 00000000..c3c4fe3a
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_certificate.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "privateca.certificates.create",
+      "privateca.certificates.get",
+      "privateca.certificates.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_certificate_authority.json b/src/mapping/google/resource/privateca/google_privateca_certificate_authority.json
new file mode 100644
index 00000000..81312ca2
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_certificate_authority.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "privateca.certificateAuthorities.create",
+      "privateca.certificateAuthorities.get",
+      "privateca.certificateAuthorities.update",
+      "privateca.certificateAuthorities.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_certificate_template.json b/src/mapping/google/resource/privateca/google_privateca_certificate_template.json
new file mode 100644
index 00000000..8dfeb2dc
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_certificate_template.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "privateca.certificateTemplates.create",
+      "privateca.certificateTemplates.get",
+      "privateca.certificateTemplates.delete",
+      "privateca.operations.get",
+      "privateca.operations.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_binding.json b/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_binding.json
new file mode 100644
index 00000000..fcd861ad
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "privateca.certificateTemplates.getIamPolicy",
+      "privateca.certificateTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_member.json b/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_member.json
new file mode 100644
index 00000000..fcd861ad
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "privateca.certificateTemplates.getIamPolicy",
+      "privateca.certificateTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_policy.json b/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_policy.json
new file mode 100644
index 00000000..21db326c
--- /dev/null
+++ b/src/mapping/google/resource/privateca/google_privateca_certificate_template_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "privateca.certificateTemplates.getIamPolicy",
+      "privateca.certificateTemplates.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "privateca.certificateTemplates.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/privilegedaccessmanager/google_privileged_access_manager_entitlement.json b/src/mapping/google/resource/privilegedaccessmanager/google_privileged_access_manager_entitlement.json
new file mode 100644
index 00000000..4a19a167
--- /dev/null
+++ b/src/mapping/google/resource/privilegedaccessmanager/google_privileged_access_manager_entitlement.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "privilegedaccessmanager.entitlements.get",
+      "privilegedaccessmanager.entitlements.list",
+      "privilegedaccessmanager.entitlements.update",
+      "privilegedaccessmanager.entitlements.create",
+      "privilegedaccessmanager.entitlements.delete",
+      "privilegedaccessmanager.entitlements.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "privilegedaccessmanager.entitlements.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_binding.json b/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_binding.json
new file mode 100644
index 00000000..c3e4810d
--- /dev/null
+++ b/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "pubsub.schemas.getIamPolicy",
+      "pubsub.schemas.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_member.json b/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_member.json
new file mode 100644
index 00000000..c3e4810d
--- /dev/null
+++ b/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "pubsub.schemas.getIamPolicy",
+      "pubsub.schemas.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_policy.json b/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_policy.json
new file mode 100644
index 00000000..ab5ed7e5
--- /dev/null
+++ b/src/mapping/google/resource/pubsub/google_pubsub_schema_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "pubsub.schemas.getIamPolicy",
+      "pubsub.schemas.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "pubsub.schemas.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_subscription.json b/src/mapping/google/resource/pubsub/google_pubsub_subscription.json
index e9bcf53e..44aa95c7 100644
--- a/src/mapping/google/resource/pubsub/google_pubsub_subscription.json
+++ b/src/mapping/google/resource/pubsub/google_pubsub_subscription.json
@@ -14,6 +14,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "pubsub.subscriptions.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_binding.json b/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_binding.json
new file mode 100644
index 00000000..4c0b7ac8
--- /dev/null
+++ b/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "pubsub.subscriptions.getIamPolicy",
+      "pubsub.subscriptions.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_member.json b/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_member.json
new file mode 100644
index 00000000..4c0b7ac8
--- /dev/null
+++ b/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "pubsub.subscriptions.getIamPolicy",
+      "pubsub.subscriptions.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_policy.json b/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_policy.json
new file mode 100644
index 00000000..ad47cd92
--- /dev/null
+++ b/src/mapping/google/resource/pubsub/google_pubsub_subscription_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "pubsub.subscriptions.getIamPolicy",
+      "pubsub.subscriptions.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "pubsub.subscriptions.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_topic.json b/src/mapping/google/resource/pubsub/google_pubsub_topic.json
index 371b65b8..f7dfdd70 100644
--- a/src/mapping/google/resource/pubsub/google_pubsub_topic.json
+++ b/src/mapping/google/resource/pubsub/google_pubsub_topic.json
@@ -11,6 +11,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "pubsub.topics.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/pubsub/google_pubsub_topic_iam_policy.json b/src/mapping/google/resource/pubsub/google_pubsub_topic_iam_policy.json
new file mode 100644
index 00000000..c3a19d5b
--- /dev/null
+++ b/src/mapping/google/resource/pubsub/google_pubsub_topic_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "pubsub.topics.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/redis/google_redis_cluster.json b/src/mapping/google/resource/redis/google_redis_cluster.json
new file mode 100644
index 00000000..bb3b262f
--- /dev/null
+++ b/src/mapping/google/resource/redis/google_redis_cluster.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "redis.clusters.get",
+      "redis.clusters.create",
+      "redis.operations.get",
+      "redis.clusters.update",
+      "redis.clusters.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/redis/google_redis_cluster_user_created_connections.json b/src/mapping/google/resource/redis/google_redis_cluster_user_created_connections.json
new file mode 100644
index 00000000..599a50a0
--- /dev/null
+++ b/src/mapping/google/resource/redis/google_redis_cluster_user_created_connections.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "redis.clusters.connect"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_billing_project_info.json b/src/mapping/google/resource/resourcemanager/google_billing_project_info.json
new file mode 100644
index 00000000..4de8ae1e
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_billing_project_info.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "resourcemanager.projects.get",
+      "resourcemanager.projects.deleteBillingAssignment",
+      "resourcemanager.projects.createBillingAssignment"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_folder_iam_binding.json b/src/mapping/google/resource/resourcemanager/google_folder_iam_binding.json
new file mode 100644
index 00000000..564d4c7b
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_folder_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.folders.getIamPolicy",
+      "resourcemanager.folders.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_folder_iam_member.json b/src/mapping/google/resource/resourcemanager/google_folder_iam_member.json
new file mode 100644
index 00000000..564d4c7b
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_folder_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.folders.getIamPolicy",
+      "resourcemanager.folders.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_folder_iam_policy.json b/src/mapping/google/resource/resourcemanager/google_folder_iam_policy.json
new file mode 100644
index 00000000..07f8dced
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_folder_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.folders.getIamPolicy",
+      "resourcemanager.folders.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.folders.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_organization_iam_binding.json b/src/mapping/google/resource/resourcemanager/google_organization_iam_binding.json
new file mode 100644
index 00000000..6d588b66
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_organization_iam_binding.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.organizations.getIamPolicy",
+      "resourcemanager.organizations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.organizations.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_organization_iam_member.json b/src/mapping/google/resource/resourcemanager/google_organization_iam_member.json
new file mode 100644
index 00000000..74978faa
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_organization_iam_member.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.organizations.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_organization_iam_policy.json b/src/mapping/google/resource/resourcemanager/google_organization_iam_policy.json
new file mode 100644
index 00000000..6d588b66
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_organization_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.organizations.getIamPolicy",
+      "resourcemanager.organizations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.organizations.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_project.json b/src/mapping/google/resource/resourcemanager/google_project.json
new file mode 100644
index 00000000..18ab5802
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_project.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "resourcemanager.organizations.get",
+      "resourcemanager.projects.create",
+      "resourcemanager.projects.delete",
+      "resourcemanager.projects.get",
+      "resourcemanager.projects.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_project_iam_member_remove.json b/src/mapping/google/resource/resourcemanager/google_project_iam_member_remove.json
new file mode 100644
index 00000000..81b04628
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_project_iam_member_remove.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.projects.setIamPolicy",
+      "resourcemanager.projects.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_project_iam_policy.json b/src/mapping/google/resource/resourcemanager/google_project_iam_policy.json
new file mode 100644
index 00000000..06958c4b
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_project_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.projects.setIamPolicy",
+      "resourcemanager.projects.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.projects.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_location_tag_binding.json b/src/mapping/google/resource/resourcemanager/google_tags_location_tag_binding.json
new file mode 100644
index 00000000..16223e3f
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_location_tag_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagValueBindings.create",
+      "resourcemanager.tagValueBindings.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_binding.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_binding.json
new file mode 100644
index 00000000..16223e3f
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagValueBindings.create",
+      "resourcemanager.tagValueBindings.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_key.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_key.json
new file mode 100644
index 00000000..a977ae2d
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_key.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagKeys.create",
+      "resourcemanager.tagKeys.delete",
+      "resourcemanager.tagKeys.get",
+      "resourcemanager.tagKeys.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_binding.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_binding.json
new file mode 100644
index 00000000..d1bbd30a
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagKeys.getIamPolicy",
+      "resourcemanager.tagKeys.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_member.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_member.json
new file mode 100644
index 00000000..d1bbd30a
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagKeys.getIamPolicy",
+      "resourcemanager.tagKeys.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_policy.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_policy.json
new file mode 100644
index 00000000..5e0dbbcd
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_key_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagKeys.getIamPolicy",
+      "resourcemanager.tagKeys.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.tagKeys.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_value.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_value.json
new file mode 100644
index 00000000..4eb0c0b1
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_value.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagValues.create",
+      "resourcemanager.tagValues.update",
+      "resourcemanager.tagValues.delete",
+      "resourcemanager.tagValues.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_binding.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_binding.json
new file mode 100644
index 00000000..b87a8a3d
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagValues.getIamPolicy",
+      "resourcemanager.tagValues.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_member.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_member.json
new file mode 100644
index 00000000..b87a8a3d
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagValues.getIamPolicy",
+      "resourcemanager.tagValues.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_policy.json b/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_policy.json
new file mode 100644
index 00000000..b2c6d5f4
--- /dev/null
+++ b/src/mapping/google/resource/resourcemanager/google_tags_tag_value_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "resourcemanager.tagValues.getIamPolicy",
+      "resourcemanager.tagValues.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "resourcemanager.tagValues.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_domain_mapping.json b/src/mapping/google/resource/run/google_cloud_run_domain_mapping.json
new file mode 100644
index 00000000..670b80ca
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_domain_mapping.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "run.domainmappings.create",
+      "run.domainmappings.get",
+      "run.domainmappings.delete",
+      "run.domainmappings.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "run.domainmappings.delete"
+    ],
+    "modify": [
+      "run.domainmappings.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_service.json b/src/mapping/google/resource/run/google_cloud_run_service.json
new file mode 100644
index 00000000..938d5ca6
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_service.json
@@ -0,0 +1,23 @@
+[
+  {
+    "apply": [
+      "run.services.create",
+      "run.services.get",
+      "run.services.delete",
+      "run.services.update",
+      "run.operations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "run.services.delete"
+    ],
+    "modify": [
+      "run.services.update"
+    ],
+    "plan": [
+      "run.services.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_service_iam_binding.json b/src/mapping/google/resource/run/google_cloud_run_service_iam_binding.json
new file mode 100644
index 00000000..a69c8dd3
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "run.services.getIamPolicy",
+      "run.services.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_service_iam_member.json b/src/mapping/google/resource/run/google_cloud_run_service_iam_member.json
new file mode 100644
index 00000000..a69c8dd3
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "run.services.getIamPolicy",
+      "run.services.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_service_iam_policy.json b/src/mapping/google/resource/run/google_cloud_run_service_iam_policy.json
new file mode 100644
index 00000000..d0a9d794
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "run.services.getIamPolicy",
+      "run.services.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.services.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_v2_job.json b/src/mapping/google/resource/run/google_cloud_run_v2_job.json
index b4f20b11..7acab11b 100644
--- a/src/mapping/google/resource/run/google_cloud_run_v2_job.json
+++ b/src/mapping/google/resource/run/google_cloud_run_v2_job.json
@@ -1,21 +1,23 @@
-[
-  {
-    "apply": [
-      "run.jobs.create",
-      "run.jobs.get",
-      "run.operations.get",
-      "run.jobs.delete",
-      "run.jobs.update"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "run.jobs.delete"
-    ],
-    "modify": [
-      "run.jobs.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "run.jobs.create",
+      "run.jobs.get",
+      "run.operations.get",
+      "run.jobs.delete",
+      "run.jobs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "run.jobs.delete"
+    ],
+    "modify": [
+      "run.jobs.update"
+    ],
+    "plan": [
+      "run.jobs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_v2_service.json b/src/mapping/google/resource/run/google_cloud_run_v2_service.json
index 1a29dd24..311267a1 100644
--- a/src/mapping/google/resource/run/google_cloud_run_v2_service.json
+++ b/src/mapping/google/resource/run/google_cloud_run_v2_service.json
@@ -4,9 +4,13 @@
       "run.services.create",
       "run.services.get",
       "run.services.delete",
-      "run.services.update"
+      "run.services.update",
+      "run.operations.get"
     ],
     "attributes": {
+      "image_uri": [
+        "artifactregistry.repositories.downloadArtifacts"
+      ],
       "tags": []
     },
     "destroy": [
@@ -15,6 +19,8 @@
     "modify": [
       "run.services.update"
     ],
-    "plan": []
+    "plan": [
+      "run.services.get"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool.json b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool.json
new file mode 100644
index 00000000..b051de2f
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "run.workerpools.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.workerpools.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_binding.json b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_binding.json
new file mode 100644
index 00000000..b17b287e
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "run.workerpools.getIamPolicy",
+      "run.workerpools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_member.json b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_member.json
new file mode 100644
index 00000000..b17b287e
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "run.workerpools.getIamPolicy",
+      "run.workerpools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_policy.json b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_policy.json
new file mode 100644
index 00000000..53f40436
--- /dev/null
+++ b/src/mapping/google/resource/run/google_cloud_run_v2_worker_pool_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "run.workerpools.getIamPolicy",
+      "run.workerpools.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.workerpools.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config.json b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config.json
new file mode 100644
index 00000000..7770456d
--- /dev/null
+++ b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "runtimeconfig.configs.create",
+      "runtimeconfig.configs.get",
+      "runtimeconfig.configs.update",
+      "runtimeconfig.configs.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_binding.json b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_binding.json
new file mode 100644
index 00000000..f3a89537
--- /dev/null
+++ b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "runtimeconfig.configs.getIamPolicy",
+      "runtimeconfig.configs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_member.json b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_member.json
new file mode 100644
index 00000000..f3a89537
--- /dev/null
+++ b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "runtimeconfig.configs.getIamPolicy",
+      "runtimeconfig.configs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_policy.json b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_policy.json
new file mode 100644
index 00000000..463acda2
--- /dev/null
+++ b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_config_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "runtimeconfig.configs.getIamPolicy",
+      "runtimeconfig.configs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "runtimeconfig.configs.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_variable.json b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_variable.json
new file mode 100644
index 00000000..73ffaf2a
--- /dev/null
+++ b/src/mapping/google/resource/runtimeconfig/google_runtimeconfig_variable.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "runtimeconfig.variables.create",
+      "runtimeconfig.variables.delete",
+      "runtimeconfig.variables.get",
+      "runtimeconfig.variables.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret.json b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret.json
new file mode 100644
index 00000000..478b9d78
--- /dev/null
+++ b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "secretmanager.secrets.create",
+      "secretmanager.secrets.get",
+      "secretmanager.secrets.update",
+      "secretmanager.secrets.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "secretmanager.secrets.delete"
+    ],
+    "modify": [
+      "secretmanager.secrets.update"
+    ],
+    "plan": [
+      "secretmanager.secrets.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_binding.json b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_binding.json
new file mode 100644
index 00000000..aa7d0851
--- /dev/null
+++ b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "secretmanager.secrets.getIamPolicy",
+      "secretmanager.secrets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_member.json b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_member.json
new file mode 100644
index 00000000..aa7d0851
--- /dev/null
+++ b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "secretmanager.secrets.getIamPolicy",
+      "secretmanager.secrets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_policy.json b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_policy.json
new file mode 100644
index 00000000..9f1df28a
--- /dev/null
+++ b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "secretmanager.secrets.getIamPolicy",
+      "secretmanager.secrets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "secretmanager.secrets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_version.json b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_version.json
new file mode 100644
index 00000000..2733eb1a
--- /dev/null
+++ b/src/mapping/google/resource/secretmanager/google_secret_manager_regional_secret_version.json
@@ -0,0 +1,23 @@
+[
+  {
+    "apply": [
+      "secretmanager.versions.add",
+      "secretmanager.versions.enable",
+      "secretmanager.versions.get",
+      "secretmanager.versions.disable",
+      "secretmanager.versions.access",
+      "secretmanager.versions.destroy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "secretmanager.versions.disable",
+      "secretmanager.versions.destroy"
+    ],
+    "modify": [],
+    "plan": [
+      "secretmanager.versions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_branch_rule.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_branch_rule.json
new file mode 100644
index 00000000..35c1e881
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_branch_rule.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.branchRules.delete",
+      "securesourcemanager.branchRules.create",
+      "securesourcemanager.branchRules.get",
+      "securesourcemanager.branchRules.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance.json
new file mode 100644
index 00000000..57c9d967
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.instances.create",
+      "securesourcemanager.instances.get",
+      "securesourcemanager.instances.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_binding.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_binding.json
new file mode 100644
index 00000000..2e67a409
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.instances.getIamPolicy",
+      "securesourcemanager.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_member.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_member.json
new file mode 100644
index 00000000..2e67a409
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.instances.getIamPolicy",
+      "securesourcemanager.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_policy.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_policy.json
new file mode 100644
index 00000000..1f17ab2d
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_instance_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.instances.getIamPolicy",
+      "securesourcemanager.instances.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securesourcemanager.instances.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository.json
new file mode 100644
index 00000000..c72b880f
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.repositories.get",
+      "securesourcemanager.repositories.create",
+      "securesourcemanager.repositories.update",
+      "securesourcemanager.repositories.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_binding.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_binding.json
new file mode 100644
index 00000000..fc1a8baf
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.repositories.getIamPolicy",
+      "securesourcemanager.repositories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_member.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_member.json
new file mode 100644
index 00000000..fc1a8baf
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.repositories.getIamPolicy",
+      "securesourcemanager.repositories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_policy.json b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_policy.json
new file mode 100644
index 00000000..871acd6b
--- /dev/null
+++ b/src/mapping/google/resource/securesourcemanager/google_secure_source_manager_repository_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "securesourcemanager.repositories.getIamPolicy",
+      "securesourcemanager.repositories.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securesourcemanager.repositories.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/securitycenter/google_scc_source_iam_binding.json b/src/mapping/google/resource/securitycenter/google_scc_source_iam_binding.json
new file mode 100644
index 00000000..9b11e06f
--- /dev/null
+++ b/src/mapping/google/resource/securitycenter/google_scc_source_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securitycenter.sources.getIamPolicy",
+      "securitycenter.sources.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securitycenter/google_scc_source_iam_member.json b/src/mapping/google/resource/securitycenter/google_scc_source_iam_member.json
new file mode 100644
index 00000000..9b11e06f
--- /dev/null
+++ b/src/mapping/google/resource/securitycenter/google_scc_source_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securitycenter.sources.getIamPolicy",
+      "securitycenter.sources.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securitycenter/google_scc_source_iam_policy.json b/src/mapping/google/resource/securitycenter/google_scc_source_iam_policy.json
new file mode 100644
index 00000000..670013cf
--- /dev/null
+++ b/src/mapping/google/resource/securitycenter/google_scc_source_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "securitycenter.sources.getIamPolicy",
+      "securitycenter.sources.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securitycenter.sources.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_binding.json b/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_binding.json
new file mode 100644
index 00000000..9b11e06f
--- /dev/null
+++ b/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securitycenter.sources.getIamPolicy",
+      "securitycenter.sources.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_member.json b/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_member.json
new file mode 100644
index 00000000..9b11e06f
--- /dev/null
+++ b/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "securitycenter.sources.getIamPolicy",
+      "securitycenter.sources.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_policy.json b/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_policy.json
new file mode 100644
index 00000000..670013cf
--- /dev/null
+++ b/src/mapping/google/resource/securitycenter/google_scc_v2_organization_source_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "securitycenter.sources.getIamPolicy",
+      "securitycenter.sources.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "securitycenter.sources.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/servicedirectory/google_service_directory_namespace_iam_policy.json b/src/mapping/google/resource/servicedirectory/google_service_directory_namespace_iam_policy.json
index 94aba09d..5d313248 100644
--- a/src/mapping/google/resource/servicedirectory/google_service_directory_namespace_iam_policy.json
+++ b/src/mapping/google/resource/servicedirectory/google_service_directory_namespace_iam_policy.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "servicedirectory.namespaces.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/servicedirectory/google_service_directory_service_iam_policy.json b/src/mapping/google/resource/servicedirectory/google_service_directory_service_iam_policy.json
index 025bf9be..8872696a 100644
--- a/src/mapping/google/resource/servicedirectory/google_service_directory_service_iam_policy.json
+++ b/src/mapping/google/resource/servicedirectory/google_service_directory_service_iam_policy.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "servicedirectory.services.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_binding.json b/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_binding.json
new file mode 100644
index 00000000..abf5af0b
--- /dev/null
+++ b/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "servicemanagement.services.setIamPolicy",
+      "servicemanagement.services.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_member.json b/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_member.json
new file mode 100644
index 00000000..abf5af0b
--- /dev/null
+++ b/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "servicemanagement.services.setIamPolicy",
+      "servicemanagement.services.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_policy.json b/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_policy.json
new file mode 100644
index 00000000..abf5af0b
--- /dev/null
+++ b/src/mapping/google/resource/servicemanagement/google_endpoints_service_consumers_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "servicemanagement.services.setIamPolicy",
+      "servicemanagement.services.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_binding.json b/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_binding.json
new file mode 100644
index 00000000..abf5af0b
--- /dev/null
+++ b/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "servicemanagement.services.setIamPolicy",
+      "servicemanagement.services.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_member.json b/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_member.json
new file mode 100644
index 00000000..abf5af0b
--- /dev/null
+++ b/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "servicemanagement.services.setIamPolicy",
+      "servicemanagement.services.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_policy.json b/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_policy.json
new file mode 100644
index 00000000..8a22e54c
--- /dev/null
+++ b/src/mapping/google/resource/servicemanagement/google_endpoints_service_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "servicemanagement.services.setIamPolicy",
+      "servicemanagement.services.getIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "servicemanagement.services.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/source/google_sourcerepo_repository_iam_binding.json b/src/mapping/google/resource/source/google_sourcerepo_repository_iam_binding.json
new file mode 100644
index 00000000..327b5075
--- /dev/null
+++ b/src/mapping/google/resource/source/google_sourcerepo_repository_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "source.repos.getIamPolicy",
+      "source.repos.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/source/google_sourcerepo_repository_iam_member.json b/src/mapping/google/resource/source/google_sourcerepo_repository_iam_member.json
new file mode 100644
index 00000000..327b5075
--- /dev/null
+++ b/src/mapping/google/resource/source/google_sourcerepo_repository_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "source.repos.getIamPolicy",
+      "source.repos.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/source/google_sourcerepo_repository_iam_policy.json b/src/mapping/google/resource/source/google_sourcerepo_repository_iam_policy.json
new file mode 100644
index 00000000..497b9782
--- /dev/null
+++ b/src/mapping/google/resource/source/google_sourcerepo_repository_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "source.repos.getIamPolicy",
+      "source.repos.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "source.repos.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/spanner/google_spanner_backup_schedule.json b/src/mapping/google/resource/spanner/google_spanner_backup_schedule.json
new file mode 100644
index 00000000..2e72af7a
--- /dev/null
+++ b/src/mapping/google/resource/spanner/google_spanner_backup_schedule.json
@@ -0,0 +1,21 @@
+[
+  {
+    "apply": [
+      "spanner.databases.createBackup",
+      "spanner.backupSchedules.create",
+      "spanner.backupSchedules.get",
+      "spanner.backupSchedules.delete",
+      "spanner.backupSchedules.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "spanner.backupSchedules.delete"
+    ],
+    "modify": [
+      "spanner.backupSchedules.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/spanner/google_spanner_database.json b/src/mapping/google/resource/spanner/google_spanner_database.json
index 48cfe204..9346d30c 100644
--- a/src/mapping/google/resource/spanner/google_spanner_database.json
+++ b/src/mapping/google/resource/spanner/google_spanner_database.json
@@ -1,23 +1,25 @@
-[
-  {
-    "apply": [
-      "spanner.databases.create",
-      "spanner.databases.drop",
-      "spanner.databases.updateDdl",
-      "spanner.databases.update",
-      "spanner.databases.get",
-      "spanner.databaseOperations.get"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "spanner.databases.drop"
-    ],
-    "modify": [
-      "spanner.databases.updateDdl",
-      "spanner.databases.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "spanner.databases.create",
+      "spanner.databases.drop",
+      "spanner.databases.updateDdl",
+      "spanner.databases.update",
+      "spanner.databases.get",
+      "spanner.databaseOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "spanner.databases.drop"
+    ],
+    "modify": [
+      "spanner.databases.updateDdl",
+      "spanner.databases.update"
+    ],
+    "plan": [
+      "spanner.databases.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/spanner/google_spanner_instance.json b/src/mapping/google/resource/spanner/google_spanner_instance.json
index 3f7a54a9..ec5fd758 100644
--- a/src/mapping/google/resource/spanner/google_spanner_instance.json
+++ b/src/mapping/google/resource/spanner/google_spanner_instance.json
@@ -1,21 +1,23 @@
-[
-  {
-    "apply": [
-      "spanner.instances.create",
-      "spanner.instances.delete",
-      "spanner.instances.update",
-      "spanner.instances.get",
-      "spanner.instanceOperations.get"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "spanner.instances.delete"
-    ],
-    "modify": [
-      "spanner.instances.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "spanner.instances.create",
+      "spanner.instances.delete",
+      "spanner.instances.update",
+      "spanner.instances.get",
+      "spanner.instanceOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "spanner.instances.delete"
+    ],
+    "modify": [
+      "spanner.instances.update"
+    ],
+    "plan": [
+      "spanner.instances.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/spanner/google_spanner_instance_config.json b/src/mapping/google/resource/spanner/google_spanner_instance_config.json
new file mode 100644
index 00000000..c3776c78
--- /dev/null
+++ b/src/mapping/google/resource/spanner/google_spanner_instance_config.json
@@ -0,0 +1,23 @@
+[
+  {
+    "apply": [
+      "spanner.instanceConfigs.get",
+      "spanner.instanceConfigs.create",
+      "spanner.instanceConfigs.update",
+      "spanner.instanceConfigs.delete",
+      "spanner.instanceConfigOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "spanner.instanceConfigs.delete"
+    ],
+    "modify": [
+      "spanner.instanceConfigs.update"
+    ],
+    "plan": [
+      "spanner.instanceConfigOperations.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/spanner/google_spanner_instance_partition.json b/src/mapping/google/resource/spanner/google_spanner_instance_partition.json
new file mode 100644
index 00000000..0432bef9
--- /dev/null
+++ b/src/mapping/google/resource/spanner/google_spanner_instance_partition.json
@@ -0,0 +1,23 @@
+[
+  {
+    "apply": [
+      "spanner.instancePartitions.create",
+      "spanner.instancePartitions.get",
+      "spanner.instancePartitions.update",
+      "spanner.instancePartitions.delete",
+      "spanner.instancePartitionOperations.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "spanner.instancePartitions.delete"
+    ],
+    "modify": [
+      "spanner.instancePartitions.update"
+    ],
+    "plan": [
+      "spanner.instancePartitions.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_bucket.json b/src/mapping/google/resource/storage/google_storage_bucket.json
index 74e9554b..0c73f1f8 100644
--- a/src/mapping/google/resource/storage/google_storage_bucket.json
+++ b/src/mapping/google/resource/storage/google_storage_bucket.json
@@ -1,19 +1,21 @@
-[
-  {
-    "apply": [
-      "storage.buckets.create",
-      "storage.buckets.get",
-      "storage.buckets.delete"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "storage.buckets.delete"
-    ],
-    "modify": [
-      "storage.buckets.update"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "storage.buckets.create",
+      "storage.buckets.get",
+      "storage.buckets.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "storage.buckets.delete"
+    ],
+    "modify": [
+      "storage.buckets.update"
+    ],
+    "plan": [
+      "storage.buckets.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_bucket_iam_member.json b/src/mapping/google/resource/storage/google_storage_bucket_iam_member.json
index fa816333..039c73b1 100644
--- a/src/mapping/google/resource/storage/google_storage_bucket_iam_member.json
+++ b/src/mapping/google/resource/storage/google_storage_bucket_iam_member.json
@@ -1,14 +1,16 @@
-[
-  {
-    "apply": [
-      "storage.buckets.getIamPolicy",
-      "storage.buckets.setIamPolicy"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [],
-    "modify": [],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "storage.buckets.getIamPolicy",
+      "storage.buckets.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "storage.buckets.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_bucket_iam_policy.json b/src/mapping/google/resource/storage/google_storage_bucket_iam_policy.json
index fa816333..1115d60d 100644
--- a/src/mapping/google/resource/storage/google_storage_bucket_iam_policy.json
+++ b/src/mapping/google/resource/storage/google_storage_bucket_iam_policy.json
@@ -9,6 +9,8 @@
     },
     "destroy": [],
     "modify": [],
-    "plan": []
+    "plan": [
+      "storage.buckets.getIamPolicy"
+    ]
   }
 ]
diff --git a/src/mapping/google/resource/storage/google_storage_bucket_object.json b/src/mapping/google/resource/storage/google_storage_bucket_object.json
index ab601cde..8ded2526 100644
--- a/src/mapping/google/resource/storage/google_storage_bucket_object.json
+++ b/src/mapping/google/resource/storage/google_storage_bucket_object.json
@@ -1,18 +1,20 @@
-[
-  {
-    "apply": [
-      "storage.objects.create",
-      "storage.objects.delete"
-    ],
-    "attributes": {
-      "tags": []
-    },
-    "destroy": [
-      "storage.objects.delete"
-    ],
-    "modify": [
-      "storage.objects.get"
-    ],
-    "plan": []
-  }
-]
+[
+  {
+    "apply": [
+      "storage.objects.create",
+      "storage.objects.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "storage.objects.delete"
+    ],
+    "modify": [
+      "storage.objects.get"
+    ],
+    "plan": [
+      "storage.objects.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_control_folder_intelligence_config.json b/src/mapping/google/resource/storage/google_storage_control_folder_intelligence_config.json
new file mode 100644
index 00000000..9e66cdec
--- /dev/null
+++ b/src/mapping/google/resource/storage/google_storage_control_folder_intelligence_config.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "storage.intelligenceConfigs.get",
+      "storage.intelligenceConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_control_organization_intelligence_config.json b/src/mapping/google/resource/storage/google_storage_control_organization_intelligence_config.json
new file mode 100644
index 00000000..9e66cdec
--- /dev/null
+++ b/src/mapping/google/resource/storage/google_storage_control_organization_intelligence_config.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "storage.intelligenceConfigs.get",
+      "storage.intelligenceConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_control_project_intelligence_config.json b/src/mapping/google/resource/storage/google_storage_control_project_intelligence_config.json
new file mode 100644
index 00000000..29e3fb56
--- /dev/null
+++ b/src/mapping/google/resource/storage/google_storage_control_project_intelligence_config.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "storage.intelligenceConfigs.get",
+      "storage.intelligenceConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_managed_folder_iam_binding.json b/src/mapping/google/resource/storage/google_storage_managed_folder_iam_binding.json
new file mode 100644
index 00000000..04e7576b
--- /dev/null
+++ b/src/mapping/google/resource/storage/google_storage_managed_folder_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "storage.managedFolders.getIamPolicy",
+      "storage.managedFolders.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_managed_folder_iam_member.json b/src/mapping/google/resource/storage/google_storage_managed_folder_iam_member.json
new file mode 100644
index 00000000..04e7576b
--- /dev/null
+++ b/src/mapping/google/resource/storage/google_storage_managed_folder_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "storage.managedFolders.getIamPolicy",
+      "storage.managedFolders.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/storage/google_storage_managed_folder_iam_policy.json b/src/mapping/google/resource/storage/google_storage_managed_folder_iam_policy.json
new file mode 100644
index 00000000..04e7576b
--- /dev/null
+++ b/src/mapping/google/resource/storage/google_storage_managed_folder_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "storage.managedFolders.getIamPolicy",
+      "storage.managedFolders.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/storageinsights/google_storage_insights_dataset_config.json b/src/mapping/google/resource/storageinsights/google_storage_insights_dataset_config.json
new file mode 100644
index 00000000..b77bd46a
--- /dev/null
+++ b/src/mapping/google/resource/storageinsights/google_storage_insights_dataset_config.json
@@ -0,0 +1,25 @@
+[
+  {
+    "apply": [
+      "storage.buckets.get",
+      "storage.objects.list",
+      "storage.buckets.getObjectInsights",
+      "storage.objects.create",
+      "storage.buckets.get",
+      "storageinsights.reportConfigs.get",
+      "storageinsights.reportConfigs.create",
+      "storageinsights.reportConfigs.delete",
+      "storageinsights.reportConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "storageinsights.reportConfigs.delete"
+    ],
+    "modify": [
+      "storageinsights.reportConfigs.update"
+    ],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/tpu/google_tpu_node.json b/src/mapping/google/resource/tpu/google_tpu_node.json
new file mode 100644
index 00000000..a8e6e84a
--- /dev/null
+++ b/src/mapping/google/resource/tpu/google_tpu_node.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "tpu.nodes.create",
+      "tpu.nodes.get",
+      "tpu.nodes.delete",
+      "tpu.nodes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/tpu/google_tpu_v2_queued_resource.json b/src/mapping/google/resource/tpu/google_tpu_v2_queued_resource.json
new file mode 100644
index 00000000..a8e6e84a
--- /dev/null
+++ b/src/mapping/google/resource/tpu/google_tpu_v2_queued_resource.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "tpu.nodes.create",
+      "tpu.nodes.get",
+      "tpu.nodes.delete",
+      "tpu.nodes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/tpu/google_tpu_v2_vm.json b/src/mapping/google/resource/tpu/google_tpu_v2_vm.json
new file mode 100644
index 00000000..a8e6e84a
--- /dev/null
+++ b/src/mapping/google/resource/tpu/google_tpu_v2_vm.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "tpu.nodes.create",
+      "tpu.nodes.get",
+      "tpu.nodes.delete",
+      "tpu.nodes.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/transcoder/google_transcoder_job.json b/src/mapping/google/resource/transcoder/google_transcoder_job.json
new file mode 100644
index 00000000..8b781d7e
--- /dev/null
+++ b/src/mapping/google/resource/transcoder/google_transcoder_job.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "transcoder.jobs.create",
+      "transcoder.jobs.get",
+      "transcoder.jobs.delete",
+      "transcoder.jobs.get"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/transcoder/google_transcoder_job_template.json b/src/mapping/google/resource/transcoder/google_transcoder_job_template.json
new file mode 100644
index 00000000..ebe5f17e
--- /dev/null
+++ b/src/mapping/google/resource/transcoder/google_transcoder_job_template.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "transcoder.jobTemplates.create",
+      "transcoder.jobTemplates.get",
+      "transcoder.jobTemplates.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_cluster.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_cluster.json
new file mode 100644
index 00000000..52ec3615
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_cluster.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vmwareengine.clusters.create",
+      "vmwareengine.clusters.delete",
+      "vmwareengine.clusters.get",
+      "vmwareengine.clusters.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_external_access_rule.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_external_access_rule.json
new file mode 100644
index 00000000..d9447e1b
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_external_access_rule.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vmwareengine.externalAccessRules.create",
+      "vmwareengine.externalAccessRules.delete",
+      "vmwareengine.externalAccessRules.get",
+      "vmwareengine.externalAccessRules.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_external_address.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_external_address.json
new file mode 100644
index 00000000..8a3f5329
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_external_address.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vmwareengine.externalAddresses.create",
+      "vmwareengine.externalAddresses.delete",
+      "vmwareengine.externalAddresses.get",
+      "vmwareengine.externalAddresses.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_network.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_network.json
new file mode 100644
index 00000000..57e7ec5f
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_network.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vmwareengine.vmwareEngineNetworks.create",
+      "vmwareengine.vmwareEngineNetworks.delete",
+      "vmwareengine.vmwareEngineNetworks.get",
+      "vmwareengine.vmwareEngineNetworks.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_network_peering.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_network_peering.json
new file mode 100644
index 00000000..fee1226f
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_network_peering.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vmwareengine.externalAddresses.create",
+      "vmwareengine.externalAddresses.delete",
+      "vmwareengine.externalAddresses.get",
+      "vmwareengine.externalAddresses.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_network_policy.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_network_policy.json
new file mode 100644
index 00000000..3dacb5d2
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_network_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vmwareengine.networkPolicies.create",
+      "vmwareengine.networkPolicies.delete",
+      "vmwareengine.networkPolicies.get",
+      "vmwareengine.networkPolicies.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_private_cloud.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_private_cloud.json
new file mode 100644
index 00000000..b8ec8759
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_private_cloud.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vmwareengine.privateClouds.create",
+      "vmwareengine.privateClouds.get",
+      "vmwareengine.privateClouds.delete",
+      "vmwareengine.privateClouds.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vmwareengine/google_vmwareengine_subnet.json b/src/mapping/google/resource/vmwareengine/google_vmwareengine_subnet.json
new file mode 100644
index 00000000..090dbc7c
--- /dev/null
+++ b/src/mapping/google/resource/vmwareengine/google_vmwareengine_subnet.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "vmwareengine.subnets.get",
+      "vmwareengine.subnets.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/vpcaccess/google_vpc_access_connector.json b/src/mapping/google/resource/vpcaccess/google_vpc_access_connector.json
new file mode 100644
index 00000000..4dadb545
--- /dev/null
+++ b/src/mapping/google/resource/vpcaccess/google_vpc_access_connector.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "vpcaccess.connectors.create",
+      "vpcaccess.connectors.delete",
+      "vpcaccess.connectors.get",
+      "vpcaccess.connectors.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workflows/google_workflows_workflow.json b/src/mapping/google/resource/workflows/google_workflows_workflow.json
new file mode 100644
index 00000000..45efd560
--- /dev/null
+++ b/src/mapping/google/resource/workflows/google_workflows_workflow.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "workflows.workflows.create",
+      "workflows.workflows.delete",
+      "workflows.workflows.get",
+      "workflows.workflows.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation.json b/src/mapping/google/resource/workstations/google_workstations_workstation.json
new file mode 100644
index 00000000..d83fe594
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "workstations.workstations.create",
+      "workstations.workstations.delete",
+      "workstations.workstations.get",
+      "workstations.workstations.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_cluster.json b/src/mapping/google/resource/workstations/google_workstations_workstation_cluster.json
new file mode 100644
index 00000000..525e4cf2
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_cluster.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "workstations.workstationClusters.create",
+      "workstations.workstationClusters.delete",
+      "workstations.workstationClusters.get",
+      "workstations.workstationClusters.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_config.json b/src/mapping/google/resource/workstations/google_workstations_workstation_config.json
new file mode 100644
index 00000000..4b11e785
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_config.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "workstations.workstationConfigs.create",
+      "workstations.workstationConfigs.delete",
+      "workstations.workstationConfigs.get",
+      "workstations.workstationConfigs.update"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_binding.json b/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_binding.json
new file mode 100644
index 00000000..a8904bc7
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "workstations.workstationConfigs.getIamPolicy",
+      "workstations.workstationConfigs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_member.json b/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_member.json
new file mode 100644
index 00000000..a8904bc7
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "workstations.workstationConfigs.getIamPolicy",
+      "workstations.workstationConfigs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_policy.json b/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_policy.json
new file mode 100644
index 00000000..60e562c0
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_config_iam_policy.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "workstations.workstationConfigs.getIamPolicy",
+      "workstations.workstationConfigs.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "workstations.workstationConfigs.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_iam_binding.json b/src/mapping/google/resource/workstations/google_workstations_workstation_iam_binding.json
new file mode 100644
index 00000000..a9763718
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_iam_binding.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "workstations.workstations.getIamPolicy",
+      "workstations.workstations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_iam_member.json b/src/mapping/google/resource/workstations/google_workstations_workstation_iam_member.json
new file mode 100644
index 00000000..a9763718
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_iam_member.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "workstations.workstations.getIamPolicy",
+      "workstations.workstations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/google/resource/workstations/google_workstations_workstation_iam_policy.json b/src/mapping/google/resource/workstations/google_workstations_workstation_iam_policy.json
new file mode 100644
index 00000000..a9763718
--- /dev/null
+++ b/src/mapping/google/resource/workstations/google_workstations_workstation_iam_policy.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "workstations.workstations.getIamPolicy",
+      "workstations.workstations.setIamPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/modules.go b/src/modules.go
new file mode 100644
index 00000000..a3f34b17
--- /dev/null
+++ b/src/modules.go
@@ -0,0 +1,101 @@
+package pike
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+
+	"github.com/hashicorp/go-version"
+)
+
+const (
+	ManifestSnapshotFilename = "modules.json"
+)
+
+// Record represents some metadata about an installed module, as part
+// of a module JSON.
+type Record struct {
+	Key        string           `json:"Key"`
+	SourceAddr string           `json:"Source"`
+	Version    *version.Version `json:"-"`
+	VersionStr string           `json:"Version,omitempty"`
+	Dir        string           `json:"Dir"`
+}
+
+type ModuleJson map[string]Record
+
+type modulesJson struct {
+	Records []Record `json:"Modules"`
+}
+
+type invalidVersionError struct {
+	err     error
+	key     string
+	version string
+}
+
+func (m *invalidVersionError) Error() string {
+	return fmt.Sprintf("invalid version %q for %s: %s", m.version, m.key, m.err)
+}
+
+func ReadModuleJson(r io.Reader) (ModuleJson, error) {
+	src, err := io.ReadAll(r)
+
+	if err != nil {
+		return nil, err
+	}
+
+	if len(src) == 0 {
+		return make(ModuleJson), nil
+	}
+
+	var read modulesJson
+	err = json.Unmarshal(src, &read)
+
+	if err != nil {
+		return nil, &unmarshallJSONError{err, ""}
+	}
+
+	newModuleJson := make(ModuleJson)
+	for _, record := range read.Records {
+		if record.VersionStr != "" {
+			record.Version, err = version.NewVersion(record.VersionStr)
+			if err != nil {
+				return nil, &invalidVersionError{err, record.Key, record.VersionStr}
+			}
+		}
+		// Ensure Windows is using the proper modules path format after
+		// reading the module's manifest Dir records
+		record.Dir = filepath.FromSlash(record.Dir)
+
+		if _, exists := newModuleJson[record.Key]; exists {
+			return nil, fmt.Errorf("snapshot file contains two records for path %s", record.Key)
+		}
+		newModuleJson[record.Key] = record
+	}
+	return newModuleJson, nil
+}
+
+func ReadModuleJsonForDir(dir string) (ModuleJson, error) {
+	fn := filepath.Join(dir, ManifestSnapshotFilename)
+	r, err := os.Open(fn)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return make(ModuleJson), nil
+		}
+		return nil, err
+	}
+	defer r.Close()
+	return ReadModuleJson(r)
+}
+
+func ReturnLocalAddrFromSource(source string, listModules ModuleJson) string {
+	for _, module := range listModules {
+		if module.SourceAddr == source {
+			return module.Dir
+		}
+	}
+	return ""
+}
diff --git a/src/modules_test.go b/src/modules_test.go
new file mode 100644
index 00000000..ca4836d7
--- /dev/null
+++ b/src/modules_test.go
@@ -0,0 +1,305 @@
+package pike
+
+import (
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+)
+
+func TestReadModuleJson_ValidInput(t *testing.T) {
+	jsonInput := `{
+		"Modules": [
+			{
+				"Key": "module1",
+				"Source": "github.com/example/module1",
+				"Version": "1.0.0",
+				"Dir": "modules/module1"
+			},
+			{
+				"Key": "module2",
+				"Source": "github.com/example/module2",
+				"Dir": "modules/module2"
+			}
+		]
+	}`
+
+	reader := strings.NewReader(jsonInput)
+	result, err := ReadModuleJson(reader)
+
+	if err != nil {
+		t.Fatalf("Expected no error, got: %v", err)
+	}
+
+	if len(result) != 2 {
+		t.Fatalf("Expected 2 modules, got: %d", len(result))
+	}
+
+	// Test module1
+	module1, exists := result["module1"]
+	if !exists {
+		t.Fatal("Expected module1 to exist")
+	}
+	if module1.Key != "module1" {
+		t.Errorf("Expected Key 'module1', got: %s", module1.Key)
+	}
+	if module1.SourceAddr != "github.com/example/module1" {
+		t.Errorf("Expected SourceAddr 'github.com/example/module1', got: %s", module1.SourceAddr)
+	}
+	if module1.VersionStr != "1.0.0" {
+		t.Errorf("Expected VersionStr '1.0.0', got: %s", module1.VersionStr)
+	}
+	if module1.Version == nil {
+		t.Error("Expected Version to be parsed")
+	} else if module1.Version.String() != "1.0.0" {
+		t.Errorf("Expected Version '1.0.0', got: %s", module1.Version.String())
+	}
+
+	// Test module2 (no version)
+	module2, exists := result["module2"]
+	if !exists {
+		t.Fatal("Expected module2 to exist")
+	}
+	if module2.Version != nil {
+		t.Error("Expected Version to be nil for module without version")
+	}
+}
+
+func TestReadModuleJson_EmptyInput(t *testing.T) {
+	reader := strings.NewReader("")
+	result, err := ReadModuleJson(reader)
+
+	if err != nil {
+		t.Fatalf("Expected no error, got: %v", err)
+	}
+
+	if len(result) != 0 {
+		t.Fatalf("Expected empty ModuleJson, got: %d modules", len(result))
+	}
+}
+
+func TestReadModuleJson_InvalidJSON(t *testing.T) {
+	reader := strings.NewReader(`{"invalid": json}`)
+	_, err := ReadModuleJson(reader)
+
+	if err == nil {
+		t.Fatal("Expected error for invalid JSON")
+	}
+
+	if !strings.Contains(err.Error(), "invalid character 'j' looking for beginning of value") {
+		t.Errorf("Expected unmarshalling error, got: %v", err)
+	}
+}
+
+func TestReadModuleJson_DuplicateKeys(t *testing.T) {
+	jsonInput := `{
+		"Modules": [
+			{
+				"Key": "duplicate",
+				"Source": "github.com/example/module1",
+				"Dir": "modules/module1"
+			},
+			{
+				"Key": "duplicate",
+				"Source": "github.com/example/module2",
+				"Dir": "modules/module2"
+			}
+		]
+	}`
+
+	reader := strings.NewReader(jsonInput)
+	_, err := ReadModuleJson(reader)
+
+	if err == nil {
+		t.Fatal("Expected error for duplicate keys")
+	}
+
+	if !strings.Contains(err.Error(), "snapshot file contains two records for path duplicate") {
+		t.Errorf("Expected duplicate key error, got: %v", err)
+	}
+}
+
+func TestReadModuleJson_InvalidVersion(t *testing.T) {
+	jsonInput := `{
+		"Modules": [
+			{
+				"Key": "module1",
+				"Source": "github.com/example/module1",
+				"Version": "invalid-version",
+				"Dir": "modules/module1"
+			}
+		]
+	}`
+
+	reader := strings.NewReader(jsonInput)
+	_, err := ReadModuleJson(reader)
+
+	if err == nil {
+		t.Fatal("Expected error for invalid version")
+	}
+
+	if !strings.Contains(err.Error(), "invalid version") {
+		t.Errorf("Expected invalid version error, got: %v", err)
+	}
+}
+
+func TestReadModuleJson_WindowsPathHandling(t *testing.T) {
+	jsonInput := `{
+		"Modules": [
+			{
+				"Key": "module1",
+				"Source": "github.com/example/module1",
+				"Dir": "modules/subdir/module1"
+			}
+		]
+	}`
+
+	reader := strings.NewReader(jsonInput)
+	result, err := ReadModuleJson(reader)
+
+	if err != nil {
+		t.Fatalf("Expected no error, got: %v", err)
+	}
+
+	module1 := result["module1"]
+	expectedDir := filepath.FromSlash("modules/subdir/module1")
+	if module1.Dir != expectedDir {
+		t.Errorf("Expected Dir '%s', got: '%s'", expectedDir, module1.Dir)
+	}
+}
+
+func TestReadModuleJsonForDir_ValidFile(t *testing.T) {
+	// Create a temporary directory
+	tempDir, err := os.MkdirTemp("", "pike-test")
+	if err != nil {
+		t.Fatalf("Failed to create temp dir: %v", err)
+	}
+	defer os.RemoveAll(tempDir)
+
+	// Create a modules.json file
+	jsonContent := `{
+		"Modules": [
+			{
+				"Key": "test-module",
+				"Source": "github.com/example/test",
+				"Dir": "modules/test"
+			}
+		]
+	}`
+
+	modulesFile := filepath.Join(tempDir, ManifestSnapshotFilename)
+	err = os.WriteFile(modulesFile, []byte(jsonContent), 0644)
+	if err != nil {
+		t.Fatalf("Failed to write modules file: %v", err)
+	}
+
+	result, err := ReadModuleJsonForDir(tempDir)
+	if err != nil {
+		t.Fatalf("Expected no error, got: %v", err)
+	}
+
+	if len(result) != 1 {
+		t.Fatalf("Expected 1 module, got: %d", len(result))
+	}
+
+	module, exists := result["test-module"]
+	if !exists {
+		t.Fatal("Expected test-module to exist")
+	}
+	if module.SourceAddr != "github.com/example/test" {
+		t.Errorf("Expected SourceAddr 'github.com/example/test', got: %s", module.SourceAddr)
+	}
+}
+
+func TestReadModuleJsonForDir_NonExistentFile(t *testing.T) {
+	// Create a temporary directory without modules.json
+	tempDir, err := os.MkdirTemp("", "pike-test")
+	if err != nil {
+		t.Fatalf("Failed to create temp dir: %v", err)
+	}
+	defer os.RemoveAll(tempDir)
+
+	result, err := ReadModuleJsonForDir(tempDir)
+	if err != nil {
+		t.Fatalf("Expected no error for non-existent file, got: %v", err)
+	}
+
+	if len(result) != 0 {
+		t.Fatalf("Expected empty ModuleJson, got: %d modules", len(result))
+	}
+}
+
+func TestReadModuleJsonForDir_NonExistentDirectory(t *testing.T) {
+	result, err := ReadModuleJsonForDir("/non/existent/directory")
+	if err != nil {
+		t.Fatalf("Expected no error for non-existent directory, got: %v", err)
+	}
+
+	if len(result) != 0 {
+		t.Fatalf("Expected empty ModuleJson, got: %d modules", len(result))
+	}
+}
+
+func TestReturnLocalAddrFromSource_Found(t *testing.T) {
+	modules := ModuleJson{
+		"module1": Record{
+			Key:        "module1",
+			SourceAddr: "github.com/example/module1",
+			Dir:        "/path/to/module1",
+		},
+		"module2": Record{
+			Key:        "module2",
+			SourceAddr: "github.com/example/module2",
+			Dir:        "/path/to/module2",
+		},
+	}
+
+	result := ReturnLocalAddrFromSource("github.com/example/module2", modules)
+	expected := "/path/to/module2"
+
+	if result != expected {
+		t.Errorf("Expected '%s', got: '%s'", expected, result)
+	}
+}
+
+func TestReturnLocalAddrFromSource_NotFound(t *testing.T) {
+	modules := ModuleJson{
+		"module1": Record{
+			Key:        "module1",
+			SourceAddr: "github.com/example/module1",
+			Dir:        "/path/to/module1",
+		},
+	}
+
+	result := ReturnLocalAddrFromSource("github.com/example/nonexistent", modules)
+
+	if result != "" {
+		t.Errorf("Expected empty string, got: '%s'", result)
+	}
+}
+
+func TestReturnLocalAddrFromSource_EmptyModules(t *testing.T) {
+	modules := make(ModuleJson)
+
+	result := ReturnLocalAddrFromSource("github.com/example/any", modules)
+
+	if result != "" {
+		t.Errorf("Expected empty string, got: '%s'", result)
+	}
+}
+
+func TestReturnLocalAddrFromSource_EmptySource(t *testing.T) {
+	modules := ModuleJson{
+		"module1": Record{
+			Key:        "module1",
+			SourceAddr: "github.com/example/module1",
+			Dir:        "/path/to/module1",
+		},
+	}
+
+	result := ReturnLocalAddrFromSource("", modules)
+
+	if result != "" {
+		t.Errorf("Expected empty string, got: '%s'", result)
+	}
+}
diff --git a/src/parse/aws-members.json b/src/parse/aws-members.json
index c7c8c957..1c433ceb 100755
--- a/src/parse/aws-members.json
+++ b/src/parse/aws-members.json
@@ -1,2073 +1,2195 @@
 {
-  "dataSources": [
-    "aws_acm_certificate",
-    "aws_acmpca_certificate",
-    "aws_acmpca_certificate_authority",
-    "aws_ami",
-    "aws_ami_ids",
-    "aws_api_gateway_api_key",
-    "aws_api_gateway_authorizer",
-    "aws_api_gateway_authorizers",
-    "aws_api_gateway_domain_name",
-    "aws_api_gateway_export",
-    "aws_api_gateway_resource",
-    "aws_api_gateway_rest_api",
-    "aws_api_gateway_sdk",
-    "aws_api_gateway_vpc_link",
-    "aws_apigateway_api_keys",
-    "aws_apigatewayv2_api",
-    "aws_apigatewayv2_apis",
-    "aws_apigatewayv2_export",
-    "aws_apigatewayv2_vpc_link",
-    "aws_appconfig_configuration_profile",
-    "aws_appconfig_configuration_profiles",
-    "aws_appconfig_environment",
-    "aws_appconfig_environments",
-    "aws_appintegrations_event_integration",
-    "aws_appmesh_gateway_route",
-    "aws_appmesh_mesh",
-    "aws_appmesh_route",
-    "aws_appmesh_virtual_gateway",
-    "aws_appmesh_virtual_node",
-    "aws_appmesh_virtual_router",
-    "aws_appmesh_virtual_service",
-    "aws_apprunner_hosted_zone_id",
-    "aws_appstream_image",
-    "aws_arn",
-    "aws_athena_named_query",
-    "aws_auditmanager_control",
-    "aws_auditmanager_framework",
-    "aws_autoscaling_group",
-    "aws_autoscaling_groups",
-    "aws_availability_zone",
-    "aws_availability_zones",
-    "aws_backup_framework",
-    "aws_backup_plan",
-    "aws_backup_report_plan",
-    "aws_backup_selection",
-    "aws_backup_vault",
-    "aws_batch_compute_environment",
-    "aws_batch_job_definition",
-    "aws_batch_job_queue",
-    "aws_batch_scheduling_policy",
-    "aws_bedrock_custom_model",
-    "aws_bedrock_custom_models",
-    "aws_bedrock_foundation_model",
-    "aws_bedrock_foundation_models",
-    "aws_bedrock_inference_profile",
-    "aws_bedrock_inference_profiles",
-    "aws_bedrockagent_agent_versions",
-    "aws_billing_service_account",
-    "aws_budgets_budget",
-    "aws_caller_identity",
-    "aws_canonical_user_id",
-    "aws_chatbot_slack_workspace",
-    "aws_cloudcontrolapi_resource",
-    "aws_cloudformation_export",
-    "aws_cloudformation_stack",
-    "aws_cloudformation_type",
-    "aws_cloudfront_cache_policy",
-    "aws_cloudfront_distribution",
-    "aws_cloudfront_log_delivery_canonical_user_id",
-    "aws_cloudfront_origin_access_control",
-    "aws_cloudfront_origin_access_identities",
-    "aws_cloudfront_origin_access_identity",
-    "aws_cloudfront_origin_request_policy",
-    "aws_cloudfront_realtime_log_config",
-    "aws_cloudfront_response_headers_policy",
-    "aws_cloudhsm_v2_cluster",
-    "aws_cloudtrail_service_account",
-    "aws_cloudwatch_contributor_managed_insight_rules",
-    "aws_cloudwatch_event_bus",
-    "aws_cloudwatch_event_buses",
-    "aws_cloudwatch_event_connection",
-    "aws_cloudwatch_event_source",
-    "aws_cloudwatch_log_data_protection_policy_document",
-    "aws_cloudwatch_log_group",
-    "aws_cloudwatch_log_groups",
-    "aws_codeartifact_authorization_token",
-    "aws_codeartifact_repository_endpoint",
-    "aws_codebuild_fleet",
-    "aws_codecatalyst_dev_environment",
-    "aws_codecommit_approval_rule_template",
-    "aws_codecommit_repository",
-    "aws_codeguruprofiler_profiling_group",
-    "aws_codestarconnections_connection",
-    "aws_cognito_identity_pool",
-    "aws_cognito_user_group",
-    "aws_cognito_user_groups",
-    "aws_cognito_user_pool",
-    "aws_cognito_user_pool_client",
-    "aws_cognito_user_pool_clients",
-    "aws_cognito_user_pool_signing_certificate",
-    "aws_cognito_user_pools",
-    "aws_connect_bot_association",
-    "aws_connect_contact_flow",
-    "aws_connect_contact_flow_module",
-    "aws_connect_hours_of_operation",
-    "aws_connect_instance",
-    "aws_connect_instance_storage_config",
-    "aws_connect_lambda_function_association",
-    "aws_connect_prompt",
-    "aws_connect_queue",
-    "aws_connect_quick_connect",
-    "aws_connect_routing_profile",
-    "aws_connect_security_profile",
-    "aws_connect_user",
-    "aws_connect_user_hierarchy_group",
-    "aws_connect_user_hierarchy_structure",
-    "aws_connect_vocabulary",
-    "aws_controltower_controls",
-    "aws_cur_report_definition",
-    "aws_customer_gateway",
-    "aws_datazone_domain",
-    "aws_datazone_environment_blueprint",
-    "aws_db_cluster_snapshot",
-    "aws_db_event_categories",
-    "aws_db_instance",
-    "aws_db_instances",
-    "aws_db_parameter_group",
-    "aws_db_proxy",
-    "aws_db_snapshot",
-    "aws_db_subnet_group",
-    "aws_default_tags",
-    "aws_devopsguru_notification_channel",
-    "aws_devopsguru_resource_collection",
-    "aws_directory_service_directory",
-    "aws_dms_certificate",
-    "aws_dms_endpoint",
-    "aws_dms_replication_instance",
-    "aws_dms_replication_subnet_group",
-    "aws_dms_replication_task",
-    "aws_docdb_engine_version",
-    "aws_docdb_orderable_db_instance",
-    "aws_dx_connection",
-    "aws_dx_gateway",
-    "aws_dx_location",
-    "aws_dx_locations",
-    "aws_dx_router_configuration",
-    "aws_dynamodb_table",
-    "aws_dynamodb_table_item",
-    "aws_ebs_default_kms_key",
-    "aws_ebs_encryption_by_default",
-    "aws_ebs_snapshot",
-    "aws_ebs_snapshot_ids",
-    "aws_ebs_volume",
-    "aws_ebs_volumes",
-    "aws_ec2_capacity_block_offering",
-    "aws_ec2_client_vpn_endpoint",
-    "aws_ec2_coip_pool",
-    "aws_ec2_coip_pools",
-    "aws_ec2_host",
-    "aws_ec2_instance_type",
-    "aws_ec2_instance_type_offering",
-    "aws_ec2_instance_type_offerings",
-    "aws_ec2_instance_types",
-    "aws_ec2_local_gateway",
-    "aws_ec2_local_gateway_route_table",
-    "aws_ec2_local_gateway_route_tables",
-    "aws_ec2_local_gateway_virtual_interface",
-    "aws_ec2_local_gateway_virtual_interface_group",
-    "aws_ec2_local_gateway_virtual_interface_groups",
-    "aws_ec2_local_gateways",
-    "aws_ec2_managed_prefix_list",
-    "aws_ec2_managed_prefix_lists",
-    "aws_ec2_network_insights_analysis",
-    "aws_ec2_network_insights_path",
-    "aws_ec2_public_ipv4_pool",
-    "aws_ec2_public_ipv4_pools",
-    "aws_ec2_serial_console_access",
-    "aws_ec2_spot_price",
-    "aws_ec2_transit_gateway",
-    "aws_ec2_transit_gateway_attachment",
-    "aws_ec2_transit_gateway_attachments",
-    "aws_ec2_transit_gateway_connect",
-    "aws_ec2_transit_gateway_connect_peer",
-    "aws_ec2_transit_gateway_dx_gateway_attachment",
-    "aws_ec2_transit_gateway_multicast_domain",
-    "aws_ec2_transit_gateway_peering_attachment",
-    "aws_ec2_transit_gateway_peering_attachments",
-    "aws_ec2_transit_gateway_route_table",
-    "aws_ec2_transit_gateway_route_table_associations",
-    "aws_ec2_transit_gateway_route_table_routes",
-    "aws_ec2_transit_gateway_route_tables",
-    "aws_ec2_transit_gateway_vpc_attachment",
-    "aws_ec2_transit_gateway_vpc_attachments",
-    "aws_ec2_transit_gateway_vpn_attachment",
-    "aws_ec2_transitgateway_route_table_propagations",
-    "aws_ecr_authorization_token",
-    "aws_ecr_image",
-    "aws_ecr_lifecycle_policy_document",
-    "aws_ecr_pull_through_cache_rule",
-    "aws_ecr_repositories",
-    "aws_ecr_repository",
-    "aws_ecr_repository_creation_template",
-    "aws_ecrpublic_authorization_token",
-    "aws_ecs_cluster",
-    "aws_ecs_clusters",
-    "aws_ecs_container_definition",
-    "aws_ecs_service",
-    "aws_ecs_task_definition",
-    "aws_ecs_task_execution",
-    "aws_efs_access_point",
-    "aws_efs_access_points",
-    "aws_efs_file_system",
-    "aws_efs_mount_target",
-    "aws_eip",
-    "aws_eips",
-    "aws_eks_access_entry",
-    "aws_eks_addon",
-    "aws_eks_addon_version",
-    "aws_eks_cluster",
-    "aws_eks_cluster_auth",
-    "aws_eks_cluster_versions",
-    "aws_eks_clusters",
-    "aws_eks_node_group",
-    "aws_eks_node_groups",
-    "aws_elastic_beanstalk_application",
-    "aws_elastic_beanstalk_hosted_zone",
-    "aws_elastic_beanstalk_solution_stack",
-    "aws_elasticache_cluster",
-    "aws_elasticache_replication_group",
-    "aws_elasticache_reserved_cache_node_offering",
-    "aws_elasticache_serverless_cache",
-    "aws_elasticache_user",
-    "aws_elasticsearch_domain",
-    "aws_elb_hosted_zone_id",
-    "aws_elb_service_account",
-    "aws_emr_release_labels",
-    "aws_emr_supported_instance_types",
-    "aws_emrcontainers_virtual_cluster",
-    "aws_fsx_ontap_file_system",
-    "aws_fsx_ontap_storage_virtual_machine",
-    "aws_fsx_ontap_storage_virtual_machines",
-    "aws_fsx_openzfs_snapshot",
-    "aws_fsx_windows_file_system",
-    "aws_globalaccelerator_accelerator",
-    "aws_globalaccelerator_custom_routing_accelerator",
-    "aws_glue_catalog_table",
-    "aws_glue_connection",
-    "aws_glue_data_catalog_encryption_settings",
-    "aws_glue_registry",
-    "aws_glue_script",
-    "aws_grafana_workspace",
-    "aws_guardduty_detector",
-    "aws_guardduty_finding_ids",
-    "aws_iam_access_keys",
-    "aws_iam_account_alias",
-    "aws_iam_group",
-    "aws_iam_instance_profile",
-    "aws_iam_instance_profiles",
-    "aws_iam_openid_connect_provider",
-    "aws_iam_policy",
-    "aws_iam_policy_document",
-    "aws_iam_principal_policy_simulation",
-    "aws_iam_role",
-    "aws_iam_roles",
-    "aws_iam_server_certificate",
-    "aws_iam_session_context",
-    "aws_iam_user",
-    "aws_iam_user_ssh_key",
-    "aws_iam_users",
-    "aws_identitystore_group",
-    "aws_identitystore_group_memberships",
-    "aws_identitystore_groups",
-    "aws_identitystore_user",
-    "aws_identitystore_users",
-    "aws_imagebuilder_component",
-    "aws_imagebuilder_components",
-    "aws_imagebuilder_container_recipe",
-    "aws_imagebuilder_container_recipes",
-    "aws_imagebuilder_distribution_configuration",
-    "aws_imagebuilder_distribution_configurations",
-    "aws_imagebuilder_image",
-    "aws_imagebuilder_image_pipeline",
-    "aws_imagebuilder_image_pipelines",
-    "aws_imagebuilder_image_recipe",
-    "aws_imagebuilder_image_recipes",
-    "aws_imagebuilder_infrastructure_configuration",
-    "aws_imagebuilder_infrastructure_configurations",
-    "aws_inspector_rules_packages",
-    "aws_instance",
-    "aws_instances",
-    "aws_internet_gateway",
-    "aws_iot_endpoint",
-    "aws_iot_registration_code",
-    "aws_ip_ranges",
-    "aws_ivs_stream_key",
-    "aws_kendra_experience",
-    "aws_kendra_faq",
-    "aws_kendra_index",
-    "aws_kendra_query_suggestions_block_list",
-    "aws_kendra_thesaurus",
-    "aws_key_pair",
-    "aws_kinesis_firehose_delivery_stream",
-    "aws_kinesis_stream",
-    "aws_kinesis_stream_consumer",
-    "aws_kms_alias",
-    "aws_kms_ciphertext",
-    "aws_kms_custom_key_store",
-    "aws_kms_secret",
-    "aws_kms_secrets",
-    "aws_lakeformation_data_lake_settings",
-    "aws_lakeformation_permissions",
-    "aws_lakeformation_resource",
-    "aws_lambda_alias",
-    "aws_lambda_code_signing_config",
-    "aws_lambda_function",
-    "aws_lambda_invocation",
-    "aws_launch_configuration",
-    "aws_launch_template",
-    "aws_lb",
-    "aws_lb_hosted_zone_id",
-    "aws_lb_listener",
-    "aws_lb_listener_rule",
-    "aws_lb_target_group",
-    "aws_lb_trust_store",
-    "aws_lbs",
-    "aws_lex_bot",
-    "aws_lex_bot_alias",
-    "aws_lex_intent",
-    "aws_lex_slot_type",
-    "aws_licensemanager_grants",
-    "aws_licensemanager_received_license",
-    "aws_licensemanager_received_licenses",
-    "aws_location_geofence_collection",
-    "aws_location_map",
-    "aws_location_place_index",
-    "aws_location_route_calculator",
-    "aws_location_tracker",
-    "aws_location_tracker_association",
-    "aws_location_tracker_associations",
-    "aws_medialive_input",
-    "aws_mq_broker",
-    "aws_mq_broker_engine_types",
-    "aws_mq_broker_instance_type_offerings",
-    "aws_msk_bootstrap_brokers",
-    "aws_msk_broker_nodes",
-    "aws_msk_cluster",
-    "aws_msk_configuration",
-    "aws_msk_vpc_connection",
-    "aws_mskconnect_connector",
-    "aws_mskconnect_custom_plugin",
-    "aws_mskconnect_worker_configuration",
-    "aws_nat_gateway",
-    "aws_nat_gateways",
-    "aws_neptune_engine_version",
-    "aws_neptune_orderable_db_instance",
-    "aws_network_acls",
-    "aws_network_interfaces",
-    "aws_networkfirewall_firewall",
-    "aws_networkfirewall_firewall_policy",
-    "aws_networkfirewall_resource_policy",
-    "aws_networkmanager_connection",
-    "aws_networkmanager_connections",
-    "aws_networkmanager_core_network_policy_document",
-    "aws_networkmanager_device",
-    "aws_networkmanager_devices",
-    "aws_networkmanager_global_network",
-    "aws_networkmanager_global_networks",
-    "aws_networkmanager_link",
-    "aws_networkmanager_links",
-    "aws_networkmanager_site",
-    "aws_networkmanager_sites",
-    "aws_oam_link",
-    "aws_oam_links",
-    "aws_oam_sink",
-    "aws_oam_sinks",
-    "aws_opensearch_domain",
-    "aws_opensearchserverless_access_policy",
-    "aws_opensearchserverless_collection",
-    "aws_opensearchserverless_lifecycle_policy",
-    "aws_opensearchserverless_security_config",
-    "aws_opensearchserverless_security_policy",
-    "aws_opensearchserverless_vpc_endpoint",
-    "aws_organizations_delegated_administrators",
-    "aws_organizations_delegated_services",
-    "aws_organizations_organization",
-    "aws_organizations_organizational_unit",
-    "aws_organizations_organizational_unit_child_accounts",
-    "aws_organizations_organizational_unit_descendant_accounts",
-    "aws_organizations_organizational_unit_descendant_organizational_units",
-    "aws_organizations_organizational_units",
-    "aws_organizations_policies",
-    "aws_organizations_policies_for_target",
-    "aws_organizations_policy",
-    "aws_organizations_resource_tags",
-    "aws_outposts_asset",
-    "aws_outposts_assets",
-    "aws_outposts_outpost",
-    "aws_outposts_outpost_instance_type",
-    "aws_outposts_outpost_instance_types",
-    "aws_outposts_outposts",
-    "aws_outposts_site",
-    "aws_outposts_sites",
-    "aws_partition",
-    "aws_polly_voices",
-    "aws_prefix_list",
-    "aws_pricing_product",
-    "aws_prometheus_default_scraper_configuration",
-    "aws_prometheus_workspace",
-    "aws_prometheus_workspaces",
-    "aws_qldb_ledger",
-    "aws_quicksight_analysis",
-    "aws_quicksight_data_set",
-    "aws_quicksight_group",
-    "aws_quicksight_theme",
-    "aws_quicksight_user",
-    "aws_ram_resource_share",
-    "aws_rds_certificate",
-    "aws_rds_cluster",
-    "aws_rds_cluster_parameter_group",
-    "aws_rds_clusters",
-    "aws_rds_engine_version",
-    "aws_rds_orderable_db_instance",
-    "aws_rds_reserved_instance_offering",
-    "aws_redshift_cluster",
-    "aws_redshift_cluster_credentials",
-    "aws_redshift_data_shares",
-    "aws_redshift_orderable_cluster",
-    "aws_redshift_producer_data_shares",
-    "aws_redshift_service_account",
-    "aws_redshift_subnet_group",
-    "aws_redshiftserverless_credentials",
-    "aws_redshiftserverless_namespace",
-    "aws_redshiftserverless_workgroup",
-    "aws_region",
-    "aws_regions",
-    "aws_resourceexplorer2_search",
-    "aws_resourcegroupstaggingapi_resources",
-    "aws_route",
-    "aws_route53_delegation_set",
-    "aws_route53_records",
-    "aws_route53_resolver_endpoint",
-    "aws_route53_resolver_firewall_config",
-    "aws_route53_resolver_firewall_domain_list",
-    "aws_route53_resolver_firewall_rule_group",
-    "aws_route53_resolver_firewall_rule_group_association",
-    "aws_route53_resolver_firewall_rules",
-    "aws_route53_resolver_query_log_config",
-    "aws_route53_resolver_rule",
-    "aws_route53_resolver_rules",
-    "aws_route53_traffic_policy_document",
-    "aws_route53_zone",
-    "aws_route53_zones",
-    "aws_route53profiles_profiles",
-    "aws_route_table",
-    "aws_route_tables",
-    "aws_s3_account_public_access_block",
-    "aws_s3_bucket",
-    "aws_s3_bucket_object",
-    "aws_s3_bucket_objects",
-    "aws_s3_bucket_policy",
-    "aws_s3_directory_buckets",
-    "aws_s3_object",
-    "aws_s3_objects",
-    "aws_s3control_multi_region_access_point",
-    "aws_sagemaker_prebuilt_ecr_image",
-    "aws_saml_provider",
-    "aws_secretsmanager_random_password",
-    "aws_secretsmanager_secret",
-    "aws_secretsmanager_secret_rotation",
-    "aws_secretsmanager_secret_version",
-    "aws_secretsmanager_secret_versions",
-    "aws_secretsmanager_secrets",
-    "aws_security_group",
-    "aws_security_groups",
-    "aws_serverlessapplicationrepository_application",
-    "aws_service",
-    "aws_service_discovery_dns_namespace",
-    "aws_service_discovery_http_namespace",
-    "aws_service_discovery_service",
-    "aws_service_principal",
-    "aws_servicecatalog_constraint",
-    "aws_servicecatalog_launch_paths",
-    "aws_servicecatalog_portfolio",
-    "aws_servicecatalog_portfolio_constraints",
-    "aws_servicecatalog_product",
-    "aws_servicecatalog_provisioning_artifacts",
-    "aws_servicecatalogappregistry_application",
-    "aws_servicecatalogappregistry_attribute_group",
-    "aws_servicecatalogappregistry_attribute_group_associations",
-    "aws_servicequotas_service",
-    "aws_servicequotas_service_quota",
-    "aws_servicequotas_templates",
-    "aws_ses_active_receipt_rule_set",
-    "aws_ses_domain_identity",
-    "aws_ses_email_identity",
-    "aws_sesv2_configuration_set",
-    "aws_sesv2_dedicated_ip_pool",
-    "aws_sesv2_email_identity",
-    "aws_sesv2_email_identity_mail_from_attributes",
-    "aws_sfn_activity",
-    "aws_sfn_alias",
-    "aws_sfn_state_machine",
-    "aws_sfn_state_machine_versions",
-    "aws_shield_protection",
-    "aws_signer_signing_job",
-    "aws_signer_signing_profile",
-    "aws_sns_topic",
-    "aws_spot_datafeed_subscription",
-    "aws_sqs_queue",
-    "aws_sqs_queues",
-    "aws_ssm_document",
-    "aws_ssm_instances",
-    "aws_ssm_parameter",
-    "aws_ssm_parameters_by_path",
-    "aws_ssm_patch_baseline",
-    "aws_ssm_patch_baselines",
-    "aws_ssmcontacts_contact",
-    "aws_ssmcontacts_contact_channel",
-    "aws_ssmcontacts_plan",
-    "aws_ssmcontacts_rotation",
-    "aws_ssmincidents_replication_set",
-    "aws_ssmincidents_response_plan",
-    "aws_ssoadmin_application",
-    "aws_ssoadmin_application_assignments",
-    "aws_ssoadmin_application_providers",
-    "aws_ssoadmin_instances",
-    "aws_ssoadmin_permission_set",
-    "aws_ssoadmin_permission_sets",
-    "aws_ssoadmin_principal_application_assignments",
-    "aws_storagegateway_local_disk",
-    "aws_subnet",
-    "aws_subnet_ids",
-    "aws_subnets",
-    "aws_synthetics_runtime_version",
-    "aws_synthetics_runtime_versions",
-    "aws_timestreamwrite_database",
-    "aws_timestreamwrite_table",
-    "aws_transfer_connector",
-    "aws_transfer_server",
-    "aws_verifiedpermissions_policy_store",
-    "aws_vpc",
-    "aws_vpc_dhcp_options",
-    "aws_vpc_endpoint",
-    "aws_vpc_endpoint_service",
-    "aws_vpc_ipam",
-    "aws_vpc_ipam_pool",
-    "aws_vpc_ipam_pool_cidrs",
-    "aws_vpc_ipam_pools",
-    "aws_vpc_ipam_preview_next_cidr",
-    "aws_vpc_ipams",
-    "aws_vpc_peering_connection",
-    "aws_vpc_peering_connections",
-    "aws_vpc_security_group_rule",
-    "aws_vpc_security_group_rules",
-    "aws_vpclattice_auth_policy",
-    "aws_vpclattice_listener",
-    "aws_vpclattice_resource_policy",
-    "aws_vpclattice_service",
-    "aws_vpclattice_service_network",
-    "aws_vpcs",
-    "aws_vpn_gateway",
-    "aws_waf_ipset",
-    "aws_waf_rate_based_rule",
-    "aws_waf_rule",
-    "aws_waf_web_acl",
-    "aws_wafregional_ipset",
-    "aws_wafregional_rate_based_rule",
-    "aws_wafregional_rule",
-    "aws_wafregional_web_acl",
-    "aws_wafv2_ip_set",
-    "aws_wafv2_regex_pattern_set",
-    "aws_wafv2_rule_group",
-    "aws_wafv2_web_acl",
-    "aws_workspaces_bundle",
-    "aws_workspaces_directory",
-    "aws_workspaces_image",
-    "ssm_maintenance_windows"
-  ],
-  "resources": [
-    "aws_accessanalyzer_analyzer",
-    "aws_accessanalyzer_archive_rule",
-    "aws_account_alternate_contact",
-    "aws_account_primary_contact",
-    "aws_account_region",
-    "aws_acm_certificate",
-    "aws_acm_certificate_validation",
-    "aws_acmpca_certificate",
-    "aws_acmpca_certificate_authority",
-    "aws_acmpca_certificate_authority_certificate",
-    "aws_acmpca_permission",
-    "aws_acmpca_policy",
-    "aws_alb",
-    "aws_ami",
-    "aws_ami_copy",
-    "aws_ami_from_instance",
-    "aws_ami_launch_permission",
-    "aws_amplify_app",
-    "aws_amplify_backend_environment",
-    "aws_amplify_branch",
-    "aws_amplify_domain_association",
-    "aws_amplify_webhook",
-    "aws_api_gateway_account",
-    "aws_api_gateway_api_key",
-    "aws_api_gateway_authorizer",
-    "aws_api_gateway_base_path_mapping",
-    "aws_api_gateway_client_certificate",
-    "aws_api_gateway_deployment",
-    "aws_api_gateway_documentation_part",
-    "aws_api_gateway_documentation_version",
-    "aws_api_gateway_domain_name",
-    "aws_api_gateway_domain_name_access_association",
-    "aws_api_gateway_gateway_response",
-    "aws_api_gateway_integration",
-    "aws_api_gateway_integration_response",
-    "aws_api_gateway_method",
-    "aws_api_gateway_method_response",
-    "aws_api_gateway_method_settings",
-    "aws_api_gateway_model",
-    "aws_api_gateway_request_validator",
-    "aws_api_gateway_resource",
-    "aws_api_gateway_rest_api",
-    "aws_api_gateway_rest_api_policy",
-    "aws_api_gateway_stage",
-    "aws_api_gateway_usage_plan",
-    "aws_api_gateway_usage_plan_key",
-    "aws_api_gateway_vpc_link",
-    "aws_apigatewayv2_api",
-    "aws_apigatewayv2_api_mapping",
-    "aws_apigatewayv2_authorizer",
-    "aws_apigatewayv2_deployment",
-    "aws_apigatewayv2_domain_name",
-    "aws_apigatewayv2_integration",
-    "aws_apigatewayv2_integration_response",
-    "aws_apigatewayv2_model",
-    "aws_apigatewayv2_route",
-    "aws_apigatewayv2_route_response",
-    "aws_apigatewayv2_stage",
-    "aws_apigatewayv2_vpc_link",
-    "aws_app_cookie_stickiness_policy",
-    "aws_appautoscaling_policy",
-    "aws_appautoscaling_scheduled_action",
-    "aws_appautoscaling_target",
-    "aws_appconfig_application",
-    "aws_appconfig_configuration_profile",
-    "aws_appconfig_deployment",
-    "aws_appconfig_deployment_strategy",
-    "aws_appconfig_environment",
-    "aws_appconfig_extension",
-    "aws_appconfig_extension_association",
-    "aws_appconfig_hosted_configuration_version",
-    "aws_appfabric_app_authorization",
-    "aws_appfabric_app_authorization_connection",
-    "aws_appfabric_app_bundle",
-    "aws_appfabric_ingestion",
-    "aws_appfabric_ingestion_destination",
-    "aws_appflow_connector_profile",
-    "aws_appflow_flow",
-    "aws_appintegrations_data_integration",
-    "aws_appintegrations_event_integration",
-    "aws_applicationinsights_application",
-    "aws_appmesh_gateway_route",
-    "aws_appmesh_mesh",
-    "aws_appmesh_route",
-    "aws_appmesh_virtual_gateway",
-    "aws_appmesh_virtual_node",
-    "aws_appmesh_virtual_router",
-    "aws_appmesh_virtual_service",
-    "aws_apprunner_auto_scaling_configuration_version",
-    "aws_apprunner_connection",
-    "aws_apprunner_custom_domain_association",
-    "aws_apprunner_default_auto_scaling_configuration_version",
-    "aws_apprunner_deployment",
-    "aws_apprunner_observability_configuration",
-    "aws_apprunner_service",
-    "aws_apprunner_vpc_connector",
-    "aws_apprunner_vpc_ingress_connection",
-    "aws_appstream_directory_config",
-    "aws_appstream_fleet",
-    "aws_appstream_fleet_stack_association",
-    "aws_appstream_image_builder",
-    "aws_appstream_stack",
-    "aws_appstream_user",
-    "aws_appstream_user_stack_association",
-    "aws_appsync_api_cache",
-    "aws_appsync_api_key",
-    "aws_appsync_datasource",
-    "aws_appsync_domain_name",
-    "aws_appsync_domain_name_api_association",
-    "aws_appsync_function",
-    "aws_appsync_graphql_api",
-    "aws_appsync_resolver",
-    "aws_appsync_source_api_association",
-    "aws_appsync_type",
-    "aws_athena_capacity_reservation",
-    "aws_athena_data_catalog",
-    "aws_athena_database",
-    "aws_athena_named_query",
-    "aws_athena_prepared_statement",
-    "aws_athena_workgroup",
-    "aws_auditmanager_account_registration",
-    "aws_auditmanager_assessment",
-    "aws_auditmanager_assessment_delegation",
-    "aws_auditmanager_assessment_report",
-    "aws_auditmanager_control",
-    "aws_auditmanager_framework",
-    "aws_auditmanager_framework_share",
-    "aws_auditmanager_organization_admin_account_registration",
-    "aws_autoscaling_attachment",
-    "aws_autoscaling_group",
-    "aws_autoscaling_group_tag",
-    "aws_autoscaling_lifecycle_hook",
-    "aws_autoscaling_notification",
-    "aws_autoscaling_policy",
-    "aws_autoscaling_schedule",
-    "aws_autoscaling_traffic_source_attachment",
-    "aws_autoscalingplans_scaling_plan",
-    "aws_backup_framework",
-    "aws_backup_global_settings",
-    "aws_backup_logically_air_gapped_vault",
-    "aws_backup_plan",
-    "aws_backup_region_settings",
-    "aws_backup_report_plan",
-    "aws_backup_selection",
-    "aws_backup_vault",
-    "aws_backup_vault_lock_configuration",
-    "aws_backup_vault_notifications",
-    "aws_backup_vault_policy",
-    "aws_batch_compute_environment",
-    "aws_batch_job_definition",
-    "aws_batch_job_queue",
-    "aws_batch_scheduling_policy",
-    "aws_bcmdataexports_export",
-    "aws_bedrock_custom_model",
-    "aws_bedrock_guardrail",
-    "aws_bedrock_guardrail_version",
-    "aws_bedrock_inference_profile",
-    "aws_bedrock_model_invocation_logging_configuration",
-    "aws_bedrock_provisioned_model_throughput",
-    "aws_bedrockagent_agent",
-    "aws_bedrockagent_agent_action_group",
-    "aws_bedrockagent_agent_alias",
-    "aws_bedrockagent_agent_collaborator",
-    "aws_bedrockagent_agent_knowledge_base_association",
-    "aws_bedrockagent_data_source",
-    "aws_bedrockagent_knowledge_base",
-    "aws_budgets_budget",
-    "aws_budgets_budget_action",
-    "aws_ce_anomaly_monitor",
-    "aws_ce_anomaly_subscription",
-    "aws_ce_cost_allocation_tag",
-    "aws_ce_cost_category",
-    "aws_chatbot_slack_channel_configuration",
-    "aws_chatbot_teams_channel_configuration",
-    "aws_chime_voice_connector",
-    "aws_chime_voice_connector_group",
-    "aws_chime_voice_connector_logging",
-    "aws_chime_voice_connector_origination",
-    "aws_chime_voice_connector_streaming",
-    "aws_chime_voice_connector_termination",
-    "aws_chime_voice_connector_termination_credentials",
-    "aws_chimesdkmediapipelines_media_insights_pipeline_configuration",
-    "aws_chimesdkvoice_global_settings",
-    "aws_chimesdkvoice_sip_media_application",
-    "aws_chimesdkvoice_sip_rule",
-    "aws_chimesdkvoice_voice_profile_domain",
-    "aws_cleanrooms_collaboration",
-    "aws_cleanrooms_configured_table",
-    "aws_cleanrooms_membership",
-    "aws_cloud9_environment_ec2",
-    "aws_cloud9_environment_membership",
-    "aws_cloudcontrolapi_resource",
-    "aws_cloudformation_stack",
-    "aws_cloudformation_stack_instances",
-    "aws_cloudformation_stack_set",
-    "aws_cloudformation_stack_set_instance",
-    "aws_cloudformation_type",
-    "aws_cloudfront_cache_policy",
-    "aws_cloudfront_continuous_deployment_policy",
-    "aws_cloudfront_distribution",
-    "aws_cloudfront_field_level_encryption_config",
-    "aws_cloudfront_field_level_encryption_profile",
-    "aws_cloudfront_function",
-    "aws_cloudfront_key_group",
-    "aws_cloudfront_key_value_store",
-    "aws_cloudfront_monitoring_subscription",
-    "aws_cloudfront_origin_access_control",
-    "aws_cloudfront_origin_access_identity",
-    "aws_cloudfront_origin_request_policy",
-    "aws_cloudfront_public_key",
-    "aws_cloudfront_realtime_log_config",
-    "aws_cloudfront_response_headers_policy",
-    "aws_cloudfront_vpc_origin",
-    "aws_cloudfrontkeyvaluestore_key",
-    "aws_cloudhsm_v2_cluster",
-    "aws_cloudhsm_v2_hsm",
-    "aws_cloudsearch_domain",
-    "aws_cloudsearch_domain_service_access_policy",
-    "aws_cloudtrail",
-    "aws_cloudtrail_event_data_store",
-    "aws_cloudtrail_organization_delegated_admin_account",
-    "aws_cloudwatch_composite_alarm",
-    "aws_cloudwatch_contributor_insight_rule",
-    "aws_cloudwatch_contributor_managed_insight_rule",
-    "aws_cloudwatch_dashboard",
-    "aws_cloudwatch_event_api_destination",
-    "aws_cloudwatch_event_archive",
-    "aws_cloudwatch_event_bus",
-    "aws_cloudwatch_event_bus_policy",
-    "aws_cloudwatch_event_connection",
-    "aws_cloudwatch_event_endpoint",
-    "aws_cloudwatch_event_permission",
-    "aws_cloudwatch_event_rule",
-    "aws_cloudwatch_event_target",
-    "aws_cloudwatch_log_account_policy",
-    "aws_cloudwatch_log_anomaly_detector",
-    "aws_cloudwatch_log_data_protection_policy",
-    "aws_cloudwatch_log_delivery",
-    "aws_cloudwatch_log_delivery_destination",
-    "aws_cloudwatch_log_delivery_destination_policy",
-    "aws_cloudwatch_log_delivery_source",
-    "aws_cloudwatch_log_destination",
-    "aws_cloudwatch_log_destination_policy",
-    "aws_cloudwatch_log_group",
-    "aws_cloudwatch_log_index_policy",
-    "aws_cloudwatch_log_metric_filter",
-    "aws_cloudwatch_log_resource_policy",
-    "aws_cloudwatch_log_stream",
-    "aws_cloudwatch_log_subscription_filter",
-    "aws_cloudwatch_metric_alarm",
-    "aws_cloudwatch_metric_stream",
-    "aws_cloudwatch_query_definition",
-    "aws_codeartifact_domain",
-    "aws_codeartifact_domain_permissions_policy",
-    "aws_codeartifact_repository",
-    "aws_codeartifact_repository_permissions_policy",
-    "aws_codebuild_fleet",
-    "aws_codebuild_project",
-    "aws_codebuild_report_group",
-    "aws_codebuild_resource_policy",
-    "aws_codebuild_source_credential",
-    "aws_codebuild_webhook",
-    "aws_codecatalyst_dev_environment",
-    "aws_codecatalyst_project",
-    "aws_codecatalyst_source_repository",
-    "aws_codecommit_approval_rule_template",
-    "aws_codecommit_approval_rule_template_association",
-    "aws_codecommit_repository",
-    "aws_codecommit_trigger",
-    "aws_codeconnections_connection",
-    "aws_codeconnections_host",
-    "aws_codedeploy_app",
-    "aws_codedeploy_deployment_config",
-    "aws_codedeploy_deployment_group",
-    "aws_codeguruprofiler_profiling_group",
-    "aws_codegurureviewer_repository_association",
-    "aws_codepipeline",
-    "aws_codepipeline_custom_action_type",
-    "aws_codepipeline_webhook",
-    "aws_codestarconnections_connection",
-    "aws_codestarconnections_host",
-    "aws_codestarnotifications_notification_rule",
-    "aws_cognito_identity_pool",
-    "aws_cognito_identity_pool_provider_principal_tag",
-    "aws_cognito_identity_pool_roles_attachment",
-    "aws_cognito_identity_provider",
-    "aws_cognito_managed_user_pool_client",
-    "aws_cognito_resource_server",
-    "aws_cognito_risk_configuration",
-    "aws_cognito_user",
-    "aws_cognito_user_group",
-    "aws_cognito_user_in_group",
-    "aws_cognito_user_pool",
-    "aws_cognito_user_pool_client",
-    "aws_cognito_user_pool_domain",
-    "aws_cognito_user_pool_ui_customization",
-    "aws_comprehend_document_classifier",
-    "aws_comprehend_entity_recognizer",
-    "aws_computeoptimizer_enrollment_status",
-    "aws_computeoptimizer_recommendation_preferences",
-    "aws_config_aggregate_authorization",
-    "aws_config_config_rule",
-    "aws_config_configuration_aggregator",
-    "aws_config_configuration_recorder",
-    "aws_config_configuration_recorder_status",
-    "aws_config_conformance_pack",
-    "aws_config_delivery_channel",
-    "aws_config_organization_conformance_pack",
-    "aws_config_organization_custom_policy_rule",
-    "aws_config_organization_custom_rule",
-    "aws_config_organization_managed_rule",
-    "aws_config_remediation_configuration",
-    "aws_config_retention_configuration",
-    "aws_connect_bot_association",
-    "aws_connect_contact_flow",
-    "aws_connect_contact_flow_module",
-    "aws_connect_hours_of_operation",
-    "aws_connect_instance",
-    "aws_connect_instance_storage_config",
-    "aws_connect_lambda_function_association",
-    "aws_connect_phone_number",
-    "aws_connect_queue",
-    "aws_connect_quick_connect",
-    "aws_connect_routing_profile",
-    "aws_connect_security_profile",
-    "aws_connect_user",
-    "aws_connect_user_hierarchy_group",
-    "aws_connect_user_hierarchy_structure",
-    "aws_connect_vocabulary",
-    "aws_controltower_control",
-    "aws_controltower_landing_zone",
-    "aws_costoptimizationhub_enrollment_status",
-    "aws_costoptimizationhub_preferences",
-    "aws_cur_report_definition",
-    "aws_customer_gateway",
-    "aws_customerprofiles_domain",
-    "aws_customerprofiles_profile",
-    "aws_dataexchange_data_set",
-    "aws_dataexchange_event_action",
-    "aws_dataexchange_revision",
-    "aws_datapipeline_pipeline",
-    "aws_datapipeline_pipeline_definition",
-    "aws_datasync_agent",
-    "aws_datasync_location_azure_blob",
-    "aws_datasync_location_efs",
-    "aws_datasync_location_fsx_lustre_file_system",
-    "aws_datasync_location_fsx_ontap_file_system",
-    "aws_datasync_location_fsx_openzfs_file_system",
-    "aws_datasync_location_fsx_windows_file_system",
-    "aws_datasync_location_hdfs",
-    "aws_datasync_location_nfs",
-    "aws_datasync_location_object_storage",
-    "aws_datasync_location_s3",
-    "aws_datasync_location_smb",
-    "aws_datasync_task",
-    "aws_datazone_asset_type",
-    "aws_datazone_domain",
-    "aws_datazone_environment",
-    "aws_datazone_environment_blueprint_configuration",
-    "aws_datazone_environment_profile",
-    "aws_datazone_form_type",
-    "aws_datazone_glossary",
-    "aws_datazone_glossary_term",
-    "aws_datazone_project",
-    "aws_datazone_user_profile",
-    "aws_dax_cluster",
-    "aws_dax_parameter_group",
-    "aws_dax_subnet_group",
-    "aws_db_cluster_snapshot",
-    "aws_db_event_subscription",
-    "aws_db_instance",
-    "aws_db_instance_automated_backups_replication",
-    "aws_db_instance_role_association",
-    "aws_db_option_group",
-    "aws_db_parameter_group",
-    "aws_db_proxy",
-    "aws_db_proxy_default_target_group",
-    "aws_db_proxy_endpoint",
-    "aws_db_proxy_target",
-    "aws_db_snapshot",
-    "aws_db_snapshot_copy",
-    "aws_db_subnet_group",
-    "aws_default_network_acl",
-    "aws_default_route_table",
-    "aws_default_security_group",
-    "aws_default_subnet",
-    "aws_default_vpc",
-    "aws_default_vpc_dhcp_options",
-    "aws_detective_graph",
-    "aws_detective_invitation_accepter",
-    "aws_detective_member",
-    "aws_detective_organization_admin_account",
-    "aws_detective_organization_configuration",
-    "aws_devicefarm_device_pool",
-    "aws_devicefarm_instance_profile",
-    "aws_devicefarm_network_profile",
-    "aws_devicefarm_project",
-    "aws_devicefarm_upload",
-    "aws_devopsguru_event_sources_config",
-    "aws_devopsguru_notification_channel",
-    "aws_devopsguru_resource_collection",
-    "aws_devopsguru_service_integration",
-    "aws_directory_service_conditional_forwarder",
-    "aws_directory_service_directory",
-    "aws_directory_service_log_subscription",
-    "aws_directory_service_radius_settings",
-    "aws_directory_service_region",
-    "aws_directory_service_shared_directory",
-    "aws_directory_service_shared_directory_accepter",
-    "aws_directory_service_trust",
-    "aws_dlm_lifecycle_policy",
-    "aws_dms_certificate",
-    "aws_dms_endpoint",
-    "aws_dms_event_subscription",
-    "aws_dms_replication_config",
-    "aws_dms_replication_instance",
-    "aws_dms_replication_subnet_group",
-    "aws_dms_replication_task",
-    "aws_dms_s3_endpoint",
-    "aws_docdb_cluster",
-    "aws_docdb_cluster_instance",
-    "aws_docdb_cluster_parameter_group",
-    "aws_docdb_cluster_snapshot",
-    "aws_docdb_event_subscription",
-    "aws_docdb_global_cluster",
-    "aws_docdb_subnet_group",
-    "aws_docdbelastic_cluster",
-    "aws_drs_replication_configuration_template",
-    "aws_dx_bgp_peer",
-    "aws_dx_connection",
-    "aws_dx_connection_association",
-    "aws_dx_connection_confirmation",
-    "aws_dx_gateway",
-    "aws_dx_gateway_association",
-    "aws_dx_gateway_association_proposal",
-    "aws_dx_hosted_connection",
-    "aws_dx_hosted_private_virtual_interface",
-    "aws_dx_hosted_private_virtual_interface_accepter",
-    "aws_dx_hosted_public_virtual_interface",
-    "aws_dx_hosted_public_virtual_interface_accepter",
-    "aws_dx_hosted_transit_virtual_interface",
-    "aws_dx_hosted_transit_virtual_interface_accepter",
-    "aws_dx_lag",
-    "aws_dx_macsec_key_association",
-    "aws_dx_private_virtual_interface",
-    "aws_dx_public_virtual_interface",
-    "aws_dx_transit_virtual_interface",
-    "aws_dynamodb_contributor_insights",
-    "aws_dynamodb_global_table",
-    "aws_dynamodb_kinesis_streaming_destination",
-    "aws_dynamodb_resource_policy",
-    "aws_dynamodb_table",
-    "aws_dynamodb_table_export",
-    "aws_dynamodb_table_item",
-    "aws_dynamodb_table_replica",
-    "aws_dynamodb_tag",
-    "aws_ebs_default_kms_key",
-    "aws_ebs_encryption_by_default",
-    "aws_ebs_fast_snapshot_restore",
-    "aws_ebs_snapshot",
-    "aws_ebs_snapshot_block_public_access",
-    "aws_ebs_snapshot_copy",
-    "aws_ebs_snapshot_import",
-    "aws_ebs_volume",
-    "aws_ec2_availability_zone_group",
-    "aws_ec2_capacity_block_reservation",
-    "aws_ec2_capacity_reservation",
-    "aws_ec2_carrier_gateway",
-    "aws_ec2_client_vpn_authorization_rule",
-    "aws_ec2_client_vpn_endpoint",
-    "aws_ec2_client_vpn_network_association",
-    "aws_ec2_client_vpn_route",
-    "aws_ec2_fleet",
-    "aws_ec2_host",
-    "aws_ec2_image_block_public_access",
-    "aws_ec2_instance",
-    "aws_ec2_instance_connect_endpoint",
-    "aws_ec2_instance_metadata_defaults",
-    "aws_ec2_instance_state",
-    "aws_ec2_local_gateway_route",
-    "aws_ec2_local_gateway_route_table_vpc_association",
-    "aws_ec2_managed_prefix_list",
-    "aws_ec2_managed_prefix_list_entry",
-    "aws_ec2_network_insights_analysis",
-    "aws_ec2_network_insights_path",
-    "aws_ec2_serial_console_access",
-    "aws_ec2_subnet_cidr_reservation",
-    "aws_ec2_tag",
-    "aws_ec2_traffic_mirror_filter",
-    "aws_ec2_traffic_mirror_filter_rule",
-    "aws_ec2_traffic_mirror_session",
-    "aws_ec2_traffic_mirror_target",
-    "aws_ec2_transit_gateway",
-    "aws_ec2_transit_gateway_connect",
-    "aws_ec2_transit_gateway_connect_peer",
-    "aws_ec2_transit_gateway_default_route_table_association",
-    "aws_ec2_transit_gateway_default_route_table_propagation",
-    "aws_ec2_transit_gateway_multicast_domain",
-    "aws_ec2_transit_gateway_multicast_domain_association",
-    "aws_ec2_transit_gateway_multicast_group_member",
-    "aws_ec2_transit_gateway_multicast_group_source",
-    "aws_ec2_transit_gateway_peering_attachment",
-    "aws_ec2_transit_gateway_peering_attachment_accepter",
-    "aws_ec2_transit_gateway_policy_table",
-    "aws_ec2_transit_gateway_policy_table_association",
-    "aws_ec2_transit_gateway_prefix_list_reference",
-    "aws_ec2_transit_gateway_route",
-    "aws_ec2_transit_gateway_route_table",
-    "aws_ec2_transit_gateway_route_table_association",
-    "aws_ec2_transit_gateway_route_table_propagation",
-    "aws_ec2_transit_gateway_vpc_attachment",
-    "aws_ec2_transit_gateway_vpc_attachment_accepter",
-    "aws_ecr_account_setting",
-    "aws_ecr_lifecycle_policy",
-    "aws_ecr_pull_through_cache_rule",
-    "aws_ecr_registry_policy",
-    "aws_ecr_registry_scanning_configuration",
-    "aws_ecr_replication_configuration",
-    "aws_ecr_repository",
-    "aws_ecr_repository_creation_template",
-    "aws_ecr_repository_policy",
-    "aws_ecrpublic_repository",
-    "aws_ecrpublic_repository_policy",
-    "aws_ecs_account_setting_default",
-    "aws_ecs_capacity_provider",
-    "aws_ecs_cluster",
-    "aws_ecs_cluster_capacity_providers",
-    "aws_ecs_service",
-    "aws_ecs_tag",
-    "aws_ecs_task_definition",
-    "aws_ecs_task_set",
-    "aws_efs_access_point",
-    "aws_efs_backup_policy",
-    "aws_efs_file_system",
-    "aws_efs_file_system_policy",
-    "aws_efs_mount_target",
-    "aws_efs_replication_configuration",
-    "aws_egress_only_internet_gateway",
-    "aws_eip",
-    "aws_eip_association",
-    "aws_eip_domain_name",
-    "aws_eks_access_entry",
-    "aws_eks_access_policy_association",
-    "aws_eks_addon",
-    "aws_eks_cluster",
-    "aws_eks_fargate_profile",
-    "aws_eks_identity_provider_config",
-    "aws_eks_node_group",
-    "aws_eks_pod_identity_association",
-    "aws_elastic_beanstalk_application",
-    "aws_elastic_beanstalk_application_version",
-    "aws_elastic_beanstalk_configuration_template",
-    "aws_elastic_beanstalk_environment",
-    "aws_elasticache_cluster",
-    "aws_elasticache_global_replication_group",
-    "aws_elasticache_parameter_group",
-    "aws_elasticache_replication_group",
-    "aws_elasticache_reserved_cache_node",
-    "aws_elasticache_serverless_cache",
-    "aws_elasticache_subnet_group",
-    "aws_elasticache_user",
-    "aws_elasticache_user_group",
-    "aws_elasticache_user_group_association",
-    "aws_elasticsearch_domain",
-    "aws_elasticsearch_domain_policy",
-    "aws_elasticsearch_domain_saml_options",
-    "aws_elasticsearch_vpc_endpoint",
-    "aws_elastictranscoder_pipeline",
-    "aws_elastictranscoder_preset",
-    "aws_elb",
-    "aws_elb_attachment",
-    "aws_emr_block_public_access_configuration",
-    "aws_emr_cluster",
-    "aws_emr_instance_fleet",
-    "aws_emr_instance_group",
-    "aws_emr_managed_scaling_policy",
-    "aws_emr_security_configuration",
-    "aws_emr_studio",
-    "aws_emr_studio_session_mapping",
-    "aws_emrcontainers_job_template",
-    "aws_emrcontainers_virtual_cluster",
-    "aws_emrserverless_application",
-    "aws_evidently_feature",
-    "aws_evidently_launch",
-    "aws_evidently_project",
-    "aws_evidently_segment",
-    "aws_finspace_kx_cluster",
-    "aws_finspace_kx_database",
-    "aws_finspace_kx_dataview",
-    "aws_finspace_kx_environment",
-    "aws_finspace_kx_scaling_group",
-    "aws_finspace_kx_user",
-    "aws_finspace_kx_volume",
-    "aws_fis_experiment_template",
-    "aws_flow_log",
-    "aws_fms_admin_account",
-    "aws_fms_policy",
-    "aws_fms_resource_set",
-    "aws_fsx_backup",
-    "aws_fsx_data_repository_association",
-    "aws_fsx_file_cache",
-    "aws_fsx_lustre_file_system",
-    "aws_fsx_ontap_file_system",
-    "aws_fsx_ontap_storage_virtual_machine",
-    "aws_fsx_ontap_volume",
-    "aws_fsx_openzfs_file_system",
-    "aws_fsx_openzfs_snapshot",
-    "aws_fsx_openzfs_volume",
-    "aws_fsx_windows_file_system",
-    "aws_gamelift_alias",
-    "aws_gamelift_build",
-    "aws_gamelift_fleet",
-    "aws_gamelift_game_server_group",
-    "aws_gamelift_game_session_queue",
-    "aws_gamelift_script",
-    "aws_glacier_vault",
-    "aws_glacier_vault_lock",
-    "aws_globalaccelerator_accelerator",
-    "aws_globalaccelerator_cross_account_attachment",
-    "aws_globalaccelerator_custom_routing_accelerator",
-    "aws_globalaccelerator_custom_routing_endpoint_group",
-    "aws_globalaccelerator_custom_routing_listener",
-    "aws_globalaccelerator_endpoint_group",
-    "aws_globalaccelerator_listener",
-    "aws_glue_catalog_database",
-    "aws_glue_catalog_table",
-    "aws_glue_catalog_table_optimizer",
-    "aws_glue_classifier",
-    "aws_glue_connection",
-    "aws_glue_crawler",
-    "aws_glue_data_catalog_encryption_settings",
-    "aws_glue_data_quality_ruleset",
-    "aws_glue_dev_endpoint",
-    "aws_glue_job",
-    "aws_glue_ml_transform",
-    "aws_glue_partition",
-    "aws_glue_partition_index",
-    "aws_glue_registry",
-    "aws_glue_resource_policy",
-    "aws_glue_schema",
-    "aws_glue_security_configuration",
-    "aws_glue_trigger",
-    "aws_glue_user_defined_function",
-    "aws_glue_workflow",
-    "aws_grafana_license_association",
-    "aws_grafana_role_association",
-    "aws_grafana_workspace",
-    "aws_grafana_workspace_api_key",
-    "aws_grafana_workspace_saml_configuration",
-    "aws_grafana_workspace_service_account",
-    "aws_grafana_workspace_service_account_token",
-    "aws_guardduty_detector",
-    "aws_guardduty_detector_feature",
-    "aws_guardduty_filter",
-    "aws_guardduty_invite_accepter",
-    "aws_guardduty_ipset",
-    "aws_guardduty_malware_protection_plan",
-    "aws_guardduty_member",
-    "aws_guardduty_member_detector_feature",
-    "aws_guardduty_organization_admin_account",
-    "aws_guardduty_organization_configuration",
-    "aws_guardduty_organization_configuration_feature",
-    "aws_guardduty_publishing_destination",
-    "aws_guardduty_threatintelset",
-    "aws_iam_access_key",
-    "aws_iam_account_alias",
-    "aws_iam_account_password_policy",
-    "aws_iam_group",
-    "aws_iam_group_membership",
-    "aws_iam_group_policies_exclusive",
-    "aws_iam_group_policy",
-    "aws_iam_group_policy_attachment",
-    "aws_iam_group_policy_attachments_exclusive",
-    "aws_iam_instance_profile",
-    "aws_iam_openid_connect_provider",
-    "aws_iam_organizations_features",
-    "aws_iam_policy",
-    "aws_iam_policy_attachment",
-    "aws_iam_role",
-    "aws_iam_role_policies_exclusive",
-    "aws_iam_role_policy",
-    "aws_iam_role_policy_attachment",
-    "aws_iam_role_policy_attachments_exclusive",
-    "aws_iam_saml_provider",
-    "aws_iam_security_token_service_preferences",
-    "aws_iam_server_certificate",
-    "aws_iam_service_linked_role",
-    "aws_iam_service_specific_credential",
-    "aws_iam_signing_certificate",
-    "aws_iam_user",
-    "aws_iam_user_group_membership",
-    "aws_iam_user_login_profile",
-    "aws_iam_user_policies_exclusive",
-    "aws_iam_user_policy",
-    "aws_iam_user_policy_attachment",
-    "aws_iam_user_policy_attachments_exclusive",
-    "aws_iam_user_ssh_key",
-    "aws_iam_virtual_mfa_device",
-    "aws_identitystore_group",
-    "aws_identitystore_group_membership",
-    "aws_identitystore_user",
-    "aws_imagebuilder_component",
-    "aws_imagebuilder_container_recipe",
-    "aws_imagebuilder_distribution_configuration",
-    "aws_imagebuilder_image",
-    "aws_imagebuilder_image_pipeline",
-    "aws_imagebuilder_image_recipe",
-    "aws_imagebuilder_infrastructure_configuration",
-    "aws_imagebuilder_lifecycle_policy",
-    "aws_imagebuilder_workflow",
-    "aws_inspector2_delegated_admin_account",
-    "aws_inspector2_enabler",
-    "aws_inspector2_member_association",
-    "aws_inspector2_organization_configuration",
-    "aws_inspector_assessment_target",
-    "aws_inspector_assessment_template",
-    "aws_inspector_resource_group",
-    "aws_instance",
-    "aws_internet_gateway",
-    "aws_internet_gateway_attachment",
-    "aws_internetmonitor_monitor",
-    "aws_iot_authorizer",
-    "aws_iot_billing_group",
-    "aws_iot_ca_certificate",
-    "aws_iot_certificate",
-    "aws_iot_domain_configuration",
-    "aws_iot_event_configurations",
-    "aws_iot_indexing_configuration",
-    "aws_iot_logging_options",
-    "aws_iot_policy",
-    "aws_iot_policy_attachment",
-    "aws_iot_provisioning_template",
-    "aws_iot_role_alias",
-    "aws_iot_thing",
-    "aws_iot_thing_group",
-    "aws_iot_thing_group_membership",
-    "aws_iot_thing_principal_attachment",
-    "aws_iot_thing_type",
-    "aws_iot_topic_rule",
-    "aws_iot_topic_rule_destination",
-    "aws_ivs_channel",
-    "aws_ivs_playback_key_pair",
-    "aws_ivs_recording_configuration",
-    "aws_ivschat_logging_configuration",
-    "aws_ivschat_room",
-    "aws_kendra_data_source",
-    "aws_kendra_experience",
-    "aws_kendra_faq",
-    "aws_kendra_index",
-    "aws_kendra_query_suggestions_block_list",
-    "aws_kendra_thesaurus",
-    "aws_key_pair",
-    "aws_keyspaces_keyspace",
-    "aws_keyspaces_table",
-    "aws_kinesis_analytics_application",
-    "aws_kinesis_firehose_delivery_stream",
-    "aws_kinesis_resource_policy",
-    "aws_kinesis_stream",
-    "aws_kinesis_stream_consumer",
-    "aws_kinesis_video_stream",
-    "aws_kinesisanalyticsv2_application",
-    "aws_kinesisanalyticsv2_application_snapshot",
-    "aws_kms_alias",
-    "aws_kms_ciphertext",
-    "aws_kms_custom_key_store",
-    "aws_kms_external_key",
-    "aws_kms_grant",
-    "aws_kms_key",
-    "aws_kms_key_policy",
-    "aws_kms_replica_external_key",
-    "aws_kms_replica_key",
-    "aws_lakeformation_data_cells_filter",
-    "aws_lakeformation_data_lake_settings",
-    "aws_lakeformation_lf_tag",
-    "aws_lakeformation_opt_in",
-    "aws_lakeformation_permissions",
-    "aws_lakeformation_resource",
-    "aws_lakeformation_resource_lf_tag",
-    "aws_lakeformation_resource_lf_tags",
-    "aws_lambda_alias",
-    "aws_lambda_code_signing_config",
-    "aws_lambda_event_source_mapping",
-    "aws_lambda_function",
-    "aws_lambda_function_event_invoke_config",
-    "aws_lambda_function_recursion_config",
-    "aws_lambda_function_url",
-    "aws_lambda_invocation",
-    "aws_lambda_layer_version",
-    "aws_lambda_layer_version_permission",
-    "aws_lambda_permission",
-    "aws_lambda_provisioned_concurrency_config",
-    "aws_lambda_runtime_management_config",
-    "aws_launch_configuration",
-    "aws_launch_template",
-    "aws_lb",
-    "aws_lb_cookie_stickiness_policy",
-    "aws_lb_listener",
-    "aws_lb_listener_certificate",
-    "aws_lb_listener_rule",
-    "aws_lb_ssl_negotiation_policy",
-    "aws_lb_target_group",
-    "aws_lb_target_group_attachment",
-    "aws_lb_trust_store",
-    "aws_lb_trust_store_revocation",
-    "aws_lex_bot",
-    "aws_lex_bot_alias",
-    "aws_lex_intent",
-    "aws_lex_slot_type",
-    "aws_lexv2models_bot",
-    "aws_lexv2models_bot_locale",
-    "aws_lexv2models_bot_version",
-    "aws_lexv2models_intent",
-    "aws_lexv2models_slot",
-    "aws_lexv2models_slot_type",
-    "aws_licensemanager_association",
-    "aws_licensemanager_grant",
-    "aws_licensemanager_grant_accepter",
-    "aws_licensemanager_license_configuration",
-    "aws_lightsail_bucket",
-    "aws_lightsail_bucket_access_key_access_key",
-    "aws_lightsail_bucket_resource_access",
-    "aws_lightsail_certificate",
-    "aws_lightsail_container_service",
-    "aws_lightsail_container_service_deployment_version",
-    "aws_lightsail_database",
-    "aws_lightsail_disk",
-    "aws_lightsail_disk_attachment",
-    "aws_lightsail_distribution",
-    "aws_lightsail_domain",
-    "aws_lightsail_domain_entry",
-    "aws_lightsail_instance",
-    "aws_lightsail_instance_public_ports",
-    "aws_lightsail_key_pair",
-    "aws_lightsail_lb",
-    "aws_lightsail_lb_attachment",
-    "aws_lightsail_lb_certificate",
-    "aws_lightsail_lb_certificate_attachment",
-    "aws_lightsail_lb_https_redirection_policy",
-    "aws_lightsail_lb_stickiness_policy",
-    "aws_lightsail_static_ip",
-    "aws_lightsail_static_ip_attachment",
-    "aws_load_balancer_backend_server_policy",
-    "aws_load_balancer_listener_policy",
-    "aws_load_balancer_policy",
-    "aws_location_geofence_collection",
-    "aws_location_map",
-    "aws_location_place_index",
-    "aws_location_route_calculator",
-    "aws_location_tracker",
-    "aws_location_tracker_association",
-    "aws_m2_application",
-    "aws_m2_deployment",
-    "aws_m2_environment",
-    "aws_macie2_account",
-    "aws_macie2_classification_export_configuration",
-    "aws_macie2_classification_job",
-    "aws_macie2_custom_data_identifier",
-    "aws_macie2_findings_filter",
-    "aws_macie2_invitation_accepter",
-    "aws_macie2_member",
-    "aws_macie2_organization_admin_account",
-    "aws_macie2_organization_configuration",
-    "aws_main_route_table_association",
-    "aws_media_convert_queue",
-    "aws_media_package_channel",
-    "aws_media_packagev2_channel_group",
-    "aws_media_store_container",
-    "aws_media_store_container_policy",
-    "aws_medialive_channel",
-    "aws_medialive_input",
-    "aws_medialive_input_security_group",
-    "aws_medialive_multiplex",
-    "aws_medialive_multiplex_program",
-    "aws_memorydb_acl",
-    "aws_memorydb_cluster",
-    "aws_memorydb_multi_region_cluster",
-    "aws_memorydb_parameter_group",
-    "aws_memorydb_snapshot",
-    "aws_memorydb_subnet_group",
-    "aws_memorydb_user",
-    "aws_mq_broker",
-    "aws_mq_configuration",
-    "aws_msk_cluster",
-    "aws_msk_cluster_policy",
-    "aws_msk_configuration",
-    "aws_msk_replicator",
-    "aws_msk_scram_secret_association",
-    "aws_msk_serverless_cluster",
-    "aws_msk_single_scram_secret_association",
-    "aws_msk_vpc_connection",
-    "aws_mskconnect_connector",
-    "aws_mskconnect_custom_plugin",
-    "aws_mskconnect_worker_configuration",
-    "aws_mwaa_environment",
-    "aws_nat_gateway",
-    "aws_neptune_cluster",
-    "aws_neptune_cluster_endpoint",
-    "aws_neptune_cluster_instance",
-    "aws_neptune_cluster_parameter_group",
-    "aws_neptune_cluster_snapshot",
-    "aws_neptune_event_subscription",
-    "aws_neptune_global_cluster",
-    "aws_neptune_parameter_group",
-    "aws_neptune_subnet_group",
-    "aws_neptunegraph_graph",
-    "aws_network_acl",
-    "aws_network_acl_association",
-    "aws_network_acl_rule",
-    "aws_network_interface",
-    "aws_network_interface_attachment",
-    "aws_network_interface_permission",
-    "aws_network_interface_sg_attachment",
-    "aws_networkfirewall_firewall",
-    "aws_networkfirewall_firewall_policy",
-    "aws_networkfirewall_logging_configuration",
-    "aws_networkfirewall_resource_policy",
-    "aws_networkfirewall_rule_group",
-    "aws_networkfirewall_tls_inspection_configuration",
-    "aws_networkmanager_attachment_accepter",
-    "aws_networkmanager_connect_attachment",
-    "aws_networkmanager_connect_peer",
-    "aws_networkmanager_connection",
-    "aws_networkmanager_core_network",
-    "aws_networkmanager_core_network_policy_attachment",
-    "aws_networkmanager_customer_gateway_association",
-    "aws_networkmanager_device",
-    "aws_networkmanager_dx_gateway_attachment",
-    "aws_networkmanager_global_network",
-    "aws_networkmanager_link",
-    "aws_networkmanager_link_association",
-    "aws_networkmanager_site",
-    "aws_networkmanager_site_to_site_vpn_attachment",
-    "aws_networkmanager_transit_gateway_connect_peer_association",
-    "aws_networkmanager_transit_gateway_peering",
-    "aws_networkmanager_transit_gateway_registration",
-    "aws_networkmanager_transit_gateway_route_table_attachment",
-    "aws_networkmanager_vpc_attachment",
-    "aws_networkmonitor_monitor",
-    "aws_networkmonitor_probe",
-    "aws_oam_link",
-    "aws_oam_sink",
-    "aws_oam_sink_policy",
-    "aws_opensearch_authorize_vpc_endpoint_access",
-    "aws_opensearch_domain",
-    "aws_opensearch_domain_policy",
-    "aws_opensearch_domain_saml_options",
-    "aws_opensearch_inbound_connection_accepter",
-    "aws_opensearch_outbound_connection",
-    "aws_opensearch_package",
-    "aws_opensearch_package_association",
-    "aws_opensearch_vpc_endpoint",
-    "aws_opensearchserverless_access_policy",
-    "aws_opensearchserverless_collection",
-    "aws_opensearchserverless_lifecycle_policy",
-    "aws_opensearchserverless_security_config",
-    "aws_opensearchserverless_security_policy",
-    "aws_opensearchserverless_vpc_endpoint",
-    "aws_opsworks_application",
-    "aws_opsworks_custom_layer",
-    "aws_opsworks_ecs_cluster_layer",
-    "aws_opsworks_ganglia_layer",
-    "aws_opsworks_haproxy_layer",
-    "aws_opsworks_instance",
-    "aws_opsworks_java_app_layer",
-    "aws_opsworks_memcached_layer",
-    "aws_opsworks_mysql_layer",
-    "aws_opsworks_nodejs_app_layer",
-    "aws_opsworks_permission",
-    "aws_opsworks_php_app_layer",
-    "aws_opsworks_rails_app_layer",
-    "aws_opsworks_rds_db_instance",
-    "aws_opsworks_stack",
-    "aws_opsworks_static_web_layer",
-    "aws_opsworks_user_profile",
-    "aws_organizations_account",
-    "aws_organizations_delegated_administrator",
-    "aws_organizations_organization",
-    "aws_organizations_organizational_unit",
-    "aws_organizations_policy",
-    "aws_organizations_policy_attachment",
-    "aws_organizations_resource_policy",
-    "aws_osis_pipeline",
-    "aws_paymentcryptography_key",
-    "aws_paymentcryptography_key_alias",
-    "aws_pinpoint_adm_channel",
-    "aws_pinpoint_apns_channel",
-    "aws_pinpoint_apns_sandbox_channel",
-    "aws_pinpoint_apns_voip_channel",
-    "aws_pinpoint_apns_voip_sandbox_channel",
-    "aws_pinpoint_app",
-    "aws_pinpoint_baidu_channel",
-    "aws_pinpoint_email_channel",
-    "aws_pinpoint_email_template",
-    "aws_pinpoint_event_stream",
-    "aws_pinpoint_gcm_channel",
-    "aws_pinpoint_sms_channel",
-    "aws_pinpointsmsvoicev2_configuration_set",
-    "aws_pinpointsmsvoicev2_opt_out_list",
-    "aws_pinpointsmsvoicev2_phone_number",
-    "aws_pipes_pipe",
-    "aws_placement_group",
-    "aws_prometheus_alert_manager_definition",
-    "aws_prometheus_rule_group_namespace",
-    "aws_prometheus_scraper",
-    "aws_prometheus_workspace",
-    "aws_proxy_protocol_policy",
-    "aws_qbusiness_application",
-    "aws_qldb_ledger",
-    "aws_qldb_stream",
-    "aws_quicksight_account_subscription",
-    "aws_quicksight_analysis",
-    "aws_quicksight_dashboard",
-    "aws_quicksight_data_set",
-    "aws_quicksight_data_source",
-    "aws_quicksight_folder",
-    "aws_quicksight_folder_membership",
-    "aws_quicksight_group",
-    "aws_quicksight_group_membership",
-    "aws_quicksight_iam_policy_assignment",
-    "aws_quicksight_ingestion",
-    "aws_quicksight_namespace",
-    "aws_quicksight_refresh_schedule",
-    "aws_quicksight_role_membership",
-    "aws_quicksight_template",
-    "aws_quicksight_template_alias",
-    "aws_quicksight_theme",
-    "aws_quicksight_user",
-    "aws_quicksight_vpc_connection",
-    "aws_ram_principal_association",
-    "aws_ram_resource_association",
-    "aws_ram_resource_share",
-    "aws_ram_resource_share_accepter",
-    "aws_ram_sharing_with_organization",
-    "aws_rbin_rule",
-    "aws_rds_certificate",
-    "aws_rds_cluster",
-    "aws_rds_cluster_activity_stream",
-    "aws_rds_cluster_endpoint",
-    "aws_rds_cluster_instance",
-    "aws_rds_cluster_parameter_group",
-    "aws_rds_cluster_role_association",
-    "aws_rds_cluster_snapshot_copy",
-    "aws_rds_custom_db_engine_version",
-    "aws_rds_export_task",
-    "aws_rds_global_cluster",
-    "aws_rds_instance_state",
-    "aws_rds_integration",
-    "aws_rds_reserved_instance",
-    "aws_rds_shard_group",
-    "aws_redshift_authentication_profile",
-    "aws_redshift_cluster",
-    "aws_redshift_cluster_iam_roles",
-    "aws_redshift_cluster_snapshot",
-    "aws_redshift_data_share_authorization",
-    "aws_redshift_data_share_consumer_association",
-    "aws_redshift_endpoint_access",
-    "aws_redshift_endpoint_authorization",
-    "aws_redshift_event_subscription",
-    "aws_redshift_hsm_client_certificate",
-    "aws_redshift_hsm_configuration",
-    "aws_redshift_logging",
-    "aws_redshift_parameter_group",
-    "aws_redshift_partner",
-    "aws_redshift_resource_policy",
-    "aws_redshift_scheduled_action",
-    "aws_redshift_snapshot_copy",
-    "aws_redshift_snapshot_copy_grant",
-    "aws_redshift_snapshot_schedule",
-    "aws_redshift_snapshot_schedule_association",
-    "aws_redshift_subnet_group",
-    "aws_redshift_usage_limit",
-    "aws_redshiftdata_statement",
-    "aws_redshiftserverless_custom_domain_association",
-    "aws_redshiftserverless_endpoint_access",
-    "aws_redshiftserverless_namespace",
-    "aws_redshiftserverless_resource_policy",
-    "aws_redshiftserverless_snapshot",
-    "aws_redshiftserverless_usage_limit",
-    "aws_redshiftserverless_workgroup",
-    "aws_rekognition_collection",
-    "aws_rekognition_project",
-    "aws_rekognition_stream_processor",
-    "aws_resiliencehub_resiliency_policy",
-    "aws_resourceexplorer2_index",
-    "aws_resourceexplorer2_view",
-    "aws_resourcegroups_group",
-    "aws_resourcegroups_resource",
-    "aws_rolesanywhere_profile",
-    "aws_rolesanywhere_trust_anchor",
-    "aws_route",
-    "aws_route53_cidr_collection",
-    "aws_route53_cidr_location",
-    "aws_route53_delegation_set",
-    "aws_route53_health_check",
-    "aws_route53_hosted_zone_dnssec",
-    "aws_route53_key_signing_key",
-    "aws_route53_query_log",
-    "aws_route53_record",
-    "aws_route53_records_exclusive",
-    "aws_route53_resolver_config",
-    "aws_route53_resolver_dnssec_config",
-    "aws_route53_resolver_endpoint",
-    "aws_route53_resolver_firewall_config",
-    "aws_route53_resolver_firewall_domain_list",
-    "aws_route53_resolver_firewall_rule",
-    "aws_route53_resolver_firewall_rule_group",
-    "aws_route53_resolver_firewall_rule_group_association",
-    "aws_route53_resolver_query_log_config",
-    "aws_route53_resolver_query_log_config_association",
-    "aws_route53_resolver_rule",
-    "aws_route53_resolver_rule_association",
-    "aws_route53_traffic_policy",
-    "aws_route53_traffic_policy_instance",
-    "aws_route53_vpc_association_authorization",
-    "aws_route53_zone",
-    "aws_route53_zone_association",
-    "aws_route53domains_delegation_signer_record",
-    "aws_route53domains_domain",
-    "aws_route53domains_registered_domain",
-    "aws_route53profiles_association",
-    "aws_route53profiles_profile",
-    "aws_route53profiles_resource_association",
-    "aws_route53recoverycontrolconfig_cluster",
-    "aws_route53recoverycontrolconfig_control_panel",
-    "aws_route53recoverycontrolconfig_routing_control",
-    "aws_route53recoverycontrolconfig_safety_rule",
-    "aws_route53recoveryreadiness_cell",
-    "aws_route53recoveryreadiness_readiness_check",
-    "aws_route53recoveryreadiness_recovery_group",
-    "aws_route53recoveryreadiness_resource_set",
-    "aws_route_table",
-    "aws_route_table_association",
-    "aws_rum_app_monitor",
-    "aws_rum_metrics_destination",
-    "aws_s3_access_point",
-    "aws_s3_account_public_access_block",
-    "aws_s3_bucket",
-    "aws_s3_bucket_accelerate_configuration",
-    "aws_s3_bucket_acl",
-    "aws_s3_bucket_analytics_configuration",
-    "aws_s3_bucket_cors_configuration",
-    "aws_s3_bucket_intelligent_tiering_configuration",
-    "aws_s3_bucket_inventory",
-    "aws_s3_bucket_lifecycle_configuration",
-    "aws_s3_bucket_logging",
-    "aws_s3_bucket_metric",
-    "aws_s3_bucket_notification",
-    "aws_s3_bucket_object",
-    "aws_s3_bucket_object_lock_configuration",
-    "aws_s3_bucket_ownership_controls",
-    "aws_s3_bucket_policy",
-    "aws_s3_bucket_public_access_block",
-    "aws_s3_bucket_replication_configuration",
-    "aws_s3_bucket_request_payment_configuration",
-    "aws_s3_bucket_server_side_encryption_configuration",
-    "aws_s3_bucket_versioning",
-    "aws_s3_bucket_website_configuration",
-    "aws_s3_directory_bucket",
-    "aws_s3_object",
-    "aws_s3_object_copy",
-    "aws_s3control_access_grant",
-    "aws_s3control_access_grants_instance",
-    "aws_s3control_access_grants_instance_resource_policy",
-    "aws_s3control_access_grants_location",
-    "aws_s3control_access_point_policy",
-    "aws_s3control_bucket",
-    "aws_s3control_bucket_lifecycle_configuration",
-    "aws_s3control_bucket_policy",
-    "aws_s3control_multi_region_access_point",
-    "aws_s3control_multi_region_access_point_policy",
-    "aws_s3control_object_lambda_access_point",
-    "aws_s3control_object_lambda_access_point_policy",
-    "aws_s3control_storage_lens_configuration",
-    "aws_s3outposts_endpoint",
-    "aws_s3tables_namespace",
-    "aws_s3tables_table",
-    "aws_s3tables_table_bucket",
-    "aws_s3tables_table_bucket_policy",
-    "aws_s3tables_table_policy",
-    "aws_sagemaker_app",
-    "aws_sagemaker_app_image_config",
-    "aws_sagemaker_code_repository",
-    "aws_sagemaker_data_quality_job_definition",
-    "aws_sagemaker_device",
-    "aws_sagemaker_device_fleet",
-    "aws_sagemaker_domain",
-    "aws_sagemaker_endpoint",
-    "aws_sagemaker_endpoint_configuration",
-    "aws_sagemaker_feature_group",
-    "aws_sagemaker_flow_definition",
-    "aws_sagemaker_hub",
-    "aws_sagemaker_human_task_ui",
-    "aws_sagemaker_image",
-    "aws_sagemaker_image_version",
-    "aws_sagemaker_mlflow_tracking_server",
-    "aws_sagemaker_model",
-    "aws_sagemaker_model_package_group",
-    "aws_sagemaker_model_package_group_policy",
-    "aws_sagemaker_monitoring_schedule",
-    "aws_sagemaker_notebook_instance",
-    "aws_sagemaker_notebook_instance_lifecycle_configuration",
-    "aws_sagemaker_pipeline",
-    "aws_sagemaker_project",
-    "aws_sagemaker_servicecatalog_portfolio_status",
-    "aws_sagemaker_space",
-    "aws_sagemaker_studio_lifecycle_config",
-    "aws_sagemaker_user_profile",
-    "aws_sagemaker_workforce",
-    "aws_sagemaker_workteam",
-    "aws_scheduler_schedule",
-    "aws_scheduler_schedule_group",
-    "aws_schemas_discoverer",
-    "aws_schemas_registry",
-    "aws_schemas_registry_policy",
-    "aws_schemas_schema",
-    "aws_secretsmanager_secret",
-    "aws_secretsmanager_secret_policy",
-    "aws_secretsmanager_secret_rotation",
-    "aws_secretsmanager_secret_version",
-    "aws_security_group",
-    "aws_security_group_rule",
-    "aws_securityhub_account",
-    "aws_securityhub_action_target",
-    "aws_securityhub_automation_rule",
-    "aws_securityhub_configuration_policy",
-    "aws_securityhub_configuration_policy_association",
-    "aws_securityhub_finding_aggregator",
-    "aws_securityhub_insight",
-    "aws_securityhub_invite_accepter",
-    "aws_securityhub_member",
-    "aws_securityhub_organization_admin_account",
-    "aws_securityhub_organization_configuration",
-    "aws_securityhub_product_subscription",
-    "aws_securityhub_standards_control",
-    "aws_securityhub_standards_control_association",
-    "aws_securityhub_standards_subscription",
-    "aws_securitylake_aws_log_source",
-    "aws_securitylake_custom_log_source",
-    "aws_securitylake_data_lake",
-    "aws_securitylake_subscriber",
-    "aws_securitylake_subscriber_notification",
-    "aws_serverlessapplicationrepository_cloudformation_stack",
-    "aws_service_discovery_http_namespace",
-    "aws_service_discovery_instance",
-    "aws_service_discovery_private_dns_namespace",
-    "aws_service_discovery_public_dns_namespace",
-    "aws_service_discovery_service",
-    "aws_servicecatalog_budget_resource_association",
-    "aws_servicecatalog_constraint",
-    "aws_servicecatalog_organizations_access",
-    "aws_servicecatalog_portfolio",
-    "aws_servicecatalog_portfolio_share",
-    "aws_servicecatalog_principal_portfolio_association",
-    "aws_servicecatalog_product",
-    "aws_servicecatalog_product_portfolio_association",
-    "aws_servicecatalog_provisioned_product",
-    "aws_servicecatalog_provisioning_artifact",
-    "aws_servicecatalog_service_action",
-    "aws_servicecatalog_tag_option",
-    "aws_servicecatalog_tag_option_resource_association",
-    "aws_servicecatalogappregistry_application",
-    "aws_servicecatalogappregistry_attribute_group",
-    "aws_servicecatalogappregistry_attribute_group_association",
-    "aws_servicequotas_service_quota",
-    "aws_servicequotas_template",
-    "aws_servicequotas_template_association",
-    "aws_ses_active_receipt_rule_set",
-    "aws_ses_configuration_set",
-    "aws_ses_domain_dkim",
-    "aws_ses_domain_identity",
-    "aws_ses_domain_identity_verification",
-    "aws_ses_domain_mail_from",
-    "aws_ses_email_identity",
-    "aws_ses_event_destination",
-    "aws_ses_identity_notification_topic",
-    "aws_ses_identity_policy",
-    "aws_ses_receipt_filter",
-    "aws_ses_receipt_rule",
-    "aws_ses_receipt_rule_set",
-    "aws_ses_template",
-    "aws_sesv2_account_suppression_attributes",
-    "aws_sesv2_account_vdm_attributes",
-    "aws_sesv2_configuration_set",
-    "aws_sesv2_configuration_set_event_destination",
-    "aws_sesv2_contact_list",
-    "aws_sesv2_dedicated_ip_assignment",
-    "aws_sesv2_dedicated_ip_pool",
-    "aws_sesv2_email_identity",
-    "aws_sesv2_email_identity_feedback_attributes",
-    "aws_sesv2_email_identity_mail_from_attributes",
-    "aws_sesv2_email_identity_policy",
-    "aws_sfn_activity",
-    "aws_sfn_alias",
-    "aws_sfn_state_machine",
-    "aws_shield_application_layer_automatic_response",
-    "aws_shield_drt_access_log_bucket_association",
-    "aws_shield_drt_access_role_arn_association",
-    "aws_shield_proactive_engagement",
-    "aws_shield_protection",
-    "aws_shield_protection_group",
-    "aws_shield_protection_health_check_association",
-    "aws_shield_subscription",
-    "aws_signer_signing_job",
-    "aws_signer_signing_profile",
-    "aws_signer_signing_profile_permission",
-    "aws_simpledb_domain",
-    "aws_snapshot_create_volume_permission",
-    "aws_sns_platform_application",
-    "aws_sns_sms_preferences",
-    "aws_sns_topic",
-    "aws_sns_topic_data_protection_policy",
-    "aws_sns_topic_policy",
-    "aws_sns_topic_subscription",
-    "aws_spot_datafeed_subscription",
-    "aws_spot_fleet_request",
-    "aws_spot_instance_request",
-    "aws_sqs_queue",
-    "aws_sqs_queue_policy",
-    "aws_sqs_queue_redrive_allow_policy",
-    "aws_sqs_queue_redrive_policy",
-    "aws_ssm_activation",
-    "aws_ssm_association",
-    "aws_ssm_default_patch_baseline",
-    "aws_ssm_document",
-    "aws_ssm_maintenance_window",
-    "aws_ssm_maintenance_window_target",
-    "aws_ssm_maintenance_window_task",
-    "aws_ssm_parameter",
-    "aws_ssm_patch_baseline",
-    "aws_ssm_patch_group",
-    "aws_ssm_resource_data_sync",
-    "aws_ssm_service_setting",
-    "aws_ssmcontacts_contact",
-    "aws_ssmcontacts_contact_channel",
-    "aws_ssmcontacts_plan",
-    "aws_ssmcontacts_rotation",
-    "aws_ssmincidents_replication_set",
-    "aws_ssmincidents_response_plan",
-    "aws_ssmquicksetup_configuration_manager",
-    "aws_ssoadmin_account_assignment",
-    "aws_ssoadmin_application",
-    "aws_ssoadmin_application_access_scope",
-    "aws_ssoadmin_application_assignment",
-    "aws_ssoadmin_application_assignment_configuration",
-    "aws_ssoadmin_customer_managed_policy_attachment",
-    "aws_ssoadmin_instance_access_control_attributes",
-    "aws_ssoadmin_managed_policy_attachment",
-    "aws_ssoadmin_permission_set",
-    "aws_ssoadmin_permission_set_inline_policy",
-    "aws_ssoadmin_permissions_boundary_attachment",
-    "aws_ssoadmin_trusted_token_issuer",
-    "aws_storagegateway_cache",
-    "aws_storagegateway_cached_iscsi_volume",
-    "aws_storagegateway_file_system_association",
-    "aws_storagegateway_gateway",
-    "aws_storagegateway_nfs_file_share",
-    "aws_storagegateway_smb_file_share",
-    "aws_storagegateway_stored_iscsi_volume",
-    "aws_storagegateway_tape_pool",
-    "aws_storagegateway_upload_buffer",
-    "aws_storagegateway_working_storage",
-    "aws_subnet",
-    "aws_swf_domain",
-    "aws_synthetics_canary",
-    "aws_synthetics_group",
-    "aws_synthetics_group_association",
-    "aws_timestreaminfluxdb_db_instance",
-    "aws_timestreamquery_scheduled_query",
-    "aws_timestreamwrite_database",
-    "aws_timestreamwrite_table",
-    "aws_transcribe_language_model",
-    "aws_transcribe_medical_vocabulary",
-    "aws_transcribe_vocabulary",
-    "aws_transcribe_vocabulary_filter",
-    "aws_transfer_access",
-    "aws_transfer_agreement",
-    "aws_transfer_certificate",
-    "aws_transfer_connector",
-    "aws_transfer_profile",
-    "aws_transfer_server",
-    "aws_transfer_ssh_key",
-    "aws_transfer_tag",
-    "aws_transfer_user",
-    "aws_transfer_workflow",
-    "aws_verifiedaccess_endpoint",
-    "aws_verifiedaccess_group",
-    "aws_verifiedaccess_instance",
-    "aws_verifiedaccess_instance_logging_configuration",
-    "aws_verifiedaccess_instance_trust_provider_attachment",
-    "aws_verifiedaccess_trust_provider",
-    "aws_verifiedpermissions_identity_source",
-    "aws_verifiedpermissions_policy",
-    "aws_verifiedpermissions_policy_store",
-    "aws_verifiedpermissions_policy_template",
-    "aws_verifiedpermissions_schema",
-    "aws_volume_attachment",
-    "aws_vpc",
-    "aws_vpc_block_public_access_exclusion",
-    "aws_vpc_block_public_access_options",
-    "aws_vpc_dhcp_options",
-    "aws_vpc_dhcp_options_association",
-    "aws_vpc_endpoint",
-    "aws_vpc_endpoint_connection_accepter",
-    "aws_vpc_endpoint_connection_notification",
-    "aws_vpc_endpoint_policy",
-    "aws_vpc_endpoint_private_dns",
-    "aws_vpc_endpoint_route_table_association",
-    "aws_vpc_endpoint_security_group_association",
-    "aws_vpc_endpoint_service",
-    "aws_vpc_endpoint_service_allowed_principal",
-    "aws_vpc_endpoint_service_private_dns_verification",
-    "aws_vpc_endpoint_subnet_association",
-    "aws_vpc_ipam",
-    "aws_vpc_ipam_organization_admin_account",
-    "aws_vpc_ipam_pool",
-    "aws_vpc_ipam_pool_cidr",
-    "aws_vpc_ipam_pool_cidr_allocation",
-    "aws_vpc_ipam_preview_next_cidr",
-    "aws_vpc_ipam_resource_discovery",
-    "aws_vpc_ipam_resource_discovery_association",
-    "aws_vpc_ipam_scope",
-    "aws_vpc_ipv4_cidr_block_association",
-    "aws_vpc_ipv6_cidr_block_association",
-    "aws_vpc_network_performance_metric_subscription",
-    "aws_vpc_peering_connection",
-    "aws_vpc_peering_connection_accepter",
-    "aws_vpc_peering_connection_options",
-    "aws_vpc_security_group_egress_rule",
-    "aws_vpc_security_group_ingress_rule",
-    "aws_vpc_security_group_vpc_association",
-    "aws_vpclattice_access_log_subscription",
-    "aws_vpclattice_auth_policy",
-    "aws_vpclattice_listener",
-    "aws_vpclattice_listener_rule",
-    "aws_vpclattice_resource_configuration",
-    "aws_vpclattice_resource_gateway",
-    "aws_vpclattice_resource_policy",
-    "aws_vpclattice_service",
-    "aws_vpclattice_service_network",
-    "aws_vpclattice_service_network_resource_association",
-    "aws_vpclattice_service_network_service_association",
-    "aws_vpclattice_service_network_vpc_association",
-    "aws_vpclattice_target_group",
-    "aws_vpclattice_target_group_attachment",
-    "aws_vpn_connection",
-    "aws_vpn_connection_route",
-    "aws_vpn_gateway",
-    "aws_vpn_gateway_attachment",
-    "aws_vpn_gateway_route_propagation",
-    "aws_waf_byte_match_set",
-    "aws_waf_geo_match_set",
-    "aws_waf_ipset",
-    "aws_waf_rate_based_rule",
-    "aws_waf_regex_match_set",
-    "aws_waf_regex_pattern_set",
-    "aws_waf_rule",
-    "aws_waf_rule_group",
-    "aws_waf_size_constraint_set",
-    "aws_waf_sql_injection_match_set",
-    "aws_waf_web_acl",
-    "aws_waf_xss_match_set",
-    "aws_wafregional_byte_match_set",
-    "aws_wafregional_geo_match_set",
-    "aws_wafregional_ipset",
-    "aws_wafregional_rate_based_rule",
-    "aws_wafregional_regex_match_set",
-    "aws_wafregional_regex_pattern_set",
-    "aws_wafregional_rule",
-    "aws_wafregional_rule_group",
-    "aws_wafregional_size_constraint_set",
-    "aws_wafregional_sql_injection_match_set",
-    "aws_wafregional_web_acl",
-    "aws_wafregional_web_acl_association",
-    "aws_wafregional_xss_match_set",
-    "aws_wafv2_ip_set",
-    "aws_wafv2_regex_pattern_set",
-    "aws_wafv2_rule_group",
-    "aws_wafv2_web_acl",
-    "aws_wafv2_web_acl_association",
-    "aws_wafv2_web_acl_logging_configuration",
-    "aws_worklink_fleet",
-    "aws_worklink_website_certificate_authority_association",
-    "aws_workspaces_connection_alias",
-    "aws_workspaces_directory",
-    "aws_workspaces_ip_group",
-    "aws_workspaces_workspace",
-    "aws_xray_encryption_config",
-    "aws_xray_group",
-    "aws_xray_resource_policy",
-    "aws_xray_sampling_rule"
-  ]
-}
+    "resources": [
+        "aws_accessanalyzer_analyzer",
+        "aws_accessanalyzer_archive_rule",
+        "aws_account_alternate_contact",
+        "aws_account_primary_contact",
+        "aws_account_region",
+        "aws_acm_certificate",
+        "aws_acm_certificate_validation",
+        "aws_acmpca_certificate",
+        "aws_acmpca_certificate_authority",
+        "aws_acmpca_certificate_authority_certificate",
+        "aws_acmpca_permission",
+        "aws_acmpca_policy",
+        "aws_alb",
+        "aws_ami",
+        "aws_ami_copy",
+        "aws_ami_from_instance",
+        "aws_ami_launch_permission",
+        "aws_amplify_app",
+        "aws_amplify_backend_environment",
+        "aws_amplify_branch",
+        "aws_amplify_domain_association",
+        "aws_amplify_webhook",
+        "aws_api_gateway_account",
+        "aws_api_gateway_api_key",
+        "aws_api_gateway_authorizer",
+        "aws_api_gateway_base_path_mapping",
+        "aws_api_gateway_client_certificate",
+        "aws_api_gateway_deployment",
+        "aws_api_gateway_documentation_part",
+        "aws_api_gateway_documentation_version",
+        "aws_api_gateway_domain_name",
+        "aws_api_gateway_domain_name_access_association",
+        "aws_api_gateway_gateway_response",
+        "aws_api_gateway_integration",
+        "aws_api_gateway_integration_response",
+        "aws_api_gateway_method",
+        "aws_api_gateway_method_response",
+        "aws_api_gateway_method_settings",
+        "aws_api_gateway_model",
+        "aws_api_gateway_request_validator",
+        "aws_api_gateway_resource",
+        "aws_api_gateway_rest_api",
+        "aws_api_gateway_rest_api_policy",
+        "aws_api_gateway_rest_api_put",
+        "aws_api_gateway_stage",
+        "aws_api_gateway_usage_plan",
+        "aws_api_gateway_usage_plan_key",
+        "aws_api_gateway_vpc_link",
+        "aws_apigatewayv2_api",
+        "aws_apigatewayv2_api_mapping",
+        "aws_apigatewayv2_authorizer",
+        "aws_apigatewayv2_deployment",
+        "aws_apigatewayv2_domain_name",
+        "aws_apigatewayv2_integration",
+        "aws_apigatewayv2_integration_response",
+        "aws_apigatewayv2_model",
+        "aws_apigatewayv2_route",
+        "aws_apigatewayv2_route_response",
+        "aws_apigatewayv2_stage",
+        "aws_apigatewayv2_vpc_link",
+        "aws_app_cookie_stickiness_policy",
+        "aws_appautoscaling_policy",
+        "aws_appautoscaling_scheduled_action",
+        "aws_appautoscaling_target",
+        "aws_appconfig_application",
+        "aws_appconfig_configuration_profile",
+        "aws_appconfig_deployment",
+        "aws_appconfig_deployment_strategy",
+        "aws_appconfig_environment",
+        "aws_appconfig_extension",
+        "aws_appconfig_extension_association",
+        "aws_appconfig_hosted_configuration_version",
+        "aws_appfabric_app_authorization",
+        "aws_appfabric_app_authorization_connection",
+        "aws_appfabric_app_bundle",
+        "aws_appfabric_ingestion",
+        "aws_appfabric_ingestion_destination",
+        "aws_appflow_connector_profile",
+        "aws_appflow_flow",
+        "aws_appintegrations_data_integration",
+        "aws_appintegrations_event_integration",
+        "aws_applicationinsights_application",
+        "aws_appmesh_gateway_route",
+        "aws_appmesh_mesh",
+        "aws_appmesh_route",
+        "aws_appmesh_virtual_gateway",
+        "aws_appmesh_virtual_node",
+        "aws_appmesh_virtual_router",
+        "aws_appmesh_virtual_service",
+        "aws_apprunner_auto_scaling_configuration_version",
+        "aws_apprunner_connection",
+        "aws_apprunner_custom_domain_association",
+        "aws_apprunner_default_auto_scaling_configuration_version",
+        "aws_apprunner_deployment",
+        "aws_apprunner_observability_configuration",
+        "aws_apprunner_service",
+        "aws_apprunner_vpc_connector",
+        "aws_apprunner_vpc_ingress_connection",
+        "aws_appstream_directory_config",
+        "aws_appstream_fleet",
+        "aws_appstream_fleet_stack_association",
+        "aws_appstream_image_builder",
+        "aws_appstream_stack",
+        "aws_appstream_user",
+        "aws_appstream_user_stack_association",
+        "aws_appsync_api",
+        "aws_appsync_api_cache",
+        "aws_appsync_api_key",
+        "aws_appsync_channel_namespace",
+        "aws_appsync_datasource",
+        "aws_appsync_domain_name",
+        "aws_appsync_domain_name_api_association",
+        "aws_appsync_function",
+        "aws_appsync_graphql_api",
+        "aws_appsync_resolver",
+        "aws_appsync_source_api_association",
+        "aws_appsync_type",
+        "aws_athena_capacity_reservation",
+        "aws_athena_data_catalog",
+        "aws_athena_database",
+        "aws_athena_named_query",
+        "aws_athena_prepared_statement",
+        "aws_athena_workgroup",
+        "aws_auditmanager_account_registration",
+        "aws_auditmanager_assessment",
+        "aws_auditmanager_assessment_delegation",
+        "aws_auditmanager_assessment_report",
+        "aws_auditmanager_control",
+        "aws_auditmanager_framework",
+        "aws_auditmanager_framework_share",
+        "aws_auditmanager_organization_admin_account_registration",
+        "aws_autoscaling_attachment",
+        "aws_autoscaling_group",
+        "aws_autoscaling_group_tag",
+        "aws_autoscaling_lifecycle_hook",
+        "aws_autoscaling_notification",
+        "aws_autoscaling_policy",
+        "aws_autoscaling_schedule",
+        "aws_autoscaling_traffic_source_attachment",
+        "aws_autoscalingplans_scaling_plan",
+        "aws_backup_framework",
+        "aws_backup_global_settings",
+        "aws_backup_logically_air_gapped_vault",
+        "aws_backup_plan",
+        "aws_backup_region_settings",
+        "aws_backup_report_plan",
+        "aws_backup_selection",
+        "aws_backup_vault",
+        "aws_backup_vault_lock_configuration",
+        "aws_backup_vault_notifications",
+        "aws_backup_vault_policy",
+        "aws_batch_compute_environment",
+        "aws_batch_job_definition",
+        "aws_batch_job_queue",
+        "aws_batch_scheduling_policy",
+        "aws_bcmdataexports_export",
+        "aws_bedrock_custom_model",
+        "aws_bedrock_guardrail",
+        "aws_bedrock_guardrail_version",
+        "aws_bedrock_inference_profile",
+        "aws_bedrock_model_invocation_logging_configuration",
+        "aws_bedrock_provisioned_model_throughput",
+        "aws_bedrockagent_agent",
+        "aws_bedrockagent_agent_action_group",
+        "aws_bedrockagent_agent_alias",
+        "aws_bedrockagent_agent_collaborator",
+        "aws_bedrockagent_agent_knowledge_base_association",
+        "aws_bedrockagent_data_source",
+        "aws_bedrockagent_flow",
+        "aws_bedrockagent_knowledge_base",
+        "aws_bedrockagent_prompt",
+        "aws_bedrockagentcore_agent_runtime",
+        "aws_bedrockagentcore_agent_runtime_endpoint",
+        "aws_bedrockagentcore_api_key_credential_provider",
+        "aws_bedrockagentcore_browser",
+        "aws_bedrockagentcore_code_interpreter",
+        "aws_bedrockagentcore_gateway",
+        "aws_bedrockagentcore_gateway_target",
+        "aws_bedrockagentcore_memory",
+        "aws_bedrockagentcore_memory_strategy",
+        "aws_bedrockagentcore_oauth2_credential_provider",
+        "aws_bedrockagentcore_token_vault_cmk",
+        "aws_bedrockagentcore_workload_identity",
+        "aws_budgets_budget",
+        "aws_budgets_budget_action",
+        "aws_ce_anomaly_monitor",
+        "aws_ce_anomaly_subscription",
+        "aws_ce_cost_allocation_tag",
+        "aws_ce_cost_category",
+        "aws_chatbot_slack_channel_configuration",
+        "aws_chatbot_teams_channel_configuration",
+        "aws_chime_voice_connector",
+        "aws_chime_voice_connector_group",
+        "aws_chime_voice_connector_logging",
+        "aws_chime_voice_connector_origination",
+        "aws_chime_voice_connector_streaming",
+        "aws_chime_voice_connector_termination",
+        "aws_chime_voice_connector_termination_credentials",
+        "aws_chimesdkmediapipelines_media_insights_pipeline_configuration",
+        "aws_chimesdkvoice_global_settings",
+        "aws_chimesdkvoice_sip_media_application",
+        "aws_chimesdkvoice_sip_rule",
+        "aws_chimesdkvoice_voice_profile_domain",
+        "aws_cleanrooms_collaboration",
+        "aws_cleanrooms_configured_table",
+        "aws_cleanrooms_membership",
+        "aws_cloud9_environment_ec2",
+        "aws_cloud9_environment_membership",
+        "aws_cloudcontrolapi_resource",
+        "aws_cloudformation_stack",
+        "aws_cloudformation_stack_instances",
+        "aws_cloudformation_stack_set",
+        "aws_cloudformation_stack_set_instance",
+        "aws_cloudformation_type",
+        "aws_cloudfront_cache_policy",
+        "aws_cloudfront_continuous_deployment_policy",
+        "aws_cloudfront_distribution",
+        "aws_cloudfront_field_level_encryption_config",
+        "aws_cloudfront_field_level_encryption_profile",
+        "aws_cloudfront_function",
+        "aws_cloudfront_key_group",
+        "aws_cloudfront_key_value_store",
+        "aws_cloudfront_monitoring_subscription",
+        "aws_cloudfront_origin_access_control",
+        "aws_cloudfront_origin_access_identity",
+        "aws_cloudfront_origin_request_policy",
+        "aws_cloudfront_public_key",
+        "aws_cloudfront_realtime_log_config",
+        "aws_cloudfront_response_headers_policy",
+        "aws_cloudfront_vpc_origin",
+        "aws_cloudfrontkeyvaluestore_key",
+        "aws_cloudfrontkeyvaluestore_keys_exclusive",
+        "aws_cloudhsm_v2_cluster",
+        "aws_cloudhsm_v2_hsm",
+        "aws_cloudsearch_domain",
+        "aws_cloudsearch_domain_service_access_policy",
+        "aws_cloudtrail",
+        "aws_cloudtrail_event_data_store",
+        "aws_cloudtrail_organization_delegated_admin_account",
+        "aws_cloudwatch_composite_alarm",
+        "aws_cloudwatch_contributor_insight_rule",
+        "aws_cloudwatch_contributor_managed_insight_rule",
+        "aws_cloudwatch_dashboard",
+        "aws_cloudwatch_event_api_destination",
+        "aws_cloudwatch_event_archive",
+        "aws_cloudwatch_event_bus",
+        "aws_cloudwatch_event_bus_policy",
+        "aws_cloudwatch_event_connection",
+        "aws_cloudwatch_event_endpoint",
+        "aws_cloudwatch_event_permission",
+        "aws_cloudwatch_event_rule",
+        "aws_cloudwatch_event_target",
+        "aws_cloudwatch_log_account_policy",
+        "aws_cloudwatch_log_anomaly_detector",
+        "aws_cloudwatch_log_data_protection_policy",
+        "aws_cloudwatch_log_delivery",
+        "aws_cloudwatch_log_delivery_destination",
+        "aws_cloudwatch_log_delivery_destination_policy",
+        "aws_cloudwatch_log_delivery_source",
+        "aws_cloudwatch_log_destination",
+        "aws_cloudwatch_log_destination_policy",
+        "aws_cloudwatch_log_group",
+        "aws_cloudwatch_log_index_policy",
+        "aws_cloudwatch_log_metric_filter",
+        "aws_cloudwatch_log_resource_policy",
+        "aws_cloudwatch_log_stream",
+        "aws_cloudwatch_log_subscription_filter",
+        "aws_cloudwatch_metric_alarm",
+        "aws_cloudwatch_metric_stream",
+        "aws_cloudwatch_query_definition",
+        "aws_codeartifact_domain",
+        "aws_codeartifact_domain_permissions_policy",
+        "aws_codeartifact_repository",
+        "aws_codeartifact_repository_permissions_policy",
+        "aws_codebuild_fleet",
+        "aws_codebuild_project",
+        "aws_codebuild_report_group",
+        "aws_codebuild_resource_policy",
+        "aws_codebuild_source_credential",
+        "aws_codebuild_webhook",
+        "aws_codecatalyst_dev_environment",
+        "aws_codecatalyst_project",
+        "aws_codecatalyst_source_repository",
+        "aws_codecommit_approval_rule_template",
+        "aws_codecommit_approval_rule_template_association",
+        "aws_codecommit_repository",
+        "aws_codecommit_trigger",
+        "aws_codeconnections_connection",
+        "aws_codeconnections_host",
+        "aws_codedeploy_app",
+        "aws_codedeploy_deployment_config",
+        "aws_codedeploy_deployment_group",
+        "aws_codeguruprofiler_profiling_group",
+        "aws_codegurureviewer_repository_association",
+        "aws_codepipeline",
+        "aws_codepipeline_custom_action_type",
+        "aws_codepipeline_webhook",
+        "aws_codestarconnections_connection",
+        "aws_codestarconnections_host",
+        "aws_codestarnotifications_notification_rule",
+        "aws_cognito_identity_pool",
+        "aws_cognito_identity_pool_provider_principal_tag",
+        "aws_cognito_identity_pool_roles_attachment",
+        "aws_cognito_identity_provider",
+        "aws_cognito_log_delivery_configuration",
+        "aws_cognito_managed_login_branding",
+        "aws_cognito_managed_user_pool_client",
+        "aws_cognito_resource_server",
+        "aws_cognito_risk_configuration",
+        "aws_cognito_user",
+        "aws_cognito_user_group",
+        "aws_cognito_user_in_group",
+        "aws_cognito_user_pool",
+        "aws_cognito_user_pool_client",
+        "aws_cognito_user_pool_domain",
+        "aws_cognito_user_pool_ui_customization",
+        "aws_comprehend_document_classifier",
+        "aws_comprehend_entity_recognizer",
+        "aws_computeoptimizer_enrollment_status",
+        "aws_computeoptimizer_recommendation_preferences",
+        "aws_config_aggregate_authorization",
+        "aws_config_config_rule",
+        "aws_config_configuration_aggregator",
+        "aws_config_configuration_recorder",
+        "aws_config_configuration_recorder_status",
+        "aws_config_conformance_pack",
+        "aws_config_delivery_channel",
+        "aws_config_organization_conformance_pack",
+        "aws_config_organization_custom_policy_rule",
+        "aws_config_organization_custom_rule",
+        "aws_config_organization_managed_rule",
+        "aws_config_remediation_configuration",
+        "aws_config_retention_configuration",
+        "aws_connect_bot_association",
+        "aws_connect_contact_flow",
+        "aws_connect_contact_flow_module",
+        "aws_connect_hours_of_operation",
+        "aws_connect_instance",
+        "aws_connect_instance_storage_config",
+        "aws_connect_lambda_function_association",
+        "aws_connect_phone_number",
+        "aws_connect_phone_number_contact_flow_association",
+        "aws_connect_queue",
+        "aws_connect_quick_connect",
+        "aws_connect_routing_profile",
+        "aws_connect_security_profile",
+        "aws_connect_user",
+        "aws_connect_user_hierarchy_group",
+        "aws_connect_user_hierarchy_structure",
+        "aws_connect_vocabulary",
+        "aws_controltower_baseline",
+        "aws_controltower_control",
+        "aws_controltower_landing_zone",
+        "aws_costoptimizationhub_enrollment_status",
+        "aws_costoptimizationhub_preferences",
+        "aws_cur_report_definition",
+        "aws_customer_gateway",
+        "aws_customerprofiles_domain",
+        "aws_customerprofiles_profile",
+        "aws_dataexchange_data_set",
+        "aws_dataexchange_event_action",
+        "aws_dataexchange_revision",
+        "aws_dataexchange_revision_assets",
+        "aws_datapipeline_pipeline",
+        "aws_datapipeline_pipeline_definition",
+        "aws_datasync_agent",
+        "aws_datasync_location_azure_blob",
+        "aws_datasync_location_efs",
+        "aws_datasync_location_fsx_lustre_file_system",
+        "aws_datasync_location_fsx_ontap_file_system",
+        "aws_datasync_location_fsx_openzfs_file_system",
+        "aws_datasync_location_fsx_windows_file_system",
+        "aws_datasync_location_hdfs",
+        "aws_datasync_location_nfs",
+        "aws_datasync_location_object_storage",
+        "aws_datasync_location_s3",
+        "aws_datasync_location_smb",
+        "aws_datasync_task",
+        "aws_datazone_asset_type",
+        "aws_datazone_domain",
+        "aws_datazone_environment",
+        "aws_datazone_environment_blueprint_configuration",
+        "aws_datazone_environment_profile",
+        "aws_datazone_form_type",
+        "aws_datazone_glossary",
+        "aws_datazone_glossary_term",
+        "aws_datazone_project",
+        "aws_datazone_user_profile",
+        "aws_dax_cluster",
+        "aws_dax_parameter_group",
+        "aws_dax_subnet_group",
+        "aws_db_cluster_snapshot",
+        "aws_db_event_subscription",
+        "aws_db_instance",
+        "aws_db_instance_automated_backups_replication",
+        "aws_db_instance_role_association",
+        "aws_db_option_group",
+        "aws_db_parameter_group",
+        "aws_db_proxy",
+        "aws_db_proxy_default_target_group",
+        "aws_db_proxy_endpoint",
+        "aws_db_proxy_target",
+        "aws_db_snapshot",
+        "aws_db_snapshot_copy",
+        "aws_db_subnet_group",
+        "aws_default_network_acl",
+        "aws_default_route_table",
+        "aws_default_security_group",
+        "aws_default_subnet",
+        "aws_default_vpc",
+        "aws_default_vpc_dhcp_options",
+        "aws_detective_graph",
+        "aws_detective_invitation_accepter",
+        "aws_detective_member",
+        "aws_detective_organization_admin_account",
+        "aws_detective_organization_configuration",
+        "aws_devicefarm_device_pool",
+        "aws_devicefarm_instance_profile",
+        "aws_devicefarm_network_profile",
+        "aws_devicefarm_project",
+        "aws_devicefarm_upload",
+        "aws_devopsguru_event_sources_config",
+        "aws_devopsguru_notification_channel",
+        "aws_devopsguru_resource_collection",
+        "aws_devopsguru_service_integration",
+        "aws_directory_service_conditional_forwarder",
+        "aws_directory_service_directory",
+        "aws_directory_service_log_subscription",
+        "aws_directory_service_radius_settings",
+        "aws_directory_service_region",
+        "aws_directory_service_shared_directory",
+        "aws_directory_service_shared_directory_accepter",
+        "aws_directory_service_trust",
+        "aws_dlm_lifecycle_policy",
+        "aws_dms_certificate",
+        "aws_dms_endpoint",
+        "aws_dms_event_subscription",
+        "aws_dms_replication_config",
+        "aws_dms_replication_instance",
+        "aws_dms_replication_subnet_group",
+        "aws_dms_replication_task",
+        "aws_dms_s3_endpoint",
+        "aws_docdb_cluster",
+        "aws_docdb_cluster_instance",
+        "aws_docdb_cluster_parameter_group",
+        "aws_docdb_cluster_snapshot",
+        "aws_docdb_event_subscription",
+        "aws_docdb_global_cluster",
+        "aws_docdb_subnet_group",
+        "aws_docdbelastic_cluster",
+        "aws_drs_replication_configuration_template",
+        "aws_dsql_cluster",
+        "aws_dsql_cluster_peering",
+        "aws_dx_bgp_peer",
+        "aws_dx_connection",
+        "aws_dx_connection_association",
+        "aws_dx_connection_confirmation",
+        "aws_dx_gateway",
+        "aws_dx_gateway_association",
+        "aws_dx_gateway_association_proposal",
+        "aws_dx_hosted_connection",
+        "aws_dx_hosted_private_virtual_interface",
+        "aws_dx_hosted_private_virtual_interface_accepter",
+        "aws_dx_hosted_public_virtual_interface",
+        "aws_dx_hosted_public_virtual_interface_accepter",
+        "aws_dx_hosted_transit_virtual_interface",
+        "aws_dx_hosted_transit_virtual_interface_accepter",
+        "aws_dx_lag",
+        "aws_dx_macsec_key_association",
+        "aws_dx_private_virtual_interface",
+        "aws_dx_public_virtual_interface",
+        "aws_dx_transit_virtual_interface",
+        "aws_dynamodb_contributor_insights",
+        "aws_dynamodb_global_table",
+        "aws_dynamodb_kinesis_streaming_destination",
+        "aws_dynamodb_resource_policy",
+        "aws_dynamodb_table",
+        "aws_dynamodb_table_export",
+        "aws_dynamodb_table_item",
+        "aws_dynamodb_table_replica",
+        "aws_dynamodb_tag",
+        "aws_ebs_default_kms_key",
+        "aws_ebs_encryption_by_default",
+        "aws_ebs_fast_snapshot_restore",
+        "aws_ebs_snapshot",
+        "aws_ebs_snapshot_block_public_access",
+        "aws_ebs_snapshot_copy",
+        "aws_ebs_snapshot_import",
+        "aws_ebs_volume",
+        "aws_ec2_allowed_images_settings",
+        "aws_ec2_availability_zone_group",
+        "aws_ec2_capacity_block_reservation",
+        "aws_ec2_capacity_reservation",
+        "aws_ec2_carrier_gateway",
+        "aws_ec2_client_vpn_authorization_rule",
+        "aws_ec2_client_vpn_endpoint",
+        "aws_ec2_client_vpn_network_association",
+        "aws_ec2_client_vpn_route",
+        "aws_ec2_default_credit_specification",
+        "aws_ec2_fleet",
+        "aws_ec2_host",
+        "aws_ec2_image_block_public_access",
+        "aws_ec2_instance",
+        "aws_ec2_instance_connect_endpoint",
+        "aws_ec2_instance_metadata_defaults",
+        "aws_ec2_instance_state",
+        "aws_ec2_local_gateway_route",
+        "aws_ec2_local_gateway_route_table_vpc_association",
+        "aws_ec2_managed_prefix_list",
+        "aws_ec2_managed_prefix_list_entry",
+        "aws_ec2_network_insights_analysis",
+        "aws_ec2_network_insights_path",
+        "aws_ec2_serial_console_access",
+        "aws_ec2_subnet_cidr_reservation",
+        "aws_ec2_tag",
+        "aws_ec2_traffic_mirror_filter",
+        "aws_ec2_traffic_mirror_filter_rule",
+        "aws_ec2_traffic_mirror_session",
+        "aws_ec2_traffic_mirror_target",
+        "aws_ec2_transit_gateway",
+        "aws_ec2_transit_gateway_connect",
+        "aws_ec2_transit_gateway_connect_peer",
+        "aws_ec2_transit_gateway_default_route_table_association",
+        "aws_ec2_transit_gateway_default_route_table_propagation",
+        "aws_ec2_transit_gateway_multicast_domain",
+        "aws_ec2_transit_gateway_multicast_domain_association",
+        "aws_ec2_transit_gateway_multicast_group_member",
+        "aws_ec2_transit_gateway_multicast_group_source",
+        "aws_ec2_transit_gateway_peering_attachment",
+        "aws_ec2_transit_gateway_peering_attachment_accepter",
+        "aws_ec2_transit_gateway_policy_table",
+        "aws_ec2_transit_gateway_policy_table_association",
+        "aws_ec2_transit_gateway_prefix_list_reference",
+        "aws_ec2_transit_gateway_route",
+        "aws_ec2_transit_gateway_route_table",
+        "aws_ec2_transit_gateway_route_table_association",
+        "aws_ec2_transit_gateway_route_table_propagation",
+        "aws_ec2_transit_gateway_vpc_attachment",
+        "aws_ec2_transit_gateway_vpc_attachment_accepter",
+        "aws_ecr_account_setting",
+        "aws_ecr_lifecycle_policy",
+        "aws_ecr_pull_through_cache_rule",
+        "aws_ecr_registry_policy",
+        "aws_ecr_registry_scanning_configuration",
+        "aws_ecr_replication_configuration",
+        "aws_ecr_repository",
+        "aws_ecr_repository_creation_template",
+        "aws_ecr_repository_policy",
+        "aws_ecrpublic_repository",
+        "aws_ecrpublic_repository_policy",
+        "aws_ecs_account_setting_default",
+        "aws_ecs_capacity_provider",
+        "aws_ecs_cluster",
+        "aws_ecs_cluster_capacity_providers",
+        "aws_ecs_service",
+        "aws_ecs_tag",
+        "aws_ecs_task_definition",
+        "aws_ecs_task_set",
+        "aws_efs_access_point",
+        "aws_efs_backup_policy",
+        "aws_efs_file_system",
+        "aws_efs_file_system_policy",
+        "aws_efs_mount_target",
+        "aws_efs_replication_configuration",
+        "aws_egress_only_internet_gateway",
+        "aws_eip",
+        "aws_eip_association",
+        "aws_eip_domain_name",
+        "aws_eks_access_entry",
+        "aws_eks_access_policy_association",
+        "aws_eks_addon",
+        "aws_eks_cluster",
+        "aws_eks_fargate_profile",
+        "aws_eks_identity_provider_config",
+        "aws_eks_node_group",
+        "aws_eks_pod_identity_association",
+        "aws_elastic_beanstalk_application",
+        "aws_elastic_beanstalk_application_version",
+        "aws_elastic_beanstalk_configuration_template",
+        "aws_elastic_beanstalk_environment",
+        "aws_elasticache_cluster",
+        "aws_elasticache_global_replication_group",
+        "aws_elasticache_parameter_group",
+        "aws_elasticache_replication_group",
+        "aws_elasticache_reserved_cache_node",
+        "aws_elasticache_serverless_cache",
+        "aws_elasticache_subnet_group",
+        "aws_elasticache_user",
+        "aws_elasticache_user_group",
+        "aws_elasticache_user_group_association",
+        "aws_elasticsearch_domain",
+        "aws_elasticsearch_domain_policy",
+        "aws_elasticsearch_domain_saml_options",
+        "aws_elasticsearch_vpc_endpoint",
+        "aws_elastictranscoder_pipeline",
+        "aws_elastictranscoder_preset",
+        "aws_elb",
+        "aws_elb_attachment",
+        "aws_emr_block_public_access_configuration",
+        "aws_emr_cluster",
+        "aws_emr_instance_fleet",
+        "aws_emr_instance_group",
+        "aws_emr_managed_scaling_policy",
+        "aws_emr_security_configuration",
+        "aws_emr_studio",
+        "aws_emr_studio_session_mapping",
+        "aws_emrcontainers_job_template",
+        "aws_emrcontainers_virtual_cluster",
+        "aws_emrserverless_application",
+        "aws_evidently_feature",
+        "aws_evidently_launch",
+        "aws_evidently_project",
+        "aws_evidently_segment",
+        "aws_finspace_kx_cluster",
+        "aws_finspace_kx_database",
+        "aws_finspace_kx_dataview",
+        "aws_finspace_kx_environment",
+        "aws_finspace_kx_scaling_group",
+        "aws_finspace_kx_user",
+        "aws_finspace_kx_volume",
+        "aws_fis_experiment_template",
+        "aws_fis_target_account_configuration",
+        "aws_flow_log",
+        "aws_fms_admin_account",
+        "aws_fms_policy",
+        "aws_fms_resource_set",
+        "aws_fsx_backup",
+        "aws_fsx_data_repository_association",
+        "aws_fsx_file_cache",
+        "aws_fsx_lustre_file_system",
+        "aws_fsx_ontap_file_system",
+        "aws_fsx_ontap_storage_virtual_machine",
+        "aws_fsx_ontap_volume",
+        "aws_fsx_openzfs_file_system",
+        "aws_fsx_openzfs_snapshot",
+        "aws_fsx_openzfs_volume",
+        "aws_fsx_s3_access_point_attachment",
+        "aws_fsx_windows_file_system",
+        "aws_gamelift_alias",
+        "aws_gamelift_build",
+        "aws_gamelift_fleet",
+        "aws_gamelift_game_server_group",
+        "aws_gamelift_game_session_queue",
+        "aws_gamelift_script",
+        "aws_glacier_vault",
+        "aws_glacier_vault_lock",
+        "aws_globalaccelerator_accelerator",
+        "aws_globalaccelerator_cross_account_attachment",
+        "aws_globalaccelerator_custom_routing_accelerator",
+        "aws_globalaccelerator_custom_routing_endpoint_group",
+        "aws_globalaccelerator_custom_routing_listener",
+        "aws_globalaccelerator_endpoint_group",
+        "aws_globalaccelerator_listener",
+        "aws_glue_catalog_database",
+        "aws_glue_catalog_table",
+        "aws_glue_catalog_table_optimizer",
+        "aws_glue_classifier",
+        "aws_glue_connection",
+        "aws_glue_crawler",
+        "aws_glue_data_catalog_encryption_settings",
+        "aws_glue_data_quality_ruleset",
+        "aws_glue_dev_endpoint",
+        "aws_glue_job",
+        "aws_glue_ml_transform",
+        "aws_glue_partition",
+        "aws_glue_partition_index",
+        "aws_glue_registry",
+        "aws_glue_resource_policy",
+        "aws_glue_schema",
+        "aws_glue_security_configuration",
+        "aws_glue_trigger",
+        "aws_glue_user_defined_function",
+        "aws_glue_workflow",
+        "aws_grafana_license_association",
+        "aws_grafana_role_association",
+        "aws_grafana_workspace",
+        "aws_grafana_workspace_api_key",
+        "aws_grafana_workspace_saml_configuration",
+        "aws_grafana_workspace_service_account",
+        "aws_grafana_workspace_service_account_token",
+        "aws_guardduty_detector",
+        "aws_guardduty_detector_feature",
+        "aws_guardduty_filter",
+        "aws_guardduty_invite_accepter",
+        "aws_guardduty_ipset",
+        "aws_guardduty_malware_protection_plan",
+        "aws_guardduty_member",
+        "aws_guardduty_member_detector_feature",
+        "aws_guardduty_organization_admin_account",
+        "aws_guardduty_organization_configuration",
+        "aws_guardduty_organization_configuration_feature",
+        "aws_guardduty_publishing_destination",
+        "aws_guardduty_threatintelset",
+        "aws_iam_access_key",
+        "aws_iam_account_alias",
+        "aws_iam_account_password_policy",
+        "aws_iam_group",
+        "aws_iam_group_membership",
+        "aws_iam_group_policies_exclusive",
+        "aws_iam_group_policy",
+        "aws_iam_group_policy_attachment",
+        "aws_iam_group_policy_attachments_exclusive",
+        "aws_iam_instance_profile",
+        "aws_iam_openid_connect_provider",
+        "aws_iam_organizations_features",
+        "aws_iam_policy",
+        "aws_iam_policy_attachment",
+        "aws_iam_role",
+        "aws_iam_role_policies_exclusive",
+        "aws_iam_role_policy",
+        "aws_iam_role_policy_attachment",
+        "aws_iam_role_policy_attachments_exclusive",
+        "aws_iam_saml_provider",
+        "aws_iam_security_token_service_preferences",
+        "aws_iam_server_certificate",
+        "aws_iam_service_linked_role",
+        "aws_iam_service_specific_credential",
+        "aws_iam_signing_certificate",
+        "aws_iam_user",
+        "aws_iam_user_group_membership",
+        "aws_iam_user_login_profile",
+        "aws_iam_user_policies_exclusive",
+        "aws_iam_user_policy",
+        "aws_iam_user_policy_attachment",
+        "aws_iam_user_policy_attachments_exclusive",
+        "aws_iam_user_ssh_key",
+        "aws_iam_virtual_mfa_device",
+        "aws_identitystore_group",
+        "aws_identitystore_group_membership",
+        "aws_identitystore_user",
+        "aws_imagebuilder_component",
+        "aws_imagebuilder_container_recipe",
+        "aws_imagebuilder_distribution_configuration",
+        "aws_imagebuilder_image",
+        "aws_imagebuilder_image_pipeline",
+        "aws_imagebuilder_image_recipe",
+        "aws_imagebuilder_infrastructure_configuration",
+        "aws_imagebuilder_lifecycle_policy",
+        "aws_imagebuilder_workflow",
+        "aws_inspector2_delegated_admin_account",
+        "aws_inspector2_enabler",
+        "aws_inspector2_filter",
+        "aws_inspector2_member_association",
+        "aws_inspector2_organization_configuration",
+        "aws_inspector_assessment_target",
+        "aws_inspector_assessment_template",
+        "aws_inspector_resource_group",
+        "aws_instance",
+        "aws_internet_gateway",
+        "aws_internet_gateway_attachment",
+        "aws_internetmonitor_monitor",
+        "aws_invoicing_invoice_unit",
+        "aws_iot_authorizer",
+        "aws_iot_billing_group",
+        "aws_iot_ca_certificate",
+        "aws_iot_certificate",
+        "aws_iot_domain_configuration",
+        "aws_iot_event_configurations",
+        "aws_iot_indexing_configuration",
+        "aws_iot_logging_options",
+        "aws_iot_policy",
+        "aws_iot_policy_attachment",
+        "aws_iot_provisioning_template",
+        "aws_iot_role_alias",
+        "aws_iot_thing",
+        "aws_iot_thing_group",
+        "aws_iot_thing_group_membership",
+        "aws_iot_thing_principal_attachment",
+        "aws_iot_thing_type",
+        "aws_iot_topic_rule",
+        "aws_iot_topic_rule_destination",
+        "aws_ivs_channel",
+        "aws_ivs_playback_key_pair",
+        "aws_ivs_recording_configuration",
+        "aws_ivschat_logging_configuration",
+        "aws_ivschat_room",
+        "aws_kendra_data_source",
+        "aws_kendra_experience",
+        "aws_kendra_faq",
+        "aws_kendra_index",
+        "aws_kendra_query_suggestions_block_list",
+        "aws_kendra_thesaurus",
+        "aws_key_pair",
+        "aws_keyspaces_keyspace",
+        "aws_keyspaces_table",
+        "aws_kinesis_analytics_application",
+        "aws_kinesis_firehose_delivery_stream",
+        "aws_kinesis_resource_policy",
+        "aws_kinesis_stream",
+        "aws_kinesis_stream_consumer",
+        "aws_kinesis_video_stream",
+        "aws_kinesisanalyticsv2_application",
+        "aws_kinesisanalyticsv2_application_snapshot",
+        "aws_kms_alias",
+        "aws_kms_ciphertext",
+        "aws_kms_custom_key_store",
+        "aws_kms_external_key",
+        "aws_kms_grant",
+        "aws_kms_key",
+        "aws_kms_key_policy",
+        "aws_kms_replica_external_key",
+        "aws_kms_replica_key",
+        "aws_lakeformation_data_cells_filter",
+        "aws_lakeformation_data_lake_settings",
+        "aws_lakeformation_identity_center_configuration",
+        "aws_lakeformation_lf_tag",
+        "aws_lakeformation_lf_tag_expression",
+        "aws_lakeformation_opt_in",
+        "aws_lakeformation_permissions",
+        "aws_lakeformation_resource",
+        "aws_lakeformation_resource_lf_tag",
+        "aws_lakeformation_resource_lf_tags",
+        "aws_lambda_alias",
+        "aws_lambda_code_signing_config",
+        "aws_lambda_event_source_mapping",
+        "aws_lambda_function",
+        "aws_lambda_function_event_invoke_config",
+        "aws_lambda_function_recursion_config",
+        "aws_lambda_function_url",
+        "aws_lambda_invocation",
+        "aws_lambda_layer_version",
+        "aws_lambda_layer_version_permission",
+        "aws_lambda_permission",
+        "aws_lambda_provisioned_concurrency_config",
+        "aws_lambda_runtime_management_config",
+        "aws_launch_configuration",
+        "aws_launch_template",
+        "aws_lb",
+        "aws_lb_cookie_stickiness_policy",
+        "aws_lb_listener",
+        "aws_lb_listener_certificate",
+        "aws_lb_listener_rule",
+        "aws_lb_ssl_negotiation_policy",
+        "aws_lb_target_group",
+        "aws_lb_target_group_attachment",
+        "aws_lb_trust_store",
+        "aws_lb_trust_store_revocation",
+        "aws_lex_bot",
+        "aws_lex_bot_alias",
+        "aws_lex_intent",
+        "aws_lex_slot_type",
+        "aws_lexv2models_bot",
+        "aws_lexv2models_bot_locale",
+        "aws_lexv2models_bot_version",
+        "aws_lexv2models_intent",
+        "aws_lexv2models_slot",
+        "aws_lexv2models_slot_type",
+        "aws_licensemanager_association",
+        "aws_licensemanager_grant",
+        "aws_licensemanager_grant_accepter",
+        "aws_licensemanager_license_configuration",
+        "aws_lightsail_bucket",
+        "aws_lightsail_bucket_access_key",
+        "aws_lightsail_bucket_resource_access",
+        "aws_lightsail_certificate",
+        "aws_lightsail_container_service",
+        "aws_lightsail_container_service_deployment_version",
+        "aws_lightsail_database",
+        "aws_lightsail_disk",
+        "aws_lightsail_disk_attachment",
+        "aws_lightsail_distribution",
+        "aws_lightsail_domain",
+        "aws_lightsail_domain_entry",
+        "aws_lightsail_instance",
+        "aws_lightsail_instance_public_ports",
+        "aws_lightsail_key_pair",
+        "aws_lightsail_lb",
+        "aws_lightsail_lb_attachment",
+        "aws_lightsail_lb_certificate",
+        "aws_lightsail_lb_certificate_attachment",
+        "aws_lightsail_lb_https_redirection_policy",
+        "aws_lightsail_lb_stickiness_policy",
+        "aws_lightsail_static_ip",
+        "aws_lightsail_static_ip_attachment",
+        "aws_load_balancer_backend_server_policy",
+        "aws_load_balancer_listener_policy",
+        "aws_load_balancer_policy",
+        "aws_location_geofence_collection",
+        "aws_location_map",
+        "aws_location_place_index",
+        "aws_location_route_calculator",
+        "aws_location_tracker",
+        "aws_location_tracker_association",
+        "aws_m2_application",
+        "aws_m2_deployment",
+        "aws_m2_environment",
+        "aws_macie2_account",
+        "aws_macie2_classification_export_configuration",
+        "aws_macie2_classification_job",
+        "aws_macie2_custom_data_identifier",
+        "aws_macie2_findings_filter",
+        "aws_macie2_invitation_accepter",
+        "aws_macie2_member",
+        "aws_macie2_organization_admin_account",
+        "aws_macie2_organization_configuration",
+        "aws_main_route_table_association",
+        "aws_media_convert_queue",
+        "aws_media_package_channel",
+        "aws_media_packagev2_channel_group",
+        "aws_media_store_container",
+        "aws_media_store_container_policy",
+        "aws_medialive_channel",
+        "aws_medialive_input",
+        "aws_medialive_input_security_group",
+        "aws_medialive_multiplex",
+        "aws_medialive_multiplex_program",
+        "aws_memorydb_acl",
+        "aws_memorydb_cluster",
+        "aws_memorydb_multi_region_cluster",
+        "aws_memorydb_parameter_group",
+        "aws_memorydb_snapshot",
+        "aws_memorydb_subnet_group",
+        "aws_memorydb_user",
+        "aws_mq_broker",
+        "aws_mq_configuration",
+        "aws_msk_cluster",
+        "aws_msk_cluster_policy",
+        "aws_msk_configuration",
+        "aws_msk_replicator",
+        "aws_msk_scram_secret_association",
+        "aws_msk_serverless_cluster",
+        "aws_msk_single_scram_secret_association",
+        "aws_msk_vpc_connection",
+        "aws_mskconnect_connector",
+        "aws_mskconnect_custom_plugin",
+        "aws_mskconnect_worker_configuration",
+        "aws_mwaa_environment",
+        "aws_nat_gateway",
+        "aws_nat_gateway_eip_association",
+        "aws_neptune_cluster",
+        "aws_neptune_cluster_endpoint",
+        "aws_neptune_cluster_instance",
+        "aws_neptune_cluster_parameter_group",
+        "aws_neptune_cluster_snapshot",
+        "aws_neptune_event_subscription",
+        "aws_neptune_global_cluster",
+        "aws_neptune_parameter_group",
+        "aws_neptune_subnet_group",
+        "aws_neptunegraph_graph",
+        "aws_network_acl",
+        "aws_network_acl_association",
+        "aws_network_acl_rule",
+        "aws_network_interface",
+        "aws_network_interface_attachment",
+        "aws_network_interface_permission",
+        "aws_network_interface_sg_attachment",
+        "aws_networkfirewall_firewall",
+        "aws_networkfirewall_firewall_policy",
+        "aws_networkfirewall_firewall_transit_gateway_attachment_accepter",
+        "aws_networkfirewall_logging_configuration",
+        "aws_networkfirewall_resource_policy",
+        "aws_networkfirewall_rule_group",
+        "aws_networkfirewall_tls_inspection_configuration",
+        "aws_networkfirewall_vpc_endpoint_association",
+        "aws_networkflowmonitor_monitor",
+        "aws_networkflowmonitor_scope",
+        "aws_networkmanager_attachment_accepter",
+        "aws_networkmanager_connect_attachment",
+        "aws_networkmanager_connect_peer",
+        "aws_networkmanager_connection",
+        "aws_networkmanager_core_network",
+        "aws_networkmanager_core_network_policy_attachment",
+        "aws_networkmanager_customer_gateway_association",
+        "aws_networkmanager_device",
+        "aws_networkmanager_dx_gateway_attachment",
+        "aws_networkmanager_global_network",
+        "aws_networkmanager_link",
+        "aws_networkmanager_link_association",
+        "aws_networkmanager_site",
+        "aws_networkmanager_site_to_site_vpn_attachment",
+        "aws_networkmanager_transit_gateway_connect_peer_association",
+        "aws_networkmanager_transit_gateway_peering",
+        "aws_networkmanager_transit_gateway_registration",
+        "aws_networkmanager_transit_gateway_route_table_attachment",
+        "aws_networkmanager_vpc_attachment",
+        "aws_networkmonitor_monitor",
+        "aws_networkmonitor_probe",
+        "aws_notifications_channel_association",
+        "aws_notifications_event_rule",
+        "aws_notifications_notification_configuration",
+        "aws_notifications_notification_hub",
+        "aws_notificationscontacts_email_contact",
+        "aws_oam_link",
+        "aws_oam_sink",
+        "aws_oam_sink_policy",
+        "aws_observabilityadmin_centralization_rule_for_organization",
+        "aws_odb_cloud_autonomous_vm_cluster",
+        "aws_odb_cloud_exadata_infrastructure",
+        "aws_odb_cloud_vm_cluster",
+        "aws_odb_network",
+        "aws_odb_network_peering_connection",
+        "aws_opensearch_authorize_vpc_endpoint_access",
+        "aws_opensearch_domain",
+        "aws_opensearch_domain_policy",
+        "aws_opensearch_domain_saml_options",
+        "aws_opensearch_inbound_connection_accepter",
+        "aws_opensearch_outbound_connection",
+        "aws_opensearch_package",
+        "aws_opensearch_package_association",
+        "aws_opensearch_vpc_endpoint",
+        "aws_opensearchserverless_access_policy",
+        "aws_opensearchserverless_collection",
+        "aws_opensearchserverless_lifecycle_policy",
+        "aws_opensearchserverless_security_config",
+        "aws_opensearchserverless_security_policy",
+        "aws_opensearchserverless_vpc_endpoint",
+        "aws_organizations_account",
+        "aws_organizations_delegated_administrator",
+        "aws_organizations_organization",
+        "aws_organizations_organizational_unit",
+        "aws_organizations_policy",
+        "aws_organizations_policy_attachment",
+        "aws_organizations_resource_policy",
+        "aws_osis_pipeline",
+        "aws_paymentcryptography_key",
+        "aws_paymentcryptography_key_alias",
+        "aws_pinpoint_adm_channel",
+        "aws_pinpoint_apns_channel",
+        "aws_pinpoint_apns_sandbox_channel",
+        "aws_pinpoint_apns_voip_channel",
+        "aws_pinpoint_apns_voip_sandbox_channel",
+        "aws_pinpoint_app",
+        "aws_pinpoint_baidu_channel",
+        "aws_pinpoint_email_channel",
+        "aws_pinpoint_email_template",
+        "aws_pinpoint_event_stream",
+        "aws_pinpoint_gcm_channel",
+        "aws_pinpoint_sms_channel",
+        "aws_pinpointsmsvoicev2_configuration_set",
+        "aws_pinpointsmsvoicev2_opt_out_list",
+        "aws_pinpointsmsvoicev2_phone_number",
+        "aws_pipes_pipe",
+        "aws_placement_group",
+        "aws_prometheus_alert_manager_definition",
+        "aws_prometheus_query_logging_configuration",
+        "aws_prometheus_resource_policy",
+        "aws_prometheus_rule_group_namespace",
+        "aws_prometheus_scraper",
+        "aws_prometheus_workspace",
+        "aws_prometheus_workspace_configuration",
+        "aws_proxy_protocol_policy",
+        "aws_qbusiness_application",
+        "aws_qldb_ledger",
+        "aws_qldb_stream",
+        "aws_quicksight_account_settings",
+        "aws_quicksight_account_subscription",
+        "aws_quicksight_analysis",
+        "aws_quicksight_custom_permissions",
+        "aws_quicksight_dashboard",
+        "aws_quicksight_data_set",
+        "aws_quicksight_data_source",
+        "aws_quicksight_folder",
+        "aws_quicksight_folder_membership",
+        "aws_quicksight_group",
+        "aws_quicksight_group_membership",
+        "aws_quicksight_iam_policy_assignment",
+        "aws_quicksight_ingestion",
+        "aws_quicksight_ip_restriction",
+        "aws_quicksight_key_registration",
+        "aws_quicksight_namespace",
+        "aws_quicksight_refresh_schedule",
+        "aws_quicksight_role_custom_permission",
+        "aws_quicksight_role_membership",
+        "aws_quicksight_template",
+        "aws_quicksight_template_alias",
+        "aws_quicksight_theme",
+        "aws_quicksight_user",
+        "aws_quicksight_user_custom_permission",
+        "aws_quicksight_vpc_connection",
+        "aws_ram_principal_association",
+        "aws_ram_resource_association",
+        "aws_ram_resource_share",
+        "aws_ram_resource_share_accepter",
+        "aws_ram_sharing_with_organization",
+        "aws_rbin_rule",
+        "aws_rds_certificate",
+        "aws_rds_cluster",
+        "aws_rds_cluster_activity_stream",
+        "aws_rds_cluster_endpoint",
+        "aws_rds_cluster_instance",
+        "aws_rds_cluster_parameter_group",
+        "aws_rds_cluster_role_association",
+        "aws_rds_cluster_snapshot_copy",
+        "aws_rds_custom_db_engine_version",
+        "aws_rds_export_task",
+        "aws_rds_global_cluster",
+        "aws_rds_instance_state",
+        "aws_rds_integration",
+        "aws_rds_reserved_instance",
+        "aws_rds_shard_group",
+        "aws_redshift_authentication_profile",
+        "aws_redshift_cluster",
+        "aws_redshift_cluster_iam_roles",
+        "aws_redshift_cluster_snapshot",
+        "aws_redshift_data_share_authorization",
+        "aws_redshift_data_share_consumer_association",
+        "aws_redshift_endpoint_access",
+        "aws_redshift_endpoint_authorization",
+        "aws_redshift_event_subscription",
+        "aws_redshift_hsm_client_certificate",
+        "aws_redshift_hsm_configuration",
+        "aws_redshift_integration",
+        "aws_redshift_logging",
+        "aws_redshift_parameter_group",
+        "aws_redshift_partner",
+        "aws_redshift_resource_policy",
+        "aws_redshift_scheduled_action",
+        "aws_redshift_snapshot_copy",
+        "aws_redshift_snapshot_copy_grant",
+        "aws_redshift_snapshot_schedule",
+        "aws_redshift_snapshot_schedule_association",
+        "aws_redshift_subnet_group",
+        "aws_redshift_usage_limit",
+        "aws_redshiftdata_statement",
+        "aws_redshiftserverless_custom_domain_association",
+        "aws_redshiftserverless_endpoint_access",
+        "aws_redshiftserverless_namespace",
+        "aws_redshiftserverless_resource_policy",
+        "aws_redshiftserverless_snapshot",
+        "aws_redshiftserverless_usage_limit",
+        "aws_redshiftserverless_workgroup",
+        "aws_rekognition_collection",
+        "aws_rekognition_project",
+        "aws_rekognition_stream_processor",
+        "aws_resiliencehub_resiliency_policy",
+        "aws_resourceexplorer2_index",
+        "aws_resourceexplorer2_view",
+        "aws_resourcegroups_group",
+        "aws_resourcegroups_resource",
+        "aws_rolesanywhere_profile",
+        "aws_rolesanywhere_trust_anchor",
+        "aws_route",
+        "aws_route53_cidr_collection",
+        "aws_route53_cidr_location",
+        "aws_route53_delegation_set",
+        "aws_route53_health_check",
+        "aws_route53_hosted_zone_dnssec",
+        "aws_route53_key_signing_key",
+        "aws_route53_query_log",
+        "aws_route53_record",
+        "aws_route53_records_exclusive",
+        "aws_route53_resolver_config",
+        "aws_route53_resolver_dnssec_config",
+        "aws_route53_resolver_endpoint",
+        "aws_route53_resolver_firewall_config",
+        "aws_route53_resolver_firewall_domain_list",
+        "aws_route53_resolver_firewall_rule",
+        "aws_route53_resolver_firewall_rule_group",
+        "aws_route53_resolver_firewall_rule_group_association",
+        "aws_route53_resolver_query_log_config",
+        "aws_route53_resolver_query_log_config_association",
+        "aws_route53_resolver_rule",
+        "aws_route53_resolver_rule_association",
+        "aws_route53_traffic_policy",
+        "aws_route53_traffic_policy_instance",
+        "aws_route53_vpc_association_authorization",
+        "aws_route53_zone",
+        "aws_route53_zone_association",
+        "aws_route53domains_delegation_signer_record",
+        "aws_route53domains_domain",
+        "aws_route53domains_registered_domain",
+        "aws_route53profiles_association",
+        "aws_route53profiles_profile",
+        "aws_route53profiles_resource_association",
+        "aws_route53recoverycontrolconfig_cluster",
+        "aws_route53recoverycontrolconfig_control_panel",
+        "aws_route53recoverycontrolconfig_routing_control",
+        "aws_route53recoverycontrolconfig_safety_rule",
+        "aws_route53recoveryreadiness_cell",
+        "aws_route53recoveryreadiness_readiness_check",
+        "aws_route53recoveryreadiness_recovery_group",
+        "aws_route53recoveryreadiness_resource_set",
+        "aws_route_table",
+        "aws_route_table_association",
+        "aws_rum_app_monitor",
+        "aws_rum_metrics_destination",
+        "aws_s3_access_point",
+        "aws_s3_account_public_access_block",
+        "aws_s3_bucket",
+        "aws_s3_bucket_accelerate_configuration",
+        "aws_s3_bucket_acl",
+        "aws_s3_bucket_analytics_configuration",
+        "aws_s3_bucket_cors_configuration",
+        "aws_s3_bucket_intelligent_tiering_configuration",
+        "aws_s3_bucket_inventory",
+        "aws_s3_bucket_lifecycle_configuration",
+        "aws_s3_bucket_logging",
+        "aws_s3_bucket_metadata_configuration",
+        "aws_s3_bucket_metric",
+        "aws_s3_bucket_notification",
+        "aws_s3_bucket_object",
+        "aws_s3_bucket_object_lock_configuration",
+        "aws_s3_bucket_ownership_controls",
+        "aws_s3_bucket_policy",
+        "aws_s3_bucket_public_access_block",
+        "aws_s3_bucket_replication_configuration",
+        "aws_s3_bucket_request_payment_configuration",
+        "aws_s3_bucket_server_side_encryption_configuration",
+        "aws_s3_bucket_versioning",
+        "aws_s3_bucket_website_configuration",
+        "aws_s3_directory_bucket",
+        "aws_s3_object",
+        "aws_s3_object_copy",
+        "aws_s3control_access_grant",
+        "aws_s3control_access_grants_instance",
+        "aws_s3control_access_grants_instance_resource_policy",
+        "aws_s3control_access_grants_location",
+        "aws_s3control_access_point_policy",
+        "aws_s3control_bucket",
+        "aws_s3control_bucket_lifecycle_configuration",
+        "aws_s3control_bucket_policy",
+        "aws_s3control_directory_bucket_access_point_scope",
+        "aws_s3control_multi_region_access_point",
+        "aws_s3control_multi_region_access_point_policy",
+        "aws_s3control_object_lambda_access_point",
+        "aws_s3control_object_lambda_access_point_policy",
+        "aws_s3control_storage_lens_configuration",
+        "aws_s3outposts_endpoint",
+        "aws_s3tables_namespace",
+        "aws_s3tables_table",
+        "aws_s3tables_table_bucket",
+        "aws_s3tables_table_bucket_policy",
+        "aws_s3tables_table_policy",
+        "aws_sagemaker_app",
+        "aws_sagemaker_app_image_config",
+        "aws_sagemaker_code_repository",
+        "aws_sagemaker_data_quality_job_definition",
+        "aws_sagemaker_device",
+        "aws_sagemaker_device_fleet",
+        "aws_sagemaker_domain",
+        "aws_sagemaker_endpoint",
+        "aws_sagemaker_endpoint_configuration",
+        "aws_sagemaker_feature_group",
+        "aws_sagemaker_flow_definition",
+        "aws_sagemaker_hub",
+        "aws_sagemaker_human_task_ui",
+        "aws_sagemaker_image",
+        "aws_sagemaker_image_version",
+        "aws_sagemaker_mlflow_tracking_server",
+        "aws_sagemaker_model",
+        "aws_sagemaker_model_package_group",
+        "aws_sagemaker_model_package_group_policy",
+        "aws_sagemaker_monitoring_schedule",
+        "aws_sagemaker_notebook_instance",
+        "aws_sagemaker_notebook_instance_lifecycle_configuration",
+        "aws_sagemaker_pipeline",
+        "aws_sagemaker_project",
+        "aws_sagemaker_servicecatalog_portfolio_status",
+        "aws_sagemaker_space",
+        "aws_sagemaker_studio_lifecycle_config",
+        "aws_sagemaker_user_profile",
+        "aws_sagemaker_workforce",
+        "aws_sagemaker_workteam",
+        "aws_scheduler_schedule",
+        "aws_scheduler_schedule_group",
+        "aws_schemas_discoverer",
+        "aws_schemas_registry",
+        "aws_schemas_registry_policy",
+        "aws_schemas_schema",
+        "aws_secretsmanager_secret",
+        "aws_secretsmanager_secret_policy",
+        "aws_secretsmanager_secret_rotation",
+        "aws_secretsmanager_secret_version",
+        "aws_security_group",
+        "aws_security_group_rule",
+        "aws_securityhub_account",
+        "aws_securityhub_action_target",
+        "aws_securityhub_automation_rule",
+        "aws_securityhub_configuration_policy",
+        "aws_securityhub_configuration_policy_association",
+        "aws_securityhub_finding_aggregator",
+        "aws_securityhub_insight",
+        "aws_securityhub_invite_accepter",
+        "aws_securityhub_member",
+        "aws_securityhub_organization_admin_account",
+        "aws_securityhub_organization_configuration",
+        "aws_securityhub_product_subscription",
+        "aws_securityhub_standards_control",
+        "aws_securityhub_standards_control_association",
+        "aws_securityhub_standards_subscription",
+        "aws_securitylake_aws_log_source",
+        "aws_securitylake_custom_log_source",
+        "aws_securitylake_data_lake",
+        "aws_securitylake_subscriber",
+        "aws_securitylake_subscriber_notification",
+        "aws_serverlessapplicationrepository_cloudformation_stack",
+        "aws_service_discovery_http_namespace",
+        "aws_service_discovery_instance",
+        "aws_service_discovery_private_dns_namespace",
+        "aws_service_discovery_public_dns_namespace",
+        "aws_service_discovery_service",
+        "aws_servicecatalog_budget_resource_association",
+        "aws_servicecatalog_constraint",
+        "aws_servicecatalog_organizations_access",
+        "aws_servicecatalog_portfolio",
+        "aws_servicecatalog_portfolio_share",
+        "aws_servicecatalog_principal_portfolio_association",
+        "aws_servicecatalog_product",
+        "aws_servicecatalog_product_portfolio_association",
+        "aws_servicecatalog_provisioned_product",
+        "aws_servicecatalog_provisioning_artifact",
+        "aws_servicecatalog_service_action",
+        "aws_servicecatalog_tag_option",
+        "aws_servicecatalog_tag_option_resource_association",
+        "aws_servicecatalogappregistry_application",
+        "aws_servicecatalogappregistry_attribute_group",
+        "aws_servicecatalogappregistry_attribute_group_association",
+        "aws_servicequotas_service_quota",
+        "aws_servicequotas_template",
+        "aws_servicequotas_template_association",
+        "aws_ses_active_receipt_rule_set",
+        "aws_ses_configuration_set",
+        "aws_ses_domain_dkim",
+        "aws_ses_domain_identity",
+        "aws_ses_domain_identity_verification",
+        "aws_ses_domain_mail_from",
+        "aws_ses_email_identity",
+        "aws_ses_event_destination",
+        "aws_ses_identity_notification_topic",
+        "aws_ses_identity_policy",
+        "aws_ses_receipt_filter",
+        "aws_ses_receipt_rule",
+        "aws_ses_receipt_rule_set",
+        "aws_ses_template",
+        "aws_sesv2_account_suppression_attributes",
+        "aws_sesv2_account_vdm_attributes",
+        "aws_sesv2_configuration_set",
+        "aws_sesv2_configuration_set_event_destination",
+        "aws_sesv2_contact_list",
+        "aws_sesv2_dedicated_ip_assignment",
+        "aws_sesv2_dedicated_ip_pool",
+        "aws_sesv2_email_identity",
+        "aws_sesv2_email_identity_feedback_attributes",
+        "aws_sesv2_email_identity_mail_from_attributes",
+        "aws_sesv2_email_identity_policy",
+        "aws_sfn_activity",
+        "aws_sfn_alias",
+        "aws_sfn_state_machine",
+        "aws_shield_application_layer_automatic_response",
+        "aws_shield_drt_access_log_bucket_association",
+        "aws_shield_drt_access_role_arn_association",
+        "aws_shield_proactive_engagement",
+        "aws_shield_protection",
+        "aws_shield_protection_group",
+        "aws_shield_protection_health_check_association",
+        "aws_shield_subscription",
+        "aws_signer_signing_job",
+        "aws_signer_signing_profile",
+        "aws_signer_signing_profile_permission",
+        "aws_snapshot_create_volume_permission",
+        "aws_sns_platform_application",
+        "aws_sns_sms_preferences",
+        "aws_sns_topic",
+        "aws_sns_topic_data_protection_policy",
+        "aws_sns_topic_policy",
+        "aws_sns_topic_subscription",
+        "aws_spot_datafeed_subscription",
+        "aws_spot_fleet_request",
+        "aws_spot_instance_request",
+        "aws_sqs_queue",
+        "aws_sqs_queue_policy",
+        "aws_sqs_queue_redrive_allow_policy",
+        "aws_sqs_queue_redrive_policy",
+        "aws_ssm_activation",
+        "aws_ssm_association",
+        "aws_ssm_default_patch_baseline",
+        "aws_ssm_document",
+        "aws_ssm_maintenance_window",
+        "aws_ssm_maintenance_window_target",
+        "aws_ssm_maintenance_window_task",
+        "aws_ssm_parameter",
+        "aws_ssm_patch_baseline",
+        "aws_ssm_patch_group",
+        "aws_ssm_resource_data_sync",
+        "aws_ssm_service_setting",
+        "aws_ssmcontacts_contact",
+        "aws_ssmcontacts_contact_channel",
+        "aws_ssmcontacts_plan",
+        "aws_ssmcontacts_rotation",
+        "aws_ssmincidents_replication_set",
+        "aws_ssmincidents_response_plan",
+        "aws_ssmquicksetup_configuration_manager",
+        "aws_ssoadmin_account_assignment",
+        "aws_ssoadmin_application",
+        "aws_ssoadmin_application_access_scope",
+        "aws_ssoadmin_application_assignment",
+        "aws_ssoadmin_application_assignment_configuration",
+        "aws_ssoadmin_customer_managed_policy_attachment",
+        "aws_ssoadmin_instance_access_control_attributes",
+        "aws_ssoadmin_managed_policy_attachment",
+        "aws_ssoadmin_permission_set",
+        "aws_ssoadmin_permission_set_inline_policy",
+        "aws_ssoadmin_permissions_boundary_attachment",
+        "aws_ssoadmin_trusted_token_issuer",
+        "aws_storagegateway_cache",
+        "aws_storagegateway_cached_iscsi_volume",
+        "aws_storagegateway_file_system_association",
+        "aws_storagegateway_gateway",
+        "aws_storagegateway_nfs_file_share",
+        "aws_storagegateway_smb_file_share",
+        "aws_storagegateway_stored_iscsi_volume",
+        "aws_storagegateway_tape_pool",
+        "aws_storagegateway_upload_buffer",
+        "aws_storagegateway_working_storage",
+        "aws_subnet",
+        "aws_swf_domain",
+        "aws_synthetics_canary",
+        "aws_synthetics_group",
+        "aws_synthetics_group_association",
+        "aws_timestreaminfluxdb_db_cluster",
+        "aws_timestreaminfluxdb_db_instance",
+        "aws_timestreamquery_scheduled_query",
+        "aws_timestreamwrite_database",
+        "aws_timestreamwrite_table",
+        "aws_transcribe_language_model",
+        "aws_transcribe_medical_vocabulary",
+        "aws_transcribe_vocabulary",
+        "aws_transcribe_vocabulary_filter",
+        "aws_transfer_access",
+        "aws_transfer_agreement",
+        "aws_transfer_certificate",
+        "aws_transfer_connector",
+        "aws_transfer_host_key",
+        "aws_transfer_profile",
+        "aws_transfer_server",
+        "aws_transfer_ssh_key",
+        "aws_transfer_tag",
+        "aws_transfer_user",
+        "aws_transfer_web_app",
+        "aws_transfer_web_app_customization",
+        "aws_transfer_workflow",
+        "aws_verifiedaccess_endpoint",
+        "aws_verifiedaccess_group",
+        "aws_verifiedaccess_instance",
+        "aws_verifiedaccess_instance_logging_configuration",
+        "aws_verifiedaccess_instance_trust_provider_attachment",
+        "aws_verifiedaccess_trust_provider",
+        "aws_verifiedpermissions_identity_source",
+        "aws_verifiedpermissions_policy",
+        "aws_verifiedpermissions_policy_store",
+        "aws_verifiedpermissions_policy_template",
+        "aws_verifiedpermissions_schema",
+        "aws_volume_attachment",
+        "aws_vpc",
+        "aws_vpc_block_public_access_exclusion",
+        "aws_vpc_block_public_access_options",
+        "aws_vpc_dhcp_options",
+        "aws_vpc_dhcp_options_association",
+        "aws_vpc_endpoint",
+        "aws_vpc_endpoint_connection_accepter",
+        "aws_vpc_endpoint_connection_notification",
+        "aws_vpc_endpoint_policy",
+        "aws_vpc_endpoint_private_dns",
+        "aws_vpc_endpoint_route_table_association",
+        "aws_vpc_endpoint_security_group_association",
+        "aws_vpc_endpoint_service",
+        "aws_vpc_endpoint_service_allowed_principal",
+        "aws_vpc_endpoint_service_private_dns_verification",
+        "aws_vpc_endpoint_subnet_association",
+        "aws_vpc_ipam",
+        "aws_vpc_ipam_organization_admin_account",
+        "aws_vpc_ipam_pool",
+        "aws_vpc_ipam_pool_cidr",
+        "aws_vpc_ipam_pool_cidr_allocation",
+        "aws_vpc_ipam_preview_next_cidr",
+        "aws_vpc_ipam_resource_discovery",
+        "aws_vpc_ipam_resource_discovery_association",
+        "aws_vpc_ipam_scope",
+        "aws_vpc_ipv4_cidr_block_association",
+        "aws_vpc_ipv6_cidr_block_association",
+        "aws_vpc_network_performance_metric_subscription",
+        "aws_vpc_peering_connection",
+        "aws_vpc_peering_connection_accepter",
+        "aws_vpc_peering_connection_options",
+        "aws_vpc_route_server",
+        "aws_vpc_route_server_association",
+        "aws_vpc_route_server_endpoint",
+        "aws_vpc_route_server_peer",
+        "aws_vpc_route_server_propagation",
+        "aws_vpc_route_server_vpc_association",
+        "aws_vpc_security_group_egress_rule",
+        "aws_vpc_security_group_ingress_rule",
+        "aws_vpc_security_group_vpc_association",
+        "aws_vpclattice_access_log_subscription",
+        "aws_vpclattice_auth_policy",
+        "aws_vpclattice_listener",
+        "aws_vpclattice_listener_rule",
+        "aws_vpclattice_resource_configuration",
+        "aws_vpclattice_resource_gateway",
+        "aws_vpclattice_resource_policy",
+        "aws_vpclattice_service",
+        "aws_vpclattice_service_network",
+        "aws_vpclattice_service_network_resource_association",
+        "aws_vpclattice_service_network_service_association",
+        "aws_vpclattice_service_network_vpc_association",
+        "aws_vpclattice_target_group",
+        "aws_vpclattice_target_group_attachment",
+        "aws_vpn_connection",
+        "aws_vpn_connection_route",
+        "aws_vpn_gateway",
+        "aws_vpn_gateway_attachment",
+        "aws_vpn_gateway_route_propagation",
+        "aws_waf_byte_match_set",
+        "aws_waf_geo_match_set",
+        "aws_waf_ipset",
+        "aws_waf_rate_based_rule",
+        "aws_waf_regex_match_set",
+        "aws_waf_regex_pattern_set",
+        "aws_waf_rule",
+        "aws_waf_rule_group",
+        "aws_waf_size_constraint_set",
+        "aws_waf_sql_injection_match_set",
+        "aws_waf_web_acl",
+        "aws_waf_xss_match_set",
+        "aws_wafregional_byte_match_set",
+        "aws_wafregional_geo_match_set",
+        "aws_wafregional_ipset",
+        "aws_wafregional_rate_based_rule",
+        "aws_wafregional_regex_match_set",
+        "aws_wafregional_regex_pattern_set",
+        "aws_wafregional_rule",
+        "aws_wafregional_rule_group",
+        "aws_wafregional_size_constraint_set",
+        "aws_wafregional_sql_injection_match_set",
+        "aws_wafregional_web_acl",
+        "aws_wafregional_web_acl_association",
+        "aws_wafregional_xss_match_set",
+        "aws_wafv2_api_key",
+        "aws_wafv2_ip_set",
+        "aws_wafv2_regex_pattern_set",
+        "aws_wafv2_rule_group",
+        "aws_wafv2_web_acl",
+        "aws_wafv2_web_acl_association",
+        "aws_wafv2_web_acl_logging_configuration",
+        "aws_wafv2_web_acl_rule_group_association",
+        "aws_workspaces_connection_alias",
+        "aws_workspaces_directory",
+        "aws_workspaces_ip_group",
+        "aws_workspaces_workspace",
+        "aws_workspacesweb_browser_settings",
+        "aws_workspacesweb_browser_settings_association",
+        "aws_workspacesweb_data_protection_settings",
+        "aws_workspacesweb_data_protection_settings_association",
+        "aws_workspacesweb_identity_provider",
+        "aws_workspacesweb_ip_access_settings",
+        "aws_workspacesweb_ip_access_settings_association",
+        "aws_workspacesweb_network_settings",
+        "aws_workspacesweb_network_settings_association",
+        "aws_workspacesweb_portal",
+        "aws_workspacesweb_session_logger",
+        "aws_workspacesweb_session_logger_association",
+        "aws_workspacesweb_trust_store",
+        "aws_workspacesweb_trust_store_association",
+        "aws_workspacesweb_user_access_logging_settings",
+        "aws_workspacesweb_user_access_logging_settings_association",
+        "aws_workspacesweb_user_settings",
+        "aws_workspacesweb_user_settings_association",
+        "aws_xray_encryption_config",
+        "aws_xray_group",
+        "aws_xray_resource_policy",
+        "aws_xray_sampling_rule"
+    ],
+    "dataSources": [
+        "aws_account_primary_contact",
+        "aws_acm_certificate",
+        "aws_acmpca_certificate",
+        "aws_acmpca_certificate_authority",
+        "aws_ami",
+        "aws_ami_ids",
+        "aws_api_gateway_api_key",
+        "aws_api_gateway_api_keys",
+        "aws_api_gateway_authorizer",
+        "aws_api_gateway_authorizers",
+        "aws_api_gateway_domain_name",
+        "aws_api_gateway_export",
+        "aws_api_gateway_resource",
+        "aws_api_gateway_rest_api",
+        "aws_api_gateway_sdk",
+        "aws_api_gateway_vpc_link",
+        "aws_apigatewayv2_api",
+        "aws_apigatewayv2_apis",
+        "aws_apigatewayv2_export",
+        "aws_apigatewayv2_vpc_link",
+        "aws_appconfig_application",
+        "aws_appconfig_configuration_profile",
+        "aws_appconfig_configuration_profiles",
+        "aws_appconfig_environment",
+        "aws_appconfig_environments",
+        "aws_appintegrations_event_integration",
+        "aws_appmesh_gateway_route",
+        "aws_appmesh_mesh",
+        "aws_appmesh_route",
+        "aws_appmesh_virtual_gateway",
+        "aws_appmesh_virtual_node",
+        "aws_appmesh_virtual_router",
+        "aws_appmesh_virtual_service",
+        "aws_apprunner_hosted_zone_id",
+        "aws_appstream_image",
+        "aws_arn",
+        "aws_athena_named_query",
+        "aws_auditmanager_control",
+        "aws_auditmanager_framework",
+        "aws_autoscaling_group",
+        "aws_autoscaling_groups",
+        "aws_availability_zone",
+        "aws_availability_zones",
+        "aws_backup_framework",
+        "aws_backup_plan",
+        "aws_backup_report_plan",
+        "aws_backup_selection",
+        "aws_backup_vault",
+        "aws_batch_compute_environment",
+        "aws_batch_job_definition",
+        "aws_batch_job_queue",
+        "aws_batch_scheduling_policy",
+        "aws_bedrock_custom_model",
+        "aws_bedrock_custom_models",
+        "aws_bedrock_foundation_model",
+        "aws_bedrock_foundation_models",
+        "aws_bedrock_inference_profile",
+        "aws_bedrock_inference_profiles",
+        "aws_bedrockagent_agent_versions",
+        "aws_billing_service_account",
+        "aws_billing_views",
+        "aws_budgets_budget",
+        "aws_caller_identity",
+        "aws_canonical_user_id",
+        "aws_ce_cost_category",
+        "aws_ce_tags",
+        "aws_chatbot_slack_workspace",
+        "aws_cloudcontrolapi_resource",
+        "aws_cloudformation_export",
+        "aws_cloudformation_stack",
+        "aws_cloudformation_type",
+        "aws_cloudfront_cache_policy",
+        "aws_cloudfront_distribution",
+        "aws_cloudfront_function",
+        "aws_cloudfront_log_delivery_canonical_user_id",
+        "aws_cloudfront_origin_access_control",
+        "aws_cloudfront_origin_access_identities",
+        "aws_cloudfront_origin_access_identity",
+        "aws_cloudfront_origin_request_policy",
+        "aws_cloudfront_realtime_log_config",
+        "aws_cloudfront_response_headers_policy",
+        "aws_cloudhsm_v2_cluster",
+        "aws_cloudtrail_service_account",
+        "aws_cloudwatch_contributor_managed_insight_rules",
+        "aws_cloudwatch_event_bus",
+        "aws_cloudwatch_event_buses",
+        "aws_cloudwatch_event_connection",
+        "aws_cloudwatch_event_source",
+        "aws_cloudwatch_log_data_protection_policy_document",
+        "aws_cloudwatch_log_group",
+        "aws_cloudwatch_log_groups",
+        "aws_codeartifact_authorization_token",
+        "aws_codeartifact_repository_endpoint",
+        "aws_codebuild_fleet",
+        "aws_codecatalyst_dev_environment",
+        "aws_codecommit_approval_rule_template",
+        "aws_codecommit_repository",
+        "aws_codeguruprofiler_profiling_group",
+        "aws_codestarconnections_connection",
+        "aws_cognito_identity_pool",
+        "aws_cognito_user_group",
+        "aws_cognito_user_groups",
+        "aws_cognito_user_pool",
+        "aws_cognito_user_pool_client",
+        "aws_cognito_user_pool_clients",
+        "aws_cognito_user_pool_signing_certificate",
+        "aws_cognito_user_pools",
+        "aws_connect_bot_association",
+        "aws_connect_contact_flow",
+        "aws_connect_contact_flow_module",
+        "aws_connect_hours_of_operation",
+        "aws_connect_instance",
+        "aws_connect_instance_storage_config",
+        "aws_connect_lambda_function_association",
+        "aws_connect_prompt",
+        "aws_connect_queue",
+        "aws_connect_quick_connect",
+        "aws_connect_routing_profile",
+        "aws_connect_security_profile",
+        "aws_connect_user",
+        "aws_connect_user_hierarchy_group",
+        "aws_connect_user_hierarchy_structure",
+        "aws_connect_vocabulary",
+        "aws_controltower_controls",
+        "aws_cur_report_definition",
+        "aws_customer_gateway",
+        "aws_datapipeline_pipeline",
+        "aws_datapipeline_pipeline_definition",
+        "aws_datazone_domain",
+        "aws_datazone_environment_blueprint",
+        "aws_db_cluster_snapshot",
+        "aws_db_event_categories",
+        "aws_db_instance",
+        "aws_db_instances",
+        "aws_db_parameter_group",
+        "aws_db_proxy",
+        "aws_db_snapshot",
+        "aws_db_subnet_group",
+        "aws_default_tags",
+        "aws_devopsguru_notification_channel",
+        "aws_devopsguru_resource_collection",
+        "aws_directory_service_directory",
+        "aws_dms_certificate",
+        "aws_dms_endpoint",
+        "aws_dms_replication_instance",
+        "aws_dms_replication_subnet_group",
+        "aws_dms_replication_task",
+        "aws_docdb_engine_version",
+        "aws_docdb_orderable_db_instance",
+        "aws_dx_connection",
+        "aws_dx_gateway",
+        "aws_dx_location",
+        "aws_dx_locations",
+        "aws_dx_router_configuration",
+        "aws_dynamodb_table",
+        "aws_dynamodb_table_item",
+        "aws_dynamodb_tables",
+        "aws_ebs_default_kms_key",
+        "aws_ebs_encryption_by_default",
+        "aws_ebs_snapshot",
+        "aws_ebs_snapshot_ids",
+        "aws_ebs_volume",
+        "aws_ebs_volumes",
+        "aws_ec2_capacity_block_offering",
+        "aws_ec2_client_vpn_endpoint",
+        "aws_ec2_coip_pool",
+        "aws_ec2_coip_pools",
+        "aws_ec2_host",
+        "aws_ec2_instance_type",
+        "aws_ec2_instance_type_offering",
+        "aws_ec2_instance_type_offerings",
+        "aws_ec2_instance_types",
+        "aws_ec2_local_gateway",
+        "aws_ec2_local_gateway_route_table",
+        "aws_ec2_local_gateway_route_tables",
+        "aws_ec2_local_gateway_virtual_interface",
+        "aws_ec2_local_gateway_virtual_interface_group",
+        "aws_ec2_local_gateway_virtual_interface_groups",
+        "aws_ec2_local_gateways",
+        "aws_ec2_managed_prefix_list",
+        "aws_ec2_managed_prefix_lists",
+        "aws_ec2_network_insights_analysis",
+        "aws_ec2_network_insights_path",
+        "aws_ec2_public_ipv4_pool",
+        "aws_ec2_public_ipv4_pools",
+        "aws_ec2_serial_console_access",
+        "aws_ec2_spot_price",
+        "aws_ec2_transit_gateway",
+        "aws_ec2_transit_gateway_attachment",
+        "aws_ec2_transit_gateway_attachments",
+        "aws_ec2_transit_gateway_connect",
+        "aws_ec2_transit_gateway_connect_peer",
+        "aws_ec2_transit_gateway_dx_gateway_attachment",
+        "aws_ec2_transit_gateway_multicast_domain",
+        "aws_ec2_transit_gateway_peering_attachment",
+        "aws_ec2_transit_gateway_peering_attachments",
+        "aws_ec2_transit_gateway_route_table",
+        "aws_ec2_transit_gateway_route_table_associations",
+        "aws_ec2_transit_gateway_route_table_propagations",
+        "aws_ec2_transit_gateway_route_table_routes",
+        "aws_ec2_transit_gateway_route_tables",
+        "aws_ec2_transit_gateway_vpc_attachment",
+        "aws_ec2_transit_gateway_vpc_attachments",
+        "aws_ec2_transit_gateway_vpn_attachment",
+        "aws_ecr_authorization_token",
+        "aws_ecr_image",
+        "aws_ecr_images",
+        "aws_ecr_lifecycle_policy_document",
+        "aws_ecr_pull_through_cache_rule",
+        "aws_ecr_repositories",
+        "aws_ecr_repository",
+        "aws_ecr_repository_creation_template",
+        "aws_ecrpublic_authorization_token",
+        "aws_ecrpublic_images",
+        "aws_ecs_cluster",
+        "aws_ecs_clusters",
+        "aws_ecs_container_definition",
+        "aws_ecs_service",
+        "aws_ecs_task_definition",
+        "aws_ecs_task_execution",
+        "aws_efs_access_point",
+        "aws_efs_access_points",
+        "aws_efs_file_system",
+        "aws_efs_mount_target",
+        "aws_eip",
+        "aws_eips",
+        "aws_eks_access_entry",
+        "aws_eks_addon",
+        "aws_eks_addon_version",
+        "aws_eks_cluster",
+        "aws_eks_cluster_auth",
+        "aws_eks_cluster_versions",
+        "aws_eks_clusters",
+        "aws_eks_node_group",
+        "aws_eks_node_groups",
+        "aws_elastic_beanstalk_application",
+        "aws_elastic_beanstalk_hosted_zone",
+        "aws_elastic_beanstalk_solution_stack",
+        "aws_elasticache_cluster",
+        "aws_elasticache_replication_group",
+        "aws_elasticache_reserved_cache_node_offering",
+        "aws_elasticache_serverless_cache",
+        "aws_elasticache_subnet_group",
+        "aws_elasticache_user",
+        "aws_elasticsearch_domain",
+        "aws_elb",
+        "aws_elb_hosted_zone_id",
+        "aws_elb_service_account",
+        "aws_emr_release_labels",
+        "aws_emr_supported_instance_types",
+        "aws_emrcontainers_virtual_cluster",
+        "aws_fis_experiment_templates",
+        "aws_fsx_ontap_file_system",
+        "aws_fsx_ontap_storage_virtual_machine",
+        "aws_fsx_ontap_storage_virtual_machines",
+        "aws_fsx_openzfs_snapshot",
+        "aws_fsx_windows_file_system",
+        "aws_globalaccelerator_accelerator",
+        "aws_globalaccelerator_custom_routing_accelerator",
+        "aws_glue_catalog_table",
+        "aws_glue_connection",
+        "aws_glue_data_catalog_encryption_settings",
+        "aws_glue_registry",
+        "aws_glue_script",
+        "aws_grafana_workspace",
+        "aws_guardduty_detector",
+        "aws_guardduty_finding_ids",
+        "aws_iam_access_keys",
+        "aws_iam_account_alias",
+        "aws_iam_group",
+        "aws_iam_instance_profile",
+        "aws_iam_instance_profiles",
+        "aws_iam_openid_connect_provider",
+        "aws_iam_policy",
+        "aws_iam_policy_document",
+        "aws_iam_principal_policy_simulation",
+        "aws_iam_role",
+        "aws_iam_roles",
+        "aws_iam_saml_provider",
+        "aws_iam_server_certificate",
+        "aws_iam_session_context",
+        "aws_iam_user",
+        "aws_iam_user_ssh_key",
+        "aws_iam_users",
+        "aws_identitystore_group",
+        "aws_identitystore_group_memberships",
+        "aws_identitystore_groups",
+        "aws_identitystore_user",
+        "aws_identitystore_users",
+        "aws_imagebuilder_component",
+        "aws_imagebuilder_components",
+        "aws_imagebuilder_container_recipe",
+        "aws_imagebuilder_container_recipes",
+        "aws_imagebuilder_distribution_configuration",
+        "aws_imagebuilder_distribution_configurations",
+        "aws_imagebuilder_image",
+        "aws_imagebuilder_image_pipeline",
+        "aws_imagebuilder_image_pipelines",
+        "aws_imagebuilder_image_recipe",
+        "aws_imagebuilder_image_recipes",
+        "aws_imagebuilder_infrastructure_configuration",
+        "aws_imagebuilder_infrastructure_configurations",
+        "aws_inspector_rules_packages",
+        "aws_instance",
+        "aws_instances",
+        "aws_internet_gateway",
+        "aws_iot_endpoint",
+        "aws_iot_registration_code",
+        "aws_ip_ranges",
+        "aws_ivs_stream_key",
+        "aws_kendra_experience",
+        "aws_kendra_faq",
+        "aws_kendra_index",
+        "aws_kendra_query_suggestions_block_list",
+        "aws_kendra_thesaurus",
+        "aws_key_pair",
+        "aws_kinesis_firehose_delivery_stream",
+        "aws_kinesis_stream",
+        "aws_kinesis_stream_consumer",
+        "aws_kms_alias",
+        "aws_kms_ciphertext",
+        "aws_kms_custom_key_store",
+        "aws_kms_key",
+        "aws_kms_public_key",
+        "aws_kms_secret",
+        "aws_kms_secrets",
+        "aws_lakeformation_data_lake_settings",
+        "aws_lakeformation_permissions",
+        "aws_lakeformation_resource",
+        "aws_lambda_alias",
+        "aws_lambda_code_signing_config",
+        "aws_lambda_function",
+        "aws_lambda_function_url",
+        "aws_lambda_functions",
+        "aws_lambda_invocation",
+        "aws_lambda_layer_version",
+        "aws_launch_configuration",
+        "aws_launch_template",
+        "aws_lb",
+        "aws_lb_hosted_zone_id",
+        "aws_lb_listener",
+        "aws_lb_listener_rule",
+        "aws_lb_target_group",
+        "aws_lb_trust_store",
+        "aws_lbs",
+        "aws_lex_bot",
+        "aws_lex_bot_alias",
+        "aws_lex_intent",
+        "aws_lex_slot_type",
+        "aws_licensemanager_grants",
+        "aws_licensemanager_received_license",
+        "aws_licensemanager_received_licenses",
+        "aws_location_geofence_collection",
+        "aws_location_map",
+        "aws_location_place_index",
+        "aws_location_route_calculator",
+        "aws_location_tracker",
+        "aws_location_tracker_association",
+        "aws_location_tracker_associations",
+        "aws_media_convert_queue",
+        "aws_medialive_input",
+        "aws_memorydb_acl",
+        "aws_memorydb_cluster",
+        "aws_memorydb_parameter_group",
+        "aws_memorydb_snapshot",
+        "aws_memorydb_subnet_group",
+        "aws_memorydb_user",
+        "aws_mq_broker",
+        "aws_mq_broker_engine_types",
+        "aws_mq_broker_instance_type_offerings",
+        "aws_msk_bootstrap_brokers",
+        "aws_msk_broker_nodes",
+        "aws_msk_cluster",
+        "aws_msk_configuration",
+        "aws_msk_kafka_version",
+        "aws_msk_vpc_connection",
+        "aws_mskconnect_connector",
+        "aws_mskconnect_custom_plugin",
+        "aws_mskconnect_worker_configuration",
+        "aws_nat_gateway",
+        "aws_nat_gateways",
+        "aws_neptune_engine_version",
+        "aws_neptune_orderable_db_instance",
+        "aws_network_acls",
+        "aws_network_interface",
+        "aws_network_interfaces",
+        "aws_networkfirewall_firewall",
+        "aws_networkfirewall_firewall_policy",
+        "aws_networkfirewall_resource_policy",
+        "aws_networkmanager_connection",
+        "aws_networkmanager_connections",
+        "aws_networkmanager_core_network_policy_document",
+        "aws_networkmanager_device",
+        "aws_networkmanager_devices",
+        "aws_networkmanager_global_network",
+        "aws_networkmanager_global_networks",
+        "aws_networkmanager_link",
+        "aws_networkmanager_links",
+        "aws_networkmanager_site",
+        "aws_networkmanager_sites",
+        "aws_oam_link",
+        "aws_oam_links",
+        "aws_oam_sink",
+        "aws_oam_sinks",
+        "aws_odb_cloud_autonomous_vm_cluster",
+        "aws_odb_cloud_autonomous_vm_clusters",
+        "aws_odb_cloud_exadata_infrastructure",
+        "aws_odb_cloud_exadata_infrastructures",
+        "aws_odb_cloud_vm_cluster",
+        "aws_odb_cloud_vm_clusters",
+        "aws_odb_db_node",
+        "aws_odb_db_nodes",
+        "aws_odb_db_server",
+        "aws_odb_db_servers",
+        "aws_odb_db_system_shapes",
+        "aws_odb_gi_versions",
+        "aws_odb_network",
+        "aws_odb_network_peering_connection",
+        "aws_odb_network_peering_connections",
+        "aws_odb_networks",
+        "aws_opensearch_domain",
+        "aws_opensearchserverless_access_policy",
+        "aws_opensearchserverless_collection",
+        "aws_opensearchserverless_lifecycle_policy",
+        "aws_opensearchserverless_security_config",
+        "aws_opensearchserverless_security_policy",
+        "aws_opensearchserverless_vpc_endpoint",
+        "aws_organizations_delegated_administrators",
+        "aws_organizations_delegated_services",
+        "aws_organizations_organization",
+        "aws_organizations_organizational_unit",
+        "aws_organizations_organizational_unit_child_accounts",
+        "aws_organizations_organizational_unit_descendant_accounts",
+        "aws_organizations_organizational_unit_descendant_organizational_units",
+        "aws_organizations_organizational_units",
+        "aws_organizations_policies",
+        "aws_organizations_policies_for_target",
+        "aws_organizations_policy",
+        "aws_organizations_resource_tags",
+        "aws_outposts_asset",
+        "aws_outposts_assets",
+        "aws_outposts_outpost",
+        "aws_outposts_outpost_instance_type",
+        "aws_outposts_outpost_instance_types",
+        "aws_outposts_outposts",
+        "aws_outposts_site",
+        "aws_outposts_sites",
+        "aws_partition",
+        "aws_polly_voices",
+        "aws_prefix_list",
+        "aws_pricing_product",
+        "aws_prometheus_default_scraper_configuration",
+        "aws_prometheus_workspace",
+        "aws_prometheus_workspaces",
+        "aws_qldb_ledger",
+        "aws_quicksight_analysis",
+        "aws_quicksight_data_set",
+        "aws_quicksight_group",
+        "aws_quicksight_theme",
+        "aws_quicksight_user",
+        "aws_ram_resource_share",
+        "aws_rds_certificate",
+        "aws_rds_cluster",
+        "aws_rds_cluster_parameter_group",
+        "aws_rds_clusters",
+        "aws_rds_engine_version",
+        "aws_rds_global_cluster",
+        "aws_rds_orderable_db_instance",
+        "aws_rds_reserved_instance_offering",
+        "aws_redshift_cluster",
+        "aws_redshift_cluster_credentials",
+        "aws_redshift_data_shares",
+        "aws_redshift_orderable_cluster",
+        "aws_redshift_producer_data_shares",
+        "aws_redshift_subnet_group",
+        "aws_redshiftserverless_credentials",
+        "aws_redshiftserverless_namespace",
+        "aws_redshiftserverless_workgroup",
+        "aws_region",
+        "aws_regions",
+        "aws_resourceexplorer2_search",
+        "aws_resourcegroupstaggingapi_resources",
+        "aws_route",
+        "aws_route53_delegation_set",
+        "aws_route53_records",
+        "aws_route53_resolver_endpoint",
+        "aws_route53_resolver_firewall_config",
+        "aws_route53_resolver_firewall_domain_list",
+        "aws_route53_resolver_firewall_rule_group",
+        "aws_route53_resolver_firewall_rule_group_association",
+        "aws_route53_resolver_firewall_rules",
+        "aws_route53_resolver_query_log_config",
+        "aws_route53_resolver_rule",
+        "aws_route53_resolver_rules",
+        "aws_route53_traffic_policy_document",
+        "aws_route53_zone",
+        "aws_route53_zones",
+        "aws_route53profiles_profiles",
+        "aws_route_table",
+        "aws_route_tables",
+        "aws_s3_access_point",
+        "aws_s3_account_public_access_block",
+        "aws_s3_bucket",
+        "aws_s3_bucket_object",
+        "aws_s3_bucket_objects",
+        "aws_s3_bucket_policy",
+        "aws_s3_directory_buckets",
+        "aws_s3_object",
+        "aws_s3_objects",
+        "aws_s3control_multi_region_access_point",
+        "aws_sagemaker_prebuilt_ecr_image",
+        "aws_secretsmanager_random_password",
+        "aws_secretsmanager_secret",
+        "aws_secretsmanager_secret_rotation",
+        "aws_secretsmanager_secret_version",
+        "aws_secretsmanager_secret_versions",
+        "aws_secretsmanager_secrets",
+        "aws_security_group",
+        "aws_security_groups",
+        "aws_securityhub_standards_control_associations",
+        "aws_serverlessapplicationrepository_application",
+        "aws_service",
+        "aws_service_discovery_dns_namespace",
+        "aws_service_discovery_http_namespace",
+        "aws_service_discovery_service",
+        "aws_service_principal",
+        "aws_servicecatalog_constraint",
+        "aws_servicecatalog_launch_paths",
+        "aws_servicecatalog_portfolio",
+        "aws_servicecatalog_portfolio_constraints",
+        "aws_servicecatalog_product",
+        "aws_servicecatalog_provisioning_artifacts",
+        "aws_servicecatalogappregistry_application",
+        "aws_servicecatalogappregistry_attribute_group",
+        "aws_servicecatalogappregistry_attribute_group_associations",
+        "aws_servicequotas_service",
+        "aws_servicequotas_service_quota",
+        "aws_servicequotas_templates",
+        "aws_ses_active_receipt_rule_set",
+        "aws_ses_domain_identity",
+        "aws_ses_email_identity",
+        "aws_sesv2_configuration_set",
+        "aws_sesv2_dedicated_ip_pool",
+        "aws_sesv2_email_identity",
+        "aws_sesv2_email_identity_mail_from_attributes",
+        "aws_sfn_activity",
+        "aws_sfn_alias",
+        "aws_sfn_state_machine",
+        "aws_sfn_state_machine_versions",
+        "aws_shield_protection",
+        "aws_signer_signing_job",
+        "aws_signer_signing_profile",
+        "aws_sns_topic",
+        "aws_spot_datafeed_subscription",
+        "aws_sqs_queue",
+        "aws_sqs_queues",
+        "aws_ssm_document",
+        "aws_ssm_instances",
+        "aws_ssm_maintenance_windows",
+        "aws_ssm_parameter",
+        "aws_ssm_parameters_by_path",
+        "aws_ssm_patch_baseline",
+        "aws_ssm_patch_baselines",
+        "aws_ssmcontacts_contact",
+        "aws_ssmcontacts_contact_channel",
+        "aws_ssmcontacts_plan",
+        "aws_ssmcontacts_rotation",
+        "aws_ssmincidents_replication_set",
+        "aws_ssmincidents_response_plan",
+        "aws_ssoadmin_application",
+        "aws_ssoadmin_application_assignments",
+        "aws_ssoadmin_application_providers",
+        "aws_ssoadmin_instances",
+        "aws_ssoadmin_permission_set",
+        "aws_ssoadmin_permission_sets",
+        "aws_ssoadmin_principal_application_assignments",
+        "aws_storagegateway_local_disk",
+        "aws_subnet",
+        "aws_subnet_ids",
+        "aws_subnets",
+        "aws_synthetics_runtime_version",
+        "aws_synthetics_runtime_versions",
+        "aws_timestreamwrite_database",
+        "aws_timestreamwrite_table",
+        "aws_transfer_connector",
+        "aws_transfer_server",
+        "aws_verifiedpermissions_policy_store",
+        "aws_vpc",
+        "aws_vpc_dhcp_options",
+        "aws_vpc_endpoint",
+        "aws_vpc_endpoint_associations",
+        "aws_vpc_endpoint_service",
+        "aws_vpc_ipam",
+        "aws_vpc_ipam_pool",
+        "aws_vpc_ipam_pool_cidrs",
+        "aws_vpc_ipam_pools",
+        "aws_vpc_ipam_preview_next_cidr",
+        "aws_vpc_ipams",
+        "aws_vpc_peering_connection",
+        "aws_vpc_peering_connections",
+        "aws_vpc_security_group_rule",
+        "aws_vpc_security_group_rules",
+        "aws_vpclattice_auth_policy",
+        "aws_vpclattice_listener",
+        "aws_vpclattice_resource_policy",
+        "aws_vpclattice_service",
+        "aws_vpclattice_service_network",
+        "aws_vpcs",
+        "aws_vpn_connection",
+        "aws_vpn_gateway",
+        "aws_waf_ipset",
+        "aws_waf_rate_based_rule",
+        "aws_waf_rule",
+        "aws_waf_subscribed_rule_group",
+        "aws_waf_web_acl",
+        "aws_wafregional_ipset",
+        "aws_wafregional_rate_based_rule",
+        "aws_wafregional_rule",
+        "aws_wafregional_subscribed_rule_group",
+        "aws_wafregional_web_acl",
+        "aws_wafv2_ip_set",
+        "aws_wafv2_regex_pattern_set",
+        "aws_wafv2_rule_group",
+        "aws_wafv2_web_acl",
+        "aws_workspaces_bundle",
+        "aws_workspaces_directory",
+        "aws_workspaces_image",
+        "aws_workspaces_workspace"
+    ]
+}
\ No newline at end of file
diff --git a/src/parse/azurerm-members.json b/src/parse/azurerm-members.json
index 5abf7b8b..753b8536 100755
--- a/src/parse/azurerm-members.json
+++ b/src/parse/azurerm-members.json
@@ -1,1440 +1,1519 @@
 {
-  "dataSources": [
-    "azurerm_aadb2c_directory",
-    "azurerm_active_directory_domain_service",
-    "azurerm_advisor_recommendations",
-    "azurerm_api_management",
-    "azurerm_api_management_api",
-    "azurerm_api_management_api_version_set",
-    "azurerm_api_management_gateway",
-    "azurerm_api_management_gateway_host_name_configuration",
-    "azurerm_api_management_group",
-    "azurerm_api_management_product",
-    "azurerm_api_management_subscription",
-    "azurerm_api_management_user",
-    "azurerm_app_configuration",
-    "azurerm_app_configuration_key",
-    "azurerm_app_configuration_keys",
-    "azurerm_app_service",
-    "azurerm_app_service_certificate",
-    "azurerm_app_service_certificate_order",
-    "azurerm_app_service_environment_v3",
-    "azurerm_app_service_plan",
-    "azurerm_application_gateway",
-    "azurerm_application_insights",
-    "azurerm_application_security_group",
-    "azurerm_arc_machine",
-    "azurerm_arc_resource_bridge_appliance",
-    "azurerm_attestation",
-    "azurerm_automation_account",
-    "azurerm_automation_runbook",
-    "azurerm_automation_variable_bool",
-    "azurerm_automation_variable_datetime",
-    "azurerm_automation_variable_int",
-    "azurerm_automation_variable_object",
-    "azurerm_automation_variable_string",
-    "azurerm_automation_variables",
-    "azurerm_availability_set",
-    "azurerm_backup_policy_file_share",
-    "azurerm_backup_policy_vm",
-    "azurerm_bastion_host",
-    "azurerm_batch_account",
-    "azurerm_batch_application",
-    "azurerm_batch_certificate",
-    "azurerm_batch_pool",
-    "azurerm_billing_enrollment_account_scope",
-    "azurerm_billing_mca_account_scope",
-    "azurerm_billing_mpa_account_scope",
-    "azurerm_blueprint_definition",
-    "azurerm_blueprint_published_version",
-    "azurerm_cdn_frontdoor_custom_domain",
-    "azurerm_cdn_frontdoor_endpoint",
-    "azurerm_cdn_frontdoor_firewall_policy",
-    "azurerm_cdn_frontdoor_origin_group",
-    "azurerm_cdn_frontdoor_profile",
-    "azurerm_cdn_frontdoor_rule_set",
-    "azurerm_cdn_frontdoor_secret",
-    "azurerm_cdn_profile",
-    "azurerm_client_config",
-    "azurerm_cognitive_account",
-    "azurerm_communication_service",
-    "azurerm_confidential_ledger",
-    "azurerm_consumption_budget_resource_group",
-    "azurerm_consumption_budget_subscription",
-    "azurerm_container_app",
-    "azurerm_container_app_environment.",
-    "azurerm_container_app_environment_certificate.",
-    "azurerm_container_app_environment_dapr_component.",
-    "azurerm_container_group",
-    "azurerm_container_registry",
-    "azurerm_container_registry_cache_rule",
-    "azurerm_container_registry_scope_map",
-    "azurerm_container_registry_token",
-    "azurerm_cosmosdb_account",
-    "azurerm_cosmosdb_mongo_database",
-    "azurerm_cosmosdb_restorable_database_accounts",
-    "azurerm_cosmosdb_sql_database",
-    "azurerm_dashboard_grafana",
-    "azurerm_data_factory",
-    "azurerm_data_factory_trigger_schedule",
-    "azurerm_data_factory_trigger_schedules",
-    "azurerm_data_lake_store",
-    "azurerm_data_protection_backup_vault",
-    "azurerm_data_share",
-    "azurerm_data_share_account",
-    "azurerm_data_share_dataset_blob_storage",
-    "azurerm_data_share_dataset_data_lake_gen1",
-    "azurerm_data_share_dataset_data_lake_gen2",
-    "azurerm_data_share_dataset_kusto_cluster",
-    "azurerm_data_share_dataset_kusto_database",
-    "azurerm_database_migration_project",
-    "azurerm_database_migration_service",
-    "azurerm_databricks_access_connector",
-    "azurerm_databricks_workspace",
-    "azurerm_databricks_workspace_private_endpoint_connection",
-    "azurerm_dedicated_host",
-    "azurerm_dedicated_host_group",
-    "azurerm_digital_twins_instance",
-    "azurerm_disk_access",
-    "azurerm_disk_encryption_set",
-    "azurerm_dns_a_record",
-    "azurerm_dns_aaaa_record",
-    "azurerm_dns_caa_record",
-    "azurerm_dns_cname_record",
-    "azurerm_dns_mx_record",
-    "azurerm_dns_ns_record",
-    "azurerm_dns_ptr_record",
-    "azurerm_dns_soa_record",
-    "azurerm_dns_srv_record",
-    "azurerm_dns_txt_record",
-    "azurerm_dns_zone",
-    "azurerm_dynatrace_monitor.",
-    "azurerm_elastic_cloud_elasticsearch",
-    "azurerm_elastic_san",
-    "azurerm_elastic_san_volume_group",
-    "azurerm_elastic_san_volume_snapshot",
-    "azurerm_eventgrid_domain",
-    "azurerm_eventgrid_domain_topic",
-    "azurerm_eventgrid_system_topic",
-    "azurerm_eventgrid_topic",
-    "azurerm_eventhub",
-    "azurerm_eventhub_cluster",
-    "azurerm_eventhub_consumer_group",
-    "azurerm_eventhub_namespace",
-    "azurerm_eventhub_namespace_authorization_rule",
-    "azurerm_eventhub_sas",
-    "azurerm_express_route_circuit",
-    "azurerm_express_route_circuit_peering",
-    "azurerm_extended_location_custom_location",
-    "azurerm_extended_locations",
-    "azurerm_firewall",
-    "azurerm_firewall_policy",
-    "azurerm_function_app",
-    "azurerm_function_app_host_keys",
-    "azurerm_hdinsight_cluster",
-    "azurerm_healthcare_dicom_service",
-    "azurerm_healthcare_fhir_service",
-    "azurerm_healthcare_medtech_service",
-    "azurerm_healthcare_service",
-    "azurerm_healthcare_workspace",
-    "azurerm_image",
-    "azurerm_images",
-    "azurerm_iothub",
-    "azurerm_iothub_dps",
-    "azurerm_iothub_dps_shared_access_policy",
-    "azurerm_iothub_shared_access_policy",
-    "azurerm_ip_group",
-    "azurerm_ip_groups",
-    "azurerm_key_vault",
-    "azurerm_key_vault_access_policy",
-    "azurerm_key_vault_certificate",
-    "azurerm_key_vault_certificate_data",
-    "azurerm_key_vault_certificate_issuer",
-    "azurerm_key_vault_certificates",
-    "azurerm_key_vault_encrypted_value",
-    "azurerm_key_vault_key",
-    "azurerm_key_vault_managed_hardware_security_module",
-    "azurerm_key_vault_managed_hardware_security_module_key",
-    "azurerm_key_vault_managed_hardware_security_module_role_definition",
-    "azurerm_key_vault_secret",
-    "azurerm_key_vault_secrets",
-    "azurerm_kubernetes_cluster",
-    "azurerm_kubernetes_cluster_node_pool",
-    "azurerm_kubernetes_fleet_manager",
-    "azurerm_kubernetes_node_pool_snapshot",
-    "azurerm_kubernetes_service_versions",
-    "azurerm_kusto_cluster",
-    "azurerm_kusto_database",
-    "azurerm_lb",
-    "azurerm_lb_backend_address_pool",
-    "azurerm_lb_outbound_rule",
-    "azurerm_lb_rule",
-    "azurerm_linux_function_app",
-    "azurerm_linux_web_app",
-    "azurerm_local_network_gateway",
-    "azurerm_location",
-    "azurerm_log_analytics_workspace",
-    "azurerm_logic_app_integration_account",
-    "azurerm_logic_app_standard",
-    "azurerm_logic_app_workflow",
-    "azurerm_machine_learning_workspace",
-    "azurerm_maintenance_configuration",
-    "azurerm_managed_api",
-    "azurerm_managed_application_definition",
-    "azurerm_managed_disk",
-    "azurerm_management_group",
-    "azurerm_management_group_template_deployment",
-    "azurerm_maps_account",
-    "azurerm_monitor_action_group",
-    "azurerm_monitor_data_collection_endpoint",
-    "azurerm_monitor_data_collection_rule",
-    "azurerm_monitor_diagnostic_categories",
-    "azurerm_monitor_scheduled_query_rules_alert",
-    "azurerm_monitor_scheduled_query_rules_log",
-    "azurerm_monitor_workspace",
-    "azurerm_mssql_database",
-    "azurerm_mssql_elasticpool",
-    "azurerm_mssql_managed_database",
-    "azurerm_mssql_managed_instance",
-    "azurerm_mssql_server",
-    "azurerm_nat_gateway",
-    "azurerm_netapp_account",
-    "azurerm_netapp_account_encryption",
-    "azurerm_netapp_pool",
-    "azurerm_netapp_snapshot",
-    "azurerm_netapp_snapshot_policy",
-    "azurerm_netapp_volume",
-    "azurerm_netapp_volume_group_oracle",
-    "azurerm_netapp_volume_group_sap_hana",
-    "azurerm_netapp_volume_quota_rule",
-    "azurerm_network_ddos_protection_plan",
-    "azurerm_network_interface",
-    "azurerm_network_manager_connectivity_configuration",
-    "azurerm_network_security_group",
-    "azurerm_network_service_tags",
-    "azurerm_network_watcher",
-    "azurerm_nginx_certificate",
-    "azurerm_nginx_configuration",
-    "azurerm_nginx_deployment",
-    "azurerm_notification_hub",
-    "azurerm_notification_hub_namespace",
-    "azurerm_oracle_adbs_character_sets",
-    "azurerm_oracle_adbs_national_character_sets",
-    "azurerm_oracle_autonomous_database",
-    "azurerm_oracle_cloud_vm_cluster",
-    "azurerm_oracle_db_nodes",
-    "azurerm_oracle_db_servers",
-    "azurerm_oracle_db_system_shapes",
-    "azurerm_oracle_exadata_infrastructure",
-    "azurerm_oracle_gi_versions",
-    "azurerm_orchestrated_virtual_machine_scale_set",
-    "azurerm_platform_image",
-    "azurerm_policy_assignment",
-    "azurerm_policy_definition",
-    "azurerm_policy_definition_built_in",
-    "azurerm_policy_set_definition",
-    "azurerm_policy_virtual_machine_configuration_assignment",
-    "azurerm_portal_dashboard",
-    "azurerm_postgresql_flexible_server",
-    "azurerm_postgresql_server",
-    "azurerm_private_dns_a_record",
-    "azurerm_private_dns_aaaa_record",
-    "azurerm_private_dns_cname_record",
-    "azurerm_private_dns_mx_record",
-    "azurerm_private_dns_ptr_record",
-    "azurerm_private_dns_resolver",
-    "azurerm_private_dns_resolver_dns_forwarding_ruleset",
-    "azurerm_private_dns_resolver_forwarding_rule",
-    "azurerm_private_dns_resolver_inbound_endpoint",
-    "azurerm_private_dns_resolver_outbound_endpoint",
-    "azurerm_private_dns_resolver_virtual_network_link",
-    "azurerm_private_dns_soa_record",
-    "azurerm_private_dns_srv_record",
-    "azurerm_private_dns_txt_record",
-    "azurerm_private_dns_zone",
-    "azurerm_private_dns_zone_virtual_network_link",
-    "azurerm_private_endpoint_connection",
-    "azurerm_private_link_service",
-    "azurerm_private_link_service_endpoint_connections",
-    "azurerm_proximity_placement_group",
-    "azurerm_public_ip",
-    "azurerm_public_ip_prefix",
-    "azurerm_public_ips",
-    "azurerm_public_maintenance_configurations",
-    "azurerm_recovery_services_vault",
-    "azurerm_redis_cache",
-    "azurerm_redis_enterprise_database",
-    "azurerm_resource_group",
-    "azurerm_resource_group_template_deployment",
-    "azurerm_resources",
-    "azurerm_role_definition",
-    "azurerm_role_management_policy",
-    "azurerm_route_filter",
-    "azurerm_route_table",
-    "azurerm_sentinel_alert_rule",
-    "azurerm_sentinel_alert_rule_anomaly",
-    "azurerm_sentinel_alert_rule_template",
-    "azurerm_service_plan",
-    "azurerm_servicebus_namespace",
-    "azurerm_servicebus_namespace_authorization_rule",
-    "azurerm_servicebus_namespace_disaster_recovery_config",
-    "azurerm_servicebus_queue",
-    "azurerm_servicebus_queue_authorization_rule",
-    "azurerm_servicebus_subscription",
-    "azurerm_servicebus_topic",
-    "azurerm_servicebus_topic_authorization_rule",
-    "azurerm_shared_image",
-    "azurerm_shared_image_gallery",
-    "azurerm_shared_image_version",
-    "azurerm_shared_image_versions",
-    "azurerm_signalr_service",
-    "azurerm_site_recovery_fabric",
-    "azurerm_site_recovery_protection_container",
-    "azurerm_site_recovery_replication_policy",
-    "azurerm_snapshot",
-    "azurerm_source_control_token",
-    "azurerm_spring_cloud_app",
-    "azurerm_spring_cloud_service",
-    "azurerm_ssh_public_key",
-    "azurerm_stack_hci_cluster",
-    "azurerm_stack_hci_storage_path",
-    "azurerm_static_web_app",
-    "azurerm_storage_account",
-    "azurerm_storage_account_blob_container_sas",
-    "azurerm_storage_account_sas",
-    "azurerm_storage_blob",
-    "azurerm_storage_container",
-    "azurerm_storage_containers",
-    "azurerm_storage_encryption_scope",
-    "azurerm_storage_management_policy",
-    "azurerm_storage_queue",
-    "azurerm_storage_share",
-    "azurerm_storage_sync",
-    "azurerm_storage_sync_group",
-    "azurerm_storage_table",
-    "azurerm_storage_table_entity",
-    "azurerm_stream_analytics_job",
-    "azurerm_subnet",
-    "azurerm_subscription",
-    "azurerm_subscription_template_deployment",
-    "azurerm_subscriptions",
-    "azurerm_synapse_workspace",
-    "azurerm_system_center_virtual_machine_manager_inventory_items",
-    "azurerm_template_spec_version",
-    "azurerm_tenant_template_deployment",
-    "azurerm_traffic_manager_geographical_location",
-    "azurerm_traffic_manager_profile",
-    "azurerm_user_assigned_identity",
-    "azurerm_virtual_desktop_application_group",
-    "azurerm_virtual_desktop_host_pool",
-    "azurerm_virtual_desktop_workspace",
-    "azurerm_virtual_hub",
-    "azurerm_virtual_hub_connection",
-    "azurerm_virtual_hub_route_table",
-    "azurerm_virtual_machine",
-    "azurerm_virtual_machine_scale_set",
-    "azurerm_virtual_network",
-    "azurerm_virtual_network_gateway",
-    "azurerm_virtual_network_gateway_connection",
-    "azurerm_virtual_network_peering",
-    "azurerm_virtual_wan",
-    "azurerm_vmware_private_cloud",
-    "azurerm_vpn_gateway",
-    "azurerm_vpn_server_configuration",
-    "azurerm_web_application_firewall_policy",
-    "azurerm_web_pubsub",
-    "azurerm_web_pubsub_private_link_resource",
-    "azurerm_windows_function_app",
-    "azurerm_windows_web_app",
-    "netapp_backup_policy",
-    "netapp_backup_vault"
-  ],
-  "resources": [
-    "azurerm_aadb2c_directory",
-    "azurerm_active_directory_domain_service",
-    "azurerm_active_directory_domain_service_replica_set",
-    "azurerm_active_directory_domain_service_trust",
-    "azurerm_advanced_threat_protection",
-    "azurerm_advisor_suppression",
-    "azurerm_ai_foundry",
-    "azurerm_ai_foundry_project",
-    "azurerm_ai_services",
-    "azurerm_analysis_services_server",
-    "azurerm_api_connection",
-    "azurerm_api_management",
-    "azurerm_api_management_api",
-    "azurerm_api_management_api_diagnostic",
-    "azurerm_api_management_api_operation",
-    "azurerm_api_management_api_operation_policy",
-    "azurerm_api_management_api_operation_tag",
-    "azurerm_api_management_api_policy",
-    "azurerm_api_management_api_release",
-    "azurerm_api_management_api_schema",
-    "azurerm_api_management_api_tag",
-    "azurerm_api_management_api_tag_description",
-    "azurerm_api_management_api_version_set",
-    "azurerm_api_management_authorization_server",
-    "azurerm_api_management_backend",
-    "azurerm_api_management_certificate",
-    "azurerm_api_management_custom_domain",
-    "azurerm_api_management_diagnostic",
-    "azurerm_api_management_email_template",
-    "azurerm_api_management_gateway",
-    "azurerm_api_management_gateway_api",
-    "azurerm_api_management_gateway_certificate_authority",
-    "azurerm_api_management_gateway_host_name_configuration",
-    "azurerm_api_management_global_schema",
-    "azurerm_api_management_group",
-    "azurerm_api_management_group_user",
-    "azurerm_api_management_identity_provider_aad",
-    "azurerm_api_management_identity_provider_aadb2c",
-    "azurerm_api_management_identity_provider_facebook",
-    "azurerm_api_management_identity_provider_google",
-    "azurerm_api_management_identity_provider_microsoft",
-    "azurerm_api_management_identity_provider_twitter",
-    "azurerm_api_management_logger",
-    "azurerm_api_management_named_value",
-    "azurerm_api_management_notification_recipient_email",
-    "azurerm_api_management_notification_recipient_user",
-    "azurerm_api_management_openid_connect_provider",
-    "azurerm_api_management_policy",
-    "azurerm_api_management_policy_fragment",
-    "azurerm_api_management_product",
-    "azurerm_api_management_product_api",
-    "azurerm_api_management_product_group",
-    "azurerm_api_management_product_policy",
-    "azurerm_api_management_product_tag",
-    "azurerm_api_management_redis_cache",
-    "azurerm_api_management_subscription",
-    "azurerm_api_management_tag",
-    "azurerm_api_management_user",
-    "azurerm_app_configuration",
-    "azurerm_app_configuration_feature",
-    "azurerm_app_configuration_key",
-    "azurerm_app_service",
-    "azurerm_app_service_active_slot",
-    "azurerm_app_service_certificate",
-    "azurerm_app_service_certificate_binding",
-    "azurerm_app_service_certificate_order",
-    "azurerm_app_service_connection",
-    "azurerm_app_service_custom_hostname_binding",
-    "azurerm_app_service_environment_v3",
-    "azurerm_app_service_hybrid_connection",
-    "azurerm_app_service_managed_certificate",
-    "azurerm_app_service_plan",
-    "azurerm_app_service_public_certificate",
-    "azurerm_app_service_slot",
-    "azurerm_app_service_slot_custom_hostname_binding",
-    "azurerm_app_service_slot_virtual_network_swift_connection",
-    "azurerm_app_service_source_control",
-    "azurerm_app_service_source_control_slot",
-    "azurerm_app_service_source_control_token",
-    "azurerm_app_service_virtual_network_swift_connection",
-    "azurerm_application_gateway",
-    "azurerm_application_insights",
-    "azurerm_application_insights_analytics_item",
-    "azurerm_application_insights_api_key",
-    "azurerm_application_insights_smart_detection_rule",
-    "azurerm_application_insights_workbook",
-    "azurerm_application_insights_workbook_template",
-    "azurerm_application_load_balancer",
-    "azurerm_application_load_balancer_frontend",
-    "azurerm_application_load_balancer_subnet_association",
-    "azurerm_application_security_group",
-    "azurerm_arc_kubernetes_cluster",
-    "azurerm_arc_kubernetes_cluster_extension",
-    "azurerm_arc_kubernetes_flux_configuration",
-    "azurerm_arc_kubernetes_provisioned_cluster",
-    "azurerm_arc_machine",
-    "azurerm_arc_machine_automanage_configuration_assignment",
-    "azurerm_arc_machine_extension",
-    "azurerm_arc_private_link_scope",
-    "azurerm_arc_resource_bridge_appliance",
-    "azurerm_attestation_provider",
-    "azurerm_automanage_configuration",
-    "azurerm_automation_account",
-    "azurerm_automation_certificate",
-    "azurerm_automation_connection",
-    "azurerm_automation_connection_certificate",
-    "azurerm_automation_connection_classic_certificate",
-    "azurerm_automation_connection_service_principal",
-    "azurerm_automation_connection_type",
-    "azurerm_automation_credential",
-    "azurerm_automation_dsc_configuration",
-    "azurerm_automation_dsc_nodeconfiguration",
-    "azurerm_automation_hybrid_runbook_worker",
-    "azurerm_automation_hybrid_runbook_worker_group",
-    "azurerm_automation_job_schedule",
-    "azurerm_automation_module",
-    "azurerm_automation_powershell72_module",
-    "azurerm_automation_python3_package",
-    "azurerm_automation_runbook",
-    "azurerm_automation_schedule",
-    "azurerm_automation_software_update_configuration",
-    "azurerm_automation_source_control",
-    "azurerm_automation_variable_bool",
-    "azurerm_automation_variable_datetime",
-    "azurerm_automation_variable_int",
-    "azurerm_automation_variable_object",
-    "azurerm_automation_variable_string",
-    "azurerm_automation_watcher",
-    "azurerm_automation_webhook",
-    "azurerm_availability_set",
-    "azurerm_backup_container_storage_account",
-    "azurerm_backup_policy_file_share",
-    "azurerm_backup_policy_vm",
-    "azurerm_backup_policy_vm_workload",
-    "azurerm_backup_protected_file_share",
-    "azurerm_backup_protected_vm",
-    "azurerm_bastion_host",
-    "azurerm_batch_account",
-    "azurerm_batch_application",
-    "azurerm_batch_certificate",
-    "azurerm_batch_job",
-    "azurerm_batch_pool",
-    "azurerm_billing_account_cost_management_export",
-    "azurerm_blueprint_assignment",
-    "azurerm_bot_channel_alexa",
-    "azurerm_bot_channel_direct_line_speech",
-    "azurerm_bot_channel_directline",
-    "azurerm_bot_channel_email",
-    "azurerm_bot_channel_facebook",
-    "azurerm_bot_channel_line",
-    "azurerm_bot_channel_ms_teams",
-    "azurerm_bot_channel_slack",
-    "azurerm_bot_channel_sms",
-    "azurerm_bot_channel_web_chat",
-    "azurerm_bot_channels_registration",
-    "azurerm_bot_connection",
-    "azurerm_bot_service_azure_bot",
-    "azurerm_bot_web_app",
-    "azurerm_capacity_reservation",
-    "azurerm_capacity_reservation_group",
-    "azurerm_cdn_endpoint",
-    "azurerm_cdn_endpoint_custom_domain",
-    "azurerm_cdn_frontdoor_custom_domain",
-    "azurerm_cdn_frontdoor_custom_domain_association",
-    "azurerm_cdn_frontdoor_endpoint",
-    "azurerm_cdn_frontdoor_firewall_policy",
-    "azurerm_cdn_frontdoor_origin",
-    "azurerm_cdn_frontdoor_origin_group",
-    "azurerm_cdn_frontdoor_profile",
-    "azurerm_cdn_frontdoor_route",
-    "azurerm_cdn_frontdoor_rule",
-    "azurerm_cdn_frontdoor_rule_set",
-    "azurerm_cdn_frontdoor_secret",
-    "azurerm_cdn_frontdoor_security_policy",
-    "azurerm_cdn_profile",
-    "azurerm_chaos_studio_capability",
-    "azurerm_chaos_studio_experiment",
-    "azurerm_chaos_studio_target",
-    "azurerm_cognitive_account",
-    "azurerm_cognitive_account_customer_managed_key",
-    "azurerm_cognitive_account_rai_blocklist",
-    "azurerm_cognitive_account_rai_policy",
-    "azurerm_cognitive_deployment",
-    "azurerm_communication_service",
-    "azurerm_communication_service_email_domain_association",
-    "azurerm_confidential_ledger",
-    "azurerm_consumption_budget_management_group",
-    "azurerm_consumption_budget_resource_group",
-    "azurerm_consumption_budget_subscription",
-    "azurerm_container_app",
-    "azurerm_container_app_custom_domain",
-    "azurerm_container_app_environment",
-    "azurerm_container_app_environment_certificate",
-    "azurerm_container_app_environment_custom_domain",
-    "azurerm_container_app_environment_dapr_component",
-    "azurerm_container_app_environment_storage",
-    "azurerm_container_app_job",
-    "azurerm_container_connected_registry",
-    "azurerm_container_group",
-    "azurerm_container_registry",
-    "azurerm_container_registry_agent_pool",
-    "azurerm_container_registry_cache_rule",
-    "azurerm_container_registry_credential_set",
-    "azurerm_container_registry_scope_map",
-    "azurerm_container_registry_task",
-    "azurerm_container_registry_task_schedule_run_now",
-    "azurerm_container_registry_token",
-    "azurerm_container_registry_token_password",
-    "azurerm_container_registry_webhook",
-    "azurerm_cosmosdb_account",
-    "azurerm_cosmosdb_cassandra_cluster",
-    "azurerm_cosmosdb_cassandra_datacenter",
-    "azurerm_cosmosdb_cassandra_keyspace",
-    "azurerm_cosmosdb_cassandra_table",
-    "azurerm_cosmosdb_gremlin_database",
-    "azurerm_cosmosdb_gremlin_graph",
-    "azurerm_cosmosdb_mongo_collection",
-    "azurerm_cosmosdb_mongo_database",
-    "azurerm_cosmosdb_mongo_role_definition",
-    "azurerm_cosmosdb_mongo_user_definition",
-    "azurerm_cosmosdb_postgresql_cluster",
-    "azurerm_cosmosdb_postgresql_coordinator_configuration",
-    "azurerm_cosmosdb_postgresql_firewall_rule",
-    "azurerm_cosmosdb_postgresql_node_configuration",
-    "azurerm_cosmosdb_postgresql_role",
-    "azurerm_cosmosdb_sql_container",
-    "azurerm_cosmosdb_sql_database",
-    "azurerm_cosmosdb_sql_dedicated_gateway",
-    "azurerm_cosmosdb_sql_function",
-    "azurerm_cosmosdb_sql_role_assignment",
-    "azurerm_cosmosdb_sql_role_definition",
-    "azurerm_cosmosdb_sql_stored_procedure",
-    "azurerm_cosmosdb_sql_trigger",
-    "azurerm_cosmosdb_table",
-    "azurerm_cost_anomaly_alert",
-    "azurerm_cost_management_scheduled_action",
-    "azurerm_custom_ip_prefix",
-    "azurerm_custom_provider",
-    "azurerm_dashboard",
-    "azurerm_dashboard_grafana",
-    "azurerm_dashboard_grafana_managed_private_endpoint",
-    "azurerm_data_factory",
-    "azurerm_data_factory_credential_service_principal",
-    "azurerm_data_factory_credential_user_managed_identity",
-    "azurerm_data_factory_custom_dataset",
-    "azurerm_data_factory_data_flow",
-    "azurerm_data_factory_dataset_azure_blob",
-    "azurerm_data_factory_dataset_azure_sql_table",
-    "azurerm_data_factory_dataset_binary",
-    "azurerm_data_factory_dataset_cosmosdb_sqlapi",
-    "azurerm_data_factory_dataset_delimited_text",
-    "azurerm_data_factory_dataset_http",
-    "azurerm_data_factory_dataset_json",
-    "azurerm_data_factory_dataset_mysql",
-    "azurerm_data_factory_dataset_parquet",
-    "azurerm_data_factory_dataset_postgresql",
-    "azurerm_data_factory_dataset_snowflake",
-    "azurerm_data_factory_dataset_sql_server_table",
-    "azurerm_data_factory_flowlet_data_flow",
-    "azurerm_data_factory_integration_runtime_azure",
-    "azurerm_data_factory_integration_runtime_azure_ssis",
-    "azurerm_data_factory_integration_runtime_self_hosted",
-    "azurerm_data_factory_linked_custom_service",
-    "azurerm_data_factory_linked_service_azure_blob_storage",
-    "azurerm_data_factory_linked_service_azure_databricks",
-    "azurerm_data_factory_linked_service_azure_file_storage",
-    "azurerm_data_factory_linked_service_azure_function",
-    "azurerm_data_factory_linked_service_azure_search",
-    "azurerm_data_factory_linked_service_azure_sql_database",
-    "azurerm_data_factory_linked_service_azure_table_storage",
-    "azurerm_data_factory_linked_service_cosmosdb",
-    "azurerm_data_factory_linked_service_cosmosdb_mongoapi",
-    "azurerm_data_factory_linked_service_data_lake_storage_gen2",
-    "azurerm_data_factory_linked_service_key_vault",
-    "azurerm_data_factory_linked_service_kusto",
-    "azurerm_data_factory_linked_service_mysql",
-    "azurerm_data_factory_linked_service_odata",
-    "azurerm_data_factory_linked_service_odbc",
-    "azurerm_data_factory_linked_service_postgresql",
-    "azurerm_data_factory_linked_service_sftp",
-    "azurerm_data_factory_linked_service_snowflake",
-    "azurerm_data_factory_linked_service_sql_server",
-    "azurerm_data_factory_linked_service_synapse",
-    "azurerm_data_factory_linked_service_web",
-    "azurerm_data_factory_managed_private_endpoint",
-    "azurerm_data_factory_pipeline",
-    "azurerm_data_factory_trigger_blob_event",
-    "azurerm_data_factory_trigger_custom_event",
-    "azurerm_data_factory_trigger_schedule",
-    "azurerm_data_factory_trigger_tumbling_window",
-    "azurerm_data_protection_backup_instance_blob_storage",
-    "azurerm_data_protection_backup_instance_disk",
-    "azurerm_data_protection_backup_instance_kubernetes_cluster",
-    "azurerm_data_protection_backup_instance_mysql_flexible_server",
-    "azurerm_data_protection_backup_instance_postgresql",
-    "azurerm_data_protection_backup_instance_postgresql_flexible_server",
-    "azurerm_data_protection_backup_policy_blob_storage",
-    "azurerm_data_protection_backup_policy_disk",
-    "azurerm_data_protection_backup_policy_kubernetes_cluster",
-    "azurerm_data_protection_backup_policy_mysql_flexible_server",
-    "azurerm_data_protection_backup_policy_postgresql",
-    "azurerm_data_protection_backup_policy_postgresql_flexible_server",
-    "azurerm_data_protection_backup_vault",
-    "azurerm_data_protection_backup_vault_customer_managed_key",
-    "azurerm_data_protection_resource_guard",
-    "azurerm_data_share",
-    "azurerm_data_share_account",
-    "azurerm_data_share_dataset_blob_storage",
-    "azurerm_data_share_dataset_data_lake_gen2",
-    "azurerm_data_share_dataset_kusto_cluster",
-    "azurerm_data_share_dataset_kusto_database",
-    "azurerm_database_migration_project",
-    "azurerm_database_migration_service",
-    "azurerm_databox_edge_device",
-    "azurerm_databricks_access_connector",
-    "azurerm_databricks_virtual_network_peering",
-    "azurerm_databricks_workspace",
-    "azurerm_databricks_workspace_root_dbfs_customer_managed_key",
-    "azurerm_datadog_monitor",
-    "azurerm_datadog_monitor_sso_configuration",
-    "azurerm_datadog_monitor_tag_rule",
-    "azurerm_dedicated_hardware_security_module",
-    "azurerm_dedicated_host",
-    "azurerm_dedicated_host_group",
-    "azurerm_dev_center",
-    "azurerm_dev_center_attached_network",
-    "azurerm_dev_center_catalog",
-    "azurerm_dev_center_dev_box_definition",
-    "azurerm_dev_center_environment_type",
-    "azurerm_dev_center_gallery",
-    "azurerm_dev_center_network_connection",
-    "azurerm_dev_center_project",
-    "azurerm_dev_center_project_environment_type",
-    "azurerm_dev_center_project_pool",
-    "azurerm_digital_twins_endpoint_eventgrid",
-    "azurerm_digital_twins_endpoint_eventhub",
-    "azurerm_digital_twins_endpoint_servicebus",
-    "azurerm_digital_twins_instance",
-    "azurerm_digital_twins_time_series_database_connection",
-    "azurerm_disk_access",
-    "azurerm_disk_encryption_set",
-    "azurerm_dns_a_record",
-    "azurerm_dns_aaaa_record",
-    "azurerm_dns_caa_record",
-    "azurerm_dns_cname_record",
-    "azurerm_dns_mx_record",
-    "azurerm_dns_ns_record",
-    "azurerm_dns_ptr_record",
-    "azurerm_dns_srv_record",
-    "azurerm_dns_txt_record",
-    "azurerm_dns_zone",
-    "azurerm_dynatrace_monitor",
-    "azurerm_dynatrace_tag_rules",
-    "azurerm_elastic_cloud_elasticsearch",
-    "azurerm_elastic_san",
-    "azurerm_elastic_san_volume",
-    "azurerm_elastic_san_volume_group",
-    "azurerm_email_communication_service",
-    "azurerm_email_communication_service_domain",
-    "azurerm_eventgrid_domain",
-    "azurerm_eventgrid_domain_topic",
-    "azurerm_eventgrid_event_subscription",
-    "azurerm_eventgrid_namespace",
-    "azurerm_eventgrid_system_topic",
-    "azurerm_eventgrid_system_topic_event_subscription",
-    "azurerm_eventgrid_topic",
-    "azurerm_eventhub",
-    "azurerm_eventhub_authorization_rule",
-    "azurerm_eventhub_cluster",
-    "azurerm_eventhub_consumer_group",
-    "azurerm_eventhub_namespace",
-    "azurerm_eventhub_namespace_authorization_rule",
-    "azurerm_eventhub_namespace_customer_managed_key",
-    "azurerm_eventhub_namespace_disaster_recovery_config",
-    "azurerm_eventhub_namespace_schema_group",
-    "azurerm_express_route_circuit",
-    "azurerm_express_route_circuit_authorization",
-    "azurerm_express_route_circuit_connection",
-    "azurerm_express_route_circuit_peering",
-    "azurerm_express_route_connection",
-    "azurerm_express_route_gateway",
-    "azurerm_express_route_port",
-    "azurerm_express_route_port_authorization",
-    "azurerm_extended_location_custom_location",
-    "azurerm_fabric_capacity",
-    "azurerm_federated_identity_credential",
-    "azurerm_firewall",
-    "azurerm_firewall_application_rule_collection",
-    "azurerm_firewall_nat_rule_collection",
-    "azurerm_firewall_network_rule_collection",
-    "azurerm_firewall_policy",
-    "azurerm_firewall_policy_rule_collection_group",
-    "azurerm_fluid_relay_server",
-    "azurerm_frontdoor",
-    "azurerm_frontdoor_custom_https_configuration",
-    "azurerm_frontdoor_firewall_policy",
-    "azurerm_frontdoor_rules_engine",
-    "azurerm_function_app",
-    "azurerm_function_app_active_slot",
-    "azurerm_function_app_connection",
-    "azurerm_function_app_flex_consumption",
-    "azurerm_function_app_function",
-    "azurerm_function_app_hybrid_connection",
-    "azurerm_function_app_slot",
-    "azurerm_gallery_application",
-    "azurerm_gallery_application_version",
-    "azurerm_graph_services_account",
-    "azurerm_hdinsight_hadoop_cluster",
-    "azurerm_hdinsight_hbase_cluster",
-    "azurerm_hdinsight_interactive_query_cluster",
-    "azurerm_hdinsight_kafka_cluster",
-    "azurerm_hdinsight_spark_cluster",
-    "azurerm_healthbot",
-    "azurerm_healthcare_dicom_service",
-    "azurerm_healthcare_fhir_service",
-    "azurerm_healthcare_medtech_service",
-    "azurerm_healthcare_medtech_service_fhir_destination",
-    "azurerm_healthcare_service",
-    "azurerm_healthcare_workspace",
-    "azurerm_hpc_cache",
-    "azurerm_hpc_cache_access_policy",
-    "azurerm_hpc_cache_blob_nfs_target",
-    "azurerm_hpc_cache_blob_target",
-    "azurerm_hpc_cache_nfs_target",
-    "azurerm_image",
-    "azurerm_iot_security_device_group",
-    "azurerm_iot_security_solution",
-    "azurerm_iotcentral_application",
-    "azurerm_iotcentral_application_network_rule_set",
-    "azurerm_iotcentral_organization",
-    "azurerm_iothub",
-    "azurerm_iothub_certificate",
-    "azurerm_iothub_consumer_group",
-    "azurerm_iothub_device_update_account",
-    "azurerm_iothub_device_update_instance",
-    "azurerm_iothub_dps",
-    "azurerm_iothub_dps_certificate",
-    "azurerm_iothub_dps_shared_access_policy",
-    "azurerm_iothub_endpoint_cosmosdb_account",
-    "azurerm_iothub_endpoint_eventhub",
-    "azurerm_iothub_endpoint_servicebus_queue",
-    "azurerm_iothub_endpoint_servicebus_topic",
-    "azurerm_iothub_endpoint_storage_container",
-    "azurerm_iothub_enrichment",
-    "azurerm_iothub_fallback_route",
-    "azurerm_iothub_file_upload",
-    "azurerm_iothub_route",
-    "azurerm_iothub_shared_access_policy",
-    "azurerm_ip_group",
-    "azurerm_ip_group_cidr",
-    "azurerm_key_vault",
-    "azurerm_key_vault_access_policy",
-    "azurerm_key_vault_certificate",
-    "azurerm_key_vault_certificate_contacts",
-    "azurerm_key_vault_certificate_issuer",
-    "azurerm_key_vault_key",
-    "azurerm_key_vault_managed_hardware_security_module",
-    "azurerm_key_vault_managed_hardware_security_module_key",
-    "azurerm_key_vault_managed_hardware_security_module_key_rotation_policy",
-    "azurerm_key_vault_managed_hardware_security_module_role_assignment",
-    "azurerm_key_vault_managed_hardware_security_module_role_definition",
-    "azurerm_key_vault_managed_storage_account",
-    "azurerm_key_vault_managed_storage_account_sas_token_definition",
-    "azurerm_key_vault_secret",
-    "azurerm_kubernetes_cluster",
-    "azurerm_kubernetes_cluster_extension",
-    "azurerm_kubernetes_cluster_node_pool",
-    "azurerm_kubernetes_cluster_trusted_access_role_binding",
-    "azurerm_kubernetes_fleet_manager",
-    "azurerm_kubernetes_fleet_member",
-    "azurerm_kubernetes_fleet_update_run",
-    "azurerm_kubernetes_fleet_update_strategy",
-    "azurerm_kubernetes_flux_configuration",
-    "azurerm_kusto_attached_database_configuration",
-    "azurerm_kusto_cluster",
-    "azurerm_kusto_cluster_customer_managed_key",
-    "azurerm_kusto_cluster_managed_private_endpoint",
-    "azurerm_kusto_cluster_principal_assignment",
-    "azurerm_kusto_cosmosdb_data_connection",
-    "azurerm_kusto_database",
-    "azurerm_kusto_database_principal_assignment",
-    "azurerm_kusto_eventgrid_data_connection",
-    "azurerm_kusto_eventhub_data_connection",
-    "azurerm_kusto_iothub_data_connection",
-    "azurerm_kusto_script",
-    "azurerm_lb",
-    "azurerm_lb_backend_address_pool",
-    "azurerm_lb_backend_address_pool_address",
-    "azurerm_lb_nat_pool",
-    "azurerm_lb_nat_rule",
-    "azurerm_lb_outbound_rule",
-    "azurerm_lb_probe",
-    "azurerm_lb_rule",
-    "azurerm_lighthouse_assignment",
-    "azurerm_lighthouse_definition",
-    "azurerm_linux_function_app",
-    "azurerm_linux_function_app_slot",
-    "azurerm_linux_virtual_machine",
-    "azurerm_linux_virtual_machine_scale_set",
-    "azurerm_linux_web_app",
-    "azurerm_linux_web_app_slot",
-    "azurerm_local_network_gateway",
-    "azurerm_log_analytics_cluster",
-    "azurerm_log_analytics_cluster_customer_managed_key",
-    "azurerm_log_analytics_data_export_rule",
-    "azurerm_log_analytics_datasource_windows_event",
-    "azurerm_log_analytics_datasource_windows_performance_counter",
-    "azurerm_log_analytics_linked_service",
-    "azurerm_log_analytics_linked_storage_account",
-    "azurerm_log_analytics_query_pack",
-    "azurerm_log_analytics_query_pack_query",
-    "azurerm_log_analytics_saved_search",
-    "azurerm_log_analytics_solution",
-    "azurerm_log_analytics_storage_insights",
-    "azurerm_log_analytics_workspace",
-    "azurerm_log_analytics_workspace_table",
-    "azurerm_logic_app_action_custom",
-    "azurerm_logic_app_action_http",
-    "azurerm_logic_app_integration_account",
-    "azurerm_logic_app_integration_account_agreement",
-    "azurerm_logic_app_integration_account_assembly",
-    "azurerm_logic_app_integration_account_batch_configuration",
-    "azurerm_logic_app_integration_account_certificate",
-    "azurerm_logic_app_integration_account_map",
-    "azurerm_logic_app_integration_account_partner",
-    "azurerm_logic_app_integration_account_schema",
-    "azurerm_logic_app_integration_account_session",
-    "azurerm_logic_app_standard",
-    "azurerm_logic_app_trigger_custom",
-    "azurerm_logic_app_trigger_http_request",
-    "azurerm_logic_app_trigger_recurrence",
-    "azurerm_logic_app_workflow",
-    "azurerm_machine_learning_compute_cluster",
-    "azurerm_machine_learning_compute_instance",
-    "azurerm_machine_learning_datastore_blobstorage",
-    "azurerm_machine_learning_datastore_datalake_gen2",
-    "azurerm_machine_learning_datastore_fileshare",
-    "azurerm_machine_learning_inference_cluster",
-    "azurerm_machine_learning_synapse_spark",
-    "azurerm_machine_learning_workspace",
-    "azurerm_machine_learning_workspace_network_outbound_rule_fqdn",
-    "azurerm_machine_learning_workspace_network_outbound_rule_private_endpoint",
-    "azurerm_machine_learning_workspace_network_outbound_rule_service_tag",
-    "azurerm_maintenance_assignment_dedicated_host",
-    "azurerm_maintenance_assignment_dynamic_scope",
-    "azurerm_maintenance_assignment_virtual_machine",
-    "azurerm_maintenance_assignment_virtual_machine_scale_set",
-    "azurerm_maintenance_configuration",
-    "azurerm_managed_application",
-    "azurerm_managed_application_definition",
-    "azurerm_managed_disk",
-    "azurerm_managed_disk_sas_token",
-    "azurerm_managed_lustre_file_system",
-    "azurerm_management_group",
-    "azurerm_management_group_policy_assignment",
-    "azurerm_management_group_policy_exemption",
-    "azurerm_management_group_policy_remediation",
-    "azurerm_management_group_subscription_association",
-    "azurerm_management_group_template_deployment",
-    "azurerm_management_lock",
-    "azurerm_maps_account",
-    "azurerm_maps_creator",
-    "azurerm_marketplace_agreement",
-    "azurerm_marketplace_role_assignment",
-    "azurerm_media_services_account",
-    "azurerm_media_transform",
-    "azurerm_mobile_network",
-    "azurerm_mobile_network_attached_data_network",
-    "azurerm_mobile_network_data_network",
-    "azurerm_mobile_network_packet_core_control_plane",
-    "azurerm_mobile_network_packet_core_data_plane",
-    "azurerm_mobile_network_service",
-    "azurerm_mobile_network_sim",
-    "azurerm_mobile_network_sim_group",
-    "azurerm_mobile_network_sim_policy",
-    "azurerm_mobile_network_site",
-    "azurerm_mobile_network_slice",
-    "azurerm_mongo_cluster",
-    "azurerm_monitor_aad_diagnostic_setting",
-    "azurerm_monitor_action_group",
-    "azurerm_monitor_activity_log_alert",
-    "azurerm_monitor_alert_processing_rule_action_group",
-    "azurerm_monitor_alert_processing_rule_suppression",
-    "azurerm_monitor_alert_prometheus_rule_group",
-    "azurerm_monitor_autoscale_setting",
-    "azurerm_monitor_data_collection_endpoint",
-    "azurerm_monitor_data_collection_rule",
-    "azurerm_monitor_data_collection_rule_association",
-    "azurerm_monitor_diagnostic_setting",
-    "azurerm_monitor_metric_alert",
-    "azurerm_monitor_private_link_scope",
-    "azurerm_monitor_private_link_scoped_service",
-    "azurerm_monitor_scheduled_query_rules_alert",
-    "azurerm_monitor_scheduled_query_rules_alert_v2",
-    "azurerm_monitor_scheduled_query_rules_log",
-    "azurerm_monitor_smart_detector_alert_rule",
-    "azurerm_monitor_workspace",
-    "azurerm_mssql_database",
-    "azurerm_mssql_database_extended_auditing_policy",
-    "azurerm_mssql_database_vulnerability_assessment_rule_baseline",
-    "azurerm_mssql_elasticpool",
-    "azurerm_mssql_failover_group",
-    "azurerm_mssql_firewall_rule",
-    "azurerm_mssql_job",
-    "azurerm_mssql_job_agent",
-    "azurerm_mssql_job_credential",
-    "azurerm_mssql_job_schedule",
-    "azurerm_mssql_job_step",
-    "azurerm_mssql_job_target_group",
-    "azurerm_mssql_managed_database",
-    "azurerm_mssql_managed_instance",
-    "azurerm_mssql_managed_instance_active_directory_administrator",
-    "azurerm_mssql_managed_instance_failover_group",
-    "azurerm_mssql_managed_instance_security_alert_policy",
-    "azurerm_mssql_managed_instance_transparent_data_encryption",
-    "azurerm_mssql_managed_instance_vulnerability_assessment",
-    "azurerm_mssql_outbound_firewall_rule",
-    "azurerm_mssql_server",
-    "azurerm_mssql_server_dns_alias",
-    "azurerm_mssql_server_extended_auditing_policy",
-    "azurerm_mssql_server_microsoft_support_auditing_policy",
-    "azurerm_mssql_server_security_alert_policy",
-    "azurerm_mssql_server_transparent_data_encryption",
-    "azurerm_mssql_server_vulnerability_assessment",
-    "azurerm_mssql_virtual_machine",
-    "azurerm_mssql_virtual_machine_availability_group_listener",
-    "azurerm_mssql_virtual_machine_group",
-    "azurerm_mssql_virtual_network_rule",
-    "azurerm_mysql_flexible_database",
-    "azurerm_mysql_flexible_server",
-    "azurerm_mysql_flexible_server_active_directory_administrator",
-    "azurerm_mysql_flexible_server_configuration",
-    "azurerm_mysql_flexible_server_firewall_rule",
-    "azurerm_nat_gateway",
-    "azurerm_nat_gateway_public_ip_association",
-    "azurerm_nat_gateway_public_ip_prefix_association",
-    "azurerm_netapp_account",
-    "azurerm_netapp_account_encryption",
-    "azurerm_netapp_backup_policy",
-    "azurerm_netapp_backup_vault",
-    "azurerm_netapp_pool",
-    "azurerm_netapp_snapshot",
-    "azurerm_netapp_snapshot_policy",
-    "azurerm_netapp_volume",
-    "azurerm_netapp_volume_group_oracle",
-    "azurerm_netapp_volume_group_sap_hana",
-    "azurerm_netapp_volume_quota_rule",
-    "azurerm_network_connection_monitor",
-    "azurerm_network_ddos_protection_plan",
-    "azurerm_network_function_azure_traffic_collector",
-    "azurerm_network_function_collector_policy",
-    "azurerm_network_interface",
-    "azurerm_network_interface_application_gateway_backend_address_pool_association",
-    "azurerm_network_interface_application_security_group_association",
-    "azurerm_network_interface_backend_address_pool_association",
-    "azurerm_network_interface_nat_rule_association",
-    "azurerm_network_interface_security_group_association",
-    "azurerm_network_manager",
-    "azurerm_network_manager_admin_rule",
-    "azurerm_network_manager_admin_rule_collection",
-    "azurerm_network_manager_connectivity_configuration",
-    "azurerm_network_manager_deployment",
-    "azurerm_network_manager_ipam_pool",
-    "azurerm_network_manager_management_group_connection",
-    "azurerm_network_manager_network_group",
-    "azurerm_network_manager_scope_connection",
-    "azurerm_network_manager_security_admin_configuration",
-    "azurerm_network_manager_static_member",
-    "azurerm_network_manager_subscription_connection",
-    "azurerm_network_manager_verifier_workspace",
-    "azurerm_network_profile",
-    "azurerm_network_security_group",
-    "azurerm_network_security_rule",
-    "azurerm_network_watcher",
-    "azurerm_network_watcher_flow_log",
-    "azurerm_new_relic_monitor",
-    "azurerm_new_relic_tag_rule",
-    "azurerm_nginx_certificate",
-    "azurerm_nginx_configuration",
-    "azurerm_nginx_deployment",
-    "azurerm_notification_hub",
-    "azurerm_notification_hub_authorization_rule",
-    "azurerm_notification_hub_namespace",
-    "azurerm_oracle_autonomous_database",
-    "azurerm_oracle_cloud_vm_cluster",
-    "azurerm_oracle_exadata_infrastructure",
-    "azurerm_orbital_contact",
-    "azurerm_orbital_contact_profile",
-    "azurerm_orbital_spacecraft",
-    "azurerm_orchestrated_virtual_machine_scale_set",
-    "azurerm_palo_alto_local_rulestack",
-    "azurerm_palo_alto_local_rulestack_certificate",
-    "azurerm_palo_alto_local_rulestack_fqdn_list",
-    "azurerm_palo_alto_local_rulestack_outbound_trust_certificate_association",
-    "azurerm_palo_alto_local_rulestack_outbound_untrust_certificate_association",
-    "azurerm_palo_alto_local_rulestack_prefix_list",
-    "azurerm_palo_alto_local_rulestack_rule",
-    "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack",
-    "azurerm_palo_alto_next_generation_firewall_virtual_hub_panorama",
-    "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack",
-    "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama",
-    "azurerm_palo_alto_virtual_network_appliance",
-    "azurerm_pim_active_role_assignment",
-    "azurerm_pim_eligible_role_assignment",
-    "azurerm_point_to_site_vpn_gateway",
-    "azurerm_policy_definition",
-    "azurerm_policy_set_definition",
-    "azurerm_policy_virtual_machine_configuration_assignment",
-    "azurerm_portal_dashboard",
-    "azurerm_portal_tenant_configuration",
-    "azurerm_postgresql_active_directory_administrator",
-    "azurerm_postgresql_configuration",
-    "azurerm_postgresql_database",
-    "azurerm_postgresql_firewall_rule",
-    "azurerm_postgresql_flexible_server",
-    "azurerm_postgresql_flexible_server_active_directory_administrator",
-    "azurerm_postgresql_flexible_server_configuration",
-    "azurerm_postgresql_flexible_server_database",
-    "azurerm_postgresql_flexible_server_firewall_rule",
-    "azurerm_postgresql_flexible_server_virtual_endpoint",
-    "azurerm_postgresql_server",
-    "azurerm_postgresql_server_key",
-    "azurerm_postgresql_virtual_network_rule",
-    "azurerm_powerbi_embedded",
-    "azurerm_private_dns_a_record",
-    "azurerm_private_dns_aaaa_record",
-    "azurerm_private_dns_cname_record",
-    "azurerm_private_dns_mx_record",
-    "azurerm_private_dns_ptr_record",
-    "azurerm_private_dns_resolver",
-    "azurerm_private_dns_resolver_dns_forwarding_ruleset",
-    "azurerm_private_dns_resolver_forwarding_rule",
-    "azurerm_private_dns_resolver_inbound_endpoint",
-    "azurerm_private_dns_resolver_outbound_endpoint",
-    "azurerm_private_dns_resolver_virtual_network_link",
-    "azurerm_private_dns_soa_record",
-    "azurerm_private_dns_srv_record",
-    "azurerm_private_dns_txt_record",
-    "azurerm_private_dns_zone",
-    "azurerm_private_dns_zone_virtual_network_link",
-    "azurerm_private_endpoint",
-    "azurerm_private_endpoint_application_security_group_association",
-    "azurerm_private_link_service",
-    "azurerm_proximity_placement_group",
-    "azurerm_public_ip",
-    "azurerm_public_ip_prefix",
-    "azurerm_purview_account",
-    "azurerm_recovery_services_vault",
-    "azurerm_recovery_services_vault_resource_guard_association",
-    "azurerm_redhat_openshift_cluster",
-    "azurerm_redis_cache",
-    "azurerm_redis_cache_access_policy",
-    "azurerm_redis_cache_access_policy_assignment",
-    "azurerm_redis_enterprise_cluster",
-    "azurerm_redis_enterprise_database",
-    "azurerm_redis_firewall_rule",
-    "azurerm_redis_linked_server",
-    "azurerm_relay_hybrid_connection",
-    "azurerm_relay_hybrid_connection_authorization_rule",
-    "azurerm_relay_namespace",
-    "azurerm_relay_namespace_authorization_rule",
-    "azurerm_resource_deployment_script_azure_cli",
-    "azurerm_resource_deployment_script_azure_power_shell",
-    "azurerm_resource_group",
-    "azurerm_resource_group_cost_management_export",
-    "azurerm_resource_group_cost_management_view",
-    "azurerm_resource_group_policy_assignment",
-    "azurerm_resource_group_policy_exemption",
-    "azurerm_resource_group_policy_remediation",
-    "azurerm_resource_group_template_deployment",
-    "azurerm_resource_management_private_link",
-    "azurerm_resource_management_private_link_association",
-    "azurerm_resource_policy_assignment",
-    "azurerm_resource_policy_exemption",
-    "azurerm_resource_policy_remediation",
-    "azurerm_resource_provider_registration",
-    "azurerm_role_assignment",
-    "azurerm_role_definition",
-    "azurerm_role_management_policy",
-    "azurerm_route",
-    "azurerm_route_filter",
-    "azurerm_route_map",
-    "azurerm_route_server",
-    "azurerm_route_server_bgp_connection",
-    "azurerm_route_table",
-    "azurerm_search_service",
-    "azurerm_search_shared_private_link_service",
-    "azurerm_security_center_assessment",
-    "azurerm_security_center_assessment_policy",
-    "azurerm_security_center_auto_provisioning",
-    "azurerm_security_center_automation",
-    "azurerm_security_center_contact",
-    "azurerm_security_center_server_vulnerability_assessment_virtual_machine",
-    "azurerm_security_center_server_vulnerability_assessments_setting",
-    "azurerm_security_center_setting",
-    "azurerm_security_center_storage_defender",
-    "azurerm_security_center_subscription_pricing",
-    "azurerm_security_center_workspace",
-    "azurerm_sentinel_alert_rule_anomaly_built_in",
-    "azurerm_sentinel_alert_rule_anomaly_duplicate",
-    "azurerm_sentinel_alert_rule_fusion",
-    "azurerm_sentinel_alert_rule_machine_learning_behavior_analytics",
-    "azurerm_sentinel_alert_rule_ms_security_incident",
-    "azurerm_sentinel_alert_rule_nrt",
-    "azurerm_sentinel_alert_rule_scheduled",
-    "azurerm_sentinel_alert_rule_threat_intelligence",
-    "azurerm_sentinel_automation_rule",
-    "azurerm_sentinel_data_connector_aws_cloud_trail",
-    "azurerm_sentinel_data_connector_aws_s3",
-    "azurerm_sentinel_data_connector_azure_active_directory",
-    "azurerm_sentinel_data_connector_azure_advanced_threat_protection",
-    "azurerm_sentinel_data_connector_azure_security_center",
-    "azurerm_sentinel_data_connector_dynamics_365",
-    "azurerm_sentinel_data_connector_iot",
-    "azurerm_sentinel_data_connector_microsoft_cloud_app_security",
-    "azurerm_sentinel_data_connector_microsoft_defender_advanced_threat_protection",
-    "azurerm_sentinel_data_connector_microsoft_threat_intelligence",
-    "azurerm_sentinel_data_connector_microsoft_threat_protection",
-    "azurerm_sentinel_data_connector_office_365",
-    "azurerm_sentinel_data_connector_office_365_project",
-    "azurerm_sentinel_data_connector_office_atp",
-    "azurerm_sentinel_data_connector_office_irm",
-    "azurerm_sentinel_data_connector_office_power_bi",
-    "azurerm_sentinel_data_connector_threat_intelligence",
-    "azurerm_sentinel_data_connector_threat_intelligence_taxii",
-    "azurerm_sentinel_log_analytics_workspace_onboarding",
-    "azurerm_sentinel_metadata",
-    "azurerm_sentinel_threat_intelligence_indicator",
-    "azurerm_sentinel_watchlist",
-    "azurerm_sentinel_watchlist_item",
-    "azurerm_service_fabric_cluster",
-    "azurerm_service_fabric_managed_cluster",
-    "azurerm_service_plan",
-    "azurerm_servicebus_namespace",
-    "azurerm_servicebus_namespace_authorization_rule",
-    "azurerm_servicebus_namespace_customer_managed_key",
-    "azurerm_servicebus_namespace_disaster_recovery_config",
-    "azurerm_servicebus_queue",
-    "azurerm_servicebus_queue_authorization_rule",
-    "azurerm_servicebus_subscription",
-    "azurerm_servicebus_subscription_rule",
-    "azurerm_servicebus_topic",
-    "azurerm_servicebus_topic_authorization_rule",
-    "azurerm_shared_image",
-    "azurerm_shared_image_gallery",
-    "azurerm_shared_image_version",
-    "azurerm_signalr_service",
-    "azurerm_signalr_service_custom_certificate",
-    "azurerm_signalr_service_custom_domain",
-    "azurerm_signalr_service_network_acl",
-    "azurerm_signalr_shared_private_link_resource",
-    "azurerm_site_recovery_fabric",
-    "azurerm_site_recovery_hyperv_network_mapping",
-    "azurerm_site_recovery_hyperv_replication_policy",
-    "azurerm_site_recovery_hyperv_replication_policy_association",
-    "azurerm_site_recovery_network_mapping",
-    "azurerm_site_recovery_protection_container",
-    "azurerm_site_recovery_protection_container_mapping",
-    "azurerm_site_recovery_replicated_vm",
-    "azurerm_site_recovery_replication_policy",
-    "azurerm_site_recovery_replication_recovery_plan",
-    "azurerm_site_recovery_services_vault_hyperv_site",
-    "azurerm_site_recovery_vmware_replicated_vm",
-    "azurerm_site_recovery_vmware_replication_policy",
-    "azurerm_site_recovery_vmware_replication_policy_association",
-    "azurerm_snapshot",
-    "azurerm_source_control_token",
-    "azurerm_spatial_anchors_account",
-    "azurerm_spring_cloud_accelerator",
-    "azurerm_spring_cloud_active_deployment",
-    "azurerm_spring_cloud_api_portal",
-    "azurerm_spring_cloud_api_portal_custom_domain",
-    "azurerm_spring_cloud_app",
-    "azurerm_spring_cloud_app_cosmosdb_association",
-    "azurerm_spring_cloud_app_dynamics_application_performance_monitoring",
-    "azurerm_spring_cloud_app_mysql_association",
-    "azurerm_spring_cloud_app_redis_association",
-    "azurerm_spring_cloud_application_insights_application_performance_monitoring",
-    "azurerm_spring_cloud_application_live_view",
-    "azurerm_spring_cloud_build_deployment",
-    "azurerm_spring_cloud_build_pack_binding",
-    "azurerm_spring_cloud_builder",
-    "azurerm_spring_cloud_certificate",
-    "azurerm_spring_cloud_configuration_service",
-    "azurerm_spring_cloud_connection",
-    "azurerm_spring_cloud_container_deployment",
-    "azurerm_spring_cloud_custom_domain",
-    "azurerm_spring_cloud_customized_accelerator",
-    "azurerm_spring_cloud_dev_tool_portal",
-    "azurerm_spring_cloud_dynatrace_application_performance_monitoring",
-    "azurerm_spring_cloud_elastic_application_performance_monitoring",
-    "azurerm_spring_cloud_gateway",
-    "azurerm_spring_cloud_gateway_custom_domain",
-    "azurerm_spring_cloud_gateway_route_config",
-    "azurerm_spring_cloud_java_deployment",
-    "azurerm_spring_cloud_new_relic_application_performance_monitoring",
-    "azurerm_spring_cloud_service",
-    "azurerm_spring_cloud_storage",
-    "azurerm_sql_database",
-    "azurerm_sql_firewall_rule",
-    "azurerm_sql_server",
-    "azurerm_sql_virtual_network_rule",
-    "azurerm_ssh_public_key",
-    "azurerm_stack_hci_cluster",
-    "azurerm_stack_hci_deployment_setting",
-    "azurerm_stack_hci_extension",
-    "azurerm_stack_hci_logical_network",
-    "azurerm_stack_hci_marketplace_gallery_image",
-    "azurerm_stack_hci_network_interface",
-    "azurerm_stack_hci_storage_path",
-    "azurerm_stack_hci_virtual_hard_disk",
-    "azurerm_static_site",
-    "azurerm_static_site_custom_domain",
-    "azurerm_static_web_app",
-    "azurerm_static_web_app_custom_domain",
-    "azurerm_static_web_app_function_app_registration",
-    "azurerm_storage_account",
-    "azurerm_storage_account_customer_managed_key",
-    "azurerm_storage_account_local_user",
-    "azurerm_storage_account_network_rules",
-    "azurerm_storage_account_queue_properties",
-    "azurerm_storage_account_static_website",
-    "azurerm_storage_blob",
-    "azurerm_storage_blob_inventory_policy",
-    "azurerm_storage_container",
-    "azurerm_storage_container_immutability_policy",
-    "azurerm_storage_data_lake_gen2_filesystem",
-    "azurerm_storage_data_lake_gen2_path",
-    "azurerm_storage_encryption_scope",
-    "azurerm_storage_management_policy",
-    "azurerm_storage_mover",
-    "azurerm_storage_mover_agent",
-    "azurerm_storage_mover_job_definition",
-    "azurerm_storage_mover_project",
-    "azurerm_storage_mover_source_endpoint",
-    "azurerm_storage_mover_target_endpoint",
-    "azurerm_storage_object_replication",
-    "azurerm_storage_queue",
-    "azurerm_storage_share",
-    "azurerm_storage_share_directory",
-    "azurerm_storage_share_file",
-    "azurerm_storage_sync",
-    "azurerm_storage_sync_cloud_endpoint",
-    "azurerm_storage_sync_group",
-    "azurerm_storage_sync_server_endpoint",
-    "azurerm_storage_table",
-    "azurerm_storage_table_entity",
-    "azurerm_stream_analytics_cluster",
-    "azurerm_stream_analytics_function_javascript_uda",
-    "azurerm_stream_analytics_function_javascript_udf",
-    "azurerm_stream_analytics_job",
-    "azurerm_stream_analytics_job_schedule",
-    "azurerm_stream_analytics_job_storage_account",
-    "azurerm_stream_analytics_managed_private_endpoint",
-    "azurerm_stream_analytics_output_blob",
-    "azurerm_stream_analytics_output_cosmosdb",
-    "azurerm_stream_analytics_output_eventhub",
-    "azurerm_stream_analytics_output_function",
-    "azurerm_stream_analytics_output_mssql",
-    "azurerm_stream_analytics_output_powerbi",
-    "azurerm_stream_analytics_output_servicebus_queue",
-    "azurerm_stream_analytics_output_servicebus_topic",
-    "azurerm_stream_analytics_output_synapse",
-    "azurerm_stream_analytics_output_table",
-    "azurerm_stream_analytics_reference_input_blob",
-    "azurerm_stream_analytics_reference_input_mssql",
-    "azurerm_stream_analytics_stream_input_blob",
-    "azurerm_stream_analytics_stream_input_eventhub",
-    "azurerm_stream_analytics_stream_input_eventhub_v2",
-    "azurerm_stream_analytics_stream_input_iothub",
-    "azurerm_subnet",
-    "azurerm_subnet_nat_gateway_association",
-    "azurerm_subnet_network_security_group_association",
-    "azurerm_subnet_route_table_association",
-    "azurerm_subnet_service_endpoint_storage_policy",
-    "azurerm_subscription",
-    "azurerm_subscription_cost_management_export",
-    "azurerm_subscription_cost_management_view",
-    "azurerm_subscription_policy_assignment",
-    "azurerm_subscription_policy_exemption",
-    "azurerm_subscription_policy_remediation",
-    "azurerm_subscription_template_deployment",
-    "azurerm_synapse_firewall_rule",
-    "azurerm_synapse_integration_runtime_azure",
-    "azurerm_synapse_integration_runtime_self_hosted",
-    "azurerm_synapse_linked_service",
-    "azurerm_synapse_managed_private_endpoint",
-    "azurerm_synapse_private_link_hub",
-    "azurerm_synapse_role_assignment",
-    "azurerm_synapse_spark_pool",
-    "azurerm_synapse_sql_pool",
-    "azurerm_synapse_sql_pool_extended_auditing_policy",
-    "azurerm_synapse_sql_pool_security_alert_policy",
-    "azurerm_synapse_sql_pool_vulnerability_assessment",
-    "azurerm_synapse_sql_pool_vulnerability_assessment_baseline",
-    "azurerm_synapse_sql_pool_workload_classifier",
-    "azurerm_synapse_sql_pool_workload_group",
-    "azurerm_synapse_workspace",
-    "azurerm_synapse_workspace_aad_admin",
-    "azurerm_synapse_workspace_extended_auditing_policy",
-    "azurerm_synapse_workspace_key",
-    "azurerm_synapse_workspace_security_alert_policy",
-    "azurerm_synapse_workspace_sql_aad_admin",
-    "azurerm_synapse_workspace_vulnerability_assessment",
-    "azurerm_system_center_virtual_machine_manager_availability_set",
-    "azurerm_system_center_virtual_machine_manager_cloud",
-    "azurerm_system_center_virtual_machine_manager_server",
-    "azurerm_system_center_virtual_machine_manager_virtual_machine_instance",
-    "azurerm_system_center_virtual_machine_manager_virtual_machine_template",
-    "azurerm_system_center_virtual_machine_manager_virtual_network",
-    "azurerm_tenant_template_deployment",
-    "azurerm_traffic_manager_azure_endpoint",
-    "azurerm_traffic_manager_external_endpoint",
-    "azurerm_traffic_manager_nested_endpoint",
-    "azurerm_traffic_manager_profile",
-    "azurerm_trusted_signing_account",
-    "azurerm_user_assigned_identity",
-    "azurerm_video_indexer_account",
-    "azurerm_virtual_desktop_application",
-    "azurerm_virtual_desktop_application_group",
-    "azurerm_virtual_desktop_host_pool",
-    "azurerm_virtual_desktop_host_pool_registration_info",
-    "azurerm_virtual_desktop_scaling_plan",
-    "azurerm_virtual_desktop_scaling_plan_host_pool_association",
-    "azurerm_virtual_desktop_workspace",
-    "azurerm_virtual_desktop_workspace_application_group_association",
-    "azurerm_virtual_hub",
-    "azurerm_virtual_hub_bgp_connection",
-    "azurerm_virtual_hub_connection",
-    "azurerm_virtual_hub_ip",
-    "azurerm_virtual_hub_route_table",
-    "azurerm_virtual_hub_route_table_route",
-    "azurerm_virtual_hub_routing_intent",
-    "azurerm_virtual_hub_security_partner_provider",
-    "azurerm_virtual_machine",
-    "azurerm_virtual_machine_automanage_configuration_assignment",
-    "azurerm_virtual_machine_data_disk_attachment",
-    "azurerm_virtual_machine_extension",
-    "azurerm_virtual_machine_gallery_application_assignment",
-    "azurerm_virtual_machine_implicit_data_disk_from_source",
-    "azurerm_virtual_machine_packet_capture",
-    "azurerm_virtual_machine_restore_point",
-    "azurerm_virtual_machine_restore_point_collection",
-    "azurerm_virtual_machine_run_command",
-    "azurerm_virtual_machine_scale_set",
-    "azurerm_virtual_machine_scale_set_extension",
-    "azurerm_virtual_machine_scale_set_packet_capture",
-    "azurerm_virtual_machine_scale_set_standby_pool",
-    "azurerm_virtual_network",
-    "azurerm_virtual_network_dns_servers",
-    "azurerm_virtual_network_gateway",
-    "azurerm_virtual_network_gateway_connection",
-    "azurerm_virtual_network_gateway_nat_rule",
-    "azurerm_virtual_network_peering",
-    "azurerm_virtual_wan",
-    "azurerm_vmware_cluster",
-    "azurerm_vmware_express_route_authorization",
-    "azurerm_vmware_netapp_volume_attachment",
-    "azurerm_vmware_private_cloud",
-    "azurerm_voice_services_communications_gateway",
-    "azurerm_vpn_gateway",
-    "azurerm_vpn_gateway_connection",
-    "azurerm_vpn_gateway_nat_rule",
-    "azurerm_vpn_server_configuration",
-    "azurerm_vpn_server_configuration_policy_group",
-    "azurerm_vpn_site",
-    "azurerm_web_app_active_slot",
-    "azurerm_web_app_hybrid_connection",
-    "azurerm_web_application_firewall_policy",
-    "azurerm_web_pubsub",
-    "azurerm_web_pubsub_custom_certificate",
-    "azurerm_web_pubsub_custom_domain",
-    "azurerm_web_pubsub_hub",
-    "azurerm_web_pubsub_network_acl",
-    "azurerm_web_pubsub_service",
-    "azurerm_web_pubsub_shared_private_link_resource",
-    "azurerm_web_pubsub_socketio",
-    "azurerm_windows_function_app",
-    "azurerm_windows_function_app_slot",
-    "azurerm_windows_virtual_machine",
-    "azurerm_windows_virtual_machine_scale_set",
-    "azurerm_windows_web_app",
-    "azurerm_windows_web_app_slot",
-    "azurerm_workloads_sap_discovery_virtual_instance",
-    "azurerm_workloads_sap_single_node_virtual_instance",
-    "azurerm_workloads_sap_three_tier_virtual_instance"
-  ]
-}
+    "resources": [
+        "azurerm_aadb2c_directory",
+        "azurerm_active_directory_domain_service",
+        "azurerm_active_directory_domain_service_replica_set",
+        "azurerm_active_directory_domain_service_trust",
+        "azurerm_advanced_threat_protection",
+        "azurerm_advisor_suppression",
+        "azurerm_ai_foundry",
+        "azurerm_ai_foundry_project",
+        "azurerm_ai_services",
+        "azurerm_analysis_services_server",
+        "azurerm_api_connection",
+        "azurerm_api_management",
+        "azurerm_api_management_api",
+        "azurerm_api_management_api_diagnostic",
+        "azurerm_api_management_api_operation",
+        "azurerm_api_management_api_operation_policy",
+        "azurerm_api_management_api_operation_tag",
+        "azurerm_api_management_api_policy",
+        "azurerm_api_management_api_release",
+        "azurerm_api_management_api_schema",
+        "azurerm_api_management_api_tag",
+        "azurerm_api_management_api_tag_description",
+        "azurerm_api_management_api_version_set",
+        "azurerm_api_management_authorization_server",
+        "azurerm_api_management_backend",
+        "azurerm_api_management_certificate",
+        "azurerm_api_management_custom_domain",
+        "azurerm_api_management_diagnostic",
+        "azurerm_api_management_email_template",
+        "azurerm_api_management_gateway",
+        "azurerm_api_management_gateway_api",
+        "azurerm_api_management_gateway_certificate_authority",
+        "azurerm_api_management_gateway_host_name_configuration",
+        "azurerm_api_management_global_schema",
+        "azurerm_api_management_group",
+        "azurerm_api_management_group_user",
+        "azurerm_api_management_identity_provider_aad",
+        "azurerm_api_management_identity_provider_aadb2c",
+        "azurerm_api_management_identity_provider_facebook",
+        "azurerm_api_management_identity_provider_google",
+        "azurerm_api_management_identity_provider_microsoft",
+        "azurerm_api_management_identity_provider_twitter",
+        "azurerm_api_management_logger",
+        "azurerm_api_management_named_value",
+        "azurerm_api_management_notification_recipient_email",
+        "azurerm_api_management_notification_recipient_user",
+        "azurerm_api_management_openid_connect_provider",
+        "azurerm_api_management_policy",
+        "azurerm_api_management_policy_fragment",
+        "azurerm_api_management_product",
+        "azurerm_api_management_product_api",
+        "azurerm_api_management_product_group",
+        "azurerm_api_management_product_policy",
+        "azurerm_api_management_product_tag",
+        "azurerm_api_management_redis_cache",
+        "azurerm_api_management_standalone_gateway",
+        "azurerm_api_management_subscription",
+        "azurerm_api_management_tag",
+        "azurerm_api_management_user",
+        "azurerm_api_management_workspace",
+        "azurerm_api_management_workspace_api_version_set",
+        "azurerm_api_management_workspace_certificate",
+        "azurerm_api_management_workspace_policy",
+        "azurerm_api_management_workspace_policy_fragment",
+        "azurerm_app_configuration",
+        "azurerm_app_configuration_feature",
+        "azurerm_app_configuration_key",
+        "azurerm_app_service",
+        "azurerm_app_service_active_slot",
+        "azurerm_app_service_certificate",
+        "azurerm_app_service_certificate_binding",
+        "azurerm_app_service_certificate_order",
+        "azurerm_app_service_connection",
+        "azurerm_app_service_custom_hostname_binding",
+        "azurerm_app_service_environment_v3",
+        "azurerm_app_service_hybrid_connection",
+        "azurerm_app_service_managed_certificate",
+        "azurerm_app_service_plan",
+        "azurerm_app_service_public_certificate",
+        "azurerm_app_service_slot",
+        "azurerm_app_service_slot_custom_hostname_binding",
+        "azurerm_app_service_slot_virtual_network_swift_connection",
+        "azurerm_app_service_source_control",
+        "azurerm_app_service_source_control_slot",
+        "azurerm_app_service_source_control_token",
+        "azurerm_app_service_virtual_network_swift_connection",
+        "azurerm_application_gateway",
+        "azurerm_application_insights",
+        "azurerm_application_insights_analytics_item",
+        "azurerm_application_insights_api_key",
+        "azurerm_application_insights_smart_detection_rule",
+        "azurerm_application_insights_workbook",
+        "azurerm_application_insights_workbook_template",
+        "azurerm_application_load_balancer",
+        "azurerm_application_load_balancer_frontend",
+        "azurerm_application_load_balancer_security_policy",
+        "azurerm_application_load_balancer_subnet_association",
+        "azurerm_application_security_group",
+        "azurerm_arc_kubernetes_cluster",
+        "azurerm_arc_kubernetes_cluster_extension",
+        "azurerm_arc_kubernetes_flux_configuration",
+        "azurerm_arc_kubernetes_provisioned_cluster",
+        "azurerm_arc_machine",
+        "azurerm_arc_machine_automanage_configuration_assignment",
+        "azurerm_arc_machine_extension",
+        "azurerm_arc_private_link_scope",
+        "azurerm_arc_resource_bridge_appliance",
+        "azurerm_attestation_provider",
+        "azurerm_automanage_configuration",
+        "azurerm_automation_account",
+        "azurerm_automation_certificate",
+        "azurerm_automation_connection",
+        "azurerm_automation_connection_certificate",
+        "azurerm_automation_connection_classic_certificate",
+        "azurerm_automation_connection_service_principal",
+        "azurerm_automation_connection_type",
+        "azurerm_automation_credential",
+        "azurerm_automation_dsc_configuration",
+        "azurerm_automation_dsc_nodeconfiguration",
+        "azurerm_automation_hybrid_runbook_worker",
+        "azurerm_automation_hybrid_runbook_worker_group",
+        "azurerm_automation_job_schedule",
+        "azurerm_automation_module",
+        "azurerm_automation_powershell72_module",
+        "azurerm_automation_python3_package",
+        "azurerm_automation_runbook",
+        "azurerm_automation_schedule",
+        "azurerm_automation_software_update_configuration",
+        "azurerm_automation_source_control",
+        "azurerm_automation_variable_bool",
+        "azurerm_automation_variable_datetime",
+        "azurerm_automation_variable_int",
+        "azurerm_automation_variable_object",
+        "azurerm_automation_variable_string",
+        "azurerm_automation_watcher",
+        "azurerm_automation_webhook",
+        "azurerm_availability_set",
+        "azurerm_backup_container_storage_account",
+        "azurerm_backup_policy_file_share",
+        "azurerm_backup_policy_vm",
+        "azurerm_backup_policy_vm_workload",
+        "azurerm_backup_protected_file_share",
+        "azurerm_backup_protected_vm",
+        "azurerm_bastion_host",
+        "azurerm_batch_account",
+        "azurerm_batch_application",
+        "azurerm_batch_certificate",
+        "azurerm_batch_job",
+        "azurerm_batch_pool",
+        "azurerm_billing_account_cost_management_export",
+        "azurerm_blueprint_assignment",
+        "azurerm_bot_channel_alexa",
+        "azurerm_bot_channel_direct_line_speech",
+        "azurerm_bot_channel_directline",
+        "azurerm_bot_channel_email",
+        "azurerm_bot_channel_facebook",
+        "azurerm_bot_channel_line",
+        "azurerm_bot_channel_ms_teams",
+        "azurerm_bot_channel_slack",
+        "azurerm_bot_channel_sms",
+        "azurerm_bot_channel_web_chat",
+        "azurerm_bot_channels_registration",
+        "azurerm_bot_connection",
+        "azurerm_bot_service_azure_bot",
+        "azurerm_bot_web_app",
+        "azurerm_capacity_reservation",
+        "azurerm_capacity_reservation_group",
+        "azurerm_cdn_endpoint",
+        "azurerm_cdn_endpoint_custom_domain",
+        "azurerm_cdn_frontdoor_custom_domain",
+        "azurerm_cdn_frontdoor_custom_domain_association",
+        "azurerm_cdn_frontdoor_endpoint",
+        "azurerm_cdn_frontdoor_firewall_policy",
+        "azurerm_cdn_frontdoor_origin",
+        "azurerm_cdn_frontdoor_origin_group",
+        "azurerm_cdn_frontdoor_profile",
+        "azurerm_cdn_frontdoor_route",
+        "azurerm_cdn_frontdoor_rule",
+        "azurerm_cdn_frontdoor_rule_set",
+        "azurerm_cdn_frontdoor_secret",
+        "azurerm_cdn_frontdoor_security_policy",
+        "azurerm_cdn_profile",
+        "azurerm_chaos_studio_capability",
+        "azurerm_chaos_studio_experiment",
+        "azurerm_chaos_studio_target",
+        "azurerm_cognitive_account",
+        "azurerm_cognitive_account_customer_managed_key",
+        "azurerm_cognitive_account_rai_blocklist",
+        "azurerm_cognitive_account_rai_policy",
+        "azurerm_cognitive_deployment",
+        "azurerm_communication_service",
+        "azurerm_communication_service_email_domain_association",
+        "azurerm_confidential_ledger",
+        "azurerm_consumption_budget_management_group",
+        "azurerm_consumption_budget_resource_group",
+        "azurerm_consumption_budget_subscription",
+        "azurerm_container_app",
+        "azurerm_container_app_custom_domain",
+        "azurerm_container_app_environment",
+        "azurerm_container_app_environment_certificate",
+        "azurerm_container_app_environment_custom_domain",
+        "azurerm_container_app_environment_dapr_component",
+        "azurerm_container_app_environment_storage",
+        "azurerm_container_app_job",
+        "azurerm_container_connected_registry",
+        "azurerm_container_group",
+        "azurerm_container_registry",
+        "azurerm_container_registry_agent_pool",
+        "azurerm_container_registry_cache_rule",
+        "azurerm_container_registry_credential_set",
+        "azurerm_container_registry_scope_map",
+        "azurerm_container_registry_task",
+        "azurerm_container_registry_task_schedule_run_now",
+        "azurerm_container_registry_token",
+        "azurerm_container_registry_token_password",
+        "azurerm_container_registry_webhook",
+        "azurerm_cosmosdb_account",
+        "azurerm_cosmosdb_cassandra_cluster",
+        "azurerm_cosmosdb_cassandra_datacenter",
+        "azurerm_cosmosdb_cassandra_keyspace",
+        "azurerm_cosmosdb_cassandra_table",
+        "azurerm_cosmosdb_gremlin_database",
+        "azurerm_cosmosdb_gremlin_graph",
+        "azurerm_cosmosdb_mongo_collection",
+        "azurerm_cosmosdb_mongo_database",
+        "azurerm_cosmosdb_mongo_role_definition",
+        "azurerm_cosmosdb_mongo_user_definition",
+        "azurerm_cosmosdb_postgresql_cluster",
+        "azurerm_cosmosdb_postgresql_coordinator_configuration",
+        "azurerm_cosmosdb_postgresql_firewall_rule",
+        "azurerm_cosmosdb_postgresql_node_configuration",
+        "azurerm_cosmosdb_postgresql_role",
+        "azurerm_cosmosdb_sql_container",
+        "azurerm_cosmosdb_sql_database",
+        "azurerm_cosmosdb_sql_dedicated_gateway",
+        "azurerm_cosmosdb_sql_function",
+        "azurerm_cosmosdb_sql_role_assignment",
+        "azurerm_cosmosdb_sql_role_definition",
+        "azurerm_cosmosdb_sql_stored_procedure",
+        "azurerm_cosmosdb_sql_trigger",
+        "azurerm_cosmosdb_table",
+        "azurerm_cost_anomaly_alert",
+        "azurerm_cost_management_scheduled_action",
+        "azurerm_custom_ip_prefix",
+        "azurerm_custom_provider",
+        "azurerm_dashboard",
+        "azurerm_dashboard_grafana",
+        "azurerm_dashboard_grafana_managed_private_endpoint",
+        "azurerm_data_factory",
+        "azurerm_data_factory_credential_service_principal",
+        "azurerm_data_factory_credential_user_managed_identity",
+        "azurerm_data_factory_custom_dataset",
+        "azurerm_data_factory_customer_managed_key",
+        "azurerm_data_factory_data_flow",
+        "azurerm_data_factory_dataset_azure_blob",
+        "azurerm_data_factory_dataset_azure_sql_table",
+        "azurerm_data_factory_dataset_binary",
+        "azurerm_data_factory_dataset_cosmosdb_sqlapi",
+        "azurerm_data_factory_dataset_delimited_text",
+        "azurerm_data_factory_dataset_http",
+        "azurerm_data_factory_dataset_json",
+        "azurerm_data_factory_dataset_mysql",
+        "azurerm_data_factory_dataset_parquet",
+        "azurerm_data_factory_dataset_postgresql",
+        "azurerm_data_factory_dataset_snowflake",
+        "azurerm_data_factory_dataset_sql_server_table",
+        "azurerm_data_factory_flowlet_data_flow",
+        "azurerm_data_factory_integration_runtime_azure",
+        "azurerm_data_factory_integration_runtime_azure_ssis",
+        "azurerm_data_factory_integration_runtime_self_hosted",
+        "azurerm_data_factory_linked_custom_service",
+        "azurerm_data_factory_linked_service_azure_blob_storage",
+        "azurerm_data_factory_linked_service_azure_databricks",
+        "azurerm_data_factory_linked_service_azure_file_storage",
+        "azurerm_data_factory_linked_service_azure_function",
+        "azurerm_data_factory_linked_service_azure_search",
+        "azurerm_data_factory_linked_service_azure_sql_database",
+        "azurerm_data_factory_linked_service_azure_table_storage",
+        "azurerm_data_factory_linked_service_cosmosdb",
+        "azurerm_data_factory_linked_service_cosmosdb_mongoapi",
+        "azurerm_data_factory_linked_service_data_lake_storage_gen2",
+        "azurerm_data_factory_linked_service_key_vault",
+        "azurerm_data_factory_linked_service_kusto",
+        "azurerm_data_factory_linked_service_mysql",
+        "azurerm_data_factory_linked_service_odata",
+        "azurerm_data_factory_linked_service_odbc",
+        "azurerm_data_factory_linked_service_postgresql",
+        "azurerm_data_factory_linked_service_sftp",
+        "azurerm_data_factory_linked_service_snowflake",
+        "azurerm_data_factory_linked_service_sql_server",
+        "azurerm_data_factory_linked_service_synapse",
+        "azurerm_data_factory_linked_service_web",
+        "azurerm_data_factory_managed_private_endpoint",
+        "azurerm_data_factory_pipeline",
+        "azurerm_data_factory_trigger_blob_event",
+        "azurerm_data_factory_trigger_custom_event",
+        "azurerm_data_factory_trigger_schedule",
+        "azurerm_data_factory_trigger_tumbling_window",
+        "azurerm_data_protection_backup_instance_blob_storage",
+        "azurerm_data_protection_backup_instance_disk",
+        "azurerm_data_protection_backup_instance_kubernetes_cluster",
+        "azurerm_data_protection_backup_instance_mysql_flexible_server",
+        "azurerm_data_protection_backup_instance_postgresql",
+        "azurerm_data_protection_backup_instance_postgresql_flexible_server",
+        "azurerm_data_protection_backup_policy_blob_storage",
+        "azurerm_data_protection_backup_policy_disk",
+        "azurerm_data_protection_backup_policy_kubernetes_cluster",
+        "azurerm_data_protection_backup_policy_mysql_flexible_server",
+        "azurerm_data_protection_backup_policy_postgresql",
+        "azurerm_data_protection_backup_policy_postgresql_flexible_server",
+        "azurerm_data_protection_backup_vault",
+        "azurerm_data_protection_backup_vault_customer_managed_key",
+        "azurerm_data_protection_resource_guard",
+        "azurerm_data_share",
+        "azurerm_data_share_account",
+        "azurerm_data_share_dataset_blob_storage",
+        "azurerm_data_share_dataset_data_lake_gen2",
+        "azurerm_data_share_dataset_kusto_cluster",
+        "azurerm_data_share_dataset_kusto_database",
+        "azurerm_database_migration_project",
+        "azurerm_database_migration_service",
+        "azurerm_databox_edge_device",
+        "azurerm_databricks_access_connector",
+        "azurerm_databricks_virtual_network_peering",
+        "azurerm_databricks_workspace",
+        "azurerm_databricks_workspace_root_dbfs_customer_managed_key",
+        "azurerm_datadog_monitor",
+        "azurerm_datadog_monitor_sso_configuration",
+        "azurerm_datadog_monitor_tag_rule",
+        "azurerm_dedicated_hardware_security_module",
+        "azurerm_dedicated_host",
+        "azurerm_dedicated_host_group",
+        "azurerm_dev_center",
+        "azurerm_dev_center_attached_network",
+        "azurerm_dev_center_catalog",
+        "azurerm_dev_center_dev_box_definition",
+        "azurerm_dev_center_environment_type",
+        "azurerm_dev_center_gallery",
+        "azurerm_dev_center_network_connection",
+        "azurerm_dev_center_project",
+        "azurerm_dev_center_project_environment_type",
+        "azurerm_dev_center_project_pool",
+        "azurerm_digital_twins_endpoint_eventgrid",
+        "azurerm_digital_twins_endpoint_eventhub",
+        "azurerm_digital_twins_endpoint_servicebus",
+        "azurerm_digital_twins_instance",
+        "azurerm_digital_twins_time_series_database_connection",
+        "azurerm_disk_access",
+        "azurerm_disk_encryption_set",
+        "azurerm_dns_a_record",
+        "azurerm_dns_aaaa_record",
+        "azurerm_dns_caa_record",
+        "azurerm_dns_cname_record",
+        "azurerm_dns_mx_record",
+        "azurerm_dns_ns_record",
+        "azurerm_dns_ptr_record",
+        "azurerm_dns_srv_record",
+        "azurerm_dns_txt_record",
+        "azurerm_dns_zone",
+        "azurerm_dynatrace_monitor",
+        "azurerm_dynatrace_tag_rules",
+        "azurerm_elastic_cloud_elasticsearch",
+        "azurerm_elastic_san",
+        "azurerm_elastic_san_volume",
+        "azurerm_elastic_san_volume_group",
+        "azurerm_email_communication_service",
+        "azurerm_email_communication_service_domain",
+        "azurerm_email_communication_service_domain_sender_username",
+        "azurerm_eventgrid_domain",
+        "azurerm_eventgrid_domain_topic",
+        "azurerm_eventgrid_event_subscription",
+        "azurerm_eventgrid_namespace",
+        "azurerm_eventgrid_partner_configuration",
+        "azurerm_eventgrid_partner_namespace",
+        "azurerm_eventgrid_partner_registration",
+        "azurerm_eventgrid_system_topic",
+        "azurerm_eventgrid_system_topic_event_subscription",
+        "azurerm_eventgrid_topic",
+        "azurerm_eventhub",
+        "azurerm_eventhub_authorization_rule",
+        "azurerm_eventhub_cluster",
+        "azurerm_eventhub_consumer_group",
+        "azurerm_eventhub_namespace",
+        "azurerm_eventhub_namespace_authorization_rule",
+        "azurerm_eventhub_namespace_customer_managed_key",
+        "azurerm_eventhub_namespace_disaster_recovery_config",
+        "azurerm_eventhub_namespace_schema_group",
+        "azurerm_express_route_circuit",
+        "azurerm_express_route_circuit_authorization",
+        "azurerm_express_route_circuit_connection",
+        "azurerm_express_route_circuit_peering",
+        "azurerm_express_route_connection",
+        "azurerm_express_route_gateway",
+        "azurerm_express_route_port",
+        "azurerm_express_route_port_authorization",
+        "azurerm_extended_location_custom_location",
+        "azurerm_fabric_capacity",
+        "azurerm_federated_identity_credential",
+        "azurerm_firewall",
+        "azurerm_firewall_application_rule_collection",
+        "azurerm_firewall_nat_rule_collection",
+        "azurerm_firewall_network_rule_collection",
+        "azurerm_firewall_policy",
+        "azurerm_firewall_policy_rule_collection_group",
+        "azurerm_fluid_relay_server",
+        "azurerm_frontdoor",
+        "azurerm_frontdoor_custom_https_configuration",
+        "azurerm_frontdoor_firewall_policy",
+        "azurerm_frontdoor_rules_engine",
+        "azurerm_function_app",
+        "azurerm_function_app_active_slot",
+        "azurerm_function_app_connection",
+        "azurerm_function_app_flex_consumption",
+        "azurerm_function_app_function",
+        "azurerm_function_app_hybrid_connection",
+        "azurerm_function_app_slot",
+        "azurerm_gallery_application",
+        "azurerm_gallery_application_version",
+        "azurerm_graph_services_account",
+        "azurerm_hdinsight_hadoop_cluster",
+        "azurerm_hdinsight_hbase_cluster",
+        "azurerm_hdinsight_interactive_query_cluster",
+        "azurerm_hdinsight_kafka_cluster",
+        "azurerm_hdinsight_spark_cluster",
+        "azurerm_healthbot",
+        "azurerm_healthcare_dicom_service",
+        "azurerm_healthcare_fhir_service",
+        "azurerm_healthcare_medtech_service",
+        "azurerm_healthcare_medtech_service_fhir_destination",
+        "azurerm_healthcare_service",
+        "azurerm_healthcare_workspace",
+        "azurerm_hpc_cache",
+        "azurerm_hpc_cache_access_policy",
+        "azurerm_hpc_cache_blob_nfs_target",
+        "azurerm_hpc_cache_blob_target",
+        "azurerm_hpc_cache_nfs_target",
+        "azurerm_image",
+        "azurerm_iot_security_device_group",
+        "azurerm_iot_security_solution",
+        "azurerm_iotcentral_application",
+        "azurerm_iotcentral_application_network_rule_set",
+        "azurerm_iotcentral_organization",
+        "azurerm_iothub",
+        "azurerm_iothub_certificate",
+        "azurerm_iothub_consumer_group",
+        "azurerm_iothub_device_update_account",
+        "azurerm_iothub_device_update_instance",
+        "azurerm_iothub_dps",
+        "azurerm_iothub_dps_certificate",
+        "azurerm_iothub_dps_shared_access_policy",
+        "azurerm_iothub_endpoint_cosmosdb_account",
+        "azurerm_iothub_endpoint_eventhub",
+        "azurerm_iothub_endpoint_servicebus_queue",
+        "azurerm_iothub_endpoint_servicebus_topic",
+        "azurerm_iothub_endpoint_storage_container",
+        "azurerm_iothub_enrichment",
+        "azurerm_iothub_fallback_route",
+        "azurerm_iothub_file_upload",
+        "azurerm_iothub_route",
+        "azurerm_iothub_shared_access_policy",
+        "azurerm_ip_group",
+        "azurerm_ip_group_cidr",
+        "azurerm_key_vault",
+        "azurerm_key_vault_access_policy",
+        "azurerm_key_vault_certificate",
+        "azurerm_key_vault_certificate_contacts",
+        "azurerm_key_vault_certificate_issuer",
+        "azurerm_key_vault_key",
+        "azurerm_key_vault_managed_hardware_security_module",
+        "azurerm_key_vault_managed_hardware_security_module_key",
+        "azurerm_key_vault_managed_hardware_security_module_key_rotation_policy",
+        "azurerm_key_vault_managed_hardware_security_module_role_assignment",
+        "azurerm_key_vault_managed_hardware_security_module_role_definition",
+        "azurerm_key_vault_managed_storage_account",
+        "azurerm_key_vault_managed_storage_account_sas_token_definition",
+        "azurerm_key_vault_secret",
+        "azurerm_kubernetes_cluster",
+        "azurerm_kubernetes_cluster_extension",
+        "azurerm_kubernetes_cluster_node_pool",
+        "azurerm_kubernetes_cluster_trusted_access_role_binding",
+        "azurerm_kubernetes_fleet_manager",
+        "azurerm_kubernetes_fleet_member",
+        "azurerm_kubernetes_fleet_update_run",
+        "azurerm_kubernetes_fleet_update_strategy",
+        "azurerm_kubernetes_flux_configuration",
+        "azurerm_kusto_attached_database_configuration",
+        "azurerm_kusto_cluster",
+        "azurerm_kusto_cluster_customer_managed_key",
+        "azurerm_kusto_cluster_managed_private_endpoint",
+        "azurerm_kusto_cluster_principal_assignment",
+        "azurerm_kusto_cosmosdb_data_connection",
+        "azurerm_kusto_database",
+        "azurerm_kusto_database_principal_assignment",
+        "azurerm_kusto_eventgrid_data_connection",
+        "azurerm_kusto_eventhub_data_connection",
+        "azurerm_kusto_iothub_data_connection",
+        "azurerm_kusto_script",
+        "azurerm_lb",
+        "azurerm_lb_backend_address_pool",
+        "azurerm_lb_backend_address_pool_address",
+        "azurerm_lb_nat_pool",
+        "azurerm_lb_nat_rule",
+        "azurerm_lb_outbound_rule",
+        "azurerm_lb_probe",
+        "azurerm_lb_rule",
+        "azurerm_lighthouse_assignment",
+        "azurerm_lighthouse_definition",
+        "azurerm_linux_function_app",
+        "azurerm_linux_function_app_slot",
+        "azurerm_linux_virtual_machine",
+        "azurerm_linux_virtual_machine_scale_set",
+        "azurerm_linux_web_app",
+        "azurerm_linux_web_app_slot",
+        "azurerm_local_network_gateway",
+        "azurerm_log_analytics_cluster",
+        "azurerm_log_analytics_cluster_customer_managed_key",
+        "azurerm_log_analytics_data_export_rule",
+        "azurerm_log_analytics_datasource_windows_event",
+        "azurerm_log_analytics_datasource_windows_performance_counter",
+        "azurerm_log_analytics_linked_service",
+        "azurerm_log_analytics_linked_storage_account",
+        "azurerm_log_analytics_query_pack",
+        "azurerm_log_analytics_query_pack_query",
+        "azurerm_log_analytics_saved_search",
+        "azurerm_log_analytics_solution",
+        "azurerm_log_analytics_storage_insights",
+        "azurerm_log_analytics_workspace",
+        "azurerm_log_analytics_workspace_table",
+        "azurerm_logic_app_action_custom",
+        "azurerm_logic_app_action_http",
+        "azurerm_logic_app_integration_account",
+        "azurerm_logic_app_integration_account_agreement",
+        "azurerm_logic_app_integration_account_assembly",
+        "azurerm_logic_app_integration_account_batch_configuration",
+        "azurerm_logic_app_integration_account_certificate",
+        "azurerm_logic_app_integration_account_map",
+        "azurerm_logic_app_integration_account_partner",
+        "azurerm_logic_app_integration_account_schema",
+        "azurerm_logic_app_integration_account_session",
+        "azurerm_logic_app_standard",
+        "azurerm_logic_app_trigger_custom",
+        "azurerm_logic_app_trigger_http_request",
+        "azurerm_logic_app_trigger_recurrence",
+        "azurerm_logic_app_workflow",
+        "azurerm_machine_learning_compute_cluster",
+        "azurerm_machine_learning_compute_instance",
+        "azurerm_machine_learning_datastore_blobstorage",
+        "azurerm_machine_learning_datastore_datalake_gen2",
+        "azurerm_machine_learning_datastore_fileshare",
+        "azurerm_machine_learning_inference_cluster",
+        "azurerm_machine_learning_synapse_spark",
+        "azurerm_machine_learning_workspace",
+        "azurerm_machine_learning_workspace_network_outbound_rule_fqdn",
+        "azurerm_machine_learning_workspace_network_outbound_rule_private_endpoint",
+        "azurerm_machine_learning_workspace_network_outbound_rule_service_tag",
+        "azurerm_maintenance_assignment_dedicated_host",
+        "azurerm_maintenance_assignment_dynamic_scope",
+        "azurerm_maintenance_assignment_virtual_machine",
+        "azurerm_maintenance_assignment_virtual_machine_scale_set",
+        "azurerm_maintenance_configuration",
+        "azurerm_managed_application",
+        "azurerm_managed_application_definition",
+        "azurerm_managed_disk",
+        "azurerm_managed_disk_sas_token",
+        "azurerm_managed_lustre_file_system",
+        "azurerm_managed_redis",
+        "azurerm_managed_redis_geo_replication",
+        "azurerm_management_group",
+        "azurerm_management_group_policy_assignment",
+        "azurerm_management_group_policy_exemption",
+        "azurerm_management_group_policy_remediation",
+        "azurerm_management_group_policy_set_definition",
+        "azurerm_management_group_subscription_association",
+        "azurerm_management_group_template_deployment",
+        "azurerm_management_lock",
+        "azurerm_maps_account",
+        "azurerm_maps_creator",
+        "azurerm_marketplace_agreement",
+        "azurerm_marketplace_role_assignment",
+        "azurerm_media_services_account",
+        "azurerm_media_transform",
+        "azurerm_mobile_network",
+        "azurerm_mobile_network_attached_data_network",
+        "azurerm_mobile_network_data_network",
+        "azurerm_mobile_network_packet_core_control_plane",
+        "azurerm_mobile_network_packet_core_data_plane",
+        "azurerm_mobile_network_service",
+        "azurerm_mobile_network_sim",
+        "azurerm_mobile_network_sim_group",
+        "azurerm_mobile_network_sim_policy",
+        "azurerm_mobile_network_site",
+        "azurerm_mobile_network_slice",
+        "azurerm_mongo_cluster",
+        "azurerm_mongo_cluster_firewall_rule",
+        "azurerm_monitor_aad_diagnostic_setting",
+        "azurerm_monitor_action_group",
+        "azurerm_monitor_activity_log_alert",
+        "azurerm_monitor_alert_processing_rule_action_group",
+        "azurerm_monitor_alert_processing_rule_suppression",
+        "azurerm_monitor_alert_prometheus_rule_group",
+        "azurerm_monitor_autoscale_setting",
+        "azurerm_monitor_data_collection_endpoint",
+        "azurerm_monitor_data_collection_rule",
+        "azurerm_monitor_data_collection_rule_association",
+        "azurerm_monitor_diagnostic_setting",
+        "azurerm_monitor_metric_alert",
+        "azurerm_monitor_private_link_scope",
+        "azurerm_monitor_private_link_scoped_service",
+        "azurerm_monitor_scheduled_query_rules_alert",
+        "azurerm_monitor_scheduled_query_rules_alert_v2",
+        "azurerm_monitor_scheduled_query_rules_log",
+        "azurerm_monitor_smart_detector_alert_rule",
+        "azurerm_monitor_workspace",
+        "azurerm_mssql_database",
+        "azurerm_mssql_database_extended_auditing_policy",
+        "azurerm_mssql_database_vulnerability_assessment_rule_baseline",
+        "azurerm_mssql_elasticpool",
+        "azurerm_mssql_failover_group",
+        "azurerm_mssql_firewall_rule",
+        "azurerm_mssql_job",
+        "azurerm_mssql_job_agent",
+        "azurerm_mssql_job_credential",
+        "azurerm_mssql_job_schedule",
+        "azurerm_mssql_job_step",
+        "azurerm_mssql_job_target_group",
+        "azurerm_mssql_managed_database",
+        "azurerm_mssql_managed_instance",
+        "azurerm_mssql_managed_instance_active_directory_administrator",
+        "azurerm_mssql_managed_instance_failover_group",
+        "azurerm_mssql_managed_instance_security_alert_policy",
+        "azurerm_mssql_managed_instance_start_stop_schedule",
+        "azurerm_mssql_managed_instance_transparent_data_encryption",
+        "azurerm_mssql_managed_instance_vulnerability_assessment",
+        "azurerm_mssql_outbound_firewall_rule",
+        "azurerm_mssql_server",
+        "azurerm_mssql_server_dns_alias",
+        "azurerm_mssql_server_extended_auditing_policy",
+        "azurerm_mssql_server_microsoft_support_auditing_policy",
+        "azurerm_mssql_server_security_alert_policy",
+        "azurerm_mssql_server_transparent_data_encryption",
+        "azurerm_mssql_server_vulnerability_assessment",
+        "azurerm_mssql_virtual_machine",
+        "azurerm_mssql_virtual_machine_availability_group_listener",
+        "azurerm_mssql_virtual_machine_group",
+        "azurerm_mssql_virtual_network_rule",
+        "azurerm_mysql_flexible_database",
+        "azurerm_mysql_flexible_server",
+        "azurerm_mysql_flexible_server_active_directory_administrator",
+        "azurerm_mysql_flexible_server_configuration",
+        "azurerm_mysql_flexible_server_firewall_rule",
+        "azurerm_nat_gateway",
+        "azurerm_nat_gateway_public_ip_association",
+        "azurerm_nat_gateway_public_ip_prefix_association",
+        "azurerm_netapp_account",
+        "azurerm_netapp_account_encryption",
+        "azurerm_netapp_backup_policy",
+        "azurerm_netapp_backup_vault",
+        "azurerm_netapp_pool",
+        "azurerm_netapp_snapshot",
+        "azurerm_netapp_snapshot_policy",
+        "azurerm_netapp_volume",
+        "azurerm_netapp_volume_group_oracle",
+        "azurerm_netapp_volume_group_sap_hana",
+        "azurerm_netapp_volume_quota_rule",
+        "azurerm_network_connection_monitor",
+        "azurerm_network_ddos_protection_plan",
+        "azurerm_network_function_azure_traffic_collector",
+        "azurerm_network_function_collector_policy",
+        "azurerm_network_interface",
+        "azurerm_network_interface_application_gateway_backend_address_pool_association",
+        "azurerm_network_interface_application_security_group_association",
+        "azurerm_network_interface_backend_address_pool_association",
+        "azurerm_network_interface_nat_rule_association",
+        "azurerm_network_interface_security_group_association",
+        "azurerm_network_manager",
+        "azurerm_network_manager_admin_rule",
+        "azurerm_network_manager_admin_rule_collection",
+        "azurerm_network_manager_connectivity_configuration",
+        "azurerm_network_manager_deployment",
+        "azurerm_network_manager_ipam_pool",
+        "azurerm_network_manager_ipam_pool_static_cidr",
+        "azurerm_network_manager_management_group_connection",
+        "azurerm_network_manager_network_group",
+        "azurerm_network_manager_routing_configuration",
+        "azurerm_network_manager_routing_rule",
+        "azurerm_network_manager_routing_rule_collection",
+        "azurerm_network_manager_scope_connection",
+        "azurerm_network_manager_security_admin_configuration",
+        "azurerm_network_manager_static_member",
+        "azurerm_network_manager_subscription_connection",
+        "azurerm_network_manager_verifier_workspace",
+        "azurerm_network_manager_verifier_workspace_reachability_analysis_intent",
+        "azurerm_network_profile",
+        "azurerm_network_security_group",
+        "azurerm_network_security_rule",
+        "azurerm_network_watcher",
+        "azurerm_network_watcher_flow_log",
+        "azurerm_new_relic_monitor",
+        "azurerm_new_relic_tag_rule",
+        "azurerm_nginx_api_key",
+        "azurerm_nginx_certificate",
+        "azurerm_nginx_configuration",
+        "azurerm_nginx_deployment",
+        "azurerm_notification_hub",
+        "azurerm_notification_hub_authorization_rule",
+        "azurerm_notification_hub_namespace",
+        "azurerm_oracle_autonomous_database",
+        "azurerm_oracle_autonomous_database_backup",
+        "azurerm_oracle_autonomous_database_clone_from_backup",
+        "azurerm_oracle_autonomous_database_clone_from_database",
+        "azurerm_oracle_cloud_vm_cluster",
+        "azurerm_oracle_exadata_infrastructure",
+        "azurerm_oracle_exascale_database_storage_vault",
+        "azurerm_oracle_resource_anchor",
+        "azurerm_orbital_contact",
+        "azurerm_orbital_contact_profile",
+        "azurerm_orbital_spacecraft",
+        "azurerm_orchestrated_virtual_machine_scale_set",
+        "azurerm_palo_alto_local_rulestack",
+        "azurerm_palo_alto_local_rulestack_certificate",
+        "azurerm_palo_alto_local_rulestack_fqdn_list",
+        "azurerm_palo_alto_local_rulestack_outbound_trust_certificate_association",
+        "azurerm_palo_alto_local_rulestack_outbound_untrust_certificate_association",
+        "azurerm_palo_alto_local_rulestack_prefix_list",
+        "azurerm_palo_alto_local_rulestack_rule",
+        "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack",
+        "azurerm_palo_alto_next_generation_firewall_virtual_hub_panorama",
+        "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack",
+        "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama",
+        "azurerm_palo_alto_virtual_network_appliance",
+        "azurerm_pim_active_role_assignment",
+        "azurerm_pim_eligible_role_assignment",
+        "azurerm_point_to_site_vpn_gateway",
+        "azurerm_policy_definition",
+        "azurerm_policy_set_definition",
+        "azurerm_policy_virtual_machine_configuration_assignment",
+        "azurerm_portal_dashboard",
+        "azurerm_portal_tenant_configuration",
+        "azurerm_postgresql_active_directory_administrator",
+        "azurerm_postgresql_configuration",
+        "azurerm_postgresql_database",
+        "azurerm_postgresql_firewall_rule",
+        "azurerm_postgresql_flexible_server",
+        "azurerm_postgresql_flexible_server_active_directory_administrator",
+        "azurerm_postgresql_flexible_server_backup",
+        "azurerm_postgresql_flexible_server_configuration",
+        "azurerm_postgresql_flexible_server_database",
+        "azurerm_postgresql_flexible_server_firewall_rule",
+        "azurerm_postgresql_flexible_server_virtual_endpoint",
+        "azurerm_postgresql_server",
+        "azurerm_postgresql_server_key",
+        "azurerm_postgresql_virtual_network_rule",
+        "azurerm_powerbi_embedded",
+        "azurerm_private_dns_a_record",
+        "azurerm_private_dns_aaaa_record",
+        "azurerm_private_dns_cname_record",
+        "azurerm_private_dns_mx_record",
+        "azurerm_private_dns_ptr_record",
+        "azurerm_private_dns_resolver",
+        "azurerm_private_dns_resolver_dns_forwarding_ruleset",
+        "azurerm_private_dns_resolver_forwarding_rule",
+        "azurerm_private_dns_resolver_inbound_endpoint",
+        "azurerm_private_dns_resolver_outbound_endpoint",
+        "azurerm_private_dns_resolver_virtual_network_link",
+        "azurerm_private_dns_soa_record",
+        "azurerm_private_dns_srv_record",
+        "azurerm_private_dns_txt_record",
+        "azurerm_private_dns_zone",
+        "azurerm_private_dns_zone_virtual_network_link",
+        "azurerm_private_endpoint",
+        "azurerm_private_endpoint_application_security_group_association",
+        "azurerm_private_link_service",
+        "azurerm_proximity_placement_group",
+        "azurerm_public_ip",
+        "azurerm_public_ip_prefix",
+        "azurerm_purview_account",
+        "azurerm_qumulo_file_system",
+        "azurerm_recovery_services_vault",
+        "azurerm_recovery_services_vault_resource_guard_association",
+        "azurerm_redhat_openshift_cluster",
+        "azurerm_redis_cache",
+        "azurerm_redis_cache_access_policy",
+        "azurerm_redis_cache_access_policy_assignment",
+        "azurerm_redis_enterprise_cluster",
+        "azurerm_redis_enterprise_database",
+        "azurerm_redis_firewall_rule",
+        "azurerm_redis_linked_server",
+        "azurerm_relay_hybrid_connection",
+        "azurerm_relay_hybrid_connection_authorization_rule",
+        "azurerm_relay_namespace",
+        "azurerm_relay_namespace_authorization_rule",
+        "azurerm_resource_deployment_script_azure_cli",
+        "azurerm_resource_deployment_script_azure_power_shell",
+        "azurerm_resource_group",
+        "azurerm_resource_group_cost_management_export",
+        "azurerm_resource_group_cost_management_view",
+        "azurerm_resource_group_policy_assignment",
+        "azurerm_resource_group_policy_exemption",
+        "azurerm_resource_group_policy_remediation",
+        "azurerm_resource_group_template_deployment",
+        "azurerm_resource_management_private_link",
+        "azurerm_resource_management_private_link_association",
+        "azurerm_resource_policy_assignment",
+        "azurerm_resource_policy_exemption",
+        "azurerm_resource_policy_remediation",
+        "azurerm_resource_provider_registration",
+        "azurerm_role_assignment",
+        "azurerm_role_definition",
+        "azurerm_role_management_policy",
+        "azurerm_route",
+        "azurerm_route_filter",
+        "azurerm_route_map",
+        "azurerm_route_server",
+        "azurerm_route_server_bgp_connection",
+        "azurerm_route_table",
+        "azurerm_search_service",
+        "azurerm_search_shared_private_link_service",
+        "azurerm_security_center_assessment",
+        "azurerm_security_center_assessment_policy",
+        "azurerm_security_center_auto_provisioning",
+        "azurerm_security_center_automation",
+        "azurerm_security_center_contact",
+        "azurerm_security_center_server_vulnerability_assessment_virtual_machine",
+        "azurerm_security_center_server_vulnerability_assessments_setting",
+        "azurerm_security_center_setting",
+        "azurerm_security_center_storage_defender",
+        "azurerm_security_center_subscription_pricing",
+        "azurerm_security_center_workspace",
+        "azurerm_sentinel_alert_rule_anomaly_built_in",
+        "azurerm_sentinel_alert_rule_anomaly_duplicate",
+        "azurerm_sentinel_alert_rule_fusion",
+        "azurerm_sentinel_alert_rule_machine_learning_behavior_analytics",
+        "azurerm_sentinel_alert_rule_ms_security_incident",
+        "azurerm_sentinel_alert_rule_nrt",
+        "azurerm_sentinel_alert_rule_scheduled",
+        "azurerm_sentinel_alert_rule_threat_intelligence",
+        "azurerm_sentinel_automation_rule",
+        "azurerm_sentinel_data_connector_aws_cloud_trail",
+        "azurerm_sentinel_data_connector_aws_s3",
+        "azurerm_sentinel_data_connector_azure_active_directory",
+        "azurerm_sentinel_data_connector_azure_advanced_threat_protection",
+        "azurerm_sentinel_data_connector_azure_security_center",
+        "azurerm_sentinel_data_connector_dynamics_365",
+        "azurerm_sentinel_data_connector_iot",
+        "azurerm_sentinel_data_connector_microsoft_cloud_app_security",
+        "azurerm_sentinel_data_connector_microsoft_defender_advanced_threat_protection",
+        "azurerm_sentinel_data_connector_microsoft_threat_intelligence",
+        "azurerm_sentinel_data_connector_microsoft_threat_protection",
+        "azurerm_sentinel_data_connector_office_365",
+        "azurerm_sentinel_data_connector_office_365_project",
+        "azurerm_sentinel_data_connector_office_atp",
+        "azurerm_sentinel_data_connector_office_irm",
+        "azurerm_sentinel_data_connector_office_power_bi",
+        "azurerm_sentinel_data_connector_threat_intelligence",
+        "azurerm_sentinel_data_connector_threat_intelligence_taxii",
+        "azurerm_sentinel_log_analytics_workspace_onboarding",
+        "azurerm_sentinel_metadata",
+        "azurerm_sentinel_threat_intelligence_indicator",
+        "azurerm_sentinel_watchlist",
+        "azurerm_sentinel_watchlist_item",
+        "azurerm_service_fabric_cluster",
+        "azurerm_service_fabric_managed_cluster",
+        "azurerm_service_plan",
+        "azurerm_servicebus_namespace",
+        "azurerm_servicebus_namespace_authorization_rule",
+        "azurerm_servicebus_namespace_customer_managed_key",
+        "azurerm_servicebus_namespace_disaster_recovery_config",
+        "azurerm_servicebus_queue",
+        "azurerm_servicebus_queue_authorization_rule",
+        "azurerm_servicebus_subscription",
+        "azurerm_servicebus_subscription_rule",
+        "azurerm_servicebus_topic",
+        "azurerm_servicebus_topic_authorization_rule",
+        "azurerm_shared_image",
+        "azurerm_shared_image_gallery",
+        "azurerm_shared_image_version",
+        "azurerm_signalr_service",
+        "azurerm_signalr_service_custom_certificate",
+        "azurerm_signalr_service_custom_domain",
+        "azurerm_signalr_service_network_acl",
+        "azurerm_signalr_shared_private_link_resource",
+        "azurerm_site_recovery_fabric",
+        "azurerm_site_recovery_hyperv_network_mapping",
+        "azurerm_site_recovery_hyperv_replication_policy",
+        "azurerm_site_recovery_hyperv_replication_policy_association",
+        "azurerm_site_recovery_network_mapping",
+        "azurerm_site_recovery_protection_container",
+        "azurerm_site_recovery_protection_container_mapping",
+        "azurerm_site_recovery_replicated_vm",
+        "azurerm_site_recovery_replication_policy",
+        "azurerm_site_recovery_replication_recovery_plan",
+        "azurerm_site_recovery_services_vault_hyperv_site",
+        "azurerm_site_recovery_vmware_replicated_vm",
+        "azurerm_site_recovery_vmware_replication_policy",
+        "azurerm_site_recovery_vmware_replication_policy_association",
+        "azurerm_snapshot",
+        "azurerm_source_control_token",
+        "azurerm_spring_cloud_accelerator",
+        "azurerm_spring_cloud_active_deployment",
+        "azurerm_spring_cloud_api_portal",
+        "azurerm_spring_cloud_api_portal_custom_domain",
+        "azurerm_spring_cloud_app",
+        "azurerm_spring_cloud_app_cosmosdb_association",
+        "azurerm_spring_cloud_app_dynamics_application_performance_monitoring",
+        "azurerm_spring_cloud_app_mysql_association",
+        "azurerm_spring_cloud_app_redis_association",
+        "azurerm_spring_cloud_application_insights_application_performance_monitoring",
+        "azurerm_spring_cloud_application_live_view",
+        "azurerm_spring_cloud_build_deployment",
+        "azurerm_spring_cloud_build_pack_binding",
+        "azurerm_spring_cloud_builder",
+        "azurerm_spring_cloud_certificate",
+        "azurerm_spring_cloud_configuration_service",
+        "azurerm_spring_cloud_connection",
+        "azurerm_spring_cloud_container_deployment",
+        "azurerm_spring_cloud_custom_domain",
+        "azurerm_spring_cloud_customized_accelerator",
+        "azurerm_spring_cloud_dev_tool_portal",
+        "azurerm_spring_cloud_dynatrace_application_performance_monitoring",
+        "azurerm_spring_cloud_elastic_application_performance_monitoring",
+        "azurerm_spring_cloud_gateway",
+        "azurerm_spring_cloud_gateway_custom_domain",
+        "azurerm_spring_cloud_gateway_route_config",
+        "azurerm_spring_cloud_java_deployment",
+        "azurerm_spring_cloud_new_relic_application_performance_monitoring",
+        "azurerm_spring_cloud_service",
+        "azurerm_spring_cloud_storage",
+        "azurerm_sql_firewall_rule",
+        "azurerm_sql_server",
+        "azurerm_sql_virtual_network_rule",
+        "azurerm_ssh_public_key",
+        "azurerm_stack_hci_cluster",
+        "azurerm_stack_hci_deployment_setting",
+        "azurerm_stack_hci_extension",
+        "azurerm_stack_hci_logical_network",
+        "azurerm_stack_hci_marketplace_gallery_image",
+        "azurerm_stack_hci_network_interface",
+        "azurerm_stack_hci_storage_path",
+        "azurerm_stack_hci_virtual_hard_disk",
+        "azurerm_static_site",
+        "azurerm_static_site_custom_domain",
+        "azurerm_static_web_app",
+        "azurerm_static_web_app_custom_domain",
+        "azurerm_static_web_app_function_app_registration",
+        "azurerm_storage_account",
+        "azurerm_storage_account_customer_managed_key",
+        "azurerm_storage_account_local_user",
+        "azurerm_storage_account_network_rules",
+        "azurerm_storage_account_queue_properties",
+        "azurerm_storage_account_static_website",
+        "azurerm_storage_blob",
+        "azurerm_storage_blob_inventory_policy",
+        "azurerm_storage_container",
+        "azurerm_storage_container_immutability_policy",
+        "azurerm_storage_data_lake_gen2_filesystem",
+        "azurerm_storage_data_lake_gen2_path",
+        "azurerm_storage_encryption_scope",
+        "azurerm_storage_management_policy",
+        "azurerm_storage_mover",
+        "azurerm_storage_mover_agent",
+        "azurerm_storage_mover_job_definition",
+        "azurerm_storage_mover_project",
+        "azurerm_storage_mover_source_endpoint",
+        "azurerm_storage_mover_target_endpoint",
+        "azurerm_storage_object_replication",
+        "azurerm_storage_queue",
+        "azurerm_storage_share",
+        "azurerm_storage_share_directory",
+        "azurerm_storage_share_file",
+        "azurerm_storage_sync",
+        "azurerm_storage_sync_cloud_endpoint",
+        "azurerm_storage_sync_group",
+        "azurerm_storage_sync_server_endpoint",
+        "azurerm_storage_table",
+        "azurerm_storage_table_entity",
+        "azurerm_stream_analytics_cluster",
+        "azurerm_stream_analytics_function_javascript_uda",
+        "azurerm_stream_analytics_function_javascript_udf",
+        "azurerm_stream_analytics_job",
+        "azurerm_stream_analytics_job_schedule",
+        "azurerm_stream_analytics_job_storage_account",
+        "azurerm_stream_analytics_managed_private_endpoint",
+        "azurerm_stream_analytics_output_blob",
+        "azurerm_stream_analytics_output_cosmosdb",
+        "azurerm_stream_analytics_output_eventhub",
+        "azurerm_stream_analytics_output_function",
+        "azurerm_stream_analytics_output_mssql",
+        "azurerm_stream_analytics_output_powerbi",
+        "azurerm_stream_analytics_output_servicebus_queue",
+        "azurerm_stream_analytics_output_servicebus_topic",
+        "azurerm_stream_analytics_output_synapse",
+        "azurerm_stream_analytics_output_table",
+        "azurerm_stream_analytics_reference_input_blob",
+        "azurerm_stream_analytics_reference_input_mssql",
+        "azurerm_stream_analytics_stream_input_blob",
+        "azurerm_stream_analytics_stream_input_eventhub",
+        "azurerm_stream_analytics_stream_input_eventhub_v2",
+        "azurerm_stream_analytics_stream_input_iothub",
+        "azurerm_subnet",
+        "azurerm_subnet_nat_gateway_association",
+        "azurerm_subnet_network_security_group_association",
+        "azurerm_subnet_route_table_association",
+        "azurerm_subnet_service_endpoint_storage_policy",
+        "azurerm_subscription",
+        "azurerm_subscription_cost_management_export",
+        "azurerm_subscription_cost_management_view",
+        "azurerm_subscription_policy_assignment",
+        "azurerm_subscription_policy_exemption",
+        "azurerm_subscription_policy_remediation",
+        "azurerm_subscription_template_deployment",
+        "azurerm_synapse_firewall_rule",
+        "azurerm_synapse_integration_runtime_azure",
+        "azurerm_synapse_integration_runtime_self_hosted",
+        "azurerm_synapse_linked_service",
+        "azurerm_synapse_managed_private_endpoint",
+        "azurerm_synapse_private_link_hub",
+        "azurerm_synapse_role_assignment",
+        "azurerm_synapse_spark_pool",
+        "azurerm_synapse_sql_pool",
+        "azurerm_synapse_sql_pool_extended_auditing_policy",
+        "azurerm_synapse_sql_pool_security_alert_policy",
+        "azurerm_synapse_sql_pool_vulnerability_assessment",
+        "azurerm_synapse_sql_pool_vulnerability_assessment_baseline",
+        "azurerm_synapse_sql_pool_workload_classifier",
+        "azurerm_synapse_sql_pool_workload_group",
+        "azurerm_synapse_workspace",
+        "azurerm_synapse_workspace_aad_admin",
+        "azurerm_synapse_workspace_extended_auditing_policy",
+        "azurerm_synapse_workspace_key",
+        "azurerm_synapse_workspace_security_alert_policy",
+        "azurerm_synapse_workspace_sql_aad_admin",
+        "azurerm_synapse_workspace_vulnerability_assessment",
+        "azurerm_system_center_virtual_machine_manager_availability_set",
+        "azurerm_system_center_virtual_machine_manager_cloud",
+        "azurerm_system_center_virtual_machine_manager_server",
+        "azurerm_system_center_virtual_machine_manager_virtual_machine_instance",
+        "azurerm_system_center_virtual_machine_manager_virtual_machine_instance_guest_agent",
+        "azurerm_system_center_virtual_machine_manager_virtual_machine_template",
+        "azurerm_system_center_virtual_machine_manager_virtual_network",
+        "azurerm_tenant_template_deployment",
+        "azurerm_traffic_manager_azure_endpoint",
+        "azurerm_traffic_manager_external_endpoint",
+        "azurerm_traffic_manager_nested_endpoint",
+        "azurerm_traffic_manager_profile",
+        "azurerm_trusted_signing_account",
+        "azurerm_user_assigned_identity",
+        "azurerm_video_indexer_account",
+        "azurerm_virtual_desktop_application",
+        "azurerm_virtual_desktop_application_group",
+        "azurerm_virtual_desktop_host_pool",
+        "azurerm_virtual_desktop_host_pool_registration_info",
+        "azurerm_virtual_desktop_scaling_plan",
+        "azurerm_virtual_desktop_scaling_plan_host_pool_association",
+        "azurerm_virtual_desktop_workspace",
+        "azurerm_virtual_desktop_workspace_application_group_association",
+        "azurerm_virtual_hub",
+        "azurerm_virtual_hub_bgp_connection",
+        "azurerm_virtual_hub_connection",
+        "azurerm_virtual_hub_ip",
+        "azurerm_virtual_hub_route_table",
+        "azurerm_virtual_hub_route_table_route",
+        "azurerm_virtual_hub_routing_intent",
+        "azurerm_virtual_hub_security_partner_provider",
+        "azurerm_virtual_machine",
+        "azurerm_virtual_machine_automanage_configuration_assignment",
+        "azurerm_virtual_machine_data_disk_attachment",
+        "azurerm_virtual_machine_extension",
+        "azurerm_virtual_machine_gallery_application_assignment",
+        "azurerm_virtual_machine_implicit_data_disk_from_source",
+        "azurerm_virtual_machine_packet_capture",
+        "azurerm_virtual_machine_restore_point",
+        "azurerm_virtual_machine_restore_point_collection",
+        "azurerm_virtual_machine_run_command",
+        "azurerm_virtual_machine_scale_set",
+        "azurerm_virtual_machine_scale_set_extension",
+        "azurerm_virtual_machine_scale_set_packet_capture",
+        "azurerm_virtual_machine_scale_set_standby_pool",
+        "azurerm_virtual_network",
+        "azurerm_virtual_network_dns_servers",
+        "azurerm_virtual_network_gateway",
+        "azurerm_virtual_network_gateway_connection",
+        "azurerm_virtual_network_gateway_nat_rule",
+        "azurerm_virtual_network_peering",
+        "azurerm_virtual_wan",
+        "azurerm_vmware_cluster",
+        "azurerm_vmware_express_route_authorization",
+        "azurerm_vmware_netapp_volume_attachment",
+        "azurerm_vmware_private_cloud",
+        "azurerm_voice_services_communications_gateway",
+        "azurerm_vpn_gateway",
+        "azurerm_vpn_gateway_connection",
+        "azurerm_vpn_gateway_nat_rule",
+        "azurerm_vpn_server_configuration",
+        "azurerm_vpn_server_configuration_policy_group",
+        "azurerm_vpn_site",
+        "azurerm_web_app_active_slot",
+        "azurerm_web_app_hybrid_connection",
+        "azurerm_web_application_firewall_policy",
+        "azurerm_web_pubsub",
+        "azurerm_web_pubsub_custom_certificate",
+        "azurerm_web_pubsub_custom_domain",
+        "azurerm_web_pubsub_hub",
+        "azurerm_web_pubsub_network_acl",
+        "azurerm_web_pubsub_service",
+        "azurerm_web_pubsub_shared_private_link_resource",
+        "azurerm_web_pubsub_socketio",
+        "azurerm_windows_function_app",
+        "azurerm_windows_function_app_slot",
+        "azurerm_windows_virtual_machine",
+        "azurerm_windows_virtual_machine_scale_set",
+        "azurerm_windows_web_app",
+        "azurerm_windows_web_app_slot",
+        "azurerm_workloads_sap_discovery_virtual_instance",
+        "azurerm_workloads_sap_single_node_virtual_instance",
+        "azurerm_workloads_sap_three_tier_virtual_instance"
+    ],
+    "dataSources": [
+        "azurerm_aadb2c_directory",
+        "azurerm_active_directory_domain_service",
+        "azurerm_advisor_recommendations",
+        "azurerm_api_connection",
+        "azurerm_api_management",
+        "azurerm_api_management_api",
+        "azurerm_api_management_api_version_set",
+        "azurerm_api_management_gateway",
+        "azurerm_api_management_gateway_host_name_configuration",
+        "azurerm_api_management_group",
+        "azurerm_api_management_product",
+        "azurerm_api_management_subscription",
+        "azurerm_api_management_user",
+        "azurerm_app_configuration",
+        "azurerm_app_configuration_key",
+        "azurerm_app_configuration_keys",
+        "azurerm_app_service",
+        "azurerm_app_service_certificate",
+        "azurerm_app_service_certificate_order",
+        "azurerm_app_service_environment_v3",
+        "azurerm_app_service_plan",
+        "azurerm_application_gateway",
+        "azurerm_application_insights",
+        "azurerm_application_security_group",
+        "azurerm_arc_machine",
+        "azurerm_arc_resource_bridge_appliance",
+        "azurerm_attestation_provider",
+        "azurerm_automation_account",
+        "azurerm_automation_runbook",
+        "azurerm_automation_variable_bool",
+        "azurerm_automation_variable_datetime",
+        "azurerm_automation_variable_int",
+        "azurerm_automation_variable_object",
+        "azurerm_automation_variable_string",
+        "azurerm_automation_variables",
+        "azurerm_availability_set",
+        "azurerm_backup_policy_file_share",
+        "azurerm_backup_policy_vm",
+        "azurerm_bastion_host",
+        "azurerm_batch_account",
+        "azurerm_batch_application",
+        "azurerm_batch_certificate",
+        "azurerm_batch_pool",
+        "azurerm_billing_enrollment_account_scope",
+        "azurerm_billing_mca_account_scope",
+        "azurerm_billing_mpa_account_scope",
+        "azurerm_blueprint_definition",
+        "azurerm_blueprint_published_version",
+        "azurerm_cdn_frontdoor_custom_domain",
+        "azurerm_cdn_frontdoor_endpoint",
+        "azurerm_cdn_frontdoor_firewall_policy",
+        "azurerm_cdn_frontdoor_origin_group",
+        "azurerm_cdn_frontdoor_profile",
+        "azurerm_cdn_frontdoor_rule_set",
+        "azurerm_cdn_frontdoor_secret",
+        "azurerm_cdn_profile",
+        "azurerm_client_config",
+        "azurerm_cognitive_account",
+        "azurerm_communication_service",
+        "azurerm_confidential_ledger",
+        "azurerm_consumption_budget_resource_group",
+        "azurerm_consumption_budget_subscription",
+        "azurerm_container_app",
+        "azurerm_container_app_environment",
+        "azurerm_container_app_environment_certificate",
+        "azurerm_container_app_environment_dapr_component.",
+        "azurerm_container_group",
+        "azurerm_container_registry",
+        "azurerm_container_registry_cache_rule",
+        "azurerm_container_registry_scope_map",
+        "azurerm_container_registry_token",
+        "azurerm_cosmosdb_account",
+        "azurerm_cosmosdb_mongo_database",
+        "azurerm_cosmosdb_restorable_database_accounts",
+        "azurerm_cosmosdb_sql_database",
+        "azurerm_cosmosdb_sql_role_definition",
+        "azurerm_dashboard_grafana",
+        "azurerm_data_factory",
+        "azurerm_data_factory_trigger_schedule",
+        "azurerm_data_factory_trigger_schedules",
+        "azurerm_data_lake_store",
+        "azurerm_data_protection_backup_vault",
+        "azurerm_data_share",
+        "azurerm_data_share_account",
+        "azurerm_data_share_dataset_blob_storage",
+        "azurerm_data_share_dataset_data_lake_gen1",
+        "azurerm_data_share_dataset_data_lake_gen2",
+        "azurerm_data_share_dataset_kusto_cluster",
+        "azurerm_data_share_dataset_kusto_database",
+        "azurerm_database_migration_project",
+        "azurerm_database_migration_service",
+        "azurerm_databox_edge_device",
+        "azurerm_databricks_access_connector",
+        "azurerm_databricks_workspace",
+        "azurerm_databricks_workspace_private_endpoint_connection",
+        "azurerm_dedicated_host",
+        "azurerm_dedicated_host_group",
+        "azurerm_dev_center",
+        "azurerm_dev_center_attached_network",
+        "azurerm_dev_center_catalog",
+        "azurerm_dev_center_dev_box_definition",
+        "azurerm_dev_center_environment_type",
+        "azurerm_dev_center_gallery",
+        "azurerm_dev_center_network_connection",
+        "azurerm_dev_center_project",
+        "azurerm_dev_center_project_environment_type",
+        "azurerm_dev_center_project_pool",
+        "azurerm_digital_twins_instance",
+        "azurerm_disk_access",
+        "azurerm_disk_encryption_set",
+        "azurerm_dns_a_record",
+        "azurerm_dns_aaaa_record",
+        "azurerm_dns_caa_record",
+        "azurerm_dns_cname_record",
+        "azurerm_dns_mx_record",
+        "azurerm_dns_ns_record",
+        "azurerm_dns_ptr_record",
+        "azurerm_dns_soa_record",
+        "azurerm_dns_srv_record",
+        "azurerm_dns_txt_record",
+        "azurerm_dns_zone",
+        "azurerm_dynatrace_monitor",
+        "azurerm_elastic_cloud_elasticsearch",
+        "azurerm_elastic_san",
+        "azurerm_elastic_san_volume_group",
+        "azurerm_elastic_san_volume_snapshot",
+        "azurerm_eventgrid_domain",
+        "azurerm_eventgrid_domain_topic",
+        "azurerm_eventgrid_partner_namespace",
+        "azurerm_eventgrid_partner_registration",
+        "azurerm_eventgrid_system_topic",
+        "azurerm_eventgrid_topic",
+        "azurerm_eventhub",
+        "azurerm_eventhub_authorization_rule",
+        "azurerm_eventhub_cluster",
+        "azurerm_eventhub_consumer_group",
+        "azurerm_eventhub_namespace",
+        "azurerm_eventhub_namespace_authorization_rule",
+        "azurerm_eventhub_sas",
+        "azurerm_express_route_circuit",
+        "azurerm_express_route_circuit_peering",
+        "azurerm_extended_location_custom_location",
+        "azurerm_extended_locations",
+        "azurerm_firewall",
+        "azurerm_firewall_policy",
+        "azurerm_function_app",
+        "azurerm_function_app_host_keys",
+        "azurerm_graph_services_account",
+        "azurerm_hdinsight_cluster",
+        "azurerm_healthcare_dicom_service",
+        "azurerm_healthcare_fhir_service",
+        "azurerm_healthcare_medtech_service",
+        "azurerm_healthcare_service",
+        "azurerm_healthcare_workspace",
+        "azurerm_image",
+        "azurerm_images",
+        "azurerm_iothub",
+        "azurerm_iothub_dps",
+        "azurerm_iothub_dps_shared_access_policy",
+        "azurerm_iothub_shared_access_policy",
+        "azurerm_ip_group",
+        "azurerm_ip_groups",
+        "azurerm_key_vault",
+        "azurerm_key_vault_access_policy",
+        "azurerm_key_vault_certificate",
+        "azurerm_key_vault_certificate_data",
+        "azurerm_key_vault_certificate_issuer",
+        "azurerm_key_vault_certificates",
+        "azurerm_key_vault_encrypted_value",
+        "azurerm_key_vault_key",
+        "azurerm_key_vault_managed_hardware_security_module",
+        "azurerm_key_vault_managed_hardware_security_module_key",
+        "azurerm_key_vault_managed_hardware_security_module_role_definition",
+        "azurerm_key_vault_secret",
+        "azurerm_key_vault_secrets",
+        "azurerm_kubernetes_cluster",
+        "azurerm_kubernetes_cluster_node_pool",
+        "azurerm_kubernetes_fleet_manager",
+        "azurerm_kubernetes_node_pool_snapshot",
+        "azurerm_kubernetes_service_versions",
+        "azurerm_kusto_cluster",
+        "azurerm_kusto_database",
+        "azurerm_lb",
+        "azurerm_lb_backend_address_pool",
+        "azurerm_lb_outbound_rule",
+        "azurerm_lb_rule",
+        "azurerm_linux_function_app",
+        "azurerm_linux_web_app",
+        "azurerm_local_network_gateway",
+        "azurerm_location",
+        "azurerm_log_analytics_workspace",
+        "azurerm_log_analytics_workspace_table",
+        "azurerm_logic_app_integration_account",
+        "azurerm_logic_app_standard",
+        "azurerm_logic_app_workflow",
+        "azurerm_machine_learning_workspace",
+        "azurerm_maintenance_configuration",
+        "azurerm_managed_api",
+        "azurerm_managed_application_definition",
+        "azurerm_managed_disk",
+        "azurerm_managed_disks",
+        "azurerm_managed_redis",
+        "azurerm_management_group",
+        "azurerm_management_group_template_deployment",
+        "azurerm_maps_account",
+        "azurerm_marketplace_agreement",
+        "azurerm_mobile_network",
+        "azurerm_mobile_network_attached_data_network",
+        "azurerm_mobile_network_data_network",
+        "azurerm_mobile_network_packet_core_control_plane",
+        "azurerm_mobile_network_packet_core_data_plane",
+        "azurerm_mobile_network_service",
+        "azurerm_mobile_network_sim",
+        "azurerm_mobile_network_sim_group",
+        "azurerm_mobile_network_sim_policy",
+        "azurerm_mobile_network_site",
+        "azurerm_mobile_network_slice",
+        "azurerm_monitor_action_group",
+        "azurerm_monitor_data_collection_endpoint",
+        "azurerm_monitor_data_collection_rule",
+        "azurerm_monitor_diagnostic_categories",
+        "azurerm_monitor_scheduled_query_rules_alert",
+        "azurerm_monitor_scheduled_query_rules_log",
+        "azurerm_monitor_workspace",
+        "azurerm_mssql_database",
+        "azurerm_mssql_elasticpool",
+        "azurerm_mssql_failover_group",
+        "azurerm_mssql_managed_database",
+        "azurerm_mssql_managed_instance",
+        "azurerm_mssql_server",
+        "azurerm_mysql_flexible_server",
+        "azurerm_nat_gateway",
+        "azurerm_netapp_account",
+        "azurerm_netapp_account_encryption",
+        "azurerm_netapp_backup_policy",
+        "azurerm_netapp_backup_vault",
+        "azurerm_netapp_pool",
+        "azurerm_netapp_snapshot",
+        "azurerm_netapp_snapshot_policy",
+        "azurerm_netapp_volume",
+        "azurerm_netapp_volume_group_oracle",
+        "azurerm_netapp_volume_group_sap_hana",
+        "azurerm_netapp_volume_quota_rule",
+        "azurerm_network_ddos_protection_plan",
+        "azurerm_network_interface",
+        "azurerm_network_manager",
+        "azurerm_network_manager_connectivity_configuration",
+        "azurerm_network_manager_ipam_pool",
+        "azurerm_network_manager_network_group",
+        "azurerm_network_security_group",
+        "azurerm_network_service_tags",
+        "azurerm_network_watcher",
+        "azurerm_nginx_api_key",
+        "azurerm_nginx_certificate",
+        "azurerm_nginx_configuration",
+        "azurerm_nginx_deployment",
+        "azurerm_notification_hub",
+        "azurerm_notification_hub_namespace",
+        "azurerm_oracle_adbs_character_sets",
+        "azurerm_oracle_adbs_national_character_sets",
+        "azurerm_oracle_autonomous_database",
+        "azurerm_oracle_autonomous_database_backup",
+        "azurerm_oracle_autonomous_database_backups",
+        "azurerm_oracle_autonomous_database_clone_from_backup",
+        "azurerm_oracle_autonomous_database_clone_from_database",
+        "azurerm_oracle_cloud_vm_cluster",
+        "azurerm_oracle_db_nodes",
+        "azurerm_oracle_db_servers",
+        "azurerm_oracle_db_system_shapes",
+        "azurerm_oracle_exadata_infrastructure",
+        "azurerm_oracle_exascale_database_storage_vault",
+        "azurerm_oracle_gi_versions",
+        "azurerm_oracle_resource_anchor",
+        "azurerm_orchestrated_virtual_machine_scale_set",
+        "azurerm_palo_alto_local_rulestack",
+        "azurerm_platform_image",
+        "azurerm_policy_assignment",
+        "azurerm_policy_definition",
+        "azurerm_policy_definition_built_in",
+        "azurerm_policy_set_definition",
+        "azurerm_policy_virtual_machine_configuration_assignment",
+        "azurerm_portal_dashboard",
+        "azurerm_postgresql_flexible_server",
+        "azurerm_postgresql_server",
+        "azurerm_private_dns_a_record",
+        "azurerm_private_dns_aaaa_record",
+        "azurerm_private_dns_cname_record",
+        "azurerm_private_dns_mx_record",
+        "azurerm_private_dns_ptr_record",
+        "azurerm_private_dns_resolver",
+        "azurerm_private_dns_resolver_dns_forwarding_ruleset",
+        "azurerm_private_dns_resolver_forwarding_rule",
+        "azurerm_private_dns_resolver_inbound_endpoint",
+        "azurerm_private_dns_resolver_outbound_endpoint",
+        "azurerm_private_dns_resolver_virtual_network_link",
+        "azurerm_private_dns_soa_record",
+        "azurerm_private_dns_srv_record",
+        "azurerm_private_dns_txt_record",
+        "azurerm_private_dns_zone",
+        "azurerm_private_dns_zone_virtual_network_link",
+        "azurerm_private_endpoint_connection",
+        "azurerm_private_link_service",
+        "azurerm_private_link_service_endpoint_connections",
+        "azurerm_proximity_placement_group",
+        "azurerm_public_ip",
+        "azurerm_public_ip_prefix",
+        "azurerm_public_ips",
+        "azurerm_public_maintenance_configurations",
+        "azurerm_recovery_services_vault",
+        "azurerm_redis_cache",
+        "azurerm_redis_enterprise_database",
+        "azurerm_resource_group",
+        "azurerm_resource_group_template_deployment",
+        "azurerm_resources",
+        "azurerm_role_assignments",
+        "azurerm_role_definition",
+        "azurerm_role_management_policy",
+        "azurerm_route_filter",
+        "azurerm_route_table",
+        "azurerm_search_service",
+        "azurerm_sentinel_alert_rule",
+        "azurerm_sentinel_alert_rule_anomaly",
+        "azurerm_sentinel_alert_rule_template",
+        "azurerm_service_plan",
+        "azurerm_servicebus_namespace",
+        "azurerm_servicebus_namespace_authorization_rule",
+        "azurerm_servicebus_namespace_disaster_recovery_config",
+        "azurerm_servicebus_queue",
+        "azurerm_servicebus_queue_authorization_rule",
+        "azurerm_servicebus_subscription",
+        "azurerm_servicebus_topic",
+        "azurerm_servicebus_topic_authorization_rule",
+        "azurerm_shared_image",
+        "azurerm_shared_image_gallery",
+        "azurerm_shared_image_version",
+        "azurerm_shared_image_versions",
+        "azurerm_signalr_service",
+        "azurerm_site_recovery_fabric",
+        "azurerm_site_recovery_protection_container",
+        "azurerm_site_recovery_replication_policy",
+        "azurerm_site_recovery_replication_recovery_plan",
+        "azurerm_snapshot",
+        "azurerm_source_control_token",
+        "azurerm_spring_cloud_app",
+        "azurerm_spring_cloud_service",
+        "azurerm_ssh_public_key",
+        "azurerm_stack_hci_cluster",
+        "azurerm_stack_hci_storage_path",
+        "azurerm_static_web_app",
+        "azurerm_storage_account",
+        "azurerm_storage_account_blob_container_sas",
+        "azurerm_storage_account_sas",
+        "azurerm_storage_blob",
+        "azurerm_storage_container",
+        "azurerm_storage_containers",
+        "azurerm_storage_encryption_scope",
+        "azurerm_storage_management_policy",
+        "azurerm_storage_queue",
+        "azurerm_storage_share",
+        "azurerm_storage_sync",
+        "azurerm_storage_sync_group",
+        "azurerm_storage_table",
+        "azurerm_storage_table_entities",
+        "azurerm_storage_table_entity",
+        "azurerm_stream_analytics_job",
+        "azurerm_subnet",
+        "azurerm_subscription",
+        "azurerm_subscription_template_deployment",
+        "azurerm_subscriptions",
+        "azurerm_synapse_workspace",
+        "azurerm_system_center_virtual_machine_manager_inventory_items",
+        "azurerm_template_spec_version",
+        "azurerm_tenant_template_deployment",
+        "azurerm_traffic_manager_geographical_location",
+        "azurerm_traffic_manager_profile",
+        "azurerm_trusted_signing_account",
+        "azurerm_user_assigned_identity",
+        "azurerm_virtual_desktop_application_group",
+        "azurerm_virtual_desktop_host_pool",
+        "azurerm_virtual_desktop_workspace",
+        "azurerm_virtual_hub",
+        "azurerm_virtual_hub_connection",
+        "azurerm_virtual_hub_route_table",
+        "azurerm_virtual_machine",
+        "azurerm_virtual_machine_scale_set",
+        "azurerm_virtual_network",
+        "azurerm_virtual_network_gateway",
+        "azurerm_virtual_network_gateway_connection",
+        "azurerm_virtual_network_peering",
+        "azurerm_virtual_wan",
+        "azurerm_vmware_private_cloud",
+        "azurerm_vpn_gateway",
+        "azurerm_vpn_server_configuration",
+        "azurerm_web_application_firewall_policy",
+        "azurerm_web_pubsub",
+        "azurerm_web_pubsub_private_link_resource",
+        "azurerm_windows_function_app",
+        "azurerm_windows_web_app"
+    ]
+}
\ No newline at end of file
diff --git a/src/parse/google-members.json b/src/parse/google-members.json
index 39bef29a..ec006955 100755
--- a/src/parse/google-members.json
+++ b/src/parse/google-members.json
@@ -1,1451 +1,1664 @@
 {
-  "dataSources": [
-    "google_access_approval_folder_service_account",
-    "google_access_approval_organization_service_account",
-    "google_access_approval_project_service_account",
-    "google_access_context_manager_access_policy",
-    "google_access_context_manager_access_policy_iam_policy",
-    "google_active_folder",
-    "google_alloydb_cluster",
-    "google_alloydb_instance",
-    "google_alloydb_locations",
-    "google_alloydb_supported_database_flags",
-    "google_api_gateway_api_config_iam_policy",
-    "google_api_gateway_api_iam_policy",
-    "google_api_gateway_gateway_iam_policy",
-    "google_apigee_environment_iam_policy",
-    "google_app_engine_default_service_account",
-    "google_apphub_application",
-    "google_apphub_discovered_service",
-    "google_apphub_discovered_workload",
-    "google_artifact_registry_docker_image",
-    "google_artifact_registry_locations",
-    "google_artifact_registry_repository",
-    "google_artifact_registry_repository_iam_policy",
-    "google_backup_dr_backup",
-    "google_backup_dr_backup_plan_association",
-    "google_backup_dr_backup_vault",
-    "google_backup_dr_data_source",
-    "google_beyondcorp_app_connection",
-    "google_beyondcorp_app_connector",
-    "google_beyondcorp_app_gateway",
-    "google_beyondcorp_application_iam_policy",
-    "google_beyondcorp_security_gateway_iam_policy",
-    "google_bigquery_analytics_hub_data_exchange_iam_policy",
-    "google_bigquery_analytics_hub_listing_iam_policy",
-    "google_bigquery_connection_iam_policy",
-    "google_bigquery_datapolicy_data_policy_iam_policy",
-    "google_bigquery_dataset",
-    "google_bigquery_dataset_iam_policy",
-    "google_bigquery_default_service_account",
-    "google_bigquery_table_iam_policy",
-    "google_bigquery_tables",
-    "google_bigtable_instance_iam_policy",
-    "google_bigtable_table_iam_policy",
-    "google_billing_account",
-    "google_billing_account_iam_policy",
-    "google_binary_authorization_attestor_iam_policy",
-    "google_certificate_manager_certificate_map",
-    "google_certificate_manager_certificates",
-    "google_client_config",
-    "google_client_openid_userinfo",
-    "google_cloud_identity_group_lookup",
-    "google_cloud_identity_group_memberships",
-    "google_cloud_identity_group_transitive_memberships",
-    "google_cloud_identity_groups",
-    "google_cloud_quotas_quota_info",
-    "google_cloud_quotas_quota_infos",
-    "google_cloud_run_locations",
-    "google_cloud_run_service",
-    "google_cloud_run_service_iam_policy",
-    "google_cloud_run_v2_job",
-    "google_cloud_run_v2_job_iam_policy",
-    "google_cloud_run_v2_service",
-    "google_cloud_run_v2_service_iam_policy",
-    "google_cloud_tasks_queue_iam_policy",
-    "google_cloudbuild_trigger",
-    "google_cloudbuildv2_connection_iam_policy",
-    "google_clouddeploy_custom_target_type_iam_policy",
-    "google_clouddeploy_delivery_pipeline_iam_policy",
-    "google_clouddeploy_target_iam_policy",
-    "google_cloudfunctions2_function",
-    "google_cloudfunctions2_function_iam_policy",
-    "google_cloudfunctions_function",
-    "google_cloudfunctions_function_iam_policy",
-    "google_colab_runtime_template_iam_policy",
-    "google_composer_environment",
-    "google_composer_image_versions",
-    "google_composer_user_workloads_config_map",
-    "google_composer_user_workloads_secret",
-    "google_compute_address",
-    "google_compute_addresses",
-    "google_compute_backend_bucket",
-    "google_compute_backend_bucket_iam_policy",
-    "google_compute_backend_service",
-    "google_compute_backend_service_iam_policy",
-    "google_compute_default_service_account",
-    "google_compute_disk",
-    "google_compute_disk_iam_policy",
-    "google_compute_forwarding_rule",
-    "google_compute_forwarding_rules",
-    "google_compute_global_address",
-    "google_compute_global_forwarding_rule",
-    "google_compute_ha_vpn_gateway",
-    "google_compute_health_check",
-    "google_compute_image",
-    "google_compute_image_iam_policy",
-    "google_compute_images",
-    "google_compute_instance",
-    "google_compute_instance_group",
-    "google_compute_instance_group_manager",
-    "google_compute_instance_guest_attributes",
-    "google_compute_instance_iam_policy",
-    "google_compute_instance_serial_port",
-    "google_compute_instance_template",
-    "google_compute_instance_template_iam_policy",
-    "google_compute_instant_snapshot_iam_policy",
-    "google_compute_lb_ip_ranges",
-    "google_compute_machine_image_iam_policy",
-    "google_compute_machine_types",
-    "google_compute_network",
-    "google_compute_network_endpoint_group",
-    "google_compute_network_peering",
-    "google_compute_networks",
-    "google_compute_node_types",
-    "google_compute_region_backend_service_iam_policy",
-    "google_compute_region_disk",
-    "google_compute_region_disk_iam_policy",
-    "google_compute_region_instance_group",
-    "google_compute_region_instance_group_manager",
-    "google_compute_region_instance_template",
-    "google_compute_region_network_endpoint_group",
-    "google_compute_region_ssl_certificate",
-    "google_compute_regions",
-    "google_compute_reservation",
-    "google_compute_resource_policy",
-    "google_compute_router",
-    "google_compute_router_nat",
-    "google_compute_router_status",
-    "google_compute_security_policy",
-    "google_compute_snapshot",
-    "google_compute_snapshot_iam_policy",
-    "google_compute_ssl_certificate",
-    "google_compute_ssl_policy",
-    "google_compute_subnetwork",
-    "google_compute_subnetwork_iam_policy",
-    "google_compute_subnetworks",
-    "google_compute_vpn_gateway",
-    "google_compute_zones",
-    "google_container_analysis_note_iam_policy",
-    "google_container_attached_install_manifest",
-    "google_container_attached_versions",
-    "google_container_aws_versions",
-    "google_container_azure_versions",
-    "google_container_cluster",
-    "google_container_engine_versions",
-    "google_container_registry_image",
-    "google_container_registry_repository",
-    "google_data_catalog_entry_group_iam_policy",
-    "google_data_catalog_policy_tag_iam_policy",
-    "google_data_catalog_tag_template_iam_policy",
-    "google_data_catalog_taxonomy_iam_policy",
-    "google_data_fusion_instance_iam_policy",
-    "google_dataform_repository_iam_policy",
-    "google_dataplex_aspect_type_iam_policy",
-    "google_dataplex_asset_iam_policy",
-    "google_dataplex_datascan_iam_policy",
-    "google_dataplex_entry_group_iam_policy",
-    "google_dataplex_entry_type_iam_policy",
-    "google_dataplex_lake_iam_policy",
-    "google_dataplex_task_iam_policy",
-    "google_dataplex_zone_iam_policy",
-    "google_dataproc_autoscaling_policy_iam_policy",
-    "google_dataproc_cluster_iam_policy",
-    "google_dataproc_job_iam_policy",
-    "google_dataproc_metastore_federation_iam_policy",
-    "google_dataproc_metastore_service",
-    "google_dataproc_metastore_service_iam_policy",
-    "google_datastream_static_ips",
-    "google_dns_keys",
-    "google_dns_managed_zone",
-    "google_dns_managed_zone_iam_policy",
-    "google_dns_managed_zones",
-    "google_dns_record_set",
-    "google_endpoints_service_consumers_iam_policy",
-    "google_endpoints_service_iam_policy",
-    "google_filestore_instance",
-    "google_firebase_web_app_config",
-    "google_folder",
-    "google_folder_iam_policy",
-    "google_folder_organization_policy",
-    "google_folders",
-    "google_gemini_repository_group_iam_policy",
-    "google_gke_backup_backup_plan_iam_policy",
-    "google_gke_backup_restore_plan_iam_policy",
-    "google_gke_hub_feature_iam_policy",
-    "google_gke_hub_membership_iam_policy",
-    "google_gke_hub_scope_iam_policy",
-    "google_healthcare_consent_store_iam_policy",
-    "google_healthcare_dataset_iam_policy",
-    "google_healthcare_dicom_store_iam_policy",
-    "google_healthcare_fhir_store_iam_policy",
-    "google_healthcare_hl7_v2_store_iam_policy",
-    "google_iam_policy",
-    "google_iam_role",
-    "google_iam_workload_identity_pool",
-    "google_iam_workload_identity_pool_provider",
-    "google_iap_app_engine_service_iam_policy",
-    "google_iap_app_engine_version_iam_policy",
-    "google_iap_client",
-    "google_iap_tunnel_dest_group_iam_policy",
-    "google_iap_tunnel_iam_policy",
-    "google_iap_tunnel_instance_iam_policy",
-    "google_iap_web_backend_service_iam_policy",
-    "google_iap_web_iam_policy",
-    "google_iap_web_region_backend_service_iam_policy",
-    "google_iap_web_type_app_engine_iam_policy",
-    "google_iap_web_type_compute_iam_policy",
-    "google_kms_autokey_config",
-    "google_kms_crypto_key",
-    "google_kms_crypto_key_iam_policy",
-    "google_kms_crypto_key_latest_version",
-    "google_kms_crypto_key_version",
-    "google_kms_crypto_key_versions",
-    "google_kms_crypto_keys",
-    "google_kms_ekm_connection_iam_policy",
-    "google_kms_key_handle",
-    "google_kms_key_handles",
-    "google_kms_key_ring",
-    "google_kms_key_ring_iam_policy",
-    "google_kms_key_rings",
-    "google_kms_secret",
-    "google_kms_secret_asymmetric",
-    "google_kms_secret_ciphertext",
-    "google_logging_folder_settings",
-    "google_logging_log_view_iam_policy",
-    "google_logging_organization_settings",
-    "google_logging_project_cmek_settings",
-    "google_logging_project_settings",
-    "google_memorystore_instance",
-    "google_monitoring_app_engine_service",
-    "google_monitoring_cluster_istio_service",
-    "google_monitoring_istio_canonical_service",
-    "google_monitoring_mesh_istio_service",
-    "google_monitoring_notification_channel",
-    "google_monitoring_uptime_check_ips",
-    "google_netblock_ip_ranges",
-    "google_network_security_address_group_iam_policy",
-    "google_notebooks_instance_iam_policy",
-    "google_notebooks_runtime_iam_policy",
-    "google_oracle_database_autonomous_database",
-    "google_oracle_database_autonomous_databases",
-    "google_oracle_database_cloud_exadata_infrastructure",
-    "google_oracle_database_cloud_exadata_infrastructures",
-    "google_oracle_database_cloud_vm_cluster",
-    "google_oracle_database_cloud_vm_clusters",
-    "google_oracle_database_db_nodes",
-    "google_oracle_database_db_servers",
-    "google_organization",
-    "google_organization_iam_custom_role",
-    "google_organization_iam_policy",
-    "google_organizations",
-    "google_parameter_manager_parameter",
-    "google_parameter_manager_parameter_version",
-    "google_parameter_manager_parameter_version_render",
-    "google_parameter_manager_parameters",
-    "google_parameter_manager_regional_parameter",
-    "google_parameter_manager_regional_parameter_version",
-    "google_parameter_manager_regional_parameter_version_render",
-    "google_parameter_manager_regional_parameters",
-    "google_privateca_ca_pool_iam_policy",
-    "google_privateca_certificate_authority",
-    "google_privateca_certificate_template_iam_policy",
-    "google_privileged_access_manager_entitlement",
-    "google_project",
-    "google_project_ancestry",
-    "google_project_iam_custom_role",
-    "google_project_iam_custom_roles",
-    "google_project_iam_policy",
-    "google_project_organization_policy",
-    "google_project_service",
-    "google_projects",
-    "google_pubsub_schema_iam_policy",
-    "google_pubsub_subscription",
-    "google_pubsub_subscription_iam_policy",
-    "google_pubsub_topic",
-    "google_pubsub_topic_iam_policy",
-    "google_redis_instance",
-    "google_runtimeconfig_config",
-    "google_runtimeconfig_config_iam_policy",
-    "google_runtimeconfig_variable",
-    "google_scc_source_iam_policy",
-    "google_scc_v2_organization_source_iam_policy",
-    "google_secret_manager_regional_secret",
-    "google_secret_manager_regional_secret_iam_policy",
-    "google_secret_manager_regional_secret_version",
-    "google_secret_manager_regional_secret_version_access",
-    "google_secret_manager_regional_secrets",
-    "google_secret_manager_secret",
-    "google_secret_manager_secret_iam_policy",
-    "google_secret_manager_secret_version",
-    "google_secret_manager_secret_version_access",
-    "google_secret_manager_secrets",
-    "google_secure_source_manager_instance_iam_policy",
-    "google_secure_source_manager_repository_iam_policy",
-    "google_service_account",
-    "google_service_account_access_token",
-    "google_service_account_iam_policy",
-    "google_service_account_id_token",
-    "google_service_account_jwt",
-    "google_service_account_key",
-    "google_service_accounts",
-    "google_service_directory_namespace_iam_policy",
-    "google_service_directory_service_iam_policy",
-    "google_site_verification_token",
-    "google_sourcerepo_repository",
-    "google_sourcerepo_repository_iam_policy",
-    "google_spanner_database",
-    "google_spanner_database_iam_policy",
-    "google_spanner_instance",
-    "google_spanner_instance_iam_policy",
-    "google_sql_backup_run",
-    "google_sql_ca_certs",
-    "google_sql_database",
-    "google_sql_database_instance",
-    "google_sql_database_instance_latest_recovery_time",
-    "google_sql_database_instances",
-    "google_sql_databases",
-    "google_sql_tiers",
-    "google_storage_bucket",
-    "google_storage_bucket_iam_policy",
-    "google_storage_bucket_object",
-    "google_storage_bucket_object_content",
-    "google_storage_bucket_objects",
-    "google_storage_buckets",
-    "google_storage_object_signed_url",
-    "google_storage_project_service_account",
-    "google_storage_transfer_project_service_account",
-    "google_tags_tag_key",
-    "google_tags_tag_key_iam_policy",
-    "google_tags_tag_keys",
-    "google_tags_tag_value",
-    "google_tags_tag_value_iam_policy",
-    "google_tags_tag_values",
-    "google_tpu_tensorflow_versions",
-    "google_tpu_v2_accelerator_types",
-    "google_tpu_v2_runtime_versions",
-    "google_vertex_ai_endpoint_iam_policy",
-    "google_vertex_ai_featurestore_entitytype_iam_policy",
-    "google_vertex_ai_featurestore_iam_policy",
-    "google_vmwareengine_cluster",
-    "google_vmwareengine_external_access_rule",
-    "google_vmwareengine_external_address",
-    "google_vmwareengine_network",
-    "google_vmwareengine_network_peering",
-    "google_vmwareengine_network_policy",
-    "google_vmwareengine_nsx_credentials",
-    "google_vmwareengine_private_cloud",
-    "google_vmwareengine_subnet",
-    "google_vmwareengine_vcenter_credentials",
-    "google_vpc_access_connector",
-    "google_workbench_instance_iam_policy",
-    "google_workstations_workstation_config_iam_policy",
-    "google_workstations_workstation_iam_policy"
-  ],
-  "resources": [
-    "google_access_context_manager_access_level",
-    "google_access_context_manager_access_level_condition",
-    "google_access_context_manager_access_levels",
-    "google_access_context_manager_access_policy",
-    "google_access_context_manager_access_policy_iam_binding",
-    "google_access_context_manager_access_policy_iam_member",
-    "google_access_context_manager_access_policy_iam_policy",
-    "google_access_context_manager_authorized_orgs_desc",
-    "google_access_context_manager_gcp_user_access_binding",
-    "google_access_context_manager_service_perimeter",
-    "google_access_context_manager_service_perimeter_dry_run_egress_policy",
-    "google_access_context_manager_service_perimeter_dry_run_ingress_policy",
-    "google_access_context_manager_service_perimeter_dry_run_resource",
-    "google_access_context_manager_service_perimeter_egress_policy",
-    "google_access_context_manager_service_perimeter_ingress_policy",
-    "google_access_context_manager_service_perimeter_resource",
-    "google_access_context_manager_service_perimeters",
-    "google_active_directory_domain",
-    "google_active_directory_domain_trust",
-    "google_active_directory_peering",
-    "google_alloydb_backup",
-    "google_alloydb_cluster",
-    "google_alloydb_instance",
-    "google_alloydb_user",
-    "google_api_gateway_api",
-    "google_api_gateway_api_config",
-    "google_api_gateway_api_config_iam_binding",
-    "google_api_gateway_api_config_iam_member",
-    "google_api_gateway_api_config_iam_policy",
-    "google_api_gateway_api_iam_binding",
-    "google_api_gateway_api_iam_member",
-    "google_api_gateway_api_iam_policy",
-    "google_api_gateway_gateway",
-    "google_api_gateway_gateway_iam_binding",
-    "google_api_gateway_gateway_iam_member",
-    "google_api_gateway_gateway_iam_policy",
-    "google_apigee_addons_config",
-    "google_apigee_api",
-    "google_apigee_app_group",
-    "google_apigee_developer",
-    "google_apigee_env_keystore",
-    "google_apigee_envgroup",
-    "google_apigee_envgroup_attachment",
-    "google_apigee_environment",
-    "google_apigee_environment_addons_config",
-    "google_apigee_environment_iam_binding",
-    "google_apigee_environment_iam_member",
-    "google_apigee_environment_iam_policy",
-    "google_apigee_environment_keyvaluemaps",
-    "google_apigee_environment_keyvaluemaps_entries",
-    "google_apigee_instance",
-    "google_apigee_instance_attachment",
-    "google_apigee_keystores_aliases_self_signed_cert",
-    "google_apigee_nat_address",
-    "google_apigee_organization",
-    "google_apigee_sync_authorization",
-    "google_apigee_target_server",
-    "google_apihub_api_hub_instance",
-    "google_apihub_host_project_registration",
-    "google_apikeys_key",
-    "google_app_engine_application",
-    "google_app_engine_application_url_dispatch_rules",
-    "google_app_engine_domain_mapping",
-    "google_app_engine_firewall_rule",
-    "google_app_engine_flexible_app_version",
-    "google_app_engine_service_network_settings",
-    "google_app_engine_service_split_traffic",
-    "google_app_engine_standard_app_version",
-    "google_apphub_application",
-    "google_apphub_service",
-    "google_apphub_service_project_attachment",
-    "google_apphub_workload",
-    "google_artifact_registry_repository",
-    "google_artifact_registry_repository_iam_binding",
-    "google_artifact_registry_repository_iam_member",
-    "google_artifact_registry_repository_iam_policy",
-    "google_artifact_registry_vpcsc_config",
-    "google_assured_workloads_workload",
-    "google_backup_dr_backup_plan",
-    "google_backup_dr_backup_plan_association",
-    "google_backup_dr_backup_vault",
-    "google_backup_dr_management_server",
-    "google_beyondcorp_app_connection",
-    "google_beyondcorp_app_connector",
-    "google_beyondcorp_app_gateway",
-    "google_beyondcorp_application",
-    "google_beyondcorp_application_iam_binding",
-    "google_beyondcorp_application_iam_member",
-    "google_beyondcorp_application_iam_policy",
-    "google_beyondcorp_security_gateway",
-    "google_beyondcorp_security_gateway_iam_binding",
-    "google_beyondcorp_security_gateway_iam_member",
-    "google_beyondcorp_security_gateway_iam_policy",
-    "google_biglake_catalog",
-    "google_biglake_database",
-    "google_biglake_table",
-    "google_bigquery_analytics_hub_data_exchange",
-    "google_bigquery_analytics_hub_data_exchange_iam_binding",
-    "google_bigquery_analytics_hub_data_exchange_iam_member",
-    "google_bigquery_analytics_hub_data_exchange_iam_policy",
-    "google_bigquery_analytics_hub_listing",
-    "google_bigquery_analytics_hub_listing_iam_binding",
-    "google_bigquery_analytics_hub_listing_iam_member",
-    "google_bigquery_analytics_hub_listing_iam_policy",
-    "google_bigquery_analytics_hub_listing_subscription",
-    "google_bigquery_bi_reservation",
-    "google_bigquery_capacity_commitment",
-    "google_bigquery_connection",
-    "google_bigquery_connection_iam_binding",
-    "google_bigquery_connection_iam_member",
-    "google_bigquery_connection_iam_policy",
-    "google_bigquery_data_transfer_config",
-    "google_bigquery_datapolicy_data_policy",
-    "google_bigquery_datapolicy_data_policy_iam_binding",
-    "google_bigquery_datapolicy_data_policy_iam_member",
-    "google_bigquery_datapolicy_data_policy_iam_policy",
-    "google_bigquery_dataset",
-    "google_bigquery_dataset_access",
-    "google_bigquery_dataset_iam_binding",
-    "google_bigquery_dataset_iam_member",
-    "google_bigquery_dataset_iam_policy",
-    "google_bigquery_job",
-    "google_bigquery_reservation",
-    "google_bigquery_reservation_assignment",
-    "google_bigquery_routine",
-    "google_bigquery_table",
-    "google_bigquery_table_iam_binding",
-    "google_bigquery_table_iam_member",
-    "google_bigquery_table_iam_policy",
-    "google_bigtable_app_profile",
-    "google_bigtable_authorized_view",
-    "google_bigtable_gc_policy",
-    "google_bigtable_instance",
-    "google_bigtable_instance_iam_binding",
-    "google_bigtable_instance_iam_member",
-    "google_bigtable_instance_iam_policy",
-    "google_bigtable_table",
-    "google_bigtable_table_iam_binding",
-    "google_bigtable_table_iam_member",
-    "google_bigtable_table_iam_policy",
-    "google_billing_account_iam_binding",
-    "google_billing_account_iam_member",
-    "google_billing_account_iam_policy",
-    "google_billing_budget",
-    "google_billing_project_info",
-    "google_billing_subaccount",
-    "google_binary_authorization_attestor",
-    "google_binary_authorization_attestor_iam_binding",
-    "google_binary_authorization_attestor_iam_member",
-    "google_binary_authorization_attestor_iam_policy",
-    "google_binary_authorization_policy",
-    "google_blockchain_node_engine_blockchain_nodes",
-    "google_certificate_manager_certificate",
-    "google_certificate_manager_certificate_issuance_config",
-    "google_certificate_manager_certificate_map",
-    "google_certificate_manager_certificate_map_entry",
-    "google_certificate_manager_dns_authorization",
-    "google_certificate_manager_trust_config",
-    "google_chronicle_data_access_label",
-    "google_chronicle_data_access_scope",
-    "google_chronicle_reference_list",
-    "google_chronicle_retrohunt",
-    "google_chronicle_rule",
-    "google_chronicle_rule_deployment",
-    "google_chronicle_watchlist",
-    "google_cloud_asset_folder_feed",
-    "google_cloud_asset_organization_feed",
-    "google_cloud_asset_project_feed",
-    "google_cloud_identity_group",
-    "google_cloud_identity_group_membership",
-    "google_cloud_ids_endpoint",
-    "google_cloud_quotas_quota_adjuster_settings",
-    "google_cloud_quotas_quota_preference",
-    "google_cloud_run_domain_mapping",
-    "google_cloud_run_service",
-    "google_cloud_run_service_iam_binding",
-    "google_cloud_run_service_iam_member",
-    "google_cloud_run_service_iam_policy",
-    "google_cloud_run_v2_job",
-    "google_cloud_run_v2_job_iam_binding",
-    "google_cloud_run_v2_job_iam_member",
-    "google_cloud_run_v2_job_iam_policy",
-    "google_cloud_run_v2_service",
-    "google_cloud_run_v2_service_iam_binding",
-    "google_cloud_run_v2_service_iam_member",
-    "google_cloud_run_v2_service_iam_policy",
-    "google_cloud_scheduler_job",
-    "google_cloud_tasks_queue",
-    "google_cloud_tasks_queue_iam_binding",
-    "google_cloud_tasks_queue_iam_member",
-    "google_cloud_tasks_queue_iam_policy",
-    "google_cloudbuild_bitbucket_server_config",
-    "google_cloudbuild_trigger",
-    "google_cloudbuild_worker_pool",
-    "google_cloudbuildv2_connection",
-    "google_cloudbuildv2_connection_iam_binding",
-    "google_cloudbuildv2_connection_iam_member",
-    "google_cloudbuildv2_connection_iam_policy",
-    "google_cloudbuildv2_repository",
-    "google_clouddeploy_automation",
-    "google_clouddeploy_custom_target_type",
-    "google_clouddeploy_custom_target_type_iam_binding",
-    "google_clouddeploy_custom_target_type_iam_member",
-    "google_clouddeploy_custom_target_type_iam_policy",
-    "google_clouddeploy_delivery_pipeline",
-    "google_clouddeploy_delivery_pipeline_iam_binding",
-    "google_clouddeploy_delivery_pipeline_iam_member",
-    "google_clouddeploy_delivery_pipeline_iam_policy",
-    "google_clouddeploy_target",
-    "google_clouddeploy_target_iam_binding",
-    "google_clouddeploy_target_iam_member",
-    "google_clouddeploy_target_iam_policy",
-    "google_clouddomains_registration",
-    "google_cloudfunctions2_function",
-    "google_cloudfunctions2_function_iam_binding",
-    "google_cloudfunctions2_function_iam_member",
-    "google_cloudfunctions2_function_iam_policy",
-    "google_cloudfunctions_function",
-    "google_cloudfunctions_function_iam_binding",
-    "google_cloudfunctions_function_iam_member",
-    "google_cloudfunctions_function_iam_policy",
-    "google_cloudiot_registry",
-    "google_colab_notebook_execution",
-    "google_colab_runtime",
-    "google_colab_runtime_template",
-    "google_colab_runtime_template_iam_binding",
-    "google_colab_runtime_template_iam_member",
-    "google_colab_runtime_template_iam_policy",
-    "google_colab_schedule",
-    "google_composer_environment",
-    "google_composer_user_workloads_config_map",
-    "google_composer_user_workloads_secret",
-    "google_compute_address",
-    "google_compute_attached_disk",
-    "google_compute_autoscaler",
-    "google_compute_backend_bucket",
-    "google_compute_backend_bucket_iam_binding",
-    "google_compute_backend_bucket_iam_member",
-    "google_compute_backend_bucket_iam_policy",
-    "google_compute_backend_bucket_signed_url_key",
-    "google_compute_backend_service",
-    "google_compute_backend_service_iam_binding",
-    "google_compute_backend_service_iam_member",
-    "google_compute_backend_service_iam_policy",
-    "google_compute_backend_service_signed_url_key",
-    "google_compute_disk",
-    "google_compute_disk_async_replication",
-    "google_compute_disk_iam_binding",
-    "google_compute_disk_iam_member",
-    "google_compute_disk_iam_policy",
-    "google_compute_disk_resource_policy_attachment",
-    "google_compute_external_vpn_gateway",
-    "google_compute_firewall",
-    "google_compute_firewall_policy",
-    "google_compute_firewall_policy_association",
-    "google_compute_firewall_policy_rule",
-    "google_compute_firewall_policy_with_rules",
-    "google_compute_forwarding_rule",
-    "google_compute_global_address",
-    "google_compute_global_forwarding_rule",
-    "google_compute_global_network_endpoint",
-    "google_compute_global_network_endpoint_group",
-    "google_compute_ha_vpn_gateway",
-    "google_compute_health_check",
-    "google_compute_http_health_check",
-    "google_compute_https_health_check",
-    "google_compute_image",
-    "google_compute_image_iam_binding",
-    "google_compute_image_iam_member",
-    "google_compute_image_iam_policy",
-    "google_compute_instance",
-    "google_compute_instance_from_machine_image",
-    "google_compute_instance_from_template",
-    "google_compute_instance_group",
-    "google_compute_instance_group_manager",
-    "google_compute_instance_group_membership",
-    "google_compute_instance_group_named_port",
-    "google_compute_instance_iam_binding",
-    "google_compute_instance_iam_member",
-    "google_compute_instance_iam_policy",
-    "google_compute_instance_settings",
-    "google_compute_instance_template",
-    "google_compute_instance_template_iam_binding",
-    "google_compute_instance_template_iam_member",
-    "google_compute_instance_template_iam_policy",
-    "google_compute_instant_snapshot",
-    "google_compute_instant_snapshot_iam_binding",
-    "google_compute_instant_snapshot_iam_member",
-    "google_compute_instant_snapshot_iam_policy",
-    "google_compute_interconnect",
-    "google_compute_interconnect_attachment",
-    "google_compute_machine_image",
-    "google_compute_machine_image_iam_binding",
-    "google_compute_machine_image_iam_member",
-    "google_compute_machine_image_iam_policy",
-    "google_compute_managed_ssl_certificate",
-    "google_compute_network",
-    "google_compute_network_attachment",
-    "google_compute_network_edge_security_service",
-    "google_compute_network_endpoint",
-    "google_compute_network_endpoint_group",
-    "google_compute_network_endpoints",
-    "google_compute_network_firewall_policy",
-    "google_compute_network_firewall_policy_association",
-    "google_compute_network_firewall_policy_packet_mirroring_rule",
-    "google_compute_network_firewall_policy_rule",
-    "google_compute_network_firewall_policy_with_rules",
-    "google_compute_network_peering",
-    "google_compute_network_peering_routes_config",
-    "google_compute_node_group",
-    "google_compute_node_template",
-    "google_compute_organization_security_policy",
-    "google_compute_organization_security_policy_association",
-    "google_compute_organization_security_policy_rule",
-    "google_compute_packet_mirroring",
-    "google_compute_per_instance_config",
-    "google_compute_project_cloud_armor_tier",
-    "google_compute_project_default_network_tier",
-    "google_compute_project_metadata",
-    "google_compute_project_metadata_item",
-    "google_compute_public_advertised_prefix",
-    "google_compute_public_delegated_prefix",
-    "google_compute_region_autoscaler",
-    "google_compute_region_backend_service",
-    "google_compute_region_backend_service_iam_binding",
-    "google_compute_region_backend_service_iam_member",
-    "google_compute_region_backend_service_iam_policy",
-    "google_compute_region_commitment",
-    "google_compute_region_disk",
-    "google_compute_region_disk_iam_binding",
-    "google_compute_region_disk_iam_member",
-    "google_compute_region_disk_iam_policy",
-    "google_compute_region_disk_resource_policy_attachment",
-    "google_compute_region_health_check",
-    "google_compute_region_instance_group_manager",
-    "google_compute_region_instance_template",
-    "google_compute_region_network_endpoint",
-    "google_compute_region_network_endpoint_group",
-    "google_compute_region_network_firewall_policy",
-    "google_compute_region_network_firewall_policy_association",
-    "google_compute_region_network_firewall_policy_rule",
-    "google_compute_region_network_firewall_policy_with_rules",
-    "google_compute_region_per_instance_config",
-    "google_compute_region_resize_request",
-    "google_compute_region_security_policy",
-    "google_compute_region_security_policy_rule",
-    "google_compute_region_ssl_certificate",
-    "google_compute_region_target_http_proxy",
-    "google_compute_region_target_https_proxy",
-    "google_compute_region_target_tcp_proxy",
-    "google_compute_region_url_map",
-    "google_compute_reservation",
-    "google_compute_resize_request",
-    "google_compute_resource_policy",
-    "google_compute_route",
-    "google_compute_router",
-    "google_compute_router_interface",
-    "google_compute_router_nat",
-    "google_compute_router_nat_address",
-    "google_compute_router_peer",
-    "google_compute_router_route_policy",
-    "google_compute_security_policy",
-    "google_compute_security_policy_rule",
-    "google_compute_service_attachment",
-    "google_compute_shared_vpc_host_project",
-    "google_compute_shared_vpc_service_project",
-    "google_compute_snapshot",
-    "google_compute_snapshot_iam_binding",
-    "google_compute_snapshot_iam_member",
-    "google_compute_snapshot_iam_policy",
-    "google_compute_ssl_certificate",
-    "google_compute_ssl_policy",
-    "google_compute_subnetwork",
-    "google_compute_subnetwork_iam_binding",
-    "google_compute_subnetwork_iam_member",
-    "google_compute_subnetwork_iam_policy",
-    "google_compute_target_grpc_proxy",
-    "google_compute_target_http_proxy",
-    "google_compute_target_https_proxy",
-    "google_compute_target_instance",
-    "google_compute_target_pool",
-    "google_compute_target_ssl_proxy",
-    "google_compute_target_tcp_proxy",
-    "google_compute_url_map",
-    "google_compute_vpn_gateway",
-    "google_compute_vpn_tunnel",
-    "google_container_analysis_note",
-    "google_container_analysis_note_iam_binding",
-    "google_container_analysis_note_iam_member",
-    "google_container_analysis_note_iam_policy",
-    "google_container_analysis_occurrence",
-    "google_container_attached_cluster",
-    "google_container_aws_cluster",
-    "google_container_aws_node_pool",
-    "google_container_azure_client",
-    "google_container_azure_cluster",
-    "google_container_azure_node_pool",
-    "google_container_cluster",
-    "google_container_node_pool",
-    "google_container_registry",
-    "google_data_catalog_entry",
-    "google_data_catalog_entry_group",
-    "google_data_catalog_entry_group_iam_binding",
-    "google_data_catalog_entry_group_iam_member",
-    "google_data_catalog_entry_group_iam_policy",
-    "google_data_catalog_policy_tag",
-    "google_data_catalog_policy_tag_iam_binding",
-    "google_data_catalog_policy_tag_iam_member",
-    "google_data_catalog_policy_tag_iam_policy",
-    "google_data_catalog_tag",
-    "google_data_catalog_tag_template",
-    "google_data_catalog_tag_template_iam_binding",
-    "google_data_catalog_tag_template_iam_member",
-    "google_data_catalog_tag_template_iam_policy",
-    "google_data_catalog_taxonomy",
-    "google_data_catalog_taxonomy_iam_binding",
-    "google_data_catalog_taxonomy_iam_member",
-    "google_data_catalog_taxonomy_iam_policy",
-    "google_data_fusion_instance",
-    "google_data_fusion_instance_iam_binding",
-    "google_data_fusion_instance_iam_member",
-    "google_data_fusion_instance_iam_policy",
-    "google_data_loss_prevention_deidentify_template",
-    "google_data_loss_prevention_discovery_config",
-    "google_data_loss_prevention_inspect_template",
-    "google_data_loss_prevention_job_trigger",
-    "google_data_loss_prevention_stored_info_type",
-    "google_data_pipeline_pipeline",
-    "google_database_migration_service_connection_profile",
-    "google_database_migration_service_migration_job",
-    "google_database_migration_service_private_connection",
-    "google_dataflow_flex_template_job",
-    "google_dataflow_job",
-    "google_dataform_repository",
-    "google_dataform_repository_iam_binding",
-    "google_dataform_repository_iam_member",
-    "google_dataform_repository_iam_policy",
-    "google_dataform_repository_release_config",
-    "google_dataform_repository_workflow_config",
-    "google_dataplex_aspect_type",
-    "google_dataplex_aspect_type_iam_binding",
-    "google_dataplex_aspect_type_iam_member",
-    "google_dataplex_aspect_type_iam_policy",
-    "google_dataplex_asset",
-    "google_dataplex_asset_iam_binding",
-    "google_dataplex_asset_iam_member",
-    "google_dataplex_asset_iam_policy",
-    "google_dataplex_datascan",
-    "google_dataplex_datascan_iam_binding",
-    "google_dataplex_datascan_iam_member",
-    "google_dataplex_datascan_iam_policy",
-    "google_dataplex_entry_group",
-    "google_dataplex_entry_group_iam_binding",
-    "google_dataplex_entry_group_iam_member",
-    "google_dataplex_entry_group_iam_policy",
-    "google_dataplex_entry_type",
-    "google_dataplex_entry_type_iam_binding",
-    "google_dataplex_entry_type_iam_member",
-    "google_dataplex_entry_type_iam_policy",
-    "google_dataplex_lake",
-    "google_dataplex_lake_iam_binding",
-    "google_dataplex_lake_iam_member",
-    "google_dataplex_lake_iam_policy",
-    "google_dataplex_task",
-    "google_dataplex_task_iam_binding",
-    "google_dataplex_task_iam_member",
-    "google_dataplex_task_iam_policy",
-    "google_dataplex_zone",
-    "google_dataplex_zone_iam_binding",
-    "google_dataplex_zone_iam_member",
-    "google_dataplex_zone_iam_policy",
-    "google_dataproc_autoscaling_policy",
-    "google_dataproc_autoscaling_policy_iam_binding",
-    "google_dataproc_autoscaling_policy_iam_member",
-    "google_dataproc_autoscaling_policy_iam_policy",
-    "google_dataproc_batch",
-    "google_dataproc_cluster",
-    "google_dataproc_cluster_iam_binding",
-    "google_dataproc_cluster_iam_member",
-    "google_dataproc_cluster_iam_policy",
-    "google_dataproc_gdc_application_environment",
-    "google_dataproc_gdc_service_instance",
-    "google_dataproc_gdc_spark_application",
-    "google_dataproc_job",
-    "google_dataproc_job_iam_binding",
-    "google_dataproc_job_iam_member",
-    "google_dataproc_job_iam_policy",
-    "google_dataproc_metastore_federation",
-    "google_dataproc_metastore_federation_iam_binding",
-    "google_dataproc_metastore_federation_iam_member",
-    "google_dataproc_metastore_federation_iam_policy",
-    "google_dataproc_metastore_service",
-    "google_dataproc_metastore_service_iam_binding",
-    "google_dataproc_metastore_service_iam_member",
-    "google_dataproc_metastore_service_iam_policy",
-    "google_dataproc_workflow_template",
-    "google_datastream_connection_profile",
-    "google_datastream_private_connection",
-    "google_datastream_stream",
-    "google_deployment_manager_deployment",
-    "google_developer_connect_connection",
-    "google_developer_connect_git_repository_link",
-    "google_dialogflow_agent",
-    "google_dialogflow_cx_agent",
-    "google_dialogflow_cx_entity_type",
-    "google_dialogflow_cx_environment",
-    "google_dialogflow_cx_flow",
-    "google_dialogflow_cx_intent",
-    "google_dialogflow_cx_page",
-    "google_dialogflow_cx_security_settings",
-    "google_dialogflow_cx_version",
-    "google_dialogflow_cx_webhook",
-    "google_dialogflow_entity_type",
-    "google_dialogflow_fulfillment",
-    "google_dialogflow_intent",
-    "google_discovery_engine_chat_engine",
-    "google_discovery_engine_data_store",
-    "google_discovery_engine_schema",
-    "google_discovery_engine_search_engine",
-    "google_discovery_engine_sitemap",
-    "google_discovery_engine_target_site",
-    "google_dns_managed_zone",
-    "google_dns_managed_zone_iam_binding",
-    "google_dns_managed_zone_iam_member",
-    "google_dns_managed_zone_iam_policy",
-    "google_dns_policy",
-    "google_dns_record_set",
-    "google_dns_response_policy",
-    "google_dns_response_policy_rule",
-    "google_document_ai_processor",
-    "google_document_ai_processor_default_version",
-    "google_document_ai_warehouse_document_schema",
-    "google_document_ai_warehouse_location",
-    "google_edgecontainer_cluster",
-    "google_edgecontainer_node_pool",
-    "google_edgecontainer_vpn_connection",
-    "google_edgenetwork_interconnect_attachment",
-    "google_edgenetwork_network",
-    "google_edgenetwork_subnet",
-    "google_endpoints_service",
-    "google_endpoints_service_consumers_iam_binding",
-    "google_endpoints_service_consumers_iam_member",
-    "google_endpoints_service_consumers_iam_policy",
-    "google_endpoints_service_iam_binding",
-    "google_endpoints_service_iam_member",
-    "google_endpoints_service_iam_policy",
-    "google_essential_contacts_contact",
-    "google_eventarc_channel",
-    "google_eventarc_google_api_source",
-    "google_eventarc_google_channel_config",
-    "google_eventarc_message_bus",
-    "google_eventarc_pipeline",
-    "google_eventarc_trigger",
-    "google_filestore_backup",
-    "google_filestore_instance",
-    "google_filestore_snapshot",
-    "google_firebase_android_app",
-    "google_firebase_app_check_app_attest_config",
-    "google_firebase_app_check_debug_token",
-    "google_firebase_app_check_device_check_config",
-    "google_firebase_app_check_play_integrity_config",
-    "google_firebase_app_check_recaptcha_enterprise_config",
-    "google_firebase_app_check_recaptcha_v3_config",
-    "google_firebase_app_check_service_config",
-    "google_firebase_app_hosting_backend",
-    "google_firebase_apple_app",
-    "google_firebase_data_connect_service",
-    "google_firebase_database_instance",
-    "google_firebase_extensions_instance",
-    "google_firebase_hosting_channel",
-    "google_firebase_hosting_custom_domain",
-    "google_firebase_hosting_release",
-    "google_firebase_hosting_site",
-    "google_firebase_hosting_version",
-    "google_firebase_project",
-    "google_firebase_project_location",
-    "google_firebase_storage_bucket",
-    "google_firebase_web_app",
-    "google_firebaserules_release",
-    "google_firebaserules_ruleset",
-    "google_firestore_backup_schedule",
-    "google_firestore_database",
-    "google_firestore_document",
-    "google_firestore_field",
-    "google_firestore_index",
-    "google_folder",
-    "google_folder_access_approval_settings",
-    "google_folder_iam_audit_config",
-    "google_folder_iam_binding",
-    "google_folder_iam_member",
-    "google_folder_iam_policy",
-    "google_folder_organization_policy",
-    "google_gemini_code_repository_index",
-    "google_gemini_data_sharing_with_google_setting",
-    "google_gemini_data_sharing_with_google_setting_binding",
-    "google_gemini_gemini_gcp_enablement_setting",
-    "google_gemini_gemini_gcp_enablement_setting_binding",
-    "google_gemini_logging_setting",
-    "google_gemini_logging_setting_binding",
-    "google_gemini_release_channel_setting",
-    "google_gemini_release_channel_setting_binding",
-    "google_gemini_repository_group",
-    "google_gemini_repository_group_iam_binding",
-    "google_gemini_repository_group_iam_member",
-    "google_gemini_repository_group_iam_policy",
-    "google_gke_backup_backup_plan",
-    "google_gke_backup_backup_plan_iam_binding",
-    "google_gke_backup_backup_plan_iam_member",
-    "google_gke_backup_backup_plan_iam_policy",
-    "google_gke_backup_restore_plan",
-    "google_gke_backup_restore_plan_iam_binding",
-    "google_gke_backup_restore_plan_iam_member",
-    "google_gke_backup_restore_plan_iam_policy",
-    "google_gke_hub_feature",
-    "google_gke_hub_feature_iam_binding",
-    "google_gke_hub_feature_iam_member",
-    "google_gke_hub_feature_iam_policy",
-    "google_gke_hub_feature_membership",
-    "google_gke_hub_fleet",
-    "google_gke_hub_membership",
-    "google_gke_hub_membership_binding",
-    "google_gke_hub_membership_iam_binding",
-    "google_gke_hub_membership_iam_member",
-    "google_gke_hub_membership_iam_policy",
-    "google_gke_hub_membership_rbac_role_binding",
-    "google_gke_hub_namespace",
-    "google_gke_hub_scope",
-    "google_gke_hub_scope_iam_binding",
-    "google_gke_hub_scope_iam_member",
-    "google_gke_hub_scope_iam_policy",
-    "google_gke_hub_scope_rbac_role_binding",
-    "google_gkeonprem_bare_metal_admin_cluster",
-    "google_gkeonprem_bare_metal_cluster",
-    "google_gkeonprem_bare_metal_node_pool",
-    "google_gkeonprem_vmware_admin_cluster",
-    "google_gkeonprem_vmware_cluster",
-    "google_gkeonprem_vmware_node_pool",
-    "google_healthcare_consent_store",
-    "google_healthcare_consent_store_iam_binding",
-    "google_healthcare_consent_store_iam_member",
-    "google_healthcare_consent_store_iam_policy",
-    "google_healthcare_dataset",
-    "google_healthcare_dataset_iam_binding",
-    "google_healthcare_dataset_iam_member",
-    "google_healthcare_dataset_iam_policy",
-    "google_healthcare_dicom_store",
-    "google_healthcare_dicom_store_iam_binding",
-    "google_healthcare_dicom_store_iam_member",
-    "google_healthcare_dicom_store_iam_policy",
-    "google_healthcare_fhir_store",
-    "google_healthcare_fhir_store_iam_binding",
-    "google_healthcare_fhir_store_iam_member",
-    "google_healthcare_fhir_store_iam_policy",
-    "google_healthcare_hl7_v2_store",
-    "google_healthcare_hl7_v2_store_iam_binding",
-    "google_healthcare_hl7_v2_store_iam_member",
-    "google_healthcare_hl7_v2_store_iam_policy",
-    "google_healthcare_pipeline_job",
-    "google_healthcare_workspace",
-    "google_iam_access_boundary_policy",
-    "google_iam_deny_policy",
-    "google_iam_folders_policy_binding",
-    "google_iam_oauth_client",
-    "google_iam_oauth_client_credential",
-    "google_iam_organizations_policy_binding",
-    "google_iam_principal_access_boundary_policy",
-    "google_iam_projects_policy_binding",
-    "google_iam_workforce_pool",
-    "google_iam_workforce_pool_provider",
-    "google_iam_workload_identity_pool",
-    "google_iam_workload_identity_pool_provider",
-    "google_iap_app_engine_service_iam_binding",
-    "google_iap_app_engine_service_iam_member",
-    "google_iap_app_engine_service_iam_policy",
-    "google_iap_app_engine_version_iam_binding",
-    "google_iap_app_engine_version_iam_member",
-    "google_iap_app_engine_version_iam_policy",
-    "google_iap_brand",
-    "google_iap_client",
-    "google_iap_settings",
-    "google_iap_tunnel_dest_group",
-    "google_iap_tunnel_dest_group_iam_binding",
-    "google_iap_tunnel_dest_group_iam_member",
-    "google_iap_tunnel_dest_group_iam_policy",
-    "google_iap_tunnel_iam_binding",
-    "google_iap_tunnel_iam_member",
-    "google_iap_tunnel_iam_policy",
-    "google_iap_tunnel_instance_iam_binding",
-    "google_iap_tunnel_instance_iam_member",
-    "google_iap_tunnel_instance_iam_policy",
-    "google_iap_web_backend_service_iam_binding",
-    "google_iap_web_backend_service_iam_member",
-    "google_iap_web_backend_service_iam_policy",
-    "google_iap_web_iam_binding",
-    "google_iap_web_iam_member",
-    "google_iap_web_iam_policy",
-    "google_iap_web_region_backend_service_iam_binding",
-    "google_iap_web_region_backend_service_iam_member",
-    "google_iap_web_region_backend_service_iam_policy",
-    "google_iap_web_type_app_engine_iam_binding",
-    "google_iap_web_type_app_engine_iam_member",
-    "google_iap_web_type_app_engine_iam_policy",
-    "google_iap_web_type_compute_iam_binding",
-    "google_iap_web_type_compute_iam_member",
-    "google_iap_web_type_compute_iam_policy",
-    "google_identity_platform_config",
-    "google_identity_platform_default_supported_idp_config",
-    "google_identity_platform_inbound_saml_config",
-    "google_identity_platform_oauth_idp_config",
-    "google_identity_platform_tenant",
-    "google_identity_platform_tenant_default_supported_idp_config",
-    "google_identity_platform_tenant_inbound_saml_config",
-    "google_identity_platform_tenant_oauth_idp_config",
-    "google_integration_connectors_connection",
-    "google_integration_connectors_endpoint_attachment",
-    "google_integration_connectors_managed_zone",
-    "google_integrations_auth_config",
-    "google_integrations_client",
-    "google_kms_autokey_config",
-    "google_kms_crypto_key",
-    "google_kms_crypto_key_iam_binding",
-    "google_kms_crypto_key_iam_member",
-    "google_kms_crypto_key_iam_policy",
-    "google_kms_crypto_key_version",
-    "google_kms_ekm_connection",
-    "google_kms_ekm_connection_iam_binding",
-    "google_kms_ekm_connection_iam_member",
-    "google_kms_ekm_connection_iam_policy",
-    "google_kms_key_handle",
-    "google_kms_key_ring",
-    "google_kms_key_ring_iam_binding",
-    "google_kms_key_ring_iam_member",
-    "google_kms_key_ring_iam_policy",
-    "google_kms_key_ring_import_job",
-    "google_kms_secret_ciphertext",
-    "google_logging_billing_account_bucket_config",
-    "google_logging_billing_account_exclusion",
-    "google_logging_billing_account_sink",
-    "google_logging_folder_bucket_config",
-    "google_logging_folder_exclusion",
-    "google_logging_folder_settings",
-    "google_logging_folder_sink",
-    "google_logging_linked_dataset",
-    "google_logging_log_scope",
-    "google_logging_log_view",
-    "google_logging_log_view_iam_binding",
-    "google_logging_log_view_iam_member",
-    "google_logging_log_view_iam_policy",
-    "google_logging_metric",
-    "google_logging_organization_bucket_config",
-    "google_logging_organization_exclusion",
-    "google_logging_organization_settings",
-    "google_logging_organization_sink",
-    "google_logging_project_bucket_config",
-    "google_logging_project_exclusion",
-    "google_logging_project_sink",
-    "google_looker_instance",
-    "google_lustre_instance",
-    "google_managed_kafka_cluster",
-    "google_managed_kafka_connect_cluster",
-    "google_managed_kafka_connector",
-    "google_managed_kafka_topic",
-    "google_memcache_instance",
-    "google_memorystore_instance",
-    "google_migration_center_group",
-    "google_migration_center_preference_set",
-    "google_ml_engine_model",
-    "google_monitoring_alert_policy",
-    "google_monitoring_custom_service",
-    "google_monitoring_dashboard",
-    "google_monitoring_group",
-    "google_monitoring_metric_descriptor",
-    "google_monitoring_monitored_project",
-    "google_monitoring_notification_channel",
-    "google_monitoring_service",
-    "google_monitoring_slo",
-    "google_monitoring_uptime_check_config",
-    "google_netapp_active_directory",
-    "google_netapp_backup",
-    "google_netapp_backup_policy",
-    "google_netapp_backup_vault",
-    "google_netapp_kmsconfig",
-    "google_netapp_storage_pool",
-    "google_netapp_volume",
-    "google_netapp_volume_quota_rule",
-    "google_netapp_volume_replication",
-    "google_netapp_volume_snapshot",
-    "google_network_connectivity_group",
-    "google_network_connectivity_hub",
-    "google_network_connectivity_internal_range",
-    "google_network_connectivity_policy_based_route",
-    "google_network_connectivity_regional_endpoint",
-    "google_network_connectivity_service_connection_policy",
-    "google_network_connectivity_spoke",
-    "google_network_management_vpc_flow_logs_config",
-    "google_network_security_address_group",
-    "google_network_security_address_group_iam_binding",
-    "google_network_security_address_group_iam_member",
-    "google_network_security_address_group_iam_policy",
-    "google_network_security_authorization_policy",
-    "google_network_security_authz_policy",
-    "google_network_security_backend_authentication_config",
-    "google_network_security_client_tls_policy",
-    "google_network_security_firewall_endpoint",
-    "google_network_security_firewall_endpoint_association",
-    "google_network_security_gateway_security_policy",
-    "google_network_security_gateway_security_policy_rule",
-    "google_network_security_intercept_deployment",
-    "google_network_security_intercept_deployment_group",
-    "google_network_security_intercept_endpoint_group",
-    "google_network_security_intercept_endpoint_group_association",
-    "google_network_security_mirroring_deployment",
-    "google_network_security_mirroring_deployment_group",
-    "google_network_security_mirroring_endpoint_group",
-    "google_network_security_mirroring_endpoint_group_association",
-    "google_network_security_security_profile",
-    "google_network_security_security_profile_group",
-    "google_network_security_server_tls_policy",
-    "google_network_security_tls_inspection_policy",
-    "google_network_security_url_lists",
-    "google_network_services_authz_extension",
-    "google_network_services_edge_cache_keyset",
-    "google_network_services_edge_cache_origin",
-    "google_network_services_edge_cache_service",
-    "google_network_services_endpoint_policy",
-    "google_network_services_gateway",
-    "google_network_services_grpc_route",
-    "google_network_services_http_route",
-    "google_network_services_lb_route_extension",
-    "google_network_services_lb_traffic_extension",
-    "google_network_services_mesh",
-    "google_network_services_service_binding",
-    "google_network_services_service_lb_policies",
-    "google_network_services_tcp_route",
-    "google_network_services_tls_route",
-    "google_notebooks_environment",
-    "google_notebooks_instance",
-    "google_notebooks_instance_iam_binding",
-    "google_notebooks_instance_iam_member",
-    "google_notebooks_instance_iam_policy",
-    "google_notebooks_runtime",
-    "google_notebooks_runtime_iam_binding",
-    "google_notebooks_runtime_iam_member",
-    "google_notebooks_runtime_iam_policy",
-    "google_oracle_database_autonomous_database",
-    "google_oracle_database_cloud_exadata_infrastructure",
-    "google_oracle_database_cloud_vm_cluster",
-    "google_org_policy_custom_constraint",
-    "google_org_policy_policy",
-    "google_organization_access_approval_settings",
-    "google_organization_iam_audit_config",
-    "google_organization_iam_binding",
-    "google_organization_iam_custom_role",
-    "google_organization_iam_member",
-    "google_organization_iam_policy",
-    "google_organization_policy",
-    "google_os_config_guest_policies",
-    "google_os_config_os_policy_assignment",
-    "google_os_config_patch_deployment",
-    "google_os_config_v2_policy_orchestrator",
-    "google_os_login_ssh_public_key",
-    "google_parallelstore_instance",
-    "google_parameter_manager_parameter",
-    "google_parameter_manager_parameter_version",
-    "google_parameter_manager_regional_parameter",
-    "google_parameter_manager_regional_parameter_version",
-    "google_privateca_ca_pool",
-    "google_privateca_ca_pool_iam_binding",
-    "google_privateca_ca_pool_iam_member",
-    "google_privateca_ca_pool_iam_policy",
-    "google_privateca_certificate",
-    "google_privateca_certificate_authority",
-    "google_privateca_certificate_template",
-    "google_privateca_certificate_template_iam_binding",
-    "google_privateca_certificate_template_iam_member",
-    "google_privateca_certificate_template_iam_policy",
-    "google_privileged_access_manager_entitlement",
-    "google_project",
-    "google_project_access_approval_settings",
-    "google_project_default_service_accounts",
-    "google_project_iam_audit_config",
-    "google_project_iam_binding",
-    "google_project_iam_custom_role",
-    "google_project_iam_member",
-    "google_project_iam_member_remove",
-    "google_project_iam_policy",
-    "google_project_organization_policy",
-    "google_project_service",
-    "google_project_service_identity",
-    "google_project_services",
-    "google_project_usage_export_bucket",
-    "google_public_ca_external_account_key",
-    "google_pubsub_lite_reservation",
-    "google_pubsub_lite_subscription",
-    "google_pubsub_lite_topic",
-    "google_pubsub_schema",
-    "google_pubsub_schema_iam_binding",
-    "google_pubsub_schema_iam_member",
-    "google_pubsub_schema_iam_policy",
-    "google_pubsub_subscription",
-    "google_pubsub_subscription_iam_binding",
-    "google_pubsub_subscription_iam_member",
-    "google_pubsub_subscription_iam_policy",
-    "google_pubsub_topic",
-    "google_pubsub_topic_iam_binding",
-    "google_pubsub_topic_iam_member",
-    "google_pubsub_topic_iam_policy",
-    "google_recaptcha_enterprise_key",
-    "google_redis_cluster",
-    "google_redis_cluster_user_created_connections",
-    "google_redis_instance",
-    "google_resource_manager_lien",
-    "google_runtimeconfig_config",
-    "google_runtimeconfig_config_iam_binding",
-    "google_runtimeconfig_config_iam_member",
-    "google_runtimeconfig_config_iam_policy",
-    "google_runtimeconfig_variable",
-    "google_scc_event_threat_detection_custom_module",
-    "google_scc_folder_custom_module",
-    "google_scc_folder_notification_config",
-    "google_scc_folder_scc_big_query_export",
-    "google_scc_management_folder_security_health_analytics_custom_module",
-    "google_scc_management_organization_event_threat_detection_custom_module",
-    "google_scc_management_organization_security_health_analytics_custom_module",
-    "google_scc_management_project_security_health_analytics_custom_module",
-    "google_scc_mute_config",
-    "google_scc_notification_config",
-    "google_scc_organization_custom_module",
-    "google_scc_organization_scc_big_query_export",
-    "google_scc_project_custom_module",
-    "google_scc_project_notification_config",
-    "google_scc_project_scc_big_query_export",
-    "google_scc_source",
-    "google_scc_source_iam_binding",
-    "google_scc_source_iam_member",
-    "google_scc_source_iam_policy",
-    "google_scc_v2_folder_mute_config",
-    "google_scc_v2_folder_notification_config",
-    "google_scc_v2_folder_scc_big_query_export",
-    "google_scc_v2_organization_mute_config",
-    "google_scc_v2_organization_notification_config",
-    "google_scc_v2_organization_scc_big_query_export",
-    "google_scc_v2_organization_scc_big_query_exports",
-    "google_scc_v2_organization_source_iam_binding",
-    "google_scc_v2_organization_source_iam_member",
-    "google_scc_v2_organization_source_iam_policy",
-    "google_scc_v2_project_mute_config",
-    "google_scc_v2_project_notification_config",
-    "google_scc_v2_project_scc_big_query_export",
-    "google_secret_manager_regional_secret",
-    "google_secret_manager_regional_secret_iam_binding",
-    "google_secret_manager_regional_secret_iam_member",
-    "google_secret_manager_regional_secret_iam_policy",
-    "google_secret_manager_regional_secret_version",
-    "google_secret_manager_secret",
-    "google_secret_manager_secret_iam_binding",
-    "google_secret_manager_secret_iam_member",
-    "google_secret_manager_secret_iam_policy",
-    "google_secret_manager_secret_version",
-    "google_secure_source_manager_branch_rule",
-    "google_secure_source_manager_instance",
-    "google_secure_source_manager_instance_iam_binding",
-    "google_secure_source_manager_instance_iam_member",
-    "google_secure_source_manager_instance_iam_policy",
-    "google_secure_source_manager_repository",
-    "google_secure_source_manager_repository_iam_binding",
-    "google_secure_source_manager_repository_iam_member",
-    "google_secure_source_manager_repository_iam_policy",
-    "google_security_scanner_scan_config",
-    "google_securityposture_posture",
-    "google_service_account",
-    "google_service_account_iam_binding",
-    "google_service_account_iam_member",
-    "google_service_account_iam_policy",
-    "google_service_account_key",
-    "google_service_directory_endpoint",
-    "google_service_directory_namespace",
-    "google_service_directory_namespace_iam_binding",
-    "google_service_directory_namespace_iam_member",
-    "google_service_directory_namespace_iam_policy",
-    "google_service_directory_service",
-    "google_service_directory_service_iam_binding",
-    "google_service_directory_service_iam_member",
-    "google_service_directory_service_iam_policy",
-    "google_service_networking_connection",
-    "google_service_networking_peered_dns_domain",
-    "google_service_networking_vpc_service_controls",
-    "google_service_usage_consumer_quota_override",
-    "google_site_verification_owner",
-    "google_site_verification_web_resource",
-    "google_sourcerepo_repository",
-    "google_sourcerepo_repository_iam_binding",
-    "google_sourcerepo_repository_iam_member",
-    "google_sourcerepo_repository_iam_policy",
-    "google_spanner_backup_schedule",
-    "google_spanner_database",
-    "google_spanner_database_iam_binding",
-    "google_spanner_database_iam_member",
-    "google_spanner_database_iam_policy",
-    "google_spanner_instance",
-    "google_spanner_instance_config",
-    "google_spanner_instance_iam_binding",
-    "google_spanner_instance_iam_member",
-    "google_spanner_instance_iam_policy",
-    "google_spanner_instance_partition",
-    "google_sql_database",
-    "google_sql_database_instance",
-    "google_sql_source_representation_instance",
-    "google_sql_ssl_cert",
-    "google_sql_user",
-    "google_storage_anywhere_cache",
-    "google_storage_bucket",
-    "google_storage_bucket_access_control",
-    "google_storage_bucket_acl",
-    "google_storage_bucket_iam_binding",
-    "google_storage_bucket_iam_member",
-    "google_storage_bucket_iam_policy",
-    "google_storage_bucket_object",
-    "google_storage_default_object_access_control",
-    "google_storage_default_object_acl",
-    "google_storage_folder",
-    "google_storage_hmac_key",
-    "google_storage_insights_report_config",
-    "google_storage_managed_folder",
-    "google_storage_managed_folder_iam_binding",
-    "google_storage_managed_folder_iam_member",
-    "google_storage_managed_folder_iam_policy",
-    "google_storage_notification",
-    "google_storage_object_access_control",
-    "google_storage_object_acl",
-    "google_storage_transfer_agent_pool",
-    "google_storage_transfer_job",
-    "google_tags_location_tag_binding",
-    "google_tags_tag_binding",
-    "google_tags_tag_key",
-    "google_tags_tag_key_iam_binding",
-    "google_tags_tag_key_iam_member",
-    "google_tags_tag_key_iam_policy",
-    "google_tags_tag_value",
-    "google_tags_tag_value_iam_binding",
-    "google_tags_tag_value_iam_member",
-    "google_tags_tag_value_iam_policy",
-    "google_tpu_node",
-    "google_tpu_v2_queued_resource",
-    "google_tpu_v2_vm",
-    "google_transcoder_job",
-    "google_transcoder_job_template",
-    "google_vertex_ai_dataset",
-    "google_vertex_ai_deployment_resource_pool",
-    "google_vertex_ai_endpoint",
-    "google_vertex_ai_endpoint_iam_binding",
-    "google_vertex_ai_endpoint_iam_member",
-    "google_vertex_ai_endpoint_iam_policy",
-    "google_vertex_ai_feature_group",
-    "google_vertex_ai_feature_group_feature",
-    "google_vertex_ai_feature_online_store",
-    "google_vertex_ai_feature_online_store_featureview",
-    "google_vertex_ai_featurestore",
-    "google_vertex_ai_featurestore_entitytype",
-    "google_vertex_ai_featurestore_entitytype_feature",
-    "google_vertex_ai_featurestore_entitytype_iam_binding",
-    "google_vertex_ai_featurestore_entitytype_iam_member",
-    "google_vertex_ai_featurestore_entitytype_iam_policy",
-    "google_vertex_ai_featurestore_iam_binding",
-    "google_vertex_ai_featurestore_iam_member",
-    "google_vertex_ai_featurestore_iam_policy",
-    "google_vertex_ai_index",
-    "google_vertex_ai_index_endpoint",
-    "google_vertex_ai_index_endpoint_deployed_index",
-    "google_vertex_ai_metadata_store",
-    "google_vertex_ai_tensorboard",
-    "google_vmwareengine_cluster",
-    "google_vmwareengine_external_access_rule",
-    "google_vmwareengine_external_address",
-    "google_vmwareengine_network",
-    "google_vmwareengine_network_peering",
-    "google_vmwareengine_network_policy",
-    "google_vmwareengine_private_cloud",
-    "google_vmwareengine_subnet",
-    "google_vpc_access_connector",
-    "google_workbench_instance",
-    "google_workbench_instance_iam_binding",
-    "google_workbench_instance_iam_member",
-    "google_workbench_instance_iam_policy",
-    "google_workflows_workflow",
-    "google_workstations_workstation",
-    "google_workstations_workstation_cluster",
-    "google_workstations_workstation_config",
-    "google_workstations_workstation_config_iam_binding",
-    "google_workstations_workstation_config_iam_member",
-    "google_workstations_workstation_config_iam_policy",
-    "google_workstations_workstation_iam_binding",
-    "google_workstations_workstation_iam_member",
-    "google_workstations_workstation_iam_policy"
-  ]
-}
+    "resources": [
+        "google_access_context_manager_access_level",
+        "google_access_context_manager_access_level_condition",
+        "google_access_context_manager_access_levels",
+        "google_access_context_manager_access_policy",
+        "google_access_context_manager_access_policy_iam_binding",
+        "google_access_context_manager_access_policy_iam_member",
+        "google_access_context_manager_access_policy_iam_policy",
+        "google_access_context_manager_authorized_orgs_desc",
+        "google_access_context_manager_gcp_user_access_binding",
+        "google_access_context_manager_service_perimeter",
+        "google_access_context_manager_service_perimeter_dry_run_egress_policy",
+        "google_access_context_manager_service_perimeter_dry_run_ingress_policy",
+        "google_access_context_manager_service_perimeter_dry_run_resource",
+        "google_access_context_manager_service_perimeter_egress_policy",
+        "google_access_context_manager_service_perimeter_ingress_policy",
+        "google_access_context_manager_service_perimeter_resource",
+        "google_access_context_manager_service_perimeters",
+        "google_active_directory_domain",
+        "google_active_directory_domain_trust",
+        "google_active_directory_peering",
+        "google_alloydb_backup",
+        "google_alloydb_cluster",
+        "google_alloydb_instance",
+        "google_alloydb_user",
+        "google_api_gateway_api",
+        "google_api_gateway_api_config",
+        "google_api_gateway_api_config_iam_binding",
+        "google_api_gateway_api_config_iam_member",
+        "google_api_gateway_api_config_iam_policy",
+        "google_api_gateway_api_iam_binding",
+        "google_api_gateway_api_iam_member",
+        "google_api_gateway_api_iam_policy",
+        "google_api_gateway_gateway",
+        "google_api_gateway_gateway_iam_binding",
+        "google_api_gateway_gateway_iam_member",
+        "google_api_gateway_gateway_iam_policy",
+        "google_apigee_addons_config",
+        "google_apigee_api",
+        "google_apigee_api_deployment",
+        "google_apigee_api_product",
+        "google_apigee_app_group",
+        "google_apigee_control_plane_access",
+        "google_apigee_developer",
+        "google_apigee_developer_app",
+        "google_apigee_dns_zone",
+        "google_apigee_env_keystore",
+        "google_apigee_envgroup",
+        "google_apigee_envgroup_attachment",
+        "google_apigee_environment",
+        "google_apigee_environment_addons_config",
+        "google_apigee_environment_api_revision_deployment",
+        "google_apigee_environment_iam_binding",
+        "google_apigee_environment_iam_member",
+        "google_apigee_environment_iam_policy",
+        "google_apigee_environment_keyvaluemaps",
+        "google_apigee_environment_keyvaluemaps_entries",
+        "google_apigee_instance",
+        "google_apigee_instance_attachment",
+        "google_apigee_keystores_aliases_self_signed_cert",
+        "google_apigee_nat_address",
+        "google_apigee_organization",
+        "google_apigee_security_action",
+        "google_apigee_security_monitoring_condition",
+        "google_apigee_security_profile_v2",
+        "google_apigee_sync_authorization",
+        "google_apigee_target_server",
+        "google_apihub_api_hub_instance",
+        "google_apihub_curation",
+        "google_apihub_host_project_registration",
+        "google_apihub_plugin",
+        "google_apihub_plugin_instance",
+        "google_apikeys_key",
+        "google_app_engine_application",
+        "google_app_engine_application_url_dispatch_rules",
+        "google_app_engine_domain_mapping",
+        "google_app_engine_firewall_rule",
+        "google_app_engine_flexible_app_version",
+        "google_app_engine_service_network_settings",
+        "google_app_engine_service_split_traffic",
+        "google_app_engine_standard_app_version",
+        "google_apphub_application",
+        "google_apphub_service",
+        "google_apphub_service_project_attachment",
+        "google_apphub_workload",
+        "google_artifact_registry_package",
+        "google_artifact_registry_repository",
+        "google_artifact_registry_repository_iam_binding",
+        "google_artifact_registry_repository_iam_member",
+        "google_artifact_registry_repository_iam_policy",
+        "google_artifact_registry_vpcsc_config",
+        "google_assured_workloads_workload",
+        "google_backup_dr_backup_plan",
+        "google_backup_dr_backup_plan_association",
+        "google_backup_dr_backup_vault",
+        "google_backup_dr_management_server",
+        "google_backup_dr_service_config",
+        "google_beyondcorp_app_connection",
+        "google_beyondcorp_app_connector",
+        "google_beyondcorp_app_gateway",
+        "google_beyondcorp_security_gateway",
+        "google_beyondcorp_security_gateway_application",
+        "google_beyondcorp_security_gateway_application_iam_binding",
+        "google_beyondcorp_security_gateway_application_iam_member",
+        "google_beyondcorp_security_gateway_application_iam_policy",
+        "google_beyondcorp_security_gateway_iam_binding",
+        "google_beyondcorp_security_gateway_iam_member",
+        "google_beyondcorp_security_gateway_iam_policy",
+        "google_biglake_catalog",
+        "google_biglake_database",
+        "google_biglake_table",
+        "google_bigquery_analytics_hub_data_exchange",
+        "google_bigquery_analytics_hub_data_exchange_iam_binding",
+        "google_bigquery_analytics_hub_data_exchange_iam_member",
+        "google_bigquery_analytics_hub_data_exchange_iam_policy",
+        "google_bigquery_analytics_hub_data_exchange_subscription",
+        "google_bigquery_analytics_hub_listing",
+        "google_bigquery_analytics_hub_listing_iam_binding",
+        "google_bigquery_analytics_hub_listing_iam_member",
+        "google_bigquery_analytics_hub_listing_iam_policy",
+        "google_bigquery_analytics_hub_listing_subscription",
+        "google_bigquery_bi_reservation",
+        "google_bigquery_capacity_commitment",
+        "google_bigquery_connection",
+        "google_bigquery_connection_iam_binding",
+        "google_bigquery_connection_iam_member",
+        "google_bigquery_connection_iam_policy",
+        "google_bigquery_data_transfer_config",
+        "google_bigquery_datapolicy_data_policy",
+        "google_bigquery_datapolicy_data_policy_iam_binding",
+        "google_bigquery_datapolicy_data_policy_iam_member",
+        "google_bigquery_datapolicy_data_policy_iam_policy",
+        "google_bigquery_datapolicyv2_data_policy",
+        "google_bigquery_datapolicyv2_data_policy_iam_binding",
+        "google_bigquery_datapolicyv2_data_policy_iam_member",
+        "google_bigquery_datapolicyv2_data_policy_iam_policy",
+        "google_bigquery_dataset",
+        "google_bigquery_dataset_access",
+        "google_bigquery_dataset_iam_binding",
+        "google_bigquery_dataset_iam_member",
+        "google_bigquery_dataset_iam_policy",
+        "google_bigquery_job",
+        "google_bigquery_reservation",
+        "google_bigquery_reservation_assignment",
+        "google_bigquery_routine",
+        "google_bigquery_row_access_policy",
+        "google_bigquery_table",
+        "google_bigquery_table_iam_binding",
+        "google_bigquery_table_iam_member",
+        "google_bigquery_table_iam_policy",
+        "google_bigtable_app_profile",
+        "google_bigtable_authorized_view",
+        "google_bigtable_gc_policy",
+        "google_bigtable_instance",
+        "google_bigtable_instance_iam_binding",
+        "google_bigtable_instance_iam_member",
+        "google_bigtable_instance_iam_policy",
+        "google_bigtable_logical_view",
+        "google_bigtable_materialized_view",
+        "google_bigtable_schema_bundle",
+        "google_bigtable_table",
+        "google_bigtable_table_iam_binding",
+        "google_bigtable_table_iam_member",
+        "google_bigtable_table_iam_policy",
+        "google_billing_account_iam_binding",
+        "google_billing_account_iam_member",
+        "google_billing_account_iam_policy",
+        "google_billing_budget",
+        "google_billing_project_info",
+        "google_billing_subaccount",
+        "google_binary_authorization_attestor",
+        "google_binary_authorization_attestor_iam_binding",
+        "google_binary_authorization_attestor_iam_member",
+        "google_binary_authorization_attestor_iam_policy",
+        "google_binary_authorization_policy",
+        "google_blockchain_node_engine_blockchain_nodes",
+        "google_certificate_manager_certificate",
+        "google_certificate_manager_certificate_issuance_config",
+        "google_certificate_manager_certificate_map",
+        "google_certificate_manager_certificate_map_entry",
+        "google_certificate_manager_dns_authorization",
+        "google_certificate_manager_trust_config",
+        "google_ces_agent",
+        "google_ces_app",
+        "google_ces_deployment",
+        "google_ces_example",
+        "google_ces_guardrail",
+        "google_ces_tool",
+        "google_ces_toolset",
+        "google_chronicle_data_access_label",
+        "google_chronicle_data_access_scope",
+        "google_chronicle_reference_list",
+        "google_chronicle_retrohunt",
+        "google_chronicle_rule",
+        "google_chronicle_rule_deployment",
+        "google_chronicle_watchlist",
+        "google_cloud_asset_folder_feed",
+        "google_cloud_asset_organization_feed",
+        "google_cloud_asset_project_feed",
+        "google_cloud_identity_group",
+        "google_cloud_identity_group_membership",
+        "google_cloud_ids_endpoint",
+        "google_cloud_quotas_quota_adjuster_settings",
+        "google_cloud_quotas_quota_preference",
+        "google_cloud_run_domain_mapping",
+        "google_cloud_run_service",
+        "google_cloud_run_service_iam_binding",
+        "google_cloud_run_service_iam_member",
+        "google_cloud_run_service_iam_policy",
+        "google_cloud_run_v2_job",
+        "google_cloud_run_v2_job_iam_binding",
+        "google_cloud_run_v2_job_iam_member",
+        "google_cloud_run_v2_job_iam_policy",
+        "google_cloud_run_v2_service",
+        "google_cloud_run_v2_service_iam_binding",
+        "google_cloud_run_v2_service_iam_member",
+        "google_cloud_run_v2_service_iam_policy",
+        "google_cloud_run_v2_worker_pool",
+        "google_cloud_run_v2_worker_pool_iam_binding",
+        "google_cloud_run_v2_worker_pool_iam_member",
+        "google_cloud_run_v2_worker_pool_iam_policy",
+        "google_cloud_scheduler_job",
+        "google_cloud_security_compliance_cloud_control",
+        "google_cloud_security_compliance_framework",
+        "google_cloud_security_compliance_framework_deployment",
+        "google_cloud_tasks_queue",
+        "google_cloud_tasks_queue_iam_binding",
+        "google_cloud_tasks_queue_iam_member",
+        "google_cloud_tasks_queue_iam_policy",
+        "google_cloudbuild_bitbucket_server_config",
+        "google_cloudbuild_trigger",
+        "google_cloudbuild_worker_pool",
+        "google_cloudbuildv2_connection",
+        "google_cloudbuildv2_connection_iam_binding",
+        "google_cloudbuildv2_connection_iam_member",
+        "google_cloudbuildv2_connection_iam_policy",
+        "google_cloudbuildv2_repository",
+        "google_clouddeploy_automation",
+        "google_clouddeploy_custom_target_type",
+        "google_clouddeploy_custom_target_type_iam_binding",
+        "google_clouddeploy_custom_target_type_iam_member",
+        "google_clouddeploy_custom_target_type_iam_policy",
+        "google_clouddeploy_delivery_pipeline",
+        "google_clouddeploy_delivery_pipeline_iam_binding",
+        "google_clouddeploy_delivery_pipeline_iam_member",
+        "google_clouddeploy_delivery_pipeline_iam_policy",
+        "google_clouddeploy_deploy_policy",
+        "google_clouddeploy_target",
+        "google_clouddeploy_target_iam_binding",
+        "google_clouddeploy_target_iam_member",
+        "google_clouddeploy_target_iam_policy",
+        "google_clouddomains_registration",
+        "google_cloudfunctions2_function",
+        "google_cloudfunctions2_function_iam_binding",
+        "google_cloudfunctions2_function_iam_member",
+        "google_cloudfunctions2_function_iam_policy",
+        "google_cloudfunctions_function",
+        "google_cloudfunctions_function_iam_binding",
+        "google_cloudfunctions_function_iam_member",
+        "google_cloudfunctions_function_iam_policy",
+        "google_cloudiot_registry",
+        "google_colab_notebook_execution",
+        "google_colab_runtime",
+        "google_colab_runtime_template",
+        "google_colab_runtime_template_iam_binding",
+        "google_colab_runtime_template_iam_member",
+        "google_colab_runtime_template_iam_policy",
+        "google_colab_schedule",
+        "google_composer_environment",
+        "google_composer_user_workloads_config_map",
+        "google_composer_user_workloads_secret",
+        "google_compute_address",
+        "google_compute_attached_disk",
+        "google_compute_autoscaler",
+        "google_compute_backend_bucket",
+        "google_compute_backend_bucket_iam_binding",
+        "google_compute_backend_bucket_iam_member",
+        "google_compute_backend_bucket_iam_policy",
+        "google_compute_backend_bucket_signed_url_key",
+        "google_compute_backend_service",
+        "google_compute_backend_service_iam_binding",
+        "google_compute_backend_service_iam_member",
+        "google_compute_backend_service_iam_policy",
+        "google_compute_backend_service_signed_url_key",
+        "google_compute_cross_site_network",
+        "google_compute_disk",
+        "google_compute_disk_async_replication",
+        "google_compute_disk_iam_binding",
+        "google_compute_disk_iam_member",
+        "google_compute_disk_iam_policy",
+        "google_compute_disk_resource_policy_attachment",
+        "google_compute_external_vpn_gateway",
+        "google_compute_firewall",
+        "google_compute_firewall_policy",
+        "google_compute_firewall_policy_association",
+        "google_compute_firewall_policy_rule",
+        "google_compute_firewall_policy_with_rules",
+        "google_compute_forwarding_rule",
+        "google_compute_future_reservation",
+        "google_compute_global_address",
+        "google_compute_global_forwarding_rule",
+        "google_compute_global_network_endpoint",
+        "google_compute_global_network_endpoint_group",
+        "google_compute_ha_vpn_gateway",
+        "google_compute_health_check",
+        "google_compute_http_health_check",
+        "google_compute_https_health_check",
+        "google_compute_image",
+        "google_compute_image_iam_binding",
+        "google_compute_image_iam_member",
+        "google_compute_image_iam_policy",
+        "google_compute_instance",
+        "google_compute_instance_from_machine_image",
+        "google_compute_instance_from_template",
+        "google_compute_instance_group",
+        "google_compute_instance_group_manager",
+        "google_compute_instance_group_membership",
+        "google_compute_instance_group_named_port",
+        "google_compute_instance_iam_binding",
+        "google_compute_instance_iam_member",
+        "google_compute_instance_iam_policy",
+        "google_compute_instance_settings",
+        "google_compute_instance_template",
+        "google_compute_instance_template_iam_binding",
+        "google_compute_instance_template_iam_member",
+        "google_compute_instance_template_iam_policy",
+        "google_compute_instant_snapshot",
+        "google_compute_instant_snapshot_iam_binding",
+        "google_compute_instant_snapshot_iam_member",
+        "google_compute_instant_snapshot_iam_policy",
+        "google_compute_interconnect",
+        "google_compute_interconnect_attachment",
+        "google_compute_interconnect_attachment_group",
+        "google_compute_interconnect_group",
+        "google_compute_machine_image",
+        "google_compute_machine_image_iam_binding",
+        "google_compute_machine_image_iam_member",
+        "google_compute_machine_image_iam_policy",
+        "google_compute_managed_ssl_certificate",
+        "google_compute_network",
+        "google_compute_network_attachment",
+        "google_compute_network_edge_security_service",
+        "google_compute_network_endpoint",
+        "google_compute_network_endpoint_group",
+        "google_compute_network_endpoints",
+        "google_compute_network_firewall_policy",
+        "google_compute_network_firewall_policy_association",
+        "google_compute_network_firewall_policy_packet_mirroring_rule",
+        "google_compute_network_firewall_policy_rule",
+        "google_compute_network_firewall_policy_with_rules",
+        "google_compute_network_peering",
+        "google_compute_network_peering_routes_config",
+        "google_compute_node_group",
+        "google_compute_node_template",
+        "google_compute_organization_security_policy",
+        "google_compute_organization_security_policy_association",
+        "google_compute_organization_security_policy_rule",
+        "google_compute_packet_mirroring",
+        "google_compute_per_instance_config",
+        "google_compute_preview_feature",
+        "google_compute_project_cloud_armor_tier",
+        "google_compute_project_default_network_tier",
+        "google_compute_project_metadata",
+        "google_compute_project_metadata_item",
+        "google_compute_public_advertised_prefix",
+        "google_compute_public_delegated_prefix",
+        "google_compute_region_autoscaler",
+        "google_compute_region_backend_service",
+        "google_compute_region_backend_service_iam_binding",
+        "google_compute_region_backend_service_iam_member",
+        "google_compute_region_backend_service_iam_policy",
+        "google_compute_region_commitment",
+        "google_compute_region_disk",
+        "google_compute_region_disk_iam_binding",
+        "google_compute_region_disk_iam_member",
+        "google_compute_region_disk_iam_policy",
+        "google_compute_region_disk_resource_policy_attachment",
+        "google_compute_region_health_aggregation_policy",
+        "google_compute_region_health_check",
+        "google_compute_region_instance_group_manager",
+        "google_compute_region_instance_template",
+        "google_compute_region_network_endpoint",
+        "google_compute_region_network_endpoint_group",
+        "google_compute_region_network_firewall_policy",
+        "google_compute_region_network_firewall_policy_association",
+        "google_compute_region_network_firewall_policy_rule",
+        "google_compute_region_network_firewall_policy_with_rules",
+        "google_compute_region_per_instance_config",
+        "google_compute_region_resize_request",
+        "google_compute_region_security_policy",
+        "google_compute_region_security_policy_rule",
+        "google_compute_region_ssl_certificate",
+        "google_compute_region_target_http_proxy",
+        "google_compute_region_target_https_proxy",
+        "google_compute_region_target_tcp_proxy",
+        "google_compute_region_url_map",
+        "google_compute_reservation",
+        "google_compute_resize_request",
+        "google_compute_resource_policy",
+        "google_compute_resource_policy_attachment",
+        "google_compute_route",
+        "google_compute_router",
+        "google_compute_router_interface",
+        "google_compute_router_nat",
+        "google_compute_router_nat_address",
+        "google_compute_router_peer",
+        "google_compute_router_route_policy",
+        "google_compute_security_policy",
+        "google_compute_security_policy_rule",
+        "google_compute_service_attachment",
+        "google_compute_shared_vpc_host_project",
+        "google_compute_shared_vpc_service_project",
+        "google_compute_snapshot",
+        "google_compute_snapshot_iam_binding",
+        "google_compute_snapshot_iam_member",
+        "google_compute_snapshot_iam_policy",
+        "google_compute_snapshot_settings",
+        "google_compute_ssl_certificate",
+        "google_compute_ssl_policy",
+        "google_compute_storage_pool",
+        "google_compute_storage_pool_iam_binding",
+        "google_compute_storage_pool_iam_member",
+        "google_compute_storage_pool_iam_policy",
+        "google_compute_subnetwork",
+        "google_compute_subnetwork_iam_binding",
+        "google_compute_subnetwork_iam_member",
+        "google_compute_subnetwork_iam_policy",
+        "google_compute_target_grpc_proxy",
+        "google_compute_target_http_proxy",
+        "google_compute_target_https_proxy",
+        "google_compute_target_instance",
+        "google_compute_target_pool",
+        "google_compute_target_ssl_proxy",
+        "google_compute_target_tcp_proxy",
+        "google_compute_url_map",
+        "google_compute_vpn_gateway",
+        "google_compute_vpn_tunnel",
+        "google_compute_wire_group",
+        "google_contact_center_insights_analysis_rule",
+        "google_contact_center_insights_view",
+        "google_container_analysis_note",
+        "google_container_analysis_note_iam_binding",
+        "google_container_analysis_note_iam_member",
+        "google_container_analysis_note_iam_policy",
+        "google_container_analysis_occurrence",
+        "google_container_attached_cluster",
+        "google_container_aws_cluster",
+        "google_container_aws_node_pool",
+        "google_container_azure_client",
+        "google_container_azure_cluster",
+        "google_container_azure_node_pool",
+        "google_container_cluster",
+        "google_container_node_pool",
+        "google_container_registry",
+        "google_data_catalog_entry",
+        "google_data_catalog_entry_group",
+        "google_data_catalog_entry_group_iam_binding",
+        "google_data_catalog_entry_group_iam_member",
+        "google_data_catalog_entry_group_iam_policy",
+        "google_data_catalog_policy_tag",
+        "google_data_catalog_policy_tag_iam_binding",
+        "google_data_catalog_policy_tag_iam_member",
+        "google_data_catalog_policy_tag_iam_policy",
+        "google_data_catalog_tag",
+        "google_data_catalog_tag_template",
+        "google_data_catalog_tag_template_iam_binding",
+        "google_data_catalog_tag_template_iam_member",
+        "google_data_catalog_tag_template_iam_policy",
+        "google_data_catalog_taxonomy",
+        "google_data_catalog_taxonomy_iam_binding",
+        "google_data_catalog_taxonomy_iam_member",
+        "google_data_catalog_taxonomy_iam_policy",
+        "google_data_fusion_instance",
+        "google_data_fusion_instance_iam_binding",
+        "google_data_fusion_instance_iam_member",
+        "google_data_fusion_instance_iam_policy",
+        "google_data_loss_prevention_deidentify_template",
+        "google_data_loss_prevention_discovery_config",
+        "google_data_loss_prevention_inspect_template",
+        "google_data_loss_prevention_job_trigger",
+        "google_data_loss_prevention_stored_info_type",
+        "google_data_pipeline_pipeline",
+        "google_database_migration_service_connection_profile",
+        "google_database_migration_service_migration_job",
+        "google_database_migration_service_private_connection",
+        "google_dataflow_flex_template_job",
+        "google_dataflow_job",
+        "google_dataform_repository",
+        "google_dataform_repository_iam_binding",
+        "google_dataform_repository_iam_member",
+        "google_dataform_repository_iam_policy",
+        "google_dataform_repository_release_config",
+        "google_dataform_repository_workflow_config",
+        "google_dataplex_aspect_type",
+        "google_dataplex_aspect_type_iam_binding",
+        "google_dataplex_aspect_type_iam_member",
+        "google_dataplex_aspect_type_iam_policy",
+        "google_dataplex_asset",
+        "google_dataplex_asset_iam_binding",
+        "google_dataplex_asset_iam_member",
+        "google_dataplex_asset_iam_policy",
+        "google_dataplex_datascan",
+        "google_dataplex_datascan_iam_binding",
+        "google_dataplex_datascan_iam_member",
+        "google_dataplex_datascan_iam_policy",
+        "google_dataplex_entry",
+        "google_dataplex_entry_group",
+        "google_dataplex_entry_group_iam_binding",
+        "google_dataplex_entry_group_iam_member",
+        "google_dataplex_entry_group_iam_policy",
+        "google_dataplex_entry_link",
+        "google_dataplex_entry_type",
+        "google_dataplex_entry_type_iam_binding",
+        "google_dataplex_entry_type_iam_member",
+        "google_dataplex_entry_type_iam_policy",
+        "google_dataplex_glossary",
+        "google_dataplex_glossary_category",
+        "google_dataplex_glossary_iam_binding",
+        "google_dataplex_glossary_iam_member",
+        "google_dataplex_glossary_iam_policy",
+        "google_dataplex_glossary_term",
+        "google_dataplex_lake",
+        "google_dataplex_lake_iam_binding",
+        "google_dataplex_lake_iam_member",
+        "google_dataplex_lake_iam_policy",
+        "google_dataplex_task",
+        "google_dataplex_task_iam_binding",
+        "google_dataplex_task_iam_member",
+        "google_dataplex_task_iam_policy",
+        "google_dataplex_zone",
+        "google_dataplex_zone_iam_binding",
+        "google_dataplex_zone_iam_member",
+        "google_dataplex_zone_iam_policy",
+        "google_dataproc_autoscaling_policy",
+        "google_dataproc_autoscaling_policy_iam_binding",
+        "google_dataproc_autoscaling_policy_iam_member",
+        "google_dataproc_autoscaling_policy_iam_policy",
+        "google_dataproc_batch",
+        "google_dataproc_cluster",
+        "google_dataproc_cluster_iam_binding",
+        "google_dataproc_cluster_iam_member",
+        "google_dataproc_cluster_iam_policy",
+        "google_dataproc_gdc_application_environment",
+        "google_dataproc_gdc_service_instance",
+        "google_dataproc_gdc_spark_application",
+        "google_dataproc_job",
+        "google_dataproc_job_iam_binding",
+        "google_dataproc_job_iam_member",
+        "google_dataproc_job_iam_policy",
+        "google_dataproc_metastore_database_iam_binding",
+        "google_dataproc_metastore_database_iam_member",
+        "google_dataproc_metastore_database_iam_policy",
+        "google_dataproc_metastore_federation",
+        "google_dataproc_metastore_federation_iam_binding",
+        "google_dataproc_metastore_federation_iam_member",
+        "google_dataproc_metastore_federation_iam_policy",
+        "google_dataproc_metastore_service",
+        "google_dataproc_metastore_service_iam_binding",
+        "google_dataproc_metastore_service_iam_member",
+        "google_dataproc_metastore_service_iam_policy",
+        "google_dataproc_metastore_table_iam_binding",
+        "google_dataproc_metastore_table_iam_member",
+        "google_dataproc_metastore_table_iam_policy",
+        "google_dataproc_session_template",
+        "google_dataproc_workflow_template",
+        "google_datastream_connection_profile",
+        "google_datastream_private_connection",
+        "google_datastream_stream",
+        "google_deployment_manager_deployment",
+        "google_developer_connect_account_connector",
+        "google_developer_connect_connection",
+        "google_developer_connect_git_repository_link",
+        "google_developer_connect_insights_config",
+        "google_dialogflow_agent",
+        "google_dialogflow_conversation_profile",
+        "google_dialogflow_cx_agent",
+        "google_dialogflow_cx_entity_type",
+        "google_dialogflow_cx_environment",
+        "google_dialogflow_cx_flow",
+        "google_dialogflow_cx_generative_settings",
+        "google_dialogflow_cx_generator",
+        "google_dialogflow_cx_intent",
+        "google_dialogflow_cx_page",
+        "google_dialogflow_cx_playbook",
+        "google_dialogflow_cx_security_settings",
+        "google_dialogflow_cx_tool",
+        "google_dialogflow_cx_version",
+        "google_dialogflow_cx_webhook",
+        "google_dialogflow_encryption_spec",
+        "google_dialogflow_entity_type",
+        "google_dialogflow_fulfillment",
+        "google_dialogflow_intent",
+        "google_discovery_engine_acl_config",
+        "google_discovery_engine_assistant",
+        "google_discovery_engine_chat_engine",
+        "google_discovery_engine_cmek_config",
+        "google_discovery_engine_control",
+        "google_discovery_engine_data_connector",
+        "google_discovery_engine_data_store",
+        "google_discovery_engine_license_config",
+        "google_discovery_engine_recommendation_engine",
+        "google_discovery_engine_schema",
+        "google_discovery_engine_search_engine",
+        "google_discovery_engine_sitemap",
+        "google_discovery_engine_target_site",
+        "google_discovery_engine_user_store",
+        "google_dns_managed_zone",
+        "google_dns_managed_zone_iam_binding",
+        "google_dns_managed_zone_iam_member",
+        "google_dns_managed_zone_iam_policy",
+        "google_dns_policy",
+        "google_dns_record_set",
+        "google_dns_response_policy",
+        "google_dns_response_policy_rule",
+        "google_document_ai_processor",
+        "google_document_ai_processor_default_version",
+        "google_document_ai_warehouse_document_schema",
+        "google_document_ai_warehouse_location",
+        "google_edgecontainer_cluster",
+        "google_edgecontainer_node_pool",
+        "google_edgecontainer_vpn_connection",
+        "google_edgenetwork_interconnect_attachment",
+        "google_edgenetwork_network",
+        "google_edgenetwork_subnet",
+        "google_endpoints_service",
+        "google_endpoints_service_consumers_iam_binding",
+        "google_endpoints_service_consumers_iam_member",
+        "google_endpoints_service_consumers_iam_policy",
+        "google_endpoints_service_iam_binding",
+        "google_endpoints_service_iam_member",
+        "google_endpoints_service_iam_policy",
+        "google_essential_contacts_contact",
+        "google_eventarc_channel",
+        "google_eventarc_enrollment",
+        "google_eventarc_google_api_source",
+        "google_eventarc_google_channel_config",
+        "google_eventarc_message_bus",
+        "google_eventarc_pipeline",
+        "google_eventarc_trigger",
+        "google_filestore_backup",
+        "google_filestore_instance",
+        "google_filestore_snapshot",
+        "google_firebase_android_app",
+        "google_firebase_app_check_app_attest_config",
+        "google_firebase_app_check_debug_token",
+        "google_firebase_app_check_device_check_config",
+        "google_firebase_app_check_play_integrity_config",
+        "google_firebase_app_check_recaptcha_enterprise_config",
+        "google_firebase_app_check_recaptcha_v3_config",
+        "google_firebase_app_check_service_config",
+        "google_firebase_app_hosting_backend",
+        "google_firebase_app_hosting_build",
+        "google_firebase_app_hosting_default_domain",
+        "google_firebase_app_hosting_domain",
+        "google_firebase_app_hosting_traffic",
+        "google_firebase_apple_app",
+        "google_firebase_data_connect_service",
+        "google_firebase_database_instance",
+        "google_firebase_extensions_instance",
+        "google_firebase_hosting_channel",
+        "google_firebase_hosting_custom_domain",
+        "google_firebase_hosting_release",
+        "google_firebase_hosting_site",
+        "google_firebase_hosting_version",
+        "google_firebase_project",
+        "google_firebase_project_location",
+        "google_firebase_storage_bucket",
+        "google_firebase_web_app",
+        "google_firebaserules_release",
+        "google_firebaserules_ruleset",
+        "google_firestore_backup_schedule",
+        "google_firestore_database",
+        "google_firestore_document",
+        "google_firestore_field",
+        "google_firestore_index",
+        "google_firestore_user_creds",
+        "google_folder",
+        "google_folder_access_approval_settings",
+        "google_folder_iam_audit_config",
+        "google_folder_iam_binding",
+        "google_folder_iam_member",
+        "google_folder_iam_policy",
+        "google_folder_organization_policy",
+        "google_folder_service_identity",
+        "google_gemini_code_repository_index",
+        "google_gemini_code_tools_setting",
+        "google_gemini_code_tools_setting_binding",
+        "google_gemini_data_sharing_with_google_setting",
+        "google_gemini_data_sharing_with_google_setting_binding",
+        "google_gemini_gemini_gcp_enablement_setting",
+        "google_gemini_gemini_gcp_enablement_setting_binding",
+        "google_gemini_logging_setting",
+        "google_gemini_logging_setting_binding",
+        "google_gemini_release_channel_setting",
+        "google_gemini_release_channel_setting_binding",
+        "google_gemini_repository_group",
+        "google_gemini_repository_group_iam_binding",
+        "google_gemini_repository_group_iam_member",
+        "google_gemini_repository_group_iam_policy",
+        "google_gke_backup_backup_channel",
+        "google_gke_backup_backup_plan",
+        "google_gke_backup_backup_plan_iam_binding",
+        "google_gke_backup_backup_plan_iam_member",
+        "google_gke_backup_backup_plan_iam_policy",
+        "google_gke_backup_restore_channel",
+        "google_gke_backup_restore_plan",
+        "google_gke_backup_restore_plan_iam_binding",
+        "google_gke_backup_restore_plan_iam_member",
+        "google_gke_backup_restore_plan_iam_policy",
+        "google_gke_hub_feature",
+        "google_gke_hub_feature_iam_binding",
+        "google_gke_hub_feature_iam_member",
+        "google_gke_hub_feature_iam_policy",
+        "google_gke_hub_feature_membership",
+        "google_gke_hub_fleet",
+        "google_gke_hub_membership",
+        "google_gke_hub_membership_binding",
+        "google_gke_hub_membership_iam_binding",
+        "google_gke_hub_membership_iam_member",
+        "google_gke_hub_membership_iam_policy",
+        "google_gke_hub_membership_rbac_role_binding",
+        "google_gke_hub_namespace",
+        "google_gke_hub_scope",
+        "google_gke_hub_scope_iam_binding",
+        "google_gke_hub_scope_iam_member",
+        "google_gke_hub_scope_iam_policy",
+        "google_gke_hub_scope_rbac_role_binding",
+        "google_gkeonprem_bare_metal_admin_cluster",
+        "google_gkeonprem_bare_metal_cluster",
+        "google_gkeonprem_bare_metal_node_pool",
+        "google_gkeonprem_vmware_admin_cluster",
+        "google_gkeonprem_vmware_cluster",
+        "google_gkeonprem_vmware_node_pool",
+        "google_healthcare_consent_store",
+        "google_healthcare_consent_store_iam_binding",
+        "google_healthcare_consent_store_iam_member",
+        "google_healthcare_consent_store_iam_policy",
+        "google_healthcare_dataset",
+        "google_healthcare_dataset_iam_binding",
+        "google_healthcare_dataset_iam_member",
+        "google_healthcare_dataset_iam_policy",
+        "google_healthcare_dicom_store",
+        "google_healthcare_dicom_store_iam_binding",
+        "google_healthcare_dicom_store_iam_member",
+        "google_healthcare_dicom_store_iam_policy",
+        "google_healthcare_fhir_store",
+        "google_healthcare_fhir_store_iam_binding",
+        "google_healthcare_fhir_store_iam_member",
+        "google_healthcare_fhir_store_iam_policy",
+        "google_healthcare_hl7_v2_store",
+        "google_healthcare_hl7_v2_store_iam_binding",
+        "google_healthcare_hl7_v2_store_iam_member",
+        "google_healthcare_hl7_v2_store_iam_policy",
+        "google_healthcare_pipeline_job",
+        "google_healthcare_workspace",
+        "google_iam_access_boundary_policy",
+        "google_iam_deny_policy",
+        "google_iam_folders_policy_binding",
+        "google_iam_oauth_client",
+        "google_iam_oauth_client_credential",
+        "google_iam_organizations_policy_binding",
+        "google_iam_principal_access_boundary_policy",
+        "google_iam_projects_policy_binding",
+        "google_iam_workforce_pool",
+        "google_iam_workforce_pool_iam_binding",
+        "google_iam_workforce_pool_iam_member",
+        "google_iam_workforce_pool_iam_policy",
+        "google_iam_workforce_pool_provider",
+        "google_iam_workforce_pool_provider_key",
+        "google_iam_workforce_pool_provider_scim_tenant",
+        "google_iam_workload_identity_pool",
+        "google_iam_workload_identity_pool_iam_binding",
+        "google_iam_workload_identity_pool_iam_member",
+        "google_iam_workload_identity_pool_iam_policy",
+        "google_iam_workload_identity_pool_managed_identity",
+        "google_iam_workload_identity_pool_namespace",
+        "google_iam_workload_identity_pool_provider",
+        "google_iap_app_engine_service_iam_binding",
+        "google_iap_app_engine_service_iam_member",
+        "google_iap_app_engine_service_iam_policy",
+        "google_iap_app_engine_version_iam_binding",
+        "google_iap_app_engine_version_iam_member",
+        "google_iap_app_engine_version_iam_policy",
+        "google_iap_brand",
+        "google_iap_client",
+        "google_iap_settings",
+        "google_iap_tunnel_dest_group",
+        "google_iap_tunnel_dest_group_iam_binding",
+        "google_iap_tunnel_dest_group_iam_member",
+        "google_iap_tunnel_dest_group_iam_policy",
+        "google_iap_tunnel_iam_binding",
+        "google_iap_tunnel_iam_member",
+        "google_iap_tunnel_iam_policy",
+        "google_iap_tunnel_instance_iam_binding",
+        "google_iap_tunnel_instance_iam_member",
+        "google_iap_tunnel_instance_iam_policy",
+        "google_iap_web_backend_service_iam_binding",
+        "google_iap_web_backend_service_iam_member",
+        "google_iap_web_backend_service_iam_policy",
+        "google_iap_web_cloud_run_service_iam_binding",
+        "google_iap_web_cloud_run_service_iam_member",
+        "google_iap_web_cloud_run_service_iam_policy",
+        "google_iap_web_forwarding_rule_service_iam_binding",
+        "google_iap_web_forwarding_rule_service_iam_member",
+        "google_iap_web_forwarding_rule_service_iam_policy",
+        "google_iap_web_iam_binding",
+        "google_iap_web_iam_member",
+        "google_iap_web_iam_policy",
+        "google_iap_web_region_backend_service_iam_binding",
+        "google_iap_web_region_backend_service_iam_member",
+        "google_iap_web_region_backend_service_iam_policy",
+        "google_iap_web_region_forwarding_rule_service_iam_binding",
+        "google_iap_web_region_forwarding_rule_service_iam_member",
+        "google_iap_web_region_forwarding_rule_service_iam_policy",
+        "google_iap_web_type_app_engine_iam_binding",
+        "google_iap_web_type_app_engine_iam_member",
+        "google_iap_web_type_app_engine_iam_policy",
+        "google_iap_web_type_compute_iam_binding",
+        "google_iap_web_type_compute_iam_member",
+        "google_iap_web_type_compute_iam_policy",
+        "google_identity_platform_config",
+        "google_identity_platform_default_supported_idp_config",
+        "google_identity_platform_inbound_saml_config",
+        "google_identity_platform_oauth_idp_config",
+        "google_identity_platform_tenant",
+        "google_identity_platform_tenant_default_supported_idp_config",
+        "google_identity_platform_tenant_inbound_saml_config",
+        "google_identity_platform_tenant_oauth_idp_config",
+        "google_integration_connectors_connection",
+        "google_integration_connectors_endpoint_attachment",
+        "google_integration_connectors_managed_zone",
+        "google_integrations_auth_config",
+        "google_integrations_client",
+        "google_kms_autokey_config",
+        "google_kms_crypto_key",
+        "google_kms_crypto_key_iam_binding",
+        "google_kms_crypto_key_iam_member",
+        "google_kms_crypto_key_iam_policy",
+        "google_kms_crypto_key_version",
+        "google_kms_ekm_connection",
+        "google_kms_ekm_connection_iam_binding",
+        "google_kms_ekm_connection_iam_member",
+        "google_kms_ekm_connection_iam_policy",
+        "google_kms_folder_kaj_policy_config",
+        "google_kms_key_handle",
+        "google_kms_key_ring",
+        "google_kms_key_ring_iam_binding",
+        "google_kms_key_ring_iam_member",
+        "google_kms_key_ring_iam_policy",
+        "google_kms_key_ring_import_job",
+        "google_kms_organization_kaj_policy_config",
+        "google_kms_project_kaj_policy_config",
+        "google_kms_secret_ciphertext",
+        "google_logging_billing_account_bucket_config",
+        "google_logging_billing_account_exclusion",
+        "google_logging_billing_account_sink",
+        "google_logging_folder_bucket_config",
+        "google_logging_folder_exclusion",
+        "google_logging_folder_settings",
+        "google_logging_folder_sink",
+        "google_logging_linked_dataset",
+        "google_logging_log_scope",
+        "google_logging_log_view",
+        "google_logging_log_view_iam_binding",
+        "google_logging_log_view_iam_member",
+        "google_logging_log_view_iam_policy",
+        "google_logging_metric",
+        "google_logging_organization_bucket_config",
+        "google_logging_organization_exclusion",
+        "google_logging_organization_settings",
+        "google_logging_organization_sink",
+        "google_logging_project_bucket_config",
+        "google_logging_project_exclusion",
+        "google_logging_project_sink",
+        "google_looker_instance",
+        "google_lustre_instance",
+        "google_managed_kafka_acl",
+        "google_managed_kafka_cluster",
+        "google_managed_kafka_connect_cluster",
+        "google_managed_kafka_connector",
+        "google_managed_kafka_topic",
+        "google_memcache_instance",
+        "google_memorystore_instance",
+        "google_memorystore_instance_desired_user_created_endpoints",
+        "google_migration_center_group",
+        "google_migration_center_preference_set",
+        "google_ml_engine_model",
+        "google_model_armor_floorsetting",
+        "google_model_armor_template",
+        "google_monitoring_alert_policy",
+        "google_monitoring_custom_service",
+        "google_monitoring_dashboard",
+        "google_monitoring_group",
+        "google_monitoring_metric_descriptor",
+        "google_monitoring_monitored_project",
+        "google_monitoring_notification_channel",
+        "google_monitoring_service",
+        "google_monitoring_slo",
+        "google_monitoring_uptime_check_config",
+        "google_netapp_active_directory",
+        "google_netapp_backup",
+        "google_netapp_backup_policy",
+        "google_netapp_backup_vault",
+        "google_netapp_host_group",
+        "google_netapp_kmsconfig",
+        "google_netapp_storage_pool",
+        "google_netapp_volume",
+        "google_netapp_volume_quota_rule",
+        "google_netapp_volume_replication",
+        "google_netapp_volume_snapshot",
+        "google_network_connectivity_group",
+        "google_network_connectivity_hub",
+        "google_network_connectivity_internal_range",
+        "google_network_connectivity_policy_based_route",
+        "google_network_connectivity_regional_endpoint",
+        "google_network_connectivity_service_connection_policy",
+        "google_network_connectivity_spoke",
+        "google_network_management_organization_vpc_flow_logs_config",
+        "google_network_management_vpc_flow_logs_config",
+        "google_network_security_address_group",
+        "google_network_security_address_group_iam_binding",
+        "google_network_security_address_group_iam_member",
+        "google_network_security_address_group_iam_policy",
+        "google_network_security_authorization_policy",
+        "google_network_security_authz_policy",
+        "google_network_security_backend_authentication_config",
+        "google_network_security_client_tls_policy",
+        "google_network_security_dns_threat_detector",
+        "google_network_security_firewall_endpoint",
+        "google_network_security_firewall_endpoint_association",
+        "google_network_security_gateway_security_policy",
+        "google_network_security_gateway_security_policy_rule",
+        "google_network_security_intercept_deployment",
+        "google_network_security_intercept_deployment_group",
+        "google_network_security_intercept_endpoint_group",
+        "google_network_security_intercept_endpoint_group_association",
+        "google_network_security_mirroring_deployment",
+        "google_network_security_mirroring_deployment_group",
+        "google_network_security_mirroring_endpoint",
+        "google_network_security_mirroring_endpoint_group",
+        "google_network_security_mirroring_endpoint_group_association",
+        "google_network_security_security_profile",
+        "google_network_security_security_profile_group",
+        "google_network_security_server_tls_policy",
+        "google_network_security_tls_inspection_policy",
+        "google_network_security_url_lists",
+        "google_network_services_authz_extension",
+        "google_network_services_edge_cache_keyset",
+        "google_network_services_edge_cache_origin",
+        "google_network_services_edge_cache_service",
+        "google_network_services_endpoint_policy",
+        "google_network_services_gateway",
+        "google_network_services_grpc_route",
+        "google_network_services_http_route",
+        "google_network_services_lb_route_extension",
+        "google_network_services_lb_traffic_extension",
+        "google_network_services_mesh",
+        "google_network_services_multicast_domain",
+        "google_network_services_service_binding",
+        "google_network_services_service_lb_policies",
+        "google_network_services_tcp_route",
+        "google_network_services_tls_route",
+        "google_network_services_wasm_plugin",
+        "google_notebooks_environment",
+        "google_notebooks_instance",
+        "google_notebooks_instance_iam_binding",
+        "google_notebooks_instance_iam_member",
+        "google_notebooks_instance_iam_policy",
+        "google_notebooks_runtime",
+        "google_notebooks_runtime_iam_binding",
+        "google_notebooks_runtime_iam_member",
+        "google_notebooks_runtime_iam_policy",
+        "google_observability_trace_scope",
+        "google_oracle_database_autonomous_database",
+        "google_oracle_database_cloud_exadata_infrastructure",
+        "google_oracle_database_cloud_vm_cluster",
+        "google_oracle_database_db_system",
+        "google_oracle_database_exascale_db_storage_vault",
+        "google_oracle_database_odb_network",
+        "google_oracle_database_odb_subnet",
+        "google_org_policy_custom_constraint",
+        "google_org_policy_policy",
+        "google_organization_access_approval_settings",
+        "google_organization_iam_audit_config",
+        "google_organization_iam_binding",
+        "google_organization_iam_custom_role",
+        "google_organization_iam_member",
+        "google_organization_iam_policy",
+        "google_organization_policy",
+        "google_os_config_guest_policies",
+        "google_os_config_os_policy_assignment",
+        "google_os_config_patch_deployment",
+        "google_os_config_v2_policy_orchestrator",
+        "google_os_config_v2_policy_orchestrator_for_folder",
+        "google_os_config_v2_policy_orchestrator_for_organization",
+        "google_os_login_ssh_public_key",
+        "google_parallelstore_instance",
+        "google_parameter_manager_parameter",
+        "google_parameter_manager_parameter_version",
+        "google_parameter_manager_regional_parameter",
+        "google_parameter_manager_regional_parameter_version",
+        "google_privateca_ca_pool",
+        "google_privateca_ca_pool_iam_binding",
+        "google_privateca_ca_pool_iam_member",
+        "google_privateca_ca_pool_iam_policy",
+        "google_privateca_certificate",
+        "google_privateca_certificate_authority",
+        "google_privateca_certificate_template",
+        "google_privateca_certificate_template_iam_binding",
+        "google_privateca_certificate_template_iam_member",
+        "google_privateca_certificate_template_iam_policy",
+        "google_privileged_access_manager_entitlement",
+        "google_privileged_access_manager_settings",
+        "google_project",
+        "google_project_access_approval_settings",
+        "google_project_default_service_accounts",
+        "google_project_iam_audit_config",
+        "google_project_iam_binding",
+        "google_project_iam_custom_role",
+        "google_project_iam_member",
+        "google_project_iam_member_remove",
+        "google_project_iam_policy",
+        "google_project_organization_policy",
+        "google_project_service",
+        "google_project_service_identity",
+        "google_project_services",
+        "google_project_usage_export_bucket",
+        "google_public_ca_external_account_key",
+        "google_pubsub_lite_reservation",
+        "google_pubsub_lite_subscription",
+        "google_pubsub_lite_topic",
+        "google_pubsub_schema",
+        "google_pubsub_schema_iam_binding",
+        "google_pubsub_schema_iam_member",
+        "google_pubsub_schema_iam_policy",
+        "google_pubsub_subscription",
+        "google_pubsub_subscription_iam_binding",
+        "google_pubsub_subscription_iam_member",
+        "google_pubsub_subscription_iam_policy",
+        "google_pubsub_topic",
+        "google_pubsub_topic_iam_binding",
+        "google_pubsub_topic_iam_member",
+        "google_pubsub_topic_iam_policy",
+        "google_recaptcha_enterprise_key",
+        "google_redis_cluster",
+        "google_redis_cluster_user_created_connections",
+        "google_redis_instance",
+        "google_resource_manager_capability",
+        "google_resource_manager_lien",
+        "google_runtimeconfig_config",
+        "google_runtimeconfig_config_iam_binding",
+        "google_runtimeconfig_config_iam_member",
+        "google_runtimeconfig_config_iam_policy",
+        "google_runtimeconfig_variable",
+        "google_saas_runtime_release",
+        "google_saas_runtime_rollout_kind",
+        "google_saas_runtime_saas",
+        "google_saas_runtime_tenant",
+        "google_saas_runtime_unit",
+        "google_saas_runtime_unit_kind",
+        "google_scc_event_threat_detection_custom_module",
+        "google_scc_folder_custom_module",
+        "google_scc_folder_notification_config",
+        "google_scc_folder_scc_big_query_export",
+        "google_scc_management_folder_security_health_analytics_custom_module",
+        "google_scc_management_organization_event_threat_detection_custom_module",
+        "google_scc_management_organization_security_health_analytics_custom_module",
+        "google_scc_management_project_security_health_analytics_custom_module",
+        "google_scc_mute_config",
+        "google_scc_notification_config",
+        "google_scc_organization_custom_module",
+        "google_scc_organization_scc_big_query_export",
+        "google_scc_project_custom_module",
+        "google_scc_project_notification_config",
+        "google_scc_project_scc_big_query_export",
+        "google_scc_source",
+        "google_scc_source_iam_binding",
+        "google_scc_source_iam_member",
+        "google_scc_source_iam_policy",
+        "google_scc_v2_folder_mute_config",
+        "google_scc_v2_folder_notification_config",
+        "google_scc_v2_folder_scc_big_query_export",
+        "google_scc_v2_organization_mute_config",
+        "google_scc_v2_organization_notification_config",
+        "google_scc_v2_organization_scc_big_query_export",
+        "google_scc_v2_organization_scc_big_query_exports",
+        "google_scc_v2_organization_source_iam_binding",
+        "google_scc_v2_organization_source_iam_member",
+        "google_scc_v2_organization_source_iam_policy",
+        "google_scc_v2_project_mute_config",
+        "google_scc_v2_project_notification_config",
+        "google_scc_v2_project_scc_big_query_export",
+        "google_secret_manager_regional_secret",
+        "google_secret_manager_regional_secret_iam_binding",
+        "google_secret_manager_regional_secret_iam_member",
+        "google_secret_manager_regional_secret_iam_policy",
+        "google_secret_manager_regional_secret_version",
+        "google_secret_manager_secret",
+        "google_secret_manager_secret_iam_binding",
+        "google_secret_manager_secret_iam_member",
+        "google_secret_manager_secret_iam_policy",
+        "google_secret_manager_secret_version",
+        "google_secure_source_manager_branch_rule",
+        "google_secure_source_manager_hook",
+        "google_secure_source_manager_instance",
+        "google_secure_source_manager_instance_iam_binding",
+        "google_secure_source_manager_instance_iam_member",
+        "google_secure_source_manager_instance_iam_policy",
+        "google_secure_source_manager_repository",
+        "google_secure_source_manager_repository_iam_binding",
+        "google_secure_source_manager_repository_iam_member",
+        "google_secure_source_manager_repository_iam_policy",
+        "google_security_scanner_scan_config",
+        "google_securityposture_posture",
+        "google_service_account",
+        "google_service_account_iam_binding",
+        "google_service_account_iam_member",
+        "google_service_account_iam_policy",
+        "google_service_account_key",
+        "google_service_directory_endpoint",
+        "google_service_directory_namespace",
+        "google_service_directory_namespace_iam_binding",
+        "google_service_directory_namespace_iam_member",
+        "google_service_directory_namespace_iam_policy",
+        "google_service_directory_service",
+        "google_service_directory_service_iam_binding",
+        "google_service_directory_service_iam_member",
+        "google_service_directory_service_iam_policy",
+        "google_service_networking_connection",
+        "google_service_networking_peered_dns_domain",
+        "google_service_networking_vpc_service_controls",
+        "google_service_usage_consumer_quota_override",
+        "google_site_verification_owner",
+        "google_site_verification_web_resource",
+        "google_sourcerepo_repository",
+        "google_sourcerepo_repository_iam_binding",
+        "google_sourcerepo_repository_iam_member",
+        "google_sourcerepo_repository_iam_policy",
+        "google_spanner_backup_schedule",
+        "google_spanner_database",
+        "google_spanner_database_iam_binding",
+        "google_spanner_database_iam_member",
+        "google_spanner_database_iam_policy",
+        "google_spanner_instance",
+        "google_spanner_instance_config",
+        "google_spanner_instance_iam_binding",
+        "google_spanner_instance_iam_member",
+        "google_spanner_instance_iam_policy",
+        "google_spanner_instance_partition",
+        "google_sql_database",
+        "google_sql_database_instance",
+        "google_sql_source_representation_instance",
+        "google_sql_ssl_cert",
+        "google_sql_user",
+        "google_storage_anywhere_cache",
+        "google_storage_batch_operations_job",
+        "google_storage_bucket",
+        "google_storage_bucket_access_control",
+        "google_storage_bucket_acl",
+        "google_storage_bucket_iam_binding",
+        "google_storage_bucket_iam_member",
+        "google_storage_bucket_iam_policy",
+        "google_storage_bucket_object",
+        "google_storage_control_folder_intelligence_config",
+        "google_storage_control_organization_intelligence_config",
+        "google_storage_control_project_intelligence_config",
+        "google_storage_default_object_access_control",
+        "google_storage_default_object_acl",
+        "google_storage_folder",
+        "google_storage_hmac_key",
+        "google_storage_insights_dataset_config",
+        "google_storage_insights_report_config",
+        "google_storage_managed_folder",
+        "google_storage_managed_folder_iam_binding",
+        "google_storage_managed_folder_iam_member",
+        "google_storage_managed_folder_iam_policy",
+        "google_storage_notification",
+        "google_storage_object_access_control",
+        "google_storage_object_acl",
+        "google_storage_transfer_agent_pool",
+        "google_storage_transfer_job",
+        "google_tags_location_tag_binding",
+        "google_tags_tag_binding",
+        "google_tags_tag_key",
+        "google_tags_tag_key_iam_binding",
+        "google_tags_tag_key_iam_member",
+        "google_tags_tag_key_iam_policy",
+        "google_tags_tag_value",
+        "google_tags_tag_value_iam_binding",
+        "google_tags_tag_value_iam_member",
+        "google_tags_tag_value_iam_policy",
+        "google_tpu_node",
+        "google_tpu_v2_queued_resource",
+        "google_tpu_v2_vm",
+        "google_transcoder_job",
+        "google_transcoder_job_template",
+        "google_vertex_ai_cache_config",
+        "google_vertex_ai_dataset",
+        "google_vertex_ai_deployment_resource_pool",
+        "google_vertex_ai_endpoint",
+        "google_vertex_ai_endpoint_iam_binding",
+        "google_vertex_ai_endpoint_iam_member",
+        "google_vertex_ai_endpoint_iam_policy",
+        "google_vertex_ai_endpoint_with_model_garden_deployment",
+        "google_vertex_ai_feature_group",
+        "google_vertex_ai_feature_group_feature",
+        "google_vertex_ai_feature_group_iam_binding",
+        "google_vertex_ai_feature_group_iam_member",
+        "google_vertex_ai_feature_group_iam_policy",
+        "google_vertex_ai_feature_online_store",
+        "google_vertex_ai_feature_online_store_featureview",
+        "google_vertex_ai_feature_online_store_featureview_iam_binding",
+        "google_vertex_ai_feature_online_store_featureview_iam_member",
+        "google_vertex_ai_feature_online_store_featureview_iam_policy",
+        "google_vertex_ai_feature_online_store_iam_binding",
+        "google_vertex_ai_feature_online_store_iam_member",
+        "google_vertex_ai_feature_online_store_iam_policy",
+        "google_vertex_ai_featurestore",
+        "google_vertex_ai_featurestore_entitytype",
+        "google_vertex_ai_featurestore_entitytype_feature",
+        "google_vertex_ai_featurestore_entitytype_iam_binding",
+        "google_vertex_ai_featurestore_entitytype_iam_member",
+        "google_vertex_ai_featurestore_entitytype_iam_policy",
+        "google_vertex_ai_featurestore_iam_binding",
+        "google_vertex_ai_featurestore_iam_member",
+        "google_vertex_ai_featurestore_iam_policy",
+        "google_vertex_ai_index",
+        "google_vertex_ai_index_endpoint",
+        "google_vertex_ai_index_endpoint_deployed_index",
+        "google_vertex_ai_metadata_store",
+        "google_vertex_ai_rag_engine_config",
+        "google_vertex_ai_reasoning_engine",
+        "google_vertex_ai_tensorboard",
+        "google_vmwareengine_cluster",
+        "google_vmwareengine_external_access_rule",
+        "google_vmwareengine_external_address",
+        "google_vmwareengine_network",
+        "google_vmwareengine_network_peering",
+        "google_vmwareengine_network_policy",
+        "google_vmwareengine_private_cloud",
+        "google_vmwareengine_subnet",
+        "google_vpc_access_connector",
+        "google_workbench_instance",
+        "google_workbench_instance_iam_binding",
+        "google_workbench_instance_iam_member",
+        "google_workbench_instance_iam_policy",
+        "google_workflows_workflow",
+        "google_workstations_workstation",
+        "google_workstations_workstation_cluster",
+        "google_workstations_workstation_config",
+        "google_workstations_workstation_config_iam_binding",
+        "google_workstations_workstation_config_iam_member",
+        "google_workstations_workstation_config_iam_policy",
+        "google_workstations_workstation_iam_binding",
+        "google_workstations_workstation_iam_member",
+        "google_workstations_workstation_iam_policy"
+    ],
+    "dataSources": [
+        "google_access_approval_folder_service_account",
+        "google_access_approval_organization_service_account",
+        "google_access_approval_project_service_account",
+        "google_access_context_manager_access_policy",
+        "google_access_context_manager_access_policy_iam_policy",
+        "google_active_folder",
+        "google_alloydb_cluster",
+        "google_alloydb_instance",
+        "google_alloydb_locations",
+        "google_alloydb_supported_database_flags",
+        "google_api_gateway_api_config_iam_policy",
+        "google_api_gateway_api_iam_policy",
+        "google_api_gateway_gateway_iam_policy",
+        "google_apigee_environment_iam_policy",
+        "google_app_engine_default_service_account",
+        "google_apphub_application",
+        "google_apphub_discovered_service",
+        "google_apphub_discovered_workload",
+        "google_artifact_registry_docker_image",
+        "google_artifact_registry_docker_images",
+        "google_artifact_registry_locations",
+        "google_artifact_registry_maven_artifact",
+        "google_artifact_registry_maven_artifacts",
+        "google_artifact_registry_npm_package",
+        "google_artifact_registry_npm_packages",
+        "google_artifact_registry_packages",
+        "google_artifact_registry_python_package",
+        "google_artifact_registry_python_packages",
+        "google_artifact_registry_repositories",
+        "google_artifact_registry_repository",
+        "google_artifact_registry_repository_iam_policy",
+        "google_artifact_registry_tags",
+        "google_artifact_registry_versions",
+        "google_backup_dr_backup",
+        "google_backup_dr_backup_plan_association",
+        "google_backup_dr_backup_plan_associations",
+        "google_backup_dr_backup_vault",
+        "google_backup_dr_data_source",
+        "google_backup_dr_data_source_reference",
+        "google_backup_dr_data_source_references",
+        "google_beyondcorp_app_connection",
+        "google_beyondcorp_app_connector",
+        "google_beyondcorp_app_gateway",
+        "google_beyondcorp_security_gateway",
+        "google_beyondcorp_security_gateway_application_iam_policy",
+        "google_beyondcorp_security_gateway_iam_policy",
+        "google_bigquery_analytics_hub_data_exchange_iam_policy",
+        "google_bigquery_analytics_hub_listing_iam_policy",
+        "google_bigquery_connection_iam_policy",
+        "google_bigquery_datapolicy_data_policy_iam_policy",
+        "google_bigquery_datapolicyv2_data_policy_iam_policy",
+        "google_bigquery_dataset",
+        "google_bigquery_dataset_iam_policy",
+        "google_bigquery_datasets",
+        "google_bigquery_default_service_account",
+        "google_bigquery_table",
+        "google_bigquery_table_iam_policy",
+        "google_bigquery_tables",
+        "google_bigtable_instance_iam_policy",
+        "google_bigtable_table_iam_policy",
+        "google_billing_account",
+        "google_billing_account_iam_policy",
+        "google_binary_authorization_attestor_iam_policy",
+        "google_certificate_manager_certificate_map",
+        "google_certificate_manager_certificates",
+        "google_certificate_manager_dns_authorization",
+        "google_client_config",
+        "google_client_openid_userinfo",
+        "google_cloud_identity_group_lookup",
+        "google_cloud_identity_group_memberships",
+        "google_cloud_identity_group_transitive_memberships",
+        "google_cloud_identity_groups",
+        "google_cloud_identity_policy",
+        "google_cloud_quotas_quota_info",
+        "google_cloud_quotas_quota_infos",
+        "google_cloud_run_locations",
+        "google_cloud_run_service",
+        "google_cloud_run_service_iam_policy",
+        "google_cloud_run_v2_job",
+        "google_cloud_run_v2_job_iam_policy",
+        "google_cloud_run_v2_service",
+        "google_cloud_run_v2_service_iam_policy",
+        "google_cloud_run_v2_worker_pool",
+        "google_cloud_run_v2_worker_pool_iam_policy",
+        "google_cloud_tasks_queue_iam_policy",
+        "google_cloudbuild_trigger",
+        "google_cloudbuildv2_connection_iam_policy",
+        "google_clouddeploy_custom_target_type_iam_policy",
+        "google_clouddeploy_delivery_pipeline_iam_policy",
+        "google_clouddeploy_target_iam_policy",
+        "google_cloudfunctions2_function",
+        "google_cloudfunctions2_function_iam_policy",
+        "google_cloudfunctions_function",
+        "google_cloudfunctions_function_iam_policy",
+        "google_colab_runtime_template_iam_policy",
+        "google_composer_environment",
+        "google_composer_image_versions",
+        "google_composer_user_workloads_config_map",
+        "google_composer_user_workloads_secret",
+        "google_compute_address",
+        "google_compute_addresses",
+        "google_compute_backend_bucket",
+        "google_compute_backend_bucket_iam_policy",
+        "google_compute_backend_service",
+        "google_compute_backend_service_iam_policy",
+        "google_compute_default_service_account",
+        "google_compute_disk",
+        "google_compute_disk_iam_policy",
+        "google_compute_forwarding_rule",
+        "google_compute_forwarding_rules",
+        "google_compute_global_address",
+        "google_compute_global_forwarding_rule",
+        "google_compute_ha_vpn_gateway",
+        "google_compute_health_check",
+        "google_compute_image",
+        "google_compute_image_iam_policy",
+        "google_compute_images",
+        "google_compute_instance",
+        "google_compute_instance_group",
+        "google_compute_instance_group_manager",
+        "google_compute_instance_guest_attributes",
+        "google_compute_instance_iam_policy",
+        "google_compute_instance_serial_port",
+        "google_compute_instance_template",
+        "google_compute_instance_template_iam_policy",
+        "google_compute_instant_snapshot_iam_policy",
+        "google_compute_interconnect_location",
+        "google_compute_interconnect_locations",
+        "google_compute_lb_ip_ranges",
+        "google_compute_machine_image_iam_policy",
+        "google_compute_machine_types",
+        "google_compute_network",
+        "google_compute_network_attachment",
+        "google_compute_network_endpoint_group",
+        "google_compute_network_peering",
+        "google_compute_networks",
+        "google_compute_node_types",
+        "google_compute_region_backend_service",
+        "google_compute_region_backend_service_iam_policy",
+        "google_compute_region_disk",
+        "google_compute_region_disk_iam_policy",
+        "google_compute_region_instance_group",
+        "google_compute_region_instance_group_manager",
+        "google_compute_region_instance_template",
+        "google_compute_region_network_endpoint_group",
+        "google_compute_region_ssl_certificate",
+        "google_compute_regions",
+        "google_compute_reservation",
+        "google_compute_reservation_block",
+        "google_compute_reservation_sub_block",
+        "google_compute_resource_policy",
+        "google_compute_router",
+        "google_compute_router_nat",
+        "google_compute_router_status",
+        "google_compute_security_policy",
+        "google_compute_snapshot",
+        "google_compute_snapshot_iam_policy",
+        "google_compute_ssl_certificate",
+        "google_compute_ssl_policy",
+        "google_compute_storage_pool_iam_policy",
+        "google_compute_storage_pool_types",
+        "google_compute_subnetwork",
+        "google_compute_subnetwork_iam_policy",
+        "google_compute_subnetworks",
+        "google_compute_vpn_gateway",
+        "google_compute_zones",
+        "google_container_analysis_note_iam_policy",
+        "google_container_attached_install_manifest",
+        "google_container_attached_versions",
+        "google_container_aws_versions",
+        "google_container_azure_versions",
+        "google_container_cluster",
+        "google_container_engine_versions",
+        "google_container_registry_image",
+        "google_container_registry_repository",
+        "google_data_catalog_entry_group_iam_policy",
+        "google_data_catalog_policy_tag_iam_policy",
+        "google_data_catalog_tag_template_iam_policy",
+        "google_data_catalog_taxonomy_iam_policy",
+        "google_data_fusion_instance_iam_policy",
+        "google_dataform_repository_iam_policy",
+        "google_dataplex_aspect_type_iam_policy",
+        "google_dataplex_asset_iam_policy",
+        "google_dataplex_data_quality_rules",
+        "google_dataplex_datascan_iam_policy",
+        "google_dataplex_entry_group_iam_policy",
+        "google_dataplex_entry_type_iam_policy",
+        "google_dataplex_glossary_iam_policy",
+        "google_dataplex_lake_iam_policy",
+        "google_dataplex_task_iam_policy",
+        "google_dataplex_zone_iam_policy",
+        "google_dataproc_autoscaling_policy_iam_policy",
+        "google_dataproc_cluster_iam_policy",
+        "google_dataproc_job_iam_policy",
+        "google_dataproc_metastore_database_iam_policy",
+        "google_dataproc_metastore_federation_iam_policy",
+        "google_dataproc_metastore_service",
+        "google_dataproc_metastore_service_iam_policy",
+        "google_dataproc_metastore_table_iam_policy",
+        "google_datastream_static_ips",
+        "google_dns_keys",
+        "google_dns_managed_zone",
+        "google_dns_managed_zone_iam_policy",
+        "google_dns_managed_zones",
+        "google_dns_record_set",
+        "google_endpoints_service_consumers_iam_policy",
+        "google_endpoints_service_iam_policy",
+        "google_filestore_instance",
+        "google_firebase_web_app_config",
+        "google_folder",
+        "google_folder_iam_policy",
+        "google_folder_organization_policy",
+        "google_folders",
+        "google_gemini_repository_group_iam_policy",
+        "google_gke_backup_backup_plan_iam_policy",
+        "google_gke_backup_restore_plan_iam_policy",
+        "google_gke_hub_feature",
+        "google_gke_hub_feature_iam_policy",
+        "google_gke_hub_membership",
+        "google_gke_hub_membership_iam_policy",
+        "google_gke_hub_scope_iam_policy",
+        "google_healthcare_consent_store_iam_policy",
+        "google_healthcare_dataset_iam_policy",
+        "google_healthcare_dicom_store_iam_policy",
+        "google_healthcare_fhir_store_iam_policy",
+        "google_healthcare_hl7_v2_store_iam_policy",
+        "google_iam_policy",
+        "google_iam_role",
+        "google_iam_workforce_pool_iam_policy",
+        "google_iam_workload_identity_pool",
+        "google_iam_workload_identity_pool_iam_policy",
+        "google_iam_workload_identity_pool_provider",
+        "google_iap_app_engine_service_iam_policy",
+        "google_iap_app_engine_version_iam_policy",
+        "google_iap_client",
+        "google_iap_tunnel_dest_group_iam_policy",
+        "google_iap_tunnel_iam_policy",
+        "google_iap_tunnel_instance_iam_policy",
+        "google_iap_web_backend_service_iam_policy",
+        "google_iap_web_cloud_run_service_iam_policy",
+        "google_iap_web_forwarding_rule_service_iam_policy",
+        "google_iap_web_iam_policy",
+        "google_iap_web_region_backend_service_iam_policy",
+        "google_iap_web_region_forwarding_rule_service_iam_policy",
+        "google_iap_web_type_app_engine_iam_policy",
+        "google_iap_web_type_compute_iam_policy",
+        "google_kms_autokey_config",
+        "google_kms_crypto_key",
+        "google_kms_crypto_key_iam_policy",
+        "google_kms_crypto_key_latest_version",
+        "google_kms_crypto_key_version",
+        "google_kms_crypto_key_versions",
+        "google_kms_crypto_keys",
+        "google_kms_ekm_connection_iam_policy",
+        "google_kms_key_handle",
+        "google_kms_key_handles",
+        "google_kms_key_ring",
+        "google_kms_key_ring_iam_policy",
+        "google_kms_key_rings",
+        "google_kms_secret",
+        "google_kms_secret_asymmetric",
+        "google_kms_secret_ciphertext",
+        "google_logging_folder_settings",
+        "google_logging_log_view_iam_policy",
+        "google_logging_organization_settings",
+        "google_logging_project_cmek_settings",
+        "google_logging_project_settings",
+        "google_lustre_instance",
+        "google_memcache_instance",
+        "google_memorystore_instance",
+        "google_monitoring_app_engine_service",
+        "google_monitoring_cluster_istio_service",
+        "google_monitoring_istio_canonical_service",
+        "google_monitoring_mesh_istio_service",
+        "google_monitoring_notification_channel",
+        "google_monitoring_uptime_check_ips",
+        "google_netblock_ip_ranges",
+        "google_network_security_address_group_iam_policy",
+        "google_notebooks_instance_iam_policy",
+        "google_notebooks_runtime_iam_policy",
+        "google_oracle_database_autonomous_database",
+        "google_oracle_database_autonomous_databases",
+        "google_oracle_database_cloud_exadata_infrastructure",
+        "google_oracle_database_cloud_exadata_infrastructures",
+        "google_oracle_database_cloud_vm_cluster",
+        "google_oracle_database_cloud_vm_clusters",
+        "google_oracle_database_db_nodes",
+        "google_oracle_database_db_servers",
+        "google_organization",
+        "google_organization_iam_custom_role",
+        "google_organization_iam_custom_roles",
+        "google_organization_iam_policy",
+        "google_organizations",
+        "google_parameter_manager_parameter",
+        "google_parameter_manager_parameter_version",
+        "google_parameter_manager_parameter_version_render",
+        "google_parameter_manager_parameters",
+        "google_parameter_manager_regional_parameter",
+        "google_parameter_manager_regional_parameter_version",
+        "google_parameter_manager_regional_parameter_version_render",
+        "google_parameter_manager_regional_parameters",
+        "google_privateca_ca_pool_iam_policy",
+        "google_privateca_certificate_authority",
+        "google_privateca_certificate_template_iam_policy",
+        "google_privileged_access_manager_entitlement",
+        "google_project",
+        "google_project_ancestry",
+        "google_project_iam_custom_role",
+        "google_project_iam_custom_roles",
+        "google_project_iam_policy",
+        "google_project_organization_policy",
+        "google_project_service",
+        "google_projects",
+        "google_pubsub_schema_iam_policy",
+        "google_pubsub_subscription",
+        "google_pubsub_subscription_iam_policy",
+        "google_pubsub_topic",
+        "google_pubsub_topic_iam_policy",
+        "google_redis_cluster",
+        "google_redis_instance",
+        "google_runtimeconfig_config",
+        "google_runtimeconfig_config_iam_policy",
+        "google_runtimeconfig_variable",
+        "google_scc_source_iam_policy",
+        "google_scc_v2_organization_source_iam_policy",
+        "google_secret_manager_regional_secret",
+        "google_secret_manager_regional_secret_iam_policy",
+        "google_secret_manager_regional_secret_version",
+        "google_secret_manager_regional_secret_version_access",
+        "google_secret_manager_regional_secrets",
+        "google_secret_manager_secret",
+        "google_secret_manager_secret_iam_policy",
+        "google_secret_manager_secret_version",
+        "google_secret_manager_secret_version_access",
+        "google_secret_manager_secrets",
+        "google_secure_source_manager_instance_iam_policy",
+        "google_secure_source_manager_repository_iam_policy",
+        "google_service_account",
+        "google_service_account_access_token",
+        "google_service_account_iam_policy",
+        "google_service_account_id_token",
+        "google_service_account_jwt",
+        "google_service_account_key",
+        "google_service_accounts",
+        "google_service_directory_namespace_iam_policy",
+        "google_service_directory_service_iam_policy",
+        "google_site_verification_token",
+        "google_sourcerepo_repository",
+        "google_sourcerepo_repository_iam_policy",
+        "google_spanner_database",
+        "google_spanner_database_iam_policy",
+        "google_spanner_instance",
+        "google_spanner_instance_iam_policy",
+        "google_sql_backup_run",
+        "google_sql_ca_certs",
+        "google_sql_database",
+        "google_sql_database_instance",
+        "google_sql_database_instance_latest_recovery_time",
+        "google_sql_database_instances",
+        "google_sql_databases",
+        "google_sql_tiers",
+        "google_storage_bucket",
+        "google_storage_bucket_iam_policy",
+        "google_storage_bucket_object",
+        "google_storage_bucket_object_content",
+        "google_storage_bucket_objects",
+        "google_storage_buckets",
+        "google_storage_control_folder_intelligence_config",
+        "google_storage_control_organization_intelligence_config",
+        "google_storage_control_project_intelligence_config",
+        "google_storage_insights_dataset_config",
+        "google_storage_object_signed_url",
+        "google_storage_project_service_account",
+        "google_storage_transfer_project_service_account",
+        "google_tags_tag_key",
+        "google_tags_tag_key_iam_policy",
+        "google_tags_tag_keys",
+        "google_tags_tag_value",
+        "google_tags_tag_value_iam_policy",
+        "google_tags_tag_values",
+        "google_tpu_tensorflow_versions",
+        "google_tpu_v2_accelerator_types",
+        "google_tpu_v2_runtime_versions",
+        "google_vertex_ai_endpoint_iam_policy",
+        "google_vertex_ai_feature_group_iam_policy",
+        "google_vertex_ai_feature_online_store_featureview_iam_policy",
+        "google_vertex_ai_feature_online_store_iam_policy",
+        "google_vertex_ai_featurestore_entitytype_iam_policy",
+        "google_vertex_ai_featurestore_iam_policy",
+        "google_vmwareengine_cluster",
+        "google_vmwareengine_external_access_rule",
+        "google_vmwareengine_external_address",
+        "google_vmwareengine_network",
+        "google_vmwareengine_network_peering",
+        "google_vmwareengine_network_policy",
+        "google_vmwareengine_nsx_credentials",
+        "google_vmwareengine_private_cloud",
+        "google_vmwareengine_subnet",
+        "google_vmwareengine_vcenter_credentials",
+        "google_vpc_access_connector",
+        "google_workbench_instance_iam_policy",
+        "google_workstations_workstation_config_iam_policy",
+        "google_workstations_workstation_iam_policy"
+    ]
+}
\ No newline at end of file
diff --git a/src/parse/parse.go b/src/parse/parse.go
index afc9f60a..cad2a1c5 100644
--- a/src/parse/parse.go
+++ b/src/parse/parse.go
@@ -123,7 +123,7 @@ func getGoFiles(path string, extension string) ([]string, error) {
 
 	absPath, err := filepath.Abs(path)
 
-	log.Info().Msgf(absPath)
+	log.Info().Msg(absPath)
 
 	if err != nil {
 		return nil, fmt.Errorf("absolute path error %v", err)
diff --git a/src/policy.go b/src/policy.go
index 504a1a21..71f407a8 100644
--- a/src/policy.go
+++ b/src/policy.go
@@ -93,7 +93,7 @@ func NewAWSPolicy(actions []string, resources bool) (Policy, error) {
 }
 
 // GetPolicy creates new iam polices from a list of Permissions.
-func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) {
+func GetPolicy(actions Sorted, resources bool, policyName string) (OutputPolicy, error) {
 	var (
 		OutPolicy OutputPolicy
 		Empty     bool
@@ -119,7 +119,7 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) {
 			Empty = false
 			// dedupe
 			AWSPermissions := Unique(actions.AWS)
-			OutPolicy.AWS, err = AWSPolicy(AWSPermissions, resources)
+			OutPolicy.AWS, err = AWSPolicy(AWSPermissions, resources, policyName)
 
 			if err != nil {
 				log.Error().Err(err)
@@ -135,7 +135,7 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) {
 			Empty = false
 			// dedupe
 			GCPPermissions := Unique(actions.GCP)
-			OutPolicy.GCP, err = GCPPolicy(GCPPermissions)
+			OutPolicy.GCP, err = GCPPolicy(GCPPermissions, policyName)
 
 			if err != nil {
 				log.Error().Err(err)
@@ -151,7 +151,7 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) {
 			Empty = false
 			// dedupe
 			AZUREPermissions := Unique(actions.AZURE)
-			OutPolicy.AZURE, err = AZUREPolicy(AZUREPermissions, defaultPolicyName)
+			OutPolicy.AZURE, err = AZUREPolicy(AZUREPermissions, policyName)
 
 			if err != nil {
 				log.Error().Err(err)
@@ -169,7 +169,7 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) {
 }
 
 // AWSPolicy create an IAM policy.
-func AWSPolicy(permissions []string, resources bool) (AwsOutput, error) {
+func AWSPolicy(permissions []string, resources bool, policyName string) (AwsOutput, error) {
 	var OutPolicy AwsOutput
 
 	Policy, err := NewAWSPolicy(permissions, resources)
@@ -184,7 +184,13 @@ func AWSPolicy(permissions []string, resources bool) (AwsOutput, error) {
 		return OutPolicy, &marshallAWSPolicyError{err}
 	}
 
-	theDetails := policyDetails{string(indent), defaultPolicyName, "/", "Pike Autogenerated policy from IAC"}
+	var theDetails policyDetails
+
+	if policyName != "" {
+		theDetails = policyDetails{string(indent), policyName, "/", "Pike Autogenerated policy from IAC"}
+	} else {
+		theDetails = policyDetails{string(indent), defaultPolicyName, "/", "Pike Autogenerated policy from IAC"}
+	}
 
 	var output bytes.Buffer
 
@@ -222,3 +228,11 @@ func Unique(s []string) []string {
 
 	return result
 }
+
+func Minify(JSONOut string) string {
+	return strings.ReplaceAll(
+		strings.ReplaceAll(
+			strings.ReplaceAll(
+				strings.ReplaceAll(
+					strings.ReplaceAll(JSONOut, "\n", ""), "	", ""), " ", ""), "\r", ""), "\t", "")
+}
diff --git a/src/policy_test.go b/src/policy_test.go
index eee2da24..5f490211 100644
--- a/src/policy_test.go
+++ b/src/policy_test.go
@@ -1,12 +1,9 @@
-package pike_test
+package pike
 
 import (
 	_ "embed"
 	"reflect"
-	"strings"
 	"testing"
-
-	pike "github.com/jameswoolfenden/pike/src"
 )
 
 func TestNewAWSPolicy(t *testing.T) {
@@ -19,7 +16,7 @@ func TestNewAWSPolicy(t *testing.T) {
 	tests := []struct {
 		name    string
 		args    args
-		want    pike.Policy
+		want    Policy
 		wantErr bool
 	}{
 		{
@@ -44,9 +41,9 @@ func TestNewAWSPolicy(t *testing.T) {
 				"s3:GetReplicationConfiguration",
 				"s3:ListBucket",
 			}},
-			pike.Policy{
+			Policy{
 				Version: "2012-10-17",
-				Statements: []pike.Statement{
+				Statements: []Statement{
 					{"VisualEditor0", "Allow", []string{
 						"s3:CreateBucket",
 						"s3:DeleteBucket",
@@ -78,7 +75,7 @@ func TestNewAWSPolicy(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.NewAWSPolicy(tt.args.Actions, false)
+			got, err := NewAWSPolicy(tt.args.Actions, false)
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("NewAWSPolicy() error = %v, wantErr %v", err, tt.wantErr)
@@ -97,7 +94,7 @@ func TestGetPolicy(t *testing.T) {
 	t.Parallel()
 
 	type args struct {
-		actions pike.Sorted
+		actions Sorted
 	}
 
 	tests := []struct {
@@ -108,7 +105,7 @@ func TestGetPolicy(t *testing.T) {
 	}{
 		{
 			"first",
-			args{pike.Sorted{
+			args{Sorted{
 				AWS: []string{},
 			}},
 			``,
@@ -116,7 +113,7 @@ func TestGetPolicy(t *testing.T) {
 		},
 		{
 			"aws",
-			args{pike.Sorted{AWS: []string{
+			args{Sorted{AWS: []string{
 				"ec2:DescribeInstances",
 				"ec2:DescribeTags",
 				"ec2:DescribeInstanceAttribute",
@@ -160,7 +157,7 @@ func TestGetPolicy(t *testing.T) {
 		},
 		{
 			"short",
-			args{pike.Sorted{AWS: []string{"s3:*"}}},
+			args{Sorted{AWS: []string{"s3:*"}}},
 			`{
   "Version": "2012-10-17",
   "Statement": [
@@ -185,7 +182,7 @@ func TestGetPolicy(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.GetPolicy(tt.args.actions, false)
+			got, err := GetPolicy(tt.args.actions, false, "")
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("GetPolicy() error = %v, wantErr %v", err, tt.wantErr)
@@ -203,14 +200,6 @@ func TestGetPolicy(t *testing.T) {
 	}
 }
 
-func Minify(JSONOut string) string {
-	return strings.ReplaceAll(
-		strings.ReplaceAll(
-			strings.ReplaceAll(
-				strings.ReplaceAll(
-					strings.ReplaceAll(JSONOut, "\n", ""), "	", ""), " ", ""), "\r", ""), "\t", "")
-}
-
 func TestAWSPolicy(t *testing.T) {
 	t.Parallel()
 
@@ -221,20 +210,20 @@ func TestAWSPolicy(t *testing.T) {
 	tests := []struct {
 		name    string
 		args    args
-		want    pike.AwsOutput
+		want    AwsOutput
 		wantErr bool
 	}{
 		{
 			"fail",
 			args{[]string{"woof"}},
-			pike.AwsOutput{},
+			AwsOutput{},
 			true,
 		},
-		{"fail2", args{[]string{"woof", "meow:*"}}, pike.AwsOutput{}, true},
+		{"fail2", args{[]string{"woof", "meow:*"}}, AwsOutput{}, true},
 		{
 			"pass",
 			args{[]string{"woof:*"}},
-			pike.AwsOutput{JSONOut: `{
+			AwsOutput{JSONOut: `{
   "Version": "2012-10-17",
   "Statement": [
     {
@@ -258,7 +247,7 @@ func TestAWSPolicy(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.AWSPolicy(tt.args.Permissions, false)
+			got, err := AWSPolicy(tt.args.Permissions, false, "")
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("AWSPolicy() error = %v, wantErr %v", err, tt.wantErr)
@@ -293,7 +282,7 @@ func Test_unique(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if got := pike.Unique(tt.args.s); !reflect.DeepEqual(got, tt.want) {
+			if got := Unique(tt.args.s); !reflect.DeepEqual(got, tt.want) {
 				t.Errorf("Unique() = %v, want %v", got, tt.want)
 			}
 		})
diff --git a/src/readme.go b/src/readme.go
index ae8acf6f..bafb6c8c 100644
--- a/src/readme.go
+++ b/src/readme.go
@@ -35,7 +35,7 @@ func Readme(dirName string, output string, init bool, autoAppend bool) error {
 		return &fileDoesNotExistError{file, err}
 	}
 
-	OutPolicy, err := MakePolicy(dirName, nil, init, false, "")
+	OutPolicy, err := MakePolicy(dirName, nil, init, false, "", "")
 	if err != nil {
 		log.Info().Msg("failed to make policy")
 
diff --git a/src/repository.go b/src/repository.go
index 82b72b8b..e12c314d 100644
--- a/src/repository.go
+++ b/src/repository.go
@@ -68,5 +68,5 @@ func Repository(repository, destination, directory, output string, init, write,
 		return &gitCommitObjectError{repository, destination, err}
 	}
 
-	return Scan(filepath.Join(destination, directory), output, nil, init, write, enableResources, "")
+	return Scan(filepath.Join(destination, directory), output, nil, init, write, enableResources, "", "", "")
 }
diff --git a/src/repository_internal_test.go b/src/repository_internal_test.go
new file mode 100644
index 00000000..78f7c580
--- /dev/null
+++ b/src/repository_internal_test.go
@@ -0,0 +1,175 @@
+package pike
+
+import (
+	"errors"
+	"testing"
+)
+
+func TestGitCloneError_Error(t *testing.T) {
+	tests := []struct {
+		name        string
+		repository  string
+		destination string
+		err         error
+		expected    string
+	}{
+		{
+			name:        "basic error message",
+			repository:  "https://github.com/user/repo.git",
+			destination: "/tmp/repo",
+			err:         errors.New("connection failed"),
+			expected:    "failed to clone repository https://github.com/user/repo.git /tmp/repo connection failed",
+		},
+		{
+			name:        "empty repository",
+			repository:  "",
+			destination: "/tmp/repo",
+			err:         errors.New("invalid URL"),
+			expected:    "failed to clone repository  /tmp/repo invalid URL",
+		},
+		{
+			name:        "empty destination",
+			repository:  "https://github.com/user/repo.git",
+			destination: "",
+			err:         errors.New("no destination"),
+			expected:    "failed to clone repository https://github.com/user/repo.git  no destination",
+		},
+		{
+			name:        "nil error",
+			repository:  "https://github.com/user/repo.git",
+			destination: "/tmp/repo",
+			err:         nil,
+			expected:    "failed to clone repository https://github.com/user/repo.git /tmp/repo <nil>",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &gitCloneError{
+				repository:  tt.repository,
+				destination: tt.destination,
+				err:         tt.err,
+			}
+			if got := e.Error(); got != tt.expected {
+				t.Errorf("gitCloneError.Error() = %v, want %v", got, tt.expected)
+			}
+		})
+	}
+}
+
+func TestGitHeadError_Error(t *testing.T) {
+	tests := []struct {
+		name        string
+		repository  string
+		destination string
+		err         error
+		expected    string
+	}{
+		{
+			name:        "basic error message",
+			repository:  "https://github.com/user/repo.git",
+			destination: "/tmp/repo",
+			err:         errors.New("head not found"),
+			expected:    "failed to get head https://github.com/user/repo.git /tmp/repo head not found",
+		},
+		{
+			name:        "empty strings",
+			repository:  "",
+			destination: "",
+			err:         errors.New("reference error"),
+			expected:    "failed to get head   reference error",
+		},
+		{
+			name:        "nil error",
+			repository:  "repo",
+			destination: "dest",
+			err:         nil,
+			expected:    "failed to get head repo dest <nil>",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &gitHeadError{
+				repository:  tt.repository,
+				destination: tt.destination,
+				err:         tt.err,
+			}
+			if got := e.Error(); got != tt.expected {
+				t.Errorf("gitHeadError.Error() = %v, want %v", got, tt.expected)
+			}
+		})
+	}
+}
+
+func TestGitCommitObjectError_Error(t *testing.T) {
+	tests := []struct {
+		name        string
+		repository  string
+		destination string
+		err         error
+		expected    string
+	}{
+		{
+			name:        "basic error message",
+			repository:  "https://github.com/user/repo.git",
+			destination: "/tmp/repo",
+			err:         errors.New("commit not found"),
+			expected:    "failed to get commit object https://github.com/user/repo.git /tmp/repo commit not found",
+		},
+		{
+			name:        "long repository URL",
+			repository:  "https://very-long-domain-name.example.com/organization/very-long-repository-name.git",
+			destination: "/very/long/path/to/destination/directory",
+			err:         errors.New("object does not exist"),
+			expected:    "failed to get commit object https://very-long-domain-name.example.com/organization/very-long-repository-name.git /very/long/path/to/destination/directory object does not exist",
+		},
+		{
+			name:        "all empty except error",
+			repository:  "",
+			destination: "",
+			err:         errors.New("some error"),
+			expected:    "failed to get commit object   some error",
+		},
+		{
+			name:        "nil error",
+			repository:  "repo",
+			destination: "dest",
+			err:         nil,
+			expected:    "failed to get commit object repo dest <nil>",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &gitCommitObjectError{
+				repository:  tt.repository,
+				destination: tt.destination,
+				err:         tt.err,
+			}
+			if got := e.Error(); got != tt.expected {
+				t.Errorf("gitCommitObjectError.Error() = %v, want %v", got, tt.expected)
+			}
+		})
+	}
+}
+
+func TestErrorTypes_ImplementErrorInterface(t *testing.T) {
+	var err error
+
+	// Test that all error types implement the error interface
+	err = &gitCloneError{repository: "repo", destination: "dest", err: errors.New("test")}
+	if err.Error() == "" {
+		t.Error("gitCloneError should implement error interface")
+	}
+
+	err = &gitHeadError{repository: "repo", destination: "dest", err: errors.New("test")}
+	if err.Error() == "" {
+		t.Error("gitHeadError should implement error interface")
+	}
+
+	err = &gitCommitObjectError{repository: "repo", destination: "dest", err: errors.New("test")}
+	if err.Error() == "" {
+		t.Error("gitCommitObjectError should implement error interface")
+	}
+}
diff --git a/src/scan.go b/src/scan.go
index b863f278..6b6d9515 100644
--- a/src/scan.go
+++ b/src/scan.go
@@ -2,12 +2,15 @@ package pike
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"os"
 	"os/exec"
 	"path"
 	"path/filepath"
 	"strings"
+	"sync"
+	"time"
 
 	"github.com/hashicorp/go-version"
 	"github.com/hashicorp/hc-install/product"
@@ -18,7 +21,16 @@ import (
 
 const tfVersion = "1.5.4"
 
-var dotTfModules = path.Join(".terraform", "modules")
+const (
+	modulesJSON  = "modules.json"
+	dsStore      = ".DS_Store"
+	dotTfModules = ".terraform/modules"
+)
+
+var (
+	terraformMutex sync.Mutex
+	initMutex      sync.Map // per-directory mutex
+)
 
 type emptyIACError struct{}
 
@@ -109,90 +121,111 @@ func (m *getPolicyError) Error() string {
 }
 
 // Scan looks for resources in a given directory.
-func Scan(dirName string, output string, file *string, init bool, write bool, enableResources bool, provider string) error {
+func Scan(dirName string, outputType string, file *string, init bool, write bool, enableResources bool, provider string, outFile string, policyName string) error {
 	if dirName == "" && file == nil {
 		return &emptyScanLocationError{}
 	}
 
-	OutPolicy, err := MakePolicy(dirName, file, init, enableResources, provider)
+	OutPolicy, err := MakePolicy(dirName, file, init, enableResources, provider, policyName)
 	if err != nil {
+		fmt.Print(err.Error())
 		return &makePolicyError{err}
 	}
 
 	if write {
-		err = WriteOutput(OutPolicy, output, dirName)
+		err = WriteOutput(OutPolicy, outputType, dirName, outFile)
 		if err != nil {
-			return &writeFileError{file: output, err: err}
+			return &writeFileError{file: outputType, err: err}
 		}
 	} else {
-		fmt.Print(OutPolicy.AsString(output)) // permit
+		fmt.Print(OutPolicy.AsString(outputType)) // permit
 	}
 
 	return err
 }
 
-// WriteOutput writes out the policy as json or terraform.
-func WriteOutput(outPolicy OutputPolicy, output, location string) error {
-	if location == "" {
-		location = "."
-	}
+// WriteOutput writes out the policy as JSON or Terraform.
+func WriteOutput(outPolicy OutputPolicy, outputType string, scanPath string, outFile string) error {
 
-	newPath, _ := filepath.Abs(location + "/.pike")
-	err := os.MkdirAll(newPath, os.ModePerm)
+	var newPath string
 
-	if err != nil {
-		return &makeDirectoryError{directory: newPath, err: err}
-	}
+	d1 := []byte(outPolicy.AsString(outputType))
 
-	var outFile string
+	if outFile != "" {
 
-	d1 := []byte(outPolicy.AsString(output))
+	} else {
+		if scanPath == "" {
+			scanPath = "."
+		}
+		newPath, _ = filepath.Abs(path.Join(scanPath, ".pike"))
+
+		err := os.MkdirAll(newPath, os.ModePerm)
+
+		if err != nil {
+			return &makeDirectoryError{directory: newPath, err: err}
+		}
 
-	switch strings.ToLower(output) {
-	case terraform:
-		outFile = newPath + "/pike.generated_policy.tf"
+		switch strings.ToLower(outputType) {
+		case terraform:
+			outFile = filepath.Join(newPath, "pike.generated_policy.tf") //path.join does not work here
 
-		if outPolicy.AWS.Terraform != "" {
-			roleFile := path.Join(newPath, "aws_iam_role.terraform_pike.tf")
-			err = os.WriteFile(roleFile, roleTemplate, 0o644)
+			if outPolicy.AWS.Terraform != "" {
+				roleFile := path.Join(newPath, "aws_iam_role.terraform_pike.tf")
+				err = os.WriteFile(roleFile, roleTemplate, 0o644)
 
-			if err != nil {
-				return &writeFileError{file: roleFile, err: err}
+				if err != nil {
+					return &writeFileError{file: roleFile, err: err}
+				}
 			}
-		}
 
-	case "json":
-		outFile = newPath + "/pike.generated_policy.json"
-	default:
-		return &tfPolicyFormatError{}
+		case "json":
+			outFile = path.Join(newPath, "pike.generated_policy.json")
+		default:
+			return &tfPolicyFormatError{}
+		}
 	}
 
-	err = os.WriteFile(outFile, d1, 0o644)
+	err := os.WriteFile(outFile, d1, 0o644)
 	if err != nil {
 		return &writeFileError{file: outFile, err: err}
 	}
 
+	log.Info().Msgf("wrote %s", outFile)
+
 	return nil
 }
 
 // Init can download and install terraform if required and then terraform init your specified directory.
+
 func Init(dirName string) (*string, []string, error) {
+	// Per-directory locking
+	dirMutex, _ := initMutex.LoadOrStore(dirName, &sync.Mutex{})
+	mutex := dirMutex.(*sync.Mutex)
+	mutex.Lock()
+	defer mutex.Unlock()
+
 	tfPath, err := LocateTerraform()
 	if err != nil {
 		return nil, nil, &locateTerraformError{err}
 	}
 
 	tf, err := tfexec.NewTerraform(dirName, tfPath)
+
 	if err != nil {
 		return nil, nil, &terraformExecError{err}
 	}
 
-	err = tf.Init(context.Background(), tfexec.Upgrade(true))
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Minute)
+	defer cancel()
+	err = tf.Init(ctx, tfexec.Upgrade(true))
 	if err != nil {
+		if errors.Is(context.DeadlineExceeded, ctx.Err()) {
+			return nil, nil, fmt.Errorf("terraform init timed out after 10 minutes: %w", err)
+		}
 		return nil, nil, &terraformInitError{err}
 	}
 
-	log.Printf("terraform init at %s", dirName)
+	log.Info().Msgf("terraform init at %s", dirName)
 
 	modulesDir := path.Join(dirName, dotTfModules)
 	modules, err := os.ReadDir(modulesDir)
@@ -217,11 +250,14 @@ func Init(dirName string) (*string, []string, error) {
 
 // LocateTerraform finds the Terraform executable or installs it.
 func LocateTerraform() (string, error) {
+	terraformMutex.Lock()
+	defer terraformMutex.Unlock()
+
 	tfPath, err := exec.LookPath(terraform)
 
 	// if you don't have tf installed, we have to install it
 	if err != nil || tfPath == "" {
-		log.Printf("installing Terraform %s\n", tfVersion)
+		log.Info().Msgf("installing Terraform %s\n", tfVersion)
 		installer := &releases.ExactVersion{
 			Product: product.Terraform,
 			Version: version.Must(version.NewVersion(tfVersion)),
@@ -239,16 +275,43 @@ func LocateTerraform() (string, error) {
 }
 
 // MakePolicy does the guts of determining a policy from code.
-func MakePolicy(dirName string, file *string, init bool, EnableResources bool, provider string) (OutputPolicy, error) {
-	var (
-		files  []string
-		Output OutputPolicy
-	)
+func MakePolicy(dirName string, file *string, init bool, enableResources bool, provider string, policyName string) (OutputPolicy, error) {
+	// Validate inputs early
+	if dirName == "" && file == nil {
+		return OutputPolicy{}, errors.New("either directory or file should be be set")
+	}
+
+	var output OutputPolicy
+
+	permissionsBag, err := makePermissionBag(dirName, file, init, provider)
+	if err != nil {
+		return output, fmt.Errorf("failed to create permission bag: %w", err)
+	}
+
+	output, err = GetPolicy(permissionsBag, enableResources, policyName)
+	if err != nil {
+		return output, &getPolicyError{err: err}
+	}
+
+	return output, nil
+}
+
+// Extract common absolute path logic
+func getAbsolutePath(path string) (string, error) {
+	absPath, err := filepath.Abs(path)
+	if err != nil {
+		return "", &absolutePathError{directory: path, err: err}
+	}
+	return absPath, nil
+}
+func makePermissionBag(dirName string, file *string, init bool, provider string) (Sorted, error) {
+
+	var files []string
 
 	if file == nil {
-		fullPath, err := filepath.Abs(dirName)
+		fullPath, err := getAbsolutePath(dirName)
 		if err != nil {
-			return Output, &absolutePathError{directory: dirName, err: err}
+			return Sorted{}, err
 		}
 
 		if init {
@@ -264,33 +327,36 @@ func MakePolicy(dirName string, file *string, init bool, EnableResources bool, p
 
 		files, err = GetTF(fullPath)
 		if err != nil {
-			return Output, &getTFError{directory: fullPath, err: err}
+			return Sorted{}, &getTFError{directory: fullPath, err: err}
 		}
 	} else {
-		myFile, err := filepath.Abs(*file)
+		myFile, err := getAbsolutePath(*file)
 		if err != nil {
-			return Output, &absolutePathError{directory: *file, err: err}
+			return Sorted{}, err
 		}
 
 		// is this a tfFile?
 		if !(FileExists(myFile)) {
-			return Output, os.ErrNotExist
+			return Sorted{}, os.ErrNotExist
 		}
 
 		files = append(files, myFile)
 	}
 
 	if len(files) == 0 {
-		return Output, &emptyIACError{}
+		return Sorted{}, &emptyIACError{}
 	}
 
 	var resources []ResourceV2
+	var failedFiles []string
+	var criticalErrors []error
 
 	for _, tfFile := range files {
 		resource, err := GetResources(tfFile, dirName)
 		if err != nil {
-			// parse the other files
-			log.Print(err)
+			failedFiles = append(failedFiles, tfFile)
+			criticalErrors = append(criticalErrors, fmt.Errorf("failed to parse %s: %w", tfFile, err))
+			continue
 		}
 
 		if resource != nil {
@@ -298,8 +364,20 @@ func MakePolicy(dirName string, file *string, init bool, EnableResources bool, p
 		}
 	}
 
-	var PermissionBag Sorted
+	// Fail fast if too many critical files failed
+	if len(criticalErrors) > 0 {
+		if len(failedFiles) > len(files)/2 { // More than 50% failed
+			return Sorted{}, fmt.Errorf("critical parsing failures in %d/%d files: %v",
+				len(failedFiles), len(files), criticalErrors)
+		}
+		log.Warn().Int("failed_files", len(failedFiles)).Msg("some terraform files failed to parse")
+	}
 
+	permissionsBag := GetPermissionBag(resources, provider)
+	return permissionsBag, nil
+}
+func GetPermissionBag(resources []ResourceV2, provider string) Sorted {
+	var permissionBag Sorted
 	var newPerms Sorted
 
 	for _, resource := range resources {
@@ -318,24 +396,18 @@ func MakePolicy(dirName string, file *string, init bool, EnableResources bool, p
 
 		switch strings.ToLower(provider) {
 		case "aws":
-			PermissionBag.AWS = append(PermissionBag.AWS, newPerms.AWS...)
+			permissionBag.AWS = append(permissionBag.AWS, newPerms.AWS...)
 		case "gcp", "google":
-			PermissionBag.GCP = append(PermissionBag.GCP, newPerms.GCP...)
+			permissionBag.GCP = append(permissionBag.GCP, newPerms.GCP...)
 		case "azure", "azurerm":
-			PermissionBag.AZURE = append(PermissionBag.AZURE, newPerms.AZURE...)
+			permissionBag.AZURE = append(permissionBag.AZURE, newPerms.AZURE...)
 		case "":
-			PermissionBag.AWS = append(PermissionBag.AWS, newPerms.AWS...)
-			PermissionBag.GCP = append(PermissionBag.GCP, newPerms.GCP...)
-			PermissionBag.AZURE = append(PermissionBag.AZURE, newPerms.AZURE...)
+			permissionBag.AWS = append(permissionBag.AWS, newPerms.AWS...)
+			permissionBag.GCP = append(permissionBag.GCP, newPerms.GCP...)
+			permissionBag.AZURE = append(permissionBag.AZURE, newPerms.AZURE...)
 		}
 	}
-
-	Output, err := GetPolicy(PermissionBag, EnableResources)
-	if err != nil {
-		return Output, &getPolicyError{err: err}
-	}
-
-	return Output, nil
+	return permissionBag
 }
 
 // GetTF return tf files in a directory.
@@ -396,3 +468,16 @@ func StringInSlice(a string, list []string) bool {
 func GetHCLType(resourceName string) string {
 	return strings.Split(resourceName, "_")[0]
 }
+
+const (
+	maxFiles     = 1000
+	maxFileSize  = 10 * 1024 * 1024 // 10MB
+	maxResources = 50000
+)
+
+func validateLimits(files []string) error {
+	if len(files) > maxFiles {
+		return fmt.Errorf("too many files: %d > %d", len(files), maxFiles)
+	}
+	return nil
+}
diff --git a/src/scan_test.go b/src/scan_test.go
index 3660b127..e575bda6 100644
--- a/src/scan_test.go
+++ b/src/scan_test.go
@@ -1,4 +1,4 @@
-package pike_test
+package pike
 
 import (
 	"os"
@@ -7,7 +7,6 @@ import (
 	"runtime"
 	"testing"
 
-	pike "github.com/jameswoolfenden/pike/src"
 	"github.com/rs/zerolog/log"
 )
 
@@ -20,16 +19,16 @@ func TestScan(t *testing.T) {
 		write   bool
 	}
 
-	testpath, _ := filepath.Abs("../terraform/aws/backup")
+	testPath, _ := filepath.Abs("../terraform/aws/backup")
 
 	tests := []struct {
 		name    string
 		args    args
 		wantErr bool
 	}{
-		{"aws", args{testpath, "json", false}, false},
-		{"aws-out", args{testpath, "terraform", true}, false},
-		{"google", args{testpath, "json", false}, false},
+		{"aws", args{testPath, "json", false}, false},
+		{"aws-out", args{testPath, "terraform", true}, false},
+		{"google", args{testPath, "json", false}, false},
 	}
 
 	for _, tt := range tests {
@@ -37,13 +36,7 @@ func TestScan(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if err := pike.Scan(
-				tt.args.dirname,
-				tt.args.output,
-				nil, false,
-				tt.args.write,
-				false,
-				""); (err != nil) != tt.wantErr {
+			if err := Scan(tt.args.dirname, tt.args.output, nil, false, tt.args.write, false, "", "", ""); (err != nil) != tt.wantErr {
 				t.Errorf("Scan() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
@@ -80,7 +73,7 @@ func TestGetTF(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.GetTF(tt.args.dirname)
+			got, err := GetTF(tt.args.dirname)
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("GetTF() error = %v, wantErr %v", err, tt.wantErr)
@@ -95,6 +88,75 @@ func TestGetTF(t *testing.T) {
 	}
 }
 
+func TestGetPermissionBag(t *testing.T) {
+	t.Parallel()
+
+	type args struct {
+		resources []ResourceV2
+		provider  string
+	}
+
+	//goland:noinspection GoLinter
+	tests := []struct {
+		name string
+		args args
+		want Sorted
+	}{
+		{
+			"basic_aws",
+			args{
+				resources: []ResourceV2{
+					{
+						TypeName: "terraform",
+						Name:     "aws_s3_bucket",
+						Provider: "aws",
+						Attributes: []string{
+							"tags",
+						},
+					},
+				},
+			},
+			Sorted{
+				AWS: []string{
+					"s3:PutBucketTagging",
+					"s3:DeleteBucket",
+					"s3:CreateBucket",
+					"s3:GetLifecycleConfiguration",
+					"s3:GetBucketTagging",
+					"s3:GetBucketWebsite",
+					"s3:GetBucketLogging",
+					"s3:ListBucket",
+					"s3:GetAccelerateConfiguration",
+					"s3:GetBucketVersioning",
+					"s3:GetBucketAcl",
+					"s3:GetBucketPolicy",
+					"s3:GetReplicationConfiguration",
+					"s3:GetBucketObjectLockConfiguration",
+					"s3:GetObjectAcl",
+					"s3:GetObject",
+					"s3:GetEncryptionConfiguration",
+					"s3:GetBucketRequestPayment",
+					"s3:GetBucketCORS",
+					"s3:DeleteBucket",
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+
+			permissionBag := GetPermissionBag(tt.args.resources, tt.args.provider)
+
+			if !reflect.DeepEqual(permissionBag, tt.want) {
+				t.Errorf("MakePolicy() = %v, want %v", permissionBag, tt.want)
+			}
+		})
+	}
+}
+
 func Test_stringInSlice(t *testing.T) {
 	t.Parallel()
 
@@ -117,7 +179,7 @@ func Test_stringInSlice(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if got := pike.StringInSlice(tt.args.a, tt.args.list); got != tt.want {
+			if got := StringInSlice(tt.args.a, tt.args.list); got != tt.want {
 				t.Errorf("StringInSlice() = %v, want %v", got, tt.want)
 			}
 		})
@@ -302,35 +364,36 @@ func TestMakePolicy(t *testing.T) {
       "Sid": "VisualEditor8",
       "Effect": "Allow",
       "Action": [
-        "lambda:AddPermission",
-        "lambda:CreateEventSourceMapping",
-        "lambda:CreateFunction",
-        "lambda:CreateFunctionUrlConfig",
-        "lambda:DeleteEventSourceMapping",
-        "lambda:DeleteFunction",
-        "lambda:DeleteFunctionEventInvokeConfig",
-        "lambda:DeleteFunctionUrlConfig",
-        "lambda:DeleteLayerVersion",
-        "lambda:DeleteProvisionedConcurrencyConfig",
-        "lambda:GetCodeSigningConfig",
-        "lambda:GetEventSourceMapping",
-        "lambda:GetFunction",
-        "lambda:GetFunctionCodeSigningConfig",
-        "lambda:GetFunctionEventInvokeConfig",
-        "lambda:GetFunctionUrlConfig",
-        "lambda:GetLayerVersion",
-        "lambda:GetPolicy",
-        "lambda:GetProvisionedConcurrencyConfig",
-        "lambda:ListVersionsByFunction",
-        "lambda:PublishLayerVersion",
-        "lambda:PutFunctionEventInvokeConfig",
-        "lambda:PutProvisionedConcurrencyConfig",
-        "lambda:RemovePermission",
-        "lambda:TagResource",
-        "lambda:UntagResource",
-        "lambda:UpdateEventSourceMapping",
-        "lambda:UpdateFunctionEventInvokeConfig",
-        "lambda:UpdateFunctionUrlConfig"
+                        "lambda:AddPermission",
+                "lambda:CreateEventSourceMapping",
+                "lambda:CreateFunction",
+                "lambda:CreateFunctionUrlConfig",
+                "lambda:DeleteEventSourceMapping",
+                "lambda:DeleteFunction",
+                "lambda:DeleteFunctionEventInvokeConfig",
+                "lambda:DeleteFunctionUrlConfig",
+                "lambda:DeleteLayerVersion",
+                "lambda:DeleteProvisionedConcurrencyConfig",
+                "lambda:GetCodeSigningConfig",
+                "lambda:GetEventSourceMapping",
+                "lambda:GetFunction",
+                "lambda:GetFunctionCodeSigningConfig",
+                "lambda:GetFunctionEventInvokeConfig",
+                "lambda:GetFunctionUrlConfig",
+                "lambda:GetLayerVersion",
+                "lambda:GetPolicy",
+                "lambda:GetProvisionedConcurrencyConfig",
+                "lambda:ListTags",
+                "lambda:ListVersionsByFunction",
+                "lambda:PublishLayerVersion",
+                "lambda:PutFunctionEventInvokeConfig",
+                "lambda:PutProvisionedConcurrencyConfig",
+                "lambda:RemovePermission",
+                "lambda:TagResource",
+                "lambda:UntagResource",
+                "lambda:UpdateEventSourceMapping",
+                "lambda:UpdateFunctionEventInvokeConfig",
+                "lambda:UpdateFunctionUrlConfig"
       ],
       "Resource": [
         "*"
@@ -500,7 +563,7 @@ func TestMakePolicy(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.MakePolicy(tt.args.dirName, tt.args.file, tt.args.init, false, "")
+			got, err := MakePolicy(tt.args.dirName, tt.args.file, tt.args.init, false, "", "")
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("MakePolicy() error = %v, wantErr %v", err, tt.wantErr)
@@ -531,6 +594,8 @@ func TestGetHCLType(t *testing.T) {
 		want string
 	}{
 		{"basic", args{"aws_s3_bucket"}, "aws"},
+		{"gcp", args{"google_storage_bucket"}, "google"},
+		{"azurerm", args{"azurerm_storage_account"}, "azurerm"},
 	}
 
 	for _, tt := range tests {
@@ -538,7 +603,7 @@ func TestGetHCLType(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if got := pike.GetHCLType(tt.args.resourceName); got != tt.want {
+			if got := GetHCLType(tt.args.resourceName); got != tt.want {
 				t.Errorf("GetHCLType() = %v, want %v", got, tt.want)
 			}
 		})
@@ -580,7 +645,7 @@ func Test_getTFFiles(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			got, err := pike.GetTFFiles(tt.args.dirName)
+			got, err := GetTFFiles(tt.args.dirName)
 
 			if (err != nil) != tt.wantErr {
 				t.Errorf("GetTFFiles() error = %v, wantErr %v", err, tt.wantErr)
@@ -599,12 +664,12 @@ func TestWriteOutput(t *testing.T) {
 	t.Parallel()
 
 	type args struct {
-		OutPolicy pike.OutputPolicy
+		OutPolicy OutputPolicy
 		output    string
 		location  string
 	}
 
-	out := pike.OutputPolicy{AWS: pike.AwsOutput{
+	out := OutputPolicy{AWS: AwsOutput{
 		JSONOut:   "{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Sid\": \"VisualEditor0\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"SNS:CreateTopic\",\n                \"SNS:DeleteTopic\",\n                \"SNS:GetTopicAttributes\",\n                \"SNS:ListTagsForResource\",\n                \"SNS:ListTopics\",\n                \"SNS:SetTopicAttributes\",\n                \"SNS:TagResource\",\n                \"SNS:UnTagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor1\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"acm:AddTagsToCertificate\",\n                \"acm:DeleteCertificate\",\n                \"acm:DescribeCertificate\",\n                \"acm:ListTagsForCertificate\",\n                \"acm:RemoveTagsFromCertificate\",\n                \"acm:RequestCertificate\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor2\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"acm-pa:DescribeCertificateAuthority\",\n                \"acm-pa:ListTags\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor3\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"acm-pca:CreateCertificateAuthority\",\n                \"acm-pca:DeleteCertificateAuthority\",\n                \"acm-pca:GetCertificateAuthorityCertificate\",\n                \"acm-pca:UpdateCertificateAuthority\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor4\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"apigateway:DELETE\",\n                \"apigateway:GET\",\n                \"apigateway:PATCH\",\n                \"apigateway:POST\",\n                \"apigateway:PUT\",\n                \"apigateway:UpdateRestApiPolicy\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor5\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"application-autoscaling:DeleteScalingPolicy\",\n                \"application-autoscaling:DeleteScheduledAction\",\n                \"application-autoscaling:DeregisterScalableTarget\",\n                \"application-autoscaling:DescribeScalableTargets\",\n                \"application-autoscaling:DescribeScalingPolicies\",\n                \"application-autoscaling:DescribeScheduledActions\",\n                \"application-autoscaling:PutScalingPolicy\",\n                \"application-autoscaling:PutScheduledAction\",\n                \"application-autoscaling:RegisterScalableTarget\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor6\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"application-autoscaling:DeleteScalingPolicy\",\n                \"application-autoscaling:DeleteScheduledAction\",\n                \"application-autoscaling:DeregisterScalableTarget\",\n                \"application-autoscaling:DescribeScalableTargets\",\n                \"application-autoscaling:DescribeScalingPolicies\",\n                \"application-autoscaling:DescribeScheduledActions\",\n                \"application-autoscaling:PutScalingPolicy\",\n                \"application-autoscaling:PutScheduledAction\",\n                \"application-autoscaling:RegisterScalableTarget\",\n                \"autoscaling:AttachLoadBalancers\",\n                \"autoscaling:CreateAutoScalingGroup\",\n                \"autoscaling:CreateLaunchConfiguration\",\n                \"autoscaling:DeleteAutoScalingGroup\",\n                \"autoscaling:DeleteLaunchConfiguration\",\n                \"autoscaling:DescribeAutoScalingGroups\",\n                \"autoscaling:DescribeLaunchConfigurations\",\n                \"autoscaling:DescribeScalingActivities\",\n                \"autoscaling:DetachLoadBalancers\",\n                \"autoscaling:UpdateAutoScalingGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor7\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"budgets:ModifyBudget\",\n                \"budgets:ViewBudget\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor8\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"cloudtrail:AddTags\",\n                \"cloudtrail:CreateTrail\",\n                \"cloudtrail:DeleteTrail\",\n                \"cloudtrail:DescribeTrails\",\n                \"cloudtrail:GetEventSelectors\",\n                \"cloudtrail:GetTrailStatus\",\n                \"cloudtrail:ListTags\",\n                \"cloudtrail:PutEventSelectors\",\n                \"cloudtrail:RemoveTags\",\n                \"cloudtrail:StartLogging\",\n                \"cloudtrail:UpdateTrail\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor9\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"cloudwatch:DeleteAlarms\",\n                \"cloudwatch:DescribeAlarms\",\n                \"cloudwatch:ListTagsForResource\",\n                \"cloudwatch:PutMetricAlarm\",\n                \"cloudwatch:TagResource\",\n                \"cloudwatch:UnTagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor10\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codeartifact:CreateDomain\",\n                \"codeartifact:CreateRepository\",\n                \"codeartifact:DeleteDomain\",\n                \"codeartifact:DeleteDomainPermissionsPolicy\",\n                \"codeartifact:DeleteRepository\",\n                \"codeartifact:DeleteRepositoryPermissionsPolicy\",\n                \"codeartifact:DescribeDomain\",\n                \"codeartifact:DescribeRepository\",\n                \"codeartifact:GetDomainPermissionsPolicy\",\n                \"codeartifact:GetRepositoryPermissionsPolicy\",\n                \"codeartifact:ListTagsForResource\",\n                \"codeartifact:PutDomainPermissionsPolicy\",\n                \"codeartifact:PutRepositoryPermissionsPolicy\",\n                \"codeartifact:TagResource\",\n                \"codeartifact:UntagResource\",\n                \"codeartifact:UpdateRepository\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor11\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codebuild:BatchGetProjects\",\n                \"codebuild:CreateProject\",\n                \"codebuild:DeleteProject\",\n                \"codebuild:UpdateProject\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor12\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codecommit:CreateRepository\",\n                \"codecommit:DeleteRepository\",\n                \"codecommit:GetRepository\",\n                \"codecommit:ListBranches\",\n                \"codecommit:ListTagsForResource\",\n                \"codecommit:TagResource\",\n                \"codecommit:UntagResource\",\n                \"codecommit:UpdateRepositoryDescription\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor13\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codepipeline:CreatePipeline\",\n                \"codepipeline:DeletePipeline\",\n                \"codepipeline:GetPipeline\",\n                \"codepipeline:ListTagsForResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor14\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"cognito-idp:AddCustomAttributes\",\n                \"cognito-idp:AdminAddUserToGroup\",\n                \"cognito-idp:AdminCreateUser\",\n                \"cognito-idp:AdminDeleteUser\",\n                \"cognito-idp:AdminGetUser\",\n                \"cognito-idp:AdminListGroupsForUser\",\n                \"cognito-idp:AdminRemoveUserFromGroup\",\n                \"cognito-idp:CreateGroup\",\n                \"cognito-idp:CreateIdentityProvider\",\n                \"cognito-idp:CreateResourceServer\",\n                \"cognito-idp:CreateUserPool\",\n                \"cognito-idp:CreateUserPoolClient\",\n                \"cognito-idp:CreateUserPoolDomain\",\n                \"cognito-idp:DeleteGroup\",\n                \"cognito-idp:DeleteIdentityProvider\",\n                \"cognito-idp:DeleteResourceServer\",\n                \"cognito-idp:DeleteUserPool\",\n                \"cognito-idp:DeleteUserPoolClient\",\n                \"cognito-idp:DeleteUserPoolDomain\",\n                \"cognito-idp:DescribeIdentityProvider\",\n                \"cognito-idp:DescribeResourceServer\",\n                \"cognito-idp:DescribeUserPool\",\n                \"cognito-idp:DescribeUserPoolClient\",\n                \"cognito-idp:DescribeUserPoolDomain\",\n                \"cognito-idp:GetGroup\",\n                \"cognito-idp:GetSigningCertificate\",\n                \"cognito-idp:GetUICustomization\",\n                \"cognito-idp:GetUserPoolMfaConfig\",\n                \"cognito-idp:ListUserPoolClients\",\n                \"cognito-idp:ListUserPools\",\n                \"cognito-idp:SetUICustomization\",\n                \"cognito-idp:SetUserPoolMfaConfig\",\n                \"cognito-idp:TagResource\",\n                \"cognito-idp:UntagResource\",\n                \"cognito-idp:UpdateGroup\",\n                \"cognito-idp:UpdateIdentityProvider\",\n                \"cognito-idp:UpdateResourceServer\",\n                \"cognito-idp:UpdateUserPool\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor15\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"dax:CreateParameterGroup\",\n                \"dax:CreateSubnetGroup\",\n                \"dax:DeleteParameterGroup\",\n                \"dax:DeleteSubnetGroup\",\n                \"dax:DescribeParameterGroups\",\n                \"dax:DescribeParameters\",\n                \"dax:DescribeSubnetGroups\",\n                \"dax:UpdateParameterGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor16\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ds:AddTagsToResource\",\n                \"ds:CreateDirectory\",\n                \"ds:CreateLogSubscription\",\n                \"ds:DeleteDirectory\",\n                \"ds:DeleteLogSubscription\",\n                \"ds:ListTagsForResource\",\n                \"ds:RemoveTagsFromResource\",\n                \"rds:AddRoleToDBCluster\",\n                \"rds:AddTagsToResource\",\n                \"rds:CreateDBCluster\",\n                \"rds:CreateDBClusterEndpoint\",\n                \"rds:CreateDBClusterParameterGroup\",\n                \"rds:CreateDBClusterSnapshot\",\n                \"rds:CreateDBInstance\",\n                \"rds:CreateDBParameterGroup\",\n                \"rds:CreateDBSubnetGroup\",\n                \"rds:CreateGlobalCluster\",\n                \"rds:CreateOptionGroup\",\n                \"rds:DeleteDBCluster\",\n                \"rds:DeleteDBClusterEndpoint\",\n                \"rds:DeleteDBClusterParameterGroup\",\n                \"rds:DeleteDBClusterSnapshot\",\n                \"rds:DeleteDBParameterGroup\",\n                \"rds:DeleteDBSubnetGroup\",\n                \"rds:DeleteGlobalCluster\",\n                \"rds:DeleteOptionGroup\",\n                \"rds:DescribeCertificates\",\n                \"rds:DescribeDBClusterParameterGroups\",\n                \"rds:DescribeDBClusterParameters\",\n                \"rds:DescribeDBClusterSnapshots\",\n                \"rds:DescribeDBClusters\",\n                \"rds:DescribeDBEngineVersions\",\n                \"rds:DescribeDBInstances\",\n                \"rds:DescribeDBParameterGroups\",\n                \"rds:DescribeDBParameters\",\n                \"rds:DescribeDBSnapshots\",\n                \"rds:DescribeDBSubnetGroups\",\n                \"rds:DescribeEventCategories\",\n                \"rds:DescribeGlobalClusters\",\n                \"rds:DescribeOptionGroups\",\n                \"rds:DescribeOrderableDBInstanceOptions\",\n                \"rds:ListTagsForResource\",\n                \"rds:ModifyDBCluster\",\n                \"rds:ModifyDBClusterEndpoint\",\n                \"rds:ModifyDBClusterParameterGroup\",\n                \"rds:ModifyDBInstance\",\n                \"rds:ModifyDBParameterGroup\",\n                \"rds:ModifyGlobalCluster\",\n                \"rds:ModifyOptionGroup\",\n                \"rds:RemoveRoleFromDBCluster\",\n                \"rds:RemoveTagsFromResource\",\n                \"rds:StartActivityStream\",\n                \"rds:StopActivityStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor17\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"dynamodb:BatchWriteItem\",\n                \"dynamodb:CreateTable\",\n                \"dynamodb:CreateTableReplica\",\n                \"dynamodb:DeleteItem\",\n                \"dynamodb:DeleteTable\",\n                \"dynamodb:DeleteTableReplica\",\n                \"dynamodb:DescribeContinuousBackups\",\n                \"dynamodb:DescribeTable\",\n                \"dynamodb:DescribeTimeToLive\",\n                \"dynamodb:GetItem\",\n                \"dynamodb:ListTagsOfResource\",\n                \"dynamodb:PutItem\",\n                \"dynamodb:Query\",\n                \"dynamodb:Scan\",\n                \"dynamodb:TagResource\",\n                \"dynamodb:UntagResource\",\n                \"dynamodb:UpdateContinuousBackups\",\n                \"dynamodb:UpdateItem\",\n                \"dynamodb:UpdateTable\",\n                \"dynamodb:UpdateTimeToLive\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor18\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ec2:AllocateAddress\",\n                \"ec2:AssociateAddress\",\n                \"ec2:AssociateRouteTable\",\n                \"ec2:AttachInternetGateway\",\n                \"ec2:AttachVolume\",\n                \"ec2:AttachVpnGateway\",\n                \"ec2:AuthorizeSecurityGroupEgress\",\n                \"ec2:AuthorizeSecurityGroupIngress\",\n                \"ec2:CancelCapacityReservation\",\n                \"ec2:CancelSpotInstanceRequests\",\n                \"ec2:CreateCapacityReservation\",\n                \"ec2:CreateDefaultVpc\",\n                \"ec2:CreateFlowLogs\",\n                \"ec2:CreateInternetGateway\",\n                \"ec2:CreateKeyPair\",\n                \"ec2:CreateLaunchTemplate\",\n                \"ec2:CreateLaunchTemplateVersion\",\n                \"ec2:CreateNatGateway\",\n                \"ec2:CreateNetworkAcl\",\n                \"ec2:CreateNetworkAclEntry\",\n                \"ec2:CreateNetworkInterface\",\n                \"ec2:CreateNetworkInterfacePermission\",\n                \"ec2:CreatePlacementGroup\",\n                \"ec2:CreateRoute\",\n                \"ec2:CreateRouteTable\",\n                \"ec2:CreateSecurityGroup\",\n                \"ec2:CreateSubnet\",\n                \"ec2:CreateTags\",\n                \"ec2:CreateVPC\",\n                \"ec2:CreateVolume\",\n                \"ec2:CreateVpcEndpoint\",\n                \"ec2:CreateVpnGateway\",\n                \"ec2:DeleteFlowLogs\",\n                \"ec2:DeleteInternetGateway\",\n                \"ec2:DeleteKeyPair\",\n                \"ec2:DeleteLaunchTemplate\",\n                \"ec2:DeleteNatGateway\",\n                \"ec2:DeleteNetworkAcl\",\n                \"ec2:DeleteNetworkAclEntry\",\n                \"ec2:DeleteNetworkInterface\",\n                \"ec2:DeleteNetworkInterfacePermission\",\n                \"ec2:DeletePlacementGroup\",\n                \"ec2:DeleteRoute\",\n                \"ec2:DeleteRouteTable\",\n                \"ec2:DeleteSecurityGroup\",\n                \"ec2:DeleteSubnet\",\n                \"ec2:DeleteTags\",\n                \"ec2:DeleteVPC\",\n                \"ec2:DeleteVolume\",\n                \"ec2:DeleteVpcEndpoints\",\n                \"ec2:DeleteVpnGateway\",\n                \"ec2:DescribeAccountAttributes\",\n                \"ec2:DescribeAddresses\",\n                \"ec2:DescribeAvailabilityZones\",\n                \"ec2:DescribeCapacityReservations\",\n                \"ec2:DescribeDhcpOptions\",\n                \"ec2:DescribeFlowLogs\",\n                \"ec2:DescribeImages\",\n                \"ec2:DescribeInstanceAttribute\",\n                \"ec2:DescribeInstanceCreditSpecifications\",\n                \"ec2:DescribeInstanceTypes\",\n                \"ec2:DescribeInstances\",\n                \"ec2:DescribeInternetGateways\",\n                \"ec2:DescribeKeyPairs\",\n                \"ec2:DescribeLaunchTemplateVersions\",\n                \"ec2:DescribeLaunchTemplates\",\n                \"ec2:DescribeNatGateways\",\n                \"ec2:DescribeNetworkAcls\",\n                \"ec2:DescribeNetworkInterfaces\",\n                \"ec2:DescribePlacementGroups\",\n                \"ec2:DescribePrefixLists\",\n                \"ec2:DescribeRouteTables\",\n                \"ec2:DescribeSecurityGroups\",\n                \"ec2:DescribeSpotInstanceRequests\",\n                \"ec2:DescribeSubnets\",\n                \"ec2:DescribeTags\",\n                \"ec2:DescribeVolumes\",\n                \"ec2:DescribeVpcAttribute\",\n                \"ec2:DescribeVpcEndpointServices\",\n                \"ec2:DescribeVpcEndpoints\",\n                \"ec2:DescribeVpcs\",\n                \"ec2:DescribeVpnGateways\",\n                \"ec2:DetachInternetGateway\",\n                \"ec2:DetachNetworkInterface\",\n                \"ec2:DetachVolume\",\n                \"ec2:DetachVpnGateway\",\n                \"ec2:DisassociateAddress\",\n                \"ec2:DisassociateRouteTable\",\n                \"ec2:GetEbsDefaultKmsKeyId\",\n                \"ec2:ImportKeyPair\",\n                \"ec2:ModifyCapacityReservation\",\n                \"ec2:ModifyInstanceAttribute\",\n                \"ec2:ModifyVolume\",\n                \"ec2:ModifyVpcEndpoint\",\n                \"ec2:MonitorInstances\",\n                \"ec2:ReleaseAddress\",\n                \"ec2:RequestSpotInstances\",\n                \"ec2:RevokeSecurityGroupEgress\",\n                \"ec2:RevokeSecurityGroupIngress\",\n                \"ec2:RunInstances\",\n                \"ec2:StartInstances\",\n                \"ec2:StopInstances\",\n                \"ec2:TerminateInstances\",\n                \"ec2:UnmonitorInstances\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor19\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ecr:CreatePullThroughCacheRule\",\n                \"ecr:CreateRepository\",\n                \"ecr:DeleteLifecyclePolicy\",\n                \"ecr:DeletePullThroughCacheRule\",\n                \"ecr:DeleteRepository\",\n                \"ecr:DescribePullThroughCacheRules\",\n                \"ecr:DescribeRepositories\",\n                \"ecr:GetAuthorizationToken\",\n                \"ecr:GetLifecyclePolicy\",\n                \"ecr:ListTagsForResource\",\n                \"ecr:PutImageScanningConfiguration\",\n                \"ecr:PutLifecyclePolicy\",\n                \"ecr:TagResource\",\n                \"ecr:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor20\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ecs:CreateCluster\",\n                \"ecs:CreateService\",\n                \"ecs:DeleteCluster\",\n                \"ecs:DeleteService\",\n                \"ecs:DeregisterTaskDefinition\",\n                \"ecs:DescribeClusters\",\n                \"ecs:DescribeServices\",\n                \"ecs:DescribeTaskDefinition\",\n                \"ecs:UpdateCluster\",\n                \"ecs:RegisterTaskDefinition\",\n                \"ecs:TagResource\",\n                \"ecs:UntagResource\",\n                \"ecs:UpdateService\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor21\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"eks:DescribeCluster\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor22\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticache:AddTagsToResource\",\n                \"elasticache:CreateCacheParameterGroup\",\n                \"elasticache:CreateCacheSubnetGroup\",\n                \"elasticache:DeleteCacheParameterGroup\",\n                \"elasticache:DeleteCacheSubnetGroup\",\n                \"elasticache:DescribeCacheParameterGroups\",\n                \"elasticache:DescribeCacheParameters\",\n                \"elasticache:DescribeCacheSubnetGroups\",\n                \"elasticache:ListTagsForResource\",\n                \"elasticache:ModifyCacheParameterGroup\",\n                \"elasticache:ModifyCacheSubnetGroup\",\n                \"elasticache:RemoveTagsFromResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor23\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticbeanstalk:AddTags\",\n                \"elasticbeanstalk:CreateApplication\",\n                \"elasticbeanstalk:DeleteApplication\",\n                \"elasticbeanstalk:DescribeApplications\",\n                \"elasticbeanstalk:ListAvailableSolutionStacks\",\n                \"elasticbeanstalk:ListTagsForResource\",\n                \"elasticbeanstalk:RemoveTags\",\n                \"elasticbeanstalk:UpdateApplicationResourceLifecycle\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor24\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticfilesystem:CreateAccessPoint\",\n                \"elasticfilesystem:CreateFileSystem\",\n                \"elasticfilesystem:CreateReplicationConfiguration\",\n                \"elasticfilesystem:DeleteAccessPoint\",\n                \"elasticfilesystem:DeleteFileSystem\",\n                \"elasticfilesystem:DeleteFileSystemPolicy\",\n                \"elasticfilesystem:DeleteReplicationConfiguration\",\n                \"elasticfilesystem:DescribeAccessPoints\",\n                \"elasticfilesystem:DescribeBackupPolicy\",\n                \"elasticfilesystem:DescribeFileSystemPolicy\",\n                \"elasticfilesystem:DescribeFileSystems\",\n                \"elasticfilesystem:DescribeLifecycleConfiguration\",\n                \"elasticfilesystem:DescribeMountTargetSecurityGroups\",\n                \"elasticfilesystem:DescribeMountTargets\",\n                \"elasticfilesystem:DescribeReplicationConfigurations\",\n                \"elasticfilesystem:PutBackupPolicy\",\n                \"elasticfilesystem:PutFileSystemPolicy\",\n                \"elasticfilesystem:TagResource\",\n                \"elasticfilesystem:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor25\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticloadbalancing:AddTags\",\n                \"elasticloadbalancing:AttachLoadBalancerToSubnets\",\n                \"elasticloadbalancing:CreateListener\",\n                \"elasticloadbalancing:CreateLoadBalancer\",\n                \"elasticloadbalancing:CreateLoadBalancerListeners\",\n                \"elasticloadbalancing:CreateTargetGroup\",\n                \"elasticloadbalancing:DeleteListener\",\n                \"elasticloadbalancing:DeleteLoadBalancer\",\n                \"elasticloadbalancing:DeleteTargetGroup\",\n                \"elasticloadbalancing:DeregisterTargets\",\n                \"elasticloadbalancing:DescribeListeners\",\n                \"elasticloadbalancing:DescribeLoadBalancerAttributes\",\n                \"elasticloadbalancing:DescribeLoadBalancers\",\n                \"elasticloadbalancing:DescribeTags\",\n                \"elasticloadbalancing:DescribeTargetGroupAttributes\",\n                \"elasticloadbalancing:DescribeTargetGroups\",\n                \"elasticloadbalancing:DescribeTargetHealth\",\n                \"elasticloadbalancing:ModifyListener\",\n                \"elasticloadbalancing:ModifyLoadBalancerAttributes\",\n                \"elasticloadbalancing:ModifyTargetGroupAttributes\",\n                \"elasticloadbalancing:RegisterTargets\",\n                \"elasticloadbalancing:RemoveTags\",\n                \"elasticloadbalancing:SetSecurityGroups\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor26\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"events:DeleteRule\",\n                \"events:DescribeRule\",\n                \"events:ListTagsForResource\",\n                \"events:ListTargetsByRule\",\n                \"events:PutRule\",\n                \"events:PutTargets\",\n                \"events:RemoveTargets\",\n                \"events:TagResource\",\n                \"events:UnTagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor27\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"firehose:CreateDeliveryStream\",\n                \"firehose:DeleteDeliveryStream\",\n                \"firehose:DescribeDeliveryStream\",\n                \"firehose:ListTagsForDeliveryStream\",\n                \"firehose:TagDeliveryStream\",\n                \"firehose:UntagDeliveryStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor28\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"glue:CreateClassifier\",\n                \"glue:CreateConnection\",\n                \"glue:CreateCrawler\",\n                \"glue:CreateDatabase\",\n                \"glue:CreateJob\",\n                \"glue:CreateMLTransform\",\n                \"glue:CreateRegistry\",\n                \"glue:CreateSchema\",\n                \"glue:CreateScript\",\n                \"glue:CreateSecurityConfiguration\",\n                \"glue:CreateTable\",\n                \"glue:CreateTrigger\",\n                \"glue:CreateUserDefinedFunction\",\n                \"glue:CreateWorkflow\",\n                \"glue:DeleteClassifier\",\n                \"glue:DeleteConnection\",\n                \"glue:DeleteCrawler\",\n                \"glue:DeleteDatabase\",\n                \"glue:DeleteJob\",\n                \"glue:DeleteMLTransform\",\n                \"glue:DeleteRegistry\",\n                \"glue:DeleteResourcePolicy\",\n                \"glue:DeleteSchema\",\n                \"glue:DeleteSecurityConfiguration\",\n                \"glue:DeleteTable\",\n                \"glue:DeleteTrigger\",\n                \"glue:DeleteUserDefinedFunction\",\n                \"glue:DeleteWorkflow\",\n                \"glue:GetClassifier\",\n                \"glue:GetConnection\",\n                \"glue:GetCrawler\",\n                \"glue:GetDataCatalogEncryptionSettings\",\n                \"glue:GetDatabase\",\n                \"glue:GetJob\",\n                \"glue:GetMLTransform\",\n                \"glue:GetRegistry\",\n                \"glue:GetResourcePolicy\",\n                \"glue:GetSchema\",\n                \"glue:GetSchemaVersion\",\n                \"glue:GetSecurityConfiguration\",\n                \"glue:GetTable\",\n                \"glue:GetTags\",\n                \"glue:GetTrigger\",\n                \"glue:GetUserDefinedFunction\",\n                \"glue:GetWorkflow\",\n                \"glue:PutDataCatalogEncryptionSettings\",\n                \"glue:PutResourcePolicy\",\n                \"glue:TagResource\",\n                \"glue:UntagResource\",\n                \"glue:UpdateClassifier\",\n                \"glue:UpdateConnection\",\n                \"glue:UpdateCrawler\",\n                \"glue:UpdateDatabase\",\n                \"glue:UpdateJob\",\n                \"glue:UpdateMLTransform\",\n                \"glue:UpdateRegistry\",\n                \"glue:UpdateSchema\",\n                \"glue:UpdateTable\",\n                \"glue:UpdateTrigger\",\n                \"glue:UpdateUserDefinedFunction\",\n                \"glue:UpdateWorkflow\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor29\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"iam:AddRoleToInstanceProfile\",\n                \"iam:AddUserToGroup\",\n                \"iam:AttachGroupPolicy\",\n                \"iam:AttachRolePolicy\",\n                \"iam:AttachUserPolicy\",\n                \"iam:CreateAccessKey\",\n                \"iam:CreateGroup\",\n                \"iam:CreateInstanceProfile\",\n                \"iam:CreateLoginProfile\",\n                \"iam:CreatePolicy\",\n                \"iam:CreateRole\",\n                \"iam:CreateServiceLinkedRole\",\n                \"iam:CreateUser\",\n                \"iam:DeleteAccessKey\",\n                \"iam:DeleteGroup\",\n                \"iam:DeleteGroupPolicy\",\n                \"iam:DeleteInstanceProfile\",\n                \"iam:DeleteLoginProfile\",\n                \"iam:DeletePolicy\",\n                \"iam:DeleteRole\",\n                \"iam:DeleteRolePolicy\",\n                \"iam:DeleteServiceLinkedRole\",\n                \"iam:DeleteUser\",\n                \"iam:DeleteUserPolicy\",\n                \"iam:DetachGroupPolicy\",\n                \"iam:DetachRolePolicy\",\n                \"iam:DetachUserPolicy\",\n                \"iam:GetGroup\",\n                \"iam:GetGroupPolicy\",\n                \"iam:GetInstanceProfile\",\n                \"iam:GetLoginProfile\",\n                \"iam:GetPolicy\",\n                \"iam:GetPolicyVersion\",\n                \"iam:GetRole\",\n                \"iam:GetRolePolicy\",\n                \"iam:GetServiceLinkedRoleDeletionStatus\",\n                \"iam:GetUser\",\n                \"iam:GetUserPolicy\",\n                \"iam:ListAccessKeys\",\n                \"iam:ListAttachedGroupPolicies\",\n                \"iam:ListAttachedRolePolicies\",\n                \"iam:ListAttachedUserPolicies\",\n                \"iam:ListEntitiesForPolicy\",\n                \"iam:ListGroupsForUser\",\n                \"iam:ListInstanceProfilesForRole\",\n                \"iam:ListPolicies\",\n                \"iam:ListPolicyVersions\",\n                \"iam:ListRolePolicies\",\n                \"iam:PassRole\",\n                \"iam:PutGroupPolicy\",\n                \"iam:PutRolePolicy\",\n                \"iam:PutUserPolicy\",\n                \"iam:RemoveRoleFromInstanceProfile\",\n                \"iam:RemoveUserFromGroup\",\n                \"iam:TagPolicy\",\n                \"iam:TagRole\",\n                \"iam:TagUser\",\n                \"iam:UnTagRole\",\n                \"iam:UnTagUser\",\n                \"iam:UntagPolicy\",\n                \"iam:UpdateAccessKey\",\n                \"iam:UpdateRoleDescription\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor30\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"inspector:CreateAssessmentTarget\",\n                \"inspector:CreateAssessmentTemplate\",\n                \"inspector:CreateResourceGroup\",\n                \"inspector:DeleteAssessmentTarget\",\n                \"inspector:DeleteAssessmentTemplate\",\n                \"inspector:DescribeAssessmentTargets\",\n                \"inspector:DescribeAssessmentTemplates\",\n                \"inspector:DescribeResourceGroups\",\n                \"inspector:ListEventSubscriptions\",\n                \"inspector:ListRulesPackages\",\n                \"inspector:ListTagsForResource\",\n                \"inspector:SetTagsForResource\",\n                \"inspector:SubscribeToEvent\",\n                \"inspector:UnsubscribeFromEvent\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor31\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"kinesis:AddTagsToStream\",\n                \"kinesis:CreateStream\",\n                \"kinesis:DeleteStream\",\n                \"kinesis:DescribeStreamSummary\",\n                \"kinesis:EnableEnhancedMonitoring\",\n                \"kinesis:IncreaseStreamRetentionPeriod\",\n                \"kinesis:ListTagsForStream\",\n                \"kinesis:RemoveTagsFromStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor32\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"kinesisvideo:CreateStream\",\n                \"kinesisvideo:DeleteStream\",\n                \"kinesisvideo:DescribeStream\",\n                \"kinesisvideo:ListTagsForStream\",\n                \"kinesisvideo:TagStream\",\n                \"kinesisvideo:UntagStream\",\n                \"kinesisvideo:UpdateStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor33\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"kms:CreateAlias\",\n                \"kms:CreateGrant\",\n                \"kms:CreateKey\",\n                \"kms:Decrypt\",\n                \"kms:DeleteAlias\",\n                \"kms:DescribeKey\",\n                \"kms:DisableKey\",\n                \"kms:EnableKey\",\n                \"kms:EnableKeyRotation\",\n                \"kms:Encrypt\",\n                \"kms:GenerateDataKey*\",\n                \"kms:GetKeyPolicy\",\n                \"kms:GetKeyRotationStatus\",\n                \"kms:ListAliases\",\n                \"kms:ListResourceTags\",\n                \"kms:PutKeyPolicy\",\n                \"kms:ReEncrypt*\",\n                \"kms:ScheduleKeyDeletion\",\n                \"kms:TagResource\",\n                \"kms:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor34\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"lambda:AddPermission\",\n                \"lambda:CreateAlias\",\n                \"lambda:CreateFunction\",\n                \"lambda:DeleteAlias\",\n                \"lambda:DeleteFunction\",\n                \"lambda:GetAlias\",\n                \"lambda:GetFunction\",\n                \"lambda:GetFunctionCodeSigningConfig\",\n                \"lambda:GetPolicy\",\n                \"lambda:ListVersionsByFunction\",\n                \"lambda:RemovePermission\",\n                \"lambda:TagResource\",\n                \"lambda:UntagResource\",\n                \"lambda:UpdateAlias\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor35\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"logs:CreateLogGroup\",\n                \"logs:DeleteLogGroup\",\n                \"logs:DeleteMetricFilter\",\n                \"logs:DeleteResourcePolicy\",\n                \"logs:DeleteRetentionPolicy\",\n                \"logs:DeleteSubscriptionFilter\",\n                \"logs:DescribeLogGroups\",\n                \"logs:DescribeMetricFilters\",\n                \"logs:DescribeResourcePolicies\",\n                \"logs:DescribeSubscriptionFilters\",\n                \"logs:ListTagsLogGroup\",\n                \"logs:PutMetricFilter\",\n                \"logs:PutResourcePolicy\",\n                \"logs:PutRetentionPolicy\",\n                \"logs:PutSubscriptionFilter\",\n                \"logs:TagLogGroup\",\n                \"logs:UntagLogGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor36\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"memorydb:CreateSubnetGroup\",\n                \"memorydb:DeleteSubnetGroup\",\n                \"memorydb:DescribeSubnetGroups\",\n                \"memorydb:ListTags\",\n                \"memorydb:TagResource\",\n                \"memorydb:UntagResource\",\n                \"memorydb:UpdateSubnetGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor37\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"mq:CreateBroker\",\n                \"mq:CreateConfiguration\",\n                \"mq:CreateTags\",\n                \"mq:CreateUser\",\n                \"mq:DeleteBroker\",\n                \"mq:DeleteTags\",\n                \"mq:DeleteUser\",\n                \"mq:DescribeBroker\",\n                \"mq:DescribeConfiguration\",\n                \"mq:DescribeConfigurationRevision\",\n                \"mq:DescribeUser\",\n                \"mq:RebootBroker\",\n                \"mq:UpdateBroker\",\n                \"mq:UpdateConfiguration\",\n                \"mq:UpdateUser\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor38\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"organizations:DescribeOrganization\",\n                \"organizations:ListAWSServiceAccessForOrganization\",\n                \"organizations:ListAccounts\",\n                \"organizations:ListRoots\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor39\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"outposts:ListOutposts\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor40\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"rds:AddRoleToDBCluster\",\n                \"rds:AddTagsToResource\",\n                \"rds:CreateDBCluster\",\n                \"rds:CreateDBClusterEndpoint\",\n                \"rds:CreateDBClusterParameterGroup\",\n                \"rds:CreateDBClusterSnapshot\",\n                \"rds:CreateDBInstance\",\n                \"rds:CreateDBParameterGroup\",\n                \"rds:CreateDBSubnetGroup\",\n                \"rds:CreateGlobalCluster\",\n                \"rds:CreateOptionGroup\",\n                \"rds:DeleteDBCluster\",\n                \"rds:DeleteDBClusterEndpoint\",\n                \"rds:DeleteDBClusterParameterGroup\",\n                \"rds:DeleteDBClusterSnapshot\",\n                \"rds:DeleteDBParameterGroup\",\n                \"rds:DeleteDBSubnetGroup\",\n                \"rds:DeleteGlobalCluster\",\n                \"rds:DeleteOptionGroup\",\n                \"rds:DescribeCertificates\",\n                \"rds:DescribeDBClusterParameterGroups\",\n                \"rds:DescribeDBClusterParameters\",\n                \"rds:DescribeDBClusterSnapshots\",\n                \"rds:DescribeDBClusters\",\n                \"rds:DescribeDBEngineVersions\",\n                \"rds:DescribeDBInstances\",\n                \"rds:DescribeDBParameterGroups\",\n                \"rds:DescribeDBParameters\",\n                \"rds:DescribeDBSnapshots\",\n                \"rds:DescribeDBSubnetGroups\",\n                \"rds:DescribeEventCategories\",\n                \"rds:DescribeGlobalClusters\",\n                \"rds:DescribeOptionGroups\",\n                \"rds:DescribeOrderableDBInstanceOptions\",\n                \"rds:ListTagsForResource\",\n                \"rds:ModifyDBCluster\",\n                \"rds:ModifyDBClusterEndpoint\",\n                \"rds:ModifyDBClusterParameterGroup\",\n                \"rds:ModifyDBInstance\",\n                \"rds:ModifyDBParameterGroup\",\n                \"rds:ModifyGlobalCluster\",\n                \"rds:ModifyOptionGroup\",\n                \"rds:RemoveRoleFromDBCluster\",\n                \"rds:RemoveTagsFromResource\",\n                \"rds:StartActivityStream\",\n                \"rds:StopActivityStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor41\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"redshift:CreateAuthenticationProfile\",\n                \"redshift:CreateCluster\",\n                \"redshift:CreateClusterParameterGroup\",\n                \"redshift:CreateClusterSubnetGroup\",\n                \"redshift:CreateEventSubscription\",\n                \"redshift:CreateHsmClientCertificate\",\n                \"redshift:CreateHsmConfiguration\",\n                \"redshift:CreateScheduledAction\",\n                \"redshift:CreateSnapshotCopyGrant\",\n                \"redshift:CreateSnapshotSchedule\",\n                \"redshift:CreateTags\",\n                \"redshift:CreateUsageLimit\",\n                \"redshift:DeleteAuthenticationProfile\",\n                \"redshift:DeleteCluster\",\n                \"redshift:DeleteClusterParameterGroup\",\n                \"redshift:DeleteClusterSubnetGroup\",\n                \"redshift:DeleteEventSubscription\",\n                \"redshift:DeleteHsmClientCertificate\",\n                \"redshift:DeleteHsmConfiguration\",\n                \"redshift:DeleteScheduledAction\",\n                \"redshift:DeleteSnapshotCopyGrant\",\n                \"redshift:DeleteSnapshotSchedule\",\n                \"redshift:DeleteTags\",\n                \"redshift:DeleteUsageLimit\",\n                \"redshift:DescribeAuthenticationProfiles\",\n                \"redshift:DescribeClusterParameterGroups\",\n                \"redshift:DescribeClusterParameters\",\n                \"redshift:DescribeClusterSubnetGroups\",\n                \"redshift:DescribeClusters\",\n                \"redshift:DescribeEventSubscriptions\",\n                \"redshift:DescribeHsmClientCertificates\",\n                \"redshift:DescribeHsmConfigurations\",\n                \"redshift:DescribeLoggingStatus\",\n                \"redshift:DescribeOrderableClusterOptions\",\n                \"redshift:DescribeScheduledActions\",\n                \"redshift:DescribeSnapshotCopyGrants\",\n                \"redshift:DescribeSnapshotSchedules\",\n                \"redshift:DescribeUsageLimits\",\n                \"redshift:DisableLogging\",\n                \"redshift:EnableLogging\",\n                \"redshift:GetClusterCredentials\",\n                \"redshift:ModifyAuthenticationProfile\",\n                \"redshift:ModifyCluster\",\n                \"redshift:ModifyClusterIamRoles\",\n                \"redshift:ModifyClusterParameterGroup\",\n                \"redshift:ModifyClusterSnapshotSchedule\",\n                \"redshift:ModifyClusterSubnetGroup\",\n                \"redshift:ModifyEventSubscription\",\n                \"redshift:ModifyScheduledAction\",\n                \"redshift:ModifySnapshotSchedule\",\n                \"redshift:ModifyUsageLimit\",\n                \"redshift:PauseCluster\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor42\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"route53:AssociateVPCWithHostedZone\",\n                \"route53:ChangeResourceRecordSets\",\n                \"route53:ChangeTagsForResource\",\n                \"route53:CreateHostedZone\",\n                \"route53:DeleteHostedZone\",\n                \"route53:GetChange\",\n                \"route53:GetHostedZone\",\n                \"route53:ListHostedZones\",\n                \"route53:ListResourceRecordSets\",\n                \"route53:ListTagsForResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor43\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"s3:CreateBucket\",\n                \"s3:DeleteBucket\",\n                \"s3:DeleteObject\",\n                \"s3:GetAccelerateConfiguration\",\n                \"s3:GetBucketAcl\",\n                \"s3:GetBucketCORS\",\n                \"s3:GetBucketLocation\",\n                \"s3:GetBucketLogging\",\n                \"s3:GetBucketObjectLockConfiguration\",\n                \"s3:GetBucketPolicy\",\n                \"s3:GetBucketPublicAccessBlock\",\n                \"s3:GetBucketRequestPayment\",\n                \"s3:GetBucketTagging\",\n                \"s3:GetBucketVersioning\",\n                \"s3:GetBucketWebsite\",\n                \"s3:GetEncryptionConfiguration\",\n                \"s3:GetLifecycleConfiguration\",\n                \"s3:GetObject\",\n                \"s3:GetObjectAcl\",\n                \"s3:GetObjectTagging\",\n                \"s3:GetReplicationConfiguration\",\n                \"s3:ListAllMyBuckets\",\n                \"s3:ListBucket\",\n                \"s3:PutBucketAcl\",\n                \"s3:PutBucketLogging\",\n                \"s3:PutBucketObjectLockConfiguration\",\n                \"s3:PutBucketPolicy\",\n                \"s3:PutBucketPublicAccessBlock\",\n                \"s3:PutBucketVersioning\",\n                \"s3:PutEncryptionConfiguration\",\n                \"s3:PutLifecycleConfiguration\",\n                \"s3:PutObject\",\n                \"s3:PutObjectLegalHold\",\n                \"s3:PutObjectRetention\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor44\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"secretsmanager:CreateSecret\",\n                \"secretsmanager:DeleteSecret\",\n                \"secretsmanager:DescribeSecret\",\n                \"secretsmanager:GetResourcePolicy\",\n                \"secretsmanager:GetSecretValue\",\n                \"secretsmanager:PutSecretValue\",\n                \"secretsmanager:TagResource\",\n                \"secretsmanager:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor45\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"servicecatalog:CreatePortfolio\",\n                \"servicecatalog:DeletePortfolio\",\n                \"servicecatalog:DescribePortfolio\",\n                \"servicecatalog:TagResource\",\n                \"servicecatalog:UpdatePortfolio\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor46\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"sqs:GetQueueAttributes\",\n                \"sqs:ListQueueTags\",\n                \"sqs:SetQueueAttributes\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor47\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ssm:AddTagsToResource\",\n                \"ssm:CreateDocument\",\n                \"ssm:CreateMaintenanceWindow\",\n                \"ssm:CreatePatchBaseline\",\n                \"ssm:DeleteDocument\",\n                \"ssm:DeleteMaintenanceWindow\",\n                \"ssm:DeleteParameter\",\n                \"ssm:DeletePatchBaseline\",\n                \"ssm:DeregisterPatchBaselineForPatchGroup\",\n                \"ssm:DeregisterTargetFromMaintenanceWindow\",\n                \"ssm:DeregisterTaskFromMaintenanceWindow\",\n                \"ssm:DescribeDocument\",\n                \"ssm:DescribeDocumentPermission\",\n                \"ssm:DescribeMaintenanceWindowTargets\",\n                \"ssm:DescribeMaintenanceWindowTasks\",\n                \"ssm:DescribeParameters\",\n                \"ssm:DescribePatchGroups\",\n                \"ssm:GetDocument\",\n                \"ssm:GetMaintenanceWindow\",\n                \"ssm:GetParameter\",\n                \"ssm:GetParameters\",\n                \"ssm:GetPatchBaseline\",\n                \"ssm:ListTagsForResource\",\n                \"ssm:PutParameter\",\n                \"ssm:RegisterPatchBaselineForPatchGroup\",\n                \"ssm:RegisterTargetWithMaintenanceWindow\",\n                \"ssm:RegisterTaskWithMaintenanceWindow\",\n                \"ssm:RemoveTagsFromResource\",\n                \"ssm:UpdateDocument\",\n                \"ssm:UpdateMaintenanceWindow\",\n                \"ssm:UpdatePatchBaseline\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor48\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"sso:ListInstances\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor49\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"states:CreateActivity\",\n                \"states:CreateStateMachine\",\n                \"states:DeleteActivity\",\n                \"states:DeleteStateMachine\",\n                \"states:DescribeActivity\",\n                \"states:DescribeStateMachine\",\n                \"states:ListTagsForResource\",\n                \"states:TagResource\",\n                \"states:UntagResource\",\n                \"states:UpdateStateMachine\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor50\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"wafv2:CreateIpSet\",\n                \"wafv2:CreateRegexPatternSet\",\n                \"wafv2:CreateRuleGroup\",\n                \"wafv2:CreateWebACL\",\n                \"wafv2:DeleteIpSet\",\n                \"wafv2:DeleteRegexPatternSet\",\n                \"wafv2:DeleteRuleGroup\",\n                \"wafv2:DeleteWebACL\",\n                \"wafv2:GetIpSet\",\n                \"wafv2:GetRegexPatternSet\",\n                \"wafv2:GetRuleGroup\",\n                \"wafv2:GetWebACL\",\n                \"wafv2:ListIPSets\",\n                \"wafv2:ListRegexPatternSets\",\n                \"wafv2:ListRuleGroups\",\n                \"wafv2:ListTagsForResource\",\n                \"wafv2:ListWebACLs\",\n                \"wafv2:TagResource\",\n                \"wafv2:UntagResource\",\n                \"wafv2:UpdateIpSet\",\n                \"wafv2:UpdateRegexPatternSet\",\n                \"wafv2:UpdateRuleGroup\"\n            ],\n            \"Resource\": \"*\"\n        }\n    ]\n}\n",
 		Terraform: "resource \"aws_iam_policy\" \"terraform_pike\" {\n  name_prefix = \"terraform_pike\"\n  path        = \"/\"\n  description = \"Pike Autogenerated policy from IAC\"\n\n  policy = jsonencode({\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Sid\": \"VisualEditor0\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"SNS:CreateTopic\",\n                \"SNS:DeleteTopic\",\n                \"SNS:GetTopicAttributes\",\n                \"SNS:ListTagsForResource\",\n                \"SNS:ListTopics\",\n                \"SNS:SetTopicAttributes\",\n                \"SNS:TagResource\",\n                \"SNS:UnTagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor1\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"acm:AddTagsToCertificate\",\n                \"acm:DeleteCertificate\",\n                \"acm:DescribeCertificate\",\n                \"acm:ListTagsForCertificate\",\n                \"acm:RemoveTagsFromCertificate\",\n                \"acm:RequestCertificate\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor2\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"acm-pa:DescribeCertificateAuthority\",\n                \"acm-pa:ListTags\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor3\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"acm-pca:CreateCertificateAuthority\",\n                \"acm-pca:DeleteCertificateAuthority\",\n                \"acm-pca:GetCertificateAuthorityCertificate\",\n                \"acm-pca:UpdateCertificateAuthority\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor4\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"apigateway:DELETE\",\n                \"apigateway:GET\",\n                \"apigateway:PATCH\",\n                \"apigateway:POST\",\n                \"apigateway:PUT\",\n                \"apigateway:UpdateRestApiPolicy\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor5\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"application-autoscaling:DeleteScalingPolicy\",\n                \"application-autoscaling:DeleteScheduledAction\",\n                \"application-autoscaling:DeregisterScalableTarget\",\n                \"application-autoscaling:DescribeScalableTargets\",\n                \"application-autoscaling:DescribeScalingPolicies\",\n                \"application-autoscaling:DescribeScheduledActions\",\n                \"application-autoscaling:PutScalingPolicy\",\n                \"application-autoscaling:PutScheduledAction\",\n                \"application-autoscaling:RegisterScalableTarget\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor6\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"application-autoscaling:DeleteScalingPolicy\",\n                \"application-autoscaling:DeleteScheduledAction\",\n                \"application-autoscaling:DeregisterScalableTarget\",\n                \"application-autoscaling:DescribeScalableTargets\",\n                \"application-autoscaling:DescribeScalingPolicies\",\n                \"application-autoscaling:DescribeScheduledActions\",\n                \"application-autoscaling:PutScalingPolicy\",\n                \"application-autoscaling:PutScheduledAction\",\n                \"application-autoscaling:RegisterScalableTarget\",\n                \"autoscaling:AttachLoadBalancers\",\n                \"autoscaling:CreateAutoScalingGroup\",\n                \"autoscaling:CreateLaunchConfiguration\",\n                \"autoscaling:DeleteAutoScalingGroup\",\n                \"autoscaling:DeleteLaunchConfiguration\",\n                \"autoscaling:DescribeAutoScalingGroups\",\n                \"autoscaling:DescribeLaunchConfigurations\",\n                \"autoscaling:DescribeScalingActivities\",\n                \"autoscaling:DetachLoadBalancers\",\n                \"autoscaling:UpdateAutoScalingGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor7\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"budgets:ModifyBudget\",\n                \"budgets:ViewBudget\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor8\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"cloudtrail:AddTags\",\n                \"cloudtrail:CreateTrail\",\n                \"cloudtrail:DeleteTrail\",\n                \"cloudtrail:DescribeTrails\",\n                \"cloudtrail:GetEventSelectors\",\n                \"cloudtrail:GetTrailStatus\",\n                \"cloudtrail:ListTags\",\n                \"cloudtrail:PutEventSelectors\",\n                \"cloudtrail:RemoveTags\",\n                \"cloudtrail:StartLogging\",\n                \"cloudtrail:UpdateTrail\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor9\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"cloudwatch:DeleteAlarms\",\n                \"cloudwatch:DescribeAlarms\",\n                \"cloudwatch:ListTagsForResource\",\n                \"cloudwatch:PutMetricAlarm\",\n                \"cloudwatch:TagResource\",\n                \"cloudwatch:UnTagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor10\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codeartifact:CreateDomain\",\n                \"codeartifact:CreateRepository\",\n                \"codeartifact:DeleteDomain\",\n                \"codeartifact:DeleteDomainPermissionsPolicy\",\n                \"codeartifact:DeleteRepository\",\n                \"codeartifact:DeleteRepositoryPermissionsPolicy\",\n                \"codeartifact:DescribeDomain\",\n                \"codeartifact:DescribeRepository\",\n                \"codeartifact:GetDomainPermissionsPolicy\",\n                \"codeartifact:GetRepositoryPermissionsPolicy\",\n                \"codeartifact:ListTagsForResource\",\n                \"codeartifact:PutDomainPermissionsPolicy\",\n                \"codeartifact:PutRepositoryPermissionsPolicy\",\n                \"codeartifact:TagResource\",\n                \"codeartifact:UntagResource\",\n                \"codeartifact:UpdateRepository\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor11\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codebuild:BatchGetProjects\",\n                \"codebuild:CreateProject\",\n                \"codebuild:DeleteProject\",\n                \"codebuild:UpdateProject\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor12\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codecommit:CreateRepository\",\n                \"codecommit:DeleteRepository\",\n                \"codecommit:GetRepository\",\n                \"codecommit:ListBranches\",\n                \"codecommit:ListTagsForResource\",\n                \"codecommit:TagResource\",\n                \"codecommit:UntagResource\",\n                \"codecommit:UpdateRepositoryDescription\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor13\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"codepipeline:CreatePipeline\",\n                \"codepipeline:DeletePipeline\",\n                \"codepipeline:GetPipeline\",\n                \"codepipeline:ListTagsForResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor14\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"cognito-idp:AddCustomAttributes\",\n                \"cognito-idp:AdminAddUserToGroup\",\n                \"cognito-idp:AdminCreateUser\",\n                \"cognito-idp:AdminDeleteUser\",\n                \"cognito-idp:AdminGetUser\",\n                \"cognito-idp:AdminListGroupsForUser\",\n                \"cognito-idp:AdminRemoveUserFromGroup\",\n                \"cognito-idp:CreateGroup\",\n                \"cognito-idp:CreateIdentityProvider\",\n                \"cognito-idp:CreateResourceServer\",\n                \"cognito-idp:CreateUserPool\",\n                \"cognito-idp:CreateUserPoolClient\",\n                \"cognito-idp:CreateUserPoolDomain\",\n                \"cognito-idp:DeleteGroup\",\n                \"cognito-idp:DeleteIdentityProvider\",\n                \"cognito-idp:DeleteResourceServer\",\n                \"cognito-idp:DeleteUserPool\",\n                \"cognito-idp:DeleteUserPoolClient\",\n                \"cognito-idp:DeleteUserPoolDomain\",\n                \"cognito-idp:DescribeIdentityProvider\",\n                \"cognito-idp:DescribeResourceServer\",\n                \"cognito-idp:DescribeUserPool\",\n                \"cognito-idp:DescribeUserPoolClient\",\n                \"cognito-idp:DescribeUserPoolDomain\",\n                \"cognito-idp:GetGroup\",\n                \"cognito-idp:GetSigningCertificate\",\n                \"cognito-idp:GetUICustomization\",\n                \"cognito-idp:GetUserPoolMfaConfig\",\n                \"cognito-idp:ListUserPoolClients\",\n                \"cognito-idp:ListUserPools\",\n                \"cognito-idp:SetUICustomization\",\n                \"cognito-idp:SetUserPoolMfaConfig\",\n                \"cognito-idp:TagResource\",\n                \"cognito-idp:UntagResource\",\n                \"cognito-idp:UpdateGroup\",\n                \"cognito-idp:UpdateIdentityProvider\",\n                \"cognito-idp:UpdateResourceServer\",\n                \"cognito-idp:UpdateUserPool\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor15\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"dax:CreateParameterGroup\",\n                \"dax:CreateSubnetGroup\",\n                \"dax:DeleteParameterGroup\",\n                \"dax:DeleteSubnetGroup\",\n                \"dax:DescribeParameterGroups\",\n                \"dax:DescribeParameters\",\n                \"dax:DescribeSubnetGroups\",\n                \"dax:UpdateParameterGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor16\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ds:AddTagsToResource\",\n                \"ds:CreateDirectory\",\n                \"ds:CreateLogSubscription\",\n                \"ds:DeleteDirectory\",\n                \"ds:DeleteLogSubscription\",\n                \"ds:ListTagsForResource\",\n                \"ds:RemoveTagsFromResource\",\n                \"rds:AddRoleToDBCluster\",\n                \"rds:AddTagsToResource\",\n                \"rds:CreateDBCluster\",\n                \"rds:CreateDBClusterEndpoint\",\n                \"rds:CreateDBClusterParameterGroup\",\n                \"rds:CreateDBClusterSnapshot\",\n                \"rds:CreateDBInstance\",\n                \"rds:CreateDBParameterGroup\",\n                \"rds:CreateDBSubnetGroup\",\n                \"rds:CreateGlobalCluster\",\n                \"rds:CreateOptionGroup\",\n                \"rds:DeleteDBCluster\",\n                \"rds:DeleteDBClusterEndpoint\",\n                \"rds:DeleteDBClusterParameterGroup\",\n                \"rds:DeleteDBClusterSnapshot\",\n                \"rds:DeleteDBParameterGroup\",\n                \"rds:DeleteDBSubnetGroup\",\n                \"rds:DeleteGlobalCluster\",\n                \"rds:DeleteOptionGroup\",\n                \"rds:DescribeCertificates\",\n                \"rds:DescribeDBClusterParameterGroups\",\n                \"rds:DescribeDBClusterParameters\",\n                \"rds:DescribeDBClusterSnapshots\",\n                \"rds:DescribeDBClusters\",\n                \"rds:DescribeDBEngineVersions\",\n                \"rds:DescribeDBInstances\",\n                \"rds:DescribeDBParameterGroups\",\n                \"rds:DescribeDBParameters\",\n                \"rds:DescribeDBSnapshots\",\n                \"rds:DescribeDBSubnetGroups\",\n                \"rds:DescribeEventCategories\",\n                \"rds:DescribeGlobalClusters\",\n                \"rds:DescribeOptionGroups\",\n                \"rds:DescribeOrderableDBInstanceOptions\",\n                \"rds:ListTagsForResource\",\n                \"rds:ModifyDBCluster\",\n                \"rds:ModifyDBClusterEndpoint\",\n                \"rds:ModifyDBClusterParameterGroup\",\n                \"rds:ModifyDBInstance\",\n                \"rds:ModifyDBParameterGroup\",\n                \"rds:ModifyGlobalCluster\",\n                \"rds:ModifyOptionGroup\",\n                \"rds:RemoveRoleFromDBCluster\",\n                \"rds:RemoveTagsFromResource\",\n                \"rds:StartActivityStream\",\n                \"rds:StopActivityStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor17\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"dynamodb:BatchWriteItem\",\n                \"dynamodb:CreateTable\",\n                \"dynamodb:CreateTableReplica\",\n                \"dynamodb:DeleteItem\",\n                \"dynamodb:DeleteTable\",\n                \"dynamodb:DeleteTableReplica\",\n                \"dynamodb:DescribeContinuousBackups\",\n                \"dynamodb:DescribeTable\",\n                \"dynamodb:DescribeTimeToLive\",\n                \"dynamodb:GetItem\",\n                \"dynamodb:ListTagsOfResource\",\n                \"dynamodb:PutItem\",\n                \"dynamodb:Query\",\n                \"dynamodb:Scan\",\n                \"dynamodb:TagResource\",\n                \"dynamodb:UntagResource\",\n                \"dynamodb:UpdateContinuousBackups\",\n                \"dynamodb:UpdateItem\",\n                \"dynamodb:UpdateTable\",\n                \"dynamodb:UpdateTimeToLive\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor18\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ec2:AllocateAddress\",\n                \"ec2:AssociateAddress\",\n                \"ec2:AssociateRouteTable\",\n                \"ec2:AttachInternetGateway\",\n                \"ec2:AttachVolume\",\n                \"ec2:AttachVpnGateway\",\n                \"ec2:AuthorizeSecurityGroupEgress\",\n                \"ec2:AuthorizeSecurityGroupIngress\",\n                \"ec2:CancelCapacityReservation\",\n                \"ec2:CancelSpotInstanceRequests\",\n                \"ec2:CreateCapacityReservation\",\n                \"ec2:CreateDefaultVpc\",\n                \"ec2:CreateFlowLogs\",\n                \"ec2:CreateInternetGateway\",\n                \"ec2:CreateKeyPair\",\n                \"ec2:CreateLaunchTemplate\",\n                \"ec2:CreateLaunchTemplateVersion\",\n                \"ec2:CreateNatGateway\",\n                \"ec2:CreateNetworkAcl\",\n                \"ec2:CreateNetworkAclEntry\",\n                \"ec2:CreateNetworkInterface\",\n                \"ec2:CreateNetworkInterfacePermission\",\n                \"ec2:CreatePlacementGroup\",\n                \"ec2:CreateRoute\",\n                \"ec2:CreateRouteTable\",\n                \"ec2:CreateSecurityGroup\",\n                \"ec2:CreateSubnet\",\n                \"ec2:CreateTags\",\n                \"ec2:CreateVPC\",\n                \"ec2:CreateVolume\",\n                \"ec2:CreateVpcEndpoint\",\n                \"ec2:CreateVpnGateway\",\n                \"ec2:DeleteFlowLogs\",\n                \"ec2:DeleteInternetGateway\",\n                \"ec2:DeleteKeyPair\",\n                \"ec2:DeleteLaunchTemplate\",\n                \"ec2:DeleteNatGateway\",\n                \"ec2:DeleteNetworkAcl\",\n                \"ec2:DeleteNetworkAclEntry\",\n                \"ec2:DeleteNetworkInterface\",\n                \"ec2:DeleteNetworkInterfacePermission\",\n                \"ec2:DeletePlacementGroup\",\n                \"ec2:DeleteRoute\",\n                \"ec2:DeleteRouteTable\",\n                \"ec2:DeleteSecurityGroup\",\n                \"ec2:DeleteSubnet\",\n                \"ec2:DeleteTags\",\n                \"ec2:DeleteVPC\",\n                \"ec2:DeleteVolume\",\n                \"ec2:DeleteVpcEndpoints\",\n                \"ec2:DeleteVpnGateway\",\n                \"ec2:DescribeAccountAttributes\",\n                \"ec2:DescribeAddresses\",\n                \"ec2:DescribeAvailabilityZones\",\n                \"ec2:DescribeCapacityReservations\",\n                \"ec2:DescribeDhcpOptions\",\n                \"ec2:DescribeFlowLogs\",\n                \"ec2:DescribeImages\",\n                \"ec2:DescribeInstanceAttribute\",\n                \"ec2:DescribeInstanceCreditSpecifications\",\n                \"ec2:DescribeInstanceTypes\",\n                \"ec2:DescribeInstances\",\n                \"ec2:DescribeInternetGateways\",\n                \"ec2:DescribeKeyPairs\",\n                \"ec2:DescribeLaunchTemplateVersions\",\n                \"ec2:DescribeLaunchTemplates\",\n                \"ec2:DescribeNatGateways\",\n                \"ec2:DescribeNetworkAcls\",\n                \"ec2:DescribeNetworkInterfaces\",\n                \"ec2:DescribePlacementGroups\",\n                \"ec2:DescribePrefixLists\",\n                \"ec2:DescribeRouteTables\",\n                \"ec2:DescribeSecurityGroups\",\n                \"ec2:DescribeSpotInstanceRequests\",\n                \"ec2:DescribeSubnets\",\n                \"ec2:DescribeTags\",\n                \"ec2:DescribeVolumes\",\n                \"ec2:DescribeVpcAttribute\",\n                \"ec2:DescribeVpcEndpointServices\",\n                \"ec2:DescribeVpcEndpoints\",\n                \"ec2:DescribeVpcs\",\n                \"ec2:DescribeVpnGateways\",\n                \"ec2:DetachInternetGateway\",\n                \"ec2:DetachNetworkInterface\",\n                \"ec2:DetachVolume\",\n                \"ec2:DetachVpnGateway\",\n                \"ec2:DisassociateAddress\",\n                \"ec2:DisassociateRouteTable\",\n                \"ec2:GetEbsDefaultKmsKeyId\",\n                \"ec2:ImportKeyPair\",\n                \"ec2:ModifyCapacityReservation\",\n                \"ec2:ModifyInstanceAttribute\",\n                \"ec2:ModifyVolume\",\n                \"ec2:ModifyVpcEndpoint\",\n                \"ec2:MonitorInstances\",\n                \"ec2:ReleaseAddress\",\n                \"ec2:RequestSpotInstances\",\n                \"ec2:RevokeSecurityGroupEgress\",\n                \"ec2:RevokeSecurityGroupIngress\",\n                \"ec2:RunInstances\",\n                \"ec2:StartInstances\",\n                \"ec2:StopInstances\",\n                \"ec2:TerminateInstances\",\n                \"ec2:UnmonitorInstances\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor19\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ecr:CreatePullThroughCacheRule\",\n                \"ecr:CreateRepository\",\n                \"ecr:DeleteLifecyclePolicy\",\n                \"ecr:DeletePullThroughCacheRule\",\n                \"ecr:DeleteRepository\",\n                \"ecr:DescribePullThroughCacheRules\",\n                \"ecr:DescribeRepositories\",\n                \"ecr:GetAuthorizationToken\",\n                \"ecr:GetLifecyclePolicy\",\n                \"ecr:ListTagsForResource\",\n                \"ecr:PutImageScanningConfiguration\",\n                \"ecr:PutLifecyclePolicy\",\n                \"ecr:TagResource\",\n                \"ecr:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor20\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ecs:CreateCluster\",\n                \"ecs:CreateService\",\n                \"ecs:DeleteCluster\",\n                \"ecs:DeleteService\",\n                \"ecs:DeregisterTaskDefinition\",\n                \"ecs:DescribeClusters\",\n                \"ecs:DescribeServices\",\n                \"ecs:DescribeTaskDefinition\",\n                \"ecs:UpdateCluster\",\n                \"ecs:RegisterTaskDefinition\",\n                \"ecs:TagResource\",\n                \"ecs:UntagResource\",\n                \"ecs:UpdateService\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor21\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"eks:DescribeCluster\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor22\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticache:AddTagsToResource\",\n                \"elasticache:CreateCacheParameterGroup\",\n                \"elasticache:CreateCacheSubnetGroup\",\n                \"elasticache:DeleteCacheParameterGroup\",\n                \"elasticache:DeleteCacheSubnetGroup\",\n                \"elasticache:DescribeCacheParameterGroups\",\n                \"elasticache:DescribeCacheParameters\",\n                \"elasticache:DescribeCacheSubnetGroups\",\n                \"elasticache:ListTagsForResource\",\n                \"elasticache:ModifyCacheParameterGroup\",\n                \"elasticache:ModifyCacheSubnetGroup\",\n                \"elasticache:RemoveTagsFromResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor23\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticbeanstalk:AddTags\",\n                \"elasticbeanstalk:CreateApplication\",\n                \"elasticbeanstalk:DeleteApplication\",\n                \"elasticbeanstalk:DescribeApplications\",\n                \"elasticbeanstalk:ListAvailableSolutionStacks\",\n                \"elasticbeanstalk:ListTagsForResource\",\n                \"elasticbeanstalk:RemoveTags\",\n                \"elasticbeanstalk:UpdateApplicationResourceLifecycle\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor24\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticfilesystem:CreateAccessPoint\",\n                \"elasticfilesystem:CreateFileSystem\",\n                \"elasticfilesystem:CreateReplicationConfiguration\",\n                \"elasticfilesystem:DeleteAccessPoint\",\n                \"elasticfilesystem:DeleteFileSystem\",\n                \"elasticfilesystem:DeleteFileSystemPolicy\",\n                \"elasticfilesystem:DeleteReplicationConfiguration\",\n                \"elasticfilesystem:DescribeAccessPoints\",\n                \"elasticfilesystem:DescribeBackupPolicy\",\n                \"elasticfilesystem:DescribeFileSystemPolicy\",\n                \"elasticfilesystem:DescribeFileSystems\",\n                \"elasticfilesystem:DescribeLifecycleConfiguration\",\n                \"elasticfilesystem:DescribeMountTargetSecurityGroups\",\n                \"elasticfilesystem:DescribeMountTargets\",\n                \"elasticfilesystem:DescribeReplicationConfigurations\",\n                \"elasticfilesystem:PutBackupPolicy\",\n                \"elasticfilesystem:PutFileSystemPolicy\",\n                \"elasticfilesystem:TagResource\",\n                \"elasticfilesystem:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor25\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"elasticloadbalancing:AddTags\",\n                \"elasticloadbalancing:AttachLoadBalancerToSubnets\",\n                \"elasticloadbalancing:CreateListener\",\n                \"elasticloadbalancing:CreateLoadBalancer\",\n                \"elasticloadbalancing:CreateLoadBalancerListeners\",\n                \"elasticloadbalancing:CreateTargetGroup\",\n                \"elasticloadbalancing:DeleteListener\",\n                \"elasticloadbalancing:DeleteLoadBalancer\",\n                \"elasticloadbalancing:DeleteTargetGroup\",\n                \"elasticloadbalancing:DeregisterTargets\",\n                \"elasticloadbalancing:DescribeListeners\",\n                \"elasticloadbalancing:DescribeLoadBalancerAttributes\",\n                \"elasticloadbalancing:DescribeLoadBalancers\",\n                \"elasticloadbalancing:DescribeTags\",\n                \"elasticloadbalancing:DescribeTargetGroupAttributes\",\n                \"elasticloadbalancing:DescribeTargetGroups\",\n                \"elasticloadbalancing:DescribeTargetHealth\",\n                \"elasticloadbalancing:ModifyListener\",\n                \"elasticloadbalancing:ModifyLoadBalancerAttributes\",\n                \"elasticloadbalancing:ModifyTargetGroupAttributes\",\n                \"elasticloadbalancing:RegisterTargets\",\n                \"elasticloadbalancing:RemoveTags\",\n                \"elasticloadbalancing:SetSecurityGroups\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor26\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"events:DeleteRule\",\n                \"events:DescribeRule\",\n                \"events:ListTagsForResource\",\n                \"events:ListTargetsByRule\",\n                \"events:PutRule\",\n                \"events:PutTargets\",\n                \"events:RemoveTargets\",\n                \"events:TagResource\",\n                \"events:UnTagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor27\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"firehose:CreateDeliveryStream\",\n                \"firehose:DeleteDeliveryStream\",\n                \"firehose:DescribeDeliveryStream\",\n                \"firehose:ListTagsForDeliveryStream\",\n                \"firehose:TagDeliveryStream\",\n                \"firehose:UntagDeliveryStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor28\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"glue:CreateClassifier\",\n                \"glue:CreateConnection\",\n                \"glue:CreateCrawler\",\n                \"glue:CreateDatabase\",\n                \"glue:CreateJob\",\n                \"glue:CreateMLTransform\",\n                \"glue:CreateRegistry\",\n                \"glue:CreateSchema\",\n                \"glue:CreateScript\",\n                \"glue:CreateSecurityConfiguration\",\n                \"glue:CreateTable\",\n                \"glue:CreateTrigger\",\n                \"glue:CreateUserDefinedFunction\",\n                \"glue:CreateWorkflow\",\n                \"glue:DeleteClassifier\",\n                \"glue:DeleteConnection\",\n                \"glue:DeleteCrawler\",\n                \"glue:DeleteDatabase\",\n                \"glue:DeleteJob\",\n                \"glue:DeleteMLTransform\",\n                \"glue:DeleteRegistry\",\n                \"glue:DeleteResourcePolicy\",\n                \"glue:DeleteSchema\",\n                \"glue:DeleteSecurityConfiguration\",\n                \"glue:DeleteTable\",\n                \"glue:DeleteTrigger\",\n                \"glue:DeleteUserDefinedFunction\",\n                \"glue:DeleteWorkflow\",\n                \"glue:GetClassifier\",\n                \"glue:GetConnection\",\n                \"glue:GetCrawler\",\n                \"glue:GetDataCatalogEncryptionSettings\",\n                \"glue:GetDatabase\",\n                \"glue:GetJob\",\n                \"glue:GetMLTransform\",\n                \"glue:GetRegistry\",\n                \"glue:GetResourcePolicy\",\n                \"glue:GetSchema\",\n                \"glue:GetSchemaVersion\",\n                \"glue:GetSecurityConfiguration\",\n                \"glue:GetTable\",\n                \"glue:GetTags\",\n                \"glue:GetTrigger\",\n                \"glue:GetUserDefinedFunction\",\n                \"glue:GetWorkflow\",\n                \"glue:PutDataCatalogEncryptionSettings\",\n                \"glue:PutResourcePolicy\",\n                \"glue:TagResource\",\n                \"glue:UntagResource\",\n                \"glue:UpdateClassifier\",\n                \"glue:UpdateConnection\",\n                \"glue:UpdateCrawler\",\n                \"glue:UpdateDatabase\",\n                \"glue:UpdateJob\",\n                \"glue:UpdateMLTransform\",\n                \"glue:UpdateRegistry\",\n                \"glue:UpdateSchema\",\n                \"glue:UpdateTable\",\n                \"glue:UpdateTrigger\",\n                \"glue:UpdateUserDefinedFunction\",\n                \"glue:UpdateWorkflow\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor29\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"iam:AddRoleToInstanceProfile\",\n                \"iam:AddUserToGroup\",\n                \"iam:AttachGroupPolicy\",\n                \"iam:AttachRolePolicy\",\n                \"iam:AttachUserPolicy\",\n                \"iam:CreateAccessKey\",\n                \"iam:CreateGroup\",\n                \"iam:CreateInstanceProfile\",\n                \"iam:CreateLoginProfile\",\n                \"iam:CreatePolicy\",\n                \"iam:CreateRole\",\n                \"iam:CreateServiceLinkedRole\",\n                \"iam:CreateUser\",\n                \"iam:DeleteAccessKey\",\n                \"iam:DeleteGroup\",\n                \"iam:DeleteGroupPolicy\",\n                \"iam:DeleteInstanceProfile\",\n                \"iam:DeleteLoginProfile\",\n                \"iam:DeletePolicy\",\n                \"iam:DeleteRole\",\n                \"iam:DeleteRolePolicy\",\n                \"iam:DeleteServiceLinkedRole\",\n                \"iam:DeleteUser\",\n                \"iam:DeleteUserPolicy\",\n                \"iam:DetachGroupPolicy\",\n                \"iam:DetachRolePolicy\",\n                \"iam:DetachUserPolicy\",\n                \"iam:GetGroup\",\n                \"iam:GetGroupPolicy\",\n                \"iam:GetInstanceProfile\",\n                \"iam:GetLoginProfile\",\n                \"iam:GetPolicy\",\n                \"iam:GetPolicyVersion\",\n                \"iam:GetRole\",\n                \"iam:GetRolePolicy\",\n                \"iam:GetServiceLinkedRoleDeletionStatus\",\n                \"iam:GetUser\",\n                \"iam:GetUserPolicy\",\n                \"iam:ListAccessKeys\",\n                \"iam:ListAttachedGroupPolicies\",\n                \"iam:ListAttachedRolePolicies\",\n                \"iam:ListAttachedUserPolicies\",\n                \"iam:ListEntitiesForPolicy\",\n                \"iam:ListGroupsForUser\",\n                \"iam:ListInstanceProfilesForRole\",\n                \"iam:ListPolicies\",\n                \"iam:ListPolicyVersions\",\n                \"iam:ListRolePolicies\",\n                \"iam:PassRole\",\n                \"iam:PutGroupPolicy\",\n                \"iam:PutRolePolicy\",\n                \"iam:PutUserPolicy\",\n                \"iam:RemoveRoleFromInstanceProfile\",\n                \"iam:RemoveUserFromGroup\",\n                \"iam:TagPolicy\",\n                \"iam:TagRole\",\n                \"iam:TagUser\",\n                \"iam:UnTagRole\",\n                \"iam:UnTagUser\",\n                \"iam:UntagPolicy\",\n                \"iam:UpdateAccessKey\",\n                \"iam:UpdateRoleDescription\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor30\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"inspector:CreateAssessmentTarget\",\n                \"inspector:CreateAssessmentTemplate\",\n                \"inspector:CreateResourceGroup\",\n                \"inspector:DeleteAssessmentTarget\",\n                \"inspector:DeleteAssessmentTemplate\",\n                \"inspector:DescribeAssessmentTargets\",\n                \"inspector:DescribeAssessmentTemplates\",\n                \"inspector:DescribeResourceGroups\",\n                \"inspector:ListEventSubscriptions\",\n                \"inspector:ListRulesPackages\",\n                \"inspector:ListTagsForResource\",\n                \"inspector:SetTagsForResource\",\n                \"inspector:SubscribeToEvent\",\n                \"inspector:UnsubscribeFromEvent\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor31\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"kinesis:AddTagsToStream\",\n                \"kinesis:CreateStream\",\n                \"kinesis:DeleteStream\",\n                \"kinesis:DescribeStreamSummary\",\n                \"kinesis:EnableEnhancedMonitoring\",\n                \"kinesis:IncreaseStreamRetentionPeriod\",\n                \"kinesis:ListTagsForStream\",\n                \"kinesis:RemoveTagsFromStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor32\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"kinesisvideo:CreateStream\",\n                \"kinesisvideo:DeleteStream\",\n                \"kinesisvideo:DescribeStream\",\n                \"kinesisvideo:ListTagsForStream\",\n                \"kinesisvideo:TagStream\",\n                \"kinesisvideo:UntagStream\",\n                \"kinesisvideo:UpdateStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor33\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"kms:CreateAlias\",\n                \"kms:CreateGrant\",\n                \"kms:CreateKey\",\n                \"kms:Decrypt\",\n                \"kms:DeleteAlias\",\n                \"kms:DescribeKey\",\n                \"kms:DisableKey\",\n                \"kms:EnableKey\",\n                \"kms:EnableKeyRotation\",\n                \"kms:Encrypt\",\n                \"kms:GenerateDataKey*\",\n                \"kms:GetKeyPolicy\",\n                \"kms:GetKeyRotationStatus\",\n                \"kms:ListAliases\",\n                \"kms:ListResourceTags\",\n                \"kms:PutKeyPolicy\",\n                \"kms:ReEncrypt*\",\n                \"kms:ScheduleKeyDeletion\",\n                \"kms:TagResource\",\n                \"kms:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor34\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"lambda:AddPermission\",\n                \"lambda:CreateAlias\",\n                \"lambda:CreateFunction\",\n                \"lambda:DeleteAlias\",\n                \"lambda:DeleteFunction\",\n                \"lambda:GetAlias\",\n                \"lambda:GetFunction\",\n                \"lambda:GetFunctionCodeSigningConfig\",\n                \"lambda:GetPolicy\",\n                \"lambda:ListVersionsByFunction\",\n                \"lambda:RemovePermission\",\n                \"lambda:TagResource\",\n                \"lambda:UntagResource\",\n                \"lambda:UpdateAlias\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor35\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"logs:CreateLogGroup\",\n                \"logs:DeleteLogGroup\",\n                \"logs:DeleteMetricFilter\",\n                \"logs:DeleteResourcePolicy\",\n                \"logs:DeleteRetentionPolicy\",\n                \"logs:DeleteSubscriptionFilter\",\n                \"logs:DescribeLogGroups\",\n                \"logs:DescribeMetricFilters\",\n                \"logs:DescribeResourcePolicies\",\n                \"logs:DescribeSubscriptionFilters\",\n                \"logs:ListTagsLogGroup\",\n                \"logs:PutMetricFilter\",\n                \"logs:PutResourcePolicy\",\n                \"logs:PutRetentionPolicy\",\n                \"logs:PutSubscriptionFilter\",\n                \"logs:TagLogGroup\",\n                \"logs:UntagLogGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor36\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"memorydb:CreateSubnetGroup\",\n                \"memorydb:DeleteSubnetGroup\",\n                \"memorydb:DescribeSubnetGroups\",\n                \"memorydb:ListTags\",\n                \"memorydb:TagResource\",\n                \"memorydb:UntagResource\",\n                \"memorydb:UpdateSubnetGroup\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor37\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"mq:CreateBroker\",\n                \"mq:CreateConfiguration\",\n                \"mq:CreateTags\",\n                \"mq:CreateUser\",\n                \"mq:DeleteBroker\",\n                \"mq:DeleteTags\",\n                \"mq:DeleteUser\",\n                \"mq:DescribeBroker\",\n                \"mq:DescribeConfiguration\",\n                \"mq:DescribeConfigurationRevision\",\n                \"mq:DescribeUser\",\n                \"mq:RebootBroker\",\n                \"mq:UpdateBroker\",\n                \"mq:UpdateConfiguration\",\n                \"mq:UpdateUser\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor38\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"organizations:DescribeOrganization\",\n                \"organizations:ListAWSServiceAccessForOrganization\",\n                \"organizations:ListAccounts\",\n                \"organizations:ListRoots\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor39\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"outposts:ListOutposts\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor40\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"rds:AddRoleToDBCluster\",\n                \"rds:AddTagsToResource\",\n                \"rds:CreateDBCluster\",\n                \"rds:CreateDBClusterEndpoint\",\n                \"rds:CreateDBClusterParameterGroup\",\n                \"rds:CreateDBClusterSnapshot\",\n                \"rds:CreateDBInstance\",\n                \"rds:CreateDBParameterGroup\",\n                \"rds:CreateDBSubnetGroup\",\n                \"rds:CreateGlobalCluster\",\n                \"rds:CreateOptionGroup\",\n                \"rds:DeleteDBCluster\",\n                \"rds:DeleteDBClusterEndpoint\",\n                \"rds:DeleteDBClusterParameterGroup\",\n                \"rds:DeleteDBClusterSnapshot\",\n                \"rds:DeleteDBParameterGroup\",\n                \"rds:DeleteDBSubnetGroup\",\n                \"rds:DeleteGlobalCluster\",\n                \"rds:DeleteOptionGroup\",\n                \"rds:DescribeCertificates\",\n                \"rds:DescribeDBClusterParameterGroups\",\n                \"rds:DescribeDBClusterParameters\",\n                \"rds:DescribeDBClusterSnapshots\",\n                \"rds:DescribeDBClusters\",\n                \"rds:DescribeDBEngineVersions\",\n                \"rds:DescribeDBInstances\",\n                \"rds:DescribeDBParameterGroups\",\n                \"rds:DescribeDBParameters\",\n                \"rds:DescribeDBSnapshots\",\n                \"rds:DescribeDBSubnetGroups\",\n                \"rds:DescribeEventCategories\",\n                \"rds:DescribeGlobalClusters\",\n                \"rds:DescribeOptionGroups\",\n                \"rds:DescribeOrderableDBInstanceOptions\",\n                \"rds:ListTagsForResource\",\n                \"rds:ModifyDBCluster\",\n                \"rds:ModifyDBClusterEndpoint\",\n                \"rds:ModifyDBClusterParameterGroup\",\n                \"rds:ModifyDBInstance\",\n                \"rds:ModifyDBParameterGroup\",\n                \"rds:ModifyGlobalCluster\",\n                \"rds:ModifyOptionGroup\",\n                \"rds:RemoveRoleFromDBCluster\",\n                \"rds:RemoveTagsFromResource\",\n                \"rds:StartActivityStream\",\n                \"rds:StopActivityStream\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor41\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"redshift:CreateAuthenticationProfile\",\n                \"redshift:CreateCluster\",\n                \"redshift:CreateClusterParameterGroup\",\n                \"redshift:CreateClusterSubnetGroup\",\n                \"redshift:CreateEventSubscription\",\n                \"redshift:CreateHsmClientCertificate\",\n                \"redshift:CreateHsmConfiguration\",\n                \"redshift:CreateScheduledAction\",\n                \"redshift:CreateSnapshotCopyGrant\",\n                \"redshift:CreateSnapshotSchedule\",\n                \"redshift:CreateTags\",\n                \"redshift:CreateUsageLimit\",\n                \"redshift:DeleteAuthenticationProfile\",\n                \"redshift:DeleteCluster\",\n                \"redshift:DeleteClusterParameterGroup\",\n                \"redshift:DeleteClusterSubnetGroup\",\n                \"redshift:DeleteEventSubscription\",\n                \"redshift:DeleteHsmClientCertificate\",\n                \"redshift:DeleteHsmConfiguration\",\n                \"redshift:DeleteScheduledAction\",\n                \"redshift:DeleteSnapshotCopyGrant\",\n                \"redshift:DeleteSnapshotSchedule\",\n                \"redshift:DeleteTags\",\n                \"redshift:DeleteUsageLimit\",\n                \"redshift:DescribeAuthenticationProfiles\",\n                \"redshift:DescribeClusterParameterGroups\",\n                \"redshift:DescribeClusterParameters\",\n                \"redshift:DescribeClusterSubnetGroups\",\n                \"redshift:DescribeClusters\",\n                \"redshift:DescribeEventSubscriptions\",\n                \"redshift:DescribeHsmClientCertificates\",\n                \"redshift:DescribeHsmConfigurations\",\n                \"redshift:DescribeLoggingStatus\",\n                \"redshift:DescribeOrderableClusterOptions\",\n                \"redshift:DescribeScheduledActions\",\n                \"redshift:DescribeSnapshotCopyGrants\",\n                \"redshift:DescribeSnapshotSchedules\",\n                \"redshift:DescribeUsageLimits\",\n                \"redshift:DisableLogging\",\n                \"redshift:EnableLogging\",\n                \"redshift:GetClusterCredentials\",\n                \"redshift:ModifyAuthenticationProfile\",\n                \"redshift:ModifyCluster\",\n                \"redshift:ModifyClusterIamRoles\",\n                \"redshift:ModifyClusterParameterGroup\",\n                \"redshift:ModifyClusterSnapshotSchedule\",\n                \"redshift:ModifyClusterSubnetGroup\",\n                \"redshift:ModifyEventSubscription\",\n                \"redshift:ModifyScheduledAction\",\n                \"redshift:ModifySnapshotSchedule\",\n                \"redshift:ModifyUsageLimit\",\n                \"redshift:PauseCluster\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor42\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"route53:AssociateVPCWithHostedZone\",\n                \"route53:ChangeResourceRecordSets\",\n                \"route53:ChangeTagsForResource\",\n                \"route53:CreateHostedZone\",\n                \"route53:DeleteHostedZone\",\n                \"route53:GetChange\",\n                \"route53:GetHostedZone\",\n                \"route53:ListHostedZones\",\n                \"route53:ListResourceRecordSets\",\n                \"route53:ListTagsForResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor43\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"s3:CreateBucket\",\n                \"s3:DeleteBucket\",\n                \"s3:DeleteObject\",\n                \"s3:GetAccelerateConfiguration\",\n                \"s3:GetBucketAcl\",\n                \"s3:GetBucketCORS\",\n                \"s3:GetBucketLocation\",\n                \"s3:GetBucketLogging\",\n                \"s3:GetBucketObjectLockConfiguration\",\n                \"s3:GetBucketPolicy\",\n                \"s3:GetBucketPublicAccessBlock\",\n                \"s3:GetBucketRequestPayment\",\n                \"s3:GetBucketTagging\",\n                \"s3:GetBucketVersioning\",\n                \"s3:GetBucketWebsite\",\n                \"s3:GetEncryptionConfiguration\",\n                \"s3:GetLifecycleConfiguration\",\n                \"s3:GetObject\",\n                \"s3:GetObjectAcl\",\n                \"s3:GetObjectTagging\",\n                \"s3:GetReplicationConfiguration\",\n                \"s3:ListAllMyBuckets\",\n                \"s3:ListBucket\",\n                \"s3:PutBucketAcl\",\n                \"s3:PutBucketLogging\",\n                \"s3:PutBucketObjectLockConfiguration\",\n                \"s3:PutBucketPolicy\",\n                \"s3:PutBucketPublicAccessBlock\",\n                \"s3:PutBucketVersioning\",\n                \"s3:PutEncryptionConfiguration\",\n                \"s3:PutLifecycleConfiguration\",\n                \"s3:PutObject\",\n                \"s3:PutObjectLegalHold\",\n                \"s3:PutObjectRetention\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor44\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"secretsmanager:CreateSecret\",\n                \"secretsmanager:DeleteSecret\",\n                \"secretsmanager:DescribeSecret\",\n                \"secretsmanager:GetResourcePolicy\",\n                \"secretsmanager:GetSecretValue\",\n                \"secretsmanager:PutSecretValue\",\n                \"secretsmanager:TagResource\",\n                \"secretsmanager:UntagResource\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor45\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"servicecatalog:CreatePortfolio\",\n                \"servicecatalog:DeletePortfolio\",\n                \"servicecatalog:DescribePortfolio\",\n                \"servicecatalog:TagResource\",\n                \"servicecatalog:UpdatePortfolio\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor46\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"sqs:GetQueueAttributes\",\n                \"sqs:ListQueueTags\",\n                \"sqs:SetQueueAttributes\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor47\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ssm:AddTagsToResource\",\n                \"ssm:CreateDocument\",\n                \"ssm:CreateMaintenanceWindow\",\n                \"ssm:CreatePatchBaseline\",\n                \"ssm:DeleteDocument\",\n                \"ssm:DeleteMaintenanceWindow\",\n                \"ssm:DeleteParameter\",\n                \"ssm:DeletePatchBaseline\",\n                \"ssm:DeregisterPatchBaselineForPatchGroup\",\n                \"ssm:DeregisterTargetFromMaintenanceWindow\",\n                \"ssm:DeregisterTaskFromMaintenanceWindow\",\n                \"ssm:DescribeDocument\",\n                \"ssm:DescribeDocumentPermission\",\n                \"ssm:DescribeMaintenanceWindowTargets\",\n                \"ssm:DescribeMaintenanceWindowTasks\",\n                \"ssm:DescribeParameters\",\n                \"ssm:DescribePatchGroups\",\n                \"ssm:GetDocument\",\n                \"ssm:GetMaintenanceWindow\",\n                \"ssm:GetParameter\",\n                \"ssm:GetParameters\",\n                \"ssm:GetPatchBaseline\",\n                \"ssm:ListTagsForResource\",\n                \"ssm:PutParameter\",\n                \"ssm:RegisterPatchBaselineForPatchGroup\",\n                \"ssm:RegisterTargetWithMaintenanceWindow\",\n                \"ssm:RegisterTaskWithMaintenanceWindow\",\n                \"ssm:RemoveTagsFromResource\",\n                \"ssm:UpdateDocument\",\n                \"ssm:UpdateMaintenanceWindow\",\n                \"ssm:UpdatePatchBaseline\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor48\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"sso:ListInstances\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor49\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"states:CreateActivity\",\n                \"states:CreateStateMachine\",\n                \"states:DeleteActivity\",\n                \"states:DeleteStateMachine\",\n                \"states:DescribeActivity\",\n                \"states:DescribeStateMachine\",\n                \"states:ListTagsForResource\",\n                \"states:TagResource\",\n                \"states:UntagResource\",\n                \"states:UpdateStateMachine\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"VisualEditor50\",\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"wafv2:CreateIpSet\",\n                \"wafv2:CreateRegexPatternSet\",\n                \"wafv2:CreateRuleGroup\",\n                \"wafv2:CreateWebACL\",\n                \"wafv2:DeleteIpSet\",\n                \"wafv2:DeleteRegexPatternSet\",\n                \"wafv2:DeleteRuleGroup\",\n                \"wafv2:DeleteWebACL\",\n                \"wafv2:GetIpSet\",\n                \"wafv2:GetRegexPatternSet\",\n                \"wafv2:GetRuleGroup\",\n                \"wafv2:GetWebACL\",\n                \"wafv2:ListIPSets\",\n                \"wafv2:ListRegexPatternSets\",\n                \"wafv2:ListRuleGroups\",\n                \"wafv2:ListTagsForResource\",\n                \"wafv2:ListWebACLs\",\n                \"wafv2:TagResource\",\n                \"wafv2:UntagResource\",\n                \"wafv2:UpdateIpSet\",\n                \"wafv2:UpdateRegexPatternSet\",\n                \"wafv2:UpdateRuleGroup\"\n            ],\n            \"Resource\": \"*\"\n        }\n    ]\n})\n}\n",
 	}, GCP: "", AZURE: ""}
@@ -624,8 +689,7 @@ func TestWriteOutput(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if err := pike.WriteOutput(
-				tt.args.OutPolicy, tt.args.output, tt.args.location); (err != nil) != tt.wantErr {
+			if err := WriteOutput(tt.args.OutPolicy, tt.args.output, tt.args.location, ""); (err != nil) != tt.wantErr {
 				t.Errorf("WriteOutput() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
@@ -652,7 +716,7 @@ func TestLocateTerraform(t *testing.T) {
 			t.Run(tt.name, func(t *testing.T) {
 				t.Parallel()
 
-				got, err := pike.LocateTerraform()
+				got, err := LocateTerraform()
 
 				if (err != nil) != tt.wantErr {
 					t.Errorf("LocateTerraform() error = %v, wantErr %v", err, tt.wantErr)
@@ -680,7 +744,7 @@ func TestInitWithEmptyDir(t *testing.T) {
 	//goland:noinspection GoUnhandledErrorResult
 	defer os.RemoveAll(tempDir)
 
-	tfPath, modules, err := pike.Init(tempDir)
+	tfPath, modules, err := Init(tempDir)
 	if err == nil {
 		t.Error("Expected error for empty directory, got nil")
 	}
@@ -717,7 +781,7 @@ func TestInitWithInvalidTerraformConfig(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	_, modules, err := pike.Init(tempDir)
+	_, modules, err := Init(tempDir)
 	if err == nil {
 		t.Error("Expected error for invalid terraform config, got nil")
 	}
@@ -750,7 +814,7 @@ func TestInitWithModulesJsonOnly(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	_, modules, err := pike.Init(tempDir)
+	_, modules, err := Init(tempDir)
 	if err != nil {
 		t.Errorf("Unexpected error: %v", err)
 	}
@@ -784,7 +848,7 @@ func TestInitWithDSStoreOnly(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	_, modules, err := pike.Init(tempDir)
+	_, modules, err := Init(tempDir)
 	if err != nil {
 		t.Errorf("Unexpected error: %v", err)
 	}
@@ -797,7 +861,7 @@ func TestInitWithDSStoreOnly(t *testing.T) {
 func TestInitWithNonExistentDir(t *testing.T) {
 	t.Parallel()
 
-	tfPath, modules, err := pike.Init("/path/that/does/not/exist")
+	tfPath, modules, err := Init("/path/that/does/not/exist")
 
 	if err == nil {
 		t.Error("Expected error for non-existent directory, got nil")
diff --git a/src/schema/aws-amazonmq-configuration.json b/src/schema/aws-amazonmq-configuration.json
index c2184b9b..624855ef 100644
--- a/src/schema/aws-amazonmq-configuration.json
+++ b/src/schema/aws-amazonmq-configuration.json
@@ -35,7 +35,7 @@
     },
     "delete": {
       "permissions": [
-        "mq:DescribeConfiguration"
+        "mq:DeleteConfiguration"
       ]
     },
     "list": {
diff --git a/src/schema/aws-amplify-app.json b/src/schema/aws-amplify-app.json
index 8a7578a4..0d59ae5e 100644
--- a/src/schema/aws-amplify-app.json
+++ b/src/schema/aws-amplify-app.json
@@ -273,6 +273,12 @@
     "CacheConfig": {
       "$ref": "#/definitions/CacheConfig"
     },
+    "ComputeRoleArn": {
+      "maxLength": 1000,
+      "minLength": 0,
+      "pattern": "(?s).*",
+      "type": "string"
+    },
     "CustomHeaders": {
       "maxLength": 25000,
       "minLength": 0,
diff --git a/src/schema/aws-amplify-branch.json b/src/schema/aws-amplify-branch.json
index 21285812..48565ba8 100644
--- a/src/schema/aws-amplify-branch.json
+++ b/src/schema/aws-amplify-branch.json
@@ -195,6 +195,12 @@
       "pattern": "(?s).+",
       "type": "string"
     },
+    "ComputeRoleArn": {
+      "maxLength": 1000,
+      "minLength": 0,
+      "pattern": "(?s).*",
+      "type": "string"
+    },
     "Description": {
       "maxLength": 1000,
       "pattern": "(?s).*",
@@ -209,6 +215,9 @@
     "EnablePullRequestPreview": {
       "type": "boolean"
     },
+    "EnableSkewProtection": {
+      "type": "boolean"
+    },
     "EnvironmentVariables": {
       "items": {
         "$ref": "#/definitions/EnvironmentVariable"
diff --git a/src/schema/aws-apigateway-domainname.json b/src/schema/aws-apigateway-domainname.json
index d734545d..4b57bfee 100644
--- a/src/schema/aws-apigateway-domainname.json
+++ b/src/schema/aws-apigateway-domainname.json
@@ -7,6 +7,9 @@
     "EndpointConfiguration": {
       "additionalProperties": false,
       "properties": {
+        "IpAddressType": {
+          "type": "string"
+        },
         "Types": {
           "items": {
             "type": "string"
diff --git a/src/schema/aws-apigateway-restapi.json b/src/schema/aws-apigateway-restapi.json
index 674be823..772f19d6 100644
--- a/src/schema/aws-apigateway-restapi.json
+++ b/src/schema/aws-apigateway-restapi.json
@@ -5,6 +5,10 @@
       "additionalProperties": false,
       "description": "The ``EndpointConfiguration`` property type specifies the endpoint types of a REST API.\n ``EndpointConfiguration`` is a property of the [AWS::ApiGateway::RestApi](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource.",
       "properties": {
+        "IpAddressType": {
+          "description": "",
+          "type": "string"
+        },
         "Types": {
           "description": "",
           "items": {
diff --git a/src/schema/aws-apigatewayv2-api.json b/src/schema/aws-apigatewayv2-api.json
index 6bff540a..0bc603a3 100644
--- a/src/schema/aws-apigatewayv2-api.json
+++ b/src/schema/aws-apigatewayv2-api.json
@@ -165,6 +165,10 @@
       "description": "Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.",
       "type": "boolean"
     },
+    "IpAddressType": {
+      "description": "",
+      "type": "string"
+    },
     "Name": {
       "description": "The name of the API. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation``.",
       "type": "string"
diff --git a/src/schema/aws-apigatewayv2-domainname.json b/src/schema/aws-apigatewayv2-domainname.json
index ec43db51..5c2537c2 100644
--- a/src/schema/aws-apigatewayv2-domainname.json
+++ b/src/schema/aws-apigatewayv2-domainname.json
@@ -20,6 +20,10 @@
           "description": "The endpoint type.",
           "type": "string"
         },
+        "IpAddressType": {
+          "description": "",
+          "type": "string"
+        },
         "OwnershipVerificationCertificateArn": {
           "description": "The Amazon resource name (ARN) for the public certificate issued by ACMlong. This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.",
           "type": "string"
diff --git a/src/schema/aws-appconfig-extension.json b/src/schema/aws-appconfig-extension.json
index 05487052..bb19114c 100644
--- a/src/schema/aws-appconfig-extension.json
+++ b/src/schema/aws-appconfig-extension.json
@@ -1,10 +1,7 @@
 {
   "additionalProperties": false,
   "createOnlyProperties": [
-    "/properties/Name",
-    "/properties/Tags",
-    "/properties/Tags/*/Key",
-    "/properties/Tags/*/Value"
+    "/properties/Name"
   ],
   "definitions": {
     "Action": {
@@ -119,7 +116,8 @@
     },
     "read": {
       "permissions": [
-        "appconfig:GetExtension"
+        "appconfig:GetExtension",
+        "appconfig:ListTagsForResource"
       ]
     },
     "update": {
@@ -176,7 +174,7 @@
         "$ref": "#/definitions/Tag"
       },
       "type": "array",
-      "uniqueItems": false
+      "uniqueItems": true
     },
     "VersionNumber": {
       "type": "integer"
@@ -206,9 +204,6 @@
   },
   "typeName": "AWS::AppConfig::Extension",
   "writeOnlyProperties": [
-    "/properties/LatestVersionNumber",
-    "/properties/Tags",
-    "/properties/Tags/*/Key",
-    "/properties/Tags/*/Value"
+    "/properties/LatestVersionNumber"
   ]
 }
diff --git a/src/schema/aws-appconfig-extensionassociation.json b/src/schema/aws-appconfig-extensionassociation.json
index 2f8652b9..de75794a 100644
--- a/src/schema/aws-appconfig-extensionassociation.json
+++ b/src/schema/aws-appconfig-extensionassociation.json
@@ -3,10 +3,7 @@
   "createOnlyProperties": [
     "/properties/ExtensionIdentifier",
     "/properties/ResourceIdentifier",
-    "/properties/ExtensionVersionNumber",
-    "/properties/Tags",
-    "/properties/Tags/*/Key",
-    "/properties/Tags/*/Value"
+    "/properties/ExtensionVersionNumber"
   ],
   "definitions": {
     "Tag": {
@@ -54,7 +51,8 @@
     },
     "read": {
       "permissions": [
-        "appconfig:GetExtensionAssociation"
+        "appconfig:GetExtensionAssociation",
+        "appconfig:ListTagsForResource"
       ]
     },
     "update": {
@@ -106,7 +104,7 @@
         "$ref": "#/definitions/Tag"
       },
       "type": "array",
-      "uniqueItems": false
+      "uniqueItems": true
     }
   },
   "readOnlyProperties": [
@@ -131,9 +129,6 @@
   "typeName": "AWS::AppConfig::ExtensionAssociation",
   "writeOnlyProperties": [
     "/properties/ExtensionIdentifier",
-    "/properties/ResourceIdentifier",
-    "/properties/Tags",
-    "/properties/Tags/*/Key",
-    "/properties/Tags/*/Value"
+    "/properties/ResourceIdentifier"
   ]
 }
diff --git a/src/schema/aws-appintegrations-eventintegration.json b/src/schema/aws-appintegrations-eventintegration.json
index b1b3eac5..00afd9cf 100644
--- a/src/schema/aws-appintegrations-eventintegration.json
+++ b/src/schema/aws-appintegrations-eventintegration.json
@@ -13,7 +13,7 @@
           "description": "The source of the events.",
           "maxLength": 256,
           "minLength": 1,
-          "pattern": "^aws\\.partner\\/.*$",
+          "pattern": "^aws\\.(partner\\/.*|cases)$",
           "type": "string"
         }
       },
diff --git a/src/schema/aws-applicationsignals-servicelevelobjective.json b/src/schema/aws-applicationsignals-servicelevelobjective.json
index 0a542907..f7aeb714 100644
--- a/src/schema/aws-applicationsignals-servicelevelobjective.json
+++ b/src/schema/aws-applicationsignals-servicelevelobjective.json
@@ -54,6 +54,35 @@
       ],
       "type": "object"
     },
+    "DependencyConfig": {
+      "additionalProperties": false,
+      "description": "Configuration for identifying a dependency and its operation",
+      "properties": {
+        "DependencyKeyAttributes": {
+          "$ref": "#/definitions/DependencyKeyAttributes"
+        },
+        "DependencyOperationName": {
+          "description": "When the SLO monitors a specific operation of the dependency, this field specifies the name of that operation in the dependency.",
+          "maxLength": 255,
+          "minLength": 1,
+          "type": "string"
+        }
+      },
+      "required": [
+        "DependencyKeyAttributes",
+        "DependencyOperationName"
+      ],
+      "type": "object"
+    },
+    "DependencyKeyAttributes": {
+      "additionalProperties": false,
+      "description": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which dependency the SLO metric is related to.",
+      "patternProperties": {
+        "^.+$": {
+          "type": "string"
+        }
+      }
+    },
     "Dimension": {
       "additionalProperties": false,
       "description": "A dimension is a name/value pair that is part of the identity of a metric. Because dimensions are part of the unique identifier for a metric, whenever you add a unique name/value pair to one of your metrics, you are creating a new variation of that metric. For example, many Amazon EC2 metrics publish `InstanceId` as a dimension name, and the actual instance ID as the value for that dimension. You can assign up to 30 dimensions to a metric.",
@@ -318,6 +347,9 @@
       "additionalProperties": false,
       "description": "This structure contains the information about the metric that is used for a request-based SLO.",
       "properties": {
+        "DependencyConfig": {
+          "$ref": "#/definitions/DependencyConfig"
+        },
         "KeyAttributes": {
           "$ref": "#/definitions/KeyAttributes"
         },
@@ -395,6 +427,9 @@
       "additionalProperties": false,
       "description": "A structure that contains information about the metric that the SLO monitors.",
       "properties": {
+        "DependencyConfig": {
+          "$ref": "#/definitions/DependencyConfig"
+        },
         "KeyAttributes": {
           "$ref": "#/definitions/KeyAttributes"
         },
diff --git a/src/schema/aws-appsync-channelnamespace.json b/src/schema/aws-appsync-channelnamespace.json
index a58a51a0..c51009d3 100644
--- a/src/schema/aws-appsync-channelnamespace.json
+++ b/src/schema/aws-appsync-channelnamespace.json
@@ -43,6 +43,81 @@
       "minLength": 1,
       "type": "string"
     },
+    "HandlerBehavior": {
+      "description": "Integration behavior for a handler configuration.",
+      "enum": [
+        "CODE",
+        "DIRECT"
+      ],
+      "type": "string"
+    },
+    "HandlerConfig": {
+      "additionalProperties": false,
+      "properties": {
+        "Behavior": {
+          "$ref": "#/definitions/HandlerBehavior"
+        },
+        "Integration": {
+          "$ref": "#/definitions/Integration"
+        }
+      },
+      "required": [
+        "Behavior",
+        "Integration"
+      ],
+      "type": "object"
+    },
+    "HandlerConfigs": {
+      "additionalProperties": false,
+      "properties": {
+        "OnPublish": {
+          "$ref": "#/definitions/HandlerConfig"
+        },
+        "OnSubscribe": {
+          "$ref": "#/definitions/HandlerConfig"
+        }
+      },
+      "type": "object"
+    },
+    "Integration": {
+      "additionalProperties": false,
+      "properties": {
+        "DataSourceName": {
+          "description": "Data source to invoke for this integration.",
+          "maxLength": 512,
+          "minLength": 1,
+          "pattern": "([_A-Za-z][_0-9A-Za-z]{0,511})?",
+          "type": "string"
+        },
+        "LambdaConfig": {
+          "$ref": "#/definitions/LambdaConfig"
+        }
+      },
+      "required": [
+        "DataSourceName"
+      ],
+      "type": "object"
+    },
+    "InvokeType": {
+      "description": "Invocation type for direct lambda integrations.",
+      "enum": [
+        "REQUEST_RESPONSE",
+        "EVENT"
+      ],
+      "type": "string"
+    },
+    "LambdaConfig": {
+      "additionalProperties": false,
+      "properties": {
+        "InvokeType": {
+          "$ref": "#/definitions/InvokeType"
+        }
+      },
+      "required": [
+        "InvokeType"
+      ],
+      "type": "object"
+    },
     "Namespace": {
       "description": "Namespace indentifier.",
       "maxLength": 50,
@@ -150,6 +225,9 @@
       "description": "The Amazon S3 endpoint where the code is located.",
       "type": "string"
     },
+    "HandlerConfigs": {
+      "$ref": "#/definitions/HandlerConfigs"
+    },
     "Name": {
       "$ref": "#/definitions/Namespace"
     },
diff --git a/src/schema/aws-aps-workspace.json b/src/schema/aws-aps-workspace.json
index ec43968c..f0119881 100644
--- a/src/schema/aws-aps-workspace.json
+++ b/src/schema/aws-aps-workspace.json
@@ -4,6 +4,64 @@
     "/properties/KmsKeyArn"
   ],
   "definitions": {
+    "Label": {
+      "additionalProperties": false,
+      "description": "Series label",
+      "properties": {
+        "Name": {
+          "description": "Name of the label",
+          "minLength": 1,
+          "pattern": "^[a-zA-Z_][a-zA-Z0-9_]*$",
+          "type": "string"
+        },
+        "Value": {
+          "description": "Value of the label",
+          "minLength": 1,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Name",
+        "Value"
+      ],
+      "type": "object"
+    },
+    "LimitsPerLabelSet": {
+      "additionalProperties": false,
+      "description": "Label set and its associated limits",
+      "properties": {
+        "LabelSet": {
+          "description": "An array of series labels",
+          "insertionOrder": false,
+          "items": {
+            "$ref": "#/definitions/Label"
+          },
+          "minItems": 0,
+          "type": "array",
+          "uniqueItems": true
+        },
+        "Limits": {
+          "$ref": "#/definitions/LimitsPerLabelSetEntry"
+        }
+      },
+      "required": [
+        "Limits",
+        "LabelSet"
+      ],
+      "type": "object"
+    },
+    "LimitsPerLabelSetEntry": {
+      "additionalProperties": false,
+      "description": "Limits that can be applied to a label set",
+      "properties": {
+        "MaxSeries": {
+          "description": "The maximum number of active series that can be ingested for this label set",
+          "minimum": 0,
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
     "LoggingConfiguration": {
       "additionalProperties": false,
       "description": "Logging configuration",
@@ -39,6 +97,28 @@
         "Value"
       ],
       "type": "object"
+    },
+    "WorkspaceConfiguration": {
+      "additionalProperties": false,
+      "description": "Workspace configuration",
+      "properties": {
+        "LimitsPerLabelSets": {
+          "description": "An array of label set and associated limits",
+          "insertionOrder": false,
+          "items": {
+            "$ref": "#/definitions/LimitsPerLabelSet"
+          },
+          "minItems": 0,
+          "type": "array",
+          "uniqueItems": true
+        },
+        "RetentionPeriodInDays": {
+          "description": "How many days that metrics are retained in the workspace",
+          "minimum": 1,
+          "type": "integer"
+        }
+      },
+      "type": "object"
     }
   },
   "description": "Resource Type definition for AWS::APS::Workspace",
@@ -51,6 +131,8 @@
         "aps:CreateAlertManagerDefinition",
         "aps:DescribeAlertManagerDefinition",
         "aps:CreateLoggingConfiguration",
+        "aps:DescribeWorkspaceConfiguration",
+        "aps:UpdateWorkspaceConfiguration",
         "logs:CreateLogDelivery",
         "logs:GetLogDelivery",
         "logs:ListLogDeliveries",
@@ -80,7 +162,8 @@
         "aps:DescribeWorkspace",
         "aps:ListTagsForResource",
         "aps:DescribeAlertManagerDefinition",
-        "aps:DescribeLoggingConfiguration"
+        "aps:DescribeLoggingConfiguration",
+        "aps:DescribeWorkspaceConfiguration"
       ]
     },
     "update": {
@@ -97,6 +180,8 @@
         "aps:DescribeLoggingConfiguration",
         "aps:UpdateLoggingConfiguration",
         "aps:DeleteLoggingConfiguration",
+        "aps:DescribeWorkspaceConfiguration",
+        "aps:UpdateWorkspaceConfiguration",
         "logs:CreateLogDelivery",
         "logs:GetLogDelivery",
         "logs:UpdateLogDelivery",
@@ -150,6 +235,9 @@
       "type": "array",
       "uniqueItems": true
     },
+    "WorkspaceConfiguration": {
+      "$ref": "#/definitions/WorkspaceConfiguration"
+    },
     "WorkspaceId": {
       "description": "Required to identify a specific APS Workspace.",
       "maxLength": 100,
diff --git a/src/schema/aws-backup-restoretestingplan.json b/src/schema/aws-backup-restoretestingplan.json
index 5d07fc2a..d7c94298 100644
--- a/src/schema/aws-backup-restoretestingplan.json
+++ b/src/schema/aws-backup-restoretestingplan.json
@@ -56,13 +56,6 @@
       ],
       "type": "string"
     },
-    "RestoreTestingScheduleStatus": {
-      "enum": [
-        "ACTIVE",
-        "SUSPENDED"
-      ],
-      "type": "string"
-    },
     "Tag": {
       "additionalProperties": false,
       "properties": {
@@ -91,7 +84,6 @@
     "create": {
       "permissions": [
         "backup:CreateRestoreTestingPlan",
-        "backup:UpdateRestoreTestingPlanScheduleStatus",
         "backup:TagResource",
         "backup:GetRestoreTestingPlan",
         "backup:ListTags"
@@ -121,7 +113,6 @@
     "update": {
       "permissions": [
         "backup:UpdateRestoreTestingPlan",
-        "backup:UpdateRestoreTestingPlanScheduleStatus",
         "backup:TagResource",
         "backup:UntagResource",
         "backup:GetRestoreTestingPlan",
@@ -149,9 +140,6 @@
     "ScheduleExpressionTimezone": {
       "type": "string"
     },
-    "ScheduleStatus": {
-      "$ref": "#/definitions/RestoreTestingScheduleStatus"
-    },
     "StartWindowHours": {
       "type": "integer"
     },
diff --git a/src/schema/aws-batch-computeenvironment.json b/src/schema/aws-batch-computeenvironment.json
index 6aecc70d..e71b1705 100644
--- a/src/schema/aws-batch-computeenvironment.json
+++ b/src/schema/aws-batch-computeenvironment.json
@@ -319,7 +319,7 @@
     "cloudFormationSystemTags": false,
     "permissions": [
       "Batch:TagResource",
-      "Batch:UntagResource"
+      "Batch:UnTagResource"
     ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
diff --git a/src/schema/aws-batch-consumableresource.json b/src/schema/aws-batch-consumableresource.json
index 4954282e..209887c1 100644
--- a/src/schema/aws-batch-consumableresource.json
+++ b/src/schema/aws-batch-consumableresource.json
@@ -19,7 +19,7 @@
       "type": "string"
     }
   },
-  "description": "Resource Type schema for AWS::Batch::ConsumableResource",
+  "description": "Resource Type definition for AWS::Batch::ConsumableResource",
   "handlers": {
     "create": {
       "permissions": [
diff --git a/src/schema/aws-batch-jobdefinition.json b/src/schema/aws-batch-jobdefinition.json
index ea00099c..98b18231 100644
--- a/src/schema/aws-batch-jobdefinition.json
+++ b/src/schema/aws-batch-jobdefinition.json
@@ -51,6 +51,9 @@
           "type": "array",
           "uniqueItems": false
         },
+        "EnableExecuteCommand": {
+          "type": "boolean"
+        },
         "Environment": {
           "insertionOrder": true,
           "items": {
@@ -240,6 +243,9 @@
           "type": "array",
           "uniqueItems": false
         },
+        "EnableExecuteCommand": {
+          "type": "boolean"
+        },
         "EphemeralStorage": {
           "$ref": "#/definitions/EphemeralStorage"
         },
@@ -737,6 +743,9 @@
           "type": "array",
           "uniqueItems": false
         },
+        "EnableExecuteCommand": {
+          "type": "boolean"
+        },
         "Environment": {
           "insertionOrder": true,
           "items": {
@@ -861,6 +870,9 @@
           "type": "array",
           "uniqueItems": false
         },
+        "EnableExecuteCommand": {
+          "type": "boolean"
+        },
         "ExecutionRoleArn": {
           "type": "string"
         },
@@ -1065,6 +1077,27 @@
         "Essential": {
           "type": "boolean"
         },
+        "FirelensConfiguration": {
+          "additionalProperties": false,
+          "properties": {
+            "Options": {
+              "additionalProperties": false,
+              "patternProperties": {
+                ".*": {
+                  "type": "string"
+                }
+              },
+              "type": "object"
+            },
+            "Type": {
+              "type": "string"
+            }
+          },
+          "required": [
+            "Type"
+          ],
+          "type": "object"
+        },
         "Image": {
           "type": "string"
         },
@@ -1305,7 +1338,7 @@
     "cloudFormationSystemTags": true,
     "permissions": [
       "Batch:TagResource",
-      "Batch:UntagResource"
+      "Batch:UnTagResource"
     ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
diff --git a/src/schema/aws-batch-schedulingpolicy.json b/src/schema/aws-batch-schedulingpolicy.json
index c6f9cd0d..9387a883 100644
--- a/src/schema/aws-batch-schedulingpolicy.json
+++ b/src/schema/aws-batch-schedulingpolicy.json
@@ -51,7 +51,7 @@
       "type": "object"
     }
   },
-  "description": "Resource Type schema for AWS::Batch::SchedulingPolicy",
+  "description": "Resource Type definition for AWS::Batch::SchedulingPolicy",
   "handlers": {
     "create": {
       "permissions": [
diff --git a/src/schema/aws-bedrock-guardrail.json b/src/schema/aws-bedrock-guardrail.json
index 3f8a31e9..d414ee07 100644
--- a/src/schema/aws-bedrock-guardrail.json
+++ b/src/schema/aws-bedrock-guardrail.json
@@ -1,34 +1,48 @@
 {
   "additionalProperties": false,
   "definitions": {
-    "ContentFilter": {
-      "additionalProperties": false,
-      "description": "Content filter in content policy.",
-      "properties": {
-        "InputStrength": {
-          "$ref": "#/definitions/FilterStrength"
-        },
-        "OutputStrength": {
-          "$ref": "#/definitions/FilterStrength"
-        },
-        "Type": {
-          "$ref": "#/definitions/ContentFilterType"
-        }
-      },
-      "required": [
-        "InputStrength",
-        "OutputStrength",
-        "Type"
+    "ContentFilterAction": {
+      "enum": [
+        "BLOCK",
+        "NONE"
       ],
-      "type": "object"
+      "type": "string"
     },
     "ContentFilterConfig": {
       "additionalProperties": false,
       "description": "Content filter config in content policy.",
       "properties": {
+        "InputAction": {
+          "$ref": "#/definitions/ContentFilterAction"
+        },
+        "InputEnabled": {
+          "type": "boolean"
+        },
+        "InputModalities": {
+          "description": "List of modalities",
+          "items": {
+            "$ref": "#/definitions/Modality"
+          },
+          "minItems": 1,
+          "type": "array"
+        },
         "InputStrength": {
           "$ref": "#/definitions/FilterStrength"
         },
+        "OutputAction": {
+          "$ref": "#/definitions/ContentFilterAction"
+        },
+        "OutputEnabled": {
+          "type": "boolean"
+        },
+        "OutputModalities": {
+          "description": "List of modalities",
+          "items": {
+            "$ref": "#/definitions/Modality"
+          },
+          "minItems": 1,
+          "type": "array"
+        },
         "OutputStrength": {
           "$ref": "#/definitions/FilterStrength"
         },
@@ -74,10 +88,23 @@
       ],
       "type": "object"
     },
+    "ContextualGroundingAction": {
+      "enum": [
+        "BLOCK",
+        "NONE"
+      ],
+      "type": "string"
+    },
     "ContextualGroundingFilterConfig": {
       "additionalProperties": false,
       "description": "A config for grounding filter.",
       "properties": {
+        "Action": {
+          "$ref": "#/definitions/ContextualGroundingAction"
+        },
+        "Enabled": {
+          "type": "boolean"
+        },
         "Threshold": {
           "description": "The threshold for this filter.",
           "minimum": 0,
@@ -141,23 +168,22 @@
       ],
       "type": "string"
     },
-    "ManagedWords": {
-      "additionalProperties": false,
-      "description": "A managed words definition.",
-      "properties": {
-        "Type": {
-          "$ref": "#/definitions/ManagedWordsType"
-        }
-      },
-      "required": [
-        "Type"
-      ],
-      "type": "object"
-    },
     "ManagedWordsConfig": {
       "additionalProperties": false,
       "description": "A managed words config.",
       "properties": {
+        "InputAction": {
+          "$ref": "#/definitions/WordAction"
+        },
+        "InputEnabled": {
+          "type": "boolean"
+        },
+        "OutputAction": {
+          "$ref": "#/definitions/WordAction"
+        },
+        "OutputEnabled": {
+          "type": "boolean"
+        },
         "Type": {
           "$ref": "#/definitions/ManagedWordsType"
         }
@@ -174,22 +200,13 @@
       ],
       "type": "string"
     },
-    "PiiEntity": {
-      "additionalProperties": false,
-      "description": "Entity name and behavior.",
-      "properties": {
-        "Action": {
-          "$ref": "#/definitions/SensitiveInformationAction"
-        },
-        "Type": {
-          "$ref": "#/definitions/PiiEntityType"
-        }
-      },
-      "required": [
-        "Action",
-        "Type"
+    "Modality": {
+      "description": "Modality for filters",
+      "enum": [
+        "TEXT",
+        "IMAGE"
       ],
-      "type": "object"
+      "type": "string"
     },
     "PiiEntityConfig": {
       "additionalProperties": false,
@@ -198,6 +215,18 @@
         "Action": {
           "$ref": "#/definitions/SensitiveInformationAction"
         },
+        "InputAction": {
+          "$ref": "#/definitions/SensitiveInformationAction"
+        },
+        "InputEnabled": {
+          "type": "boolean"
+        },
+        "OutputAction": {
+          "$ref": "#/definitions/SensitiveInformationAction"
+        },
+        "OutputEnabled": {
+          "type": "boolean"
+        },
         "Type": {
           "$ref": "#/definitions/PiiEntityType"
         }
@@ -258,12 +287,24 @@
           "minLength": 1,
           "type": "string"
         },
+        "InputAction": {
+          "$ref": "#/definitions/SensitiveInformationAction"
+        },
+        "InputEnabled": {
+          "type": "boolean"
+        },
         "Name": {
           "description": "The regex name.",
           "maxLength": 100,
           "minLength": 1,
           "type": "string"
         },
+        "OutputAction": {
+          "$ref": "#/definitions/SensitiveInformationAction"
+        },
+        "OutputEnabled": {
+          "type": "boolean"
+        },
         "Pattern": {
           "description": "The regex pattern.",
           "minLength": 1,
@@ -281,7 +322,8 @@
       "description": "Options for sensitive information action.",
       "enum": [
         "BLOCK",
-        "ANONYMIZE"
+        "ANONYMIZE",
+        "NONE"
       ],
       "type": "string"
     },
@@ -334,44 +376,12 @@
       ],
       "type": "object"
     },
-    "Topic": {
-      "additionalProperties": false,
-      "description": "Topic in topic policy.",
-      "properties": {
-        "Definition": {
-          "description": "Definition of topic in topic policy",
-          "maxLength": 200,
-          "minLength": 1,
-          "type": "string"
-        },
-        "Examples": {
-          "description": "List of text examples",
-          "items": {
-            "description": "Text example in topic policy",
-            "maxLength": 100,
-            "minLength": 1,
-            "type": "string"
-          },
-          "minItems": 0,
-          "type": "array"
-        },
-        "Name": {
-          "description": "Name of topic in topic policy",
-          "maxLength": 100,
-          "minLength": 1,
-          "pattern": "^[0-9a-zA-Z-_ !?.]+$",
-          "type": "string"
-        },
-        "Type": {
-          "$ref": "#/definitions/TopicType"
-        }
-      },
-      "required": [
-        "Definition",
-        "Name",
-        "Type"
+    "TopicAction": {
+      "enum": [
+        "BLOCK",
+        "NONE"
       ],
-      "type": "object"
+      "type": "string"
     },
     "TopicConfig": {
       "additionalProperties": false,
@@ -394,6 +404,12 @@
           "minItems": 0,
           "type": "array"
         },
+        "InputAction": {
+          "$ref": "#/definitions/TopicAction"
+        },
+        "InputEnabled": {
+          "type": "boolean"
+        },
         "Name": {
           "description": "Name of topic in topic policy",
           "maxLength": 100,
@@ -401,6 +417,12 @@
           "pattern": "^[0-9a-zA-Z-_ !?.]+$",
           "type": "string"
         },
+        "OutputAction": {
+          "$ref": "#/definitions/TopicAction"
+        },
+        "OutputEnabled": {
+          "type": "boolean"
+        },
         "Type": {
           "$ref": "#/definitions/TopicType"
         }
@@ -437,10 +459,29 @@
       ],
       "type": "string"
     },
+    "WordAction": {
+      "enum": [
+        "BLOCK",
+        "NONE"
+      ],
+      "type": "string"
+    },
     "WordConfig": {
       "additionalProperties": false,
       "description": "A custom word config.",
       "properties": {
+        "InputAction": {
+          "$ref": "#/definitions/WordAction"
+        },
+        "InputEnabled": {
+          "type": "boolean"
+        },
+        "OutputAction": {
+          "$ref": "#/definitions/WordAction"
+        },
+        "OutputEnabled": {
+          "type": "boolean"
+        },
         "Text": {
           "description": "The custom word text.",
           "minLength": 1,
@@ -653,6 +694,11 @@
   ],
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "bedrock:ListTagsForResource",
+      "bedrock:TagResource",
+      "bedrock:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-bedrock-knowledgebase.json b/src/schema/aws-bedrock-knowledgebase.json
index ffd460ab..8b529083 100644
--- a/src/schema/aws-bedrock-knowledgebase.json
+++ b/src/schema/aws-bedrock-knowledgebase.json
@@ -157,7 +157,8 @@
         "PINECONE",
         "RDS",
         "MONGO_DB_ATLAS",
-        "NEPTUNE_ANALYTICS"
+        "NEPTUNE_ANALYTICS",
+        "OPENSEARCH_MANAGED_CLUSTER"
       ],
       "type": "string"
     },
@@ -206,6 +207,12 @@
         "FieldMapping": {
           "$ref": "#/definitions/MongoDbAtlasFieldMapping"
         },
+        "TextIndexName": {
+          "description": "Name of a MongoDB Atlas text index.",
+          "maxLength": 2048,
+          "pattern": "^.*$",
+          "type": "string"
+        },
         "VectorIndexName": {
           "description": "Name of a MongoDB Atlas index.",
           "maxLength": 2048,
@@ -303,6 +310,71 @@
       ],
       "type": "object"
     },
+    "OpenSearchManagedClusterConfiguration": {
+      "additionalProperties": false,
+      "description": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.",
+      "properties": {
+        "DomainArn": {
+          "description": "The Amazon Resource Name (ARN) of the OpenSearch domain.",
+          "maxLength": 2048,
+          "pattern": "^arn:aws(|-cn|-us-gov|-iso):es:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:domain/[a-z][a-z0-9-]{3,28}$",
+          "type": "string"
+        },
+        "DomainEndpoint": {
+          "description": "The endpoint URL the OpenSearch domain.",
+          "maxLength": 2048,
+          "pattern": "^https://.*$",
+          "type": "string"
+        },
+        "FieldMapping": {
+          "$ref": "#/definitions/OpenSearchManagedClusterFieldMapping"
+        },
+        "VectorIndexName": {
+          "description": "The name of the vector store.",
+          "maxLength": 2048,
+          "minLength": 1,
+          "pattern": "^(?![\\-_+.])[a-z0-9][a-z0-9\\-_\\.]*$",
+          "type": "string"
+        }
+      },
+      "required": [
+        "DomainArn",
+        "DomainEndpoint",
+        "VectorIndexName",
+        "FieldMapping"
+      ],
+      "type": "object"
+    },
+    "OpenSearchManagedClusterFieldMapping": {
+      "additionalProperties": false,
+      "description": "A mapping of Bedrock Knowledge Base fields to OpenSearch Managed Cluster field names",
+      "properties": {
+        "MetadataField": {
+          "description": "The name of the field in which Amazon Bedrock stores metadata about the vector store.",
+          "maxLength": 2048,
+          "pattern": "^.*$",
+          "type": "string"
+        },
+        "TextField": {
+          "description": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.",
+          "maxLength": 2048,
+          "pattern": "^.*$",
+          "type": "string"
+        },
+        "VectorField": {
+          "description": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.",
+          "maxLength": 2048,
+          "pattern": "^.*$",
+          "type": "string"
+        }
+      },
+      "required": [
+        "MetadataField",
+        "TextField",
+        "VectorField"
+      ],
+      "type": "object"
+    },
     "OpenSearchServerlessConfiguration": {
       "additionalProperties": false,
       "description": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.",
@@ -563,6 +635,12 @@
       "additionalProperties": false,
       "description": "Contains the names of the fields to which to map information about the vector store.",
       "properties": {
+        "CustomMetadataField": {
+          "description": "The name of the field in which Amazon Bedrock stores custom metadata about the vector store.",
+          "maxLength": 63,
+          "pattern": "^[a-zA-Z0-9_\\-]+$",
+          "type": "string"
+        },
         "MetadataField": {
           "description": "The name of the field in which Amazon Bedrock stores metadata about the vector store.",
           "maxLength": 63,
@@ -940,6 +1018,11 @@
           "required": [
             "MongoDbAtlasConfiguration"
           ]
+        },
+        {
+          "required": [
+            "OpensearchManagedClusterConfiguration"
+          ]
         }
       ],
       "properties": {
@@ -949,6 +1032,9 @@
         "NeptuneAnalyticsConfiguration": {
           "$ref": "#/definitions/NeptuneAnalyticsConfiguration"
         },
+        "OpensearchManagedClusterConfiguration": {
+          "$ref": "#/definitions/OpenSearchManagedClusterConfiguration"
+        },
         "OpensearchServerlessConfiguration": {
           "$ref": "#/definitions/OpenSearchServerlessConfiguration"
         },
diff --git a/src/schema/aws-cassandra-keyspace.json b/src/schema/aws-cassandra-keyspace.json
index 2f723415..caac1a6f 100644
--- a/src/schema/aws-cassandra-keyspace.json
+++ b/src/schema/aws-cassandra-keyspace.json
@@ -8,6 +8,7 @@
       "insertionOrder": false,
       "items": {
         "enum": [
+          "af-south-1",
           "ap-northeast-1",
           "ap-northeast-2",
           "ap-south-1",
diff --git a/src/schema/aws-ce-anomalymonitor.json b/src/schema/aws-ce-anomalymonitor.json
index 7f750349..c6cf0d8b 100644
--- a/src/schema/aws-ce-anomalymonitor.json
+++ b/src/schema/aws-ce-anomalymonitor.json
@@ -57,7 +57,8 @@
     },
     "read": {
       "permissions": [
-        "ce:GetAnomalyMonitors"
+        "ce:GetAnomalyMonitors",
+        "ce:ListTagsForResource"
       ]
     },
     "update": {
@@ -146,8 +147,15 @@
     "MonitorType"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
-  "typeName": "AWS::CE::AnomalyMonitor",
-  "writeOnlyProperties": [
-    "/properties/ResourceTags"
-  ]
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "ce:ListTagsForResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/ResourceTags",
+    "tagUpdatable": false,
+    "taggable": true
+  },
+  "typeName": "AWS::CE::AnomalyMonitor"
 }
diff --git a/src/schema/aws-ce-anomalysubscription.json b/src/schema/aws-ce-anomalysubscription.json
index e754b703..3ee9ba2b 100644
--- a/src/schema/aws-ce-anomalysubscription.json
+++ b/src/schema/aws-ce-anomalysubscription.json
@@ -82,7 +82,8 @@
     },
     "read": {
       "permissions": [
-        "ce:GetAnomalySubscriptions"
+        "ce:GetAnomalySubscriptions",
+        "ce:ListTagsForResource"
       ]
     },
     "update": {
@@ -168,8 +169,15 @@
     "SubscriptionName"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
-  "typeName": "AWS::CE::AnomalySubscription",
-  "writeOnlyProperties": [
-    "/properties/ResourceTags"
-  ]
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "ce:ListTagsForResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/ResourceTags",
+    "tagUpdatable": false,
+    "taggable": true
+  },
+  "typeName": "AWS::CE::AnomalySubscription"
 }
diff --git a/src/schema/aws-chatbot-customaction.json b/src/schema/aws-chatbot-customaction.json
index 8c4a2e1e..6b9288f5 100644
--- a/src/schema/aws-chatbot-customaction.json
+++ b/src/schema/aws-chatbot-customaction.json
@@ -41,7 +41,7 @@
           "$ref": "#/definitions/CustomActionAttachmentCriteriaOperator"
         },
         "Value": {
-          "maxLength": 50,
+          "maxLength": 1024,
           "minLength": 0,
           "type": "string"
         },
diff --git a/src/schema/aws-cleanrooms-analysistemplate.json b/src/schema/aws-cleanrooms-analysistemplate.json
index 5c9275a0..78e2f476 100644
--- a/src/schema/aws-cleanrooms-analysistemplate.json
+++ b/src/schema/aws-cleanrooms-analysistemplate.json
@@ -4,12 +4,9 @@
     "/properties/Name",
     "/properties/MembershipIdentifier",
     "/properties/Source",
-    "/properties/Source/Text",
     "/properties/Format",
     "/properties/AnalysisParameters",
-    "/properties/AnalysisParameters/Name",
-    "/properties/AnalysisParameters/Type",
-    "/properties/AnalysisParameters/DefaultValue"
+    "/properties/Schema"
   ],
   "definitions": {
     "AnalysisParameter": {
@@ -79,19 +76,121 @@
       "type": "object"
     },
     "AnalysisSource": {
+      "oneOf": [
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Text": {
+              "maxLength": 90000,
+              "minLength": 0,
+              "type": "string"
+            }
+          },
+          "required": [
+            "Text"
+          ],
+          "title": "Text",
+          "type": "object"
+        },
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Artifacts": {
+              "$ref": "#/definitions/AnalysisTemplateArtifacts"
+            }
+          },
+          "required": [
+            "Artifacts"
+          ],
+          "title": "Artifacts",
+          "type": "object"
+        }
+      ]
+    },
+    "AnalysisSourceMetadata": {
+      "oneOf": [
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Artifacts": {
+              "$ref": "#/definitions/AnalysisTemplateArtifactMetadata"
+            }
+          },
+          "required": [
+            "Artifacts"
+          ],
+          "title": "Artifacts",
+          "type": "object"
+        }
+      ]
+    },
+    "AnalysisTemplateArtifact": {
       "additionalProperties": false,
       "properties": {
-        "Text": {
-          "maxLength": 15000,
-          "minLength": 0,
+        "Location": {
+          "$ref": "#/definitions/S3Location"
+        }
+      },
+      "required": [
+        "Location"
+      ],
+      "type": "object"
+    },
+    "AnalysisTemplateArtifactMetadata": {
+      "additionalProperties": false,
+      "properties": {
+        "AdditionalArtifactHashes": {
+          "insertionOrder": false,
+          "items": {
+            "$ref": "#/definitions/Hash"
+          },
+          "type": "array"
+        },
+        "EntryPointHash": {
+          "$ref": "#/definitions/Hash"
+        }
+      },
+      "required": [
+        "EntryPointHash"
+      ],
+      "type": "object"
+    },
+    "AnalysisTemplateArtifacts": {
+      "additionalProperties": false,
+      "properties": {
+        "AdditionalArtifacts": {
+          "insertionOrder": false,
+          "items": {
+            "$ref": "#/definitions/AnalysisTemplateArtifact"
+          },
+          "maxItems": 1,
+          "minItems": 1,
+          "type": "array"
+        },
+        "EntryPoint": {
+          "$ref": "#/definitions/AnalysisTemplateArtifact"
+        },
+        "RoleArn": {
+          "maxLength": 512,
+          "minLength": 32,
           "type": "string"
         }
       },
       "required": [
-        "Text"
+        "EntryPoint",
+        "RoleArn"
       ],
       "type": "object"
     },
+    "Hash": {
+      "additionalProperties": false,
+      "properties": {
+        "Sha256": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "ReferencedTables": {
       "insertionOrder": false,
       "items": {
@@ -100,6 +199,24 @@
       "minItems": 0,
       "type": "array"
     },
+    "S3Location": {
+      "additionalProperties": false,
+      "properties": {
+        "Bucket": {
+          "maxLength": 63,
+          "minLength": 3,
+          "type": "string"
+        },
+        "Key": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "Bucket",
+        "Key"
+      ],
+      "type": "object"
+    },
     "TableName": {
       "maxLength": 128,
       "pattern": "^[a-zA-Z0-9_](([a-zA-Z0-9_ ]+-)*([a-zA-Z0-9_ ]+))?$",
@@ -134,7 +251,8 @@
         "cleanrooms:ListTagsForResource",
         "cleanrooms:TagResource",
         "cleanrooms:GetAnalysisTemplate",
-        "cleanrooms:ListAnalysisTemplates"
+        "cleanrooms:ListAnalysisTemplates",
+        "iam:PassRole"
       ]
     },
     "delete": {
@@ -219,7 +337,8 @@
     },
     "Format": {
       "enum": [
-        "SQL"
+        "SQL",
+        "PYSPARK_1_0"
       ],
       "type": "string"
     },
@@ -244,6 +363,9 @@
     "Source": {
       "$ref": "#/definitions/AnalysisSource"
     },
+    "SourceMetadata": {
+      "$ref": "#/definitions/AnalysisSourceMetadata"
+    },
     "Tags": {
       "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms analysis template.",
       "insertionOrder": false,
@@ -257,7 +379,6 @@
     "/properties/CollaborationArn",
     "/properties/CollaborationIdentifier",
     "/properties/AnalysisTemplateIdentifier",
-    "/properties/Schema",
     "/properties/Arn",
     "/properties/MembershipArn"
   ],
diff --git a/src/schema/aws-cleanrooms-collaboration.json b/src/schema/aws-cleanrooms-collaboration.json
index 0bbd5123..b3deea3d 100644
--- a/src/schema/aws-cleanrooms-collaboration.json
+++ b/src/schema/aws-cleanrooms-collaboration.json
@@ -5,6 +5,7 @@
     "/properties/CreatorMemberAbilities",
     "/properties/CreatorMLMemberAbilities",
     "/properties/DataEncryptionMetadata",
+    "/properties/JobLogStatus",
     "/properties/QueryLogStatus",
     "/properties/Members",
     "/properties/CreatorPaymentConfiguration",
@@ -18,6 +19,13 @@
       ],
       "type": "string"
     },
+    "CollaborationJobLogStatus": {
+      "enum": [
+        "ENABLED",
+        "DISABLED"
+      ],
+      "type": "string"
+    },
     "CollaborationQueryLogStatus": {
       "enum": [
         "ENABLED",
@@ -64,6 +72,18 @@
       ],
       "type": "object"
     },
+    "JobComputePaymentConfig": {
+      "additionalProperties": false,
+      "properties": {
+        "IsResponsible": {
+          "type": "boolean"
+        }
+      },
+      "required": [
+        "IsResponsible"
+      ],
+      "type": "object"
+    },
     "MLMemberAbilities": {
       "additionalProperties": false,
       "properties": {
@@ -99,6 +119,7 @@
     "MemberAbility": {
       "enum": [
         "CAN_QUERY",
+        "CAN_RUN_JOB",
         "CAN_RECEIVE_RESULTS"
       ],
       "type": "string"
@@ -174,6 +195,9 @@
     "PaymentConfiguration": {
       "additionalProperties": false,
       "properties": {
+        "JobCompute": {
+          "$ref": "#/definitions/JobComputePaymentConfig"
+        },
         "MachineLearning": {
           "$ref": "#/definitions/MLPaymentConfig"
         },
@@ -304,6 +328,9 @@
       "pattern": "^(?!\\s*$)[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDBFF-\\uDC00\\uDFFF\\t\\r\\n]*$",
       "type": "string"
     },
+    "JobLogStatus": {
+      "$ref": "#/definitions/CollaborationJobLogStatus"
+    },
     "Members": {
       "insertionOrder": false,
       "items": {
diff --git a/src/schema/aws-cleanrooms-configuredtable.json b/src/schema/aws-cleanrooms-configuredtable.json
index c5356bb3..ef61f01d 100644
--- a/src/schema/aws-cleanrooms-configuredtable.json
+++ b/src/schema/aws-cleanrooms-configuredtable.json
@@ -2,7 +2,6 @@
   "additionalProperties": false,
   "createOnlyProperties": [
     "/properties/AllowedColumns",
-    "/properties/AnalysisMethod",
     "/properties/TableReference"
   ],
   "definitions": {
@@ -84,7 +83,7 @@
     "AllowedAnalysis": {
       "maxLength": 200,
       "minLength": 0,
-      "pattern": "(ANY_QUERY|arn:[\\w]{3}:cleanrooms:[\\w]{2}-[\\w]{4,9}-[\\d]:[\\d]{12}:membership/[\\d\\w-]+/analysistemplate/[\\d\\w-]+)",
+      "pattern": "(ANY_QUERY|ANY_JOB|arn:[\\w]{3}:cleanrooms:[\\w]{2}-[\\w]{4,9}-[\\d]:[\\d]{12}:membership/[\\d\\w-]+/analysistemplate/[\\d\\w-]+)",
       "type": "string"
     },
     "AllowedAnalysisProvider": {
@@ -103,7 +102,9 @@
     },
     "AnalysisMethod": {
       "enum": [
-        "DIRECT_QUERY"
+        "DIRECT_QUERY",
+        "DIRECT_JOB",
+        "MULTIPLE"
       ],
       "type": "string"
     },
@@ -445,6 +446,20 @@
       ],
       "type": "string"
     },
+    "SelectedAnalysisMethod": {
+      "enum": [
+        "DIRECT_QUERY",
+        "DIRECT_JOB"
+      ],
+      "type": "string"
+    },
+    "SelectedAnalysisMethods": {
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/SelectedAnalysisMethod"
+      },
+      "type": "array"
+    },
     "SnowflakeTableReference": {
       "additionalProperties": false,
       "properties": {
@@ -716,6 +731,9 @@
       "pattern": "^(?!\\s*$)[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDBFF-\\uDC00\\uDFFF\\t]*$",
       "type": "string"
     },
+    "SelectedAnalysisMethods": {
+      "$ref": "#/definitions/SelectedAnalysisMethods"
+    },
     "TableReference": {
       "$ref": "#/definitions/TableReference"
     },
diff --git a/src/schema/aws-cleanrooms-membership.json b/src/schema/aws-cleanrooms-membership.json
index 5c73179f..a03a855f 100644
--- a/src/schema/aws-cleanrooms-membership.json
+++ b/src/schema/aws-cleanrooms-membership.json
@@ -4,6 +4,25 @@
     "/properties/CollaborationIdentifier"
   ],
   "definitions": {
+    "MembershipJobComputePaymentConfig": {
+      "additionalProperties": false,
+      "properties": {
+        "IsResponsible": {
+          "type": "boolean"
+        }
+      },
+      "required": [
+        "IsResponsible"
+      ],
+      "type": "object"
+    },
+    "MembershipJobLogStatus": {
+      "enum": [
+        "ENABLED",
+        "DISABLED"
+      ],
+      "type": "string"
+    },
     "MembershipMLPaymentConfig": {
       "additionalProperties": false,
       "properties": {
@@ -43,6 +62,9 @@
     "MembershipPaymentConfiguration": {
       "additionalProperties": false,
       "properties": {
+        "JobCompute": {
+          "$ref": "#/definitions/MembershipJobComputePaymentConfig"
+        },
         "MachineLearning": {
           "$ref": "#/definitions/MembershipMLPaymentConfig"
         },
@@ -55,6 +77,36 @@
       ],
       "type": "object"
     },
+    "MembershipProtectedJobOutputConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "S3": {
+          "$ref": "#/definitions/ProtectedJobS3OutputConfigurationInput"
+        }
+      },
+      "required": [
+        "S3"
+      ],
+      "type": "object"
+    },
+    "MembershipProtectedJobResultConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "OutputConfiguration": {
+          "$ref": "#/definitions/MembershipProtectedJobOutputConfiguration"
+        },
+        "RoleArn": {
+          "maxLength": 512,
+          "minLength": 32,
+          "type": "string"
+        }
+      },
+      "required": [
+        "OutputConfiguration",
+        "RoleArn"
+      ],
+      "type": "object"
+    },
     "MembershipProtectedQueryOutputConfiguration": {
       "additionalProperties": false,
       "properties": {
@@ -111,6 +163,23 @@
       ],
       "type": "string"
     },
+    "ProtectedJobS3OutputConfigurationInput": {
+      "additionalProperties": false,
+      "properties": {
+        "Bucket": {
+          "maxLength": 63,
+          "minLength": 3,
+          "type": "string"
+        },
+        "KeyPrefix": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "Bucket"
+      ],
+      "type": "object"
+    },
     "ProtectedQueryS3OutputConfiguration": {
       "additionalProperties": false,
       "properties": {
@@ -255,9 +324,15 @@
       "pattern": "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}",
       "type": "string"
     },
+    "DefaultJobResultConfiguration": {
+      "$ref": "#/definitions/MembershipProtectedJobResultConfiguration"
+    },
     "DefaultResultConfiguration": {
       "$ref": "#/definitions/MembershipProtectedQueryResultConfiguration"
     },
+    "JobLogStatus": {
+      "$ref": "#/definitions/MembershipJobLogStatus"
+    },
     "MembershipIdentifier": {
       "maxLength": 36,
       "minLength": 36,
diff --git a/src/schema/aws-cloudformation-stack.json b/src/schema/aws-cloudformation-stack.json
index 7d18c37f..fdddf339 100644
--- a/src/schema/aws-cloudformation-stack.json
+++ b/src/schema/aws-cloudformation-stack.json
@@ -203,7 +203,10 @@
       "uniqueItems": false
     },
     "TemplateBody": {
-      "type": "object"
+      "type": [
+        "object",
+        "string"
+      ]
     },
     "TemplateURL": {
       "maxLength": 1024,
diff --git a/src/schema/aws-cloudformation-stackset.json b/src/schema/aws-cloudformation-stackset.json
index 3f56922a..4f0bbf3f 100644
--- a/src/schema/aws-cloudformation-stackset.json
+++ b/src/schema/aws-cloudformation-stackset.json
@@ -422,6 +422,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-cloudformation.git",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "cloudformation:TagResource",
+      "cloudformation:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-cloudfront-connectiongroup.json b/src/schema/aws-cloudfront-connectiongroup.json
new file mode 100644
index 00000000..cdccf8c7
--- /dev/null
+++ b/src/schema/aws-cloudfront-connectiongroup.json
@@ -0,0 +1,138 @@
+{
+  "additionalProperties": false,
+  "createOnlyProperties": [
+    "/properties/Name"
+  ],
+  "definitions": {
+    "Tag": {
+      "additionalProperties": false,
+      "properties": {
+        "Key": {
+          "type": "string"
+        },
+        "Value": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "Value",
+        "Key"
+      ],
+      "type": "object"
+    }
+  },
+  "description": "Resource Type definition for AWS::CloudFront::ConnectionGroup",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "cloudfront:CreateConnectionGroup",
+        "cloudfront:GetConnectionGroup",
+        "cloudfront:TagResource"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "cloudfront:DeleteConnectionGroup",
+        "cloudfront:GetConnectionGroup",
+        "cloudfront:UpdateConnectionGroup"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "cloudfront:ListConnectionGroups",
+        "cloudfront:ListTagsForResource"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "cloudfront:GetConnectionGroup",
+        "cloudfront:ListTagsForResource"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "cloudfront:GetConnectionGroup",
+        "cloudfront:UpdateConnectionGroup",
+        "cloudfront:ListTagsForResource",
+        "cloudfront:TagResource",
+        "cloudfront:UntagResource"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/Id"
+  ],
+  "properties": {
+    "AnycastIpListId": {
+      "type": "string"
+    },
+    "Arn": {
+      "type": "string"
+    },
+    "CreatedTime": {
+      "format": "date-time",
+      "type": "string"
+    },
+    "ETag": {
+      "type": "string"
+    },
+    "Enabled": {
+      "type": "boolean"
+    },
+    "Id": {
+      "type": "string"
+    },
+    "Ipv6Enabled": {
+      "type": "boolean"
+    },
+    "IsDefault": {
+      "type": "boolean"
+    },
+    "LastModifiedTime": {
+      "format": "date-time",
+      "type": "string"
+    },
+    "Name": {
+      "type": "string"
+    },
+    "RoutingEndpoint": {
+      "type": "string"
+    },
+    "Status": {
+      "type": "string"
+    },
+    "Tags": {
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": false
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/Id",
+    "/properties/Arn",
+    "/properties/CreatedTime",
+    "/properties/LastModifiedTime",
+    "/properties/RoutingEndpoint",
+    "/properties/Status",
+    "/properties/IsDefault",
+    "/properties/ETag"
+  ],
+  "required": [
+    "Name"
+  ],
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "cloudfront:TagResource",
+      "cloudfront:ListTagsForResource",
+      "cloudfront:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
+  "typeName": "AWS::CloudFront::ConnectionGroup"
+}
diff --git a/src/schema/aws-cloudfront-distribution.json b/src/schema/aws-cloudfront-distribution.json
index 317ef51b..fe2dc415 100644
--- a/src/schema/aws-cloudfront-distribution.json
+++ b/src/schema/aws-cloudfront-distribution.json
@@ -135,6 +135,13 @@
       ],
       "type": "object"
     },
+    "ConnectionMode": {
+      "enum": [
+        "direct",
+        "tenant-only"
+      ],
+      "type": "string"
+    },
     "Cookies": {
       "additionalProperties": false,
       "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*.\n If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*.\n A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide*.",
@@ -400,6 +407,10 @@
           "description": "A comment to describe the distribution. The comment cannot be longer than 128 characters.",
           "type": "string"
         },
+        "ConnectionMode": {
+          "$ref": "#/definitions/ConnectionMode",
+          "description": ""
+        },
         "ContinuousDeploymentPolicyId": {
           "description": "The identifier of a continuous deployment policy. For more information, see ``CreateContinuousDeploymentPolicy``.",
           "type": "string"
@@ -477,6 +488,19 @@
           "description": "A Boolean that indicates whether this is a staging distribution. When this value is ``true``, this is a staging distribution. When this value is ``false``, this is not a staging distribution.",
           "type": "boolean"
         },
+        "TenantConfig": {
+          "additionalProperties": false,
+          "description": "",
+          "properties": {
+            "ParameterDefinitions": {
+              "items": {
+                "$ref": "#/definitions/ParameterDefinition"
+              },
+              "type": "array"
+            }
+          },
+          "type": "object"
+        },
         "ViewerCertificate": {
           "$ref": "#/definitions/ViewerCertificate",
           "default": {
@@ -883,6 +907,44 @@
       },
       "type": "object"
     },
+    "ParameterDefinition": {
+      "additionalProperties": false,
+      "description": "",
+      "properties": {
+        "Definition": {
+          "additionalProperties": false,
+          "properties": {
+            "StringSchema": {
+              "additionalProperties": false,
+              "properties": {
+                "Comment": {
+                  "type": "string"
+                },
+                "DefaultValue": {
+                  "type": "string"
+                },
+                "Required": {
+                  "type": "boolean"
+                }
+              },
+              "required": [
+                "Required"
+              ],
+              "type": "object"
+            }
+          },
+          "type": "object"
+        },
+        "Name": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "Name",
+        "Definition"
+      ],
+      "type": "object"
+    },
     "Restrictions": {
       "additionalProperties": false,
       "description": "A complex type that identifies ways in which you want to restrict distribution of your content.",
@@ -1011,8 +1073,10 @@
   "handlers": {
     "create": {
       "permissions": [
+        "cloudfront:CreateConnectionGroup",
         "cloudfront:CreateDistribution",
         "cloudfront:CreateDistributionWithTags",
+        "cloudfront:GetConnectionGroup",
         "cloudfront:GetDistribution",
         "cloudfront:GetDistributionConfig",
         "cloudfront:TagResource"
@@ -1027,6 +1091,7 @@
     },
     "list": {
       "permissions": [
+        "cloudfront:ListTagsForResource",
         "cloudfront:ListDistributions"
       ]
     },
@@ -1038,6 +1103,8 @@
     },
     "update": {
       "permissions": [
+        "cloudfront:CreateConnectionGroup",
+        "cloudfront:GetConnectionGroup",
         "cloudfront:GetDistribution",
         "cloudfront:GetDistributionConfig",
         "cloudfront:UpdateDistribution",
@@ -1082,9 +1149,15 @@
   ],
   "tagging": {
     "cloudFormationSystemTags": false,
-    "tagOnCreate": false,
-    "tagUpdatable": false,
-    "taggable": false
+    "permissions": [
+      "cloudfront:TagResource",
+      "cloudfront:ListTagsForResource",
+      "cloudfront:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
   },
   "typeName": "AWS::CloudFront::Distribution"
 }
diff --git a/src/schema/aws-cloudfront-distributiontenant.json b/src/schema/aws-cloudfront-distributiontenant.json
new file mode 100644
index 00000000..697431fd
--- /dev/null
+++ b/src/schema/aws-cloudfront-distributiontenant.json
@@ -0,0 +1,296 @@
+{
+  "additionalProperties": false,
+  "createOnlyProperties": [
+    "/properties/Name",
+    "/properties/ManagedCertificateRequest"
+  ],
+  "definitions": {
+    "Certificate": {
+      "additionalProperties": false,
+      "properties": {
+        "Arn": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Customizations": {
+      "additionalProperties": false,
+      "properties": {
+        "Certificate": {
+          "$ref": "#/definitions/Certificate"
+        },
+        "GeoRestrictions": {
+          "$ref": "#/definitions/GeoRestrictionCustomization"
+        },
+        "WebAcl": {
+          "$ref": "#/definitions/WebAclCustomization"
+        }
+      },
+      "type": "object"
+    },
+    "DomainResult": {
+      "additionalProperties": false,
+      "properties": {
+        "Domain": {
+          "type": "string"
+        },
+        "Reason": {
+          "enum": [
+            "pending-validation",
+            "validation-failed",
+            "pending-activation",
+            "customer-activated"
+          ],
+          "type": "string"
+        },
+        "Status": {
+          "enum": [
+            "active",
+            "inactive"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GeoRestrictionCustomization": {
+      "additionalProperties": false,
+      "properties": {
+        "Locations": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array",
+          "uniqueItems": false
+        },
+        "RestrictionType": {
+          "enum": [
+            "blacklist",
+            "whitelist",
+            "none"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ManagedCertificateRequest": {
+      "additionalProperties": false,
+      "properties": {
+        "CertificateTransparencyLoggingPreference": {
+          "enum": [
+            "enabled",
+            "disabled"
+          ],
+          "type": "string"
+        },
+        "PrimaryDomainName": {
+          "type": "string"
+        },
+        "ValidationTokenHost": {
+          "enum": [
+            "cloudfront",
+            "self-hosted"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Parameter": {
+      "additionalProperties": false,
+      "properties": {
+        "Name": {
+          "type": "string"
+        },
+        "Value": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Tag": {
+      "additionalProperties": false,
+      "properties": {
+        "Key": {
+          "type": "string"
+        },
+        "Value": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "Value",
+        "Key"
+      ],
+      "type": "object"
+    },
+    "WebAclCustomization": {
+      "additionalProperties": false,
+      "properties": {
+        "Action": {
+          "enum": [
+            "override",
+            "disable"
+          ],
+          "type": "string"
+        },
+        "Arn": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    }
+  },
+  "description": "Resource Type definition for AWS::CloudFront::DistributionTenant",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "acm:DeleteCertificate",
+        "acm:DescribeCertificate",
+        "acm:RequestCertificate",
+        "cloudfront:CreateDistributionTenant",
+        "cloudfront:GetDistributionTenant",
+        "cloudfront:GetManagedCertificateDetails",
+        "cloudfront:TagResource",
+        "cloudfront:VerifyDnsConfiguration"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "acm:DeleteCertificate",
+        "cloudfront:DeleteDistributionTenant",
+        "cloudfront:UpdateDistributionTenant",
+        "cloudfront:GetDistributionTenant"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "cloudfront:ListDistributionTenants",
+        "cloudfront:ListTagsForResource"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "cloudfront:GetDistributionTenant",
+        "cloudfront:ListTagsForResource"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "acm:DeleteCertificate",
+        "acm:DescribeCertificate",
+        "acm:RequestCertificate",
+        "cloudfront:GetDistributionTenant",
+        "cloudfront:GetManagedCertificateDetails",
+        "cloudfront:UpdateDistributionTenant",
+        "cloudfront:ListTagsForResource",
+        "cloudfront:TagResource",
+        "cloudfront:UntagResource",
+        "cloudfront:VerifyDnsConfiguration"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/Id"
+  ],
+  "properties": {
+    "Arn": {
+      "type": "string"
+    },
+    "ConnectionGroupId": {
+      "type": "string"
+    },
+    "CreatedTime": {
+      "format": "date-time",
+      "type": "string"
+    },
+    "Customizations": {
+      "$ref": "#/definitions/Customizations"
+    },
+    "DistributionId": {
+      "type": "string"
+    },
+    "DomainResults": {
+      "items": {
+        "$ref": "#/definitions/DomainResult"
+      },
+      "type": "array",
+      "uniqueItems": false
+    },
+    "Domains": {
+      "items": {
+        "type": "string"
+      },
+      "type": "array",
+      "uniqueItems": false
+    },
+    "ETag": {
+      "type": "string"
+    },
+    "Enabled": {
+      "type": "boolean"
+    },
+    "Id": {
+      "type": "string"
+    },
+    "LastModifiedTime": {
+      "format": "date-time",
+      "type": "string"
+    },
+    "ManagedCertificateRequest": {
+      "$ref": "#/definitions/ManagedCertificateRequest"
+    },
+    "Name": {
+      "type": "string"
+    },
+    "Parameters": {
+      "items": {
+        "$ref": "#/definitions/Parameter"
+      },
+      "type": "array",
+      "uniqueItems": false
+    },
+    "Status": {
+      "type": "string"
+    },
+    "Tags": {
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": false
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/Id",
+    "/properties/Arn",
+    "/properties/DomainResults",
+    "/properties/ETag",
+    "/properties/Status",
+    "/properties/CreatedTime",
+    "/properties/LastModifiedTime"
+  ],
+  "required": [
+    "DistributionId",
+    "Name",
+    "Domains"
+  ],
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "cloudfront:TagResource",
+      "cloudfront:ListTagsForResource",
+      "cloudfront:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
+  "typeName": "AWS::CloudFront::DistributionTenant",
+  "writeOnlyProperties": [
+    "/properties/ManagedCertificateRequest"
+  ]
+}
diff --git a/src/schema/aws-codebuild-project.json b/src/schema/aws-codebuild-project.json
index ce7ef51e..853e396f 100644
--- a/src/schema/aws-codebuild-project.json
+++ b/src/schema/aws-codebuild-project.json
@@ -199,6 +199,9 @@
     "ProjectCache": {
       "additionalProperties": false,
       "properties": {
+        "CacheNamespace": {
+          "type": "string"
+        },
         "Location": {
           "type": "string"
         },
@@ -328,8 +331,14 @@
     "ScopeConfiguration": {
       "additionalProperties": false,
       "properties": {
+        "Domain": {
+          "type": "string"
+        },
         "Name": {
           "type": "string"
+        },
+        "Scope": {
+          "type": "string"
         }
       },
       "required": [
diff --git a/src/schema/aws-connect-prompt.json b/src/schema/aws-connect-prompt.json
index fc434073..48f44622 100644
--- a/src/schema/aws-connect-prompt.json
+++ b/src/schema/aws-connect-prompt.json
@@ -122,6 +122,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "connect:TagResource",
+      "connect:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-connect-user.json b/src/schema/aws-connect-user.json
index aaf78b78..51e95834 100644
--- a/src/schema/aws-connect-user.json
+++ b/src/schema/aws-connect-user.json
@@ -298,6 +298,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "connect:TagResource",
+      "connect:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-connect-userhierarchygroup.json b/src/schema/aws-connect-userhierarchygroup.json
index f3c0d0ce..fe2e16cd 100644
--- a/src/schema/aws-connect-userhierarchygroup.json
+++ b/src/schema/aws-connect-userhierarchygroup.json
@@ -28,7 +28,7 @@
       "type": "object"
     },
     "UserHierarchyGroupArn": {
-      "description": "The Amazon Resource Name (ARN) for the user hierarchy group.",
+      "description": "The Amazon Resource Name (ARN) for the User hierarchy group.",
       "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent-group/[-a-zA-Z0-9]*$",
       "type": "string"
     }
@@ -119,6 +119,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "connect:TagResource",
+      "connect:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-connect-view.json b/src/schema/aws-connect-view.json
index dc979730..94ad970c 100644
--- a/src/schema/aws-connect-view.json
+++ b/src/schema/aws-connect-view.json
@@ -153,6 +153,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "connect:TagResource",
+      "connect:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-customerprofiles-domain.json b/src/schema/aws-customerprofiles-domain.json
index 59d029c3..426d4cf1 100644
--- a/src/schema/aws-customerprofiles-domain.json
+++ b/src/schema/aws-customerprofiles-domain.json
@@ -357,16 +357,6 @@
       ]
     },
     "list": {
-      "handlerSchema": {
-        "properties": {
-          "DomainName": {
-            "$ref": "resource-schema.json#/properties/DomainName"
-          }
-        },
-        "required": [
-          "DomainName"
-        ]
-      },
       "permissions": [
         "profile:ListDomains"
       ]
diff --git a/src/schema/aws-customerprofiles-integration.json b/src/schema/aws-customerprofiles-integration.json
index 6d89861e..e7c19ef2 100644
--- a/src/schema/aws-customerprofiles-integration.json
+++ b/src/schema/aws-customerprofiles-integration.json
@@ -569,6 +569,8 @@
         "appflow:CreateFlow",
         "app-integrations:CreateEventIntegrationAssociation",
         "app-integrations:GetEventIntegration",
+        "connect:DescribeInstance",
+        "ds:DescribeDirectories",
         "events:ListTargetsByRule",
         "events:PutRule",
         "events:PutTargets",
@@ -623,7 +625,9 @@
         "events:PutTargets",
         "events:PutEvents",
         "profile:UntagResource",
-        "profile:TagResource"
+        "profile:TagResource",
+        "connect:DescribeInstance",
+        "ds:DescribeDirectories"
       ]
     }
   },
diff --git a/src/schema/aws-customerprofiles-objecttype.json b/src/schema/aws-customerprofiles-objecttype.json
index 1efe89c7..3288679f 100644
--- a/src/schema/aws-customerprofiles-objecttype.json
+++ b/src/schema/aws-customerprofiles-objecttype.json
@@ -131,7 +131,9 @@
       "permissions": [
         "profile:GetProfileObjectType",
         "profile:PutProfileObjectType",
-        "profile:TagResource"
+        "profile:TagResource",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
       ]
     },
     "delete": {
@@ -151,12 +153,16 @@
         ]
       },
       "permissions": [
-        "profile:ListProfileObjectTypes"
+        "profile:ListProfileObjectTypes",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
       ]
     },
     "read": {
       "permissions": [
-        "profile:GetProfileObjectType"
+        "profile:GetProfileObjectType",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
       ]
     },
     "update": {
@@ -164,7 +170,9 @@
         "profile:GetProfileObjectType",
         "profile:PutProfileObjectType",
         "profile:UntagResource",
-        "profile:TagResource"
+        "profile:TagResource",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
       ]
     }
   },
diff --git a/src/schema/aws-datapipeline-pipeline.json b/src/schema/aws-datapipeline-pipeline.json
index 6bff9566..c5a9af94 100644
--- a/src/schema/aws-datapipeline-pipeline.json
+++ b/src/schema/aws-datapipeline-pipeline.json
@@ -246,6 +246,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-datapipeline",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "datapipeline:AddTags",
+      "datapipeline:RemoveTags"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/PipelineTags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-datazone-domain.json b/src/schema/aws-datazone-domain.json
index b71e3b0e..2d1649f7 100644
--- a/src/schema/aws-datazone-domain.json
+++ b/src/schema/aws-datazone-domain.json
@@ -30,10 +30,20 @@
       ],
       "type": "string"
     },
+    "IdcInstanceArn": {
+      "description": "The ARN of the AWS Identity Center instance.",
+      "maxLength": 1224,
+      "minLength": 10,
+      "pattern": "arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}",
+      "type": "string"
+    },
     "SingleSignOn": {
       "additionalProperties": false,
       "description": "The single-sign on configuration of the Amazon DataZone domain.",
       "properties": {
+        "IdcInstanceArn": {
+          "$ref": "#/definitions/IdcInstanceArn"
+        },
         "Type": {
           "$ref": "#/definitions/AuthType"
         },
@@ -88,6 +98,13 @@
         "sso:PutApplicationAssignmentConfiguration",
         "sso:ListInstances",
         "sso:PutApplicationAccessScope",
+        "sso:PutApplicationGrant",
+        "sso:PutApplicationAuthenticationMethod",
+        "sso:PutApplicationAccessScope",
+        "sso:CreateApplication",
+        "sso:DeleteApplication",
+        "sso:CreateApplicationAssignment",
+        "sso:DeleteApplicationAssignment",
         "iam:PassRole"
       ]
     },
@@ -97,6 +114,8 @@
         "datazone:GetDomain",
         "sso:DeleteManagedApplicationInstance",
         "sso:PutApplicationAssignmentConfiguration",
+        "sso:DeleteApplication",
+        "sso:DeleteApplicationAssignment",
         "sso:ListInstances"
       ]
     },
diff --git a/src/schema/aws-dms-replicationinstance.json b/src/schema/aws-dms-replicationinstance.json
index dea46fc6..8bddcdd3 100644
--- a/src/schema/aws-dms-replicationinstance.json
+++ b/src/schema/aws-dms-replicationinstance.json
@@ -3,6 +3,7 @@
   "createOnlyProperties": [
     "/properties/KmsKeyId",
     "/properties/ResourceIdentifier",
+    "/properties/DnsNameServers",
     "/properties/ReplicationSubnetGroupIdentifier",
     "/properties/PubliclyAccessible"
   ],
@@ -41,6 +42,9 @@
     "AvailabilityZone": {
       "type": "string"
     },
+    "DnsNameServers": {
+      "type": "string"
+    },
     "EngineVersion": {
       "type": "string"
     },
diff --git a/src/schema/aws-docdbelastic-cluster.json b/src/schema/aws-docdbelastic-cluster.json
index fbd07932..8daf22f4 100644
--- a/src/schema/aws-docdbelastic-cluster.json
+++ b/src/schema/aws-docdbelastic-cluster.json
@@ -198,6 +198,11 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-docdbelastic/",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "docdb-elastic:TagResource",
+      "docdb-elastic:UntagResource",
+      "docdb-elastic:ListTagsForResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-dsql-cluster.json b/src/schema/aws-dsql-cluster.json
new file mode 100644
index 00000000..7c3f51be
--- /dev/null
+++ b/src/schema/aws-dsql-cluster.json
@@ -0,0 +1,124 @@
+{
+  "additionalProperties": false,
+  "definitions": {
+    "Tag": {
+      "additionalProperties": false,
+      "description": "A map of key and value pairs to use to tag your cluster.",
+      "properties": {
+        "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 128,
+          "minLength": 1,
+          "type": "string"
+        },
+        "Value": {
+          "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 256,
+          "minLength": 1,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Key",
+        "Value"
+      ]
+    }
+  },
+  "description": "Resource Type definition for AWS::DSQL::Cluster",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "dsql:CreateCluster",
+        "dsql:GetCluster",
+        "dsql:TagResource",
+        "dsql:ListTagsForResource",
+        "iam:CreateServiceLinkedRole"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "dsql:DeleteCluster",
+        "dsql:GetCluster",
+        "dsql:ListTagsForResource"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "dsql:ListClusters",
+        "dsql:ListTagsForResource",
+        "tag:GetTagKeys",
+        "tag:GetTagValues"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "dsql:GetCluster",
+        "dsql:ListTagsForResource",
+        "tag:GetTagKeys",
+        "tag:GetTagValues"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "dsql:UpdateCluster",
+        "dsql:GetCluster",
+        "dsql:UntagResource",
+        "dsql:TagResource",
+        "dsql:ListTagsForResource"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/Identifier"
+  ],
+  "properties": {
+    "CreationTime": {
+      "description": "The time of when the cluster was created in ISO-8601 format.",
+      "type": "string"
+    },
+    "DeletionProtectionEnabled": {
+      "description": "Whether deletion protection is enabled in this cluster.",
+      "type": "boolean"
+    },
+    "Identifier": {
+      "description": "The ID of the created cluster.",
+      "type": "string"
+    },
+    "ResourceArn": {
+      "description": "The Amazon Resource Name (ARN) for the cluster.",
+      "type": "string"
+    },
+    "Status": {
+      "description": "The status of the cluster.",
+      "type": "string"
+    },
+    "Tags": {
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": false
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/ResourceArn",
+    "/properties/Identifier",
+    "/properties/CreationTime",
+    "/properties/Status"
+  ],
+  "required": [],
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "dsql:UntagResource",
+      "dsql:TagResource",
+      "dsql:ListTagsForResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
+  "typeName": "AWS::DSQL::Cluster"
+}
diff --git a/src/schema/aws-dynamodb-table.json b/src/schema/aws-dynamodb-table.json
index 0623eccd..029cf0d5 100644
--- a/src/schema/aws-dynamodb-table.json
+++ b/src/schema/aws-dynamodb-table.json
@@ -17,7 +17,7 @@
           "type": "string"
         },
         "AttributeType": {
-          "description": "The data type for the attribute, where:\n  +   ``S`` - the attribute is of type String\n  +   ``N`` - the attribute is of type Number\n  +   ``B`` - the attribute is of type Binary",
+          "description": "The data type for the attribute, where:\n  +  ``S`` - the attribute is of type String\n  +  ``N`` - the attribute is of type Number\n  +  ``B`` - the attribute is of type Binary",
           "type": "string"
         }
       },
@@ -103,7 +103,7 @@
           "type": "string"
         },
         "KeySchema": {
-          "description": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n  +   ``HASH`` - partition key\n  +   ``RANGE`` - sort key\n  \n  The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.",
+          "description": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n  +  ``HASH`` - partition key\n  +  ``RANGE`` - sort key\n  \n  The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.",
           "items": {
             "$ref": "#/definitions/KeySchema"
           },
@@ -181,7 +181,7 @@
           "type": "string"
         },
         "KeyType": {
-          "description": "The role that this key attribute will assume:\n  +   ``HASH`` - partition key\n  +   ``RANGE`` - sort key\n  \n  The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.",
+          "description": "The role that this key attribute will assume:\n  +  ``HASH`` - partition key\n  +  ``RANGE`` - sort key\n  \n  The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.",
           "type": "string"
         }
       },
@@ -226,7 +226,7 @@
           "type": "string"
         },
         "KeySchema": {
-          "description": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n  +   ``HASH`` - partition key\n  +   ``RANGE`` - sort key\n  \n  The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.",
+          "description": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n  +  ``HASH`` - partition key\n  +  ``RANGE`` - sort key\n  \n  The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.",
           "items": {
             "$ref": "#/definitions/KeySchema"
           },
@@ -289,7 +289,7 @@
       "description": "Represents attributes that are copied (projected) from the table into an index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.",
       "properties": {
         "NonKeyAttributes": {
-          "description": "Represents the non-key attribute names which will be projected into the index.\n For local secondary indexes, the total count of ``NonKeyAttributes`` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.",
+          "description": "Represents the non-key attribute names which will be projected into the index.\n For global and local secondary indexes, the total count of ``NonKeyAttributes`` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of ``INCLUDE``. You still can specify the ProjectionType of ``ALL`` to project all attributes from the source table, even if the table has more than 100 attributes.",
           "items": {
             "type": "string"
           },
@@ -297,7 +297,7 @@
           "uniqueItems": false
         },
         "ProjectionType": {
-          "description": "The set of attributes that are projected into the index:\n  +   ``KEYS_ONLY`` - Only the index and primary keys are projected into the index.\n  +   ``INCLUDE`` - In addition to the attributes described in ``KEYS_ONLY``, the secondary index will include other non-key attributes that you specify.\n  +   ``ALL`` - All of the table attributes are projected into the index.\n  \n When using the DynamoDB console, ``ALL`` is selected by default.",
+          "description": "The set of attributes that are projected into the index:\n  +  ``KEYS_ONLY`` - Only the index and primary keys are projected into the index.\n  +  ``INCLUDE`` - In addition to the attributes described in ``KEYS_ONLY``, the secondary index will include other non-key attributes that you specify.\n  +  ``ALL`` - All of the table attributes are projected into the index.\n  \n When using the DynamoDB console, ``ALL`` is selected by default.",
           "type": "string"
         }
       },
@@ -395,7 +395,7 @@
           "type": "boolean"
         },
         "SSEType": {
-          "description": "Server-side encryption type. The only supported value is:\n  +   ``KMS`` - Server-side encryption that uses KMSlong. The key is stored in your account and is managed by KMS (KMS charges apply).",
+          "description": "Server-side encryption type. The only supported value is:\n  +  ``KMS`` - Server-side encryption that uses KMSlong. The key is stored in your account and is managed by KMS (KMS charges apply).",
           "type": "string"
         }
       },
@@ -413,7 +413,7 @@
           "description": "Creates or updates a resource-based policy document that contains the permissions for DDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html)."
         },
         "StreamViewType": {
-          "description": "When an item in the table is modified, ``StreamViewType`` determines what information is written to the stream for this table. Valid values for ``StreamViewType`` are:\n  +   ``KEYS_ONLY`` - Only the key attributes of the modified item are written to the stream.\n  +   ``NEW_IMAGE`` - The entire item, as it appears after it was modified, is written to the stream.\n  +   ``OLD_IMAGE`` - The entire item, as it appeared before it was modified, is written to the stream.\n  +   ``NEW_AND_OLD_IMAGES`` - Both the new and the old item images of the item are written to the stream.",
+          "description": "When an item in the table is modified, ``StreamViewType`` determines what information is written to the stream for this table. Valid values for ``StreamViewType`` are:\n  +  ``KEYS_ONLY`` - Only the key attributes of the modified item are written to the stream.\n  +  ``NEW_IMAGE`` - The entire item, as it appears after it was modified, is written to the stream.\n  +  ``OLD_IMAGE`` - The entire item, as it appeared before it was modified, is written to the stream.\n  +  ``NEW_AND_OLD_IMAGES`` - Both the new and the old item images of the item are written to the stream.",
           "type": "string"
         }
       },
@@ -424,7 +424,7 @@
     },
     "Tag": {
       "additionalProperties": false,
-      "description": "Describes a tag. A tag is a key-value pair. You can add up to 50 tags to a single DynamoDB table. \n  AWS-assigned tag names and values are automatically assigned the ``aws:`` prefix, which the user cannot assign. AWS-assigned tag names do not count towards the tag limit of 50. User-assigned tag names have the prefix ``user:`` in the Cost Allocation Report. You cannot backdate the application of a tag.\n For an overview on tagging DynamoDB resources, see [Tagging for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html) in the *Amazon DynamoDB Developer Guide*.",
+      "description": "Describes a tag. A tag is a key-value pair. You can add up to 50 tags to a single DynamoDB table. \n AWS-assigned tag names and values are automatically assigned the ``aws:`` prefix, which the user cannot assign. AWS-assigned tag names do not count towards the tag limit of 50. User-assigned tag names have the prefix ``user:`` in the Cost Allocation Report. You cannot backdate the application of a tag.\n For an overview on tagging DynamoDB resources, see [Tagging for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html) in the *Amazon DynamoDB Developer Guide*.",
       "properties": {
         "Key": {
           "description": "The key of the tag. Tag keys are case sensitive. Each DynamoDB table can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value.",
@@ -489,7 +489,7 @@
       "type": "object"
     }
   },
-  "description": "The ``AWS::DynamoDB::Table`` resource creates a DDB table. For more information, see [CreateTable](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html) in the *API Reference*.\n You should be aware of the following behaviors when working with DDB tables:\n  +   CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).\n  \n   Our guidance is to use the latest schema documented for your CFNlong templates. This schema supports the provisioning of all table settings below. When using this schema in your CFNlong templates, please ensure that your Identity and Access Management (IAM) policies are updated with appropriate permissions to allow for the authorization of these setting changes.",
+  "description": "The ``AWS::DynamoDB::Table`` resource creates a DDB table. For more information, see [CreateTable](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html) in the *API Reference*.\n You should be aware of the following behaviors when working with DDB tables:\n  +  CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).\n  \n   Our guidance is to use the latest schema documented for your CFNlong templates. This schema supports the provisioning of all table settings below. When using this schema in your CFNlong templates, please ensure that your Identity and Access Management (IAM) policies are updated with appropriate permissions to allow for the authorization of these setting changes.",
   "handlers": {
     "create": {
       "permissions": [
@@ -602,7 +602,7 @@
       "uniqueItems": true
     },
     "BillingMode": {
-      "description": "Specify how you are charged for read and write throughput and how you manage capacity.\n Valid values include:\n  +   ``PAY_PER_REQUEST`` - We recommend using ``PAY_PER_REQUEST`` for most DynamoDB workloads. ``PAY_PER_REQUEST`` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html). \n  +   ``PROVISIONED`` - We recommend using ``PROVISIONED`` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. ``PROVISIONED`` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html).\n  \n If not specified, the default is ``PROVISIONED``.",
+      "description": "Specify how you are charged for read and write throughput and how you manage capacity.\n Valid values include:\n  +  ``PAY_PER_REQUEST`` - We recommend using ``PAY_PER_REQUEST`` for most DynamoDB workloads. ``PAY_PER_REQUEST`` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html). \n  +  ``PROVISIONED`` - We recommend using ``PROVISIONED`` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. ``PROVISIONED`` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html).\n  \n If not specified, the default is ``PROVISIONED``.",
       "type": "string"
     },
     "ContributorInsightsSpecification": {
diff --git a/src/schema/aws-ec2-instance.json b/src/schema/aws-ec2-instance.json
index ebbe95fc..350b0a5a 100644
--- a/src/schema/aws-ec2-instance.json
+++ b/src/schema/aws-ec2-instance.json
@@ -148,6 +148,31 @@
       ],
       "type": "object"
     },
+    "EnaSrdSpecification": {
+      "additionalProperties": false,
+      "description": "Specifies the ENA Express settings for the network interface that's attached to the instance.",
+      "properties": {
+        "EnaSrdEnabled": {
+          "description": "Specifies whether ENA Express is enabled for the network interface when you launch an instance.",
+          "type": "boolean"
+        },
+        "EnaSrdUdpSpecification": {
+          "$ref": "#/definitions/EnaSrdUdpSpecification"
+        }
+      },
+      "type": "object"
+    },
+    "EnaSrdUdpSpecification": {
+      "additionalProperties": false,
+      "description": "Contains ENA Express settings for UDP network traffic for the network interface that's attached to the instance.",
+      "properties": {
+        "EnaSrdUdpEnabled": {
+          "description": "Indicates whether UDP traffic uses ENA Express for your instance.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
     "InstanceIpv6Address": {
       "additionalProperties": false,
       "properties": {
@@ -229,6 +254,9 @@
           "description": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.",
           "type": "string"
         },
+        "EnaSrdSpecification": {
+          "$ref": "#/definitions/EnaSrdSpecification"
+        },
         "GroupSet": {
           "description": "The IDs of the security groups for the network interface.",
           "insertionOrder": false,
diff --git a/src/schema/aws-ec2-instanceconnectendpoint.json b/src/schema/aws-ec2-instanceconnectendpoint.json
index 95a195e1..7bf4b168 100644
--- a/src/schema/aws-ec2-instanceconnectendpoint.json
+++ b/src/schema/aws-ec2-instanceconnectendpoint.json
@@ -112,6 +112,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DeleteTags"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-ec2-keypair.json b/src/schema/aws-ec2-keypair.json
index 512fa8c6..5d11d257 100644
--- a/src/schema/aws-ec2-keypair.json
+++ b/src/schema/aws-ec2-keypair.json
@@ -113,6 +113,9 @@
       "uniqueItems": true
     }
   },
+  "propertyTransform": {
+    "/properties/PublicKeyMaterial": "$join([PublicKeyMaterial, \"\n\"])"
+  },
   "readOnlyProperties": [
     "/properties/KeyPairId",
     "/properties/KeyFingerprint"
@@ -126,6 +129,7 @@
     "permissions": [
       "ec2:CreateTags"
     ],
+    "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": false,
     "taggable": true
diff --git a/src/schema/aws-ec2-launchtemplate.json b/src/schema/aws-ec2-launchtemplate.json
index cfa23e3a..c46334da 100644
--- a/src/schema/aws-ec2-launchtemplate.json
+++ b/src/schema/aws-ec2-launchtemplate.json
@@ -218,7 +218,7 @@
     },
     "ElasticGpuSpecification": {
       "additionalProperties": false,
-      "description": "Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads that require graphics acceleration, we recommend that you use Amazon EC2 G4ad, G4dn, or G5 instances.\n  Specifies a specification for an Elastic GPU for an Amazon EC2 launch template.\n  ``ElasticGpuSpecification`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html).",
+      "description": "Amazon Elastic Graphics reached end of life on January 8, 2024.\n  Specifies a specification for an Elastic GPU for an Amazon EC2 launch template.\n  ``ElasticGpuSpecification`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html).",
       "properties": {
         "Type": {
           "description": "The type of Elastic Graphics accelerator.",
@@ -334,7 +334,7 @@
           "description": "The minimum and maximum amount of total accelerator memory, in MiB.\n Default: No minimum or maximum limits"
         },
         "AcceleratorTypes": {
-          "description": "The accelerator types that must be on the instance type.\n  +  For instance types with FPGA accelerators, specify ``fpga``.\n  +  For instance types with GPU accelerators, specify ``gpu``.\n  +  For instance types with Inference accelerators, specify ``inference``.\n  \n Default: Any accelerator type",
+          "description": "The accelerator types that must be on the instance type.\n  +  For instance types with FPGA accelerators, specify ``fpga``.\n  +  For instance types with GPU accelerators, specify ``gpu``.\n  \n Default: Any accelerator type",
           "items": {
             "type": "string"
           },
@@ -515,7 +515,7 @@
           "type": "boolean"
         },
         "ElasticGpuSpecifications": {
-          "description": "Deprecated.\n  Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads that require graphics acceleration, we recommend that you use Amazon EC2 G4ad, G4dn, or G5 instances.",
+          "description": "Deprecated.\n  Amazon Elastic Graphics reached end of life on January 8, 2024.",
           "items": {
             "$ref": "#/definitions/ElasticGpuSpecification"
           },
@@ -523,7 +523,7 @@
           "uniqueItems": false
         },
         "ElasticInferenceAccelerators": {
-          "description": "Amazon Elastic Inference is no longer available.\n  An elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n You cannot specify accelerators from different generations in the same request.\n  Starting April 15, 2023, AWS will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.",
+          "description": "Amazon Elastic Inference is no longer available.\n  An elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n You cannot specify accelerators from different generations in the same request.",
           "items": {
             "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator"
           },
@@ -647,7 +647,7 @@
     },
     "LaunchTemplateElasticInferenceAccelerator": {
       "additionalProperties": false,
-      "description": "Specifies an elastic inference accelerator.\n  ``LaunchTemplateElasticInferenceAccelerator`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html).",
+      "description": "Amazon Elastic Inference is no longer available.\n  Specifies an elastic inference accelerator.\n  ``LaunchTemplateElasticInferenceAccelerator`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html).",
       "properties": {
         "Count": {
           "description": "The number of elastic inference accelerators to attach to the instance. \n Default: 1",
@@ -809,7 +809,7 @@
           "type": "string"
         },
         "DeviceIndex": {
-          "description": "The device index for the network interface attachment. If the network interface is of type ``interface``, you must specify a device index.\n If you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the ``LaunchTemplate`` property of ``AWS::EC2::Instance``, then you must include a primary network interface using the ``NetworkInterfaces`` property of ``AWS::EC2::Instance``.",
+          "description": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type ``interface``, you must specify a device index.\n If you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the ``LaunchTemplate`` property of ``AWS::EC2::Instance``, then you must include a primary network interface using the ``NetworkInterfaces`` property of ``AWS::EC2::Instance``.",
           "type": "integer"
         },
         "EnaSrdSpecification": {
@@ -916,10 +916,10 @@
     },
     "NetworkPerformanceOptions": {
       "additionalProperties": false,
-      "description": "",
+      "description": "Contains settings for the network performance options for the instance.",
       "properties": {
         "BandwidthWeighting": {
-          "description": "Specifies the performance options of your instance or sets it to default.",
+          "description": "Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, as follows:\n  + default This option uses the standard bandwidth configuration for your instance type. + vpc-1 This option boosts your networking baseline bandwidth and reduces your EBS baseline bandwidth. + ebs-1 This option boosts your EBS baseline bandwidth and reduces your networking baseline bandwidth.",
           "type": "string"
         }
       },
diff --git a/src/schema/aws-ec2-networkacl.json b/src/schema/aws-ec2-networkacl.json
index 4a792add..4bd86908 100644
--- a/src/schema/aws-ec2-networkacl.json
+++ b/src/schema/aws-ec2-networkacl.json
@@ -90,6 +90,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2.git",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DeleteTags"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-ec2-networkinsightsaccessscopeanalysis.json b/src/schema/aws-ec2-networkinsightsaccessscopeanalysis.json
index 9cdab788..ec8dc1d8 100644
--- a/src/schema/aws-ec2-networkinsightsaccessscopeanalysis.json
+++ b/src/schema/aws-ec2-networkinsightsaccessscopeanalysis.json
@@ -127,5 +127,16 @@
     "NetworkInsightsAccessScopeId"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2-ni.git",
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DeleteTags"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::EC2::NetworkInsightsAccessScopeAnalysis"
 }
diff --git a/src/schema/aws-ec2-networkinsightsanalysis.json b/src/schema/aws-ec2-networkinsightsanalysis.json
index 1d2c6725..9d50d7e9 100644
--- a/src/schema/aws-ec2-networkinsightsanalysis.json
+++ b/src/schema/aws-ec2-networkinsightsanalysis.json
@@ -702,5 +702,16 @@
     "NetworkInsightsPathId"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2-ni.git",
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DeleteTags"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::EC2::NetworkInsightsAnalysis"
 }
diff --git a/src/schema/aws-ec2-routeserver.json b/src/schema/aws-ec2-routeserver.json
new file mode 100644
index 00000000..83cd7bbb
--- /dev/null
+++ b/src/schema/aws-ec2-routeserver.json
@@ -0,0 +1,144 @@
+{
+  "additionalProperties": false,
+  "createOnlyProperties": [
+    "/properties/AmazonSideAsn"
+  ],
+  "definitions": {
+    "Tag": {
+      "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
+      "properties": {
+        "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 128,
+          "minLength": 1,
+          "type": "string"
+        },
+        "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 256,
+          "minLength": 0,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Key",
+        "Value"
+      ],
+      "type": "object"
+    }
+  },
+  "description": "VPC Route Server",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "ec2:CreateRouteServer",
+        "ec2:CreateTags",
+        "ec2:DescribeRouteServers",
+        "sns:CreateTopic"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "ec2:DescribeTags",
+        "ec2:DescribeRouteServers",
+        "ec2:DeleteRouteServer",
+        "ec2:DeleteTags",
+        "sns:DeleteTopic"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "ec2:DescribeTags",
+        "ec2:DescribeRouteServers"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "ec2:DescribeRouteServers",
+        "ec2:DescribeTags"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "ec2:CreateTags",
+        "ec2:DeleteTags",
+        "ec2:DescribeRouteServers",
+        "ec2:DescribeTags",
+        "ec2:ModifyRouteServer"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/Id"
+  ],
+  "properties": {
+    "AmazonSideAsn": {
+      "description": "The Amazon-side ASN of the Route Server.",
+      "format": "int64",
+      "maximum": 4294967294,
+      "minimum": 1,
+      "type": "integer"
+    },
+    "Arn": {
+      "description": "The Amazon Resource Name (ARN) of the Route Server.",
+      "type": "string"
+    },
+    "Id": {
+      "description": "The ID of the Route Server.",
+      "type": "string"
+    },
+    "PersistRoutes": {
+      "description": "Whether to enable persistent routes",
+      "enum": [
+        "enable",
+        "disable"
+      ],
+      "type": "string"
+    },
+    "PersistRoutesDuration": {
+      "description": "The duration of persistent routes in minutes",
+      "format": "int64",
+      "maximum": 5,
+      "minimum": 0,
+      "type": "integer"
+    },
+    "SnsNotificationsEnabled": {
+      "description": "Whether to enable SNS notifications",
+      "type": "boolean"
+    },
+    "Tags": {
+      "description": "An array of key-value pairs to apply to this resource.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": false
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/Arn",
+    "/properties/Id"
+  ],
+  "required": [
+    "AmazonSideAsn"
+  ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DescribeTags",
+      "ec2:DeleteTags"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
+  "typeName": "AWS::EC2::RouteServer",
+  "writeOnlyProperties": [
+    "/properties/PersistRoutesDuration"
+  ]
+}
diff --git a/src/schema/aws-ec2-routeserverassociation.json b/src/schema/aws-ec2-routeserverassociation.json
new file mode 100644
index 00000000..b14bf6c6
--- /dev/null
+++ b/src/schema/aws-ec2-routeserverassociation.json
@@ -0,0 +1,60 @@
+{
+  "additionalProperties": false,
+  "createOnlyProperties": [
+    "/properties/RouteServerId",
+    "/properties/VpcId"
+  ],
+  "definitions": {},
+  "description": "VPC Route Server Association",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "ec2:AssociateRouteServer",
+        "ec2:GetRouteServerAssociations"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "ec2:GetRouteServerAssociations",
+        "ec2:DisassociateRouteServer"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "ec2:DescribeRouteServers",
+        "ec2:GetRouteServerAssociations"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "ec2:GetRouteServerAssociations"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/RouteServerId",
+    "/properties/VpcId"
+  ],
+  "properties": {
+    "RouteServerId": {
+      "description": "Route Server ID",
+      "type": "string"
+    },
+    "VpcId": {
+      "description": "VPC ID",
+      "type": "string"
+    }
+  },
+  "required": [
+    "RouteServerId",
+    "VpcId"
+  ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "tagOnCreate": false,
+    "tagUpdatable": false,
+    "taggable": false
+  },
+  "typeName": "AWS::EC2::RouteServerAssociation"
+}
diff --git a/src/schema/aws-ec2-routeserverendpoint.json b/src/schema/aws-ec2-routeserverendpoint.json
new file mode 100644
index 00000000..edad254c
--- /dev/null
+++ b/src/schema/aws-ec2-routeserverendpoint.json
@@ -0,0 +1,147 @@
+{
+  "additionalProperties": false,
+  "createOnlyProperties": [
+    "/properties/RouteServerId",
+    "/properties/SubnetId"
+  ],
+  "definitions": {
+    "Tag": {
+      "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
+      "properties": {
+        "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 128,
+          "minLength": 1,
+          "type": "string"
+        },
+        "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 256,
+          "minLength": 0,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Key",
+        "Value"
+      ],
+      "type": "object"
+    }
+  },
+  "description": "VPC Route Server Endpoint",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "ec2:CreateRouteServerEndpoint",
+        "ec2:CreateTags",
+        "ec2:DescribeRouteServerEndpoints",
+        "ec2:CreateNetworkInterface",
+        "ec2:CreateNetworkInterfacePermission",
+        "ec2:CreateSecurityGroup",
+        "ec2:DescribeSecurityGroups",
+        "ec2:AuthorizeSecurityGroupIngress"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "ec2:DescribeTags",
+        "ec2:DescribeRouteServerEndpoints",
+        "ec2:DeleteRouteServerEndpoint",
+        "ec2:DeleteTags",
+        "ec2:DeleteNetworkInterface",
+        "ec2:DeleteSecurityGroup",
+        "ec2:DescribeSecurityGroups",
+        "ec2:RevokeSecurityGroupIngress"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "ec2:DescribeTags",
+        "ec2:DescribeRouteServerEndpoints"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "ec2:DescribeRouteServerEndpoints",
+        "ec2:DescribeTags"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "ec2:CreateTags",
+        "ec2:DeleteTags",
+        "ec2:DescribeRouteServerEndpoints",
+        "ec2:DescribeTags",
+        "ec2:ModifyRouteServerEndpoint"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/Id"
+  ],
+  "properties": {
+    "Arn": {
+      "description": "The Amazon Resource Name (ARN) of the Route Server Endpoint.",
+      "type": "string"
+    },
+    "EniAddress": {
+      "description": "Elastic Network Interface IP address owned by the Route Server Endpoint",
+      "type": "string"
+    },
+    "EniId": {
+      "description": "Elastic Network Interface ID owned by the Route Server Endpoint",
+      "type": "string"
+    },
+    "Id": {
+      "description": "The ID of the Route Server Endpoint.",
+      "type": "string"
+    },
+    "RouteServerId": {
+      "description": "Route Server ID",
+      "type": "string"
+    },
+    "SubnetId": {
+      "description": "Subnet ID",
+      "type": "string"
+    },
+    "Tags": {
+      "description": "An array of key-value pairs to apply to this resource.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": false
+    },
+    "VpcId": {
+      "description": "VPC ID",
+      "type": "string"
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/Arn",
+    "/properties/Id",
+    "/properties/EniId",
+    "/properties/EniAddress",
+    "/properties/VpcId"
+  ],
+  "required": [
+    "RouteServerId",
+    "SubnetId"
+  ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DescribeTags",
+      "ec2:DeleteTags"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
+  "typeName": "AWS::EC2::RouteServerEndpoint"
+}
diff --git a/src/schema/aws-ec2-routeserverpeer.json b/src/schema/aws-ec2-routeserverpeer.json
new file mode 100644
index 00000000..59b22868
--- /dev/null
+++ b/src/schema/aws-ec2-routeserverpeer.json
@@ -0,0 +1,177 @@
+{
+  "additionalProperties": false,
+  "createOnlyProperties": [
+    "/properties/RouteServerEndpointId",
+    "/properties/PeerAddress",
+    "/properties/BgpOptions"
+  ],
+  "definitions": {
+    "BgpOptions": {
+      "additionalProperties": false,
+      "description": "BGP Options",
+      "properties": {
+        "PeerAsn": {
+          "description": "BGP ASN of the Route Server Peer",
+          "format": "int64",
+          "maximum": 4294967294,
+          "minimum": 1,
+          "type": "integer"
+        },
+        "PeerLivenessDetection": {
+          "description": "BGP Liveness Detection",
+          "enum": [
+            "bfd",
+            "bgp-keepalive"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Tag": {
+      "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
+      "properties": {
+        "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 128,
+          "minLength": 1,
+          "type": "string"
+        },
+        "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 256,
+          "minLength": 0,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Key",
+        "Value"
+      ],
+      "type": "object"
+    }
+  },
+  "description": "VPC Route Server Peer",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "ec2:CreateRouteServerPeer",
+        "ec2:CreateTags",
+        "ec2:DescribeRouteServerPeers",
+        "ec2:AuthorizeSecurityGroupIngress"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "ec2:DescribeTags",
+        "ec2:DescribeRouteServerPeers",
+        "ec2:DeleteRouteServerPeer",
+        "ec2:DeleteTags",
+        "ec2:RevokeSecurityGroupIngress"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "ec2:DescribeTags",
+        "ec2:DescribeRouteServerPeers"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "ec2:DescribeRouteServerPeers",
+        "ec2:DescribeTags"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "ec2:CreateTags",
+        "ec2:DeleteTags",
+        "ec2:DescribeRouteServerPeers",
+        "ec2:DescribeTags",
+        "ec2:ModifyRouteServerPeer"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/Id"
+  ],
+  "properties": {
+    "Arn": {
+      "description": "The Amazon Resource Name (ARN) of the Route Server Peer.",
+      "type": "string"
+    },
+    "BgpOptions": {
+      "$ref": "#/definitions/BgpOptions"
+    },
+    "EndpointEniAddress": {
+      "description": "Elastic Network Interface IP address owned by the Route Server Endpoint",
+      "type": "string"
+    },
+    "EndpointEniId": {
+      "description": "Elastic Network Interface ID owned by the Route Server Endpoint",
+      "type": "string"
+    },
+    "Id": {
+      "description": "The ID of the Route Server Peer.",
+      "type": "string"
+    },
+    "PeerAddress": {
+      "description": "IP address of the Route Server Peer",
+      "type": "string"
+    },
+    "RouteServerEndpointId": {
+      "description": "Route Server Endpoint ID",
+      "type": "string"
+    },
+    "RouteServerId": {
+      "description": "Route Server ID",
+      "type": "string"
+    },
+    "SubnetId": {
+      "description": "Subnet ID",
+      "type": "string"
+    },
+    "Tags": {
+      "description": "An array of key-value pairs to apply to this resource.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": false
+    },
+    "VpcId": {
+      "description": "VPC ID",
+      "type": "string"
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/Arn",
+    "/properties/Id",
+    "/properties/RouteServerId",
+    "/properties/EndpointEniId",
+    "/properties/EndpointEniAddress",
+    "/properties/SubnetId",
+    "/properties/VpcId"
+  ],
+  "required": [
+    "RouteServerEndpointId",
+    "PeerAddress",
+    "BgpOptions"
+  ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DescribeTags",
+      "ec2:DeleteTags"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
+  "typeName": "AWS::EC2::RouteServerPeer"
+}
diff --git a/src/schema/aws-ec2-routeserverpropagation.json b/src/schema/aws-ec2-routeserverpropagation.json
new file mode 100644
index 00000000..4224e02f
--- /dev/null
+++ b/src/schema/aws-ec2-routeserverpropagation.json
@@ -0,0 +1,60 @@
+{
+  "additionalProperties": false,
+  "createOnlyProperties": [
+    "/properties/RouteServerId",
+    "/properties/RouteTableId"
+  ],
+  "definitions": {},
+  "description": "VPC Route Server Propagation",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "ec2:EnableRouteServerPropagation",
+        "ec2:GetRouteServerPropagations"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "ec2:GetRouteServerPropagations",
+        "ec2:DisableRouteServerPropagation"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "ec2:DescribeRouteServers",
+        "ec2:GetRouteServerPropagations"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "ec2:GetRouteServerPropagations"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/RouteServerId",
+    "/properties/RouteTableId"
+  ],
+  "properties": {
+    "RouteServerId": {
+      "description": "Route Server ID",
+      "type": "string"
+    },
+    "RouteTableId": {
+      "description": "Route Table ID",
+      "type": "string"
+    }
+  },
+  "required": [
+    "RouteServerId",
+    "RouteTableId"
+  ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "tagOnCreate": false,
+    "tagUpdatable": false,
+    "taggable": false
+  },
+  "typeName": "AWS::EC2::RouteServerPropagation"
+}
diff --git a/src/schema/aws-ec2-routetable.json b/src/schema/aws-ec2-routetable.json
index e3540f81..4e49e7c1 100644
--- a/src/schema/aws-ec2-routetable.json
+++ b/src/schema/aws-ec2-routetable.json
@@ -88,6 +88,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "ec2:CreateTags",
+      "ec2:DeleteTags"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-ec2-transitgatewayconnect.json b/src/schema/aws-ec2-transitgatewayconnect.json
index 913c3e9d..87ea898e 100644
--- a/src/schema/aws-ec2-transitgatewayconnect.json
+++ b/src/schema/aws-ec2-transitgatewayconnect.json
@@ -36,31 +36,36 @@
       "permissions": [
         "ec2:CreateTransitGatewayConnect",
         "ec2:DescribeTransitGatewayConnects",
-        "ec2:CreateTags"
+        "ec2:CreateTags",
+        "ec2:DescribeTags"
       ]
     },
     "delete": {
       "permissions": [
         "ec2:DeleteTransitGatewayConnect",
         "ec2:DescribeTransitGatewayConnects",
-        "ec2:DeleteTags"
+        "ec2:DeleteTags",
+        "ec2:DescribeTags"
       ]
     },
     "list": {
       "permissions": [
-        "ec2:DescribeTransitGatewayConnects"
+        "ec2:DescribeTransitGatewayConnects",
+        "ec2:DescribeTags"
       ]
     },
     "read": {
       "permissions": [
-        "ec2:DescribeTransitGatewayConnects"
+        "ec2:DescribeTransitGatewayConnects",
+        "ec2:DescribeTags"
       ]
     },
     "update": {
       "permissions": [
         "ec2:DescribeTransitGatewayConnects",
         "ec2:DeleteTags",
-        "ec2:CreateTags"
+        "ec2:CreateTags",
+        "ec2:DescribeTags"
       ]
     }
   },
diff --git a/src/schema/aws-ec2-transitgatewaymulticastdomain.json b/src/schema/aws-ec2-transitgatewaymulticastdomain.json
index 868af7b3..e863ce42 100644
--- a/src/schema/aws-ec2-transitgatewaymulticastdomain.json
+++ b/src/schema/aws-ec2-transitgatewaymulticastdomain.json
@@ -25,31 +25,36 @@
       "permissions": [
         "ec2:DescribeTransitGatewayMulticastDomains",
         "ec2:CreateTransitGatewayMulticastDomain",
-        "ec2:CreateTags"
+        "ec2:CreateTags",
+        "ec2:DescribeTags"
       ]
     },
     "delete": {
       "permissions": [
         "ec2:DescribeTransitGatewayMulticastDomains",
         "ec2:DeleteTransitGatewayMulticastDomain",
-        "ec2:DeleteTags"
+        "ec2:DeleteTags",
+        "ec2:DescribeTags"
       ]
     },
     "list": {
       "permissions": [
-        "ec2:DescribeTransitGatewayMulticastDomains"
+        "ec2:DescribeTransitGatewayMulticastDomains",
+        "ec2:DescribeTags"
       ]
     },
     "read": {
       "permissions": [
-        "ec2:DescribeTransitGatewayMulticastDomains"
+        "ec2:DescribeTransitGatewayMulticastDomains",
+        "ec2:DescribeTags"
       ]
     },
     "update": {
       "permissions": [
         "ec2:DescribeTransitGatewayMulticastDomains",
         "ec2:DeleteTags",
-        "ec2:CreateTags"
+        "ec2:CreateTags",
+        "ec2:DescribeTags"
       ]
     }
   },
diff --git a/src/schema/aws-ec2-vpcendpoint.json b/src/schema/aws-ec2-vpcendpoint.json
index 9e077d47..079570c3 100644
--- a/src/schema/aws-ec2-vpcendpoint.json
+++ b/src/schema/aws-ec2-vpcendpoint.json
@@ -5,14 +5,16 @@
     "/properties/VpcEndpointType",
     "/properties/VpcId",
     "/properties/ServiceNetworkArn",
-    "/properties/ResourceConfigurationArn"
+    "/properties/ResourceConfigurationArn",
+    "/properties/ServiceRegion"
   ],
   "definitions": {
     "DnsOptionsSpecification": {
       "additionalProperties": false,
-      "description": "",
+      "description": "Describes the DNS options for an endpoint.",
       "properties": {
         "DnsRecordIpType": {
+          "description": "The DNS records created for the endpoint.",
           "enum": [
             "ipv4",
             "ipv6",
@@ -23,6 +25,7 @@
           "type": "string"
         },
         "PrivateDnsOnlyForInboundResolverEndpoint": {
+          "description": "Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint.",
           "enum": [
             "OnlyInboundResolver",
             "AllResolvers",
@@ -35,12 +38,14 @@
     },
     "Tag": {
       "additionalProperties": false,
-      "description": "",
+      "description": "Describes a tag.",
       "properties": {
         "Key": {
+          "description": "The key of the tag.\n Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with ``aws:``.",
           "type": "string"
         },
         "Value": {
+          "description": "The value of the tag.\n Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.",
           "type": "string"
         }
       },
@@ -62,7 +67,8 @@
         "vpc-lattice:CreateServiceNetworkVpcEndpointAssociation",
         "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation",
         "ec2:CreateTags",
-        "ec2:DeleteTags"
+        "ec2:DeleteTags",
+        "vpce:AllowMultiRegion"
       ],
       "timeoutInMinutes": 210
     },
@@ -74,7 +80,8 @@
         "ec2:DescribeSecurityGroups",
         "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation",
         "ec2:CreateTags",
-        "ec2:DeleteTags"
+        "ec2:DeleteTags",
+        "vpce:AllowMultiRegion"
       ],
       "timeoutInMinutes": 210
     },
@@ -103,7 +110,8 @@
         "vpc-lattice:CreateServiceNetworkVpcEndpointAssociation",
         "vpc-lattice:DescribeServiceNetworkVpcEndpointAssociation",
         "ec2:CreateTags",
-        "ec2:DeleteTags"
+        "ec2:DeleteTags",
+        "vpce:AllowMultiRegion"
       ],
       "timeoutInMinutes": 210
     }
@@ -127,14 +135,14 @@
     },
     "DnsOptions": {
       "$ref": "#/definitions/DnsOptionsSpecification",
-      "description": ""
+      "description": "Describes the DNS options for an endpoint."
     },
     "Id": {
       "description": "",
       "type": "string"
     },
     "IpAddressType": {
-      "description": "",
+      "description": "The supported IP address types.",
       "enum": [
         "ipv4",
         "ipv6",
@@ -164,7 +172,7 @@
       "type": "boolean"
     },
     "ResourceConfigurationArn": {
-      "description": "",
+      "description": "The Amazon Resource Name (ARN) of the resource configuration.",
       "type": "string"
     },
     "RouteTableIds": {
@@ -214,6 +222,10 @@
       "type": "string"
     },
     "ServiceNetworkArn": {
+      "description": "The Amazon Resource Name (ARN) of the service network.",
+      "type": "string"
+    },
+    "ServiceRegion": {
       "description": "",
       "type": "string"
     },
@@ -231,7 +243,7 @@
       "uniqueItems": true
     },
     "Tags": {
-      "description": "",
+      "description": "The tags to associate with the endpoint.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/Tag"
@@ -265,7 +277,7 @@
     "VpcId"
   ],
   "tagging": {
-    "cloudFormationSystemTags": false,
+    "cloudFormationSystemTags": true,
     "permissions": [
       "ec2:CreateTags",
       "ec2:DeleteTags",
diff --git a/src/schema/aws-ecr-pullthroughcacherule.json b/src/schema/aws-ecr-pullthroughcacherule.json
index 1b7ab383..c78c060b 100644
--- a/src/schema/aws-ecr-pullthroughcacherule.json
+++ b/src/schema/aws-ecr-pullthroughcacherule.json
@@ -132,7 +132,7 @@
     },
     "CustomRoleArn": {
       "$ref": "#/definitions/CustomRoleArn",
-      "description": ""
+      "description": "The ARN of the IAM role associated with the pull through cache rule."
     },
     "EcrRepositoryPrefix": {
       "$ref": "#/definitions/EcrRepositoryPrefix",
@@ -148,7 +148,7 @@
     },
     "UpstreamRepositoryPrefix": {
       "$ref": "#/definitions/UpstreamRepositoryPrefix",
-      "description": ""
+      "description": "The upstream repository prefix associated with the pull through cache rule."
     }
   },
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ecr.git",
diff --git a/src/schema/aws-ecr-registryscanningconfiguration.json b/src/schema/aws-ecr-registryscanningconfiguration.json
new file mode 100644
index 00000000..36442aa8
--- /dev/null
+++ b/src/schema/aws-ecr-registryscanningconfiguration.json
@@ -0,0 +1,154 @@
+{
+  "additionalProperties": false,
+  "definitions": {
+    "Filter": {
+      "description": "The filter to use when scanning.",
+      "pattern": "^[a-z0-9*](?:[._\\-/a-z0-9*]?[a-z0-9*]+)*$",
+      "type": "string"
+    },
+    "FilterType": {
+      "description": "The type associated with the filter.",
+      "enum": [
+        "WILDCARD"
+      ],
+      "type": "string"
+    },
+    "RegistryId": {
+      "description": "The registry id.",
+      "pattern": "^[0-9]{12}$",
+      "type": "string"
+    },
+    "RepositoryFilter": {
+      "additionalProperties": false,
+      "description": "The details of a scanning repository filter.",
+      "properties": {
+        "Filter": {
+          "$ref": "#/definitions/Filter"
+        },
+        "FilterType": {
+          "$ref": "#/definitions/FilterType"
+        }
+      },
+      "required": [
+        "Filter",
+        "FilterType"
+      ],
+      "type": "object"
+    },
+    "ScanFrequency": {
+      "description": "The frequency that scans are performed.",
+      "enum": [
+        "SCAN_ON_PUSH",
+        "CONTINUOUS_SCAN"
+      ],
+      "type": "string"
+    },
+    "ScanType": {
+      "description": "The type of scanning configured for the registry.",
+      "enum": [
+        "BASIC",
+        "ENHANCED"
+      ],
+      "type": "string"
+    },
+    "ScanningRule": {
+      "additionalProperties": false,
+      "description": "A rule representing the details of a scanning configuration.",
+      "properties": {
+        "RepositoryFilters": {
+          "description": "The repository filters associated with the scanning configuration for a private registry.",
+          "insertionOrder": false,
+          "items": {
+            "$ref": "#/definitions/RepositoryFilter"
+          },
+          "maxItems": 100,
+          "minItems": 0,
+          "type": "array"
+        },
+        "ScanFrequency": {
+          "$ref": "#/definitions/ScanFrequency"
+        }
+      },
+      "required": [
+        "ScanFrequency",
+        "RepositoryFilters"
+      ],
+      "type": "object"
+    },
+    "ScanningRules": {
+      "description": "The scanning rules associated with the registry. A registry scanning configuration may contain a maximum of 2 rules.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/ScanningRule"
+      },
+      "maxItems": 2,
+      "minItems": 0,
+      "type": "array"
+    }
+  },
+  "description": "The AWS::ECR::RegistryScanningConfiguration controls the scanning configuration for an Amazon Elastic Container Registry (Amazon Private ECR). For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "ecr:PutRegistryScanningConfiguration",
+        "ecr:GetRegistryScanningConfiguration",
+        "inspector2:Enable",
+        "iam:CreateServiceLinkedRole"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "ecr:PutRegistryScanningConfiguration",
+        "ecr:GetRegistryScanningConfiguration",
+        "inspector2:ListAccountPermissions",
+        "inspector2:Disable"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "ecr:GetRegistryScanningConfiguration"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "ecr:GetRegistryScanningConfiguration"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "ecr:PutRegistryScanningConfiguration",
+        "ecr:GetRegistryScanningConfiguration",
+        "inspector2:Enable",
+        "inspector2:Disable",
+        "inspector2:ListAccountPermissions",
+        "iam:CreateServiceLinkedRole"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/RegistryId"
+  ],
+  "properties": {
+    "RegistryId": {
+      "$ref": "#/definitions/RegistryId"
+    },
+    "Rules": {
+      "$ref": "#/definitions/ScanningRules"
+    },
+    "ScanType": {
+      "$ref": "#/definitions/ScanType"
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/RegistryId"
+  ],
+  "required": [
+    "Rules",
+    "ScanType"
+  ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ecr.git",
+  "tagging": {
+    "taggable": false
+  },
+  "typeName": "AWS::ECR::RegistryScanningConfiguration"
+}
diff --git a/src/schema/aws-eks-cluster.json b/src/schema/aws-eks-cluster.json
index 42911a42..35d27738 100644
--- a/src/schema/aws-eks-cluster.json
+++ b/src/schema/aws-eks-cluster.json
@@ -8,8 +8,7 @@
     "/properties/AccessConfig/BootstrapClusterCreatorAdminPermissions",
     "/properties/Name",
     "/properties/RoleArn",
-    "/properties/BootstrapSelfManagedAddons",
-    "/properties/RemoteNetworkConfig"
+    "/properties/BootstrapSelfManagedAddons"
   ],
   "definitions": {
     "AccessConfig": {
diff --git a/src/schema/aws-elasticloadbalancingv2-listener.json b/src/schema/aws-elasticloadbalancingv2-listener.json
index 293850c0..aed55460 100644
--- a/src/schema/aws-elasticloadbalancingv2-listener.json
+++ b/src/schema/aws-elasticloadbalancingv2-listener.json
@@ -286,7 +286,7 @@
       "description": "The mutual authentication configuration information.",
       "properties": {
         "AdvertiseTrustStoreCaNames": {
-          "description": "Indicates whether trust store CA certificate names are advertised. The default value is ``off``.",
+          "description": "Indicates whether trust store CA certificate names are advertised.",
           "type": "string"
         },
         "IgnoreClientCertificateExpiry": {
@@ -294,7 +294,7 @@
           "type": "boolean"
         },
         "Mode": {
-          "description": "The client certificate handling method. The possible values are ``off``, ``passthrough``, and ``verify``. The default value is ``off``.",
+          "description": "The client certificate handling method. Options are ``off``, ``passthrough`` or ``verify``. The default value is ``off``.",
           "type": "string"
         },
         "TrustStoreArn": {
diff --git a/src/schema/aws-emr-step.json b/src/schema/aws-emr-step.json
index 6d316e70..b5298080 100644
--- a/src/schema/aws-emr-step.json
+++ b/src/schema/aws-emr-step.json
@@ -58,6 +58,9 @@
     },
     "delete": {
       "permissions": []
+    },
+    "read": {
+      "permissions": []
     }
   },
   "primaryIdentifier": [
diff --git a/src/schema/aws-events-apidestination.json b/src/schema/aws-events-apidestination.json
index b6226194..ca9925b1 100644
--- a/src/schema/aws-events-apidestination.json
+++ b/src/schema/aws-events-apidestination.json
@@ -43,6 +43,11 @@
       "pattern": "^arn:aws([a-z]|\\-)*:events:([a-z]|\\d|\\-)*:([0-9]{12})?:api-destination/[\\.\\-_A-Za-z0-9]+/[\\-A-Za-z0-9]+$",
       "type": "string"
     },
+    "ArnForPolicy": {
+      "description": "The arn of the api destination to be used in IAM policies.",
+      "pattern": "^arn:aws([a-z]|\\-)*:events:([a-z]|\\d|\\-)*:([0-9]{12})?:api-destination/[\\.\\-_A-Za-z0-9]+$",
+      "type": "string"
+    },
     "ConnectionArn": {
       "description": "The arn of the connection.",
       "pattern": "^arn:aws([a-z]|\\-)*:events:([a-z]|\\d|\\-)*:([0-9]{12})?:connection/[\\.\\-_A-Za-z0-9]+/[\\-A-Za-z0-9]+$",
@@ -82,7 +87,8 @@
     }
   },
   "readOnlyProperties": [
-    "/properties/Arn"
+    "/properties/Arn",
+    "/properties/ArnForPolicy"
   ],
   "required": [
     "ConnectionArn",
diff --git a/src/schema/aws-events-archive.json b/src/schema/aws-events-archive.json
index a1092b6f..76b65b66 100644
--- a/src/schema/aws-events-archive.json
+++ b/src/schema/aws-events-archive.json
@@ -9,7 +9,10 @@
     "create": {
       "permissions": [
         "events:DescribeArchive",
-        "events:CreateArchive"
+        "events:CreateArchive",
+        "kms:DescribeKey",
+        "kms:GenerateDataKey",
+        "kms:Decrypt"
       ]
     },
     "delete": {
@@ -25,13 +28,19 @@
     },
     "read": {
       "permissions": [
-        "events:DescribeArchive"
+        "events:DescribeArchive",
+        "kms:Decrypt"
       ]
     },
     "update": {
       "permissions": [
         "events:DescribeArchive",
-        "events:UpdateArchive"
+        "events:UpdateArchive",
+        "kms:DescribeKey",
+        "kms:GenerateDataKey",
+        "kms:Decrypt",
+        "kms:ReEncryptTo",
+        "kms:ReEncryptFrom"
       ]
     }
   },
@@ -55,6 +64,11 @@
     "EventPattern": {
       "type": "object"
     },
+    "KmsKeyIdentifier": {
+      "maxLength": 2048,
+      "minLength": 0,
+      "type": "string"
+    },
     "RetentionDays": {
       "type": "integer"
     },
diff --git a/src/schema/aws-events-connection.json b/src/schema/aws-events-connection.json
index fb5ca292..901b188f 100644
--- a/src/schema/aws-events-connection.json
+++ b/src/schema/aws-events-connection.json
@@ -215,7 +215,9 @@
         "secretsmanager:CreateSecret",
         "secretsmanager:GetSecretValue",
         "secretsmanager:PutSecretValue",
-        "iam:CreateServiceLinkedRole"
+        "iam:CreateServiceLinkedRole",
+        "kms:DescribeKey",
+        "kms:GenerateDataKey"
       ]
     },
     "delete": {
@@ -231,7 +233,8 @@
     },
     "read": {
       "permissions": [
-        "events:DescribeConnection"
+        "events:DescribeConnection",
+        "kms:Decrypt"
       ]
     },
     "update": {
@@ -241,7 +244,11 @@
         "secretsmanager:CreateSecret",
         "secretsmanager:UpdateSecret",
         "secretsmanager:GetSecretValue",
-        "secretsmanager:PutSecretValue"
+        "secretsmanager:PutSecretValue",
+        "kms:Decrypt",
+        "kms:DescribeKey",
+        "kms:Encrypt",
+        "kms:GenerateDataKey"
       ]
     }
   },
@@ -254,6 +261,11 @@
       "pattern": "^arn:aws([a-z]|\\-)*:events:([a-z]|\\d|\\-)*:([0-9]{12})?:connection\\/[\\.\\-_A-Za-z0-9]+\\/[\\-A-Za-z0-9]+$",
       "type": "string"
     },
+    "ArnForPolicy": {
+      "description": "The arn of the connection resource to be used in IAM policies.",
+      "pattern": "^arn:aws([a-z]|\\-)*:events:([a-z]|\\d|\\-)*:([0-9]{12})?:connection\\/[\\.\\-_A-Za-z0-9]+$",
+      "type": "string"
+    },
     "AuthParameters": {
       "$ref": "#/definitions/AuthParameters"
     },
@@ -283,6 +295,11 @@
       ],
       "type": "object"
     },
+    "KmsKeyIdentifier": {
+      "maxLength": 2048,
+      "pattern": "^[a-zA-Z0-9_\\-/:]*$",
+      "type": "string"
+    },
     "Name": {
       "description": "Name of the connection.",
       "maxLength": 64,
@@ -298,6 +315,7 @@
   },
   "readOnlyProperties": [
     "/properties/Arn",
+    "/properties/ArnForPolicy",
     "/properties/SecretArn",
     "/properties/AuthParameters/ConnectivityParameters/ResourceParameters/ResourceAssociationArn",
     "/properties/InvocationConnectivityParameters/ResourceParameters/ResourceAssociationArn"
diff --git a/src/schema/aws-fms-policy.json b/src/schema/aws-fms-policy.json
index 8ff4d061..c0a2c12f 100644
--- a/src/schema/aws-fms-policy.json
+++ b/src/schema/aws-fms-policy.json
@@ -503,6 +503,17 @@
     "SecurityServicePolicyData"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-fms.git",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "fms:TagResource",
+      "fms:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::FMS::Policy",
   "writeOnlyProperties": [
     "/properties/DeleteAllPolicyResources"
diff --git a/src/schema/aws-fms-resourceset.json b/src/schema/aws-fms-resourceset.json
index 06132bc1..56fe2d32 100644
--- a/src/schema/aws-fms-resourceset.json
+++ b/src/schema/aws-fms-resourceset.json
@@ -138,6 +138,10 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-fms.git",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "fms:TagResource",
+      "fms:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-gamelift-alias.json b/src/schema/aws-gamelift-alias.json
index caa08af6..9981db95 100644
--- a/src/schema/aws-gamelift-alias.json
+++ b/src/schema/aws-gamelift-alias.json
@@ -38,13 +38,37 @@
         "Type"
       ],
       "type": "object"
+    },
+    "Tag": {
+      "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
+      "properties": {
+        "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length.",
+          "maxLength": 128,
+          "minLength": 1,
+          "type": "string"
+        },
+        "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length.",
+          "maxLength": 256,
+          "minLength": 0,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Key",
+        "Value"
+      ],
+      "type": "object"
     }
   },
   "description": "The AWS::GameLift::Alias resource creates an alias for an Amazon GameLift (GameLift) fleet destination.",
   "handlers": {
     "create": {
       "permissions": [
-        "gamelift:CreateAlias"
+        "gamelift:CreateAlias",
+        "gamelift:TagResource"
       ]
     },
     "delete": {
@@ -59,12 +83,17 @@
     },
     "read": {
       "permissions": [
-        "gamelift:DescribeAlias"
+        "gamelift:DescribeAlias",
+        "gamelift:ListTagsForResource"
       ]
     },
     "update": {
       "permissions": [
-        "gamelift:UpdateAlias"
+        "gamelift:UpdateAlias",
+        "gamelift:DescribeAlias",
+        "gamelift:ListTagsForResource",
+        "gamelift:TagResource",
+        "gamelift:UntagResource"
       ]
     }
   },
@@ -72,6 +101,11 @@
     "/properties/AliasId"
   ],
   "properties": {
+    "AliasArn": {
+      "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift Alias resource and uniquely identifies it. ARNs are unique across all Regions. In a GameLift Alias ARN, the resource ID matches the AliasId value.",
+      "pattern": "^arn:.*:alias\\/alias-\\S+",
+      "type": "string"
+    },
     "AliasId": {
       "description": "Unique alias ID",
       "type": "string"
@@ -92,16 +126,38 @@
     "RoutingStrategy": {
       "$ref": "#/definitions/RoutingStrategy",
       "description": "A routing configuration that specifies where traffic is directed for this alias, such as to a fleet or to a message."
+    },
+    "Tags": {
+      "description": "An array of key-value pairs to apply to this resource.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "maxItems": 200,
+      "type": "array",
+      "uniqueItems": true
     }
   },
   "readOnlyProperties": [
-    "/properties/AliasId"
+    "/properties/AliasId",
+    "/properties/AliasArn"
   ],
   "required": [
     "Name",
     "RoutingStrategy"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-gamelift.git",
-  "taggable": true,
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "gamelift:ListTagsForResource",
+      "gamelift:TagResource",
+      "gamelift:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::GameLift::Alias"
 }
diff --git a/src/schema/aws-gamelift-build.json b/src/schema/aws-gamelift-build.json
index 7fe64161..401cb35f 100644
--- a/src/schema/aws-gamelift-build.json
+++ b/src/schema/aws-gamelift-build.json
@@ -33,6 +33,29 @@
         "RoleArn"
       ],
       "type": "object"
+    },
+    "Tag": {
+      "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
+      "properties": {
+        "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length.",
+          "maxLength": 128,
+          "minLength": 1,
+          "type": "string"
+        },
+        "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length.",
+          "maxLength": 256,
+          "minLength": 0,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Key",
+        "Value"
+      ],
+      "type": "object"
     }
   },
   "description": "Resource Type definition for AWS::GameLift::Build",
@@ -40,7 +63,9 @@
     "create": {
       "permissions": [
         "gamelift:DescribeBuild",
-        "gamelift:CreateBuild"
+        "gamelift:CreateBuild",
+        "gamelift:ListTagsForResource",
+        "gamelift:TagResource"
       ]
     },
     "delete": {
@@ -56,12 +81,17 @@
     },
     "read": {
       "permissions": [
-        "gamelift:DescribeBuild"
+        "gamelift:DescribeBuild",
+        "gamelift:ListTagsForResource"
       ]
     },
     "update": {
       "permissions": [
-        "gamelift:UpdateBuild"
+        "gamelift:UpdateBuild",
+        "gamelift:DescribeBuild",
+        "gamelift:TagResource",
+        "gamelift:UntagResource",
+        "gamelift:ListTagsForResource"
       ]
     }
   },
@@ -69,6 +99,11 @@
     "/properties/BuildId"
   ],
   "properties": {
+    "BuildArn": {
+      "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift build resource and uniquely identifies it. ARNs are unique across all Regions. In a GameLift build ARN, the resource ID matches the BuildId value.",
+      "pattern": "^arn:.*:build\\/build-\\S+",
+      "type": "string"
+    },
     "BuildId": {
       "description": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created.",
       "type": "string"
@@ -96,21 +131,38 @@
       "$ref": "#/definitions/StorageLocation",
       "description": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region."
     },
+    "Tags": {
+      "description": "An array of key-value pairs to apply to this resource.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "maxItems": 200,
+      "type": "array",
+      "uniqueItems": true
+    },
     "Version": {
       "description": "Version information that is associated with this build. Version strings do not need to be unique.",
       "type": "string"
     }
   },
   "readOnlyProperties": [
-    "/properties/BuildId"
+    "/properties/BuildId",
+    "/properties/BuildArn"
   ],
   "required": [],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
   "tagging": {
     "cloudFormationSystemTags": false,
-    "tagOnCreate": false,
-    "tagUpdatable": false,
-    "taggable": false
+    "permissions": [
+      "gamelift:ListTagsForResource",
+      "gamelift:TagResource",
+      "gamelift:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
   },
   "typeName": "AWS::GameLift::Build",
   "writeOnlyProperties": [
diff --git a/src/schema/aws-gamelift-containergroupdefinition.json b/src/schema/aws-gamelift-containergroupdefinition.json
index f357210f..9b85f467 100644
--- a/src/schema/aws-gamelift-containergroupdefinition.json
+++ b/src/schema/aws-gamelift-containergroupdefinition.json
@@ -390,12 +390,12 @@
         "ecr:BatchCheckLayerAvailability",
         "ecr:BatchGetImage",
         "ecr:GetDownloadUrlForLayer",
-        "ecr:DescribeImages"
+        "ecr:DescribeImages",
+        "ecr:GetAuthorizationToken"
       ]
     },
     "delete": {
       "permissions": [
-        "gamelift:DescribeContainerGroupDefinition",
         "gamelift:DeleteContainerGroupDefinition"
       ]
     },
@@ -412,6 +412,7 @@
     },
     "update": {
       "permissions": [
+        "gamelift:DescribeContainerGroupDefinition",
         "gamelift:UpdateContainerGroupDefinition",
         "gamelift:ListTagsForResource",
         "gamelift:TagResource",
@@ -549,5 +550,8 @@
     "tagUpdatable": true,
     "taggable": true
   },
-  "typeName": "AWS::GameLift::ContainerGroupDefinition"
+  "typeName": "AWS::GameLift::ContainerGroupDefinition",
+  "writeOnlyProperties": [
+    "/properties/SourceVersionNumber"
+  ]
 }
diff --git a/src/schema/aws-gamelift-gameservergroup.json b/src/schema/aws-gamelift-gameservergroup.json
index 8dc82eb8..d778386f 100644
--- a/src/schema/aws-gamelift-gameservergroup.json
+++ b/src/schema/aws-gamelift-gameservergroup.json
@@ -431,7 +431,18 @@
     "RoleArn"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-gamelift.git",
-  "taggable": true,
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "gamelift:ListTagsForResource",
+      "gamelift:TagResource",
+      "gamelift:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::GameLift::GameServerGroup",
   "writeOnlyProperties": [
     "/properties/DeleteOption",
diff --git a/src/schema/aws-gamelift-gamesessionqueue.json b/src/schema/aws-gamelift-gamesessionqueue.json
index 7032f34c..94f122b1 100644
--- a/src/schema/aws-gamelift-gamesessionqueue.json
+++ b/src/schema/aws-gamelift-gamesessionqueue.json
@@ -153,7 +153,8 @@
         "gamelift:UpdateGameSessionQueue",
         "gamelift:ListTagsForResource",
         "gamelift:TagResource",
-        "gamelift:UntagResource"
+        "gamelift:UntagResource",
+        "gamelift:DescribeGameSessionQueues"
       ]
     }
   },
@@ -240,7 +241,14 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-gamelift.git",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "gamelift:ListTagsForResource",
+      "gamelift:TagResource",
+      "gamelift:UntagResource"
+    ],
+    "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
     "taggable": true
   },
   "typeName": "AWS::GameLift::GameSessionQueue"
diff --git a/src/schema/aws-gamelift-script.json b/src/schema/aws-gamelift-script.json
index da5e4fce..6dc79c45 100644
--- a/src/schema/aws-gamelift-script.json
+++ b/src/schema/aws-gamelift-script.json
@@ -161,7 +161,14 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-gamelift.git",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "gamelift:ListTagsForResource",
+      "gamelift:TagResource",
+      "gamelift:UntagResource"
+    ],
+    "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
     "taggable": true
   },
   "typeName": "AWS::GameLift::Script"
diff --git a/src/schema/aws-iam-role.json b/src/schema/aws-iam-role.json
index 6c1fafe1..3fe7dc96 100644
--- a/src/schema/aws-iam-role.json
+++ b/src/schema/aws-iam-role.json
@@ -37,7 +37,7 @@
           "type": "string"
         },
         "Value": {
-          "description": "The value associated with this tag. For example, tags with a key name of ``Department`` could have values such as ``Human Resources``, ``Accounting``, and ``Support``. Tags with a key name of ``Cost Center`` might have values that consist of the number associated with the different cost centers in your company. Typically, many resources have tags with the same key name but with different values.\n   AWS always interprets the tag ``Value`` as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.",
+          "description": "The value associated with this tag. For example, tags with a key name of ``Department`` could have values such as ``Human Resources``, ``Accounting``, and ``Support``. Tags with a key name of ``Cost Center`` might have values that consist of the number associated with the different cost centers in your company. Typically, many resources have tags with the same key name but with different values.",
           "type": "string"
         }
       },
diff --git a/src/schema/aws-iam-user.json b/src/schema/aws-iam-user.json
index befb6c42..cbb53849 100644
--- a/src/schema/aws-iam-user.json
+++ b/src/schema/aws-iam-user.json
@@ -53,7 +53,7 @@
           "type": "string"
         },
         "Value": {
-          "description": "The value associated with this tag. For example, tags with a key name of ``Department`` could have values such as ``Human Resources``, ``Accounting``, and ``Support``. Tags with a key name of ``Cost Center`` might have values that consist of the number associated with the different cost centers in your company. Typically, many resources have tags with the same key name but with different values.\n   AWS always interprets the tag ``Value`` as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.",
+          "description": "The value associated with this tag. For example, tags with a key name of ``Department`` could have values such as ``Human Resources``, ``Accounting``, and ``Support``. Tags with a key name of ``Cost Center`` might have values that consist of the number associated with the different cost centers in your company. Typically, many resources have tags with the same key name but with different values.",
           "type": "string"
         }
       },
diff --git a/src/schema/aws-imagebuilder-component.json b/src/schema/aws-imagebuilder-component.json
index a7ab7f46..27bde0d8 100644
--- a/src/schema/aws-imagebuilder-component.json
+++ b/src/schema/aws-imagebuilder-component.json
@@ -177,7 +177,6 @@
   "typeName": "AWS::ImageBuilder::Component",
   "writeOnlyProperties": [
     "/properties/Data",
-    "/properties/Uri",
-    "/properties/Platform"
+    "/properties/Uri"
   ]
 }
diff --git a/src/schema/aws-iot-jobtemplate.json b/src/schema/aws-iot-jobtemplate.json
index bab44808..ac3b5278 100644
--- a/src/schema/aws-iot-jobtemplate.json
+++ b/src/schema/aws-iot-jobtemplate.json
@@ -10,10 +10,10 @@
     "/properties/JobExecutionsRolloutConfig",
     "/properties/AbortConfig",
     "/properties/PresignedUrlConfig",
-    "/properties/Tags",
     "/properties/DestinationPackageVersions",
     "/properties/JobExecutionsRetryConfig",
-    "/properties/MaintenanceWindows"
+    "/properties/MaintenanceWindows",
+    "/properties/Tags"
   ],
   "definitions": {
     "AbortCriteria": {
@@ -214,7 +214,7 @@
       "type": "number"
     }
   },
-  "description": "Job templates enable you to preconfigure jobs so that you can deploy them to multiple sets of target devices.",
+  "description": "Resource Type definition for AWS::IoT::JobTemplate. Job templates enable you to preconfigure jobs so that you can deploy them to multiple sets of target devices.",
   "documentationUrl": "https://docs.aws.amazon.com/iot/latest/developerguide/job-templates.html",
   "handlers": {
     "create": {
@@ -237,7 +237,8 @@
     },
     "read": {
       "permissions": [
-        "iot:DescribeJobTemplate"
+        "iot:DescribeJobTemplate",
+        "iot:ListTagsForResource"
       ]
     }
   },
@@ -385,11 +386,21 @@
     "Description"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-iot.git",
-  "taggable": true,
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "iot:TagResource",
+      "iot:UntagResource",
+      "iot:ListTagsForResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": false,
+    "taggable": true
+  },
   "typeName": "AWS::IoT::JobTemplate",
   "writeOnlyProperties": [
     "/properties/JobArn",
-    "/properties/Tags",
     "/properties/Document",
     "/properties/DocumentSource",
     "/properties/TimeoutConfig",
diff --git a/src/schema/aws-iotsitewise-dataset.json b/src/schema/aws-iotsitewise-dataset.json
new file mode 100644
index 00000000..49a69b66
--- /dev/null
+++ b/src/schema/aws-iotsitewise-dataset.json
@@ -0,0 +1,177 @@
+{
+  "additionalProperties": false,
+  "definitions": {
+    "DatasetSource": {
+      "additionalProperties": false,
+      "properties": {
+        "SourceDetail": {
+          "$ref": "#/definitions/SourceDetail",
+          "description": "The details of the dataset source associated with the dataset."
+        },
+        "SourceFormat": {
+          "description": "The format of the dataset source associated with the dataset.",
+          "enum": [
+            "KNOWLEDGE_BASE"
+          ],
+          "type": "string"
+        },
+        "SourceType": {
+          "description": "The type of data source for the dataset.",
+          "enum": [
+            "KENDRA"
+          ],
+          "type": "string"
+        }
+      },
+      "required": [
+        "SourceFormat",
+        "SourceType"
+      ],
+      "type": "object"
+    },
+    "KendraSourceDetail": {
+      "additionalProperties": false,
+      "properties": {
+        "KnowledgeBaseArn": {
+          "description": "The knowledgeBaseArn details for the Kendra dataset source.",
+          "type": "string"
+        },
+        "RoleArn": {
+          "description": "The roleARN details for the Kendra dataset source.",
+          "type": "string"
+        }
+      },
+      "required": [
+        "KnowledgeBaseArn",
+        "RoleArn"
+      ],
+      "type": "object"
+    },
+    "SourceDetail": {
+      "additionalProperties": false,
+      "properties": {
+        "Kendra": {
+          "$ref": "#/definitions/KendraSourceDetail",
+          "description": "Contains details about the Kendra dataset source."
+        }
+      },
+      "type": "object"
+    },
+    "Tag": {
+      "additionalProperties": false,
+      "properties": {
+        "Key": {
+          "type": "string"
+        },
+        "Value": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "Value",
+        "Key"
+      ],
+      "type": "object"
+    }
+  },
+  "description": "Resource schema for AWS::IoTSiteWise::Dataset.",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "iotsitewise:CreateDataset",
+        "iotsitewise:DescribeDataset",
+        "iam:PassRole",
+        "iotsitewise:ListTagsForResource",
+        "iotsitewise:TagResource"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "iotsitewise:DeleteDataset",
+        "iotsitewise:DescribeDataset",
+        "iotsitewise:ListTagsForResource"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "iotsitewise:ListDatasets",
+        "iotsitewise:ListTagsForResource"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "iotsitewise:DescribeDataset",
+        "iotsitewise:ListTagsForResource"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "iotsitewise:UpdateDataset",
+        "iotsitewise:DescribeDataset",
+        "iam:PassRole",
+        "iotsitewise:ListTagsForResource",
+        "iotsitewise:TagResource",
+        "iotsitewise:UntagResource"
+      ]
+    }
+  },
+  "primaryIdentifier": [
+    "/properties/DatasetId"
+  ],
+  "properties": {
+    "DatasetArn": {
+      "description": "The ARN of the dataset.",
+      "type": "string"
+    },
+    "DatasetDescription": {
+      "description": "A description about the dataset, and its functionality.",
+      "type": "string"
+    },
+    "DatasetId": {
+      "description": "The ID of the dataset.",
+      "maxLength": 36,
+      "minLength": 36,
+      "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$",
+      "type": "string"
+    },
+    "DatasetName": {
+      "description": "The name of the dataset.",
+      "type": "string"
+    },
+    "DatasetSource": {
+      "$ref": "#/definitions/DatasetSource",
+      "description": "The data source for the dataset."
+    },
+    "Tags": {
+      "description": "An array of key-value pairs to apply to this resource.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": true
+    }
+  },
+  "readOnlyProperties": [
+    "/properties/DatasetArn",
+    "/properties/DatasetId"
+  ],
+  "required": [
+    "DatasetName",
+    "DatasetSource"
+  ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-IoTSiteWise.git",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "iotsitewise:TagResource",
+      "iotsitewise:UntagResource",
+      "iotsitewise:ListTagsForResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
+  "typeName": "AWS::IoTSiteWise::Dataset"
+}
diff --git a/src/schema/aws-kinesis-stream.json b/src/schema/aws-kinesis-stream.json
index ab07e901..3b72e02c 100644
--- a/src/schema/aws-kinesis-stream.json
+++ b/src/schema/aws-kinesis-stream.json
@@ -5,6 +5,21 @@
     "/properties/Name"
   ],
   "definitions": {
+    "EnhancedMetric": {
+      "additionalProperties": false,
+      "description": "Value of an enhanced metric",
+      "enum": [
+        "IncomingBytes",
+        "IncomingRecords",
+        "OutgoingBytes",
+        "OutgoingRecords",
+        "WriteProvisionedThroughputExceeded",
+        "ReadProvisionedThroughputExceeded",
+        "IteratorAgeMilliseconds",
+        "ALL"
+      ],
+      "type": "string"
+    },
     "StreamEncryption": {
       "additionalProperties": false,
       "description": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.",
@@ -142,6 +157,16 @@
       "description": "The Amazon resource name (ARN) of the Kinesis stream",
       "type": "string"
     },
+    "DesiredShardLevelMetrics": {
+      "description": "The final list of shard-level metrics",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/EnhancedMetric"
+      },
+      "maxItems": 7,
+      "type": "array",
+      "uniqueItems": true
+    },
     "Name": {
       "description": "The name of the Kinesis stream.",
       "maxLength": 128,
diff --git a/src/schema/aws-kinesisfirehose-deliverystream.json b/src/schema/aws-kinesisfirehose-deliverystream.json
index e7ccae3d..2e814958 100644
--- a/src/schema/aws-kinesisfirehose-deliverystream.json
+++ b/src/schema/aws-kinesisfirehose-deliverystream.json
@@ -10,7 +10,7 @@
     "/properties/KinesisStreamSourceConfiguration",
     "/properties/DirectPutSourceConfiguration",
     "/properties/MSKSourceConfiguration",
-    "/properties/IcebergDestinationConfiguration",
+    "/properties/IcebergDestinationConfiguration/CatalogConfiguration",
     "/properties/SnowflakeDestinationConfiguration/SnowflakeVpcConfiguration"
   ],
   "definitions": {
diff --git a/src/schema/aws-kms-alias.json b/src/schema/aws-kms-alias.json
index c56a6adc..4dba0f02 100644
--- a/src/schema/aws-kms-alias.json
+++ b/src/schema/aws-kms-alias.json
@@ -3,7 +3,7 @@
   "createOnlyProperties": [
     "/properties/AliasName"
   ],
-  "description": "The ``AWS::KMS::Alias`` resource specifies a display name for a [KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys). You can use an alias to identify a KMS key in the KMS console, in the [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) operation, and in [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations), such as [Decrypt](https://docs.aws.amazon.com/kms/latest/APIReference/API_Decrypt.html) and [GenerateDataKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey.html).\n  Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see [ABAC for](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *Developer Guide*.\n  Using an alias to refer to a KMS key can help you simplify key management. For example, an alias in your code can be associated with different KMS keys in different AWS-Regions. For more information, see [Using aliases](https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html) in the *Developer Guide*.\n When specifying an alias, observe the following rules.\n  +  Each alias is associated with one KMS key, but multiple aliases can be associated with the same KMS key.\n  +  The alias and its associated KMS key must be in the same AWS-account and Region.\n  +  The alias name must be unique in the AWS-account and Region. However, you can create aliases with the same name in different AWS-Regions. For example, you can have an ``alias/projectKey`` in multiple Regions, each of which is associated with a KMS key in its Region.\n  +  Each alias name must begin with ``alias/`` followed by a name, such as ``alias/exampleKey``. The alias name can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). Alias names cannot begin with ``alias/aws/``. That alias name prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).\n  \n  *Regions* \n  KMS CloudFormation resources are available in all AWS-Regions in which KMS and CFN are supported.",
+  "description": "The ``AWS::KMS::Alias`` resource specifies a display name for a [KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys). You can use an alias to identify a KMS key in the KMS console, in the [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) operation, and in [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations), such as [Decrypt](https://docs.aws.amazon.com/kms/latest/APIReference/API_Decrypt.html) and [GenerateDataKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey.html).\n  Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see [ABAC for](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *Developer Guide*.\n  Using an alias to refer to a KMS key can help you simplify key management. For example, an alias in your code can be associated with different KMS keys in different AWS-Regions. For more information, see [Using aliases](https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html) in the *Developer Guide*.\n When specifying an alias, observe the following rules.\n  +  Each alias is associated with one KMS key, but multiple aliases can be associated with the same KMS key.\n  +  The alias and its associated KMS key must be in the same AWS-account and Region.\n  +  The alias name must be unique in the AWS-account and Region. However, you can create aliases with the same name in different AWS-Regions. For example, you can have an ``alias/projectKey`` in multiple Regions, each of which is associated with a KMS key in its Region.\n  +  Each alias name must begin with ``alias/`` followed by a name, such as ``alias/exampleKey``. The alias name can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). Alias names cannot begin with ``alias/aws/``. That alias name prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).\n  \n  *Regions* \n KMS CloudFormation resources are available in all AWS-Regions in which KMS and CFN are supported.",
   "handlers": {
     "create": {
       "permissions": [
@@ -43,7 +43,7 @@
       "type": "string"
     },
     "TargetKeyId": {
-      "description": "Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region.\n A valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*.\n Specify the key ID or the key ARN of the KMS key.\n For example:\n  +  Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n  +  Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n  \n To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html).",
+      "description": "Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region.\n A valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*.\n Specify the key ID or the key ARN of the KMS key.\n For example:\n  +  Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab``\n  +  Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``\n  \n To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html).",
       "maxLength": 256,
       "minLength": 1,
       "type": "string"
diff --git a/src/schema/aws-kms-key.json b/src/schema/aws-kms-key.json
index 4d0382ef..4815ba16 100644
--- a/src/schema/aws-kms-key.json
+++ b/src/schema/aws-kms-key.json
@@ -25,7 +25,7 @@
       "type": "object"
     }
   },
-  "description": "The ``AWS::KMS::Key`` resource specifies an [KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys) in KMSlong. You can use this resource to create symmetric encryption KMS keys, asymmetric KMS keys for encryption or signing, and symmetric HMAC KMS keys. You can use ``AWS::KMS::Key`` to create [multi-Region primary keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-primary-key) of all supported types. To replicate a multi-Region key, use the ``AWS::KMS::ReplicaKey`` resource.\n  If you change the value of the ``KeySpec``, ``KeyUsage``, ``Origin``, or ``MultiRegion`` properties of an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing any of its immutable property values.\n    KMS replaced the term *customer master key (CMK)* with ** and *KMS key*. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.\n  You can use symmetric encryption KMS keys to encrypt and decrypt small amounts of data, but they are more commonly used to generate data keys and data key pairs. You can also use a symmetric encryption KMS key to encrypt data stored in AWS services that are [integrated with](https://docs.aws.amazon.com//kms/features/#AWS_Service_Integration). For more information, see [Symmetric encryption KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#symmetric-cmks) in the *Developer Guide*.\n You can use asymmetric KMS keys to encrypt and decrypt data or sign messages and verify signatures. To create an asymmetric key, you must specify an asymmetric ``KeySpec`` value and a ``KeyUsage`` value. For details, see [Asymmetric keys in](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *Developer Guide*.\n You can use HMAC KMS keys (which are also symmetric keys) to generate and verify hash-based message authentication codes. To create an HMAC key, you must specify an HMAC ``KeySpec`` value and a ``KeyUsage`` value of ``GENERATE_VERIFY_MAC``. For details, see [HMAC keys in](https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html) in the *Developer Guide*.\n You can also create symmetric encryption, asymmetric, and HMAC multi-Region primary keys. To create a multi-Region primary key, set the ``MultiRegion`` property to ``true``. For information about multi-Region keys, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You cannot use the ``AWS::KMS::Key`` resource to specify a KMS key with [imported key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) or a KMS key in a [custom key store](https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).\n  *Regions* \n  KMS CloudFormation resources are available in all Regions in which KMS and CFN are supported. You can use the ``AWS::KMS::Key`` resource to create and manage all KMS key types that are supported in a Region.",
+  "description": "The ``AWS::KMS::Key`` resource specifies an [KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys) in KMSlong. You can use this resource to create symmetric encryption KMS keys, asymmetric KMS keys for encryption or signing, and symmetric HMAC KMS keys. You can use ``AWS::KMS::Key`` to create [multi-Region primary keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-primary-key) of all supported types. To replicate a multi-Region key, use the ``AWS::KMS::ReplicaKey`` resource.\n  If you change the value of the ``KeySpec``, ``KeyUsage``, ``Origin``, or ``MultiRegion`` properties of an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing any of its immutable property values.\n   KMS replaced the term *customer master key (CMK)* with ** and *KMS key*. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.\n  You can use symmetric encryption KMS keys to encrypt and decrypt small amounts of data, but they are more commonly used to generate data keys and data key pairs. You can also use a symmetric encryption KMS key to encrypt data stored in AWS services that are [integrated with](https://docs.aws.amazon.com//kms/features/#AWS_Service_Integration). For more information, see [Symmetric encryption KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#symmetric-cmks) in the *Developer Guide*.\n You can use asymmetric KMS keys to encrypt and decrypt data or sign messages and verify signatures. To create an asymmetric key, you must specify an asymmetric ``KeySpec`` value and a ``KeyUsage`` value. For details, see [Asymmetric keys in](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *Developer Guide*.\n You can use HMAC KMS keys (which are also symmetric keys) to generate and verify hash-based message authentication codes. To create an HMAC key, you must specify an HMAC ``KeySpec`` value and a ``KeyUsage`` value of ``GENERATE_VERIFY_MAC``. For details, see [HMAC keys in](https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html) in the *Developer Guide*.\n You can also create symmetric encryption, asymmetric, and HMAC multi-Region primary keys. To create a multi-Region primary key, set the ``MultiRegion`` property to ``true``. For information about multi-Region keys, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You cannot use the ``AWS::KMS::Key`` resource to specify a KMS key with [imported key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) or a KMS key in a [custom key store](https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).\n  *Regions* \n KMS CloudFormation resources are available in all Regions in which KMS and CFN are supported. You can use the ``AWS::KMS::Key`` resource to create and manage all KMS key types that are supported in a Region.",
   "handlers": {
     "create": {
       "permissions": [
@@ -91,7 +91,7 @@
       "type": "string"
     },
     "EnableKeyRotation": {
-      "description": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n  KMS supports automatic rotation only for symmetric encryption KMS keys (``KeySpec`` = ``SYMMETRIC_DEFAULT``). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin ``EXTERNAL``, omit the ``EnableKeyRotation`` property or set it to ``false``.\n To enable automatic key rotation of the key material for a multi-Region KMS key, set ``EnableKeyRotation`` to ``true`` on the primary key (created by using ``AWS::KMS::Key``). KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *Developer Guide*.\n When you enable automatic rotation, KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *Developer Guide*.",
+      "description": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n KMS supports automatic rotation only for symmetric encryption KMS keys (``KeySpec`` = ``SYMMETRIC_DEFAULT``). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin ``EXTERNAL``, omit the ``EnableKeyRotation`` property or set it to ``false``.\n To enable automatic key rotation of the key material for a multi-Region KMS key, set ``EnableKeyRotation`` to ``true`` on the primary key (created by using ``AWS::KMS::Key``). KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *Developer Guide*.\n When you enable automatic rotation, KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *Developer Guide*.",
       "type": "boolean"
     },
     "Enabled": {
@@ -104,7 +104,7 @@
     },
     "KeyPolicy": {
       "default": "{\n    \"Version\": \"2012-10-17\",\n    \"Id\": \"key-default\",\n    \"Statement\": [\n        {\n            \"Sid\": \"Enable IAM User Permissions\",\n            \"Effect\": \"Allow\",\n            \"Principal\": {\n                \"AWS\": \"arn:<partition>:iam::<account-id>:root\"\n            },\n            \"Action\": \"kms:*\",\n            \"Resource\": \"*\"\n        }\n    ]\n}",
-      "description": "The key policy to attach to the KMS key.\n If you provide a key policy, it must meet the following criteria:\n  +  The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *Developer Guide*. (To omit this condition, set ``BypassPolicyLockoutSafetyCheck`` to true.)\n  +  Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *User Guide*.\n  \n If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *Developer Guide*.\n A key policy document can include only the following characters:\n  +  Printable ASCII characters\n  +  Printable characters in the Basic Latin and Latin-1 Supplement character set\n  +  The tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``) special characters\n  \n  *Minimum*: ``1`` \n  *Maximum*: ``32768``",
+      "description": "The key policy to attach to the KMS key.\n If you provide a key policy, it must meet the following criteria:\n  +  The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *Developer Guide*. (To omit this condition, set ``BypassPolicyLockoutSafetyCheck`` to true.)\n  +  Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *User Guide*.\n  \n If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *Developer Guide*.\n A key policy document can include only the following characters:\n  +  Printable ASCII characters\n  +  Printable characters in the Basic Latin and Latin-1 Supplement character set\n  +  The tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``) special characters\n  \n *Minimum*: ``1``\n *Maximum*: ``32768``",
       "type": [
         "object",
         "string"
@@ -112,7 +112,7 @@
     },
     "KeySpec": {
       "default": "SYMMETRIC_DEFAULT",
-      "description": "Specifies the type of KMS key to create. The default value, ``SYMMETRIC_DEFAULT``, creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, ``SYMMETRIC_DEFAULT`` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the ``KeySpec`` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *Developer Guide*.\n The ``KeySpec`` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *Developer Guide*.\n  If you change the value of the ``KeySpec`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n    [services that are integrated with](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *Developer Guide*.\n   KMS supports the following key specs for KMS keys:\n  +  Symmetric encryption key (default)\n  +   ``SYMMETRIC_DEFAULT`` (AES-256-GCM)\n  \n  +  HMAC keys (symmetric)\n  +   ``HMAC_224`` \n  +   ``HMAC_256`` \n  +   ``HMAC_384`` \n  +   ``HMAC_512`` \n  \n  +  Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n  +   ``RSA_2048`` \n  +   ``RSA_3072`` \n  +   ``RSA_4096`` \n  \n  +  Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n  +   ``ECC_NIST_P256`` (secp256r1)\n  +   ``ECC_NIST_P384`` (secp384r1)\n  +   ``ECC_NIST_P521`` (secp521r1)\n  \n  +  Other asymmetric elliptic curve key pairs (signing and verification)\n  +   ``ECC_SECG_P256K1`` (secp256k1), commonly used for cryptocurrencies.\n  \n  +  SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n  +   ``SM2`` (China Regions only)",
+      "description": "Specifies the type of KMS key to create. The default value, ``SYMMETRIC_DEFAULT``, creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, ``SYMMETRIC_DEFAULT`` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the ``KeySpec`` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *Developer Guide*.\n The ``KeySpec`` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *Developer Guide*.\n  If you change the value of the ``KeySpec`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n   [services that are integrated with](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *Developer Guide*.\n  KMS supports the following key specs for KMS keys:\n  +  Symmetric encryption key (default)\n  +  ``SYMMETRIC_DEFAULT`` (AES-256-GCM)\n  \n  +  HMAC keys (symmetric)\n  +   ``HMAC_224`` \n  +   ``HMAC_256`` \n  +   ``HMAC_384`` \n  +   ``HMAC_512`` \n  \n  +  Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n  +   ``RSA_2048`` \n  +   ``RSA_3072`` \n  +   ``RSA_4096`` \n  \n  +  Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n  +  ``ECC_NIST_P256`` (secp256r1)\n  +  ``ECC_NIST_P384`` (secp384r1)\n  +  ``ECC_NIST_P521`` (secp521r1)\n  \n  +  Other asymmetric elliptic curve key pairs (signing and verification)\n  +  ``ECC_SECG_P256K1`` (secp256k1), commonly used for cryptocurrencies.\n  \n  +  SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n  +  ``SM2`` (China Regions only)",
       "enum": [
         "SYMMETRIC_DEFAULT",
         "RSA_2048",
@@ -143,12 +143,12 @@
     },
     "MultiRegion": {
       "default": false,
-      "description": "Creates a multi-Region primary key that you can replicate in other AWS-Regions. You can't change the ``MultiRegion`` value after the KMS key is created.\n For a list of AWS-Regions in which multi-Region keys are supported, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the **.\n  If you change the value of the ``MultiRegion`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n  For a multi-Region key, set to this property to ``true``. For a single-Region key, omit this property or set it to ``false``. The default value is ``false``.\n  *Multi-Region keys* are an KMS feature that lets you create multiple interoperable KMS keys in different AWS-Regions. Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS-Region and decrypt it in a different AWS-Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n To create a replica of this primary key in a different AWS-Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.",
+      "description": "Creates a multi-Region primary key that you can replicate in other AWS-Regions. You can't change the ``MultiRegion`` value after the KMS key is created.\n For a list of AWS-Regions in which multi-Region keys are supported, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the **.\n  If you change the value of the ``MultiRegion`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n  For a multi-Region key, set to this property to ``true``. For a single-Region key, omit this property or set it to ``false``. The default value is ``false``.\n *Multi-Region keys* are an KMS feature that lets you create multiple interoperable KMS keys in different AWS-Regions. Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS-Region and decrypt it in a different AWS-Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n To create a replica of this primary key in a different AWS-Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.",
       "type": "boolean"
     },
     "Origin": {
       "default": "AWS_KMS",
-      "description": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is ``AWS_KMS``, which means that KMS creates the key material.\n To [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to ``EXTERNAL``. For more information about importing key material into KMS, see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *Developer Guide*.\n You can ignore ``ENABLED`` when Origin is ``EXTERNAL``. When a KMS key with Origin ``EXTERNAL`` is created, the key state is ``PENDING_IMPORT`` and ``ENABLED`` is ``false``. After you import the key material, ``ENABLED`` updated to ``true``. The KMS key can then be used for Cryptographic Operations. \n   CFN doesn't support creating an ``Origin`` parameter of the ``AWS_CLOUDHSM`` or ``EXTERNAL_KEY_STORE`` values.",
+      "description": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is ``AWS_KMS``, which means that KMS creates the key material.\n To [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to ``EXTERNAL``. For more information about importing key material into KMS, see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *Developer Guide*.\n You can ignore ``ENABLED`` when Origin is ``EXTERNAL``. When a KMS key with Origin ``EXTERNAL`` is created, the key state is ``PENDING_IMPORT`` and ``ENABLED`` is ``false``. After you import the key material, ``ENABLED`` updated to ``true``. The KMS key can then be used for Cryptographic Operations. \n  CFN doesn't support creating an ``Origin`` parameter of the ``AWS_CLOUDHSM`` or ``EXTERNAL_KEY_STORE`` values.",
       "enum": [
         "AWS_KMS",
         "EXTERNAL"
@@ -156,7 +156,7 @@
       "type": "string"
     },
     "PendingWindowInDays": {
-      "description": "Specifies the number of days in the waiting period before KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n When you remove a KMS key from a CloudFormation stack, KMS schedules the KMS key for deletion and starts the mandatory waiting period. The ``PendingWindowInDays`` property determines the length of waiting period. During the waiting period, the key state of KMS key is ``Pending Deletion`` or ``Pending Replica Deletion``, which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, KMS permanently deletes the KMS key.\n  KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to ``PendingReplicaDeletion`` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to ``PendingDeletion`` and the waiting period specified by ``PendingWindowInDays`` begins. When this waiting period expires, KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *Developer Guide*.\n You cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n For information about the ``Pending Deletion`` and ``Pending Replica Deletion`` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*. For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *Developer Guide*.",
+      "description": "Specifies the number of days in the waiting period before KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n When you remove a KMS key from a CloudFormation stack, KMS schedules the KMS key for deletion and starts the mandatory waiting period. The ``PendingWindowInDays`` property determines the length of waiting period. During the waiting period, the key state of KMS key is ``Pending Deletion`` or ``Pending Replica Deletion``, which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, KMS permanently deletes the KMS key.\n KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to ``PendingReplicaDeletion`` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to ``PendingDeletion`` and the waiting period specified by ``PendingWindowInDays`` begins. When this waiting period expires, KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *Developer Guide*.\n You cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n For information about the ``Pending Deletion`` and ``Pending Replica Deletion`` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*. For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *Developer Guide*.",
       "maximum": 30,
       "minimum": 7,
       "type": "integer"
@@ -185,6 +185,11 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-kms",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "kms:TagResource",
+      "kms:UntagResource",
+      "kms:ListResourceTags"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-kms-replicakey.json b/src/schema/aws-kms-replicakey.json
index a19029fa..59bfbd60 100644
--- a/src/schema/aws-kms-replicakey.json
+++ b/src/schema/aws-kms-replicakey.json
@@ -130,6 +130,11 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-kms",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "kms:TagResource",
+      "kms:UntagResource",
+      "kms:ListResourceTags"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-lambda-eventsourcemapping.json b/src/schema/aws-lambda-eventsourcemapping.json
index e6e880a7..3683cf9b 100644
--- a/src/schema/aws-lambda-eventsourcemapping.json
+++ b/src/schema/aws-lambda-eventsourcemapping.json
@@ -295,7 +295,6 @@
       "permissions": [
         "lambda:UpdateEventSourceMapping",
         "lambda:GetEventSourceMapping",
-        "lambda:ListTags",
         "lambda:TagResource",
         "lambda:UntagResource",
         "kms:DescribeKey",
@@ -319,7 +318,7 @@
       "type": "integer"
     },
     "BisectBatchOnFunctionError": {
-      "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.",
+      "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n  When using ``BisectBatchOnFunctionError``, check the ``BatchSize`` parameter in the ``OnFailure`` destination message's metadata. The ``BatchSize`` could be greater than 1 since LAM consolidates failed messages metadata when writing to the ``OnFailure`` destination.",
       "type": "boolean"
     },
     "DestinationConfig": {
@@ -505,6 +504,11 @@
   ],
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "lambda:ListTags",
+      "lambda:TagResource",
+      "lambda:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-lambda-function.json b/src/schema/aws-lambda-function.json
index 59af4b68..9ade73d1 100644
--- a/src/schema/aws-lambda-function.json
+++ b/src/schema/aws-lambda-function.json
@@ -375,7 +375,6 @@
         "lambda:DeleteFunctionConcurrency",
         "lambda:GetFunction",
         "lambda:PutFunctionConcurrency",
-        "lambda:ListTags",
         "lambda:TagResource",
         "lambda:UntagResource",
         "lambda:UpdateFunctionConfiguration",
@@ -566,6 +565,11 @@
   ],
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "lambda:ListTags",
+      "lambda:TagResource",
+      "lambda:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
@@ -575,7 +579,6 @@
   "writeOnlyProperties": [
     "/properties/SnapStart",
     "/properties/SnapStart/ApplyOn",
-    "/properties/Code",
     "/properties/Code/ImageUri",
     "/properties/Code/S3Bucket",
     "/properties/Code/S3Key",
diff --git a/src/schema/aws-launchwizard-deployment.json b/src/schema/aws-launchwizard-deployment.json
index a5ec5f88..7c0cbea0 100644
--- a/src/schema/aws-launchwizard-deployment.json
+++ b/src/schema/aws-launchwizard-deployment.json
@@ -232,11 +232,15 @@
   "required": [
     "DeploymentPatternName",
     "Name",
-    "Specifications",
     "WorkloadName"
   ],
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "launchwizard:ListTagsForResource",
+      "launchwizard:TagResource",
+      "launchwizard:UntagResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-lex-bot.json b/src/schema/aws-lex-bot.json
index 62f160f8..3264e5ee 100644
--- a/src/schema/aws-lex-bot.json
+++ b/src/schema/aws-lex-bot.json
@@ -3,7 +3,6 @@
   "definitions": {
     "AdvancedRecognitionSetting": {
       "additionalProperties": false,
-      "description": "Provides settings that enable advanced recognition settings for slot values.",
       "properties": {
         "AudioRecognitionStrategy": {
           "$ref": "#/definitions/AudioRecognitionStrategy"
@@ -13,14 +12,11 @@
     },
     "AllowedInputTypes": {
       "additionalProperties": false,
-      "description": "Specifies the allowed input types.",
       "properties": {
         "AllowAudioInput": {
-          "description": "Indicates whether audio input is allowed.",
           "type": "boolean"
         },
         "AllowDTMFInput": {
-          "description": "Indicates whether DTMF input is allowed.",
           "type": "boolean"
         }
       },
@@ -42,7 +38,6 @@
     },
     "AudioAndDTMFInputSpecification": {
       "additionalProperties": false,
-      "description": "Specifies the audio and DTMF input specification.",
       "properties": {
         "AudioSpecification": {
           "$ref": "#/definitions/AudioSpecification"
@@ -51,7 +46,6 @@
           "$ref": "#/definitions/DTMFSpecification"
         },
         "StartTimeoutMs": {
-          "description": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.",
           "minimum": 1,
           "type": "integer"
         }
@@ -63,7 +57,6 @@
     },
     "AudioLogDestination": {
       "additionalProperties": false,
-      "description": "The location of audio log files collected when conversation logging is enabled for a bot.",
       "properties": {
         "S3Bucket": {
           "$ref": "#/definitions/S3BucketLogDestination"
@@ -76,13 +69,11 @@
     },
     "AudioLogSetting": {
       "additionalProperties": false,
-      "description": "Settings for logging audio of conversations between Amazon Lex and a user. You specify whether to log audio and the Amazon S3 bucket where the audio file is stored.",
       "properties": {
         "Destination": {
           "$ref": "#/definitions/AudioLogDestination"
         },
         "Enabled": {
-          "description": "",
           "type": "boolean"
         }
       },
@@ -93,7 +84,6 @@
       "type": "object"
     },
     "AudioLogSettings": {
-      "description": "List of audio log settings that pertain to the conversation log settings for the bot's TestBotAlias.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/AudioLogSetting"
@@ -103,7 +93,6 @@
       "uniqueItems": true
     },
     "AudioRecognitionStrategy": {
-      "description": "Enables using slot values as a custom vocabulary when recognizing user utterances.",
       "enum": [
         "UseSlotValuesAsCustomVocabulary"
       ],
@@ -111,15 +100,12 @@
     },
     "AudioSpecification": {
       "additionalProperties": false,
-      "description": "Specifies the audio input specifications.",
       "properties": {
         "EndTimeoutMs": {
-          "description": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.",
           "minimum": 1,
           "type": "integer"
         },
         "MaxLengthMs": {
-          "description": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.",
           "minimum": 1,
           "type": "integer"
         }
@@ -130,15 +116,95 @@
       ],
       "type": "object"
     },
+    "BedrockAgentIntentConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "BedrockAgentConfiguration": {
+          "additionalProperties": false,
+          "properties": {
+            "BedrockAgentAliasId": {
+              "maxLength": 5000,
+              "minLength": 1,
+              "type": "string"
+            },
+            "BedrockAgentId": {
+              "maxLength": 5000,
+              "minLength": 1,
+              "type": "string"
+            }
+          },
+          "type": "object"
+        },
+        "BedrockAgentIntentKnowledgeBaseConfiguration": {
+          "additionalProperties": false,
+          "properties": {
+            "BedrockKnowledgeBaseArn": {
+              "maxLength": 5000,
+              "minLength": 1,
+              "type": "string"
+            },
+            "BedrockModelConfiguration": {
+              "$ref": "#/definitions/BedrockModelSpecification"
+            }
+          },
+          "required": [
+            "BedrockKnowledgeBaseArn",
+            "BedrockModelConfiguration"
+          ],
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "BedrockModelSpecification": {
+      "additionalProperties": false,
+      "properties": {
+        "BedrockGuardrailConfiguration": {
+          "additionalProperties": false,
+          "properties": {
+            "BedrockGuardrailIdentifier": {
+              "maxLength": 5000,
+              "minLength": 1,
+              "type": "string"
+            },
+            "BedrockGuardrailVersion": {
+              "maxLength": 5000,
+              "minLength": 1,
+              "type": "string"
+            }
+          },
+          "type": "object"
+        },
+        "BedrockModelCustomPrompt": {
+          "maxLength": 5000,
+          "minLength": 1,
+          "type": "string"
+        },
+        "BedrockTraceStatus": {
+          "enum": [
+            "ENABLED",
+            "DISABLED"
+          ],
+          "type": "string"
+        },
+        "ModelArn": {
+          "maxLength": 5000,
+          "minLength": 1,
+          "type": "string"
+        }
+      },
+      "required": [
+        "ModelArn"
+      ],
+      "type": "object"
+    },
     "BotAliasLocaleSettings": {
       "additionalProperties": false,
-      "description": "You can use this parameter to specify a specific Lambda function to run different functions in different locales.",
       "properties": {
         "CodeHookSpecification": {
           "$ref": "#/definitions/CodeHookSpecification"
         },
         "Enabled": {
-          "description": "Whether the Lambda code hook is enabled",
           "type": "boolean"
         }
       },
@@ -149,13 +215,11 @@
     },
     "BotAliasLocaleSettingsItem": {
       "additionalProperties": false,
-      "description": "A locale setting in alias",
       "properties": {
         "BotAliasLocaleSetting": {
           "$ref": "#/definitions/BotAliasLocaleSettings"
         },
         "LocaleId": {
-          "description": "A string used to identify the locale",
           "maxLength": 128,
           "minLength": 1,
           "type": "string"
@@ -168,7 +232,6 @@
       "type": "object"
     },
     "BotAliasLocaleSettingsList": {
-      "description": "A list of bot alias locale settings to add to the bot alias.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/BotAliasLocaleSettingsItem"
@@ -185,7 +248,6 @@
     },
     "BotLocale": {
       "additionalProperties": false,
-      "description": "A locale in the bot, which contains the intents and slot types that the bot uses in conversations with users in the specified language and locale.",
       "properties": {
         "CustomVocabulary": {
           "$ref": "#/definitions/CustomVocabulary"
@@ -194,7 +256,6 @@
           "$ref": "#/definitions/Description"
         },
         "Intents": {
-          "description": "List of intents",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/Intent"
@@ -210,7 +271,6 @@
           "$ref": "#/definitions/ConfidenceThreshold"
         },
         "SlotTypes": {
-          "description": "List of SlotTypes",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/SlotType"
@@ -231,16 +291,13 @@
     },
     "Button": {
       "additionalProperties": false,
-      "description": "A button to use on a response card used to gather slot values from a user.",
       "properties": {
         "Text": {
-          "description": "The text that appears on the button.",
           "maxLength": 50,
           "minLength": 1,
           "type": "string"
         },
         "Value": {
-          "description": "The value returned to Amazon Lex when the user chooses this button.",
           "maxLength": 50,
           "minLength": 1,
           "type": "string"
@@ -256,13 +313,11 @@
       "additionalProperties": false,
       "properties": {
         "CloudWatchLogGroupArn": {
-          "description": "A string used to identify the groupArn for the Cloudwatch Log Group",
           "maxLength": 2048,
           "minLength": 1,
           "type": "string"
         },
         "LogPrefix": {
-          "description": "A string containing the value for the Log Prefix",
           "maxLength": 1024,
           "minLength": 0,
           "type": "string"
@@ -276,7 +331,6 @@
     },
     "CodeHookSpecification": {
       "additionalProperties": false,
-      "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
       "properties": {
         "LambdaCodeHook": {
           "$ref": "#/definitions/LambdaCodeHook"
@@ -287,13 +341,27 @@
       ],
       "type": "object"
     },
+    "CompositeSlotTypeSetting": {
+      "additionalProperties": false,
+      "properties": {
+        "SubSlots": {
+          "insertionOrder": true,
+          "items": {
+            "$ref": "#/definitions/SubSlotTypeComposition"
+          },
+          "maxItems": 6,
+          "minItems": 1,
+          "type": "array",
+          "uniqueItems": true
+        }
+      },
+      "type": "object"
+    },
     "Condition": {
       "additionalProperties": false,
-      "description": "Provides an expression that evaluates to true or false.",
       "properties": {
         "ExpressionString": {
-          "$ref": "#/definitions/ConditionExpression",
-          "description": "The expression string that is evaluated."
+          "$ref": "#/definitions/ConditionExpression"
         }
       },
       "required": [
@@ -302,14 +370,12 @@
       "type": "object"
     },
     "ConditionExpression": {
-      "description": "Expression that is evaluated to true or false at runtime.",
       "maxLength": 1024,
       "minLength": 1,
       "type": "string"
     },
     "Conditional": {
       "additionalProperties": false,
-      "description": "Contains conditional branches to fork the conversation flow.",
       "properties": {
         "ConditionalBranches": {
           "$ref": "#/definitions/ConditionalBranches"
@@ -326,23 +392,18 @@
     },
     "ConditionalBranch": {
       "additionalProperties": false,
-      "description": "A set of actions that Amazon Lex should run if the condition is matched.",
       "properties": {
         "Condition": {
-          "$ref": "#/definitions/Condition",
-          "description": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken."
+          "$ref": "#/definitions/Condition"
         },
         "Name": {
-          "$ref": "#/definitions/Name",
-          "description": "The name of the branch."
+          "$ref": "#/definitions/Name"
         },
         "NextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "The next step in the conversation."
+          "$ref": "#/definitions/DialogState"
         },
         "Response": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         }
       },
       "required": [
@@ -353,7 +414,6 @@
       "type": "object"
     },
     "ConditionalBranches": {
-      "description": "A list of 1 to 4 conditional branches to fork the conversation flow.",
       "insertionOrder": true,
       "items": {
         "$ref": "#/definitions/ConditionalBranch"
@@ -364,18 +424,14 @@
     },
     "ConditionalSpecification": {
       "additionalProperties": false,
-      "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.",
       "properties": {
         "ConditionalBranches": {
-          "$ref": "#/definitions/ConditionalBranches",
-          "description": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true."
+          "$ref": "#/definitions/ConditionalBranches"
         },
         "DefaultBranch": {
-          "$ref": "#/definitions/DefaultConditionalBranch",
-          "description": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step."
+          "$ref": "#/definitions/DefaultConditionalBranch"
         },
         "IsActive": {
-          "description": "Determines whether a conditional branch is active. When active is false, the conditions are not evaluated.",
           "type": "boolean"
         }
       },
@@ -387,26 +443,22 @@
       "type": "object"
     },
     "ConfidenceThreshold": {
-      "description": "The specified confidence threshold for inserting the AMAZON.FallbackIntent and AMAZON.KendraSearchIntent intents.",
       "maximum": 1,
       "minimum": 0,
       "type": "number"
     },
     "ContextTimeToLiveInSeconds": {
-      "description": "The amount of time, in seconds, that the output context should remain active.",
       "maximum": 86400,
       "minimum": 5,
       "type": "integer"
     },
     "ContextTurnsToLive": {
-      "description": "The number of conversation turns that the output context should remain active.",
       "maximum": 20,
       "minimum": 1,
       "type": "integer"
     },
     "ConversationLogSettings": {
       "additionalProperties": false,
-      "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
       "properties": {
         "AudioLogSettings": {
           "$ref": "#/definitions/AudioLogSettings"
@@ -419,10 +471,8 @@
     },
     "CustomPayload": {
       "additionalProperties": false,
-      "description": "A message in a custom format defined by the client application.",
       "properties": {
         "Value": {
-          "description": "The string that is sent to your application.",
           "maxLength": 1000,
           "minLength": 1,
           "type": "string"
@@ -435,7 +485,6 @@
     },
     "CustomVocabulary": {
       "additionalProperties": false,
-      "description": "A custom vocabulary is a list of specific phrases that you want Amazon Lex V2 to recognize in the audio input.",
       "properties": {
         "CustomVocabularyItems": {
           "$ref": "#/definitions/CustomVocabularyItems"
@@ -448,22 +497,18 @@
     },
     "CustomVocabularyItem": {
       "additionalProperties": false,
-      "description": "A custom vocabulary item that contains the phrase to recognize and a weight to give the boost.",
       "properties": {
         "DisplayAs": {
-          "description": "Defines how you want your phrase to look in your transcription output.",
           "maxLength": 100,
           "minLength": 1,
           "type": "string"
         },
         "Phrase": {
-          "description": "Phrase that should be recognized.",
           "maxLength": 100,
           "minLength": 1,
           "type": "string"
         },
         "Weight": {
-          "description": "The degree to which the phrase recognition is boosted. The weight 0 means that no boosting will be applied and the entry will only be used for performing replacements using the displayAs field.",
           "maximum": 3,
           "minimum": 0,
           "type": "integer"
@@ -485,25 +530,20 @@
     },
     "DTMFSpecification": {
       "additionalProperties": false,
-      "description": "Specifies the settings on DTMF input.",
       "properties": {
         "DeletionCharacter": {
-          "description": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.",
           "pattern": "^[A-D0-9#*]{1}$",
           "type": "string"
         },
         "EndCharacter": {
-          "description": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.",
           "pattern": "^[A-D0-9#*]{1}$",
           "type": "string"
         },
         "EndTimeoutMs": {
-          "description": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.",
           "minimum": 1,
           "type": "integer"
         },
         "MaxLength": {
-          "description": "The maximum number of DTMF digits allowed in an utterance.",
           "maximum": 1024,
           "minimum": 1,
           "type": "integer"
@@ -519,10 +559,8 @@
     },
     "DataPrivacy": {
       "additionalProperties": false,
-      "description": "Provides information on additional privacy protections Amazon Lex should use with the bot's data.",
       "properties": {
         "ChildDirected": {
-          "description": "Specify whether your use of Amazon Lex is related to application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA).",
           "type": "boolean"
         }
       },
@@ -533,15 +571,12 @@
     },
     "DefaultConditionalBranch": {
       "additionalProperties": false,
-      "description": "A set of actions that Amazon Lex should run if none of the other conditions are met.",
       "properties": {
         "NextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "The next step in the conversation."
+          "$ref": "#/definitions/DialogState"
         },
         "Response": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         }
       },
       "type": "object"
@@ -553,19 +588,15 @@
     },
     "DialogAction": {
       "additionalProperties": false,
-      "description": "Defines the action that the bot executes at runtime when the conversation reaches this step.",
       "properties": {
         "SlotToElicit": {
-          "$ref": "#/definitions/Name",
-          "description": "If the dialog action is ElicitSlot, defines the slot to elicit from the user."
+          "$ref": "#/definitions/Name"
         },
         "SuppressNextMessage": {
-          "description": "When true the next message for the intent is not used.",
           "type": "boolean"
         },
         "Type": {
-          "$ref": "#/definitions/DialogActionType",
-          "description": "The action that the bot should execute."
+          "$ref": "#/definitions/DialogActionType"
         }
       },
       "required": [
@@ -574,7 +605,6 @@
       "type": "object"
     },
     "DialogActionType": {
-      "description": "The possible values of actions that the conversation can take.",
       "enum": [
         "CloseIntent",
         "ConfirmIntent",
@@ -590,23 +620,18 @@
     },
     "DialogCodeHookInvocationSetting": {
       "additionalProperties": false,
-      "description": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.",
       "properties": {
         "EnableCodeHookInvocation": {
-          "description": "Indicates whether a Lambda function should be invoked for the dialog.",
           "type": "boolean"
         },
         "InvocationLabel": {
-          "$ref": "#/definitions/Name",
-          "description": "A label that indicates the dialog step from which the dialog code hook is happening."
+          "$ref": "#/definitions/Name"
         },
         "IsActive": {
-          "description": "Determines whether a dialog code hook is used when the intent is activated.",
           "type": "boolean"
         },
         "PostCodeHookSpecification": {
-          "$ref": "#/definitions/PostDialogCodeHookInvocationSpecification",
-          "description": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete."
+          "$ref": "#/definitions/PostDialogCodeHookInvocationSpecification"
         }
       },
       "required": [
@@ -618,7 +643,6 @@
     },
     "DialogCodeHookSetting": {
       "additionalProperties": false,
-      "description": "Settings that determine the Lambda function that Amazon Lex uses for processing user responses.",
       "properties": {
         "Enabled": {
           "type": "boolean"
@@ -631,18 +655,14 @@
     },
     "DialogState": {
       "additionalProperties": false,
-      "description": "The current state of the conversation with the user.",
       "properties": {
         "DialogAction": {
-          "$ref": "#/definitions/DialogAction",
-          "description": "Defines the action that the bot executes at runtime when the conversation reaches this step."
+          "$ref": "#/definitions/DialogAction"
         },
         "Intent": {
-          "$ref": "#/definitions/IntentOverride",
-          "description": "Override settings to configure the intent state."
+          "$ref": "#/definitions/IntentOverride"
         },
         "SessionAttributes": {
-          "description": "List of session attributes to be applied when the conversation reaches this step.",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/SessionAttribute"
@@ -654,15 +674,12 @@
     },
     "ElicitationCodeHookInvocationSetting": {
       "additionalProperties": false,
-      "description": "Settings that specify the dialog code hook that is called by Amazon Lex between eliciting slot values.",
       "properties": {
         "EnableCodeHookInvocation": {
-          "description": "Indicates whether a Lambda function should be invoked for the dialog.",
           "type": "boolean"
         },
         "InvocationLabel": {
-          "$ref": "#/definitions/Name",
-          "description": "A label that indicates the dialog step from which the dialog code hook is happening."
+          "$ref": "#/definitions/Name"
         }
       },
       "required": [
@@ -672,7 +689,6 @@
     },
     "ExternalSourceSetting": {
       "additionalProperties": false,
-      "description": "Provides information about the external source of the slot type's definition.",
       "properties": {
         "GrammarSlotTypeSetting": {
           "$ref": "#/definitions/GrammarSlotTypeSetting"
@@ -682,7 +698,6 @@
     },
     "FulfillmentCodeHookSetting": {
       "additionalProperties": false,
-      "description": "Settings that determine if a Lambda function should be invoked to fulfill a specific intent.",
       "properties": {
         "Enabled": {
           "type": "boolean"
@@ -691,7 +706,6 @@
           "$ref": "#/definitions/FulfillmentUpdatesSpecification"
         },
         "IsActive": {
-          "description": "Determines whether the fulfillment code hook is used. When active is false, the code hook doesn't run.",
           "type": "boolean"
         },
         "PostFulfillmentStatusSpecification": {
@@ -705,14 +719,11 @@
     },
     "FulfillmentStartResponseSpecification": {
       "additionalProperties": false,
-      "description": "Provides settings for a message that is sent to the user when a fulfillment Lambda function starts running.",
       "properties": {
         "AllowInterrupt": {
-          "description": "Determines whether the user can interrupt the start message while it is playing.",
           "type": "boolean"
         },
         "DelayInSeconds": {
-          "description": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.",
           "maximum": 900,
           "minimum": 1,
           "type": "integer"
@@ -729,14 +740,11 @@
     },
     "FulfillmentUpdateResponseSpecification": {
       "additionalProperties": false,
-      "description": "Provides settings for a message that is sent periodically to the user while a fulfillment Lambda function is running.",
       "properties": {
         "AllowInterrupt": {
-          "description": "Determines whether the user can interrupt an update message while it is playing.",
           "type": "boolean"
         },
         "FrequencyInSeconds": {
-          "description": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.",
           "maximum": 900,
           "minimum": 1,
           "type": "integer"
@@ -753,17 +761,14 @@
     },
     "FulfillmentUpdatesSpecification": {
       "additionalProperties": false,
-      "description": "Provides information for updating the user on the progress of fulfilling an intent.",
       "properties": {
         "Active": {
-          "description": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.",
           "type": "boolean"
         },
         "StartResponse": {
           "$ref": "#/definitions/FulfillmentStartResponseSpecification"
         },
         "TimeoutInSeconds": {
-          "description": "The length of time that the fulfillment Lambda function should run before it times out.",
           "maximum": 900,
           "minimum": 1,
           "type": "integer"
@@ -779,7 +784,6 @@
     },
     "GrammarSlotTypeSetting": {
       "additionalProperties": false,
-      "description": "Settings required for a slot type based on a grammar that you provide.",
       "properties": {
         "Source": {
           "$ref": "#/definitions/GrammarSlotTypeSource"
@@ -789,22 +793,18 @@
     },
     "GrammarSlotTypeSource": {
       "additionalProperties": false,
-      "description": "Describes the Amazon S3 bucket name and location for the grammar that is the source for the slot type.",
       "properties": {
         "KmsKeyArn": {
-          "description": "The Amazon KMS key required to decrypt the contents of the grammar, if any.",
           "maxLength": 2048,
           "minLength": 20,
           "pattern": "^arn:[\\w\\-]+:kms:[\\w\\-]+:[\\d]{12}:(?:key\\/[\\w\\-]+|alias\\/[a-zA-Z0-9:\\/_\\-]{1,256})$",
           "type": "string"
         },
         "S3BucketName": {
-          "$ref": "#/definitions/S3BucketName",
-          "description": "The name of the S3 bucket that contains the grammar source."
+          "$ref": "#/definitions/S3BucketName"
         },
         "S3ObjectKey": {
-          "$ref": "#/definitions/S3ObjectKey",
-          "description": "The path to the grammar in the S3 bucket."
+          "$ref": "#/definitions/S3ObjectKey"
         }
       },
       "required": [
@@ -814,24 +814,20 @@
       "type": "object"
     },
     "Id": {
-      "description": "Unique ID of resource",
       "maxLength": 10,
       "minLength": 10,
       "pattern": "^[0-9a-zA-Z]+$",
       "type": "string"
     },
     "IdleSessionTTLInSeconds": {
-      "description": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.",
       "maximum": 86400,
       "minimum": 60,
       "type": "integer"
     },
     "ImageResponseCard": {
       "additionalProperties": false,
-      "description": "A message that defines a response card that the client application can show to the user.",
       "properties": {
         "Buttons": {
-          "description": "A list of buttons that should be displayed on the response card.",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/Button"
@@ -840,16 +836,13 @@
           "type": "array"
         },
         "ImageUrl": {
-          "$ref": "#/definitions/AttachmentUrl",
-          "description": "The URL of an image to display on the response card."
+          "$ref": "#/definitions/AttachmentUrl"
         },
         "Subtitle": {
-          "$ref": "#/definitions/AttachmentTitle",
-          "description": "The subtitle to display on the response card."
+          "$ref": "#/definitions/AttachmentTitle"
         },
         "Title": {
-          "$ref": "#/definitions/AttachmentTitle",
-          "description": "The title to display on the response card."
+          "$ref": "#/definitions/AttachmentTitle"
         }
       },
       "required": [
@@ -859,34 +852,27 @@
     },
     "InitialResponseSetting": {
       "additionalProperties": false,
-      "description": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.",
       "properties": {
         "CodeHook": {
-          "$ref": "#/definitions/DialogCodeHookInvocationSetting",
-          "description": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation."
+          "$ref": "#/definitions/DialogCodeHookInvocationSetting"
         },
         "Conditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "InitialResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "NextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "The next step in the conversation."
+          "$ref": "#/definitions/DialogState"
         }
       },
       "type": "object"
     },
     "InputContext": {
       "additionalProperties": false,
-      "description": "InputContext specified for the intent.",
       "properties": {
         "Name": {
-          "$ref": "#/definitions/Name",
-          "description": "The name of the context."
+          "$ref": "#/definitions/Name"
         }
       },
       "required": [
@@ -895,7 +881,6 @@
       "type": "object"
     },
     "InputContextsList": {
-      "description": "The list of input contexts specified for the intent.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/InputContext"
@@ -905,8 +890,10 @@
     },
     "Intent": {
       "additionalProperties": false,
-      "description": "Represents an action that the user wants to perform.",
       "properties": {
+        "BedrockAgentIntentConfiguration": {
+          "$ref": "#/definitions/BedrockAgentIntentConfiguration"
+        },
         "Description": {
           "$ref": "#/definitions/Description",
           "description": "Description of thr intent."
@@ -918,8 +905,7 @@
           "$ref": "#/definitions/FulfillmentCodeHookSetting"
         },
         "InitialResponseSetting": {
-          "$ref": "#/definitions/InitialResponseSetting",
-          "description": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots."
+          "$ref": "#/definitions/InitialResponseSetting"
         },
         "InputContexts": {
           "$ref": "#/definitions/InputContextsList"
@@ -934,8 +920,7 @@
           "$ref": "#/definitions/KendraConfiguration"
         },
         "Name": {
-          "$ref": "#/definitions/Name",
-          "description": "The name of the intent."
+          "$ref": "#/definitions/Name"
         },
         "OutputContexts": {
           "$ref": "#/definitions/OutputContextsList"
@@ -943,15 +928,19 @@
         "ParentIntentSignature": {
           "$ref": "#/definitions/ParentIntentSignature"
         },
+        "QInConnectIntentConfiguration": {
+          "$ref": "#/definitions/QInConnectIntentConfiguration"
+        },
+        "QnAIntentConfiguration": {
+          "$ref": "#/definitions/QnAIntentConfiguration"
+        },
         "SampleUtterances": {
-          "$ref": "#/definitions/SampleUtterancesList",
-          "description": "A sample utterance that invokes an intent or respond to a slot elicitation prompt."
+          "$ref": "#/definitions/SampleUtterancesList"
         },
         "SlotPriorities": {
           "$ref": "#/definitions/SlotPrioritiesList"
         },
         "Slots": {
-          "description": "List of slots",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/Slot"
@@ -968,82 +957,63 @@
     },
     "IntentClosingSetting": {
       "additionalProperties": false,
-      "description": "Provides a statement the Amazon Lex conveys to the user when the intent is successfully fulfilled.",
       "properties": {
         "ClosingResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "The response that Amazon Lex sends to the user when the intent is complete."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "Conditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches associated with the intent's closing response. These branches are executed when the nextStep attribute is set to EvalutateConditional."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "IsActive": {
-          "description": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the active field isn't specified, the default is true.",
           "type": "boolean"
         },
         "NextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step that the bot executes after playing the intent's closing response."
+          "$ref": "#/definitions/DialogState"
         }
       },
       "type": "object"
     },
     "IntentConfirmationSetting": {
       "additionalProperties": false,
-      "description": "Provides a prompt for making sure that the user is ready for the intent to be fulfilled.",
       "properties": {
         "CodeHook": {
-          "$ref": "#/definitions/DialogCodeHookInvocationSetting",
-          "description": "The DialogCodeHookInvocationSetting object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is InvokeDialogCodeHook."
+          "$ref": "#/definitions/DialogCodeHookInvocationSetting"
         },
         "ConfirmationConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate after the intent is closed."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "ConfirmationNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step that the bot executes when the customer confirms the intent."
+          "$ref": "#/definitions/DialogState"
         },
         "ConfirmationResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "DeclinationConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate after the intent is declined."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "DeclinationNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step that the bot executes when the customer declines the intent."
+          "$ref": "#/definitions/DialogState"
         },
         "DeclinationResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "When the user answers \"no\" to the question defined in promptSpecification, Amazon Lex responds with this response to acknowledge that the intent was canceled."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "ElicitationCodeHook": {
-          "$ref": "#/definitions/ElicitationCodeHookInvocationSetting",
-          "description": "The DialogCodeHookInvocationSetting used when the code hook is invoked during confirmation prompt retries."
+          "$ref": "#/definitions/ElicitationCodeHookInvocationSetting"
         },
         "FailureConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "FailureNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "The next step to take in the conversation if the confirmation step fails."
+          "$ref": "#/definitions/DialogState"
         },
         "FailureResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "IsActive": {
-          "description": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the active field isn't specified, the default is true.",
           "type": "boolean"
         },
         "PromptSpecification": {
-          "$ref": "#/definitions/PromptSpecification",
-          "description": "Prompts the user to confirm the intent. This question should have a yes or no answer."
+          "$ref": "#/definitions/PromptSpecification"
         }
       },
       "required": [
@@ -1053,14 +1023,11 @@
     },
     "IntentOverride": {
       "additionalProperties": false,
-      "description": "Override settings to configure the intent state.",
       "properties": {
         "Name": {
-          "$ref": "#/definitions/Name",
-          "description": "The name of the intent. Only required when you're switching intents."
+          "$ref": "#/definitions/Name"
         },
         "Slots": {
-          "description": "A map of all of the slot value overrides for the intent.",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/SlotValueOverrideMap"
@@ -1072,7 +1039,6 @@
     },
     "KendraConfiguration": {
       "additionalProperties": false,
-      "description": "Configuration for searching a Amazon Kendra index specified for the intent.",
       "properties": {
         "KendraIndex": {
           "$ref": "#/definitions/KendraIndexArn"
@@ -1081,7 +1047,6 @@
           "$ref": "#/definitions/QueryFilterString"
         },
         "QueryFilterStringEnabled": {
-          "description": "Determines whether the AMAZON.KendraSearchIntent intent uses a custom query string to query the Amazon Kendra index.",
           "type": "boolean"
         }
       },
@@ -1091,7 +1056,6 @@
       "type": "object"
     },
     "KendraIndexArn": {
-      "description": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the AMAZON.KendraSearchIntent intent to search.",
       "maxLength": 2048,
       "minLength": 32,
       "pattern": "^arn:aws[a-zA-Z-]*:kendra:[a-z]+-[a-z]+-[0-9]:[0-9]{12}:index/[a-zA-Z0-9][a-zA-Z0-9_-]*$",
@@ -1099,16 +1063,13 @@
     },
     "LambdaCodeHook": {
       "additionalProperties": false,
-      "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
       "properties": {
         "CodeHookInterfaceVersion": {
-          "description": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.",
           "maxLength": 5,
           "minLength": 1,
           "type": "string"
         },
         "LambdaArn": {
-          "description": "The Amazon Resource Name (ARN) of the Lambda function.",
           "maxLength": 2048,
           "minLength": 20,
           "type": "string"
@@ -1121,12 +1082,10 @@
       "type": "object"
     },
     "LocaleId": {
-      "description": "The identifier of the language and locale that the bot will be used in.",
       "type": "string"
     },
     "Message": {
       "additionalProperties": false,
-      "description": "The primary message that Amazon Lex should send to the user.",
       "properties": {
         "CustomPayload": {
           "$ref": "#/definitions/CustomPayload"
@@ -1146,13 +1105,11 @@
     },
     "MessageGroup": {
       "additionalProperties": false,
-      "description": "One or more messages that Amazon Lex can send to the user.",
       "properties": {
         "Message": {
           "$ref": "#/definitions/Message"
         },
         "Variations": {
-          "description": "Message variations to send to the user.",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/Message"
@@ -1167,7 +1124,6 @@
       "type": "object"
     },
     "MessageGroupsList": {
-      "description": "One to 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/MessageGroup"
@@ -1177,7 +1133,6 @@
       "type": "array"
     },
     "MessageSelectionStrategy": {
-      "description": "Indicates how a message is selected from a message group among retries.",
       "enum": [
         "Random",
         "Ordered"
@@ -1186,7 +1141,6 @@
     },
     "MultipleValuesSetting": {
       "additionalProperties": false,
-      "description": "Indicates whether a slot can return multiple values.",
       "properties": {
         "AllowMultipleValues": {
           "type": "boolean"
@@ -1196,7 +1150,6 @@
       "type": "object"
     },
     "Name": {
-      "description": "Unique name for a resource.",
       "maxLength": 100,
       "minLength": 1,
       "pattern": "^([0-9a-zA-Z][_-]?)+$",
@@ -1204,10 +1157,8 @@
     },
     "ObfuscationSetting": {
       "additionalProperties": false,
-      "description": "Determines whether Amazon Lex obscures slot values in conversation logs.",
       "properties": {
         "ObfuscationSettingType": {
-          "description": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.",
           "enum": [
             "None",
             "DefaultObfuscation"
@@ -1222,7 +1173,6 @@
     },
     "OutputContext": {
       "additionalProperties": false,
-      "description": "A session context that is activated when an intent is fulfilled.",
       "properties": {
         "Name": {
           "$ref": "#/definitions/Name"
@@ -1242,7 +1192,6 @@
       "type": "object"
     },
     "OutputContextsList": {
-      "description": "A list of contexts that the intent activates when it is fulfilled.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/OutputContext"
@@ -1251,19 +1200,15 @@
       "type": "array"
     },
     "ParentIntentSignature": {
-      "description": "A unique identifier for the built-in intent to base this intent on.",
       "type": "string"
     },
     "ParentSlotTypeSignature": {
-      "description": "The built-in slot type used as a parent of this slot type.",
       "type": "string"
     },
     "PlainTextMessage": {
       "additionalProperties": false,
-      "description": "A message in plain text format.",
       "properties": {
         "Value": {
-          "description": "The message to send to the user.",
           "maxLength": 1000,
           "minLength": 1,
           "type": "string"
@@ -1276,103 +1221,80 @@
     },
     "PostDialogCodeHookInvocationSpecification": {
       "additionalProperties": false,
-      "description": "Specifies next steps to run after the dialog code hook finishes.",
       "properties": {
         "FailureConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "FailureNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed."
+          "$ref": "#/definitions/DialogState"
         },
         "FailureResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "SuccessConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate after the dialog code hook finishes successfully."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "SuccessNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifics the next step the bot runs after the dialog code hook finishes successfully."
+          "$ref": "#/definitions/DialogState"
         },
         "SuccessResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "TimeoutConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate if the code hook times out."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "TimeoutNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step that the bot runs when the code hook times out."
+          "$ref": "#/definitions/DialogState"
         },
         "TimeoutResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         }
       },
       "type": "object"
     },
     "PostFulfillmentStatusSpecification": {
       "additionalProperties": false,
-      "description": "Provides a setting that determines whether the post-fulfillment response is sent to the user.",
       "properties": {
         "FailureConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "FailureNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed."
+          "$ref": "#/definitions/DialogState"
         },
         "FailureResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "SuccessConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "SuccessNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully."
+          "$ref": "#/definitions/DialogState"
         },
         "SuccessResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "TimeoutConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate if the fulfillment code hook times out."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "TimeoutNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step that the bot runs when the fulfillment code hook times out."
+          "$ref": "#/definitions/DialogState"
         },
         "TimeoutResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         }
       },
       "required": [],
       "type": "object"
     },
     "PriorityValue": {
-      "description": "The priority that a slot should be elicited.",
       "maximum": 100,
       "minimum": 0,
       "type": "integer"
     },
     "PromptAttemptSpecification": {
       "additionalProperties": false,
-      "description": "Specifies the settings on a prompt attempt.",
       "properties": {
         "AllowInterrupt": {
-          "description": "Indicates whether the user can interrupt a speech prompt attempt from the bot.",
           "type": "boolean"
         },
         "AllowedInputTypes": {
@@ -1391,17 +1313,14 @@
       "type": "object"
     },
     "PromptMaxRetries": {
-      "description": "The maximum number of times the bot tries to elicit a response from the user using this prompt.",
       "maximum": 5,
       "minimum": 0,
       "type": "integer"
     },
     "PromptSpecification": {
       "additionalProperties": false,
-      "description": "Prompts the user to confirm the intent.",
       "properties": {
         "AllowInterrupt": {
-          "description": "Indicates whether the user can interrupt a speech prompt from the bot.",
           "type": "boolean"
         },
         "MaxRetries": {
@@ -1415,7 +1334,6 @@
         },
         "PromptAttemptsSpecification": {
           "additionalProperties": false,
-          "description": "Specifies the advanced settings on each attempt of the prompt.",
           "patternProperties": {
             "^(Initial|Retry1|Retry2|Retry3|Retry4|Retry5)$": {
               "$ref": "#/definitions/PromptAttemptSpecification"
@@ -1430,8 +1348,146 @@
       ],
       "type": "object"
     },
+    "QInConnectIntentConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "QInConnectAssistantConfiguration": {
+          "additionalProperties": false,
+          "properties": {
+            "AssistantArn": {
+              "maxLength": 200,
+              "minLength": 1,
+              "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+              "type": "string"
+            }
+          },
+          "required": [
+            "AssistantArn"
+          ],
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "QnAIntentConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "BedrockModelConfiguration": {
+          "$ref": "#/definitions/BedrockModelSpecification"
+        },
+        "DataSourceConfiguration": {
+          "additionalProperties": false,
+          "properties": {
+            "BedrockKnowledgeStoreConfiguration": {
+              "additionalProperties": false,
+              "properties": {
+                "BKBExactResponseFields": {
+                  "additionalProperties": false,
+                  "properties": {
+                    "AnswerField": {
+                      "maxLength": 5000,
+                      "minLength": 1,
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "BedrockKnowledgeBaseArn": {
+                  "maxLength": 5000,
+                  "minLength": 1,
+                  "type": "string"
+                },
+                "ExactResponse": {
+                  "type": "boolean"
+                }
+              },
+              "type": "object"
+            },
+            "KendraConfiguration": {
+              "$ref": "#/definitions/QnAKendraConfiguration"
+            },
+            "OpensearchConfiguration": {
+              "additionalProperties": false,
+              "properties": {
+                "DomainEndpoint": {
+                  "maxLength": 5000,
+                  "minLength": 1,
+                  "type": "string"
+                },
+                "ExactResponse": {
+                  "type": "boolean"
+                },
+                "ExactResponseFields": {
+                  "additionalProperties": false,
+                  "properties": {
+                    "AnswerField": {
+                      "maxLength": 5000,
+                      "minLength": 1,
+                      "type": "string"
+                    },
+                    "QuestionField": {
+                      "maxLength": 5000,
+                      "minLength": 1,
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "IncludeFields": {
+                  "insertionOrder": false,
+                  "items": {
+                    "maxLength": 5000,
+                    "minLength": 1,
+                    "type": "string"
+                  },
+                  "type": "array"
+                },
+                "IndexName": {
+                  "maxLength": 5000,
+                  "minLength": 1,
+                  "type": "string"
+                }
+              },
+              "type": "object"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "required": [
+        "DataSourceConfiguration",
+        "BedrockModelConfiguration"
+      ],
+      "type": "object"
+    },
+    "QnAKendraConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "ExactResponse": {
+          "type": "boolean"
+        },
+        "KendraIndex": {
+          "maxLength": 5000,
+          "minLength": 1,
+          "type": "string"
+        },
+        "QueryFilterString": {
+          "maxLength": 5000,
+          "minLength": 1,
+          "type": "string"
+        },
+        "QueryFilterStringEnabled": {
+          "type": "boolean"
+        }
+      },
+      "required": [
+        "KendraIndex",
+        "QueryFilterStringEnabled",
+        "ExactResponse"
+      ],
+      "type": "object"
+    },
     "QueryFilterString": {
-      "description": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query.",
       "maxLength": 5000,
       "minLength": 1,
       "type": "string"
@@ -1444,10 +1500,8 @@
     },
     "Replication": {
       "additionalProperties": false,
-      "description": "Parameter used to create a replication of the source bot in the secondary region.",
       "properties": {
         "ReplicaRegions": {
-          "description": "List of secondary regions for bot replication.",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/ReplicaRegion"
@@ -1465,10 +1519,8 @@
     },
     "ResponseSpecification": {
       "additionalProperties": false,
-      "description": "A list of message groups that Amazon Lex uses to respond the user input.",
       "properties": {
         "AllowInterrupt": {
-          "description": "Indicates whether the user can interrupt a speech prompt from the bot.",
           "type": "boolean"
         },
         "MessageGroupsList": {
@@ -1481,7 +1533,6 @@
       "type": "object"
     },
     "RoleArn": {
-      "description": "The Amazon Resource Name (ARN) of an IAM role that has permission to access the bot.",
       "maxLength": 2048,
       "minLength": 32,
       "pattern": "^arn:aws[a-zA-Z-]*:iam::[0-9]{12}:role/.*$",
@@ -1489,23 +1540,19 @@
     },
     "S3BucketLogDestination": {
       "additionalProperties": false,
-      "description": "Specifies an Amazon S3 bucket for logging audio conversations",
       "properties": {
         "KmsKeyArn": {
-          "description": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an S3 bucket.",
           "maxLength": 2048,
           "minLength": 20,
           "pattern": "^arn:[\\w\\-]+:kms:[\\w\\-]+:[\\d]{12}:(?:key\\/[\\w\\-]+|alias\\/[a-zA-Z0-9:\\/_\\-]{1,256})$",
           "type": "string"
         },
         "LogPrefix": {
-          "description": "The Amazon S3 key of the deployment package.",
           "maxLength": 1024,
           "minLength": 0,
           "type": "string"
         },
         "S3BucketArn": {
-          "description": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.",
           "maxLength": 2048,
           "minLength": 1,
           "pattern": "^arn:[\\w\\-]+:s3:::[a-z0-9][\\.\\-a-z0-9]{1,61}[a-z0-9]$",
@@ -1526,18 +1573,14 @@
     },
     "S3Location": {
       "additionalProperties": false,
-      "description": "S3 location of bot definitions zip file, if it's not defined inline in CloudFormation.",
       "properties": {
         "S3Bucket": {
-          "$ref": "#/definitions/S3BucketName",
-          "description": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account."
+          "$ref": "#/definitions/S3BucketName"
         },
         "S3ObjectKey": {
-          "$ref": "#/definitions/S3ObjectKey",
-          "description": "The Amazon S3 key of the deployment package."
+          "$ref": "#/definitions/S3ObjectKey"
         },
         "S3ObjectVersion": {
-          "description": "For versioned objects, the version of the deployment package object to use. If not specified, the current object version will be used.",
           "maxLength": 1024,
           "minLength": 1,
           "type": "string"
@@ -1557,10 +1600,8 @@
     },
     "SSMLMessage": {
       "additionalProperties": false,
-      "description": "A message in Speech Synthesis Markup Language (SSML).",
       "properties": {
         "Value": {
-          "description": "The SSML text that defines the prompt.",
           "maxLength": 1000,
           "minLength": 1,
           "type": "string"
@@ -1573,7 +1614,6 @@
     },
     "SampleUtterance": {
       "additionalProperties": false,
-      "description": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.",
       "properties": {
         "Utterance": {
           "$ref": "#/definitions/Utterance"
@@ -1585,7 +1625,6 @@
       "type": "object"
     },
     "SampleUtterancesList": {
-      "description": "An array of sample utterances",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/SampleUtterance"
@@ -1594,10 +1633,8 @@
     },
     "SampleValue": {
       "additionalProperties": false,
-      "description": "Defines one of the values for a slot type.",
       "properties": {
         "Value": {
-          "description": "The value that can be used for a slot type.",
           "maxLength": 140,
           "minLength": 1,
           "type": "string"
@@ -1610,7 +1647,6 @@
     },
     "SessionAttribute": {
       "additionalProperties": false,
-      "description": "Key/value pair representing session-specific context information. It contains application information passed between Amazon Lex and a client application.",
       "properties": {
         "Key": {
           "maxLength": 1024,
@@ -1630,7 +1666,6 @@
     },
     "Slot": {
       "additionalProperties": false,
-      "description": "A slot is a variable needed to fulfill an intent, where an intent can require zero or more slots.",
       "properties": {
         "Description": {
           "$ref": "#/definitions/Description"
@@ -1660,39 +1695,30 @@
     },
     "SlotCaptureSetting": {
       "additionalProperties": false,
-      "description": "Settings used when Amazon Lex successfully captures a slot value from a user.",
       "properties": {
         "CaptureConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate after the slot value is captured."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "CaptureNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out."
+          "$ref": "#/definitions/DialogState"
         },
         "CaptureResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "CodeHook": {
-          "$ref": "#/definitions/DialogCodeHookInvocationSetting",
-          "description": "Code hook called after Amazon Lex successfully captures a slot value."
+          "$ref": "#/definitions/DialogCodeHookInvocationSetting"
         },
         "ElicitationCodeHook": {
-          "$ref": "#/definitions/ElicitationCodeHookInvocationSetting",
-          "description": "Code hook called when Amazon Lex doesn't capture a slot value."
+          "$ref": "#/definitions/ElicitationCodeHookInvocationSetting"
         },
         "FailureConditional": {
-          "$ref": "#/definitions/ConditionalSpecification",
-          "description": "A list of conditional branches to evaluate when the slot value isn't captured."
+          "$ref": "#/definitions/ConditionalSpecification"
         },
         "FailureNextStep": {
-          "$ref": "#/definitions/DialogState",
-          "description": "Specifies the next step that the bot runs when the slot value code is not recognized."
+          "$ref": "#/definitions/DialogState"
         },
         "FailureResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+          "$ref": "#/definitions/ResponseSpecification"
         }
       },
       "type": "object"
@@ -1706,10 +1732,8 @@
     },
     "SlotDefaultValue": {
       "additionalProperties": false,
-      "description": "The default value to use when a user doesn't provide a value for a slot.",
       "properties": {
         "DefaultValue": {
-          "description": "The default value to use when a user doesn't provide a value for a slot.",
           "maxLength": 202,
           "minLength": 1,
           "type": "string"
@@ -1722,10 +1746,8 @@
     },
     "SlotDefaultValueSpecification": {
       "additionalProperties": false,
-      "description": "A list of values that Amazon Lex should use as the default value for a slot.",
       "properties": {
         "DefaultValueList": {
-          "description": "A list of slot default values",
           "insertionOrder": false,
           "items": {
             "$ref": "#/definitions/SlotDefaultValue"
@@ -1740,7 +1762,6 @@
       "type": "object"
     },
     "SlotPrioritiesList": {
-      "description": "List for slot priorities",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/SlotPriority"
@@ -1749,14 +1770,12 @@
     },
     "SlotPriority": {
       "additionalProperties": false,
-      "description": "The priority that Amazon Lex should use when eliciting slot values from a user.",
       "properties": {
         "Priority": {
           "$ref": "#/definitions/PriorityValue"
         },
         "SlotName": {
-          "$ref": "#/definitions/Name",
-          "description": "The name of the slot."
+          "$ref": "#/definitions/Name"
         }
       },
       "required": [
@@ -1766,7 +1785,6 @@
       "type": "object"
     },
     "SlotShape": {
-      "description": "The different shapes that a slot can be in during a conversation.",
       "enum": [
         "Scalar",
         "List"
@@ -1775,8 +1793,10 @@
     },
     "SlotType": {
       "additionalProperties": false,
-      "description": "A custom, extended built-in or a grammar slot type.",
       "properties": {
+        "CompositeSlotTypeSetting": {
+          "$ref": "#/definitions/CompositeSlotTypeSetting"
+        },
         "Description": {
           "$ref": "#/definitions/Description"
         },
@@ -1802,12 +1822,10 @@
       "type": "object"
     },
     "SlotTypeName": {
-      "description": "The slot type name that is used in the slot. Allows for custom and built-in slot type names",
       "type": "string"
     },
     "SlotTypeValue": {
       "additionalProperties": false,
-      "description": "Value that the slot type can take.",
       "properties": {
         "SampleValue": {
           "$ref": "#/definitions/SampleValue"
@@ -1822,7 +1840,6 @@
       "type": "object"
     },
     "SlotTypeValues": {
-      "description": "A List of slot type values",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/SlotTypeValue"
@@ -1832,10 +1849,8 @@
     },
     "SlotValue": {
       "additionalProperties": false,
-      "description": "The value to set in a slot.",
       "properties": {
         "InterpretedValue": {
-          "description": "The value that Amazon Lex determines for the slot.",
           "maxLength": 202,
           "minLength": 1,
           "type": "string"
@@ -1845,31 +1860,24 @@
     },
     "SlotValueElicitationSetting": {
       "additionalProperties": false,
-      "description": "Settings that you can use for eliciting a slot value.",
       "properties": {
         "DefaultValueSpecification": {
-          "$ref": "#/definitions/SlotDefaultValueSpecification",
-          "description": "A list of default values for a slot."
+          "$ref": "#/definitions/SlotDefaultValueSpecification"
         },
         "PromptSpecification": {
-          "$ref": "#/definitions/PromptSpecification",
-          "description": "The prompt that Amazon Lex uses to elicit the slot value from the user."
+          "$ref": "#/definitions/PromptSpecification"
         },
         "SampleUtterances": {
-          "$ref": "#/definitions/SampleUtterancesList",
-          "description": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy."
+          "$ref": "#/definitions/SampleUtterancesList"
         },
         "SlotCaptureSetting": {
-          "$ref": "#/definitions/SlotCaptureSetting",
-          "description": "Specifies the next stage in the conversation after capturing the slot."
+          "$ref": "#/definitions/SlotCaptureSetting"
         },
         "SlotConstraint": {
-          "$ref": "#/definitions/SlotConstraint",
-          "description": "Specifies whether the slot is required or optional."
+          "$ref": "#/definitions/SlotConstraint"
         },
         "WaitAndContinueSpecification": {
-          "$ref": "#/definitions/WaitAndContinueSpecification",
-          "description": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input."
+          "$ref": "#/definitions/WaitAndContinueSpecification"
         }
       },
       "required": [
@@ -1879,26 +1887,21 @@
     },
     "SlotValueOverride": {
       "additionalProperties": false,
-      "description": "The slot values that Amazon Lex uses when it sets slot values in a dialog step.",
       "properties": {
         "Shape": {
-          "$ref": "#/definitions/SlotShape",
-          "description": "When the shape value is List, it indicates that the values field contains a list of slot values. When the value is Scalar, it indicates that the value field contains a single value."
+          "$ref": "#/definitions/SlotShape"
         },
         "Value": {
-          "$ref": "#/definitions/SlotValue",
-          "description": "The current value of the slot."
+          "$ref": "#/definitions/SlotValue"
         },
         "Values": {
-          "$ref": "#/definitions/SlotValues",
-          "description": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\""
+          "$ref": "#/definitions/SlotValues"
         }
       },
       "type": "object"
     },
     "SlotValueOverrideMap": {
       "additionalProperties": false,
-      "description": "A map of slot names and their overridden values.",
       "properties": {
         "SlotName": {
           "$ref": "#/definitions/Name"
@@ -1911,10 +1914,8 @@
     },
     "SlotValueRegexFilter": {
       "additionalProperties": false,
-      "description": "A regular expression used to validate the value of a slot.",
       "properties": {
         "Pattern": {
-          "description": "Regex pattern",
           "maxLength": 300,
           "minLength": 1,
           "type": "string"
@@ -1928,13 +1929,13 @@
     "SlotValueResolutionStrategy": {
       "enum": [
         "ORIGINAL_VALUE",
-        "TOP_RESOLUTION"
+        "TOP_RESOLUTION",
+        "CONCATENATION"
       ],
       "type": "string"
     },
     "SlotValueSelectionSetting": {
       "additionalProperties": false,
-      "description": "Contains settings used by Amazon Lex to select a slot value.",
       "properties": {
         "AdvancedRecognitionSetting": {
           "$ref": "#/definitions/AdvancedRecognitionSetting"
@@ -1952,24 +1953,21 @@
       "type": "object"
     },
     "SlotValues": {
-      "description": "An array of values that slots should be set to",
+      "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/SlotValueOverride"
       },
       "type": "array"
     },
     "StillWaitingResponseFrequency": {
-      "description": "How often a message should be sent to the user in seconds.",
       "maximum": 300,
       "minimum": 1,
       "type": "integer"
     },
     "StillWaitingResponseSpecification": {
       "additionalProperties": false,
-      "description": "StillWaitingResponseSpecification.",
       "properties": {
         "AllowInterrupt": {
-          "description": "Indicates whether the user can interrupt a speech prompt from the bot.",
           "type": "boolean"
         },
         "FrequencyInSeconds": {
@@ -1990,13 +1988,33 @@
       "type": "object"
     },
     "StillWaitingResponseTimeout": {
-      "description": "If Amazon Lex waits longer than this length of time in seconds for a response, it will stop sending messages.",
       "maximum": 900,
       "minimum": 1,
       "type": "integer"
     },
+    "SubSlotTypeComposition": {
+      "additionalProperties": false,
+      "properties": {
+        "Name": {
+          "maxLength": 100,
+          "minLength": 1,
+          "pattern": "^([0-9a-zA-Z][_-]?){1,100}$",
+          "type": "string"
+        },
+        "SlotTypeId": {
+          "maxLength": 25,
+          "minLength": 1,
+          "pattern": "^((AMAZON\\.)[a-zA-Z_]+?|[0-9a-zA-Z]+)$",
+          "type": "string"
+        }
+      },
+      "required": [
+        "Name",
+        "SlotTypeId"
+      ],
+      "type": "object"
+    },
     "SynonymList": {
-      "description": "Additional values related to the slot type entry.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/SampleValue"
@@ -2006,16 +2024,13 @@
     },
     "Tag": {
       "additionalProperties": false,
-      "description": "A key-value pair for tagging Lex resources",
       "properties": {
         "Key": {
-          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
           "maxLength": 128,
           "minLength": 1,
           "type": "string"
         },
         "Value": {
-          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
           "maxLength": 256,
           "minLength": 0,
           "type": "string"
@@ -2029,7 +2044,6 @@
     },
     "TestBotAliasSettings": {
       "additionalProperties": false,
-      "description": "Configuring the test bot alias settings for a given bot",
       "properties": {
         "BotAliasLocaleSettings": {
           "$ref": "#/definitions/BotAliasLocaleSettingsList"
@@ -2042,10 +2056,8 @@
         },
         "SentimentAnalysisSettings": {
           "additionalProperties": false,
-          "description": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.",
           "properties": {
             "DetectSentiment": {
-              "description": "Enable to call Amazon Comprehend for Sentiment natively within Lex",
               "type": "boolean"
             }
           },
@@ -2059,10 +2071,8 @@
     },
     "TextInputSpecification": {
       "additionalProperties": false,
-      "description": "Specifies the text input specifications.",
       "properties": {
         "StartTimeoutMs": {
-          "description": "Time for which a bot waits before re-prompting a customer for text input.",
           "minimum": 1,
           "type": "integer"
         }
@@ -2074,7 +2084,6 @@
     },
     "TextLogDestination": {
       "additionalProperties": false,
-      "description": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.",
       "properties": {
         "CloudWatch": {
           "$ref": "#/definitions/CloudWatchLogGroupLogDestination"
@@ -2087,13 +2096,11 @@
     },
     "TextLogSetting": {
       "additionalProperties": false,
-      "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
       "properties": {
         "Destination": {
           "$ref": "#/definitions/TextLogDestination"
         },
         "Enabled": {
-          "description": "",
           "type": "boolean"
         }
       },
@@ -2104,7 +2111,6 @@
       "type": "object"
     },
     "TextLogSettings": {
-      "description": "List of text log settings that pertain to the conversation log settings for the bot's TestBotAlias",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/TextLogSetting"
@@ -2114,23 +2120,21 @@
       "uniqueItems": true
     },
     "Utterance": {
-      "description": "The sample utterance that Amazon Lex uses to build its machine-learning model to recognize intents/slots.",
       "type": "string"
     },
     "VoiceSettings": {
       "additionalProperties": false,
-      "description": "Settings for using an Amazon Polly voice to communicate with a user.",
       "properties": {
         "Engine": {
-          "description": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the engine parameter of the SynthesizeSpeech operation in the Amazon Polly developer guide.",
           "enum": [
             "standard",
-            "neural"
+            "neural",
+            "long-form",
+            "generative"
           ],
           "type": "string"
         },
         "VoiceId": {
-          "description": "The Amazon Polly voice ID that Amazon Lex uses for voice interaction with the user.",
           "type": "string"
         }
       },
@@ -2141,23 +2145,18 @@
     },
     "WaitAndContinueSpecification": {
       "additionalProperties": false,
-      "description": "The prompts that Amazon Lex uses while a bot is waiting for customer input.",
       "properties": {
         "ContinueResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation."
+          "$ref": "#/definitions/ResponseSpecification"
         },
         "IsActive": {
-          "description": "Specifies whether the bot will wait for a user to respond.",
           "type": "boolean"
         },
         "StillWaitingResponse": {
-          "$ref": "#/definitions/StillWaitingResponseSpecification",
-          "description": "The response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user."
+          "$ref": "#/definitions/StillWaitingResponseSpecification"
         },
         "WaitingResponse": {
-          "$ref": "#/definitions/ResponseSpecification",
-          "description": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue."
+          "$ref": "#/definitions/ResponseSpecification"
         }
       },
       "required": [
@@ -2283,14 +2282,12 @@
       "$ref": "#/definitions/BotArn"
     },
     "AutoBuildBotLocales": {
-      "description": "Specifies whether to build the bot locales after bot creation completes.",
       "type": "boolean"
     },
     "BotFileS3Location": {
       "$ref": "#/definitions/S3Location"
     },
     "BotLocales": {
-      "description": "List of bot locales",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/BotLocale"
@@ -2299,7 +2296,6 @@
       "uniqueItems": true
     },
     "BotTags": {
-      "description": "A list of tags to add to the bot, which can only be added at bot creation.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/Tag"
@@ -2310,10 +2306,8 @@
     },
     "DataPrivacy": {
       "additionalProperties": false,
-      "description": "Data privacy setting of the Bot.",
       "properties": {
         "ChildDirected": {
-          "description": "",
           "type": "boolean"
         }
       },
@@ -2329,7 +2323,6 @@
       "$ref": "#/definitions/Id"
     },
     "IdleSessionTTLInSeconds": {
-      "description": "IdleSessionTTLInSeconds of the resource",
       "maximum": 86400,
       "minimum": 60,
       "type": "integer"
@@ -2347,7 +2340,6 @@
       "$ref": "#/definitions/TestBotAliasSettings"
     },
     "TestBotAliasTags": {
-      "description": "A list of tags to add to the test alias for a bot, , which can only be added at bot/bot alias creation.",
       "insertionOrder": false,
       "items": {
         "$ref": "#/definitions/Tag"
diff --git a/src/schema/aws-logs-loggroup.json b/src/schema/aws-logs-loggroup.json
index e7217d48..e6f2d084 100644
--- a/src/schema/aws-logs-loggroup.json
+++ b/src/schema/aws-logs-loggroup.json
@@ -129,7 +129,8 @@
       "description": "Specifies the log group class for this log group. There are two classes:\n  +  The ``Standard`` log class supports all CWL features.\n  +  The ``Infrequent Access`` log class supports a subset of CWL features and incurs lower costs.\n  \n For details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)",
       "enum": [
         "STANDARD",
-        "INFREQUENT_ACCESS"
+        "INFREQUENT_ACCESS",
+        "DELIVERY"
       ],
       "type": "string"
     },
diff --git a/src/schema/aws-macie-session.json b/src/schema/aws-macie-session.json
index 1865affd..88e53872 100644
--- a/src/schema/aws-macie-session.json
+++ b/src/schema/aws-macie-session.json
@@ -5,7 +5,8 @@
     "create": {
       "permissions": [
         "macie2:GetMacieSession",
-        "macie2:EnableMacie"
+        "macie2:EnableMacie",
+        "macie2:ListAutomatedDiscoveryAccounts"
       ]
     },
     "delete": {
@@ -15,18 +16,21 @@
     },
     "list": {
       "permissions": [
-        "macie2:GetMacieSession"
+        "macie2:GetMacieSession",
+        "macie2:ListAutomatedDiscoveryAccounts"
       ]
     },
     "read": {
       "permissions": [
-        "macie2:GetMacieSession"
+        "macie2:GetMacieSession",
+        "macie2:ListAutomatedDiscoveryAccounts"
       ]
     },
     "update": {
       "permissions": [
         "macie2:GetMacieSession",
-        "macie2:UpdateMacieSession"
+        "macie2:UpdateMacieSession",
+        "macie2:ListAutomatedDiscoveryAccounts"
       ]
     }
   },
@@ -34,6 +38,14 @@
     "/properties/AwsAccountId"
   ],
   "properties": {
+    "AutomatedDiscoveryStatus": {
+      "description": "The status of automated sensitive data discovery for the Macie session.",
+      "enum": [
+        "ENABLED",
+        "DISABLED"
+      ],
+      "type": "string"
+    },
     "AwsAccountId": {
       "description": "AWS account ID of customer",
       "type": "string"
@@ -64,7 +76,8 @@
   },
   "readOnlyProperties": [
     "/properties/AwsAccountId",
-    "/properties/ServiceRole"
+    "/properties/ServiceRole",
+    "/properties/AutomatedDiscoveryStatus"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-macie.git",
   "tagging": {
diff --git a/src/schema/aws-mediapackagev2-originendpoint.json b/src/schema/aws-mediapackagev2-originendpoint.json
index f172e0bf..eba923e4 100644
--- a/src/schema/aws-mediapackagev2-originendpoint.json
+++ b/src/schema/aws-mediapackagev2-originendpoint.json
@@ -263,7 +263,7 @@
       "description": "<p>The failover settings for the endpoint.</p>",
       "properties": {
         "EndpointErrorConditions": {
-          "description": "<p>The failover settings for the endpoint. The options are:</p>\n         <ul>\n            <li>\n               <p>\n                  <code>STALE_MANIFEST</code> - The manifest stalled and there a no new segments or parts.</p>\n            </li>\n            <li>\n               <p>\n                  <code>INCOMPLETE_MANIFEST</code> - There is a gap in the manifest.</p>\n            </li>\n            <li>\n               <p>\n                  <code>MISSING_DRM_KEY</code> - Key rotation is enabled but we're unable to fetch the key for the current key period.</p>\n            </li>\n         </ul>",
+          "description": "<p>The failover conditions for the endpoint. The options are:</p>\n         <ul>\n            <li>\n               <p>\n                  <code>STALE_MANIFEST</code> - The manifest stalled and there are no new segments or parts.</p>\n            </li>\n            <li>\n               <p>\n                  <code>INCOMPLETE_MANIFEST</code> - There is a gap in the manifest.</p>\n            </li>\n            <li>\n               <p>\n                  <code>MISSING_DRM_KEY</code> - Key rotation is enabled but we're unable to fetch the key for the current key period.</p>\n            </li>\n            <li>\n               <p>\n                  <code>SLATE_INPUT</code> - The segments which contain slate content are considered to be missing content.</p>\n            </li>\n         </ul>",
           "items": {
             "$ref": "#/definitions/EndpointErrorCondition"
           },
@@ -298,7 +298,7 @@
           "type": "integer"
         },
         "ProgramDateTimeIntervalSeconds": {
-          "description": "<p>Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, \n         EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. \n         The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. \n         ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.</p>\n         <p>Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.</p>",
+          "description": "<p>Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval,\n         EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest.\n         The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.</p>\n         <p>Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.</p>",
           "type": "integer"
         },
         "ScteHls": {
@@ -310,6 +310,10 @@
         "Url": {
           "description": "<p>The egress domain URL for stream delivery from MediaPackage.</p>",
           "type": "string"
+        },
+        "UrlEncodeChildManifest": {
+          "description": "<p>When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with Amazon Web Services Signature Version 4 (SigV4) signature signing protocol.\n         For more information, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html\">Amazon Web Services Signature Version 4 for API requests</a> in <i>Identity and Access Management User Guide</i>.</p>",
+          "type": "boolean"
         }
       },
       "required": [
@@ -343,7 +347,7 @@
           "type": "integer"
         },
         "ProgramDateTimeIntervalSeconds": {
-          "description": "<p>Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, \n         EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. \n         The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. \n         ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.</p>\n         <p>Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.</p>",
+          "description": "<p>Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval,\n         EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest.\n         The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.</p>\n         <p>Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.</p>",
           "type": "integer"
         },
         "ScteHls": {
@@ -355,6 +359,10 @@
         "Url": {
           "description": "<p>The egress domain URL for stream delivery from MediaPackage.</p>",
           "type": "string"
+        },
+        "UrlEncodeChildManifest": {
+          "description": "<p>When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with Amazon Web Services Signature Version 4 (SigV4) signature signing protocol.\n         For more information, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html\">Amazon Web Services Signature Version 4 for API requests</a> in <i>Identity and Access Management User Guide</i>.</p>",
+          "type": "boolean"
         }
       },
       "required": [
diff --git a/src/schema/aws-memorydb-acl.json b/src/schema/aws-memorydb-acl.json
index d622166e..fb0b2825 100644
--- a/src/schema/aws-memorydb-acl.json
+++ b/src/schema/aws-memorydb-acl.json
@@ -36,7 +36,8 @@
         "memorydb:CreateACL",
         "memorydb:DescribeACLs",
         "memorydb:TagResource",
-        "memorydb:ListTags"
+        "memorydb:ListTags",
+        "iam:CreateServiceLinkedRole"
       ]
     },
     "delete": {
diff --git a/src/schema/aws-memorydb-cluster.json b/src/schema/aws-memorydb-cluster.json
index f4e63598..1791b730 100644
--- a/src/schema/aws-memorydb-cluster.json
+++ b/src/schema/aws-memorydb-cluster.json
@@ -9,7 +9,8 @@
     "/properties/SubnetGroupName",
     "/properties/SnapshotArns",
     "/properties/MultiRegionClusterName",
-    "/properties/SnapshotName"
+    "/properties/SnapshotName",
+    "/properties/NetworkType"
   ],
   "definitions": {
     "DataTieringStatus": {
@@ -33,6 +34,21 @@
       },
       "type": "object"
     },
+    "SupportedIpDiscoveryTypes": {
+      "enum": [
+        "ipv4",
+        "ipv6"
+      ],
+      "type": "string"
+    },
+    "SupportedNetworkTypes": {
+      "enum": [
+        "ipv4",
+        "ipv6",
+        "dual_stack"
+      ],
+      "type": "string"
+    },
     "Tag": {
       "additionalProperties": false,
       "description": "A key-value pair to associate with a resource.",
@@ -68,8 +84,10 @@
         "memorydb:CreateCluster",
         "memorydb:DescribeClusters",
         "memorydb:TagResource",
-        "memorydb:ListTags"
-      ]
+        "memorydb:ListTags",
+        "iam:CreateServiceLinkedRole"
+      ],
+      "timeoutInMinutes": 720
     },
     "delete": {
       "permissions": [
@@ -146,6 +164,11 @@
       "description": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.",
       "type": "string"
     },
+    "IpDiscovery": {
+      "$ref": "#/definitions/SupportedIpDiscoveryTypes",
+      "description": "For clusters wth dual stack NetworkType, IpDiscovery controls the Ip protocol (ipv4 or ipv6) returned by the engine commands such as `cluster info` and `cluster nodes` which are used by clients to connect to the nodes in the cluster.",
+      "type": "object"
+    },
     "KmsKeyId": {
       "description": "The ID of the KMS key used to encrypt the cluster.",
       "type": "string"
@@ -158,6 +181,11 @@
       "description": "The name of the Global Datastore, it is generated by MemoryDB adding a prefix to MultiRegionClusterNameSuffix.",
       "type": "string"
     },
+    "NetworkType": {
+      "$ref": "#/definitions/SupportedNetworkTypes",
+      "description": "Must be either ipv4 | ipv6 | dual_stack.",
+      "type": "object"
+    },
     "NodeType": {
       "description": "The compute and memory capacity of the nodes in the cluster.",
       "type": "string"
diff --git a/src/schema/aws-memorydb-multiregioncluster.json b/src/schema/aws-memorydb-multiregioncluster.json
index 44b2e385..63e430c6 100644
--- a/src/schema/aws-memorydb-multiregioncluster.json
+++ b/src/schema/aws-memorydb-multiregioncluster.json
@@ -40,7 +40,8 @@
         "memorydb:CreateMultiRegionCluster",
         "memorydb:DescribeMultiRegionClusters",
         "memorydb:TagResource",
-        "memorydb:ListTags"
+        "memorydb:ListTags",
+        "iam:CreateServiceLinkedRole"
       ],
       "timeoutInMinutes": 2160
     },
diff --git a/src/schema/aws-memorydb-parametergroup.json b/src/schema/aws-memorydb-parametergroup.json
index 913d3a37..569392ec 100644
--- a/src/schema/aws-memorydb-parametergroup.json
+++ b/src/schema/aws-memorydb-parametergroup.json
@@ -39,7 +39,8 @@
         "memorydb:CreateParameterGroup",
         "memorydb:DescribeParameterGroups",
         "memorydb:TagResource",
-        "memorydb:ListTags"
+        "memorydb:ListTags",
+        "iam:CreateServiceLinkedRole"
       ]
     },
     "delete": {
diff --git a/src/schema/aws-memorydb-subnetgroup.json b/src/schema/aws-memorydb-subnetgroup.json
index 0cabd95c..a5827cd9 100644
--- a/src/schema/aws-memorydb-subnetgroup.json
+++ b/src/schema/aws-memorydb-subnetgroup.json
@@ -37,7 +37,8 @@
         "memorydb:CreateSubnetGroup",
         "memorydb:DescribeSubnetGroups",
         "memorydb:TagResource",
-        "memorydb:ListTags"
+        "memorydb:ListTags",
+        "iam:CreateServiceLinkedRole"
       ]
     },
     "delete": {
@@ -93,6 +94,15 @@
       "type": "array",
       "uniqueItems": true
     },
+    "SupportedNetworkTypes": {
+      "description": "Supported network types would be a list of network types supported by subnet group and can be either [ipv4] or [ipv4, dual_stack] or [ipv6].",
+      "insertionOrder": false,
+      "items": {
+        "type": "string"
+      },
+      "type": "array",
+      "uniqueItems": true
+    },
     "Tags": {
       "description": "An array of key-value pairs to apply to this subnet group.",
       "insertionOrder": false,
@@ -105,7 +115,8 @@
     }
   },
   "readOnlyProperties": [
-    "/properties/ARN"
+    "/properties/ARN",
+    "/properties/SupportedNetworkTypes"
   ],
   "required": [
     "SubnetGroupName",
diff --git a/src/schema/aws-memorydb-user.json b/src/schema/aws-memorydb-user.json
index 59126495..75772616 100644
--- a/src/schema/aws-memorydb-user.json
+++ b/src/schema/aws-memorydb-user.json
@@ -36,7 +36,8 @@
         "memorydb:CreateUser",
         "memorydb:DescribeUsers",
         "memorydb:TagResource",
-        "memorydb:ListTags"
+        "memorydb:ListTags",
+        "iam:CreateServiceLinkedRole"
       ]
     },
     "delete": {
diff --git a/src/schema/aws-mwaa-environment.json b/src/schema/aws-mwaa-environment.json
index e990114c..b96676da 100644
--- a/src/schema/aws-mwaa-environment.json
+++ b/src/schema/aws-mwaa-environment.json
@@ -368,12 +368,40 @@
   "handlers": {
     "create": {
       "permissions": [
-        "airflow:CreateEnvironment"
+        "airflow:GetEnvironment",
+        "airflow:CreateEnvironment",
+        "airflow:TagResource",
+        "airflow:UntagResource",
+        "iam:PassRole",
+        "iam:ListRoles",
+        "iam:CreatePolicy",
+        "iam:AttachRolePolicy",
+        "iam:CreateRole",
+        "iam:CreateServiceLinkedRole",
+        "s3:GetBucketLocation",
+        "s3:ListAllMyBuckets",
+        "s3:ListBucket",
+        "s3:ListBucketVersions",
+        "s3:CreateBucket",
+        "s3:PutObject",
+        "s3:GetEncryptionConfiguration",
+        "ec2:DescribeSecurityGroups",
+        "ec2:DescribeSubnets",
+        "ec2:DescribeVpcs",
+        "ec2:DescribeRouteTables",
+        "ec2:AuthorizeSecurityGroupIngress",
+        "ec2:CreateSecurityGroup",
+        "ec2:CreateVpcEndpoint",
+        "ec2:CreateNetworkInterface",
+        "kms:CreateGrant",
+        "kms:DescribeKey",
+        "kms:ListAliases"
       ],
       "timeoutInMinutes": 180
     },
     "delete": {
       "permissions": [
+        "airflow:GetEnvironment",
         "airflow:DeleteEnvironment"
       ]
     },
@@ -389,9 +417,23 @@
     },
     "update": {
       "permissions": [
+        "airflow:GetEnvironment",
         "airflow:UpdateEnvironment",
         "airflow:TagResource",
-        "airflow:UntagResource"
+        "airflow:UntagResource",
+        "iam:PassRole",
+        "iam:ListRoles",
+        "iam:AttachRolePolicy",
+        "s3:GetBucketLocation",
+        "s3:ListBucket",
+        "s3:ListBucketVersions",
+        "s3:GetEncryptionConfiguration",
+        "ec2:DescribeSecurityGroups",
+        "ec2:DescribeSubnets",
+        "ec2:DescribeVpcs",
+        "ec2:DescribeRouteTables",
+        "kms:DescribeKey",
+        "kms:ListAliases"
       ],
       "timeoutInMinutes": 480
     }
diff --git a/src/schema/aws-neptune-dbclusterparametergroup.json b/src/schema/aws-neptune-dbclusterparametergroup.json
index 93eb5302..74dcc783 100644
--- a/src/schema/aws-neptune-dbclusterparametergroup.json
+++ b/src/schema/aws-neptune-dbclusterparametergroup.json
@@ -1,63 +1,129 @@
 {
   "additionalProperties": false,
   "createOnlyProperties": [
-    "/properties/Family",
+    "/properties/Name",
     "/properties/Description",
-    "/properties/Name"
+    "/properties/Family"
   ],
   "definitions": {
     "Tag": {
       "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
       "properties": {
         "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
           "type": "string"
         },
         "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
           "type": "string"
         }
       },
       "required": [
-        "Value",
-        "Key"
+        "Key",
+        "Value"
       ],
       "type": "object"
     }
   },
-  "description": "Resource Type definition for AWS::Neptune::DBClusterParameterGroup",
+  "description": "The AWS::Neptune::DBClusterParameterGroup resource creates a new Amazon Neptune DB cluster parameter group",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "rds:AddTagsToResource",
+        "rds:CreateDBClusterParameterGroup",
+        "rds:DescribeDBClusterParameterGroups",
+        "rds:DescribeDBClusterParameters",
+        "rds:DescribeEngineDefaultClusterParameters",
+        "rds:ListTagsForResource",
+        "rds:ModifyDBClusterParameterGroup",
+        "iam:CreateServiceLinkedRole"
+      ],
+      "timeoutInMinutes": 180
+    },
+    "delete": {
+      "permissions": [
+        "rds:DeleteDBClusterParameterGroup",
+        "rds:ListTagsForResource",
+        "rds:RemoveTagsFromResource"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "rds:DescribeDBClusterParameterGroups",
+        "rds:ListTagsForResource"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "rds:DescribeDBClusterParameterGroups",
+        "rds:ListTagsForResource",
+        "rds:DescribeDBClusterParameters"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "rds:AddTagsToResource",
+        "rds:DescribeDBClusterParameterGroups",
+        "rds:DescribeDBClusterParameters",
+        "rds:DescribeDBClusters",
+        "rds:DescribeEngineDefaultClusterParameters",
+        "rds:ListTagsForResource",
+        "rds:ModifyDBClusterParameterGroup",
+        "rds:RemoveTagsFromResource",
+        "rds:ResetDBClusterParameterGroup"
+      ],
+      "timeoutInMinutes": 180
+    }
+  },
   "primaryIdentifier": [
-    "/properties/Id"
+    "/properties/Name"
   ],
   "properties": {
     "Description": {
+      "description": "Provides the customer-specified description for this DB cluster parameter group.",
       "type": "string"
     },
     "Family": {
-      "type": "string"
-    },
-    "Id": {
+      "description": "Must be neptune1 for engine versions prior to 1.2.0.0, or neptune1.2 for engine version 1.2.0.0 and higher.",
       "type": "string"
     },
     "Name": {
+      "description": "Provides the name of the DB cluster parameter group.",
       "type": "string"
     },
     "Parameters": {
+      "description": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.",
       "type": "object"
     },
     "Tags": {
+      "description": "The list of tags for the cluster parameter group.",
       "items": {
         "$ref": "#/definitions/Tag"
       },
-      "type": "array",
-      "uniqueItems": false
+      "type": "array"
     }
   },
-  "readOnlyProperties": [
-    "/properties/Id"
-  ],
+  "propertyTransform": {
+    "/properties/Name": "$lowercase(Name)"
+  },
   "required": [
-    "Family",
     "Description",
+    "Family",
     "Parameters"
   ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-neptune",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "rds:AddTagsToResource",
+      "rds:ListTagsForResource",
+      "rds:RemoveTagsFromResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::Neptune::DBClusterParameterGroup"
 }
diff --git a/src/schema/aws-neptune-dbparametergroup.json b/src/schema/aws-neptune-dbparametergroup.json
index 11f30ea4..a202295d 100644
--- a/src/schema/aws-neptune-dbparametergroup.json
+++ b/src/schema/aws-neptune-dbparametergroup.json
@@ -1,49 +1,101 @@
 {
   "additionalProperties": false,
   "createOnlyProperties": [
-    "/properties/Family",
+    "/properties/Name",
     "/properties/Description",
-    "/properties/Name"
+    "/properties/Family"
   ],
   "definitions": {
     "Tag": {
       "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
       "properties": {
         "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
           "type": "string"
         },
         "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
           "type": "string"
         }
       },
       "required": [
-        "Value",
-        "Key"
+        "Key",
+        "Value"
       ],
       "type": "object"
     }
   },
-  "description": "Resource Type definition for AWS::Neptune::DBParameterGroup",
+  "description": "AWS::Neptune::DBParameterGroup creates a new DB parameter group. This type can be declared in a template and referenced in the DBParameterGroupName parameter of AWS::Neptune::DBInstance",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "rds:AddTagsToResource",
+        "rds:CreateDBParameterGroup",
+        "rds:DescribeDBParameterGroups",
+        "rds:DescribeDBParameters",
+        "rds:DescribeEngineDefaultParameters",
+        "rds:ModifyDBParameterGroup",
+        "rds:ListTagsForResource",
+        "iam:CreateServiceLinkedRole"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "rds:DeleteDBParameterGroup",
+        "rds:RemoveTagsFromResource"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "rds:DescribeDBParameterGroups",
+        "rds:ListTagsForResource"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "rds:DescribeDBParameterGroups",
+        "rds:ListTagsForResource",
+        "rds:DescribeDBParameters",
+        "rds:DescribeEngineDefaultParameters"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "rds:AddTagsToResource",
+        "rds:DescribeDBParameterGroups",
+        "rds:DescribeDBParameters",
+        "rds:DescribeEngineDefaultParameters",
+        "rds:ListTagsForResource",
+        "rds:ModifyDBParameterGroup",
+        "rds:ResetDBParameterGroup",
+        "rds:RemoveTagsFromResource",
+        "rds:DescribeDBInstances"
+      ]
+    }
+  },
   "primaryIdentifier": [
-    "/properties/Id"
+    "/properties/Name"
   ],
   "properties": {
     "Description": {
+      "description": "Provides the customer-specified description for this DB parameter group.",
       "type": "string"
     },
     "Family": {
-      "type": "string"
-    },
-    "Id": {
+      "description": "Must be `neptune1` for engine versions prior to 1.2.0.0, or `neptune1.2` for engine version `1.2.0.0` and higher.",
       "type": "string"
     },
     "Name": {
+      "description": "Provides the name of the DB parameter group.",
       "type": "string"
     },
     "Parameters": {
+      "description": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.",
       "type": "object"
     },
     "Tags": {
+      "description": "An optional array of key-value pairs to apply to this DB parameter group.",
       "items": {
         "$ref": "#/definitions/Tag"
       },
@@ -51,13 +103,26 @@
       "uniqueItems": false
     }
   },
-  "readOnlyProperties": [
-    "/properties/Id"
-  ],
+  "propertyTransform": {
+    "/properties/Name": "$lowercase(Name)"
+  },
   "required": [
     "Family",
     "Description",
     "Parameters"
   ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-neptune",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "rds:AddTagsToResource",
+      "rds:ListTagsForResource",
+      "rds:RemoveTagsFromResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::Neptune::DBParameterGroup"
 }
diff --git a/src/schema/aws-neptune-dbsubnetgroup.json b/src/schema/aws-neptune-dbsubnetgroup.json
index 3f81a2a0..ddaa0ad1 100644
--- a/src/schema/aws-neptune-dbsubnetgroup.json
+++ b/src/schema/aws-neptune-dbsubnetgroup.json
@@ -6,36 +6,79 @@
   "definitions": {
     "Tag": {
       "additionalProperties": false,
+      "description": "An optional array of key-value pairs to apply to this DB subnet group.",
       "properties": {
         "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
           "type": "string"
         },
         "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
           "type": "string"
         }
       },
       "required": [
-        "Value",
-        "Key"
+        "Key",
+        "Value"
       ],
       "type": "object"
     }
   },
-  "description": "Resource Type definition for AWS::Neptune::DBSubnetGroup",
+  "description": "The AWS::Neptune::DBSubnetGroup type creates an Amazon Neptune DB subnet group. Subnet groups must contain at least two subnets in two different Availability Zones in the same AWS Region.",
+  "handlers": {
+    "create": {
+      "permissions": [
+        "rds:CreateDBSubnetGroup",
+        "rds:DescribeDBSubnetGroups",
+        "rds:ListTagsForResource",
+        "rds:AddTagsToResource",
+        "iam:CreateServiceLinkedRole"
+      ]
+    },
+    "delete": {
+      "permissions": [
+        "rds:DeleteDBSubnetGroup",
+        "rds:DescribeDBSubnetGroups",
+        "rds:ListTagsForResource",
+        "rds:RemoveTagsFromResource"
+      ]
+    },
+    "list": {
+      "permissions": [
+        "rds:DescribeDBSubnetGroups",
+        "rds:ListTagsForResource"
+      ]
+    },
+    "read": {
+      "permissions": [
+        "rds:DescribeDBSubnetGroups",
+        "rds:ListTagsForResource"
+      ]
+    },
+    "update": {
+      "permissions": [
+        "rds:ModifyDBSubnetGroup",
+        "rds:DescribeDBSubnetGroups",
+        "rds:AddTagsToResource",
+        "rds:RemoveTagsFromResource",
+        "rds:ListTagsForResource"
+      ]
+    }
+  },
   "primaryIdentifier": [
-    "/properties/Id"
+    "/properties/DBSubnetGroupName"
   ],
   "properties": {
     "DBSubnetGroupDescription": {
+      "description": "The description for the DB subnet group.",
       "type": "string"
     },
     "DBSubnetGroupName": {
-      "type": "string"
-    },
-    "Id": {
+      "description": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 lowercase alphanumeric characters or hyphens. Must not be \"Default\".\n\nExample: mysubnetgroup\n\n",
       "type": "string"
     },
     "SubnetIds": {
+      "description": "The Amazon EC2 subnet IDs for the DB subnet group.",
       "items": {
         "type": "string"
       },
@@ -43,6 +86,7 @@
       "uniqueItems": false
     },
     "Tags": {
+      "description": "An optional array of key-value pairs to apply to this DB subnet group.",
       "items": {
         "$ref": "#/definitions/Tag"
       },
@@ -50,12 +94,25 @@
       "uniqueItems": false
     }
   },
-  "readOnlyProperties": [
-    "/properties/Id"
-  ],
+  "propertyTransform": {
+    "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)"
+  },
   "required": [
     "DBSubnetGroupDescription",
     "SubnetIds"
   ],
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-neptune",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "rds:AddTagsToResource",
+      "rds:ListTagsForResource",
+      "rds:RemoveTagsFromResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::Neptune::DBSubnetGroup"
 }
diff --git a/src/schema/aws-networkmanager-sitetositevpnattachment.json b/src/schema/aws-networkmanager-sitetositevpnattachment.json
index b153fc4b..8313c469 100644
--- a/src/schema/aws-networkmanager-sitetositevpnattachment.json
+++ b/src/schema/aws-networkmanager-sitetositevpnattachment.json
@@ -88,7 +88,7 @@
         "ec2:DescribeRegions",
         "networkmanager:TagResource"
       ],
-      "timeoutInMinutes": 40
+      "timeoutInMinutes": 120
     },
     "delete": {
       "permissions": [
diff --git a/src/schema/aws-paymentcryptography-key.json b/src/schema/aws-paymentcryptography-key.json
index bd71112b..82a91584 100644
--- a/src/schema/aws-paymentcryptography-key.json
+++ b/src/schema/aws-paymentcryptography-key.json
@@ -1,6 +1,30 @@
 {
   "additionalProperties": false,
   "definitions": {
+    "DeriveKeyUsage": {
+      "enum": [
+        "TR31_B0_BASE_DERIVATION_KEY",
+        "TR31_C0_CARD_VERIFICATION_KEY",
+        "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY",
+        "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS",
+        "TR31_E1_EMV_MKEY_CONFIDENTIALITY",
+        "TR31_E2_EMV_MKEY_INTEGRITY",
+        "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS",
+        "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION",
+        "TR31_E6_EMV_MKEY_OTHER",
+        "TR31_K0_KEY_ENCRYPTION_KEY",
+        "TR31_K1_KEY_BLOCK_PROTECTION_KEY",
+        "TR31_M3_ISO_9797_3_MAC_KEY",
+        "TR31_M1_ISO_9797_1_MAC_KEY",
+        "TR31_M6_ISO_9797_5_CMAC_KEY",
+        "TR31_M7_HMAC_KEY",
+        "TR31_P0_PIN_ENCRYPTION_KEY",
+        "TR31_P1_PIN_GENERATION_KEY",
+        "TR31_V1_IBM3624_PIN_VERIFICATION_KEY",
+        "TR31_V2_VISA_PIN_VERIFICATION_KEY"
+      ],
+      "type": "string"
+    },
     "KeyAlgorithm": {
       "enum": [
         "TDES_2KEY",
@@ -48,7 +72,8 @@
     "KeyCheckValueAlgorithm": {
       "enum": [
         "CMAC",
-        "ANSI_X9_24"
+        "ANSI_X9_24",
+        "HMAC"
       ],
       "type": "string"
     },
@@ -211,6 +236,9 @@
     "/properties/KeyIdentifier"
   ],
   "properties": {
+    "DeriveKeyUsage": {
+      "$ref": "#/definitions/DeriveKeyUsage"
+    },
     "Enabled": {
       "type": "boolean"
     },
diff --git a/src/schema/aws-qbusiness-datasource.json b/src/schema/aws-qbusiness-datasource.json
index d1b9be9c..bc8a2ba0 100644
--- a/src/schema/aws-qbusiness-datasource.json
+++ b/src/schema/aws-qbusiness-datasource.json
@@ -11,6 +11,25 @@
       ],
       "type": "string"
     },
+    "AudioExtractionConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "AudioExtractionStatus": {
+          "$ref": "#/definitions/AudioExtractionStatus"
+        }
+      },
+      "required": [
+        "AudioExtractionStatus"
+      ],
+      "type": "object"
+    },
+    "AudioExtractionStatus": {
+      "enum": [
+        "ENABLED",
+        "DISABLED"
+      ],
+      "type": "string"
+    },
     "DataSourceStatus": {
       "enum": [
         "PENDING_CREATION",
@@ -268,8 +287,14 @@
     "MediaExtractionConfiguration": {
       "additionalProperties": false,
       "properties": {
+        "AudioExtractionConfiguration": {
+          "$ref": "#/definitions/AudioExtractionConfiguration"
+        },
         "ImageExtractionConfiguration": {
           "$ref": "#/definitions/ImageExtractionConfiguration"
+        },
+        "VideoExtractionConfiguration": {
+          "$ref": "#/definitions/VideoExtractionConfiguration"
         }
       },
       "type": "object"
@@ -293,6 +318,25 @@
         "Value"
       ],
       "type": "object"
+    },
+    "VideoExtractionConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "VideoExtractionStatus": {
+          "$ref": "#/definitions/VideoExtractionStatus"
+        }
+      },
+      "required": [
+        "VideoExtractionStatus"
+      ],
+      "type": "object"
+    },
+    "VideoExtractionStatus": {
+      "enum": [
+        "ENABLED",
+        "DISABLED"
+      ],
+      "type": "string"
     }
   },
   "description": "Definition of AWS::QBusiness::DataSource Resource Type",
diff --git a/src/schema/aws-quicksight-analysis.json b/src/schema/aws-quicksight-analysis.json
index 05b81d91..2a8a678b 100644
--- a/src/schema/aws-quicksight-analysis.json
+++ b/src/schema/aws-quicksight-analysis.json
@@ -11070,6 +11070,14 @@
           "maxItems": 100,
           "minItems": 0,
           "type": "array"
+        },
+        "TransposedTableOptions": {
+          "items": {
+            "$ref": "#/definitions/TransposedTableOption"
+          },
+          "maxItems": 10001,
+          "minItems": 0,
+          "type": "array"
         }
       },
       "type": "object"
@@ -11827,6 +11835,34 @@
       },
       "type": "object"
     },
+    "TransposedColumnType": {
+      "enum": [
+        "ROW_HEADER_COLUMN",
+        "VALUE_COLUMN"
+      ],
+      "type": "string"
+    },
+    "TransposedTableOption": {
+      "additionalProperties": false,
+      "properties": {
+        "ColumnIndex": {
+          "maximum": 9999,
+          "minimum": 0,
+          "type": "number"
+        },
+        "ColumnType": {
+          "$ref": "#/definitions/TransposedColumnType"
+        },
+        "ColumnWidth": {
+          "description": "String based length that is composed of value and unit in px",
+          "type": "string"
+        }
+      },
+      "required": [
+        "ColumnType"
+      ],
+      "type": "object"
+    },
     "TreeMapAggregatedFieldWells": {
       "additionalProperties": false,
       "properties": {
diff --git a/src/schema/aws-quicksight-dashboard.json b/src/schema/aws-quicksight-dashboard.json
index 5d773f3d..a89117eb 100644
--- a/src/schema/aws-quicksight-dashboard.json
+++ b/src/schema/aws-quicksight-dashboard.json
@@ -11276,6 +11276,14 @@
           "maxItems": 100,
           "minItems": 0,
           "type": "array"
+        },
+        "TransposedTableOptions": {
+          "items": {
+            "$ref": "#/definitions/TransposedTableOption"
+          },
+          "maxItems": 10001,
+          "minItems": 0,
+          "type": "array"
         }
       },
       "type": "object"
@@ -12033,6 +12041,34 @@
       },
       "type": "object"
     },
+    "TransposedColumnType": {
+      "enum": [
+        "ROW_HEADER_COLUMN",
+        "VALUE_COLUMN"
+      ],
+      "type": "string"
+    },
+    "TransposedTableOption": {
+      "additionalProperties": false,
+      "properties": {
+        "ColumnIndex": {
+          "maximum": 9999,
+          "minimum": 0,
+          "type": "number"
+        },
+        "ColumnType": {
+          "$ref": "#/definitions/TransposedColumnType"
+        },
+        "ColumnWidth": {
+          "description": "String based length that is composed of value and unit in px",
+          "type": "string"
+        }
+      },
+      "required": [
+        "ColumnType"
+      ],
+      "type": "object"
+    },
     "TreeMapAggregatedFieldWells": {
       "additionalProperties": false,
       "properties": {
diff --git a/src/schema/aws-quicksight-dataset.json b/src/schema/aws-quicksight-dataset.json
index fca72321..705c9427 100644
--- a/src/schema/aws-quicksight-dataset.json
+++ b/src/schema/aws-quicksight-dataset.json
@@ -157,13 +157,10 @@
             "$ref": "#/definitions/CalculatedColumn"
           },
           "maxItems": 128,
-          "minItems": 1,
+          "minItems": 0,
           "type": "array"
         }
       },
-      "required": [
-        "Columns"
-      ],
       "type": "object"
     },
     "CustomSql": {
@@ -214,6 +211,9 @@
       "additionalProperties": false,
       "description": "<p>The refresh properties of a dataset.</p>",
       "properties": {
+        "FailureConfiguration": {
+          "$ref": "#/definitions/RefreshFailureConfiguration"
+        },
         "RefreshConfiguration": {
           "$ref": "#/definitions/RefreshConfiguration"
         }
@@ -237,6 +237,12 @@
       },
       "type": "object"
     },
+    "DataSetUseAs": {
+      "enum": [
+        "RLS_RULES"
+      ],
+      "type": "string"
+    },
     "DatasetParameter": {
       "additionalProperties": false,
       "description": "<p>A dataset parameter.</p>",
@@ -902,7 +908,7 @@
             "type": "string"
           },
           "maxItems": 2000,
-          "minItems": 1,
+          "minItems": 0,
           "type": "array"
         }
       },
@@ -924,6 +930,31 @@
       ],
       "type": "object"
     },
+    "RefreshFailureAlertStatus": {
+      "enum": [
+        "ENABLED",
+        "DISABLED"
+      ],
+      "type": "string"
+    },
+    "RefreshFailureConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "EmailAlert": {
+          "$ref": "#/definitions/RefreshFailureEmailAlert"
+        }
+      },
+      "type": "object"
+    },
+    "RefreshFailureEmailAlert": {
+      "additionalProperties": false,
+      "properties": {
+        "AlertStatus": {
+          "$ref": "#/definitions/RefreshFailureAlertStatus"
+        }
+      },
+      "type": "object"
+    },
     "RelationalTable": {
       "additionalProperties": false,
       "description": "<p>A physical table type for relational data sources.</p>",
@@ -984,8 +1015,7 @@
         }
       },
       "required": [
-        "ColumnName",
-        "NewColumnName"
+        "ColumnName"
       ],
       "type": "object"
     },
@@ -1148,11 +1178,12 @@
           "minItems": 1,
           "type": "array"
         },
-        "UploadSettings": {}
+        "UploadSettings": {
+          "$ref": "#/definitions/UploadSettings"
+        }
       },
       "required": [
-        "DataSourceArn",
-        "InputColumns"
+        "DataSourceArn"
       ],
       "type": "object"
     },
@@ -1582,6 +1613,9 @@
       "maxItems": 200,
       "minItems": 1,
       "type": "array"
+    },
+    "UseAs": {
+      "$ref": "#/definitions/DataSetUseAs"
     }
   },
   "readOnlyProperties": [
@@ -1593,6 +1627,11 @@
   ],
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "quicksight:TagResource",
+      "quicksight:UntagResource",
+      "quicksight:ListTagsForResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-quicksight-datasource.json b/src/schema/aws-quicksight-datasource.json
index c034a36e..e3e43d57 100644
--- a/src/schema/aws-quicksight-datasource.json
+++ b/src/schema/aws-quicksight-datasource.json
@@ -1158,6 +1158,18 @@
     "Type"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-quicksight",
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "quicksight:TagResource",
+      "quicksight:UntagResource",
+      "quicksight:ListTagsForResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
+    "taggable": true
+  },
   "typeName": "AWS::QuickSight::DataSource",
   "writeOnlyProperties": [
     "/properties/Credentials",
diff --git a/src/schema/aws-quicksight-template.json b/src/schema/aws-quicksight-template.json
index a0ea40b4..5104466c 100644
--- a/src/schema/aws-quicksight-template.json
+++ b/src/schema/aws-quicksight-template.json
@@ -10369,6 +10369,14 @@
           "maxItems": 100,
           "minItems": 0,
           "type": "array"
+        },
+        "TransposedTableOptions": {
+          "items": {
+            "$ref": "#/definitions/TransposedTableOption"
+          },
+          "maxItems": 10001,
+          "minItems": 0,
+          "type": "array"
         }
       },
       "type": "object"
@@ -11323,6 +11331,34 @@
       },
       "type": "object"
     },
+    "TransposedColumnType": {
+      "enum": [
+        "ROW_HEADER_COLUMN",
+        "VALUE_COLUMN"
+      ],
+      "type": "string"
+    },
+    "TransposedTableOption": {
+      "additionalProperties": false,
+      "properties": {
+        "ColumnIndex": {
+          "maximum": 9999,
+          "minimum": 0,
+          "type": "number"
+        },
+        "ColumnType": {
+          "$ref": "#/definitions/TransposedColumnType"
+        },
+        "ColumnWidth": {
+          "description": "String based length that is composed of value and unit in px",
+          "type": "string"
+        }
+      },
+      "required": [
+        "ColumnType"
+      ],
+      "type": "object"
+    },
     "TreeMapAggregatedFieldWells": {
       "additionalProperties": false,
       "properties": {
diff --git a/src/schema/aws-quicksight-vpcconnection.json b/src/schema/aws-quicksight-vpcconnection.json
index 2e0f38b0..b5dc4874 100644
--- a/src/schema/aws-quicksight-vpcconnection.json
+++ b/src/schema/aws-quicksight-vpcconnection.json
@@ -249,6 +249,11 @@
   ],
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "quicksight:TagResource",
+      "quicksight:UntagResource",
+      "quicksight:ListTagsForResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-rds-dbcluster.json b/src/schema/aws-rds-dbcluster.json
index ea9cb9c2..2bd3711f 100644
--- a/src/schema/aws-rds-dbcluster.json
+++ b/src/schema/aws-rds-dbcluster.json
@@ -444,7 +444,7 @@
     },
     "ReadEndpoint": {
       "$ref": "#/definitions/ReadEndpoint",
-      "description": "This data type represents the information you need to connect to an Amazon RDS DB instance. This data type is used as a response element in the following actions:\n  +   ``CreateDBInstance`` \n  +   ``DescribeDBInstances`` \n  +   ``DeleteDBInstance`` \n  \n For the data structure that represents Amazon Aurora DB cluster endpoints, see ``DBClusterEndpoint``."
+      "description": ""
     },
     "ReplicationSourceIdentifier": {
       "description": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n Valid for: Aurora DB clusters only",
diff --git a/src/schema/aws-rds-dbinstance.json b/src/schema/aws-rds-dbinstance.json
index 5f633f03..005e539b 100644
--- a/src/schema/aws-rds-dbinstance.json
+++ b/src/schema/aws-rds-dbinstance.json
@@ -286,8 +286,7 @@
       "type": "string"
     },
     "AutomaticBackupReplicationRetentionPeriod": {
-      "description": "",
-      "maximum": 35,
+      "description": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the ``AutomaticBackupReplicationRegion`` parameter. \n If not specified, this parameter defaults to the value of the ``BackupRetentionPeriod`` parameter. The maximum allowed value is 35.",
       "minimum": 1,
       "type": "integer"
     },
@@ -297,7 +296,6 @@
     },
     "BackupRetentionPeriod": {
       "description": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n  *Amazon Aurora* \n Not applicable. The retention period for automated backups is managed by the DB cluster.\n Default: 1\n Constraints:\n  +  Must be a value from 0 to 35\n  +  Can't be set to 0 if the DB instance is a source to read replicas",
-      "maximum": 35,
       "minimum": 0,
       "type": "integer"
     },
@@ -307,7 +305,7 @@
     },
     "CertificateDetails": {
       "$ref": "#/definitions/CertificateDetails",
-      "description": "The details of the DB instance's server certificate."
+      "description": ""
     },
     "CertificateRotationRestart": {
       "description": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n  Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance.\n  If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n  +  For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.* \n  +  For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide*.\n  \n This setting doesn't apply to RDS Custom DB instances.",
@@ -440,7 +438,7 @@
     },
     "Endpoint": {
       "$ref": "#/definitions/Endpoint",
-      "description": "The connection endpoint for the DB instance.\n  The endpoint might not be shown for instances with the status of ``creating``."
+      "description": ""
     },
     "Engine": {
       "description": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n This property is required when creating a DB instance.\n  You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb``. Converting to the CDB architecture requires an interruption.\n  Valid Values:\n  +   ``aurora-mysql`` (for Aurora MySQL DB instances)\n  +   ``aurora-postgresql`` (for Aurora PostgreSQL DB instances)\n  +   ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances)\n  +   ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances)\n  +   ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances)\n  +   ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances)\n  +   ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances)\n  +   ``db2-ae`` \n  +   ``db2-se`` \n  +   ``mariadb`` \n  +   ``mysql`` \n  +   ``oracle-ee`` \n  +   ``oracle-ee-cdb`` \n  +   ``oracle-se2`` \n  +   ``oracle-se2-cdb`` \n  +   ``postgres`` \n  +   ``sqlserver-ee`` \n  +   ``sqlserver-se`` \n  +   ``sqlserver-ex`` \n  +   ``sqlserver-web``",
@@ -660,8 +658,7 @@
     "/properties/MasterUserSecret/SecretArn",
     "/properties/CertificateDetails",
     "/properties/CertificateDetails/CAIdentifier",
-    "/properties/CertificateDetails/ValidTill",
-    "/properties/DatabaseInsightsMode"
+    "/properties/CertificateDetails/ValidTill"
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
   "tagging": {
diff --git a/src/schema/aws-rds-dbproxy.json b/src/schema/aws-rds-dbproxy.json
index be200599..84cfb403 100644
--- a/src/schema/aws-rds-dbproxy.json
+++ b/src/schema/aws-rds-dbproxy.json
@@ -195,6 +195,11 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "rds:AddTagsToResource",
+      "rds:RemoveTagsFromResource",
+      "rds:ListTagsForResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-rds-dbproxyendpoint.json b/src/schema/aws-rds-dbproxyendpoint.json
index 8db2f30d..efd2899e 100644
--- a/src/schema/aws-rds-dbproxyendpoint.json
+++ b/src/schema/aws-rds-dbproxyendpoint.json
@@ -139,6 +139,11 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
   "tagging": {
     "cloudFormationSystemTags": false,
+    "permissions": [
+      "rds:AddTagsToResource",
+      "rds:RemoveTagsFromResource",
+      "rds:ListTagsForResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-redshift-cluster.json b/src/schema/aws-redshift-cluster.json
index e699ac0a..5e0195db 100644
--- a/src/schema/aws-redshift-cluster.json
+++ b/src/schema/aws-redshift-cluster.json
@@ -388,7 +388,7 @@
       "type": "object"
     },
     "NodeType": {
-      "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge",
+      "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.large | ra3.4xlarge | ra3.16xlarge",
       "type": "string"
     },
     "NumberOfNodes": {
diff --git a/src/schema/aws-redshift-clusterparametergroup.json b/src/schema/aws-redshift-clusterparametergroup.json
index 6ba4f114..83ae82b2 100644
--- a/src/schema/aws-redshift-clusterparametergroup.json
+++ b/src/schema/aws-redshift-clusterparametergroup.json
@@ -73,6 +73,7 @@
     "delete": {
       "permissions": [
         "redshift:DescribeTags",
+        "redshift:DeleteTags",
         "redshift:DescribeClusterParameterGroups",
         "redshift:DeleteClusterParameterGroup",
         "redshift:DescribeClusterParameters",
@@ -147,12 +148,16 @@
     "ParameterGroupFamily"
   ],
   "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "redshift:DescribeTags",
+      "redshift:CreateTags",
+      "redshift:DeleteTags"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": true,
     "taggable": true
   },
-  "typeName": "AWS::Redshift::ClusterParameterGroup",
-  "writeOnlyProperties": [
-    "/properties/Tags",
-    "/properties/Tags/*/Key",
-    "/properties/Tags/*/Value"
-  ]
+  "typeName": "AWS::Redshift::ClusterParameterGroup"
 }
diff --git a/src/schema/aws-redshift-clustersubnetgroup.json b/src/schema/aws-redshift-clustersubnetgroup.json
index 5aaadeb8..840ee55b 100644
--- a/src/schema/aws-redshift-clustersubnetgroup.json
+++ b/src/schema/aws-redshift-clustersubnetgroup.json
@@ -159,7 +159,7 @@
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-redshift",
   "tagging": {
-    "taggable": true
+    "taggable": false
   },
   "typeName": "AWS::Redshift::ClusterSubnetGroup",
   "writeOnlyProperties": [
diff --git a/src/schema/aws-redshift-eventsubscription.json b/src/schema/aws-redshift-eventsubscription.json
index 8cc1cfb0..1018e93b 100644
--- a/src/schema/aws-redshift-eventsubscription.json
+++ b/src/schema/aws-redshift-eventsubscription.json
@@ -188,7 +188,7 @@
   ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-redshift",
   "tagging": {
-    "taggable": true
+    "taggable": false
   },
   "typeName": "AWS::Redshift::EventSubscription",
   "writeOnlyProperties": [
diff --git a/src/schema/aws-redshiftserverless-namespace.json b/src/schema/aws-redshiftserverless-namespace.json
index e2fadee8..e53f887e 100644
--- a/src/schema/aws-redshiftserverless-namespace.json
+++ b/src/schema/aws-redshiftserverless-namespace.json
@@ -1,8 +1,7 @@
 {
   "additionalProperties": false,
   "createOnlyProperties": [
-    "/properties/NamespaceName",
-    "/properties/Tags"
+    "/properties/NamespaceName"
   ],
   "definitions": {
     "LogExport": {
diff --git a/src/schema/aws-redshiftserverless-workgroup.json b/src/schema/aws-redshiftserverless-workgroup.json
index ce0bd7cd..43cafa8c 100644
--- a/src/schema/aws-redshiftserverless-workgroup.json
+++ b/src/schema/aws-redshiftserverless-workgroup.json
@@ -226,7 +226,9 @@
         "redshift-serverless:GetWorkgroup",
         "redshift-serverless:GetNamespace",
         "redshift-serverless:ListTagsForResource",
-        "redshift-serverless:TagResource"
+        "redshift-serverless:TagResource",
+        "redshift-serverless:RestoreFromSnapshot",
+        "redshift-serverless:RestoreFromRecoveryPoint"
       ]
     },
     "delete": {
@@ -287,7 +289,9 @@
         "redshift-serverless:UpdateWorkgroup",
         "redshift-serverless:ListTagsForResource",
         "redshift-serverless:TagResource",
-        "redshift-serverless:UntagResource"
+        "redshift-serverless:UntagResource",
+        "redshift-serverless:RestoreFromSnapshot",
+        "redshift-serverless:RestoreFromRecoveryPoint"
       ]
     }
   },
@@ -339,6 +343,10 @@
       "description": "A value that specifies whether the workgroup can be accessible from a public network.",
       "type": "boolean"
     },
+    "RecoveryPointId": {
+      "description": "The recovery point id to restore from.",
+      "type": "string"
+    },
     "SecurityGroupIds": {
       "description": "A list of security group IDs to associate with the workgroup.",
       "insertionOrder": false,
@@ -352,6 +360,18 @@
       "minItems": 1,
       "type": "array"
     },
+    "SnapshotArn": {
+      "description": "The Amazon Resource Name (ARN) of the snapshot to restore from.",
+      "type": "string"
+    },
+    "SnapshotName": {
+      "description": "The snapshot name to restore from.",
+      "type": "string"
+    },
+    "SnapshotOwnerAccount": {
+      "description": "The Amazon Web Services account that owns the snapshot.",
+      "type": "string"
+    },
     "SubnetIds": {
       "description": "A list of subnet IDs the workgroup is associated with.",
       "insertionOrder": false,
@@ -398,6 +418,8 @@
     "/properties/Workgroup/WorkgroupArn",
     "/properties/Workgroup/WorkgroupName",
     "/properties/Workgroup/NamespaceName",
+    "/properties/Workgroup/BaseCapacity",
+    "/properties/Workgroup/MaxCapacity",
     "/properties/Workgroup/EnhancedVpcRouting",
     "/properties/Workgroup/ConfigParameters/*/ParameterKey",
     "/properties/Workgroup/ConfigParameters/*/ParameterValue",
@@ -436,6 +458,10 @@
   "writeOnlyProperties": [
     "/properties/ConfigParameters",
     "/properties/SecurityGroupIds",
-    "/properties/SubnetIds"
+    "/properties/SubnetIds",
+    "/properties/SnapshotArn",
+    "/properties/SnapshotName",
+    "/properties/SnapshotOwnerAccount",
+    "/properties/RecoveryPointId"
   ]
 }
diff --git a/src/schema/aws-route53-cidrcollection.json b/src/schema/aws-route53-cidrcollection.json
index 27866ce50..0567d1fd 100644
--- a/src/schema/aws-route53-cidrcollection.json
+++ b/src/schema/aws-route53-cidrcollection.json
@@ -30,7 +30,7 @@
       "type": "object"
     }
   },
-  "description": "Resource schema for AWS::Route53::CidrCollection.",
+  "description": "Resource Type definition for AWS::Route53::CidrCollection.",
   "handlers": {
     "create": {
       "permissions": [
diff --git a/src/schema/aws-route53recoverycontrol-cluster.json b/src/schema/aws-route53recoverycontrol-cluster.json
index d10ecce7..ad2e9a38 100644
--- a/src/schema/aws-route53recoverycontrol-cluster.json
+++ b/src/schema/aws-route53recoverycontrol-cluster.json
@@ -67,6 +67,13 @@
         "route53-recovery-control-config:DescribeCluster",
         "route53-recovery-control-config:ListTagsForResource"
       ]
+    },
+    "update": {
+      "permissions": [
+        "route53-recovery-control-config:DescribeCluster",
+        "route53-recovery-control-config:ListTagsForResource",
+        "route53-recovery-control-config:UpdateCluster"
+      ]
     }
   },
   "primaryIdentifier": [
@@ -94,6 +101,14 @@
       "minLength": 1,
       "type": "string"
     },
+    "NetworkType": {
+      "description": "Cluster supports IPv4 endpoints and Dual-stack IPv4 and IPv6 endpoints. NetworkType can be IPV4 or DUALSTACK.",
+      "enum": [
+        "IPV4",
+        "DUALSTACK"
+      ],
+      "type": "string"
+    },
     "Status": {
       "description": "Deployment status of a resource. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION.",
       "enum": [
diff --git a/src/schema/aws-route53resolver-resolverqueryloggingconfig.json b/src/schema/aws-route53resolver-resolverqueryloggingconfig.json
index b6dbbc5e..e3f8ffcf 100644
--- a/src/schema/aws-route53resolver-resolverqueryloggingconfig.json
+++ b/src/schema/aws-route53resolver-resolverqueryloggingconfig.json
@@ -2,8 +2,34 @@
   "additionalProperties": false,
   "createOnlyProperties": [
     "/properties/Name",
-    "/properties/DestinationArn"
+    "/properties/DestinationArn",
+    "/properties/Tags"
   ],
+  "definitions": {
+    "Tag": {
+      "additionalProperties": false,
+      "description": "A key-value pair to associate with a resource.",
+      "properties": {
+        "Key": {
+          "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 128,
+          "minLength": 1,
+          "type": "string"
+        },
+        "Value": {
+          "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+          "maxLength": 256,
+          "minLength": 0,
+          "type": "string"
+        }
+      },
+      "required": [
+        "Key",
+        "Value"
+      ],
+      "type": "object"
+    }
+  },
   "description": "Resource schema for AWS::Route53Resolver::ResolverQueryLoggingConfig.",
   "handlers": {
     "create": {
@@ -20,7 +46,10 @@
         "logs:PutResourcePolicy",
         "logs:DescribeResourcePolicies",
         "logs:DescribeLogGroups",
-        "iam:CreateServiceLinkedRole"
+        "iam:CreateServiceLinkedRole",
+        "route53resolver:ListTagsForResource",
+        "route53resolver:TagResource",
+        "route53resolver:ListResolverQueryLogConfigs"
       ]
     },
     "delete": {
@@ -28,19 +57,24 @@
         "resolverquerylogging:DeleteConfig",
         "resolverquerylogging:ListConfig",
         "route53resolver:DeleteResolverQueryLogConfig",
-        "route53resolver:ListResolverQueryLogConfigs"
+        "route53resolver:ListResolverQueryLogConfigs",
+        "route53resolver:UntagResource",
+        "route53resolver:ListTagsForResource"
       ]
     },
     "list": {
       "permissions": [
         "resolverquerylogging:ListConfig",
-        "route53resolver:ListResolverQueryLogConfigs"
+        "route53resolver:ListResolverQueryLogConfigs",
+        "route53resolver:ListTagsForResource"
       ]
     },
     "read": {
       "permissions": [
         "resolverquerylogging:GetConfig",
-        "route53resolver:GetResolverQueryLogConfig"
+        "route53resolver:GetResolverQueryLogConfig",
+        "route53resolver:ListTagsForResource",
+        "route53resolver:ListResolverQueryLogConfigs"
       ]
     }
   },
@@ -113,6 +147,15 @@
         "FAILED"
       ],
       "type": "string"
+    },
+    "Tags": {
+      "description": "An array of key-value pairs to apply to this resource.",
+      "insertionOrder": false,
+      "items": {
+        "$ref": "#/definitions/Tag"
+      },
+      "type": "array",
+      "uniqueItems": true
     }
   },
   "readOnlyProperties": [
@@ -125,6 +168,16 @@
     "/properties/CreationTime",
     "/properties/Id"
   ],
-  "taggable": false,
+  "tagging": {
+    "cloudFormationSystemTags": true,
+    "permissions": [
+      "route53resolver:TagResource",
+      "route53resolver:UntagResource"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": false,
+    "taggable": true
+  },
   "typeName": "AWS::Route53Resolver::ResolverQueryLoggingConfig"
 }
diff --git a/src/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json b/src/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json
index aac1c0e9..eb268fa6 100644
--- a/src/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json
+++ b/src/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json
@@ -98,5 +98,8 @@
     "/properties/CreationTime",
     "/properties/Id"
   ],
+  "tagging": {
+    "taggable": false
+  },
   "typeName": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation"
 }
diff --git a/src/schema/aws-route53resolver-resolverruleassociation.json b/src/schema/aws-route53resolver-resolverruleassociation.json
index 0c26a4dd..0f7c3dc3 100644
--- a/src/schema/aws-route53resolver-resolverruleassociation.json
+++ b/src/schema/aws-route53resolver-resolverruleassociation.json
@@ -22,7 +22,8 @@
     },
     "list": {
       "permissions": [
-        "route53resolver:ListResolverRuleAssociations"
+        "route53resolver:ListResolverRuleAssociations",
+        "ec2:DescribeVpcs"
       ]
     },
     "read": {
diff --git a/src/schema/aws-rum-appmonitor.json b/src/schema/aws-rum-appmonitor.json
index 377bec3d..84d89ae2 100644
--- a/src/schema/aws-rum-appmonitor.json
+++ b/src/schema/aws-rum-appmonitor.json
@@ -468,7 +468,10 @@
     "DomainList": {
       "description": "The top-level internet domain names for which your application has administrative authority. The CreateAppMonitor requires either the domain or the domain list.",
       "items": {
-        "$ref": "#/properties/Domain"
+        "maxLength": 253,
+        "minLength": 1,
+        "pattern": "^(localhost)|^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^(?![-.])([A-Za-z0-9-\\.\\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))|^(\\*\\.)(?![-.])([A-Za-z0-9-\\.\\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))",
+        "type": "string"
       },
       "maxItems": 5,
       "minItems": 1,
diff --git a/src/schema/aws-s3-accesspoint.json b/src/schema/aws-s3-accesspoint.json
index fc82dcc6..da63f95f 100644
--- a/src/schema/aws-s3-accesspoint.json
+++ b/src/schema/aws-s3-accesspoint.json
@@ -51,6 +51,7 @@
       "permissions": [
         "s3:CreateAccessPoint",
         "s3:PutAccessPointPolicy",
+        "s3:GetAccessPoint",
         "s3:PutAccessPointPublicAccessBlock"
       ]
     },
diff --git a/src/schema/aws-s3-multiregionaccesspoint.json b/src/schema/aws-s3-multiregionaccesspoint.json
index 7d0d746a..e3033a1a 100644
--- a/src/schema/aws-s3-multiregionaccesspoint.json
+++ b/src/schema/aws-s3-multiregionaccesspoint.json
@@ -122,5 +122,8 @@
   "required": [
     "Regions"
   ],
+  "tagging": {
+    "taggable": false
+  },
   "typeName": "AWS::S3::MultiRegionAccessPoint"
 }
diff --git a/src/schema/aws-s3-multiregionaccesspointpolicy.json b/src/schema/aws-s3-multiregionaccesspointpolicy.json
index 40dbfc53..c9494aaf 100644
--- a/src/schema/aws-s3-multiregionaccesspointpolicy.json
+++ b/src/schema/aws-s3-multiregionaccesspointpolicy.json
@@ -75,5 +75,8 @@
     "Policy",
     "MrapName"
   ],
+  "tagging": {
+    "taggable": false
+  },
   "typeName": "AWS::S3::MultiRegionAccessPointPolicy"
 }
diff --git a/src/schema/aws-s3tables-tablebucket.json b/src/schema/aws-s3tables-tablebucket.json
index 20d61caa..2b01ca96 100644
--- a/src/schema/aws-s3tables-tablebucket.json
+++ b/src/schema/aws-s3tables-tablebucket.json
@@ -4,6 +4,25 @@
     "/properties/TableBucketName"
   ],
   "definitions": {
+    "EncryptionConfiguration": {
+      "additionalProperties": false,
+      "description": "Specifies encryption settings for the table bucket",
+      "properties": {
+        "KMSKeyArn": {
+          "description": "ARN of the KMS key to use for encryption",
+          "type": "string"
+        },
+        "SSEAlgorithm": {
+          "description": "Server-side encryption algorithm",
+          "enum": [
+            "AES256",
+            "aws:kms"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "TableBucketARN": {
       "description": "The Amazon Resource Name (ARN) of the specified table bucket.",
       "examples": [
@@ -49,8 +68,11 @@
       "permissions": [
         "s3tables:CreateTableBucket",
         "s3tables:PutTableBucketMaintenanceConfiguration",
+        "s3tables:PutTableBucketEncryption",
         "s3tables:GetTableBucket",
-        "s3tables:GetTableBucketMaintenanceConfiguration"
+        "s3tables:GetTableBucketMaintenanceConfiguration",
+        "s3tables:GetTableBucketEncryption",
+        "kms:DescribeKey"
       ]
     },
     "delete": {
@@ -66,14 +88,18 @@
     "read": {
       "permissions": [
         "s3tables:GetTableBucket",
-        "s3tables:GetTableBucketMaintenanceConfiguration"
+        "s3tables:GetTableBucketMaintenanceConfiguration",
+        "s3tables:GetTableBucketEncryption"
       ]
     },
     "update": {
       "permissions": [
         "s3tables:PutTableBucketMaintenanceConfiguration",
+        "s3tables:PutTableBucketEncryption",
+        "s3tables:GetTableBucketMaintenanceConfiguration",
+        "s3tables:GetTableBucketEncryption",
         "s3tables:GetTableBucket",
-        "s3tables:GetTableBucketMaintenanceConfiguration"
+        "kms:DescribeKey"
       ]
     }
   },
@@ -81,6 +107,9 @@
     "/properties/TableBucketARN"
   ],
   "properties": {
+    "EncryptionConfiguration": {
+      "$ref": "#/definitions/EncryptionConfiguration"
+    },
     "TableBucketARN": {
       "$ref": "#/definitions/TableBucketARN"
     },
diff --git a/src/schema/aws-sagemaker-partnerapp.json b/src/schema/aws-sagemaker-partnerapp.json
index dbb3ae47..eeb93d84 100644
--- a/src/schema/aws-sagemaker-partnerapp.json
+++ b/src/schema/aws-sagemaker-partnerapp.json
@@ -4,7 +4,8 @@
     "/properties/Name",
     "/properties/Type",
     "/properties/ExecutionRoleArn",
-    "/properties/AuthType"
+    "/properties/AuthType",
+    "/properties/KmsKeyId"
   ],
   "definitions": {
     "PartnerAppAdminUserList": {
@@ -93,7 +94,9 @@
         "sagemaker:DescribePartnerApp",
         "sagemaker:AddTags",
         "sagemaker:ListTags",
-        "iam:PassRole"
+        "iam:PassRole",
+        "kms:CreateGrant",
+        "kms:DescribeKey"
       ],
       "timeoutInMinutes": 180
     },
@@ -124,7 +127,8 @@
         "sagemaker:DescribePartnerApp",
         "sagemaker:AddTags",
         "sagemaker:ListTags",
-        "sagemaker:DeleteTags"
+        "sagemaker:DeleteTags",
+        "kms:DescribeKey"
       ],
       "timeoutInMinutes": 180
     }
@@ -174,6 +178,12 @@
       "pattern": "^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$",
       "type": "string"
     },
+    "KmsKeyId": {
+      "description": "The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.",
+      "maxLength": 2048,
+      "pattern": ".*",
+      "type": "string"
+    },
     "MaintenanceConfig": {
       "$ref": "#/definitions/PartnerAppMaintenanceConfig",
       "description": "A collection of settings that specify the maintenance schedule for the PartnerApp."
diff --git a/src/schema/aws-sagemaker-userprofile.json b/src/schema/aws-sagemaker-userprofile.json
index 219115de..2589ffc6 100644
--- a/src/schema/aws-sagemaker-userprofile.json
+++ b/src/schema/aws-sagemaker-userprofile.json
@@ -43,7 +43,7 @@
           "items": {
             "$ref": "#/definitions/CustomImage"
           },
-          "maxItems": 30,
+          "maxItems": 200,
           "minItems": 0,
           "type": "array",
           "uniqueItems": false
@@ -257,7 +257,7 @@
           "items": {
             "$ref": "#/definitions/CustomImage"
           },
-          "maxItems": 30,
+          "maxItems": 200,
           "minItems": 0,
           "type": "array",
           "uniqueItems": false
diff --git a/src/schema/aws-ses-mailmanageringresspoint.json b/src/schema/aws-ses-mailmanageringresspoint.json
index 1fbbebc9..de43aa65 100644
--- a/src/schema/aws-ses-mailmanageringresspoint.json
+++ b/src/schema/aws-ses-mailmanageringresspoint.json
@@ -1,6 +1,7 @@
 {
   "additionalProperties": false,
   "createOnlyProperties": [
+    "/properties/NetworkConfiguration",
     "/properties/Type"
   ],
   "definitions": {
@@ -63,6 +64,75 @@
       ],
       "type": "string"
     },
+    "IpType": {
+      "enum": [
+        "IPV4",
+        "DUAL_STACK"
+      ],
+      "type": "string"
+    },
+    "NetworkConfiguration": {
+      "oneOf": [
+        {
+          "additionalProperties": false,
+          "properties": {
+            "PublicNetworkConfiguration": {
+              "$ref": "#/definitions/PublicNetworkConfiguration"
+            }
+          },
+          "required": [
+            "PublicNetworkConfiguration"
+          ],
+          "title": "PublicNetworkConfiguration",
+          "type": "object"
+        },
+        {
+          "additionalProperties": false,
+          "properties": {
+            "PrivateNetworkConfiguration": {
+              "$ref": "#/definitions/PrivateNetworkConfiguration"
+            }
+          },
+          "required": [
+            "PrivateNetworkConfiguration"
+          ],
+          "title": "PrivateNetworkConfiguration",
+          "type": "object"
+        }
+      ]
+    },
+    "PrivateNetworkConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "VpcEndpointId": {
+          "pattern": "^vpce-[a-zA-Z0-9]{17}$",
+          "type": "string"
+        }
+      },
+      "required": [
+        "VpcEndpointId"
+      ],
+      "type": "object"
+    },
+    "PublicNetworkConfiguration": {
+      "additionalProperties": false,
+      "properties": {
+        "IpType": {
+          "allOf": [
+            {
+              "$ref": "#/definitions/IpType"
+            },
+            {
+              "default": "IPV4"
+            }
+          ]
+        }
+      },
+      "required": [
+        "IpType"
+      ],
+      "type": "object"
+    },
     "Tag": {
       "additionalProperties": false,
       "properties": {
@@ -94,7 +164,8 @@
         "ses:ListTagsForResource",
         "ses:GetIngressPoint",
         "ses:CreateIngressPoint",
-        "iam:CreateServiceLinkedRole"
+        "iam:CreateServiceLinkedRole",
+        "ec2:DescribeVpcEndpoints"
       ]
     },
     "delete": {
@@ -148,6 +219,9 @@
       "pattern": "^[A-Za-z0-9_\\-]+$",
       "type": "string"
     },
+    "NetworkConfiguration": {
+      "$ref": "#/definitions/NetworkConfiguration"
+    },
     "RuleSetId": {
       "maxLength": 100,
       "minLength": 1,
diff --git a/src/schema/aws-ses-mailmanagerruleset.json b/src/schema/aws-ses-mailmanagerruleset.json
index 6362cf46..0a589127 100644
--- a/src/schema/aws-ses-mailmanagerruleset.json
+++ b/src/schema/aws-ses-mailmanagerruleset.json
@@ -39,7 +39,7 @@
         "ResultField": {
           "maxLength": 256,
           "minLength": 1,
-          "pattern": "^[\\sa-zA-Z0-9_]+$",
+          "pattern": "^(addon\\.)?[\\sa-zA-Z0-9_]+$",
           "type": "string"
         }
       },
@@ -379,6 +379,19 @@
           ],
           "title": "Attribute",
           "type": "object"
+        },
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Analysis": {
+              "$ref": "#/definitions/Analysis"
+            }
+          },
+          "required": [
+            "Analysis"
+          ],
+          "title": "Analysis",
+          "type": "object"
         }
       ]
     },
@@ -517,9 +530,9 @@
         },
         "Values": {
           "items": {
-            "maxLength": 18,
+            "maxLength": 43,
             "minLength": 1,
-            "pattern": "^(([0-9]|.|/)*)$",
+            "pattern": "^(([0-9]|.|:|/)*)$",
             "type": "string"
           },
           "maxItems": 10,
@@ -690,6 +703,19 @@
           ],
           "title": "MimeHeaderAttribute",
           "type": "object"
+        },
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Analysis": {
+              "$ref": "#/definitions/Analysis"
+            }
+          },
+          "required": [
+            "Analysis"
+          ],
+          "title": "Analysis",
+          "type": "object"
         }
       ]
     },
diff --git a/src/schema/aws-ses-mailmanagertrafficpolicy.json b/src/schema/aws-ses-mailmanagertrafficpolicy.json
index 5179c695..91240e82 100644
--- a/src/schema/aws-ses-mailmanagertrafficpolicy.json
+++ b/src/schema/aws-ses-mailmanagertrafficpolicy.json
@@ -18,7 +18,7 @@
         "ResultField": {
           "maxLength": 256,
           "minLength": 1,
-          "pattern": "^[\\sa-zA-Z0-9_]+$",
+          "pattern": "^(addon\\.)?[\\sa-zA-Z0-9_]+$",
           "type": "string"
         }
       },
@@ -122,6 +122,54 @@
       ],
       "type": "object"
     },
+    "IngressIpv6Attribute": {
+      "enum": [
+        "SENDER_IPV6"
+      ],
+      "type": "string"
+    },
+    "IngressIpv6Expression": {
+      "additionalProperties": false,
+      "properties": {
+        "Evaluate": {
+          "$ref": "#/definitions/IngressIpv6ToEvaluate"
+        },
+        "Operator": {
+          "$ref": "#/definitions/IngressIpOperator"
+        },
+        "Values": {
+          "items": {
+            "maxLength": 49,
+            "pattern": "^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))\\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9])$",
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "required": [
+        "Evaluate",
+        "Operator",
+        "Values"
+      ],
+      "type": "object"
+    },
+    "IngressIpv6ToEvaluate": {
+      "oneOf": [
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Attribute": {
+              "$ref": "#/definitions/IngressIpv6Attribute"
+            }
+          },
+          "required": [
+            "Attribute"
+          ],
+          "title": "Attribute",
+          "type": "object"
+        }
+      ]
+    },
     "IngressStringEmailAttribute": {
       "enum": [
         "RECIPIENT"
@@ -175,6 +223,19 @@
           ],
           "title": "Attribute",
           "type": "object"
+        },
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Analysis": {
+              "$ref": "#/definitions/IngressAnalysis"
+            }
+          },
+          "required": [
+            "Analysis"
+          ],
+          "title": "Analysis",
+          "type": "object"
         }
       ]
     },
@@ -263,6 +324,19 @@
           "title": "IpExpression",
           "type": "object"
         },
+        {
+          "additionalProperties": false,
+          "properties": {
+            "Ipv6Expression": {
+              "$ref": "#/definitions/IngressIpv6Expression"
+            }
+          },
+          "required": [
+            "Ipv6Expression"
+          ],
+          "title": "Ipv6Expression",
+          "type": "object"
+        },
         {
           "additionalProperties": false,
           "properties": {
diff --git a/src/schema/aws-sns-topic.json b/src/schema/aws-sns-topic.json
index 3ec91a35..a41b5089 100644
--- a/src/schema/aws-sns-topic.json
+++ b/src/schema/aws-sns-topic.json
@@ -208,6 +208,11 @@
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sns",
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "sns:TagResource",
+      "sns:UntagResource",
+      "sns:ListTagsForResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-ssm-patchbaseline.json b/src/schema/aws-ssm-patchbaseline.json
index 2c37050f..cbe23247 100644
--- a/src/schema/aws-ssm-patchbaseline.json
+++ b/src/schema/aws-ssm-patchbaseline.json
@@ -361,6 +361,11 @@
   ],
   "tagging": {
     "cloudFormationSystemTags": true,
+    "permissions": [
+      "ssm:AddTagsToResource",
+      "ssm:ListTagsForResource",
+      "ssm:RemoveTagsFromResource"
+    ],
     "tagOnCreate": true,
     "tagProperty": "/properties/Tags",
     "tagUpdatable": true,
diff --git a/src/schema/aws-systemsmanagersap-application.json b/src/schema/aws-systemsmanagersap-application.json
index 8586d849..c6c6aee1 100644
--- a/src/schema/aws-systemsmanagersap-application.json
+++ b/src/schema/aws-systemsmanagersap-application.json
@@ -5,9 +5,36 @@
     "/properties/Instances",
     "/properties/SapInstanceNumber",
     "/properties/Sid",
-    "/properties/DatabaseArn"
+    "/properties/DatabaseArn",
+    "/properties/ComponentsInfo"
   ],
   "definitions": {
+    "ComponentInfo": {
+      "properties": {
+        "ComponentType": {
+          "enum": [
+            "HANA",
+            "HANA_NODE",
+            "ABAP",
+            "ASCS",
+            "DIALOG",
+            "WEBDISP",
+            "WD",
+            "ERS"
+          ],
+          "type": "string"
+        },
+        "Ec2InstanceId": {
+          "pattern": "^i-[\\w\\d]{8}$|^i-[\\w\\d]{17}$",
+          "type": "string"
+        },
+        "Sid": {
+          "pattern": "[A-Z][A-Z0-9]{2}",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "Credential": {
       "additionalProperties": false,
       "properties": {
@@ -113,6 +140,15 @@
       "pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$",
       "type": "string"
     },
+    "ComponentsInfo": {
+      "description": "This is an optional parameter for component details to which the SAP ABAP application is attached, such as Web Dispatcher.",
+      "insertionOrder": true,
+      "items": {
+        "$ref": "#/definitions/ComponentInfo"
+      },
+      "minItems": 1,
+      "type": "array"
+    },
     "Credentials": {
       "insertionOrder": true,
       "items": {
@@ -176,6 +212,7 @@
     "/properties/Instances",
     "/properties/SapInstanceNumber",
     "/properties/Sid",
-    "/properties/DatabaseArn"
+    "/properties/DatabaseArn",
+    "/properties/ComponentsInfo"
   ]
 }
diff --git a/src/schema/aws-transfer-webapp.json b/src/schema/aws-transfer-webapp.json
index c172b594..2d0c2a4d 100644
--- a/src/schema/aws-transfer-webapp.json
+++ b/src/schema/aws-transfer-webapp.json
@@ -6,6 +6,7 @@
   ],
   "additionalProperties": false,
   "createOnlyProperties": [
+    "/properties/WebAppEndpointPolicy",
     "/properties/IdentityProviderDetails/InstanceArn"
   ],
   "definitions": {
@@ -81,6 +82,13 @@
       },
       "type": "object"
     },
+    "WebAppEndpointPolicy": {
+      "enum": [
+        "STANDARD",
+        "FIPS"
+      ],
+      "type": "string"
+    },
     "WebAppUnits": {
       "oneOf": [
         {
@@ -194,6 +202,9 @@
     "WebAppCustomization": {
       "$ref": "#/definitions/WebAppCustomization"
     },
+    "WebAppEndpointPolicy": {
+      "$ref": "#/definitions/WebAppEndpointPolicy"
+    },
     "WebAppId": {
       "description": "A unique identifier for the web app.",
       "maxLength": 24,
diff --git a/src/schema/aws-vpclattice-accesslogsubscription.json b/src/schema/aws-vpclattice-accesslogsubscription.json
index 45fa3e1a..36c67350 100644
--- a/src/schema/aws-vpclattice-accesslogsubscription.json
+++ b/src/schema/aws-vpclattice-accesslogsubscription.json
@@ -91,7 +91,8 @@
         ]
       },
       "permissions": [
-        "vpc-lattice:ListAccessLogSubscriptions"
+        "vpc-lattice:ListAccessLogSubscriptions",
+        "logs:GetLogDelivery"
       ]
     },
     "read": {
diff --git a/src/schema/aws-vpclattice-listener.json b/src/schema/aws-vpclattice-listener.json
index 3ca86e05..502b2325 100644
--- a/src/schema/aws-vpclattice-listener.json
+++ b/src/schema/aws-vpclattice-listener.json
@@ -90,7 +90,7 @@
         },
         "Weight": {
           "maximum": 999,
-          "minimum": 1,
+          "minimum": 0,
           "type": "integer"
         }
       },
diff --git a/src/schema/aws-vpclattice-resourceconfiguration.json b/src/schema/aws-vpclattice-resourceconfiguration.json
index ef7f86f2..574c3b44 100644
--- a/src/schema/aws-vpclattice-resourceconfiguration.json
+++ b/src/schema/aws-vpclattice-resourceconfiguration.json
@@ -233,7 +233,10 @@
     "/properties/Id",
     "/properties/Arn"
   ],
-  "required": [],
+  "required": [
+    "Name",
+    "ResourceConfigurationType"
+  ],
   "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
   "tagging": {
     "cloudFormationSystemTags": true,
diff --git a/src/schema/aws-vpclattice-resourcegateway.json b/src/schema/aws-vpclattice-resourcegateway.json
index f74167a9..48e4fef1 100644
--- a/src/schema/aws-vpclattice-resourcegateway.json
+++ b/src/schema/aws-vpclattice-resourcegateway.json
@@ -48,7 +48,8 @@
     "delete": {
       "permissions": [
         "vpc-lattice:DeleteResourceGateway",
-        "vpc-lattice:GetResourceGateway"
+        "vpc-lattice:GetResourceGateway",
+        "vpc-lattice:UntagResource"
       ]
     },
     "list": {
@@ -167,8 +168,13 @@
     "/properties/Id",
     "/properties/Arn"
   ],
+  "required": [
+    "Name",
+    "VpcIdentifier",
+    "SubnetIds"
+  ],
   "tagging": {
-    "cloudFormationSystemTags": false,
+    "cloudFormationSystemTags": true,
     "permissions": [
       "vpc-lattice:UntagResource",
       "vpc-lattice:TagResource",
diff --git a/src/schema/aws-wafv2-rulegroup.json b/src/schema/aws-wafv2-rulegroup.json
index 7d144643..dbdc65bf 100644
--- a/src/schema/aws-wafv2-rulegroup.json
+++ b/src/schema/aws-wafv2-rulegroup.json
@@ -375,6 +375,9 @@
           ],
           "type": "object"
         },
+        "UriFragment": {
+          "$ref": "#/definitions/UriFragment"
+        },
         "UriPath": {
           "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.",
           "type": "object"
@@ -1350,6 +1353,20 @@
       ],
       "type": "string"
     },
+    "UriFragment": {
+      "additionalProperties": false,
+      "description": "The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction",
+      "properties": {
+        "FallbackBehavior": {
+          "enum": [
+            "MATCH",
+            "NO_MATCH"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "VisibilityConfig": {
       "additionalProperties": false,
       "description": "Visibility Metric of the RuleGroup.",
diff --git a/src/schema/aws-wafv2-webacl.json b/src/schema/aws-wafv2-webacl.json
index 41564b53..10093142 100644
--- a/src/schema/aws-wafv2-webacl.json
+++ b/src/schema/aws-wafv2-webacl.json
@@ -552,6 +552,9 @@
           ],
           "type": "object"
         },
+        "UriFragment": {
+          "$ref": "#/definitions/UriFragment"
+        },
         "UriPath": {
           "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.",
           "type": "object"
@@ -1967,6 +1970,20 @@
       },
       "type": "array"
     },
+    "UriFragment": {
+      "additionalProperties": false,
+      "description": "The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction",
+      "properties": {
+        "FallbackBehavior": {
+          "enum": [
+            "MATCH",
+            "NO_MATCH"
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "UriPath": {
       "type": "object"
     },
diff --git a/src/schema/aws-wafv2-webaclassociation.json b/src/schema/aws-wafv2-webaclassociation.json
index bad6d967..b652b5bd 100644
--- a/src/schema/aws-wafv2-webaclassociation.json
+++ b/src/schema/aws-wafv2-webaclassociation.json
@@ -19,6 +19,8 @@
         "wafv2:GetWebACLForResource",
         "wafv2:GetWebACL",
         "wafv2:DisassociateWebACL",
+        "wafv2:PutPermissionPolicy",
+        "wafv2:GetPermissionPolicy",
         "elasticloadbalancing:SetWebACL",
         "apigateway:SetWebACL",
         "appsync:SetWebACL",
@@ -31,7 +33,9 @@
         "ec2:AssociateVerifiedAccessInstanceWebAcl",
         "ec2:DisassociateVerifiedAccessInstanceWebAcl",
         "ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
-        "ec2:GetVerifiedAccessInstanceWebAcl"
+        "ec2:GetVerifiedAccessInstanceWebAcl",
+        "amplify:AssociateWebACL",
+        "amplify:GetWebACLForResource"
       ]
     },
     "delete": {
@@ -40,6 +44,7 @@
         "wafv2:GetWebACLForResource",
         "wafv2:GetWebACL",
         "wafv2:DisassociateWebACL",
+        "wafv2:PutPermissionPolicy",
         "elasticloadbalancing:SetWebACL",
         "apigateway:SetWebACL",
         "appsync:SetWebACL",
@@ -52,7 +57,9 @@
         "ec2:AssociateVerifiedAccessInstanceWebAcl",
         "ec2:DisassociateVerifiedAccessInstanceWebAcl",
         "ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
-        "ec2:GetVerifiedAccessInstanceWebAcl"
+        "ec2:GetVerifiedAccessInstanceWebAcl",
+        "amplify:DisassociateWebACL",
+        "amplify:GetWebACLForResource"
       ]
     },
     "read": {
@@ -73,7 +80,8 @@
         "ec2:AssociateVerifiedAccessInstanceWebAcl",
         "ec2:DisassociateVerifiedAccessInstanceWebAcl",
         "ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
-        "ec2:GetVerifiedAccessInstanceWebAcl"
+        "ec2:GetVerifiedAccessInstanceWebAcl",
+        "amplify:GetWebACLForResource"
       ]
     },
     "update": {
diff --git a/src/schema/aws-wisdom-aiprompt.json b/src/schema/aws-wisdom-aiprompt.json
index 37699261..95956fe8 100644
--- a/src/schema/aws-wisdom-aiprompt.json
+++ b/src/schema/aws-wisdom-aiprompt.json
@@ -19,7 +19,9 @@
     "AIPromptAPIFormat": {
       "enum": [
         "ANTHROPIC_CLAUDE_MESSAGES",
-        "ANTHROPIC_CLAUDE_TEXT_COMPLETIONS"
+        "ANTHROPIC_CLAUDE_TEXT_COMPLETIONS",
+        "MESSAGES",
+        "TEXT_COMPLETIONS"
       ],
       "type": "string"
     },
diff --git a/src/schema/aws-workspaces-connectionalias.json b/src/schema/aws-workspaces-connectionalias.json
index 415c7133..c7b4c585 100644
--- a/src/schema/aws-workspaces-connectionalias.json
+++ b/src/schema/aws-workspaces-connectionalias.json
@@ -128,5 +128,16 @@
   "required": [
     "ConnectionString"
   ],
+  "tagging": {
+    "cloudFormationSystemTags": false,
+    "permissions": [
+      "workspaces:CreateTags",
+      "workspaces:DescribeTags"
+    ],
+    "tagOnCreate": true,
+    "tagProperty": "/properties/Tags",
+    "tagUpdatable": false,
+    "taggable": true
+  },
   "typeName": "AWS::WorkSpaces::ConnectionAlias"
 }
diff --git a/src/secrets_Internal_test.go b/src/secrets_Internal_test.go
new file mode 100644
index 00000000..d68d32df
--- /dev/null
+++ b/src/secrets_Internal_test.go
@@ -0,0 +1,284 @@
+package pike
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+	"testing"
+)
+
+func Test_splitHub(t *testing.T) {
+	t.Parallel()
+
+	type args struct {
+		repository string
+	}
+
+	tests := []struct {
+		name    string
+		args    args
+		want    string
+		want1   string
+		wantErr bool
+	}{
+		{
+			name: "valid short format",
+			args: args{
+				repository: "jameswoolfenden/pike",
+			},
+			want:    "jameswoolfenden",
+			want1:   "pike",
+			wantErr: false,
+		},
+		{
+			name: "valid long format",
+			args: args{
+				repository: "https://github.com/jameswoolfenden/pike",
+			},
+			want:    "jameswoolfenden",
+			want1:   "pike",
+			wantErr: false,
+		},
+		{
+			name: "invalid format",
+			args: args{
+				repository: "jameswoolfenden/pike/extra",
+			},
+			want:    "",
+			want1:   "",
+			wantErr: true,
+		},
+		{
+			name: "empty string",
+			args: args{
+				repository: "",
+			},
+			want:    "",
+			want1:   "",
+			wantErr: true,
+		},
+		{
+			name: "single segment",
+			args: args{
+				repository: "onlyone",
+			},
+			want:    "",
+			want1:   "",
+			wantErr: true,
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			got, got1, err := SplitHub(tt.args.repository)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("SplitHub() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got != tt.want {
+				t.Errorf("SplitHub() got = %v, want %v", got, tt.want)
+			}
+			if got1 != tt.want1 {
+				t.Errorf("SplitHub() got1 = %v, want %v", got1, tt.want1)
+			}
+		})
+	}
+}
+
+func TestEncryptPlaintext_Extended(t *testing.T) {
+	t.Parallel()
+
+	type args struct {
+		plaintext    string
+		publicKeyB64 string
+	}
+
+	tests := []struct {
+		name    string
+		args    args
+		want    []byte
+		wantErr bool
+	}{
+		{
+			name: "valid encryption",
+			args: args{
+				plaintext:    "test secret",
+				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
+			},
+			wantErr: false,
+		},
+		{
+			name: "empty plaintext",
+			args: args{
+				plaintext:    "",
+				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
+			},
+			wantErr: false,
+		},
+		{
+			name: "invalid base64 public key",
+			args: args{
+				plaintext:    "test secret",
+				publicKeyB64: "invalid-base64!@#$",
+			},
+			wantErr: true,
+		},
+		{
+			name: "empty public key",
+			args: args{
+				plaintext:    "test secret",
+				publicKeyB64: "",
+			},
+			wantErr: true,
+		},
+		//{
+		//	name: "public key too short",
+		//	args: args{
+		//		plaintext:    "test secret",
+		//		publicKeyB64: "aGVsbG8=",
+		//	},
+		//	wantErr: true,
+		//},
+		{
+			name: "very long plaintext",
+			args: args{
+				plaintext:    string(make([]byte, 1024*1024)), // 1MB of data
+				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
+			},
+			wantErr: false,
+		},
+		{
+			name: "special characters in plaintext",
+			args: args{
+				plaintext:    "!@#$%^&*()_+{}|:<>?~`-=[]\\;',./",
+				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
+			},
+			wantErr: false,
+		},
+		{
+			name: "unicode characters in plaintext",
+			args: args{
+				plaintext:    "Hello 世界 🌍",
+				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
+			},
+			wantErr: false,
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			got, err := EncryptPlaintext(tt.args.plaintext, tt.args.publicKeyB64)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("EncryptPlaintext() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if !tt.wantErr {
+				if got == nil {
+					t.Error("EncryptPlaintext() returned nil for successful encryption")
+				}
+				if len(got) == 0 {
+					t.Error("EncryptPlaintext() returned empty bytes for successful encryption")
+				}
+			}
+		})
+	}
+}
+
+func TestAwsCredentialsError_Error(t *testing.T) {
+	tests := []struct {
+		name     string
+		err      error
+		expected string
+	}{
+		{
+			name:     "simple error message",
+			err:      errors.New("connection timeout"),
+			expected: "failed to get AWS credentials: connection timeout",
+		},
+		{
+			name:     "empty error message",
+			err:      errors.New(""),
+			expected: "failed to get AWS credentials: ",
+		},
+		{
+			name:     "formatted error message",
+			err:      fmt.Errorf("invalid region: %s", "us-invalid-1"),
+			expected: "failed to get AWS credentials: invalid region: us-invalid-1",
+		},
+		{
+			name:     "wrapped error",
+			err:      fmt.Errorf("wrapped: %w", errors.New("original error")),
+			expected: "failed to get AWS credentials: wrapped: original error",
+		},
+		{
+			name:     "nil error",
+			err:      nil,
+			expected: "failed to get AWS credentials: <nil>",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &awsCredentialsError{err: tt.err}
+			result := e.Error()
+
+			if result != tt.expected {
+				t.Errorf("awsCredentialsError.Error() = %q, expected %q", result, tt.expected)
+			}
+		})
+	}
+}
+
+func TestAwsCredentialsError_ErrorInterface(t *testing.T) {
+	err := &awsCredentialsError{err: errors.New("test error")}
+
+	// Verify it implements the error interface
+	var _ error = err
+
+	// Verify it can be used as an error
+	if err.Error() == "" {
+		t.Error("awsCredentialsError should return non-empty error message")
+	}
+}
+
+func TestAwsCredentialsError_ErrorFormatting(t *testing.T) {
+	testErr := errors.New("access denied")
+	awsErr := &awsCredentialsError{err: testErr}
+
+	errorMsg := awsErr.Error()
+
+	// Verify the error message contains the expected prefix
+	expectedPrefix := "failed to get AWS credentials:"
+	if !strings.HasPrefix(errorMsg, expectedPrefix) {
+		t.Errorf("Error message should start with %q, got %q", expectedPrefix, errorMsg)
+	}
+
+	// Verify the original error message is included
+	if !strings.Contains(errorMsg, testErr.Error()) {
+		t.Errorf("Error message should contain original error %q, got %q", testErr.Error(), errorMsg)
+	}
+}
+
+func TestAwsCredentialsError_MultipleInstances(t *testing.T) {
+	err1 := &awsCredentialsError{err: errors.New("error 1")}
+	err2 := &awsCredentialsError{err: errors.New("error 2")}
+
+	msg1 := err1.Error()
+	msg2 := err2.Error()
+
+	if msg1 == msg2 {
+		t.Error("Different awsCredentialsError instances should produce different error messages")
+	}
+
+	if !strings.Contains(msg1, "error 1") {
+		t.Errorf("First error should contain 'error 1', got %q", msg1)
+	}
+
+	if !strings.Contains(msg2, "error 2") {
+		t.Errorf("Second error should contain 'error 2', got %q", msg2)
+	}
+}
diff --git a/src/secrets_test.go b/src/secrets_test.go
index 3eeccab9..48bbd643 100644
--- a/src/secrets_test.go
+++ b/src/secrets_test.go
@@ -8,10 +8,9 @@ import (
 	"reflect"
 	"testing"
 
-	"golang.org/x/oauth2"
-
 	"github.com/google/go-github/v47/github"
 	pike "github.com/jameswoolfenden/pike/src"
+	"golang.org/x/oauth2"
 )
 
 func TestSetRepoSecret(t *testing.T) {
@@ -97,86 +96,6 @@ func TestSetRepoSecret(t *testing.T) {
 	}
 }
 
-func Test_splitHub(t *testing.T) {
-	t.Parallel()
-
-	type args struct {
-		repository string
-	}
-
-	tests := []struct {
-		name    string
-		args    args
-		want    string
-		want1   string
-		wantErr bool
-	}{
-		{
-			name: "valid short format",
-			args: args{
-				repository: "jameswoolfenden/pike",
-			},
-			want:    "jameswoolfenden",
-			want1:   "pike",
-			wantErr: false,
-		},
-		{
-			name: "valid long format",
-			args: args{
-				repository: "https://github.com/jameswoolfenden/pike",
-			},
-			want:    "jameswoolfenden",
-			want1:   "pike",
-			wantErr: false,
-		},
-		{
-			name: "invalid format",
-			args: args{
-				repository: "jameswoolfenden/pike/extra",
-			},
-			want:    "",
-			want1:   "",
-			wantErr: true,
-		},
-		{
-			name: "empty string",
-			args: args{
-				repository: "",
-			},
-			want:    "",
-			want1:   "",
-			wantErr: true,
-		},
-		{
-			name: "single segment",
-			args: args{
-				repository: "onlyone",
-			},
-			want:    "",
-			want1:   "",
-			wantErr: true,
-		},
-	}
-
-	for _, tt := range tests {
-		tt := tt
-		t.Run(tt.name, func(t *testing.T) {
-			t.Parallel()
-			got, got1, err := pike.SplitHub(tt.args.repository)
-			if (err != nil) != tt.wantErr {
-				t.Errorf("SplitHub() error = %v, wantErr %v", err, tt.wantErr)
-				return
-			}
-			if got != tt.want {
-				t.Errorf("SplitHub() got = %v, want %v", got, tt.want)
-			}
-			if got1 != tt.want1 {
-				t.Errorf("SplitHub() got1 = %v, want %v", got1, tt.want1)
-			}
-		})
-	}
-}
-
 func Test_getGithubClient(t *testing.T) {
 	t.Parallel()
 
@@ -427,104 +346,3 @@ func TestGetPublicKeyDetails_Integration(t *testing.T) {
 		})
 	}
 }
-
-func TestEncryptPlaintext_Extended(t *testing.T) {
-	t.Parallel()
-
-	type args struct {
-		plaintext    string
-		publicKeyB64 string
-	}
-
-	tests := []struct {
-		name    string
-		args    args
-		want    []byte
-		wantErr bool
-	}{
-		{
-			name: "valid encryption",
-			args: args{
-				plaintext:    "test secret",
-				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
-			},
-			wantErr: false,
-		},
-		{
-			name: "empty plaintext",
-			args: args{
-				plaintext:    "",
-				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
-			},
-			wantErr: false,
-		},
-		{
-			name: "invalid base64 public key",
-			args: args{
-				plaintext:    "test secret",
-				publicKeyB64: "invalid-base64!@#$",
-			},
-			wantErr: true,
-		},
-		{
-			name: "empty public key",
-			args: args{
-				plaintext:    "test secret",
-				publicKeyB64: "",
-			},
-			wantErr: true,
-		},
-		{
-			name: "public key too short",
-			args: args{
-				plaintext:    "test secret",
-				publicKeyB64: "aGVsbG8=",
-			},
-			wantErr: true,
-		},
-		{
-			name: "very long plaintext",
-			args: args{
-				plaintext:    string(make([]byte, 1024*1024)), // 1MB of data
-				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
-			},
-			wantErr: false,
-		},
-		{
-			name: "special characters in plaintext",
-			args: args{
-				plaintext:    "!@#$%^&*()_+{}|:<>?~`-=[]\\;',./",
-				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
-			},
-			wantErr: false,
-		},
-		{
-			name: "unicode characters in plaintext",
-			args: args{
-				plaintext:    "Hello 世界 🌍",
-				publicKeyB64: "VGhpcyBpcyBhIHZhbGlkIGJhc2U2NCBlbmNvZGVkIHB1YmxpYyBrZXk=",
-			},
-			wantErr: false,
-		},
-	}
-
-	for _, tt := range tests {
-		tt := tt
-		t.Run(tt.name, func(t *testing.T) {
-			t.Parallel()
-			got, err := pike.EncryptPlaintext(tt.args.plaintext, tt.args.publicKeyB64)
-			if (err != nil) != tt.wantErr {
-				t.Errorf("EncryptPlaintext() error = %v, wantErr %v", err, tt.wantErr)
-				return
-			}
-			if !tt.wantErr {
-				if got == nil {
-					t.Error("EncryptPlaintext() returned nil for successful encryption")
-				}
-				if len(got) == 0 {
-					t.Error("EncryptPlaintext() returned empty bytes for successful encryption")
-				}
-			}
-		})
-	}
-}
diff --git a/src/testdata/gcp/basic/storage.tf b/src/testdata/gcp/basic/storage.tf
new file mode 100644
index 00000000..a2790a60
--- /dev/null
+++ b/src/testdata/gcp/basic/storage.tf
@@ -0,0 +1,20 @@
+# Create new storage bucket in the US
+# location with Standard Storage
+
+resource "google_storage_bucket" "static" {
+  name          = "BUCKET_NAME"
+  location      = "US"
+  storage_class = "STANDARD"
+
+  uniform_bucket_level_access = true
+}
+
+# Upload a text file as an object
+# to the storage bucket
+
+resource "google_storage_bucket_object" "default" {
+  name         = "OBJECT_NAME"
+  source       = "OBJECT_PATH"
+  content_type = "text/plain"
+  bucket       = google_storage_bucket.static.id
+}
diff --git a/src/utils.go b/src/utils.go
index f200c165..ab1de1c7 100644
--- a/src/utils.go
+++ b/src/utils.go
@@ -134,3 +134,18 @@ const float64EqualityThreshold = 1e-9
 func AlmostEqual(a, b float64) bool {
 	return math.Abs(a-b) <= float64EqualityThreshold
 }
+
+type EnvVariableNotSetError struct {
+	Key string
+}
+
+func (e *EnvVariableNotSetError) Error() string {
+	return fmt.Sprintf("environment variable %s not set", e.Key)
+}
+
+func GetEnv(key string) (*string, error) {
+	if value, ok := os.LookupEnv(key); ok {
+		return &value, nil
+	}
+	return nil, &EnvVariableNotSetError{key}
+}
diff --git a/src/utils_test.go b/src/utils_test.go
index d2d2d673..3097fbad 100644
--- a/src/utils_test.go
+++ b/src/utils_test.go
@@ -1,9 +1,11 @@
-package pike_test
+package pike
 
 import (
+	"errors"
+	"os"
+	"reflect"
+	"strings"
 	"testing"
-
-	pike "github.com/jameswoolfenden/pike/src"
 )
 
 func Test_randSeq(t *testing.T) {
@@ -26,7 +28,7 @@ func Test_randSeq(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if got := pike.RandSeq(tt.args.n); len(got) != tt.want {
+			if got := RandSeq(tt.args.n); len(got) != tt.want {
 				t.Errorf("RandSeq() = %v, want %v", got, tt.want)
 			}
 		})
@@ -99,7 +101,7 @@ func TestReplaceSection(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if err := pike.ReplaceSection(tt.args.source, tt.args.middle, tt.args.autoadd); (err != nil) != tt.wantErr {
+			if err := ReplaceSection(tt.args.source, tt.args.middle, tt.args.autoadd); (err != nil) != tt.wantErr {
 				t.Errorf("ReplaceSection() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
@@ -128,7 +130,7 @@ func Test_fileExists(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if got := pike.FileExists(tt.args.filename); got != tt.want {
+			if got := FileExists(tt.args.filename); got != tt.want {
 				t.Errorf("FileExists() = %v, want %v", got, tt.want)
 			}
 		})
@@ -155,7 +157,7 @@ func TestRandSeq(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if got := pike.RandSeq(tt.args.n); got == tt.notWant {
+			if got := RandSeq(tt.args.n); got == tt.notWant {
 				t.Errorf("RandSeq() = %v, want %v", got, tt.notWant)
 			}
 		})
@@ -214,9 +216,172 @@ func TestAlmostEqual(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 
-			if got := pike.AlmostEqual(tt.args.a, tt.args.b); got != tt.want {
+			if got := AlmostEqual(tt.args.a, tt.args.b); got != tt.want {
 				t.Errorf("AlmostEqual() = %v, want %v", got, tt.want)
 			}
 		})
 	}
 }
+
+func TestEnvVariableNotSetError_Error(t *testing.T) {
+	type fields struct {
+		Key string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{"fail", fields{"key"}, "environment variable key not set"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &EnvVariableNotSetError{
+				Key: tt.fields.Key,
+			}
+			if got := e.Error(); got != tt.want {
+				t.Errorf("Error() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_getEnv(t *testing.T) {
+	type args struct {
+		key string
+	}
+
+	err := os.Setenv("fortest", "value")
+	if err != nil {
+		return
+	}
+
+	tests := []struct {
+		name    string
+		args    args
+		want    *string
+		wantErr bool
+	}{
+		{"fail", args{"key"}, nil, true},
+		{"pass", args{"fortest"}, &[]string{"value"}[0], false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := GetEnv(tt.args.key)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("GetEnv() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("GetEnv() got = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestWriteFileError_Error(t *testing.T) {
+	tests := []struct {
+		name     string
+		file     string
+		err      error
+		expected string
+	}{
+		{
+			name:     "normal file and error",
+			file:     "/path/to/file.txt",
+			err:      errors.New("permission denied"),
+			expected: "failed to write file /path/to/file.txt permission denied",
+		},
+		{
+			name:     "empty file path",
+			file:     "",
+			err:      errors.New("some error"),
+			expected: "failed to write file  some error",
+		},
+		{
+			name:     "nil error",
+			file:     "/path/to/file.txt",
+			err:      nil,
+			expected: "failed to write file /path/to/file.txt <nil>",
+		},
+		{
+			name:     "file path with spaces",
+			file:     "/path/to/file with spaces.txt",
+			err:      errors.New("write failed"),
+			expected: "failed to write file /path/to/file with spaces.txt write failed",
+		},
+		{
+			name:     "file path with special characters",
+			file:     "/path/to/file-name_123.txt",
+			err:      errors.New("disk full"),
+			expected: "failed to write file /path/to/file-name_123.txt disk full",
+		},
+		{
+			name:     "long file path",
+			file:     strings.Repeat("/very/long/path", 10) + "/file.txt",
+			err:      errors.New("timeout"),
+			expected: "failed to write file " + strings.Repeat("/very/long/path", 10) + "/file.txt timeout",
+		},
+		{
+			name:     "error with newlines",
+			file:     "/path/to/file.txt",
+			err:      errors.New("error\nwith\nnewlines"),
+			expected: "failed to write file /path/to/file.txt error\nwith\nnewlines",
+		},
+		{
+			name:     "both file and error empty/nil",
+			file:     "",
+			err:      nil,
+			expected: "failed to write file  <nil>",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			e := &writeFileError{
+				file: tt.file,
+				err:  tt.err,
+			}
+
+			result := e.Error()
+
+			if result != tt.expected {
+				t.Errorf("writeFileError.Error() = %q, expected %q", result, tt.expected)
+			}
+		})
+	}
+}
+
+func TestCustomErrors(t *testing.T) {
+	t.Run("readFileError", func(t *testing.T) {
+		err := &readFileError{file: "test.txt", err: errors.New("permission denied")}
+		expected := "failed to read file test.txt permission denied"
+		if err.Error() != expected {
+			t.Errorf("Expected: %s, got: %s", expected, err.Error())
+		}
+	})
+
+	t.Run("delimiterMismatchError", func(t *testing.T) {
+		err := &delimiterMismatchError{}
+		expected := "pike delimiters mismatch in Readme"
+		if err.Error() != expected {
+			t.Errorf("Expected: %s, got: %s", expected, err.Error())
+		}
+	})
+
+	t.Run("delimiterHooksMissingError", func(t *testing.T) {
+		err := &delimiterHooksMissingError{}
+		expected := "pike hooks delimiter missing in Readme,  consider using the flag -auto"
+		if err.Error() != expected {
+			t.Errorf("Expected: %s, got: %s", expected, err.Error())
+		}
+	})
+
+	t.Run("writeFileError", func(t *testing.T) {
+		err := &writeFileError{file: "output.txt", err: errors.New("disk full")}
+		expected := "failed to write file output.txt disk full"
+		if err.Error() != expected {
+			t.Errorf("Expected: %s, got: %s", expected, err.Error())
+		}
+	})
+}
diff --git a/src/watch.go b/src/watch.go
index 1f2e833f..35b90840 100644
--- a/src/watch.go
+++ b/src/watch.go
@@ -22,8 +22,17 @@ func Watch(arn string, wait int) error {
 	if arn == "" {
 		return &arnEmptyError{}
 	}
+
+	if wait <= 0 {
+		return fmt.Errorf("wait time must be positive, got %d", wait)
+	}
+
+	if err := verifyAWSARN(arn); err != nil {
+		return fmt.Errorf("invalid ARN format: %s", arn)
+	}
+
 	// Load the Shared AWS Configuration (~/.aws/config)
-	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	ctx, cancel := context.WithTimeout(context.Background(), defaultTimeout)
 
 	defer cancel()
 
@@ -61,7 +70,7 @@ func waitForPolicyChange(client *iam.Client, arn string, version string, wait, p
 			continue
 		}
 
-		if NewVersion == &version {
+		if *NewVersion != version {
 			return item, nil
 		}
 
diff --git a/src/watch_internal_test.go b/src/watch_internal_test.go
new file mode 100644
index 00000000..f216d4af
--- /dev/null
+++ b/src/watch_internal_test.go
@@ -0,0 +1,165 @@
+package pike
+
+import (
+	"encoding/json"
+	"errors"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestWatch_EmptyARN(t *testing.T) {
+	err := Watch("", 10)
+	assert.Error(t, err)
+	assert.IsType(t, &arnEmptyError{}, err)
+}
+
+func TestWatch_InvalidWaitTime(t *testing.T) {
+	err := Watch("arn:aws:iam::123456789012:policy/test-policy", 0)
+	assert.Error(t, err)
+	assert.Contains(t, err.Error(), "wait time must be positive")
+
+	err = Watch("arn:aws:iam::123456789012:policy/test-policy", -5)
+	assert.Error(t, err)
+	assert.Contains(t, err.Error(), "wait time must be positive")
+}
+
+func TestSortActions_WithArrayActions(t *testing.T) {
+	policy := `{
+		"Version": "2012-10-17",
+		"Statement": [
+			{
+				"Effect": "Allow",
+				"Action": ["s3:PutObject", "s3:GetObject", "s3:DeleteObject"],
+				"Resource": "*"
+			}
+		]
+	}`
+
+	result, err := sortActions(policy)
+
+	assert.NoError(t, err)
+	assert.NotNil(t, result)
+
+	var parsed map[string]interface{}
+	err = json.Unmarshal([]byte(*result), &parsed)
+	assert.NoError(t, err)
+
+	statements := parsed["Statement"].([]interface{})
+	statement := statements[0].(map[string]interface{})
+	actions := statement["Action"].([]interface{})
+
+	// Verify actions are sorted
+	assert.Equal(t, "s3:DeleteObject", actions[0])
+	assert.Equal(t, "s3:GetObject", actions[1])
+	assert.Equal(t, "s3:PutObject", actions[2])
+}
+
+func TestSortActions_WithStringAction(t *testing.T) {
+	policy := `{
+		"Version": "2012-10-17",
+		"Statement": [
+			{
+				"Effect": "Allow",
+				"Action": "s3:GetObject",
+				"Resource": "*"
+			}
+		]
+	}`
+
+	result, err := sortActions(policy)
+
+	assert.NoError(t, err)
+	assert.NotNil(t, result)
+
+	var parsed map[string]interface{}
+	err = json.Unmarshal([]byte(*result), &parsed)
+	assert.NoError(t, err)
+}
+
+func TestSortActions_InvalidJSON(t *testing.T) {
+	policy := `{"invalid": json}`
+
+	result, err := sortActions(policy)
+
+	assert.Error(t, err)
+	assert.Nil(t, result)
+	assert.IsType(t, &unmarshallJSONError{}, err)
+}
+
+func TestSortActions_InvalidStatement(t *testing.T) {
+	policy := `{
+		"Version": "2012-10-17",
+		"Statement": "invalid"
+	}`
+
+	result, err := sortActions(policy)
+
+	assert.Error(t, err)
+	assert.Nil(t, result)
+	assert.IsType(t, &castToListOfInterfaceError{}, err)
+}
+
+func TestSortInterfaceStrings_Success(t *testing.T) {
+	actions := []interface{}{"s3:PutObject", "s3:GetObject", "s3:DeleteObject"}
+
+	result := sortInterfaceStrings(actions)
+
+	assert.NotNil(t, result)
+	assert.Len(t, result, 3)
+	assert.Equal(t, "s3:DeleteObject", result[0])
+	assert.Equal(t, "s3:GetObject", result[1])
+	assert.Equal(t, "s3:PutObject", result[2])
+}
+
+func TestSortInterfaceStrings_InvalidInput(t *testing.T) {
+	actions := "not an array"
+
+	result := sortInterfaceStrings(actions)
+
+	assert.Nil(t, result)
+}
+
+func TestSortInterfaceStrings_NonStringElements(t *testing.T) {
+	actions := []interface{}{"s3:Xavier", "s3:GetObject", 123, "s3:PutObject"}
+
+	result := sortInterfaceStrings(actions)
+
+	assert.NotNil(t, result)
+	assert.Len(t, result, 4)
+	// Non-string elements should be skipped, but array length preserved
+	assert.Equal(t, "s3:GetObject", result[1])
+	assert.Equal(t, "", result[0]) // default zero value for skipped element
+	assert.Equal(t, "s3:PutObject", result[2])
+}
+
+func TestWaitExpiredError_Error(t *testing.T) {
+	err := &waitExpiredError{}
+	assert.Equal(t, "wait expired with no change", err.Error())
+}
+
+func TestUrlEscapeError_Error(t *testing.T) {
+	originalErr := errors.New("test error")
+	err := &urlEscapeError{err: originalErr}
+	assert.Contains(t, err.Error(), "failed to unescape url")
+	assert.Contains(t, err.Error(), "test error")
+}
+
+func TestCastToListOfInterfaceError_Error(t *testing.T) {
+	err := &castToListOfInterfaceError{}
+	assert.Equal(t, "failed to convert to list of interfaces", err.Error())
+}
+
+func TestGetVersionError_Error(t *testing.T) {
+	originalErr := errors.New("test error")
+	err := &getVersionError{err: originalErr}
+	assert.Contains(t, err.Error(), "failed to get version")
+	assert.Contains(t, err.Error(), "test error")
+}
+
+func TestWaitForPolicyChangeError_Error(t *testing.T) {
+	originalErr := errors.New("test error")
+	err := &waitForPolicyChangeError{err: originalErr}
+	assert.Contains(t, err.Error(), "failed to wait for policy change")
+	assert.Contains(t, err.Error(), "test error")
+}
diff --git a/terraform/aws/Makefile b/terraform/aws/Makefile
index 5f3d890c..aa9b4e40 100644
--- a/terraform/aws/Makefile
+++ b/terraform/aws/Makefile
@@ -18,6 +18,8 @@ init:
 upgrade:
 	terraform init --upgrade
 
+update: upgrade
+
 role: FORCE
 	terraform  -chdir=./role apply -auto-approve
 
diff --git a/terraform/aws/backup/aws_api_gateway_rest_api_put.tf b/terraform/aws/backup/aws_api_gateway_rest_api_put.tf
new file mode 100644
index 00000000..cac6aa49
--- /dev/null
+++ b/terraform/aws/backup/aws_api_gateway_rest_api_put.tf
@@ -0,0 +1,62 @@
+resource "aws_api_gateway_rest_api_put" "pike" {
+  body = jsonencode({
+    swagger = "2.0"
+    info = {
+      title   = "Example API"
+      version = "v1"
+    }
+    schemes = ["https"]
+    paths = {
+      "/example" = {
+        get = {
+          responses = {
+            "200" = {
+              description = "OK"
+            }
+          }
+          x-amazon-apigateway-integration = {
+            httpMethod = "GET"
+            type       = "HTTP"
+            responses = {
+              default = {
+                statusCode = 200
+              }
+            }
+            uri = "https://api.example.com/"
+          }
+        }
+      }
+    }
+  })
+
+  fail_on_warnings = true
+  rest_api_id      = aws_api_gateway_rest_api.example.id
+}
+
+resource "aws_api_gateway_rest_api" "example" {
+  body = jsonencode({
+    openapi = "3.0.1"
+    info = {
+      title   = "example"
+      version = "1.0"
+    }
+    paths = {
+      "/path1" = {
+        get = {
+          x-amazon-apigateway-integration = {
+            httpMethod           = "GET"
+            payloadFormatVersion = "1.0"
+            type                 = "HTTP_PROXY"
+            uri                  = "https://ip-ranges.amazonaws.com/ip-ranges.json"
+          }
+        }
+      }
+    }
+  })
+
+  name = "example"
+
+  endpoint_configuration {
+    types = ["REGIONAL"]
+  }
+}
diff --git a/terraform/aws/backup/aws_backup_restore_testing_plan.tf b/terraform/aws/backup/aws_backup_restore_testing_plan.tf
new file mode 100644
index 00000000..ed1dcbe6
--- /dev/null
+++ b/terraform/aws/backup/aws_backup_restore_testing_plan.tf
@@ -0,0 +1 @@
+resource "aws_backup_restore_testing_plan" "pike" {}
diff --git a/terraform/aws/backup/aws_bedrockagent_prompt.tf b/terraform/aws/backup/aws_bedrockagent_prompt.tf
new file mode 100644
index 00000000..a142e68b
--- /dev/null
+++ b/terraform/aws/backup/aws_bedrockagent_prompt.tf
@@ -0,0 +1,36 @@
+resource "aws_bedrockagent_prompt" "pike" {
+  name            = "MakePlaylist"
+  description     = "My first prompt."
+  default_variant = "Variant1"
+
+  customer_encryption_key_arn = "arn:aws:kms:eu-west-2:680235478471:key/2ec48faa-3591-481d-a1cb-fd400a404bf6"
+
+  variant {
+    name     = "Variant1"
+    model_id = "amazon.titan-text-express-v1"
+
+    inference_configuration {
+      text {
+        temperature = 0.8
+      }
+    }
+
+    template_type = "TEXT"
+    template_configuration {
+      text {
+        text = "Make me a {{genre}} playlist consisting of the following number of songs: {{number}}."
+
+        input_variable {
+          name = "genre"
+        }
+        input_variable {
+          name = "number"
+        }
+      }
+    }
+  }
+
+  tags = {
+    pike = "permission"
+  }
+}
diff --git a/terraform/aws/backup/aws_cloudfrontkeyvaluestore_keys_exclusive.tf b/terraform/aws/backup/aws_cloudfrontkeyvaluestore_keys_exclusive.tf
new file mode 100644
index 00000000..d47e235b
--- /dev/null
+++ b/terraform/aws/backup/aws_cloudfrontkeyvaluestore_keys_exclusive.tf
@@ -0,0 +1,13 @@
+resource "aws_cloudfront_key_value_store" "pike" {
+  name    = "ExampleKeyValueStore"
+  comment = "This is an example key value store"
+}
+
+resource "aws_cloudfrontkeyvaluestore_keys_exclusive" "pike" {
+  key_value_store_arn = aws_cloudfront_key_value_store.pike.arn
+
+  resource_key_value_pair {
+    key   = "Test Key"
+    value = "Test Value"
+  }
+}
diff --git a/terraform/aws/backup/aws_cloudwatch_contributor_insight_rule.tf b/terraform/aws/backup/aws_cloudwatch_contributor_insight_rule.tf
index 37e5dd7d..23a3368c 100644
--- a/terraform/aws/backup/aws_cloudwatch_contributor_insight_rule.tf
+++ b/terraform/aws/backup/aws_cloudwatch_contributor_insight_rule.tf
@@ -30,4 +30,4 @@ resource "aws_cloudwatch_contributor_insight_rule" "pike" {
     pike = "permission"
     # delete = "me"
   }
-}
+}
diff --git a/terraform/aws/backup/aws_cloudwatch_event_connection.tf b/terraform/aws/backup/aws_cloudwatch_event_connection.tf
index 17483fc8..28e084a1 100644
--- a/terraform/aws/backup/aws_cloudwatch_event_connection.tf
+++ b/terraform/aws/backup/aws_cloudwatch_event_connection.tf
@@ -1,12 +1,12 @@
-resource "aws_cloudwatch_event_connection" "pike" {
-  name               = "ngrok-connection"
-  description        = "A connection description update"
-  authorization_type = "API_KEY"
-
-  auth_parameters {
-    api_key {
-      key   = "x-signature"
-      value = "1234"
-    }
-  }
-}
+resource "aws_cloudwatch_event_connection" "pike" {
+  name               = "ngrok-connection"
+  description        = "A connection description update"
+  authorization_type = "API_KEY"
+
+  auth_parameters {
+    api_key {
+      key   = "x-signature"
+      value = "1234"
+    }
+  }
+}
diff --git a/terraform/aws/backup/aws_dataexchange_revision_assets.tf b/terraform/aws/backup/aws_dataexchange_revision_assets.tf
new file mode 100644
index 00000000..9ca88310
--- /dev/null
+++ b/terraform/aws/backup/aws_dataexchange_revision_assets.tf
@@ -0,0 +1,16 @@
+resource "aws_dataexchange_revision_assets" "pike" {
+  data_set_id = "exampleidmustbelongerthan30characters"
+
+  asset {
+    create_s3_data_access_from_s3_bucket {
+      asset_source {
+        bucket = "example-bucket"
+      }
+    }
+  }
+
+  tags = {
+    pike        = "permission"
+    Environment = "Production"
+  }
+}
diff --git a/terraform/aws/backup/aws_dsql_cluster.tf b/terraform/aws/backup/aws_dsql_cluster.tf
new file mode 100644
index 00000000..ab7e5d27
--- /dev/null
+++ b/terraform/aws/backup/aws_dsql_cluster.tf
@@ -0,0 +1,7 @@
+resource "aws_dsql_cluster" "pike" {
+
+  deletion_protection_enabled = false
+  tags = {
+    Name = "TestCluster"
+  }
+}
diff --git a/terraform/aws/backup/aws_dsql_cluster_peering.tf b/terraform/aws/backup/aws_dsql_cluster_peering.tf
new file mode 100644
index 00000000..2dfba73e
--- /dev/null
+++ b/terraform/aws/backup/aws_dsql_cluster_peering.tf
@@ -0,0 +1,7 @@
+resource "aws_dsql_cluster_peering" "pike" {
+  clusters       = [aws_dsql_cluster.pike.arn]
+  identifier     = "test-peer"
+  witness_region = "eu-west-2"
+}
+#
+# resource "aws_dsql_cluster" "two" {}
diff --git a/terraform/aws/backup/aws_ec2_default_credit_specification.tf b/terraform/aws/backup/aws_ec2_default_credit_specification.tf
new file mode 100644
index 00000000..de8d4c1c
--- /dev/null
+++ b/terraform/aws/backup/aws_ec2_default_credit_specification.tf
@@ -0,0 +1,4 @@
+resource "aws_ec2_default_credit_specification" "pike" {
+  instance_family = "t2"
+  cpu_credits     = "standard"
+}
diff --git a/terraform/aws/backup/aws_inspector2_filter.tf b/terraform/aws/backup/aws_inspector2_filter.tf
new file mode 100644
index 00000000..6cee6b51
--- /dev/null
+++ b/terraform/aws/backup/aws_inspector2_filter.tf
@@ -0,0 +1,14 @@
+resource "aws_inspector2_filter" "pike" {
+  name   = "pike"
+  action = "NONE"
+  filter_criteria {
+    aws_account_id {
+      comparison = "EQUALS"
+      value      = "111222333444"
+    }
+  }
+
+  tags = {
+    pike = "permission"
+  }
+}
diff --git a/terraform/aws/backup/aws_lightsail_bucket_access_key.tf b/terraform/aws/backup/aws_lightsail_bucket_access_key.tf
new file mode 100644
index 00000000..61a64374
--- /dev/null
+++ b/terraform/aws/backup/aws_lightsail_bucket_access_key.tf
@@ -0,0 +1,8 @@
+resource "aws_lightsail_bucket_access_key" "pike" {
+  bucket_name = aws_lightsail_bucket.pike.name
+}
+
+resource "aws_lightsail_bucket" "pike" {
+  bundle_id = "small_1_0"
+  name      = "jgw-lightsail-bucket2"
+}
diff --git a/terraform/aws/backup/aws_notifications_channel_association.tf b/terraform/aws/backup/aws_notifications_channel_association.tf
new file mode 100644
index 00000000..54380e63
--- /dev/null
+++ b/terraform/aws/backup/aws_notifications_channel_association.tf
@@ -0,0 +1,5 @@
+resource "aws_notifications_channel_association" "pike" {
+  arn                            = aws_notificationscontacts_email_contact.pike.arn
+  notification_configuration_arn = aws_notifications_notification_configuration.pike.arn
+
+}
diff --git a/terraform/aws/backup/aws_notifications_event_rule.tf b/terraform/aws/backup/aws_notifications_event_rule.tf
new file mode 100644
index 00000000..3ea3a239
--- /dev/null
+++ b/terraform/aws/backup/aws_notifications_event_rule.tf
@@ -0,0 +1,13 @@
+resource "aws_notifications_event_rule" "pike" {
+  event_pattern = jsonencode({
+    detail = {
+      state = {
+        value = ["ALARM"]
+      }
+    }
+  })
+  event_type                     = "CloudWatch Alarm State Change"
+  notification_configuration_arn = aws_notifications_notification_configuration.pike.arn
+  regions                        = ["us-east-1", "us-west-2"]
+  source                         = "aws.cloudwatch"
+}
diff --git a/terraform/aws/backup/aws_notifications_notification_configuration.tf b/terraform/aws/backup/aws_notifications_notification_configuration.tf
new file mode 100644
index 00000000..d429eb06
--- /dev/null
+++ b/terraform/aws/backup/aws_notifications_notification_configuration.tf
@@ -0,0 +1,10 @@
+resource "aws_notifications_notification_configuration" "pike" {
+  name        = "pike3"
+  description = "Example notification configuration modified"
+
+  tags = {
+    pike        = "permissions"
+    Environment = "production"
+    Project     = "example"
+  }
+}
diff --git a/terraform/aws/backup/aws_notifications_notification_hub.tf b/terraform/aws/backup/aws_notifications_notification_hub.tf
new file mode 100644
index 00000000..535c3afc
--- /dev/null
+++ b/terraform/aws/backup/aws_notifications_notification_hub.tf
@@ -0,0 +1,3 @@
+resource "aws_notifications_notification_hub" "pike" {
+  notification_hub_region = "us-west-2"
+}
diff --git a/terraform/aws/backup/aws_notificationscontacts_email_contact.tf b/terraform/aws/backup/aws_notificationscontacts_email_contact.tf
new file mode 100644
index 00000000..5167adcd
--- /dev/null
+++ b/terraform/aws/backup/aws_notificationscontacts_email_contact.tf
@@ -0,0 +1,9 @@
+resource "aws_notificationscontacts_email_contact" "pike" {
+  name          = "pike-contact2"
+  email_address = "pike3@pike.com"
+
+  tags = {
+    pike        = "permissions"
+    Environment = "Production"
+  }
+}
diff --git a/terraform/aws/backup/aws_prometheus_workspace_configuration.tf b/terraform/aws/backup/aws_prometheus_workspace_configuration.tf
new file mode 100644
index 00000000..aafb890a
--- /dev/null
+++ b/terraform/aws/backup/aws_prometheus_workspace_configuration.tf
@@ -0,0 +1,26 @@
+resource "aws_prometheus_workspace_configuration" "pike" {
+  workspace_id             = aws_prometheus_workspace.example.id
+  retention_period_in_days = 60
+
+  limits_per_label_set {
+    label_set = {
+      "env" = "dev"
+    }
+    limits {
+      max_series = 100000
+    }
+  }
+
+  limits_per_label_set {
+    label_set = {
+      "env" = "prod"
+    }
+    limits {
+      max_series = 400000
+    }
+  }
+}
+
+resource "aws_prometheus_workspace" "example" {
+
+}
diff --git a/terraform/aws/backup/aws_quicksight_account_settings.tf b/terraform/aws/backup/aws_quicksight_account_settings.tf
new file mode 100644
index 00000000..980c635a
--- /dev/null
+++ b/terraform/aws/backup/aws_quicksight_account_settings.tf
@@ -0,0 +1,3 @@
+resource "aws_quicksight_account_settings" "pike" {
+  termination_protection_enabled = false
+}
diff --git a/terraform/aws/backup/aws_redshift_integration.tf b/terraform/aws/backup/aws_redshift_integration.tf
new file mode 100644
index 00000000..5201bb39
--- /dev/null
+++ b/terraform/aws/backup/aws_redshift_integration.tf
@@ -0,0 +1,164 @@
+resource "aws_dynamodb_table" "example" {
+  name           = "dynamodb-table-example"
+  read_capacity  = 1
+  write_capacity = 1
+  hash_key       = "example"
+
+  attribute {
+    name = "example"
+    type = "S"
+  }
+
+  point_in_time_recovery {
+    enabled = true
+  }
+}
+
+data "aws_subnets" "pike" {
+
+}
+
+resource "aws_redshiftserverless_namespace" "example" {
+  namespace_name = "redshift-example"
+}
+
+resource "aws_redshiftserverless_workgroup" "example" {
+  namespace_name      = aws_redshiftserverless_namespace.example.namespace_name
+  workgroup_name      = "example-workgroup"
+  base_capacity       = 8
+  publicly_accessible = false
+
+  subnet_ids = data.aws_subnets.pike.ids
+
+  config_parameter {
+    parameter_key   = "enable_case_sensitive_identifier"
+    parameter_value = "true"
+  }
+
+  config_parameter {
+    parameter_key   = "auto_mv"
+    parameter_value = "true"
+  }
+
+  config_parameter {
+    parameter_key   = "datestyle"
+    parameter_value = "ISO, MDY"
+  }
+
+  config_parameter {
+    parameter_key   = "enable_user_activity_logging"
+    parameter_value = "true"
+  }
+  config_parameter {
+    parameter_key   = "max_query_execution_time"
+    parameter_value = "14400"
+  }
+  config_parameter {
+    parameter_key   = "query_group"
+    parameter_value = "default"
+  }
+  config_parameter {
+    parameter_key   = "require_ssl"
+    parameter_value = "true"
+  }
+  config_parameter {
+    parameter_key   = "search_path"
+    parameter_value = "$user, public"
+  }
+  config_parameter {
+    parameter_key   = "use_fips_ssl"
+    parameter_value = "false"
+  }
+
+}
+
+resource "aws_redshift_integration" "pike" {
+  integration_name = "pike"
+  description      = "test"
+  source_arn       = aws_dynamodb_table.example.arn
+  target_arn       = aws_redshiftserverless_namespace.example.arn
+
+  kms_key_id = aws_kms_key.example.key_id
+
+  # additional_encryption_context = {
+  #   "example" : "test",
+  # }
+
+  tags = {
+    pike    = "permissions"
+    another = "one"
+  }
+
+  depends_on = [
+    aws_kms_key_policy.example
+  ]
+}
+
+
+data "aws_caller_identity" "current" {}
+
+resource "aws_kms_key" "example" {
+  description             = "example-redshift2"
+  deletion_window_in_days = 10
+}
+
+resource "aws_kms_key_policy" "example" {
+  key_id = aws_kms_key.example.id
+
+  policy = jsonencode({
+    Id      = "key-consolepolicy-3"
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Sid    = "Enable IAM User Permissions"
+        Effect = "Allow"
+        Principal = {
+          AWS = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"
+        }
+        Action   = "kms:*"
+        Resource = "*"
+      },
+      {
+        Sid    = "Allow use of the key"
+        Effect = "Allow"
+        Principal = {
+          AWS = [
+            "arn:aws:iam::680235478471:role/redshiftScheduler",
+            "arn:aws:iam::680235478471:role/aws-service-role/redshift.amazonaws.com/AWSServiceRoleForRedshift",
+          ]
+        }
+        Action = [
+          "kms:Encrypt",
+          "kms:Decrypt",
+          "kms:ReEncrypt*",
+          "kms:GenerateDataKey*",
+          "kms:DescribeKey",
+          "kms:CreateGrant",
+        ]
+        Resource = "*"
+      },
+      {
+        Action = [
+          "kms:CreateGrant",
+          "kms:ListGrants",
+          "kms:RevokeGrant",
+        ]
+        Condition = {
+          Bool = {
+            "kms:GrantIsForAWSResource" = "true"
+          }
+        }
+        Effect = "Allow"
+        Principal = {
+          AWS = [
+            "arn:aws:iam::680235478471:role/redshiftScheduler",
+            "arn:aws:iam::680235478471:role/aws-service-role/redshift.amazonaws.com/AWSServiceRoleForRedshift",
+          ]
+        }
+        Resource = "*"
+        Sid      = "Allow attachment of persistent resources"
+      },
+
+    ]
+  })
+}
diff --git a/terraform/aws/backup/aws_vpc_route_server.tf b/terraform/aws/backup/aws_vpc_route_server.tf
new file mode 100644
index 00000000..524c57b6
--- /dev/null
+++ b/terraform/aws/backup/aws_vpc_route_server.tf
@@ -0,0 +1,11 @@
+resource "aws_vpc_route_server" "pike" {
+  provider                  = aws.central
+  amazon_side_asn           = 65534
+  persist_routes            = "enable"
+  persist_routes_duration   = 2
+  sns_notifications_enabled = true
+
+  tags = {
+    Name = "Main Route Server"
+  }
+}
diff --git a/terraform/aws/backup/aws_vpc_route_server_association.tf b/terraform/aws/backup/aws_vpc_route_server_association.tf
new file mode 100644
index 00000000..db357516
--- /dev/null
+++ b/terraform/aws/backup/aws_vpc_route_server_association.tf
@@ -0,0 +1 @@
+resource "aws_vpc_route_server_association" "pike" {}
diff --git a/terraform/aws/backup/aws_vpc_route_server_endpoint.tf b/terraform/aws/backup/aws_vpc_route_server_endpoint.tf
new file mode 100644
index 00000000..dfdbf2ea
--- /dev/null
+++ b/terraform/aws/backup/aws_vpc_route_server_endpoint.tf
@@ -0,0 +1,24 @@
+# resource "aws_vpc_route_server_endpoint" "pike" {
+#   provider = aws.central
+#
+#   route_server_id = aws_vpc_route_server.pike.route_server_id
+#   subnet_id       = aws_subnet.first.id
+#
+#   tags = {
+#     Name = "Endpoint A"
+#   }
+# }
+
+
+resource "aws_vpc" "main" {
+  provider = aws.central
+
+  cidr_block = "10.0.0.0/16"
+}
+
+resource "aws_subnet" "first" {
+  provider = aws.central
+
+  vpc_id     = aws_vpc.main.id
+  cidr_block = "10.0.1.0/24"
+}
diff --git a/terraform/aws/backup/aws_vpc_route_server_peer.tf b/terraform/aws/backup/aws_vpc_route_server_peer.tf
new file mode 100644
index 00000000..fa3e616a
--- /dev/null
+++ b/terraform/aws/backup/aws_vpc_route_server_peer.tf
@@ -0,0 +1,12 @@
+# resource "aws_vpc_route_server_peer" "pike" {
+#   provider                 = aws.central
+#   route_server_endpoint_id = aws_vpc_route_server_endpoint.pike.route_server_endpoint_id
+#   peer_address             = "10.0.1.250"
+#   bgp_options {
+#     peer_asn = 65200
+#   }
+#
+#   tags = {
+#     Name = "Appliance 1"
+#   }
+# }
diff --git a/terraform/aws/backup/aws_vpc_route_server_propagation.tf b/terraform/aws/backup/aws_vpc_route_server_propagation.tf
new file mode 100644
index 00000000..0de4083f
--- /dev/null
+++ b/terraform/aws/backup/aws_vpc_route_server_propagation.tf
@@ -0,0 +1,13 @@
+resource "aws_vpc_route_server_propagation" "example" {
+  provider        = aws.central
+  route_server_id = aws_vpc_route_server.pike.route_server_id
+  route_table_id  = aws_route_table.pike.id
+  depends_on = [
+  aws_vpc_route_server_vpc_association.pike]
+}
+
+
+resource "aws_route_table" "pike" {
+  provider = aws.central
+  vpc_id   = aws_vpc.main.id
+}
diff --git a/terraform/aws/backup/aws_vpc_route_server_vpc_association.tf b/terraform/aws/backup/aws_vpc_route_server_vpc_association.tf
new file mode 100644
index 00000000..0107f302
--- /dev/null
+++ b/terraform/aws/backup/aws_vpc_route_server_vpc_association.tf
@@ -0,0 +1,5 @@
+resource "aws_vpc_route_server_vpc_association" "pike" {
+  provider        = aws.central
+  route_server_id = aws_vpc_route_server.pike.route_server_id
+  vpc_id          = aws_vpc.main.id
+}
diff --git a/terraform/aws/backup/aws_wafv2_api_key.tf b/terraform/aws/backup/aws_wafv2_api_key.tf
new file mode 100644
index 00000000..01d666ab
--- /dev/null
+++ b/terraform/aws/backup/aws_wafv2_api_key.tf
@@ -0,0 +1,4 @@
+resource "aws_wafv2_api_key" "pike" {
+  scope         = "REGIONAL"
+  token_domains = ["example.com"]
+}
diff --git a/terraform/aws/backup/aws_workspacesweb_browser_settings.tf b/terraform/aws/backup/aws_workspacesweb_browser_settings.tf
new file mode 100644
index 00000000..d2d1fa58
--- /dev/null
+++ b/terraform/aws/backup/aws_workspacesweb_browser_settings.tf
@@ -0,0 +1,51 @@
+resource "aws_kms_key" "example" {
+  description             = "KMS key for WorkSpaces Web Browser Settings"
+  deletion_window_in_days = 7
+}
+
+resource "aws_kms_key_policy" "example" {
+  key_id = aws_kms_key.example.key_id
+
+  policy = jsonencode({
+    "Version" : "2012-10-17",
+    "Statement" : [
+      {
+        "Effect" : "Allow",
+        "Action" : [
+          "kms:*"
+        ],
+        Principal = {
+          AWS = "*"
+        }
+        "Resource" : "*"
+      },
+      {
+        "Effect" : "Allow",
+        "Action" : [
+          "workspaces:*"
+        ],
+        Principal = {
+          AWS = "*"
+        }
+        "Resource" : "*"
+      }
+    ]
+  })
+}
+
+resource "aws_workspacesweb_browser_settings" "pike" {
+  browser_policy = jsonencode({
+    chromePolicies = {
+      DefaultDownloadDirectory = {
+        value = "/home/as2-streaming-user/MyFiles/TemporaryFiles1"
+      }
+    }
+  })
+  customer_managed_key = aws_kms_key.example.arn
+  additional_encryption_context = {
+    Environment = "Development"
+  }
+  tags = {
+    Name = "example-browser-settings"
+  }
+}
diff --git a/terraform/aws/backup/aws_workspacesweb_data_protection_settings.tf b/terraform/aws/backup/aws_workspacesweb_data_protection_settings.tf
new file mode 100644
index 00000000..9b89d386
--- /dev/null
+++ b/terraform/aws/backup/aws_workspacesweb_data_protection_settings.tf
@@ -0,0 +1,44 @@
+
+resource "aws_workspacesweb_data_protection_settings" "example" {
+  display_name         = "example-complete"
+  description          = "Complete example data protection settings"
+  customer_managed_key = aws_kms_key.example.arn
+
+  additional_encryption_context = {
+    Environment = "Production"
+  }
+
+  inline_redaction_configuration {
+    global_confidence_level = 2
+    global_enforced_urls    = ["https://example.com", "https://test.example.com"]
+    global_exempt_urls      = ["https://exempt.example.com"]
+
+    inline_redaction_pattern {
+      built_in_pattern_id = "ssn"
+      confidence_level    = 3
+      enforced_urls       = ["https://pattern1.example.com"]
+      exempt_urls         = ["https://exempt-pattern1.example.com"]
+      redaction_place_holder {
+        redaction_place_holder_type = "CustomText"
+        redaction_place_holder_text = "REDACTED-SSN"
+      }
+    }
+
+    inline_redaction_pattern {
+      custom_pattern {
+        pattern_name        = "CustomPattern"
+        pattern_regex       = "/\\d{3}-\\d{2}-\\d{4}/g"
+        keyword_regex       = "/SSN|Social Security/gi"
+        pattern_description = "Custom SSN pattern"
+      }
+      redaction_place_holder {
+        redaction_place_holder_type = "CustomText"
+        redaction_place_holder_text = "REDACTED-CUSTOM"
+      }
+    }
+  }
+
+  tags = {
+    Name = "example-data-protection-settings"
+  }
+}
diff --git a/terraform/aws/backup/aws_workspacesweb_ip_access_settings.tf b/terraform/aws/backup/aws_workspacesweb_ip_access_settings.tf
new file mode 100644
index 00000000..bbf405e9
--- /dev/null
+++ b/terraform/aws/backup/aws_workspacesweb_ip_access_settings.tf
@@ -0,0 +1,41 @@
+resource "aws_kms_key" "example" {
+  description             = "KMS key for WorkSpaces Web IP Access Settings"
+  deletion_window_in_days = 7
+
+  policy = jsonencode({
+    Id = "example"
+    Statement = [
+      {
+        Action = "kms:*"
+        Effect = "Allow"
+        Principal = {
+          AWS = "*"
+        }
+
+        Resource = "*"
+        Sid      = "Enable IAM User Permissions"
+      },
+    ]
+    Version = "2012-10-17"
+  })
+}
+
+resource "aws_workspacesweb_ip_access_settings" "example" {
+  display_name         = "example"
+  description          = "Example IP access settings"
+  customer_managed_key = aws_kms_key.example.arn
+  additional_encryption_context = {
+    Environment = "Production"
+  }
+  ip_rule {
+    ip_range    = "10.0.0.0/16"
+    description = "Main office"
+  }
+  ip_rule {
+    ip_range    = "192.168.0.0/24"
+    description = "Branch office"
+  }
+  tags = {
+    Name = "example-ip-access-settings"
+  }
+}
diff --git a/terraform/aws/backup/aws_workspacesweb_network_settings.tf b/terraform/aws/backup/aws_workspacesweb_network_settings.tf
new file mode 100644
index 00000000..019e1f85
--- /dev/null
+++ b/terraform/aws/backup/aws_workspacesweb_network_settings.tf
@@ -0,0 +1,40 @@
+
+resource "aws_vpc" "example" {
+  provider   = aws.central
+  cidr_block = "10.0.0.0/16"
+}
+
+resource "aws_subnet" "example" {
+  provider = aws.central
+  count    = 2
+
+  vpc_id            = aws_vpc.example.id
+  cidr_block        = cidrsubnet(aws_vpc.example.cidr_block, 8, count.index)
+  availability_zone = data.aws_availability_zones.available.names[count.index]
+}
+
+resource "aws_security_group" "example1" {
+  provider = aws.central
+  count    = 2
+
+  vpc_id = aws_vpc.example.id
+  name   = "example-sg-${count.index}$"
+}
+
+resource "aws_workspacesweb_network_settings" "example" {
+  provider           = aws.central
+  vpc_id             = aws_vpc.example.id
+  subnet_ids         = [aws_subnet.example[0].id, aws_subnet.example[1].id]
+  security_group_ids = [aws_security_group.example[0].id, aws_security_group.example[1].id]
+}
+
+data "aws_availability_zones" "available" {
+  provider = aws.central
+}
+
+
+resource "aws_security_group" "example" {
+  provider = aws.central
+  vpc_id   = aws_vpc.example.id
+  count    = 2
+}
diff --git a/terraform/aws/backup/aws_workspacesweb_user_access_logging_settings.tf b/terraform/aws/backup/aws_workspacesweb_user_access_logging_settings.tf
new file mode 100644
index 00000000..ae50ded2
--- /dev/null
+++ b/terraform/aws/backup/aws_workspacesweb_user_access_logging_settings.tf
@@ -0,0 +1,12 @@
+resource "aws_kinesis_stream" "example" {
+  name        = "amazon-workspaces-web-user-access-logging-stream"
+  shard_count = 1
+}
+
+resource "aws_workspacesweb_user_access_logging_settings" "example" {
+  kinesis_stream_arn = aws_kinesis_stream.example.arn
+  tags = {
+    Name        = "example-user-access-logging-settings"
+    Environment = "Production"
+  }
+}
diff --git a/terraform/aws/backup/aws_workspacesweb_user_settings.tf b/terraform/aws/backup/aws_workspacesweb_user_settings.tf
new file mode 100644
index 00000000..ce2fd18c
--- /dev/null
+++ b/terraform/aws/backup/aws_workspacesweb_user_settings.tf
@@ -0,0 +1,36 @@
+resource "aws_workspacesweb_user_settings" "example" {
+  copy_allowed                       = "Enabled"
+  download_allowed                   = "Enabled"
+  paste_allowed                      = "Enabled"
+  print_allowed                      = "Enabled"
+  upload_allowed                     = "Enabled"
+  deep_link_allowed                  = "Enabled"
+  disconnect_timeout_in_minutes      = 30
+  idle_disconnect_timeout_in_minutes = 15
+  customer_managed_key               = aws_kms_key.example.arn
+
+  additional_encryption_context = {
+    Environment = "Production"
+  }
+
+  toolbar_configuration {
+    toolbar_type           = "Docked"
+    visual_mode            = "Dark"
+    hidden_toolbar_items   = ["Webcam", "Microphone"]
+    max_display_resolution = "size1920X1080"
+  }
+
+  cookie_synchronization_configuration {
+    allowlist {
+      domain = "example.com"
+      path   = "/path"
+    }
+    blocklist {
+      domain = "blocked.com"
+    }
+  }
+
+  tags = {
+    Name = "example-user-settings"
+  }
+}
diff --git a/terraform/aws/backup/data.aws_account_primary_contact.tf b/terraform/aws/backup/data.aws_account_primary_contact.tf
new file mode 100644
index 00000000..16258ee9
--- /dev/null
+++ b/terraform/aws/backup/data.aws_account_primary_contact.tf
@@ -0,0 +1,6 @@
+data "aws_account_primary_contact" "pike" {
+}
+
+output "aws_account_primary_contact" {
+  value = data.aws_account_primary_contact.pike
+}
diff --git a/terraform/aws/backup/data.aws_appconfig_application.tf b/terraform/aws/backup/data.aws_appconfig_application.tf
new file mode 100644
index 00000000..c8542521
--- /dev/null
+++ b/terraform/aws/backup/data.aws_appconfig_application.tf
@@ -0,0 +1,7 @@
+data "aws_appconfig_application" "pike" {
+  name = "pike"
+}
+
+output "aws_appconfig_application" {
+  value = data.aws_appconfig_application.pike
+}
diff --git a/terraform/aws/backup/data.aws_billing_views.tf b/terraform/aws/backup/data.aws_billing_views.tf
new file mode 100644
index 00000000..9a26a7b0
--- /dev/null
+++ b/terraform/aws/backup/data.aws_billing_views.tf
@@ -0,0 +1,6 @@
+data "aws_billing_views" "pike" {
+}
+
+output "aws_billing_views" {
+  value = data.aws_billing_views.pike
+}
diff --git a/terraform/aws/backup/data.aws_dynamodb_tables.tf b/terraform/aws/backup/data.aws_dynamodb_tables.tf
new file mode 100644
index 00000000..e7b7b931
--- /dev/null
+++ b/terraform/aws/backup/data.aws_dynamodb_tables.tf
@@ -0,0 +1,6 @@
+data "aws_dynamodb_tables" "pike" {
+}
+
+output "aws_dynamodb_tables" {
+  value = data.aws_dynamodb_tables.pike
+}
diff --git a/terraform/aws/backup/data.aws_ecr_images.tf b/terraform/aws/backup/data.aws_ecr_images.tf
new file mode 100644
index 00000000..16082564
--- /dev/null
+++ b/terraform/aws/backup/data.aws_ecr_images.tf
@@ -0,0 +1,7 @@
+data "aws_ecr_images" "pike" {
+  repository_name = "pike"
+}
+
+output "aws_ecr_images" {
+  value = data.aws_ecr_images.pike
+}
diff --git a/terraform/aws/backup/data.aws_ecrpublic_images.tf b/terraform/aws/backup/data.aws_ecrpublic_images.tf
new file mode 100644
index 00000000..65249b2b
--- /dev/null
+++ b/terraform/aws/backup/data.aws_ecrpublic_images.tf
@@ -0,0 +1,8 @@
+data "aws_ecrpublic_images" "pike" {
+  provider        = aws.central
+  repository_name = "pike"
+}
+
+output "aws_ecrpublic_images" {
+  value = data.aws_ecrpublic_images.pike
+}
diff --git a/terraform/aws/backup/data.aws_elb.tf b/terraform/aws/backup/data.aws_elb.tf
new file mode 100644
index 00000000..b01909b6
--- /dev/null
+++ b/terraform/aws/backup/data.aws_elb.tf
@@ -0,0 +1,7 @@
+data "aws_elb" "pike" {
+  name = "pike"
+}
+
+output "aws_elb" {
+  value = data.aws_elb.pike
+}
diff --git a/terraform/aws/backup/data.aws_fis_experiment_templates.tf b/terraform/aws/backup/data.aws_fis_experiment_templates.tf
new file mode 100644
index 00000000..ada974eb
--- /dev/null
+++ b/terraform/aws/backup/data.aws_fis_experiment_templates.tf
@@ -0,0 +1,6 @@
+data "aws_fis_experiment_templates" "pike" {
+}
+
+output "aws_fis_experiment_templates" {
+  value = data.aws_fis_experiment_templates.pike
+}
diff --git a/terraform/aws/backup/data.aws_kms_public_key.tf b/terraform/aws/backup/data.aws_kms_public_key.tf
new file mode 100644
index 00000000..c238fa31
--- /dev/null
+++ b/terraform/aws/backup/data.aws_kms_public_key.tf
@@ -0,0 +1,7 @@
+data "aws_kms_public_key" "pike" {
+  key_id = "03a3077b-1b63-4f42-98a1-20ea7a2fabba"
+}
+
+output "aws_kms_public_key" {
+  value = data.aws_kms_public_key.pike
+}
diff --git a/terraform/aws/backup/data.aws_lambda_function_url.tf b/terraform/aws/backup/data.aws_lambda_function_url.tf
new file mode 100644
index 00000000..6ea7aea7
--- /dev/null
+++ b/terraform/aws/backup/data.aws_lambda_function_url.tf
@@ -0,0 +1,7 @@
+data "aws_lambda_function_url" "pike" {
+  function_name = "pike"
+}
+
+output "aws_lambda_function_url" {
+  value = data.aws_lambda_function_url.pike
+}
diff --git a/terraform/aws/backup/data.aws_lambda_functions.tf b/terraform/aws/backup/data.aws_lambda_functions.tf
new file mode 100644
index 00000000..39995f46
--- /dev/null
+++ b/terraform/aws/backup/data.aws_lambda_functions.tf
@@ -0,0 +1,7 @@
+data "aws_lambda_functions" "pike" {
+
+}
+
+output "aws_lambda_functions" {
+  value = data.aws_lambda_functions.pike
+}
diff --git a/terraform/aws/backup/data.aws_lambda_layer_version.tf b/terraform/aws/backup/data.aws_lambda_layer_version.tf
new file mode 100644
index 00000000..f1131dde
--- /dev/null
+++ b/terraform/aws/backup/data.aws_lambda_layer_version.tf
@@ -0,0 +1,7 @@
+data "aws_lambda_layer_version" "pike" {
+  layer_name = "pike"
+}
+
+output "aws_lambda_layer_version" {
+  value = data.aws_lambda_layer_version.pike
+}
diff --git a/terraform/aws/backup/data.aws_media_convert_queue.tf b/terraform/aws/backup/data.aws_media_convert_queue.tf
new file mode 100644
index 00000000..658e5239
--- /dev/null
+++ b/terraform/aws/backup/data.aws_media_convert_queue.tf
@@ -0,0 +1,7 @@
+data "aws_media_convert_queue" "pike" {
+  id = "pike"
+}
+
+output "aws_media_convert_queue" {
+  value = data.aws_media_convert_queue.pike
+}
diff --git a/terraform/aws/backup/data.aws_memorydb_acl.tf b/terraform/aws/backup/data.aws_memorydb_acl.tf
new file mode 100644
index 00000000..815bafc1
--- /dev/null
+++ b/terraform/aws/backup/data.aws_memorydb_acl.tf
@@ -0,0 +1,7 @@
+data "aws_memorydb_acl" "pike" {
+  name = "pike"
+}
+
+output "aws_memorydb_acl" {
+  value = data.aws_memorydb_acl.pike
+}
diff --git a/terraform/aws/backup/data.aws_memorydb_cluster.tf b/terraform/aws/backup/data.aws_memorydb_cluster.tf
new file mode 100644
index 00000000..3bae3c0b
--- /dev/null
+++ b/terraform/aws/backup/data.aws_memorydb_cluster.tf
@@ -0,0 +1,7 @@
+data "aws_memorydb_cluster" "pike" {
+  name = "pike"
+}
+
+output "aws_memorydb_cluster" {
+  value = data.aws_memorydb_cluster.pike
+}
diff --git a/terraform/aws/backup/data.aws_memorydb_parameter_group.tf b/terraform/aws/backup/data.aws_memorydb_parameter_group.tf
new file mode 100644
index 00000000..2fbcab25
--- /dev/null
+++ b/terraform/aws/backup/data.aws_memorydb_parameter_group.tf
@@ -0,0 +1,7 @@
+data "aws_memorydb_parameter_group" "pike" {
+  name = "pike"
+}
+
+output "aws_memorydb_parameter_group" {
+  value = data.aws_memorydb_parameter_group.pike
+}
diff --git a/terraform/aws/backup/data.aws_memorydb_snapshot.tf b/terraform/aws/backup/data.aws_memorydb_snapshot.tf
new file mode 100644
index 00000000..9d3a1cd0
--- /dev/null
+++ b/terraform/aws/backup/data.aws_memorydb_snapshot.tf
@@ -0,0 +1,7 @@
+data "aws_memorydb_snapshot" "pike" {
+  name = "pike"
+}
+
+output "aws_memorydb_snapshot" {
+  value = data.aws_memorydb_snapshot.pike
+}
diff --git a/terraform/aws/backup/data.aws_memorydb_subnet_group.tf b/terraform/aws/backup/data.aws_memorydb_subnet_group.tf
new file mode 100644
index 00000000..3ba8ea58
--- /dev/null
+++ b/terraform/aws/backup/data.aws_memorydb_subnet_group.tf
@@ -0,0 +1,7 @@
+data "aws_memorydb_subnet_group" "pike" {
+  name = "pike"
+}
+
+output "aws_memorydb_subnet_group" {
+  value = data.aws_memorydb_subnet_group.pike
+}
diff --git a/terraform/aws/backup/data.aws_memorydb_user.tf b/terraform/aws/backup/data.aws_memorydb_user.tf
new file mode 100644
index 00000000..7e65663f
--- /dev/null
+++ b/terraform/aws/backup/data.aws_memorydb_user.tf
@@ -0,0 +1,7 @@
+data "aws_memorydb_user" "pike" {
+  user_name = "pike"
+}
+
+output "aws_memorydb_user" {
+  value = data.aws_memorydb_user.pike
+}
diff --git a/terraform/aws/backup/data.aws_network_interface.tf b/terraform/aws/backup/data.aws_network_interface.tf
new file mode 100644
index 00000000..398fd27d
--- /dev/null
+++ b/terraform/aws/backup/data.aws_network_interface.tf
@@ -0,0 +1,6 @@
+data "aws_network_interface" "pike" {
+}
+
+output "aws_network_interface" {
+  value = data.aws_network_interface.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_cloud_autonomous_vm_cluster.tf b/terraform/aws/backup/data.aws_odb_cloud_autonomous_vm_cluster.tf
new file mode 100644
index 00000000..bff3a5c2
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_cloud_autonomous_vm_cluster.tf
@@ -0,0 +1,7 @@
+data "aws_odb_cloud_autonomous_vm_cluster" "pike" {
+  id = "pike"
+}
+
+output "aws_odb_cloud_autonomous_vm_cluster" {
+  value = data.aws_odb_cloud_autonomous_vm_cluster.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_cloud_autonomous_vm_clusters.tf b/terraform/aws/backup/data.aws_odb_cloud_autonomous_vm_clusters.tf
new file mode 100644
index 00000000..ecd34ea9
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_cloud_autonomous_vm_clusters.tf
@@ -0,0 +1,6 @@
+data "aws_odb_cloud_autonomous_vm_clusters" "pike" {
+}
+
+output "aws_odb_cloud_autonomous_vm_clusters" {
+  value = data.aws_odb_cloud_autonomous_vm_clusters.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_cloud_exadata_infrastructure.tf b/terraform/aws/backup/data.aws_odb_cloud_exadata_infrastructure.tf
new file mode 100644
index 00000000..17bf23f2
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_cloud_exadata_infrastructure.tf
@@ -0,0 +1,7 @@
+data "aws_odb_cloud_exadata_infrastructure" "pike" {
+  id = "pike"
+}
+
+output "aws_odb_cloud_exadata_infrastructure" {
+  value = data.aws_odb_cloud_exadata_infrastructure.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_cloud_exadata_infrastructures.tf b/terraform/aws/backup/data.aws_odb_cloud_exadata_infrastructures.tf
new file mode 100644
index 00000000..5cda9dee
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_cloud_exadata_infrastructures.tf
@@ -0,0 +1,6 @@
+data "aws_odb_cloud_exadata_infrastructures" "pike" {
+}
+
+output "aws_odb_cloud_exadata_infrastructures" {
+  value = data.aws_odb_cloud_exadata_infrastructures.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_cloud_vm_cluster.tf b/terraform/aws/backup/data.aws_odb_cloud_vm_cluster.tf
new file mode 100644
index 00000000..cf3e715f
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_cloud_vm_cluster.tf
@@ -0,0 +1,7 @@
+data "aws_odb_cloud_vm_cluster" "pike" {
+  id = "pike"
+}
+
+output "aws_odb_cloud_vm_cluster" {
+  value = data.aws_odb_cloud_vm_cluster.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_cloud_vm_clusters.tf b/terraform/aws/backup/data.aws_odb_cloud_vm_clusters.tf
new file mode 100644
index 00000000..dd023656
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_cloud_vm_clusters.tf
@@ -0,0 +1,6 @@
+data "aws_odb_cloud_vm_clusters" "pike" {
+}
+
+output "aws_odb_cloud_vm_clusters" {
+  value = data.aws_odb_cloud_vm_clusters.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_db_node.tf b/terraform/aws/backup/data.aws_odb_db_node.tf
new file mode 100644
index 00000000..961dc303
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_db_node.tf
@@ -0,0 +1,8 @@
+data "aws_odb_db_node" "pike" {
+  cloud_vm_cluster_id = "pike"
+  id                  = "pike"
+}
+
+output "aws_odb_db_node" {
+  value = data.aws_odb_db_node.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_db_nodes.tf b/terraform/aws/backup/data.aws_odb_db_nodes.tf
new file mode 100644
index 00000000..b258f147
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_db_nodes.tf
@@ -0,0 +1,7 @@
+data "aws_odb_db_nodes" "pike" {
+  cloud_vm_cluster_id = "pike"
+}
+
+output "aws_odb_db_nodes" {
+  value = data.aws_odb_db_nodes.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_db_server.tf b/terraform/aws/backup/data.aws_odb_db_server.tf
new file mode 100644
index 00000000..94202db0
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_db_server.tf
@@ -0,0 +1,8 @@
+data "aws_odb_db_server" "pike" {
+  id                              = "pike"
+  cloud_exadata_infrastructure_id = "pike"
+}
+
+output "aws_odb_db_server" {
+  value = data.aws_odb_db_server.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_db_servers.tf b/terraform/aws/backup/data.aws_odb_db_servers.tf
new file mode 100644
index 00000000..ddb1cd3d
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_db_servers.tf
@@ -0,0 +1,7 @@
+data "aws_odb_db_servers" "pike" {
+  cloud_exadata_infrastructure_id = "pike"
+}
+
+output "aws_odb_db_servers" {
+  value = data.aws_odb_db_servers.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_db_system_shapes.tf b/terraform/aws/backup/data.aws_odb_db_system_shapes.tf
new file mode 100644
index 00000000..5f9c5721
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_db_system_shapes.tf
@@ -0,0 +1,6 @@
+data "aws_odb_db_system_shapes" "pike" {
+}
+
+output "aws_odb_db_system_shapes" {
+  value = data.aws_odb_db_system_shapes.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_gi_versions.tf b/terraform/aws/backup/data.aws_odb_gi_versions.tf
new file mode 100644
index 00000000..a51be88f
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_gi_versions.tf
@@ -0,0 +1,6 @@
+data "aws_odb_gi_versions" "pike" {
+}
+
+output "aws_odb_gi_versions" {
+  value = data.aws_odb_gi_versions.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_network.tf b/terraform/aws/backup/data.aws_odb_network.tf
new file mode 100644
index 00000000..89fa0143
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_network.tf
@@ -0,0 +1,7 @@
+data "aws_odb_network" "pike" {
+  id = "pike"
+}
+
+output "aws_odb_network" {
+  value = data.aws_odb_network.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_network_peering_connection.tf b/terraform/aws/backup/data.aws_odb_network_peering_connection.tf
new file mode 100644
index 00000000..404a8924
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_network_peering_connection.tf
@@ -0,0 +1,7 @@
+data "aws_odb_network_peering_connection" "pike" {
+  id = "pike"
+}
+
+output "aws_odb_network_peering_connection" {
+  value = data.aws_odb_network_peering_connection.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_network_peering_connections.tf b/terraform/aws/backup/data.aws_odb_network_peering_connections.tf
new file mode 100644
index 00000000..a65eab5b
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_network_peering_connections.tf
@@ -0,0 +1,7 @@
+data "aws_odb_network_peering_connections" "pike" {
+
+}
+
+output "aws_odb_network_peering_connections" {
+  value = data.aws_odb_network_peering_connections.pike
+}
diff --git a/terraform/aws/backup/data.aws_odb_networks.tf b/terraform/aws/backup/data.aws_odb_networks.tf
new file mode 100644
index 00000000..8502efe9
--- /dev/null
+++ b/terraform/aws/backup/data.aws_odb_networks.tf
@@ -0,0 +1,6 @@
+data "aws_odb_networks" "pike" {
+}
+
+output "aws_odb_networks" {
+  value = data.aws_odb_networks.pike
+}
diff --git a/terraform/aws/backup/data.aws_rds_global_cluster.tf b/terraform/aws/backup/data.aws_rds_global_cluster.tf
new file mode 100644
index 00000000..98ed1416
--- /dev/null
+++ b/terraform/aws/backup/data.aws_rds_global_cluster.tf
@@ -0,0 +1,7 @@
+data "aws_rds_global_cluster" "pike" {
+  identifier = "pike"
+}
+
+output "aws_rds_global_cluster" {
+  value = data.aws_rds_global_cluster.pike
+}
diff --git a/terraform/aws/backup/data.aws_s3_access_point.tf b/terraform/aws/backup/data.aws_s3_access_point.tf
new file mode 100644
index 00000000..207a80f6
--- /dev/null
+++ b/terraform/aws/backup/data.aws_s3_access_point.tf
@@ -0,0 +1,7 @@
+data "aws_s3_access_point" "pike" {
+  name = "pike"
+}
+
+output "aws_s3_access_point" {
+  value = data.aws_s3_access_point.pike
+}
diff --git a/terraform/aws/backup/data.aws_securityhub_standards_control_associations.tf b/terraform/aws/backup/data.aws_securityhub_standards_control_associations.tf
new file mode 100644
index 00000000..9a3f4cd0
--- /dev/null
+++ b/terraform/aws/backup/data.aws_securityhub_standards_control_associations.tf
@@ -0,0 +1,7 @@
+data "aws_securityhub_standards_control_associations" "pike" {
+  security_control_id = "pike"
+}
+
+output "aws_securityhub_standards_control_associations" {
+  value = data.aws_securityhub_standards_control_associations.pike
+}
diff --git a/terraform/aws/backup/data.aws_vpc_endpoint_associations.tf b/terraform/aws/backup/data.aws_vpc_endpoint_associations.tf
new file mode 100644
index 00000000..95db715d
--- /dev/null
+++ b/terraform/aws/backup/data.aws_vpc_endpoint_associations.tf
@@ -0,0 +1,7 @@
+data "aws_vpc_endpoint_associations" "pike" {
+  vpc_endpoint_id = "lskdfhaksjdfb"
+}
+
+output "aws_vpc_endpoint_associations" {
+  value = data.aws_vpc_endpoint_associations.pike
+}
diff --git a/terraform/aws/backup/data.aws_vpn_connection.tf b/terraform/aws/backup/data.aws_vpn_connection.tf
new file mode 100644
index 00000000..2dfc552c
--- /dev/null
+++ b/terraform/aws/backup/data.aws_vpn_connection.tf
@@ -0,0 +1,7 @@
+data "aws_vpn_connection" "pike" {
+  vpn_connection_id = "pike"
+}
+
+output "aws_vpn_connection" {
+  value = data.aws_vpn_connection.pike
+}
diff --git a/terraform/aws/backup/data.aws_waf_subscribed_rule_group.tf b/terraform/aws/backup/data.aws_waf_subscribed_rule_group.tf
new file mode 100644
index 00000000..076d1564
--- /dev/null
+++ b/terraform/aws/backup/data.aws_waf_subscribed_rule_group.tf
@@ -0,0 +1,7 @@
+data "aws_waf_subscribed_rule_group" "pike" {
+  name = "F5 Bot Detection Signatures For AWS WAF"
+}
+
+output "aws_waf_subscribed_rule_group" {
+  value = data.aws_waf_subscribed_rule_group.pike
+}
diff --git a/terraform/aws/backup/data.aws_wafregional_subscribed_rule_group.tf b/terraform/aws/backup/data.aws_wafregional_subscribed_rule_group.tf
new file mode 100644
index 00000000..cf39f20f
--- /dev/null
+++ b/terraform/aws/backup/data.aws_wafregional_subscribed_rule_group.tf
@@ -0,0 +1,7 @@
+data "aws_wafregional_subscribed_rule_group" "pike" {
+  name = "F5 Bot Detection Signatures For AWS WAF"
+}
+
+output "aws_wafregional_subscribed_rule_group" {
+  value = data.aws_wafregional_subscribed_rule_group.pike
+}
diff --git a/terraform/aws/backup/data.aws_workspaces_workspace.tf b/terraform/aws/backup/data.aws_workspaces_workspace.tf
new file mode 100644
index 00000000..675ac913
--- /dev/null
+++ b/terraform/aws/backup/data.aws_workspaces_workspace.tf
@@ -0,0 +1,8 @@
+data "aws_workspaces_workspace" "pike" {
+  workspace_id = "ws-cj5xcxsz5"
+}
+
+
+output "aws_workspaces_workspace" {
+  value = data.aws_workspaces_workspace.pike
+}
diff --git a/terraform/aws/provider.aws.tf b/terraform/aws/provider.aws.tf
index 3492b0e0..6f6fb5e9 100644
--- a/terraform/aws/provider.aws.tf
+++ b/terraform/aws/provider.aws.tf
@@ -27,3 +27,12 @@ provider "aws" {
   region  = "eu-west-1"
   profile = "basic"
 }
+
+# terraform {
+#   required_providers {
+#     aws = {
+#       source  = "hashicorp/aws"
+#       version = "6.0.0-beta1"
+#     }
+#   }
+# }
diff --git a/terraform/aws/role/aws_iam_policy.basic.tf b/terraform/aws/role/aws_iam_policy.basic.tf
index 70e30c19..725dd39a 100644
--- a/terraform/aws/role/aws_iam_policy.basic.tf
+++ b/terraform/aws/role/aws_iam_policy.basic.tf
@@ -7,10 +7,13 @@ resource "aws_iam_policy" "basic" {
         "Sid" : "VisualEditor0",
         "Effect" : "Allow",
         "Action" : [
-          "sso:ListInstances",
-          "identitystore:GetGroupId",
+          //aws_vpn_connection
+          "ec2:DescribeVpnConnections",
+          //aws_rds_global_cluster
+          "rds:DescribeGlobalClusters",
+          //aws_ecrpublic_images
+          "ecr-public:DescribeImages"
 
-          "eks:DescribeClusterVersions"
         ],
         "Resource" : [
           "*"
diff --git a/terraform/google/Makefile b/terraform/google/Makefile
index d86687be..72076f5f 100644
--- a/terraform/google/Makefile
+++ b/terraform/google/Makefile
@@ -4,21 +4,27 @@ clean:
 	-rm terraform.tfstate
 	-rm terraform.tfstate.backup
 apply: init
-	terraform apply -auto-approve
+	tofu apply -auto-approve
 
 plan: init
-	terraform plan
+	tofu plan
 
 destroy: init
-	terraform destroy -auto-approve
+	tofu destroy -auto-approve
 
 init:
-	terraform init
+	tofu init
+
+upgrade:
+	tofu init --upgrade
 
 role: FORCE
-	GOOGLE_CLOUD_KEYFILE_JSON="" terraform  -chdir=./role apply -auto-approve
+	GOOGLE_CLOUD_KEYFILE_JSON="" tofu  -chdir=./role apply -auto-approve
 
 role_init:
-	GOOGLE_CLOUD_KEYFILE_JSON="" terraform  -chdir=./role init
+	GOOGLE_CLOUD_KEYFILE_JSON="" tofu  -chdir=./role init
+
+scan:
+	GCP_PROJECT=pike-412922 pike scan -w -i -e -d ./ -outfile "./role/google_project_iam_custom_role.tf" -policyName terraform_pike
 
 FORCE:
diff --git a/terraform/google/backup/data.google_access_context_manager_access_policy.tf b/terraform/google/backup/data.google_access_context_manager_access_policy.tf
new file mode 100644
index 00000000..95b91f53
--- /dev/null
+++ b/terraform/google/backup/data.google_access_context_manager_access_policy.tf
@@ -0,0 +1,6 @@
+data "google_access_context_manager_access_policy" "pike" {
+}
+
+output "google_access_context_manager_access_policy" {
+  value = data.google_access_context_manager_access_policy.pike
+}
diff --git a/terraform/google/backup/data.google_alloydb_cluster.tf b/terraform/google/backup/data.google_alloydb_cluster.tf
new file mode 100644
index 00000000..6d7ac115
--- /dev/null
+++ b/terraform/google/backup/data.google_alloydb_cluster.tf
@@ -0,0 +1,7 @@
+data "google_alloydb_cluster" "pike" {
+  cluster_id = "pike"
+}
+
+output "google_alloydb_cluster" {
+  value = data.google_alloydb_cluster.pike
+}
diff --git a/terraform/google/backup/data.google_alloydb_instance.tf b/terraform/google/backup/data.google_alloydb_instance.tf
new file mode 100644
index 00000000..23d87f94
--- /dev/null
+++ b/terraform/google/backup/data.google_alloydb_instance.tf
@@ -0,0 +1,9 @@
+data "google_alloydb_instance" "pike" {
+  instance_id = "pike"
+  location    = "us-central1"
+  cluster_id  = "pike"
+}
+
+output "google_alloydb_instance" {
+  value = data.google_alloydb_instance.pike
+}
diff --git a/terraform/google/backup/data.google_apphub_application.tf b/terraform/google/backup/data.google_apphub_application.tf
new file mode 100644
index 00000000..e23c0798
--- /dev/null
+++ b/terraform/google/backup/data.google_apphub_application.tf
@@ -0,0 +1,9 @@
+data "google_apphub_application" "pike" {
+  location       = "us-central1"
+  application_id = "pike"
+  project        = "pike-412922"
+}
+
+output "google_apphub_application" {
+  value = data.google_apphub_application.pike
+}
diff --git a/terraform/google/backup/data.google_apphub_discovered_service.tf b/terraform/google/backup/data.google_apphub_discovered_service.tf
new file mode 100644
index 00000000..e838ef6e
--- /dev/null
+++ b/terraform/google/backup/data.google_apphub_discovered_service.tf
@@ -0,0 +1,8 @@
+data "google_apphub_discovered_service" "pike" {
+  location    = "us-central1"
+  service_uri = "/compute.googleapis.com/projects/1/regions/us-east1/instanceGroups/id1"
+}
+
+output "google_apphub_discovered_service" {
+  value = data.google_apphub_discovered_service.pike
+}
diff --git a/terraform/google/backup/data.google_apphub_discovered_workload.tf b/terraform/google/backup/data.google_apphub_discovered_workload.tf
new file mode 100644
index 00000000..ac695f2d
--- /dev/null
+++ b/terraform/google/backup/data.google_apphub_discovered_workload.tf
@@ -0,0 +1,8 @@
+data "google_apphub_discovered_workload" "pike" {
+  location     = "us-central1"
+  workload_uri = "/compute.googleapis.com/projects/1/regions/us-east1/instanceGroups/id1"
+}
+
+output "google_apphub_discovered_workload" {
+  value = data.google_apphub_discovered_workload.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_docker_image.tf b/terraform/google/backup/data.google_artifact_registry_docker_image.tf
new file mode 100644
index 00000000..cbe6896e
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_docker_image.tf
@@ -0,0 +1,9 @@
+data "google_artifact_registry_docker_image" "pike" {
+  location      = "us-central1"
+  repository_id = "pike"
+  image_name    = "pike"
+}
+
+output "google_artifact_registry_docker_image" {
+  value = data.google_artifact_registry_docker_image.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_docker_images.tf b/terraform/google/backup/data.google_artifact_registry_docker_images.tf
new file mode 100644
index 00000000..10f9e8eb
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_docker_images.tf
@@ -0,0 +1,6 @@
+data "google_artifact_registry_docker_images" "pike" {
+}
+
+output "google_artifact_registry_docker_images" {
+  value = data.google_artifact_registry_docker_images.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_locations.tf b/terraform/google/backup/data.google_artifact_registry_locations.tf
new file mode 100644
index 00000000..cfe5de96
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_locations.tf
@@ -0,0 +1,6 @@
+data "google_artifact_registry_locations" "pike" {
+}
+
+output "google_artifact_registry_locations" {
+  value = data.google_artifact_registry_locations.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_maven_artifact.tf b/terraform/google/backup/data.google_artifact_registry_maven_artifact.tf
new file mode 100644
index 00000000..d965f619
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_maven_artifact.tf
@@ -0,0 +1,10 @@
+data "google_artifact_registry_maven_artifact" "pike" {
+  artifact_id   = "pike"
+  group_id      = "pike"
+  location      = "pike"
+  repository_id = "pike"
+}
+
+output "google_artifact_registry_maven_artifact" {
+  value = data.google_artifact_registry_maven_artifact.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_maven_artifacts.tf b/terraform/google/backup/data.google_artifact_registry_maven_artifacts.tf
new file mode 100644
index 00000000..0195402d
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_maven_artifacts.tf
@@ -0,0 +1,8 @@
+data "google_artifact_registry_maven_artifacts" "pike" {
+  repository_id = "pike"
+  location      = "us-central1"
+}
+
+output "google_artifact_registry_maven_artifacts" {
+  value = data.google_artifact_registry_maven_artifacts.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_npm_package.tf b/terraform/google/backup/data.google_artifact_registry_npm_package.tf
new file mode 100644
index 00000000..c0bddb77
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_npm_package.tf
@@ -0,0 +1,7 @@
+data "google_artifact_registry_npm_package" "pike" {
+  provider = google-beta
+}
+
+output "google_artifact_registry_npm_package" {
+  value = data.google_artifact_registry_npm_package.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_npm_packages.tf b/terraform/google/backup/data.google_artifact_registry_npm_packages.tf
new file mode 100644
index 00000000..2fcce935
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_npm_packages.tf
@@ -0,0 +1,8 @@
+data "google_artifact_registry_npm_packages" "pike" {
+  repository_id = "pike"
+  location      = "us-central1"
+}
+
+output "google_artifact_registry_npm_packages" {
+  value = data.google_artifact_registry_npm_packages.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_packages.tf b/terraform/google/backup/data.google_artifact_registry_packages.tf
new file mode 100644
index 00000000..c630d612
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_packages.tf
@@ -0,0 +1,8 @@
+data "google_artifact_registry_packages" "pike" {
+  location      = "us-central1"
+  repository_id = "pike"
+}
+
+output "google_artifact_registry_packages" {
+  value = data.google_artifact_registry_packages.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_python_package.tf b/terraform/google/backup/data.google_artifact_registry_python_package.tf
new file mode 100644
index 00000000..b50c5b18
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_python_package.tf
@@ -0,0 +1,9 @@
+data "google_artifact_registry_python_package" "pike" {
+  package_name  = "pike"
+  repository_id = "pike"
+  location      = "us-central1"
+}
+
+output "google_artifact_registry_python_package" {
+  value = data.google_artifact_registry_python_package.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_repositories.tf b/terraform/google/backup/data.google_artifact_registry_repositories.tf
new file mode 100644
index 00000000..a88a0cab
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_repositories.tf
@@ -0,0 +1,7 @@
+data "google_artifact_registry_repositories" "pike" {
+  location = "us-central1"
+}
+
+output "google_artifact_registry_repositories" {
+  value = data.google_artifact_registry_repositories.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_tags.tf b/terraform/google/backup/data.google_artifact_registry_tags.tf
new file mode 100644
index 00000000..66f107e8
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_tags.tf
@@ -0,0 +1,9 @@
+data "google_artifact_registry_tags" "pike" {
+  location      = "us-central1"
+  package_name  = "pike"
+  repository_id = "pike"
+}
+
+output "google_artifact_registry_tags" {
+  value = data.google_artifact_registry_tags.pike
+}
diff --git a/terraform/google/backup/data.google_artifact_registry_versions.tf b/terraform/google/backup/data.google_artifact_registry_versions.tf
new file mode 100644
index 00000000..3dc2b3a1
--- /dev/null
+++ b/terraform/google/backup/data.google_artifact_registry_versions.tf
@@ -0,0 +1,10 @@
+data "google_artifact_registry_version" "pike" {
+  location      = "us-central1"
+  repository_id = "pike"
+  package_name  = "pike"
+  version_name  = "pike"
+}
+
+output "google_artifact_registry_version" {
+  value = data.google_artifact_registry_version.pike
+}
diff --git a/terraform/google/backup/data.google_backup_dr_backup.tf b/terraform/google/backup/data.google_backup_dr_backup.tf
new file mode 100644
index 00000000..45aea388
--- /dev/null
+++ b/terraform/google/backup/data.google_backup_dr_backup.tf
@@ -0,0 +1,10 @@
+data "google_backup_dr_backup" "pike" {
+  location        = "us-central1"
+  project         = "pike-412922"
+  data_source_id  = "pike"
+  backup_vault_id = "pike"
+}
+
+output "google_backup_dr_backup" {
+  value = data.google_backup_dr_backup.pike
+}
diff --git a/terraform/google/backup/data.google_backup_dr_backup_plan_association.tf b/terraform/google/backup/data.google_backup_dr_backup_plan_association.tf
new file mode 100644
index 00000000..47221cb7
--- /dev/null
+++ b/terraform/google/backup/data.google_backup_dr_backup_plan_association.tf
@@ -0,0 +1,8 @@
+data "google_backup_dr_backup_plan_association" "pike" {
+  location                   = "us-central1"
+  backup_plan_association_id = "pike"
+}
+
+output "google_backup_dr_backup_plan_association" {
+  value = data.google_backup_dr_backup_plan_association.pike
+}
diff --git a/terraform/google/backup/data.google_backup_dr_backup_plan_associations.tf b/terraform/google/backup/data.google_backup_dr_backup_plan_associations.tf
new file mode 100644
index 00000000..5a074e67
--- /dev/null
+++ b/terraform/google/backup/data.google_backup_dr_backup_plan_associations.tf
@@ -0,0 +1,8 @@
+data "google_backup_dr_backup_plan_associations" "pike" {
+  resource_type = "sqladmin.googleapis.com/Instance"
+  location      = "us-central1"
+}
+
+output "google_backup_dr_backup_plan_associations" {
+  value = data.google_backup_dr_backup_plan_associations.pike
+}
diff --git a/terraform/google/backup/data.google_backup_dr_backup_vault.tf b/terraform/google/backup/data.google_backup_dr_backup_vault.tf
new file mode 100644
index 00000000..2f7d6873
--- /dev/null
+++ b/terraform/google/backup/data.google_backup_dr_backup_vault.tf
@@ -0,0 +1,8 @@
+data "google_backup_dr_backup_vault" "pike" {
+  location        = "us-central1"
+  backup_vault_id = "pike"
+}
+
+output "google_backup_dr_backup_vault" {
+  value = data.google_backup_dr_backup_vault.pike
+}
diff --git a/terraform/google/backup/data.google_backup_dr_data_source.tf b/terraform/google/backup/data.google_backup_dr_data_source.tf
new file mode 100644
index 00000000..f55f5324
--- /dev/null
+++ b/terraform/google/backup/data.google_backup_dr_data_source.tf
@@ -0,0 +1,10 @@
+data "google_backup_dr_data_source" "pike" {
+  location        = "us-central1"
+  project         = "pike-412922"
+  data_source_id  = "pike"
+  backup_vault_id = "pike"
+}
+
+output "google_backup_dr_data_source" {
+  value = data.google_backup_dr_data_source.pike
+}
diff --git a/terraform/google/backup/data.google_backup_dr_data_source_reference.tf b/terraform/google/backup/data.google_backup_dr_data_source_reference.tf
new file mode 100644
index 00000000..d10297bd
--- /dev/null
+++ b/terraform/google/backup/data.google_backup_dr_data_source_reference.tf
@@ -0,0 +1,8 @@
+data "google_backup_dr_data_source_reference" "pike" {
+  data_source_reference_id = "pike"
+  location                 = "us-central1"
+}
+
+output "google_backup_dr_data_source_reference" {
+  value = data.google_backup_dr_data_source_reference.pike
+}
diff --git a/terraform/google/backup/data.google_backup_dr_data_source_references.tf b/terraform/google/backup/data.google_backup_dr_data_source_references.tf
new file mode 100644
index 00000000..a30403fd
--- /dev/null
+++ b/terraform/google/backup/data.google_backup_dr_data_source_references.tf
@@ -0,0 +1,8 @@
+data "google_backup_dr_data_source_references" "pike" {
+  location      = "us-central1"
+  resource_type = "sqladmin.googleapis.com/Instance"
+}
+
+output "google_backup_dr_data_source_references" {
+  value = data.google_backup_dr_data_source_references.pike
+}
diff --git a/terraform/google/backup/data.google_beyondcorp_application_iam_policy.tf b/terraform/google/backup/data.google_beyondcorp_application_iam_policy.tf
new file mode 100644
index 00000000..dcd9edc0
--- /dev/null
+++ b/terraform/google/backup/data.google_beyondcorp_application_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_beyondcorp_application_iam_policy" "pike" {
+  security_gateways_id = "pike"
+  application_id       = "pike"
+}
+
+output "google_beyondcorp_application_iam_policy" {
+  value = data.google_beyondcorp_application_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_beyondcorp_security_gateway.tf b/terraform/google/backup/data.google_beyondcorp_security_gateway.tf
new file mode 100644
index 00000000..7c596c30
--- /dev/null
+++ b/terraform/google/backup/data.google_beyondcorp_security_gateway.tf
@@ -0,0 +1,8 @@
+data "google_beyondcorp_security_gateway" "pike" {
+  security_gateway_id = "pike"
+
+}
+
+output "google_beyondcorp_security_gateway" {
+  value = data.google_beyondcorp_security_gateway.pike
+}
diff --git a/terraform/google/backup/data.google_beyondcorp_security_gateway_application_iam_policy.tf b/terraform/google/backup/data.google_beyondcorp_security_gateway_application_iam_policy.tf
new file mode 100644
index 00000000..05aad362
--- /dev/null
+++ b/terraform/google/backup/data.google_beyondcorp_security_gateway_application_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_beyondcorp_security_gateway_application_iam_policy" "pike" {
+  application_id      = "pike"
+  security_gateway_id = "pike"
+}
+
+output "google_beyondcorp_security_gateway_application_iam_policy" {
+  value = data.google_beyondcorp_security_gateway_application_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_beyondcorp_security_gateway_iam_policy.tf b/terraform/google/backup/data.google_beyondcorp_security_gateway_iam_policy.tf
new file mode 100644
index 00000000..32dcb008
--- /dev/null
+++ b/terraform/google/backup/data.google_beyondcorp_security_gateway_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_beyondcorp_security_gateway_iam_policy" "pike" {
+  security_gateway_id = "pike"
+  location            = "us-central1"
+}
+
+output "google_beyondcorp_security_gateway_iam_policy" {
+  value = data.google_beyondcorp_security_gateway_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_bigquery_datapolicyv2_data_policy_iam_policy.tf b/terraform/google/backup/data.google_bigquery_datapolicyv2_data_policy_iam_policy.tf
new file mode 100644
index 00000000..8b59f726
--- /dev/null
+++ b/terraform/google/backup/data.google_bigquery_datapolicyv2_data_policy_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_bigquery_datapolicyv2_data_policy_iam_policy" "pike" {
+  data_policy_id = "pike"
+}
+
+output "google_bigquery_datapolicyv2_data_policy_iam_policy" {
+  value = data.google_bigquery_datapolicyv2_data_policy_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_bigquery_dataset.tf b/terraform/google/backup/data.google_bigquery_dataset.tf
index 7274d5bb..3fba3de1 100644
--- a/terraform/google/backup/data.google_bigquery_dataset.tf
+++ b/terraform/google/backup/data.google_bigquery_dataset.tf
@@ -1,4 +1,4 @@
 data "google_bigquery_dataset" "pike" {
   dataset_id = "my-bq-dataset"
-  project    = "pike-gcp"
+  project    = "pike"
 }
diff --git a/terraform/google/backup/data.google_bigquery_datasets.tf b/terraform/google/backup/data.google_bigquery_datasets.tf
new file mode 100644
index 00000000..f2b66eee
--- /dev/null
+++ b/terraform/google/backup/data.google_bigquery_datasets.tf
@@ -0,0 +1,6 @@
+data "google_bigquery_datasets" "pike" {
+}
+
+output "google_bigquery_datasets" {
+  value = data.google_bigquery_datasets.pike
+}
diff --git a/terraform/google/backup/data.google_bigquery_table.tf b/terraform/google/backup/data.google_bigquery_table.tf
new file mode 100644
index 00000000..c83629b0
--- /dev/null
+++ b/terraform/google/backup/data.google_bigquery_table.tf
@@ -0,0 +1,8 @@
+data "google_bigquery_table" "pike" {
+  table_id   = "pike"
+  dataset_id = "pike"
+}
+
+output "google_bigquery_table" {
+  value = data.google_bigquery_table.pike
+}
diff --git a/terraform/google/backup/data.google_bigquery_tables.tf b/terraform/google/backup/data.google_bigquery_tables.tf
new file mode 100644
index 00000000..f17ca9ae
--- /dev/null
+++ b/terraform/google/backup/data.google_bigquery_tables.tf
@@ -0,0 +1,7 @@
+data "google_bigquery_tables" "pike" {
+  dataset_id = "pike"
+}
+
+output "google_bigquery_tables" {
+  value = data.google_bigquery_tables.pike
+}
diff --git a/terraform/google/backup/data.google_certificate_manager_certificates.tf b/terraform/google/backup/data.google_certificate_manager_certificates.tf
new file mode 100644
index 00000000..c43bfba8
--- /dev/null
+++ b/terraform/google/backup/data.google_certificate_manager_certificates.tf
@@ -0,0 +1,6 @@
+data "google_certificate_manager_certificates" "pike" {
+}
+
+output "google_certificate_manager_certificates" {
+  value = data.google_certificate_manager_certificates.pike
+}
diff --git a/terraform/google/backup/data.google_certificate_manager_dns_authorization.tf b/terraform/google/backup/data.google_certificate_manager_dns_authorization.tf
new file mode 100644
index 00000000..7f14e64e
--- /dev/null
+++ b/terraform/google/backup/data.google_certificate_manager_dns_authorization.tf
@@ -0,0 +1,7 @@
+data "google_certificate_manager_dns_authorization" "pike" {
+  provider = google-beta
+}
+
+output "google_certificate_manager_dns_authorization" {
+  value = data.google_certificate_manager_dns_authorization.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_identity_group_transitive_memberships.tf b/terraform/google/backup/data.google_cloud_identity_group_transitive_memberships.tf
new file mode 100644
index 00000000..7cd12094
--- /dev/null
+++ b/terraform/google/backup/data.google_cloud_identity_group_transitive_memberships.tf
@@ -0,0 +1,7 @@
+data "google_cloud_identity_group_transitive_memberships" "pike" {
+  group = "pike"
+}
+
+output "google_cloud_identity_group_transitive_memberships" {
+  value = data.google_cloud_identity_group_transitive_memberships.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_quotas_quota_info.tf b/terraform/google/backup/data.google_cloud_quotas_quota_info.tf
new file mode 100644
index 00000000..511d0339
--- /dev/null
+++ b/terraform/google/backup/data.google_cloud_quotas_quota_info.tf
@@ -0,0 +1,9 @@
+data "google_cloud_quotas_quota_info" "pike" {
+  parent   = "pike"
+  quota_id = "pike"
+  service  = "pike"
+}
+
+output "google_cloud_quotas_quota_info" {
+  value = data.google_cloud_quotas_quota_info.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_quotas_quota_infos.tf b/terraform/google/backup/data.google_cloud_quotas_quota_infos.tf
new file mode 100644
index 00000000..f7040373
--- /dev/null
+++ b/terraform/google/backup/data.google_cloud_quotas_quota_infos.tf
@@ -0,0 +1,8 @@
+data "google_cloud_quotas_quota_infos" "pike" {
+  service = "pike"
+  parent  = "pike"
+}
+
+output "google_cloud_quotas_quota_infos" {
+  value = data.google_cloud_quotas_quota_infos.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_v2_job.tf b/terraform/google/backup/data.google_cloud_run_v2_job.tf
index 3fe34617..8a538448 100644
--- a/terraform/google/backup/data.google_cloud_run_v2_job.tf
+++ b/terraform/google/backup/data.google_cloud_run_v2_job.tf
@@ -1,7 +1,7 @@
 data "google_cloud_run_v2_job" "pike" {
   provider = google-beta
   name     = "pike"
-  project  = "pike-gcp"
+  project  = "pike"
   location = "europe-west2"
 }
 
diff --git a/terraform/google/backup/data.google_cloud_run_v2_service.tf b/terraform/google/backup/data.google_cloud_run_v2_service.tf
index 45fc2b18..e0f517d3 100644
--- a/terraform/google/backup/data.google_cloud_run_v2_service.tf
+++ b/terraform/google/backup/data.google_cloud_run_v2_service.tf
@@ -1,7 +1,7 @@
 data "google_cloud_run_v2_service" "pike" {
   provider = google-beta
   name     = "pike"
-  project  = "pike-gcp"
+  project  = "pike"
   location = "europe-west2"
 }
 
diff --git a/terraform/google/backup/data.google_cloud_run_v2_worker_pool.tf b/terraform/google/backup/data.google_cloud_run_v2_worker_pool.tf
new file mode 100644
index 00000000..5b3f1cb7
--- /dev/null
+++ b/terraform/google/backup/data.google_cloud_run_v2_worker_pool.tf
@@ -0,0 +1,8 @@
+data "google_cloud_run_v2_worker_pool" "pike" {
+  name     = "pike"
+  location = "us-central1"
+}
+
+output "google_cloud_run_v2_worker_pool" {
+  value = data.google_cloud_run_v2_worker_pool.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_v2_worker_pool_iam_policy.tf b/terraform/google/backup/data.google_cloud_run_v2_worker_pool_iam_policy.tf
new file mode 100644
index 00000000..59766abb
--- /dev/null
+++ b/terraform/google/backup/data.google_cloud_run_v2_worker_pool_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_cloud_run_v2_worker_pool_iam_policy" "pike" {
+  name = "pike"
+}
+
+output "google_cloud_run_v2_worker_pool_iam_policy" {
+  value = data.google_cloud_run_v2_worker_pool_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_cloudbuild_trigger.tf b/terraform/google/backup/data.google_cloudbuild_trigger.tf
index d5596f8c..50127fd8 100644
--- a/terraform/google/backup/data.google_cloudbuild_trigger.tf
+++ b/terraform/google/backup/data.google_cloudbuild_trigger.tf
@@ -1,5 +1,5 @@
 data "google_cloudbuild_trigger" "pike" {
-  project    = "pike-gcp"
+  project    = "pike"
   trigger_id = "9c1e342a-8e6d-47d5-b764-ad43a1e25acb"
   location   = "global"
 }
diff --git a/terraform/google/backup/data.google_clouddeploy_custom_target_type_iam_policy.tf b/terraform/google/backup/data.google_clouddeploy_custom_target_type_iam_policy.tf
new file mode 100644
index 00000000..de1fdba1
--- /dev/null
+++ b/terraform/google/backup/data.google_clouddeploy_custom_target_type_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_clouddeploy_custom_target_type_iam_policy" "pike" {
+  name = "pike"
+}
+
+output "google_clouddeploy_custom_target_type_iam_policy" {
+  value = data.google_clouddeploy_custom_target_type_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_clouddeploy_delivery_pipeline_iam_policy.tf b/terraform/google/backup/data.google_clouddeploy_delivery_pipeline_iam_policy.tf
new file mode 100644
index 00000000..4a397e8e
--- /dev/null
+++ b/terraform/google/backup/data.google_clouddeploy_delivery_pipeline_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_clouddeploy_delivery_pipeline_iam_policy" "pike" {
+  name = "pike"
+}
+
+output "google_clouddeploy_delivery_pipeline_iam_policy" {
+  value = data.google_clouddeploy_delivery_pipeline_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_clouddeploy_target_iam_policy.tf b/terraform/google/backup/data.google_clouddeploy_target_iam_policy.tf
new file mode 100644
index 00000000..cfadce82
--- /dev/null
+++ b/terraform/google/backup/data.google_clouddeploy_target_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_clouddeploy_target_iam_policy" "pike" {
+  name = "pike"
+}
+
+output "google_clouddeploy_target_iam_policy" {
+  value = data.google_clouddeploy_target_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_colab_runtime_template_iam_policy.tf b/terraform/google/backup/data.google_colab_runtime_template_iam_policy.tf
new file mode 100644
index 00000000..8f3c80c1
--- /dev/null
+++ b/terraform/google/backup/data.google_colab_runtime_template_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_colab_runtime_template_iam_policy" "pike" {
+  runtime_template = "pike"
+}
+
+output "google_colab_runtime_template_iam_policy" {
+  value = data.google_colab_runtime_template_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_composer_user_workloads_config_map.tf b/terraform/google/backup/data.google_composer_user_workloads_config_map.tf
new file mode 100644
index 00000000..4584fa31
--- /dev/null
+++ b/terraform/google/backup/data.google_composer_user_workloads_config_map.tf
@@ -0,0 +1,8 @@
+data "google_composer_user_workloads_config_map" "pike" {
+  name        = "pike"
+  environment = "pike"
+}
+
+output "google_composer_user_workloads_config_map" {
+  value = data.google_composer_user_workloads_config_map.pike
+}
diff --git a/terraform/google/backup/data.google_composer_user_workloads_secret.tf b/terraform/google/backup/data.google_composer_user_workloads_secret.tf
new file mode 100644
index 00000000..0c7bd372
--- /dev/null
+++ b/terraform/google/backup/data.google_composer_user_workloads_secret.tf
@@ -0,0 +1,8 @@
+data "google_composer_user_workloads_secret" "pike" {
+  environment = "pike"
+  name        = "pike"
+}
+
+output "google_composer_user_workloads_secret" {
+  value = data.google_composer_user_workloads_secret.pike
+}
diff --git a/terraform/google/backup/data.google_compute_forwarding_rules.tf b/terraform/google/backup/data.google_compute_forwarding_rules.tf
new file mode 100644
index 00000000..95ff9c3b
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_forwarding_rules.tf
@@ -0,0 +1,6 @@
+data "google_compute_forwarding_rules" "pike" {
+}
+
+output "google_compute_forwarding_rules" {
+  value = data.google_compute_forwarding_rules.pike
+}
diff --git a/terraform/google/backup/data.google_compute_images.tf b/terraform/google/backup/data.google_compute_images.tf
new file mode 100644
index 00000000..b9f99677
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_images.tf
@@ -0,0 +1,6 @@
+data "google_compute_images" "pike" {
+}
+
+output "google_compute_images" {
+  value = data.google_compute_images.pike
+}
diff --git a/terraform/google/backup/data.google_compute_instance_guest_attributes.tf b/terraform/google/backup/data.google_compute_instance_guest_attributes.tf
new file mode 100644
index 00000000..cffc1d59
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_instance_guest_attributes.tf
@@ -0,0 +1,8 @@
+data "google_compute_instance_guest_attributes" "pike" {
+  name = "pike"
+  zone = "us-central1-a"
+}
+
+output "google_compute_instance_guest_attributes" {
+  value = data.google_compute_instance_guest_attributes.pike
+}
diff --git a/terraform/google/backup/data.google_compute_instance_template_iam_policy.tf b/terraform/google/backup/data.google_compute_instance_template_iam_policy.tf
new file mode 100644
index 00000000..0eb2716e
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_instance_template_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_compute_instance_template_iam_policy" "pike" {
+  name = "pike"
+}
+
+output "google_compute_instance_template_iam_policy" {
+  value = data.google_compute_instance_template_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_compute_instant_snapshot_iam_policy.tf b/terraform/google/backup/data.google_compute_instant_snapshot_iam_policy.tf
new file mode 100644
index 00000000..2954d7ba
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_instant_snapshot_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_compute_instant_snapshot_iam_policy" "pike" {
+  name = "pike"
+  zone = "us-central1-a"
+}
+
+output "google_compute_instant_snapshot_iam_policy" {
+  value = data.google_compute_instant_snapshot_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_compute_interconnect_location.tf b/terraform/google/backup/data.google_compute_interconnect_location.tf
new file mode 100644
index 00000000..170fcb73
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_interconnect_location.tf
@@ -0,0 +1,8 @@
+data "google_compute_interconnect_location" "pike" {
+  provider = google-beta
+  name     = "pike"
+}
+
+output "google_compute_interconnect_location" {
+  value = data.google_compute_interconnect_location.pike
+}
diff --git a/terraform/google/backup/data.google_compute_interconnect_locations.tf b/terraform/google/backup/data.google_compute_interconnect_locations.tf
new file mode 100644
index 00000000..5062b1e8
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_interconnect_locations.tf
@@ -0,0 +1,7 @@
+data "google_compute_interconnect_locations" "pike" {
+  provider = google-beta
+}
+
+output "google_compute_interconnect_locations" {
+  value = data.google_compute_interconnect_locations.pike
+}
diff --git a/terraform/google/backup/data.google_compute_machine_types.tf b/terraform/google/backup/data.google_compute_machine_types.tf
new file mode 100644
index 00000000..f76f7b31
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_machine_types.tf
@@ -0,0 +1,7 @@
+data "google_compute_machine_types" "pike" {
+  zone = "us-central1-a"
+}
+
+output "google_compute_machine_types" {
+  value = data.google_compute_machine_types.pike
+}
diff --git a/terraform/google/backup/data.google_compute_network_attachment.tf b/terraform/google/backup/data.google_compute_network_attachment.tf
new file mode 100644
index 00000000..7d1e8105
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_network_attachment.tf
@@ -0,0 +1,6 @@
+data "google_compute_network_attachment" "pike" {
+}
+
+output "google_compute_network_attachment" {
+  value = data.google_compute_network_attachment.pike
+}
diff --git a/terraform/google/backup/data.google_compute_region_backend_service.tf b/terraform/google/backup/data.google_compute_region_backend_service.tf
new file mode 100644
index 00000000..4ca6f29c
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_region_backend_service.tf
@@ -0,0 +1,7 @@
+data "google_compute_region_backend_service" "pike" {
+  name = "pike"
+}
+
+output "google_compute_region_backend_service" {
+  value = data.google_compute_region_backend_service.pike
+}
diff --git a/terraform/google/backup/data.google_compute_region_instance_group_manager.tf b/terraform/google/backup/data.google_compute_region_instance_group_manager.tf
new file mode 100644
index 00000000..50ac3bc8
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_region_instance_group_manager.tf
@@ -0,0 +1,7 @@
+data "google_compute_region_instance_group_manager" "pike" {
+  name = "pike"
+}
+
+output "google_compute_region_instance_group_manager" {
+  value = data.google_compute_region_instance_group_manager.pike
+}
diff --git a/terraform/google/backup/data.google_compute_security_policy.tf b/terraform/google/backup/data.google_compute_security_policy.tf
new file mode 100644
index 00000000..aa4840a0
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_security_policy.tf
@@ -0,0 +1,8 @@
+data "google_compute_security_policy" "pike" {
+  name = "pike"
+
+}
+
+output "google_compute_security_policy" {
+  value = data.google_compute_security_policy.pike
+}
diff --git a/terraform/google/backup/data.google_compute_storage_pool_iam_policy.tf b/terraform/google/backup/data.google_compute_storage_pool_iam_policy.tf
new file mode 100644
index 00000000..8afe2762
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_storage_pool_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_compute_storage_pool_iam_policy" "pike" {
+  name = "pike"
+  zone = "us-central1-a"
+}
+
+output "google_compute_storage_pool_iam_policy" {
+  value = data.google_compute_storage_pool_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_compute_storage_pool_types.tf b/terraform/google/backup/data.google_compute_storage_pool_types.tf
new file mode 100644
index 00000000..a4a9fd7d
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_storage_pool_types.tf
@@ -0,0 +1,8 @@
+data "google_compute_storage_pool_types" "pike" {
+  storage_pool_type = "pike"
+  zone              = "us-central1-a"
+}
+
+output "google_compute_storage_pool_types" {
+  value = data.google_compute_storage_pool_types.pike
+}
diff --git a/terraform/google/backup/data.google_compute_subnetworks.tf b/terraform/google/backup/data.google_compute_subnetworks.tf
new file mode 100644
index 00000000..89ce57da
--- /dev/null
+++ b/terraform/google/backup/data.google_compute_subnetworks.tf
@@ -0,0 +1,6 @@
+data "google_compute_subnetworks" "pike" {
+}
+
+output "google_compute_subnetworks" {
+  value = data.google_compute_subnetworks.pike
+}
diff --git a/terraform/google/backup/data.google_container_attached_install_manifest.tf b/terraform/google/backup/data.google_container_attached_install_manifest.tf
new file mode 100644
index 00000000..518c3c88
--- /dev/null
+++ b/terraform/google/backup/data.google_container_attached_install_manifest.tf
@@ -0,0 +1,10 @@
+data "google_container_attached_install_manifest" "pike" {
+  cluster_id       = "pike"
+  project          = "pike-412922"
+  platform_version = "1234"
+  location         = "us-central1"
+}
+
+output "google_container_attached_install_manifest" {
+  value = data.google_container_attached_install_manifest.pike
+}
diff --git a/terraform/google/backup/data.google_container_aws_versions.tf b/terraform/google/backup/data.google_container_aws_versions.tf
new file mode 100644
index 00000000..98798261
--- /dev/null
+++ b/terraform/google/backup/data.google_container_aws_versions.tf
@@ -0,0 +1,8 @@
+data "google_container_aws_versions" "pike" {
+  location = "us-west1"
+  project  = "pike-412922"
+}
+
+output "google_container_aws_versions" {
+  value = data.google_container_aws_versions.pike
+}
diff --git a/terraform/google/backup/data.google_container_azure_versions.tf b/terraform/google/backup/data.google_container_azure_versions.tf
new file mode 100644
index 00000000..3d45ab9a
--- /dev/null
+++ b/terraform/google/backup/data.google_container_azure_versions.tf
@@ -0,0 +1,8 @@
+data "google_container_azure_versions" "pike" {
+  location = "us-west1"
+  project  = "pike-412922"
+}
+
+output "google_container_azure_versions" {
+  value = data.google_container_azure_versions.pike
+}
diff --git a/terraform/google/backup/data.google_dataplex_aspect_type_iam_policy.tf b/terraform/google/backup/data.google_dataplex_aspect_type_iam_policy.tf
new file mode 100644
index 00000000..5eb8da1c
--- /dev/null
+++ b/terraform/google/backup/data.google_dataplex_aspect_type_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_dataplex_aspect_type_iam_policy" "pike" {
+  aspect_type_id = "pike"
+}
+
+output "google_dataplex_aspect_type_iam_policy" {
+  value = data.google_dataplex_aspect_type_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_dataplex_data_quality_rules.tf b/terraform/google/backup/data.google_dataplex_data_quality_rules.tf
new file mode 100644
index 00000000..207a23f5
--- /dev/null
+++ b/terraform/google/backup/data.google_dataplex_data_quality_rules.tf
@@ -0,0 +1,9 @@
+data "google_dataplex_data_quality_rules" "pike" {
+  project      = "pike-412922"
+  location     = "us-central1"
+  data_scan_id = "pike"
+}
+
+output "google_dataplex_data_quality_rules" {
+  value = data.google_dataplex_data_quality_rules.pike
+}
diff --git a/terraform/google/backup/data.google_dataplex_entry_group_iam_policy.tf b/terraform/google/backup/data.google_dataplex_entry_group_iam_policy.tf
new file mode 100644
index 00000000..e9efa6b0
--- /dev/null
+++ b/terraform/google/backup/data.google_dataplex_entry_group_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_dataplex_entry_group_iam_policy" "pike" {
+  entry_group_id = "pike"
+}
+
+output "google_dataplex_entry_group_iam_policy" {
+  value = data.google_dataplex_entry_group_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_dataplex_entry_type_iam_policy.tf b/terraform/google/backup/data.google_dataplex_entry_type_iam_policy.tf
new file mode 100644
index 00000000..a902655b
--- /dev/null
+++ b/terraform/google/backup/data.google_dataplex_entry_type_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_dataplex_entry_type_iam_policy" "pike" {
+  entry_type_id = "pike"
+}
+
+output "google_dataplex_entry_type_iam_policy" {
+  value = data.google_dataplex_entry_type_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_dataplex_glossary_iam_policy.tf b/terraform/google/backup/data.google_dataplex_glossary_iam_policy.tf
new file mode 100644
index 00000000..096ba905
--- /dev/null
+++ b/terraform/google/backup/data.google_dataplex_glossary_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_dataplex_glossary_iam_policy" "pike" {
+  glossary_id = "pike"
+}
+
+output "google_dataplex_glossary_iam_policy" {
+  value = data.google_dataplex_glossary_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_dataproc_metastore_database_iam_policy.tf b/terraform/google/backup/data.google_dataproc_metastore_database_iam_policy.tf
new file mode 100644
index 00000000..d1ee8c71
--- /dev/null
+++ b/terraform/google/backup/data.google_dataproc_metastore_database_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_dataproc_metastore_database_iam_policy" "pike" {
+  database   = "pike"
+  service_id = "pike"
+}
+
+output "google_dataproc_metastore_database_iam_policy" {
+  value = data.google_dataproc_metastore_database_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_dataproc_metastore_table_iam_policy.tf b/terraform/google/backup/data.google_dataproc_metastore_table_iam_policy.tf
new file mode 100644
index 00000000..e2aac29b
--- /dev/null
+++ b/terraform/google/backup/data.google_dataproc_metastore_table_iam_policy.tf
@@ -0,0 +1,10 @@
+data "google_dataproc_metastore_table_iam_policy" "pike" {
+  database_id = "pike"
+  table       = "pike"
+  service_id  = "pike"
+
+}
+
+output "google_dataproc_metastore_table_iam_policy" {
+  value = data.google_dataproc_metastore_table_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_dns_managed_zones.tf b/terraform/google/backup/data.google_dns_managed_zones.tf
new file mode 100644
index 00000000..0346fb4d
--- /dev/null
+++ b/terraform/google/backup/data.google_dns_managed_zones.tf
@@ -0,0 +1,6 @@
+data "google_dns_managed_zones" "pike" {
+}
+
+output "google_dns_managed_zones" {
+  value = data.google_dns_managed_zones.pike
+}
diff --git a/terraform/google/backup/data.google_folder.tf b/terraform/google/backup/data.google_folder.tf
new file mode 100644
index 00000000..18f73e83
--- /dev/null
+++ b/terraform/google/backup/data.google_folder.tf
@@ -0,0 +1,7 @@
+data "google_folder" "pike" {
+  folder = "pike"
+}
+
+output "google_folder" {
+  value = data.google_folder.pike
+}
diff --git a/terraform/google/backup/data.google_folder_iam_policy.tf b/terraform/google/backup/data.google_folder_iam_policy.tf
new file mode 100644
index 00000000..8f2591d5
--- /dev/null
+++ b/terraform/google/backup/data.google_folder_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_folder_iam_policy" "pike" {
+  folder = "folders/pike"
+}
+
+output "google_folder_iam_policy" {
+  value = data.google_folder_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_folders.tf b/terraform/google/backup/data.google_folders.tf
new file mode 100644
index 00000000..05b1b3a5
--- /dev/null
+++ b/terraform/google/backup/data.google_folders.tf
@@ -0,0 +1,7 @@
+data "google_folders" "pike" {
+  parent_id = "organizations/12345"
+}
+
+output "google_folders" {
+  value = data.google_folders.pike
+}
diff --git a/terraform/google/backup/data.google_gemini_repository_group_iam_policy.tf b/terraform/google/backup/data.google_gemini_repository_group_iam_policy.tf
new file mode 100644
index 00000000..1049dad0
--- /dev/null
+++ b/terraform/google/backup/data.google_gemini_repository_group_iam_policy.tf
@@ -0,0 +1,9 @@
+data "google_gemini_repository_group_iam_policy" "pike" {
+  code_repository_index = "pike"
+  repository_group_id   = "pike"
+  project               = "pike-412922"
+}
+
+output "google_gemini_repository_group_iam_policy" {
+  value = data.google_gemini_repository_group_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_gke_hub_feature.tf b/terraform/google/backup/data.google_gke_hub_feature.tf
new file mode 100644
index 00000000..c0f58f8e
--- /dev/null
+++ b/terraform/google/backup/data.google_gke_hub_feature.tf
@@ -0,0 +1,8 @@
+data "google_gke_hub_feature" "pike" {
+  name     = "servicemesh"
+  location = "global"
+}
+
+output "google_gke_hub_feature" {
+  value = data.google_gke_hub_feature.pike
+}
diff --git a/terraform/google/backup/data.google_gke_hub_membership.tf b/terraform/google/backup/data.google_gke_hub_membership.tf
new file mode 100644
index 00000000..b0d02356
--- /dev/null
+++ b/terraform/google/backup/data.google_gke_hub_membership.tf
@@ -0,0 +1,8 @@
+data "google_gke_hub_membership" "pike" {
+  membership_id = "pike"
+  location      = "us-central1"
+}
+
+output "google_gke_hub_membership" {
+  value = data.google_gke_hub_membership.pike
+}
diff --git a/terraform/google/backup/data.google_iam_workforce_pool_iam_policy.tf b/terraform/google/backup/data.google_iam_workforce_pool_iam_policy.tf
new file mode 100644
index 00000000..7b8a68e6
--- /dev/null
+++ b/terraform/google/backup/data.google_iam_workforce_pool_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_iam_workforce_pool_iam_policy" "pike" {
+}
+
+output "google_iam_workforce_pool_iam_policy" {
+  value = data.google_iam_workforce_pool_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_iam_workload_identity_pool_iam_policy.tf b/terraform/google/backup/data.google_iam_workload_identity_pool_iam_policy.tf
new file mode 100644
index 00000000..d4f17d1a
--- /dev/null
+++ b/terraform/google/backup/data.google_iam_workload_identity_pool_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_iam_workload_identity_pool_iam_policy" "pike" {
+  provider                  = google-beta
+  workload_identity_pool_id = "gitlab"
+}
+
+output "google_iam_workload_identity_pool_iam_policy" {
+  value = data.google_iam_workload_identity_pool_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_iap_tunnel_dest_group_iam_policy.tf b/terraform/google/backup/data.google_iap_tunnel_dest_group_iam_policy.tf
new file mode 100644
index 00000000..25538a6f
--- /dev/null
+++ b/terraform/google/backup/data.google_iap_tunnel_dest_group_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_iap_tunnel_dest_group_iam_policy" "pike" {
+  dest_group = "pike"
+}
+
+output "google_iap_tunnel_dest_group_iam_policy" {
+  value = data.google_iap_tunnel_dest_group_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_iap_web_cloud_run_service_iam_policy.tf b/terraform/google/backup/data.google_iap_web_cloud_run_service_iam_policy.tf
new file mode 100644
index 00000000..78958854
--- /dev/null
+++ b/terraform/google/backup/data.google_iap_web_cloud_run_service_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_iap_web_cloud_run_service_iam_policy" "pike" {
+  cloud_run_service_name = "pike"
+}
+
+output "google_iap_web_cloud_run_service_iam_policy" {
+  value = data.google_iap_web_cloud_run_service_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_iap_web_forwarding_rule_service_iam_policy.tf b/terraform/google/backup/data.google_iap_web_forwarding_rule_service_iam_policy.tf
new file mode 100644
index 00000000..3d3d06c3
--- /dev/null
+++ b/terraform/google/backup/data.google_iap_web_forwarding_rule_service_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_iap_web_forwarding_rule_service_iam_policy" "pike" {
+  forwarding_rule_service_name = "pike"
+}
+
+output "google_iap_web_forwarding_rule_service_iam_policy" {
+  value = data.google_iap_web_forwarding_rule_service_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_iap_web_region_forwarding_rule_service_iam_policy.tf b/terraform/google/backup/data.google_iap_web_region_forwarding_rule_service_iam_policy.tf
new file mode 100644
index 00000000..16045650
--- /dev/null
+++ b/terraform/google/backup/data.google_iap_web_region_forwarding_rule_service_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_iap_web_region_forwarding_rule_service_iam_policy" "pike" {
+  provider                   = google-beta
+  web_region_backend_service = "pike"
+}
+
+output "google_iap_web_region_forwarding_rule_service_iam_policy" {
+  value = data.google_iap_web_region_forwarding_rule_service_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_kms_autokey_config.tf b/terraform/google/backup/data.google_kms_autokey_config.tf
new file mode 100644
index 00000000..4f387289
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_autokey_config.tf
@@ -0,0 +1,8 @@
+data "google_kms_autokey_config" "pike" {
+  provider = google-beta
+  folder   = "pike"
+}
+
+output "google_kms_autokey_config" {
+  value = data.google_kms_autokey_config.pike
+}
diff --git a/terraform/google/backup/data.google_kms_crypto_key_latest_version.tf b/terraform/google/backup/data.google_kms_crypto_key_latest_version.tf
new file mode 100644
index 00000000..6fba8423
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_crypto_key_latest_version.tf
@@ -0,0 +1,7 @@
+data "google_kms_crypto_key_latest_version" "pike" {
+  crypto_key = "pike/us-central1/pike/pike"
+}
+
+output "google_kms_crypto_key_latest_version" {
+  value = data.google_kms_crypto_key_latest_version.pike
+}
diff --git a/terraform/google/backup/data.google_kms_crypto_key_versions.tf b/terraform/google/backup/data.google_kms_crypto_key_versions.tf
new file mode 100644
index 00000000..c547fb49
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_crypto_key_versions.tf
@@ -0,0 +1,7 @@
+data "google_kms_crypto_key_versions" "pike" {
+  crypto_key = "pike/us-central1/pike/pike"
+}
+
+output "google_kms_crypto_key_versions" {
+  value = data.google_kms_crypto_key_versions.pike
+}
diff --git a/terraform/google/backup/data.google_kms_crypto_keys.tf b/terraform/google/backup/data.google_kms_crypto_keys.tf
new file mode 100644
index 00000000..ec6edf88
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_crypto_keys.tf
@@ -0,0 +1,7 @@
+data "google_kms_crypto_keys" "pike" {
+  key_ring = "us-central1/pike"
+}
+
+output "google_kms_crypto_keys" {
+  value = data.google_kms_crypto_keys.pike
+}
diff --git a/terraform/google/backup/data.google_kms_ekm_connection_iam_policy.tf b/terraform/google/backup/data.google_kms_ekm_connection_iam_policy.tf
new file mode 100644
index 00000000..b54b522e
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_ekm_connection_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_kms_ekm_connection_iam_policy" "pike" {
+  name = "projects/pike/locations/us-central1/ekmConnections/pike"
+}
+
+output "google_kms_ekm_connection_iam_policy" {
+  value = data.google_kms_ekm_connection_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_kms_key_handle.tf b/terraform/google/backup/data.google_kms_key_handle.tf
new file mode 100644
index 00000000..247bc94c
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_key_handle.tf
@@ -0,0 +1,9 @@
+data "google_kms_key_handle" "pike" {
+  name     = "pike"
+  location = "us-central1"
+  provider = google-beta
+}
+
+output "google_kms_key_handle" {
+  value = data.google_kms_key_handle.pike
+}
diff --git a/terraform/google/backup/data.google_kms_key_handles.tf b/terraform/google/backup/data.google_kms_key_handles.tf
new file mode 100644
index 00000000..198b7034
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_key_handles.tf
@@ -0,0 +1,9 @@
+data "google_kms_key_handles" "pike" {
+  provider               = google-beta
+  location               = "us-central1"
+  resource_type_selector = "storage.googleapis.com/Bucket"
+}
+
+output "google_kms_key_handles" {
+  value = data.google_kms_key_handles.pike
+}
diff --git a/terraform/google/backup/data.google_kms_key_rings.tf b/terraform/google/backup/data.google_kms_key_rings.tf
new file mode 100644
index 00000000..f8fb10fe
--- /dev/null
+++ b/terraform/google/backup/data.google_kms_key_rings.tf
@@ -0,0 +1,7 @@
+data "google_kms_key_rings" "pike" {
+  location = "us-central1"
+}
+
+output "google_kms_key_rings" {
+  value = data.google_kms_key_rings.pike
+}
diff --git a/terraform/google/backup/data.google_logging_log_view_iam_policy.tf b/terraform/google/backup/data.google_logging_log_view_iam_policy.tf
new file mode 100644
index 00000000..e48d0995
--- /dev/null
+++ b/terraform/google/backup/data.google_logging_log_view_iam_policy.tf
@@ -0,0 +1,9 @@
+data "google_logging_log_view_iam_policy" "pike" {
+  bucket = "anyoldshet"
+  parent = "pike"
+  name   = "pike"
+}
+
+output "google_logging_log_view_iam_policy" {
+  value = data.google_logging_log_view_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_lustre_instance.tf b/terraform/google/backup/data.google_lustre_instance.tf
new file mode 100644
index 00000000..a829d693
--- /dev/null
+++ b/terraform/google/backup/data.google_lustre_instance.tf
@@ -0,0 +1,8 @@
+data "google_lustre_instance" "pike" {
+  instance_id = "pike"
+  zone        = "us-central1-a"
+}
+
+output "google_lustre_instance" {
+  value = data.google_lustre_instance.pike
+}
diff --git a/terraform/google/backup/data.google_memcache_instance.tf b/terraform/google/backup/data.google_memcache_instance.tf
new file mode 100644
index 00000000..7f83eba9
--- /dev/null
+++ b/terraform/google/backup/data.google_memcache_instance.tf
@@ -0,0 +1,7 @@
+data "google_memcache_instance" "pike" {
+  name = "pike"
+}
+
+output "google_memcache_instance" {
+  value = data.google_memcache_instance.pike
+}
diff --git a/terraform/google/backup/data.google_memorystore_instance.tf b/terraform/google/backup/data.google_memorystore_instance.tf
new file mode 100644
index 00000000..860851dc
--- /dev/null
+++ b/terraform/google/backup/data.google_memorystore_instance.tf
@@ -0,0 +1,7 @@
+data "google_memorystore_instance" "pike" {
+  instance_id = "pike"
+}
+
+output "google_memorystore_instance" {
+  value = data.google_memorystore_instance.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_autonomous_database.tf b/terraform/google/backup/data.google_oracle_database_autonomous_database.tf
new file mode 100644
index 00000000..c887c8d0
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_autonomous_database.tf
@@ -0,0 +1,8 @@
+data "google_oracle_database_autonomous_database" "pike" {
+  location               = "us-central1"
+  autonomous_database_id = "pike"
+}
+
+output "google_oracle_database_autonomous_database" {
+  value = data.google_oracle_database_autonomous_database.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_autonomous_databases.tf b/terraform/google/backup/data.google_oracle_database_autonomous_databases.tf
new file mode 100644
index 00000000..79012aae
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_autonomous_databases.tf
@@ -0,0 +1,7 @@
+data "google_oracle_database_autonomous_databases" "pike" {
+  location = "us-central1"
+}
+
+output "google_oracle_database_autonomous_databases" {
+  value = data.google_oracle_database_autonomous_databases.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_cloud_exadata_infrastructure.tf b/terraform/google/backup/data.google_oracle_database_cloud_exadata_infrastructure.tf
new file mode 100644
index 00000000..20c5ae49
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_cloud_exadata_infrastructure.tf
@@ -0,0 +1,8 @@
+data "google_oracle_database_cloud_exadata_infrastructure" "pike" {
+  location                        = "us-central1"
+  cloud_exadata_infrastructure_id = "pike"
+}
+
+output "google_oracle_database_cloud_exadata_infrastructure" {
+  value = data.google_oracle_database_cloud_exadata_infrastructure.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_cloud_exadata_infrastructures.tf b/terraform/google/backup/data.google_oracle_database_cloud_exadata_infrastructures.tf
new file mode 100644
index 00000000..6a99ee51
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_cloud_exadata_infrastructures.tf
@@ -0,0 +1,7 @@
+data "google_oracle_database_cloud_exadata_infrastructures" "pike" {
+  location = "us-central1"
+}
+
+output "google_oracle_database_cloud_exadata_infrastructures" {
+  value = data.google_oracle_database_cloud_exadata_infrastructures.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_cloud_vm_cluster.tf b/terraform/google/backup/data.google_oracle_database_cloud_vm_cluster.tf
new file mode 100644
index 00000000..5ca731af
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_cloud_vm_cluster.tf
@@ -0,0 +1,8 @@
+data "google_oracle_database_cloud_vm_cluster" "pike" {
+  location            = "us-central1"
+  cloud_vm_cluster_id = "pike"
+}
+
+output "google_oracle_database_cloud_vm_cluster" {
+  value = data.google_oracle_database_cloud_vm_cluster.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_cloud_vm_clusters.tf b/terraform/google/backup/data.google_oracle_database_cloud_vm_clusters.tf
new file mode 100644
index 00000000..0b395a80
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_cloud_vm_clusters.tf
@@ -0,0 +1,7 @@
+data "google_oracle_database_cloud_vm_clusters" "pike" {
+  location = "us-central1"
+}
+
+output "google_oracle_database_cloud_vm_clusters" {
+  value = data.google_oracle_database_cloud_vm_clusters.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_db_nodes.tf b/terraform/google/backup/data.google_oracle_database_db_nodes.tf
new file mode 100644
index 00000000..5fa14003
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_db_nodes.tf
@@ -0,0 +1,8 @@
+data "google_oracle_database_db_nodes" "pike" {
+  cloud_vm_cluster = "pike"
+  location         = "us-central1"
+}
+
+output "google_oracle_database_db_nodes" {
+  value = data.google_oracle_database_db_nodes.pike
+}
diff --git a/terraform/google/backup/data.google_oracle_database_db_servers.tf b/terraform/google/backup/data.google_oracle_database_db_servers.tf
new file mode 100644
index 00000000..761f25a7
--- /dev/null
+++ b/terraform/google/backup/data.google_oracle_database_db_servers.tf
@@ -0,0 +1,8 @@
+data "google_oracle_database_db_servers" "pike" {
+  cloud_exadata_infrastructure = "pike"
+  location                     = "us-central1"
+}
+
+output "google_oracle_database_db_servers" {
+  value = data.google_oracle_database_db_servers.pike
+}
diff --git a/terraform/google/backup/data.google_organization_iam_custom_role.tf b/terraform/google/backup/data.google_organization_iam_custom_role.tf
new file mode 100644
index 00000000..13201877
--- /dev/null
+++ b/terraform/google/backup/data.google_organization_iam_custom_role.tf
@@ -0,0 +1,9 @@
+data "google_organization_iam_custom_role" "pike" {
+  role_id = "pike"
+  org_id  = "123456789"
+}
+
+
+output "google_organization_iam_custom_role" {
+  value = data.google_organization_iam_custom_role.pike
+}
diff --git a/terraform/google/backup/data.google_organization_iam_custom_roles.tf b/terraform/google/backup/data.google_organization_iam_custom_roles.tf
new file mode 100644
index 00000000..69f74eb3
--- /dev/null
+++ b/terraform/google/backup/data.google_organization_iam_custom_roles.tf
@@ -0,0 +1,9 @@
+data "google_organization_iam_custom_roles" "pike" {
+  org_id       = "1234567890"
+  show_deleted = true
+  view         = "FULL"
+}
+
+output "google_organization_iam_custom_roles" {
+  value = data.google_organization_iam_custom_roles.pike
+}
diff --git a/terraform/google/backup/data.google_organization_iam_policy.tf b/terraform/google/backup/data.google_organization_iam_policy.tf
new file mode 100644
index 00000000..b902468d
--- /dev/null
+++ b/terraform/google/backup/data.google_organization_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_organization_iam_policy" "pike" {
+}
+
+output "google_organization_iam_policy" {
+  value = data.google_organization_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_organizations.tf b/terraform/google/backup/data.google_organizations.tf
new file mode 100644
index 00000000..c8634fce
--- /dev/null
+++ b/terraform/google/backup/data.google_organizations.tf
@@ -0,0 +1,6 @@
+data "google_organizations" "pike" {
+}
+
+output "google_organizations" {
+  value = data.google_organizations.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_parameter.tf b/terraform/google/backup/data.google_parameter_manager_parameter.tf
new file mode 100644
index 00000000..ae7e3e98
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_parameter.tf
@@ -0,0 +1,7 @@
+data "google_parameter_manager_parameter" "pike" {
+  parameter_id = "pike"
+}
+
+output "google_parameter_manager_parameter" {
+  value = data.google_parameter_manager_parameter.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_parameter_version.tf b/terraform/google/backup/data.google_parameter_manager_parameter_version.tf
new file mode 100644
index 00000000..11a45450
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_parameter_version.tf
@@ -0,0 +1,8 @@
+data "google_parameter_manager_parameter_version" "pike" {
+  parameter_version_id = "pike"
+  parameter            = "pike"
+}
+
+output "google_parameter_manager_parameter_version" {
+  value = data.google_parameter_manager_parameter_version.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_parameter_version_render.tf b/terraform/google/backup/data.google_parameter_manager_parameter_version_render.tf
new file mode 100644
index 00000000..f7e54c94
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_parameter_version_render.tf
@@ -0,0 +1,8 @@
+data "google_parameter_manager_parameter_version_render" "pike" {
+  parameter_version_id = "pike"
+  parameter            = "pike"
+}
+
+output "google_parameter_manager_parameter_version_render" {
+  value = data.google_parameter_manager_parameter_version_render.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_parameters.tf b/terraform/google/backup/data.google_parameter_manager_parameters.tf
new file mode 100644
index 00000000..5cc004ba
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_parameters.tf
@@ -0,0 +1,6 @@
+data "google_parameter_manager_parameters" "pike" {
+}
+
+output "google_parameter_manager_parameters" {
+  value = data.google_parameter_manager_parameters.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_regional_parameter.tf b/terraform/google/backup/data.google_parameter_manager_regional_parameter.tf
new file mode 100644
index 00000000..25bbdf89
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_regional_parameter.tf
@@ -0,0 +1,8 @@
+data "google_parameter_manager_regional_parameter" "pike" {
+  location     = "us-central1"
+  parameter_id = "pike"
+}
+
+output "google_parameter_manager_regional_parameter" {
+  value = data.google_parameter_manager_regional_parameter.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_regional_parameter_version.tf b/terraform/google/backup/data.google_parameter_manager_regional_parameter_version.tf
new file mode 100644
index 00000000..c06dd8a1
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_regional_parameter_version.tf
@@ -0,0 +1,9 @@
+data "google_parameter_manager_regional_parameter_version" "pike" {
+  parameter_version_id = "pike"
+  parameter            = "pike"
+  location             = "us-central1"
+}
+
+output "google_parameter_manager_regional_parameter_version" {
+  value = data.google_parameter_manager_regional_parameter_version.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_regional_parameter_version_render.tf b/terraform/google/backup/data.google_parameter_manager_regional_parameter_version_render.tf
new file mode 100644
index 00000000..5f2bc195
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_regional_parameter_version_render.tf
@@ -0,0 +1,9 @@
+data "google_parameter_manager_regional_parameter_version_render" "pike" {
+  parameter_version_id = "pike"
+  parameter            = "pike"
+  location             = "us-central1"
+}
+
+output "google_parameter_manager_regional_parameter_version_render" {
+  value = data.google_parameter_manager_regional_parameter_version_render.pike
+}
diff --git a/terraform/google/backup/data.google_parameter_manager_regional_parameters.tf b/terraform/google/backup/data.google_parameter_manager_regional_parameters.tf
new file mode 100644
index 00000000..7b21d83a
--- /dev/null
+++ b/terraform/google/backup/data.google_parameter_manager_regional_parameters.tf
@@ -0,0 +1,7 @@
+data "google_parameter_manager_regional_parameters" "pike" {
+  location = "us-central1"
+}
+
+output "google_parameter_manager_regional_parameters" {
+  value = data.google_parameter_manager_regional_parameters.pike
+}
diff --git a/terraform/google/backup/data.google_privateca_ca_pool_iam_policy.tf b/terraform/google/backup/data.google_privateca_ca_pool_iam_policy.tf
new file mode 100644
index 00000000..e9cf9e53
--- /dev/null
+++ b/terraform/google/backup/data.google_privateca_ca_pool_iam_policy.tf
@@ -0,0 +1,20 @@
+data "google_privateca_ca_pool_iam_policy" "pike" {
+  ca_pool = google_privateca_ca_pool.default.id
+}
+
+output "google_privateca_ca_pool_iam_policy" {
+  value = data.google_privateca_ca_pool_iam_policy.pike
+}
+
+resource "google_privateca_ca_pool" "default" {
+  name     = "my-pool"
+  location = "us-central1"
+  tier     = "ENTERPRISE"
+  publishing_options {
+    publish_ca_cert = true
+    publish_crl     = true
+  }
+  labels = {
+    foo = "bar"
+  }
+}
diff --git a/terraform/google/backup/data.google_privateca_certificate_authority.tf b/terraform/google/backup/data.google_privateca_certificate_authority.tf
new file mode 100644
index 00000000..3ce5aba5
--- /dev/null
+++ b/terraform/google/backup/data.google_privateca_certificate_authority.tf
@@ -0,0 +1,9 @@
+data "google_privateca_certificate_authority" "pike" {
+  location                 = "us-central1"
+  pool                     = "pool-name"
+  certificate_authority_id = "ca-id"
+}
+
+output "google_privateca_certificate_authority" {
+  value = data.google_privateca_certificate_authority.pike
+}
diff --git a/terraform/google/backup/data.google_privateca_certificate_template_iam_policy.tf b/terraform/google/backup/data.google_privateca_certificate_template_iam_policy.tf
new file mode 100644
index 00000000..aba5cc65
--- /dev/null
+++ b/terraform/google/backup/data.google_privateca_certificate_template_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_privateca_certificate_template_iam_policy" "pike" {
+  certificate_template = google_privateca_certificate_template.default.id
+}
+
+output "google_privateca_certificate_template_iam_policy" {
+  value = data.google_privateca_certificate_template_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_privileged_access_manager_entitlement.tf b/terraform/google/backup/data.google_privileged_access_manager_entitlement.tf
new file mode 100644
index 00000000..3da2fad7
--- /dev/null
+++ b/terraform/google/backup/data.google_privileged_access_manager_entitlement.tf
@@ -0,0 +1,12 @@
+data "google_privileged_access_manager_entitlement" "pike" {
+  parent         = "projects/pike"
+  location       = "global"
+  entitlement_id = "my-entitlement"
+  depends_on = [
+    google_privileged_access_manager_entitlement.entitlement
+  ]
+}
+
+output "google_privileged_access_manager_entitlement" {
+  value = data.google_privileged_access_manager_entitlement.pike
+}
diff --git a/terraform/google/backup/data.google_project_ancestry.tf b/terraform/google/backup/data.google_project_ancestry.tf
new file mode 100644
index 00000000..ed3a559f
--- /dev/null
+++ b/terraform/google/backup/data.google_project_ancestry.tf
@@ -0,0 +1,6 @@
+data "google_project_ancestry" "pike" {
+}
+
+output "google_project_ancestry" {
+  value = data.google_project_ancestry.pike
+}
diff --git a/terraform/google/backup/data.google_project_iam_custom_role.tf b/terraform/google/backup/data.google_project_iam_custom_role.tf
new file mode 100644
index 00000000..ec005668
--- /dev/null
+++ b/terraform/google/backup/data.google_project_iam_custom_role.tf
@@ -0,0 +1,7 @@
+data "google_project_iam_custom_role" "pike" {
+  role_id = "terraform_pike"
+}
+
+output "google_project_iam_custom_role" {
+  value = data.google_project_iam_custom_role.pike
+}
diff --git a/terraform/google/backup/data.google_project_iam_custom_roles.tf b/terraform/google/backup/data.google_project_iam_custom_roles.tf
new file mode 100644
index 00000000..2e2bfcec
--- /dev/null
+++ b/terraform/google/backup/data.google_project_iam_custom_roles.tf
@@ -0,0 +1,7 @@
+data "google_project_iam_custom_roles" "pike" {
+
+}
+
+output "google_project_iam_custom_roles" {
+  value = data.google_project_iam_custom_roles.pike
+}
diff --git a/terraform/google/backup/data.google_project_iam_policy.tf b/terraform/google/backup/data.google_project_iam_policy.tf
new file mode 100644
index 00000000..27cdad00
--- /dev/null
+++ b/terraform/google/backup/data.google_project_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_project_iam_policy" "pike" {
+}
+
+output "google_project_iam_policy" {
+  value = data.google_project_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_project_organization_policy.tf b/terraform/google/backup/data.google_project_organization_policy.tf
new file mode 100644
index 00000000..0264539a
--- /dev/null
+++ b/terraform/google/backup/data.google_project_organization_policy.tf
@@ -0,0 +1,6 @@
+data "google_project_organization_policy" "pike" {
+}
+
+output "google_project_organization_policy" {
+  value = data.google_project_organization_policy.pike
+}
diff --git a/terraform/google/backup/data.google_pubsub_schema_iam_policy.tf b/terraform/google/backup/data.google_pubsub_schema_iam_policy.tf
new file mode 100644
index 00000000..1f53da43
--- /dev/null
+++ b/terraform/google/backup/data.google_pubsub_schema_iam_policy.tf
@@ -0,0 +1,13 @@
+data "google_pubsub_schema_iam_policy" "pike" {
+  schema = google_pubsub_schema.example.id
+}
+
+output "google_pubsub_schema_iam_policy" {
+  value = data.google_pubsub_schema_iam_policy.pike
+}
+
+resource "google_pubsub_schema" "example" {
+  name       = "example-schema"
+  type       = "AVRO"
+  definition = "{\n  \"type\" : \"record\",\n  \"name\" : \"Avro\",\n  \"fields\" : [\n    {\n      \"name\" : \"StringField\",\n      \"type\" : \"string\"\n    },\n    {\n      \"name\" : \"IntField\",\n      \"type\" : \"int\"\n    }\n  ]\n}\n"
+}
diff --git a/terraform/google/backup/data.google_redis_cluster.tf b/terraform/google/backup/data.google_redis_cluster.tf
new file mode 100644
index 00000000..7ac07fff
--- /dev/null
+++ b/terraform/google/backup/data.google_redis_cluster.tf
@@ -0,0 +1,6 @@
+data "google_redis_cluster" "pike" {
+}
+
+output "google_redis_cluster" {
+  value = data.google_redis_cluster.pike
+}
diff --git a/terraform/google/backup/data.google_runtimeconfig_config.tf b/terraform/google/backup/data.google_runtimeconfig_config.tf
new file mode 100644
index 00000000..b9a56dc8
--- /dev/null
+++ b/terraform/google/backup/data.google_runtimeconfig_config.tf
@@ -0,0 +1,6 @@
+data "google_runtimeconfig_config" "pike" {
+}
+
+output "google_runtimeconfig_config" {
+  value = data.google_runtimeconfig_config.pike
+}
diff --git a/terraform/google/backup/data.google_runtimeconfig_config_iam_policy.tf b/terraform/google/backup/data.google_runtimeconfig_config_iam_policy.tf
new file mode 100644
index 00000000..152695b7
--- /dev/null
+++ b/terraform/google/backup/data.google_runtimeconfig_config_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_runtimeconfig_config_iam_policy" "pike" {
+}
+
+output "google_runtimeconfig_config_iam_policy" {
+  value = data.google_runtimeconfig_config_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_runtimeconfig_variable.tf b/terraform/google/backup/data.google_runtimeconfig_variable.tf
new file mode 100644
index 00000000..99b31f5a
--- /dev/null
+++ b/terraform/google/backup/data.google_runtimeconfig_variable.tf
@@ -0,0 +1,6 @@
+data "google_runtimeconfig_variable" "pike" {
+}
+
+output "google_runtimeconfig_variable" {
+  value = data.google_runtimeconfig_variable.pike
+}
diff --git a/terraform/google/backup/data.google_scc_source_iam_policy.tf b/terraform/google/backup/data.google_scc_source_iam_policy.tf
new file mode 100644
index 00000000..3bf30d91
--- /dev/null
+++ b/terraform/google/backup/data.google_scc_source_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_scc_source_iam_policy" "pike" {
+}
+
+output "google_scc_source_iam_policy" {
+  value = data.google_scc_source_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_scc_v2_organization_source_iam_policy.tf b/terraform/google/backup/data.google_scc_v2_organization_source_iam_policy.tf
new file mode 100644
index 00000000..e69508b4
--- /dev/null
+++ b/terraform/google/backup/data.google_scc_v2_organization_source_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_scc_v2_organization_source_iam_policy" "pike" {
+}
+
+output "google_scc_v2_organization_source_iam_policy" {
+  value = data.google_scc_v2_organization_source_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_secret_manager_regional_secret.tf b/terraform/google/backup/data.google_secret_manager_regional_secret.tf
new file mode 100644
index 00000000..8912e3f0
--- /dev/null
+++ b/terraform/google/backup/data.google_secret_manager_regional_secret.tf
@@ -0,0 +1,8 @@
+data "google_secret_manager_regional_secret" "pike" {
+  location  = "us-central1"
+  secret_id = "secretname"
+}
+
+output "google_secret_manager_regional_secret" {
+  value = data.google_secret_manager_regional_secret.pike
+}
diff --git a/terraform/google/backup/data.google_secret_manager_regional_secret_iam_policy.tf b/terraform/google/backup/data.google_secret_manager_regional_secret_iam_policy.tf
new file mode 100644
index 00000000..99690860
--- /dev/null
+++ b/terraform/google/backup/data.google_secret_manager_regional_secret_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_secret_manager_regional_secret_iam_policy" "pike" {
+  secret_id = "secretname"
+}
+
+output "google_secret_manager_regional_secret_iam_policy" {
+  value = data.google_secret_manager_regional_secret_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_secret_manager_regional_secret_version.tf b/terraform/google/backup/data.google_secret_manager_regional_secret_version.tf
new file mode 100644
index 00000000..3dd10c52
--- /dev/null
+++ b/terraform/google/backup/data.google_secret_manager_regional_secret_version.tf
@@ -0,0 +1,8 @@
+data "google_secret_manager_regional_secret_version" "pike" {
+  secret   = "my-secret"
+  location = "us-central1"
+}
+
+output "google_secret_manager_regional_secret_version" {
+  value = data.google_secret_manager_regional_secret_version.pike
+}
diff --git a/terraform/google/backup/data.google_secret_manager_regional_secret_version_access.tf b/terraform/google/backup/data.google_secret_manager_regional_secret_version_access.tf
new file mode 100644
index 00000000..c999fb63
--- /dev/null
+++ b/terraform/google/backup/data.google_secret_manager_regional_secret_version_access.tf
@@ -0,0 +1,8 @@
+data "google_secret_manager_regional_secret_version_access" "pike" {
+  secret   = "my-secret"
+  location = "us-central1"
+}
+
+output "google_secret_manager_regional_secret_version_access" {
+  value = data.google_secret_manager_regional_secret_version_access.pike
+}
diff --git a/terraform/google/backup/data.google_secret_manager_regional_secrets.tf b/terraform/google/backup/data.google_secret_manager_regional_secrets.tf
new file mode 100644
index 00000000..d8b5bd1a
--- /dev/null
+++ b/terraform/google/backup/data.google_secret_manager_regional_secrets.tf
@@ -0,0 +1,7 @@
+data "google_secret_manager_regional_secrets" "pike" {
+  location = "us-central1"
+}
+
+output "google_secret_manager_regional_secrets" {
+  value = data.google_secret_manager_regional_secrets.pike
+}
diff --git a/terraform/google/backup/data.google_secure_source_manager_instance_iam_policy.tf b/terraform/google/backup/data.google_secure_source_manager_instance_iam_policy.tf
new file mode 100644
index 00000000..d01a38d8
--- /dev/null
+++ b/terraform/google/backup/data.google_secure_source_manager_instance_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_secure_source_manager_instance_iam_policy" "pike" {
+}
+
+output "google_secure_source_manager_instance_iam_policy" {
+  value = data.google_secure_source_manager_instance_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_secure_source_manager_repository_iam_policy.tf b/terraform/google/backup/data.google_secure_source_manager_repository_iam_policy.tf
new file mode 100644
index 00000000..ad6135a4
--- /dev/null
+++ b/terraform/google/backup/data.google_secure_source_manager_repository_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_secure_source_manager_repository_iam_policy" "pike" {
+}
+
+output "google_secure_source_manager_repository_iam_policy" {
+  value = data.google_secure_source_manager_repository_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_service_accounts.tf b/terraform/google/backup/data.google_service_accounts.tf
new file mode 100644
index 00000000..55f4038f
--- /dev/null
+++ b/terraform/google/backup/data.google_service_accounts.tf
@@ -0,0 +1,6 @@
+data "google_service_accounts" "pike" {
+}
+
+output "google_service_accounts" {
+  value = data.google_service_accounts.pike
+}
diff --git a/terraform/google/backup/data.google_site_verification_token.tf b/terraform/google/backup/data.google_site_verification_token.tf
new file mode 100644
index 00000000..f3ad7ed2
--- /dev/null
+++ b/terraform/google/backup/data.google_site_verification_token.tf
@@ -0,0 +1,6 @@
+# data "google_site_verification_token" "pike" {
+# }
+#
+# output "google_site_verification_token" {
+#   value = data.google_site_verification_token.pike
+# }
diff --git a/terraform/google/backup/data.google_spanner_database.tf b/terraform/google/backup/data.google_spanner_database.tf
new file mode 100644
index 00000000..fbe1b898
--- /dev/null
+++ b/terraform/google/backup/data.google_spanner_database.tf
@@ -0,0 +1,8 @@
+data "google_spanner_database" "pike" {
+  instance = "pike"
+  name     = "pike"
+}
+
+output "google_spanner_database" {
+  value = data.google_spanner_database.pike
+}
diff --git a/terraform/google/backup/data.google_storage_bucket_objects.tf b/terraform/google/backup/data.google_storage_bucket_objects.tf
new file mode 100644
index 00000000..7b93e4d9
--- /dev/null
+++ b/terraform/google/backup/data.google_storage_bucket_objects.tf
@@ -0,0 +1,7 @@
+data "google_storage_bucket_objects" "pike" {
+  bucket = "stuffidontwanttoshare"
+}
+
+output "google_storage_bucket_objects" {
+  value = data.google_storage_bucket_objects.pike
+}
diff --git a/terraform/google/backup/data.google_storage_buckets.tf b/terraform/google/backup/data.google_storage_buckets.tf
new file mode 100644
index 00000000..05516a84
--- /dev/null
+++ b/terraform/google/backup/data.google_storage_buckets.tf
@@ -0,0 +1,6 @@
+data "google_storage_buckets" "pike" {
+}
+
+output "google_storage_buckets" {
+  value = data.google_storage_buckets.pike
+}
diff --git a/terraform/google/backup/data.google_storage_control_folder_intelligence_config.tf b/terraform/google/backup/data.google_storage_control_folder_intelligence_config.tf
new file mode 100644
index 00000000..35bce2cc
--- /dev/null
+++ b/terraform/google/backup/data.google_storage_control_folder_intelligence_config.tf
@@ -0,0 +1,7 @@
+data "google_storage_control_folder_intelligence_config" "pike" {
+  name = "pike-412922"
+}
+
+output "google_storage_control_folder_intelligence_config" {
+  value = data.google_storage_control_folder_intelligence_config.pike
+}
diff --git a/terraform/google/backup/data.google_storage_control_organization_intelligence_config.tf b/terraform/google/backup/data.google_storage_control_organization_intelligence_config.tf
new file mode 100644
index 00000000..78b5d285
--- /dev/null
+++ b/terraform/google/backup/data.google_storage_control_organization_intelligence_config.tf
@@ -0,0 +1,7 @@
+data "google_storage_control_organization_intelligence_config" "pike" {
+  name = "pike-412922"
+}
+
+output "google_storage_control_organization_intelligence_config" {
+  value = data.google_storage_control_organization_intelligence_config.pike
+}
diff --git a/terraform/google/backup/data.google_storage_control_project_intelligence_config.tf b/terraform/google/backup/data.google_storage_control_project_intelligence_config.tf
new file mode 100644
index 00000000..3fd111a0
--- /dev/null
+++ b/terraform/google/backup/data.google_storage_control_project_intelligence_config.tf
@@ -0,0 +1,7 @@
+data "google_storage_control_project_intelligence_config" "pike" {
+  name = "pike-412922"
+}
+
+output "google_storage_control_project_intelligence_config" {
+  value = data.google_storage_control_project_intelligence_config.pike
+}
diff --git a/terraform/google/backup/data.google_storage_insights_dataset_config.tf b/terraform/google/backup/data.google_storage_insights_dataset_config.tf
new file mode 100644
index 00000000..da26351e
--- /dev/null
+++ b/terraform/google/backup/data.google_storage_insights_dataset_config.tf
@@ -0,0 +1,6 @@
+data "google_storage_insights_dataset_config" "pike" {
+}
+
+output "google_storage_insights_dataset_config" {
+  value = data.google_storage_insights_dataset_config.pike
+}
diff --git a/terraform/google/backup/data.google_tags_tag_key_iam_policy.tf b/terraform/google/backup/data.google_tags_tag_key_iam_policy.tf
new file mode 100644
index 00000000..a594c2f3
--- /dev/null
+++ b/terraform/google/backup/data.google_tags_tag_key_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_tags_tag_key_iam_policy" "pike" {
+}
+
+output "google_tags_tag_key_iam_policy" {
+  value = data.google_tags_tag_key_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_tags_tag_keys.tf b/terraform/google/backup/data.google_tags_tag_keys.tf
new file mode 100644
index 00000000..ecb79935
--- /dev/null
+++ b/terraform/google/backup/data.google_tags_tag_keys.tf
@@ -0,0 +1,6 @@
+data "google_tags_tag_keys" "pike" {
+}
+
+output "google_tags_tag_keys" {
+  value = data.google_tags_tag_keys.pike
+}
diff --git a/terraform/google/backup/data.google_tags_tag_value.tf b/terraform/google/backup/data.google_tags_tag_value.tf
new file mode 100644
index 00000000..f34008e9
--- /dev/null
+++ b/terraform/google/backup/data.google_tags_tag_value.tf
@@ -0,0 +1,6 @@
+data "google_tags_tag_value" "pike" {
+}
+
+output "google_tags_tag_value" {
+  value = data.google_tags_tag_value.pike
+}
diff --git a/terraform/google/backup/data.google_tags_tag_value_iam_policy.tf b/terraform/google/backup/data.google_tags_tag_value_iam_policy.tf
new file mode 100644
index 00000000..129269b9
--- /dev/null
+++ b/terraform/google/backup/data.google_tags_tag_value_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_tags_tag_value_iam_policy" "pike" {
+}
+
+output "google_tags_tag_value_iam_policy" {
+  value = data.google_tags_tag_value_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_tags_tag_values.tf b/terraform/google/backup/data.google_tags_tag_values.tf
new file mode 100644
index 00000000..45a02c22
--- /dev/null
+++ b/terraform/google/backup/data.google_tags_tag_values.tf
@@ -0,0 +1,6 @@
+data "google_tags_tag_values" "pike" {
+}
+
+output "google_tags_tag_values" {
+  value = data.google_tags_tag_values.pike
+}
diff --git a/terraform/google/backup/data.google_vertex_ai_feature_group_iam_policy.tf b/terraform/google/backup/data.google_vertex_ai_feature_group_iam_policy.tf
new file mode 100644
index 00000000..29ec7e63
--- /dev/null
+++ b/terraform/google/backup/data.google_vertex_ai_feature_group_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_vertex_ai_feature_group_iam_policy" "pike" {
+}
+
+output "google_vertex_ai_feature_group_iam_policy" {
+  value = data.google_vertex_ai_feature_group_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_vertex_ai_feature_online_store_featureview_iam_policy.tf b/terraform/google/backup/data.google_vertex_ai_feature_online_store_featureview_iam_policy.tf
new file mode 100644
index 00000000..5e86a9c1
--- /dev/null
+++ b/terraform/google/backup/data.google_vertex_ai_feature_online_store_featureview_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_vertex_ai_feature_online_store_featureview_iam_policy" "pike" {
+}
+
+output "google_vertex_ai_feature_online_store_featureview_iam_policy" {
+  value = data.google_vertex_ai_feature_online_store_featureview_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_vertex_ai_feature_online_store_iam_policy.tf b/terraform/google/backup/data.google_vertex_ai_feature_online_store_iam_policy.tf
new file mode 100644
index 00000000..50952676
--- /dev/null
+++ b/terraform/google/backup/data.google_vertex_ai_feature_online_store_iam_policy.tf
@@ -0,0 +1,6 @@
+data "google_vertex_ai_feature_online_store_iam_policy" "pike" {
+}
+
+output "google_vertex_ai_feature_online_store_iam_policy" {
+  value = data.google_vertex_ai_feature_online_store_iam_policy.pike
+}
diff --git a/terraform/google/backup/duff/data.google_access_context_manager_access_policy.tf b/terraform/google/backup/duff/data.google_access_context_manager_access_policy.tf
new file mode 100644
index 00000000..1041e098
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_access_context_manager_access_policy.tf
@@ -0,0 +1,7 @@
+data "google_access_context_manager_access_policy" "pike" {
+  parent = "organizations/213434"
+}
+
+output "google_access_context_manager_access_policy" {
+  value = data.google_access_context_manager_access_policy.pike
+}
diff --git a/terraform/google/backup/duff/data.google_cloud_identity_group_transitive_memberships.tf b/terraform/google/backup/duff/data.google_cloud_identity_group_transitive_memberships.tf
new file mode 100644
index 00000000..f63e3326
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_cloud_identity_group_transitive_memberships.tf
@@ -0,0 +1,7 @@
+data "google_cloud_identity_group_transitive_memberships" "pike" {
+  group = "groups/123eab45c6defghi"
+}
+
+output "google_cloud_identity_group_transitive_memberships" {
+  value = data.google_cloud_identity_group_transitive_memberships.pike
+}
diff --git a/terraform/google/duff/data.google_container_attached_install_manifest.tf b/terraform/google/backup/duff/data.google_container_attached_install_manifest.tf
similarity index 100%
rename from terraform/google/duff/data.google_container_attached_install_manifest.tf
rename to terraform/google/backup/duff/data.google_container_attached_install_manifest.tf
diff --git a/terraform/google/duff/data.google_container_aws_versions.tf b/terraform/google/backup/duff/data.google_container_aws_versions.tf
similarity index 100%
rename from terraform/google/duff/data.google_container_aws_versions.tf
rename to terraform/google/backup/duff/data.google_container_aws_versions.tf
diff --git a/terraform/google/duff/data.google_container_azure_versions.tf b/terraform/google/backup/duff/data.google_container_azure_versions.tf
similarity index 100%
rename from terraform/google/duff/data.google_container_azure_versions.tf
rename to terraform/google/backup/duff/data.google_container_azure_versions.tf
diff --git a/terraform/google/duff/data.google_dataform_repository_iam_policy.tf b/terraform/google/backup/duff/data.google_dataform_repository_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_dataform_repository_iam_policy.tf
rename to terraform/google/backup/duff/data.google_dataform_repository_iam_policy.tf
diff --git a/terraform/google/backup/duff/data.google_dns_managed_zones.tf b/terraform/google/backup/duff/data.google_dns_managed_zones.tf
new file mode 100644
index 00000000..816ed4bb
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_dns_managed_zones.tf
@@ -0,0 +1,7 @@
+data "google_dns_managed_zones" "pike" {
+  # project="pike-412922"
+}
+
+output "google_dns_managed_zones" {
+  value = data.google_dns_managed_zones.pike
+}
diff --git a/terraform/google/duff/data.google_endpoints_service_iam_policy.tf b/terraform/google/backup/duff/data.google_endpoints_service_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_endpoints_service_iam_policy.tf
rename to terraform/google/backup/duff/data.google_endpoints_service_iam_policy.tf
diff --git a/terraform/google/duff/data.google_firebase_web_app_config.tf b/terraform/google/backup/duff/data.google_firebase_web_app_config.tf
similarity index 100%
rename from terraform/google/duff/data.google_firebase_web_app_config.tf
rename to terraform/google/backup/duff/data.google_firebase_web_app_config.tf
diff --git a/terraform/google/duff/data.google_organization_iam_policy.tf b/terraform/google/backup/duff/data.google_organization_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_organization_iam_policy.tf
rename to terraform/google/backup/duff/data.google_organization_iam_policy.tf
diff --git a/terraform/google/duff/data.google_privateca_ca_pool_iam_policy.tf b/terraform/google/backup/duff/data.google_privateca_ca_pool_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_privateca_ca_pool_iam_policy.tf
rename to terraform/google/backup/duff/data.google_privateca_ca_pool_iam_policy.tf
diff --git a/terraform/google/duff/data.google_privateca_certificate_authority.tf b/terraform/google/backup/duff/data.google_privateca_certificate_authority.tf
similarity index 100%
rename from terraform/google/duff/data.google_privateca_certificate_authority.tf
rename to terraform/google/backup/duff/data.google_privateca_certificate_authority.tf
diff --git a/terraform/google/duff/data.google_privateca_certificate_template_iam_policy.tf b/terraform/google/backup/duff/data.google_privateca_certificate_template_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_privateca_certificate_template_iam_policy.tf
rename to terraform/google/backup/duff/data.google_privateca_certificate_template_iam_policy.tf
diff --git a/terraform/google/backup/duff/data.google_project_ancestry.tf b/terraform/google/backup/duff/data.google_project_ancestry.tf
new file mode 100644
index 00000000..ed3a559f
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_project_ancestry.tf
@@ -0,0 +1,6 @@
+data "google_project_ancestry" "pike" {
+}
+
+output "google_project_ancestry" {
+  value = data.google_project_ancestry.pike
+}
diff --git a/terraform/google/duff/data.google_project_iam_policy.tf b/terraform/google/backup/duff/data.google_project_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_project_iam_policy.tf
rename to terraform/google/backup/duff/data.google_project_iam_policy.tf
diff --git a/terraform/google/duff/data.google_project_organization_policy.tf b/terraform/google/backup/duff/data.google_project_organization_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_project_organization_policy.tf
rename to terraform/google/backup/duff/data.google_project_organization_policy.tf
diff --git a/terraform/google/duff/data.google_pubsub_schema_iam_policy.tf b/terraform/google/backup/duff/data.google_pubsub_schema_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_pubsub_schema_iam_policy.tf
rename to terraform/google/backup/duff/data.google_pubsub_schema_iam_policy.tf
diff --git a/terraform/google/duff/data.google_runtimeconfig_config.tf b/terraform/google/backup/duff/data.google_runtimeconfig_config.tf
similarity index 100%
rename from terraform/google/duff/data.google_runtimeconfig_config.tf
rename to terraform/google/backup/duff/data.google_runtimeconfig_config.tf
diff --git a/terraform/google/duff/data.google_runtimeconfig_config_iam_policy.tf b/terraform/google/backup/duff/data.google_runtimeconfig_config_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_runtimeconfig_config_iam_policy.tf
rename to terraform/google/backup/duff/data.google_runtimeconfig_config_iam_policy.tf
diff --git a/terraform/google/duff/data.google_runtimeconfig_variable.tf b/terraform/google/backup/duff/data.google_runtimeconfig_variable.tf
similarity index 100%
rename from terraform/google/duff/data.google_runtimeconfig_variable.tf
rename to terraform/google/backup/duff/data.google_runtimeconfig_variable.tf
diff --git a/terraform/google/backup/duff/data.google_scc_v2_organization_source_iam_policy.tf b/terraform/google/backup/duff/data.google_scc_v2_organization_source_iam_policy.tf
new file mode 100644
index 00000000..0d3bb921
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_scc_v2_organization_source_iam_policy.tf
@@ -0,0 +1,8 @@
+data "google_scc_v2_organization_source_iam_policy" "pike" {
+  source       = google_scc_v2_organization_source.custom_source.name
+  organization = "pike"
+}
+
+output "google_scc_v2_organization_source_iam_policy" {
+  value = data.google_scc_v2_organization_source_iam_policy.pike
+}
diff --git a/terraform/google/backup/duff/data.google_secure_source_manager_instance_iam_policy.tf b/terraform/google/backup/duff/data.google_secure_source_manager_instance_iam_policy.tf
new file mode 100644
index 00000000..eb031cea
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_secure_source_manager_instance_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_secure_source_manager_instance_iam_policy" "pike" {
+  instance_id = "pike"
+}
+
+output "google_secure_source_manager_instance_iam_policy" {
+  value = data.google_secure_source_manager_instance_iam_policy.pike
+}
diff --git a/terraform/google/backup/duff/data.google_secure_source_manager_repository_iam_policy.tf b/terraform/google/backup/duff/data.google_secure_source_manager_repository_iam_policy.tf
new file mode 100644
index 00000000..b67da1cf
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_secure_source_manager_repository_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_secure_source_manager_repository_iam_policy" "pike" {
+  repository_id = "pike"
+}
+
+output "google_secure_source_manager_repository_iam_policy" {
+  value = data.google_secure_source_manager_repository_iam_policy.pike
+}
diff --git a/terraform/google/backup/duff/data.google_site_verification_token.tf b/terraform/google/backup/duff/data.google_site_verification_token.tf
new file mode 100644
index 00000000..00dc1253
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_site_verification_token.tf
@@ -0,0 +1,9 @@
+data "google_site_verification_token" "pike" {
+  type                = "SITE"
+  verification_method = "META"
+  identifier          = "https://www.example.com"
+}
+
+output "google_site_verification_token" {
+  value = data.google_site_verification_token.pike
+}
diff --git a/terraform/google/backup/duff/data.google_storage_control_folder_intelligence_config.tf b/terraform/google/backup/duff/data.google_storage_control_folder_intelligence_config.tf
new file mode 100644
index 00000000..1bef46cf
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_storage_control_folder_intelligence_config.tf
@@ -0,0 +1,7 @@
+data "google_storage_control_folder_intelligence_config" "pike" {
+  name = "pike"
+}
+
+output "google_storage_control_folder_intelligence_config" {
+  value = data.google_storage_control_folder_intelligence_config.pike
+}
diff --git a/terraform/google/backup/duff/data.google_storage_control_organization_intelligence_config.tf b/terraform/google/backup/duff/data.google_storage_control_organization_intelligence_config.tf
new file mode 100644
index 00000000..e8b06afd
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_storage_control_organization_intelligence_config.tf
@@ -0,0 +1,7 @@
+data "google_storage_control_organization_intelligence_config" "pike" {
+  name = "pike"
+}
+
+output "google_storage_control_organization_intelligence_config" {
+  value = data.google_storage_control_organization_intelligence_config.pike
+}
diff --git a/terraform/google/backup/duff/data.google_storage_control_project_intelligence_config.tf b/terraform/google/backup/duff/data.google_storage_control_project_intelligence_config.tf
new file mode 100644
index 00000000..40121bc3
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_storage_control_project_intelligence_config.tf
@@ -0,0 +1,7 @@
+data "google_storage_control_project_intelligence_config" "pike" {
+  name = "pike"
+}
+
+output "google_storage_control_project_intelligence_config" {
+  value = data.google_storage_control_project_intelligence_config.pike
+}
diff --git a/terraform/google/duff/data.google_tags_tag_key_iam_policy.tf b/terraform/google/backup/duff/data.google_tags_tag_key_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_tags_tag_key_iam_policy.tf
rename to terraform/google/backup/duff/data.google_tags_tag_key_iam_policy.tf
diff --git a/terraform/google/backup/duff/data.google_tags_tag_keys.tf b/terraform/google/backup/duff/data.google_tags_tag_keys.tf
new file mode 100644
index 00000000..e72d1bd0
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_tags_tag_keys.tf
@@ -0,0 +1,7 @@
+data "google_tags_tag_keys" "pike" {
+  parent = "pike"
+}
+
+output "google_tags_tag_keys" {
+  value = data.google_tags_tag_keys.pike
+}
diff --git a/terraform/google/duff/data.google_tags_tag_value.tf b/terraform/google/backup/duff/data.google_tags_tag_value.tf
similarity index 100%
rename from terraform/google/duff/data.google_tags_tag_value.tf
rename to terraform/google/backup/duff/data.google_tags_tag_value.tf
diff --git a/terraform/google/duff/data.google_tags_tag_value_iam_policy.tf b/terraform/google/backup/duff/data.google_tags_tag_value_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_tags_tag_value_iam_policy.tf
rename to terraform/google/backup/duff/data.google_tags_tag_value_iam_policy.tf
diff --git a/terraform/google/backup/duff/data.google_tags_tag_values.tf b/terraform/google/backup/duff/data.google_tags_tag_values.tf
new file mode 100644
index 00000000..55c985be
--- /dev/null
+++ b/terraform/google/backup/duff/data.google_tags_tag_values.tf
@@ -0,0 +1,7 @@
+data "google_tags_tag_values" "pike" {
+  parent = "pike"
+}
+
+output "google_tags_tag_values" {
+  value = data.google_tags_tag_values.pike
+}
diff --git a/terraform/google/duff/data.google_vertex_ai_endpoint_iam_policy.tf b/terraform/google/backup/duff/data.google_vertex_ai_endpoint_iam_policy.tf
similarity index 100%
rename from terraform/google/duff/data.google_vertex_ai_endpoint_iam_policy.tf
rename to terraform/google/backup/duff/data.google_vertex_ai_endpoint_iam_policy.tf
diff --git a/terraform/google/backup/duff/google_billing_account_iam_binding.tf b/terraform/google/backup/duff/google_billing_account_iam_binding.tf
new file mode 100644
index 00000000..8cea6880
--- /dev/null
+++ b/terraform/google/backup/duff/google_billing_account_iam_binding.tf
@@ -0,0 +1 @@
+# resource "google_billing_account_iam_binding" "pike" {}
diff --git a/terraform/google/backup/duff/google_billing_account_iam_member.tf b/terraform/google/backup/duff/google_billing_account_iam_member.tf
new file mode 100644
index 00000000..2f39ba5e
--- /dev/null
+++ b/terraform/google/backup/duff/google_billing_account_iam_member.tf
@@ -0,0 +1,5 @@
+# resource "google_billing_account_iam_member" "pike" {
+#   billing_account_id = data.google_billing_account.pike.id
+#   role = "roles/billing.user"
+#   member = "user:james.woolfenden@gmail.com"
+# }
diff --git a/terraform/google/backup/duff/google_billing_account_iam_policy.tf b/terraform/google/backup/duff/google_billing_account_iam_policy.tf
new file mode 100644
index 00000000..23bbc08e
--- /dev/null
+++ b/terraform/google/backup/duff/google_billing_account_iam_policy.tf
@@ -0,0 +1 @@
+# resource "google_billing_account_iam_policy" "pike" {}
diff --git a/terraform/google/backup/duff/google_billing_budget.tf b/terraform/google/backup/duff/google_billing_budget.tf
new file mode 100644
index 00000000..6be61945
--- /dev/null
+++ b/terraform/google/backup/duff/google_billing_budget.tf
@@ -0,0 +1,18 @@
+resource "google_billing_budget" "pike" {
+  billing_account = data.google_billing_account.pike.id
+  display_name    = "Example Billing Budget"
+  amount {
+    specified_amount {
+      currency_code = "USD"
+      units         = "100000"
+    }
+  }
+  threshold_rules {
+    threshold_percent = 0.5
+  }
+}
+
+
+data "google_billing_account" "pike" {
+  billing_account = "013ED3-8B24F6-725D7E"
+}
diff --git a/terraform/google/backup/duff/google_billing_project_info.tf b/terraform/google/backup/duff/google_billing_project_info.tf
new file mode 100644
index 00000000..4dc05cc0
--- /dev/null
+++ b/terraform/google/backup/duff/google_billing_project_info.tf
@@ -0,0 +1,9 @@
+# resource "google_billing_project_info" "pike" {
+#   # deletion_policy = "DELETE"
+#   billing_account = data.google_billing_account.pike.id
+#
+#
+#   lifecycle {
+#     ignore_changes = [billing_account]
+#   }
+# }
diff --git a/terraform/google/backup/duff/google_billing_subaccount.tf b/terraform/google/backup/duff/google_billing_subaccount.tf
new file mode 100644
index 00000000..97575ca2
--- /dev/null
+++ b/terraform/google/backup/duff/google_billing_subaccount.tf
@@ -0,0 +1,4 @@
+# resource "google_billing_subaccount" "pike" {
+#   display_name           = "My Billing Account"
+#   master_billing_account = data.google_billing_account.pike.id
+# }
diff --git a/terraform/google/backup/duff/google_project.tf b/terraform/google/backup/duff/google_project.tf
new file mode 100644
index 00000000..013af218
--- /dev/null
+++ b/terraform/google/backup/duff/google_project.tf
@@ -0,0 +1,4 @@
+resource "google_project" "pike" {
+  name       = "temp-project"
+  project_id = "temp-project"
+}
diff --git a/terraform/google/backup/duff/google_project_access_approval_settings.tf b/terraform/google/backup/duff/google_project_access_approval_settings.tf
new file mode 100644
index 00000000..c43e2878
--- /dev/null
+++ b/terraform/google/backup/duff/google_project_access_approval_settings.tf
@@ -0,0 +1,9 @@
+resource "google_project_access_approval_settings" "pike" {
+  project_id          = "pike-412922"
+  notification_emails = ["james.woolfenden@gmail.com"]
+
+  enrolled_services {
+    cloud_product    = "all"
+    enrollment_level = "BLOCK_ALL"
+  }
+}
diff --git a/terraform/google/backup/duff/google_project_iam_member_remove.tf b/terraform/google/backup/duff/google_project_iam_member_remove.tf
new file mode 100644
index 00000000..44c7e509
--- /dev/null
+++ b/terraform/google/backup/duff/google_project_iam_member_remove.tf
@@ -0,0 +1,5 @@
+resource "google_project_iam_member_remove" "foo" {
+  role    = "roles/editor"
+  project = "pike-412922"
+  member  = "serviceAccount:dumbass@developer.gserviceaccount.com"
+}
diff --git a/terraform/google/backup/duff/google_project_organization_policy.tf b/terraform/google/backup/duff/google_project_organization_policy.tf
new file mode 100644
index 00000000..17639828
--- /dev/null
+++ b/terraform/google/backup/duff/google_project_organization_policy.tf
@@ -0,0 +1,16 @@
+resource "google_project_organization_policy" "pike" {
+  resource "google_project_iam_policy" "project" {
+    project     = "your-project-id"
+    policy_data = data.google_iam_policy.admin.policy_data
+  }
+
+  data "google_iam_policy" "admin" {
+    binding {
+      role = "roles/editor"
+
+      members = [
+        "user:james.woolfenden@gmail.com",
+      ]
+    }
+  }
+}
diff --git a/terraform/google/backup/google_access_context_manager_service_perimeters.tf b/terraform/google/backup/google_access_context_manager_service_perimeters.tf
index c74ddfc2..95bf3c5e 100644
--- a/terraform/google/backup/google_access_context_manager_service_perimeters.tf
+++ b/terraform/google/backup/google_access_context_manager_service_perimeters.tf
@@ -17,3 +17,13 @@ resource "google_access_context_manager_service_perimeters" "pike" {
     }
   }
 }
+
+
+resource "google_access_context_manager_access_policy" "access-policy" {
+  parent = data.google_organization.this.id
+  title  = "pike"
+}
+
+data "google_organization" "this" {
+  organization = "12345354"
+}
diff --git a/terraform/google/backup/google_apigee_environment_iam_binding.tf b/terraform/google/backup/google_apigee_environment_iam_binding.tf
new file mode 100644
index 00000000..028b6612
--- /dev/null
+++ b/terraform/google/backup/google_apigee_environment_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_apigee_environment_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_apigee_environment_iam_member.tf b/terraform/google/backup/google_apigee_environment_iam_member.tf
new file mode 100644
index 00000000..45d200a8
--- /dev/null
+++ b/terraform/google/backup/google_apigee_environment_iam_member.tf
@@ -0,0 +1 @@
+resource "google_apigee_environment_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_apigee_environment_iam_policy.tf b/terraform/google/backup/google_apigee_environment_iam_policy.tf
new file mode 100644
index 00000000..8cfdbfa1
--- /dev/null
+++ b/terraform/google/backup/google_apigee_environment_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_apigee_environment_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_apihub_api_hub_instance.tf b/terraform/google/backup/google_apihub_api_hub_instance.tf
new file mode 100644
index 00000000..fb52632f
--- /dev/null
+++ b/terraform/google/backup/google_apihub_api_hub_instance.tf
@@ -0,0 +1 @@
+resource "google_apihub_api_hub_instance" "pike" {}
diff --git a/terraform/google/backup/google_apihub_curation.tf b/terraform/google/backup/google_apihub_curation.tf
new file mode 100644
index 00000000..60d6e0a3
--- /dev/null
+++ b/terraform/google/backup/google_apihub_curation.tf
@@ -0,0 +1 @@
+resource "google_apihub_curation" "pike" {}
diff --git a/terraform/google/backup/google_apihub_host_project_registration.tf b/terraform/google/backup/google_apihub_host_project_registration.tf
new file mode 100644
index 00000000..1acfd428
--- /dev/null
+++ b/terraform/google/backup/google_apihub_host_project_registration.tf
@@ -0,0 +1 @@
+resource "google_apihub_host_project_registration" "pike" {}
diff --git a/terraform/google/backup/google_apihub_plugin.tf b/terraform/google/backup/google_apihub_plugin.tf
new file mode 100644
index 00000000..2f7b3fbf
--- /dev/null
+++ b/terraform/google/backup/google_apihub_plugin.tf
@@ -0,0 +1 @@
+resource "google_apihub_plugin" "pike" {}
diff --git a/terraform/google/backup/google_apihub_plugin_instance.tf b/terraform/google/backup/google_apihub_plugin_instance.tf
new file mode 100644
index 00000000..c25f845e
--- /dev/null
+++ b/terraform/google/backup/google_apihub_plugin_instance.tf
@@ -0,0 +1 @@
+resource "google_apihub_plugin_instance" "pike" {}
diff --git a/terraform/google/backup/google_apphub_application.tf b/terraform/google/backup/google_apphub_application.tf
new file mode 100644
index 00000000..cd723284
--- /dev/null
+++ b/terraform/google/backup/google_apphub_application.tf
@@ -0,0 +1 @@
+resource "google_apphub_application" "pike" {}
diff --git a/terraform/google/backup/google_apphub_service.tf b/terraform/google/backup/google_apphub_service.tf
new file mode 100644
index 00000000..c47a543b
--- /dev/null
+++ b/terraform/google/backup/google_apphub_service.tf
@@ -0,0 +1 @@
+resource "google_apphub_service" "pike" {}
diff --git a/terraform/google/backup/google_apphub_service_project_attachment.tf b/terraform/google/backup/google_apphub_service_project_attachment.tf
new file mode 100644
index 00000000..45ded036
--- /dev/null
+++ b/terraform/google/backup/google_apphub_service_project_attachment.tf
@@ -0,0 +1 @@
+resource "google_apphub_service_project_attachment" "pike" {}
diff --git a/terraform/google/backup/google_apphub_workload.tf b/terraform/google/backup/google_apphub_workload.tf
new file mode 100644
index 00000000..ec6572d1
--- /dev/null
+++ b/terraform/google/backup/google_apphub_workload.tf
@@ -0,0 +1 @@
+resource "google_apphub_workload" "pike" {}
diff --git a/terraform/google/backup/google_backup_dr_backup_plan.tf b/terraform/google/backup/google_backup_dr_backup_plan.tf
new file mode 100644
index 00000000..c4926589
--- /dev/null
+++ b/terraform/google/backup/google_backup_dr_backup_plan.tf
@@ -0,0 +1 @@
+resource "google_backup_dr_backup_plan" "pike" {}
diff --git a/terraform/google/backup/google_backup_dr_backup_plan_association.tf b/terraform/google/backup/google_backup_dr_backup_plan_association.tf
new file mode 100644
index 00000000..1328ac40
--- /dev/null
+++ b/terraform/google/backup/google_backup_dr_backup_plan_association.tf
@@ -0,0 +1 @@
+resource "google_backup_dr_backup_plan_association" "pike" {}
diff --git a/terraform/google/backup/google_backup_dr_backup_vault.tf b/terraform/google/backup/google_backup_dr_backup_vault.tf
new file mode 100644
index 00000000..68a84dbd
--- /dev/null
+++ b/terraform/google/backup/google_backup_dr_backup_vault.tf
@@ -0,0 +1 @@
+resource "google_backup_dr_backup_vault" "pike" {}
diff --git a/terraform/google/backup/google_backup_dr_management_server.tf b/terraform/google/backup/google_backup_dr_management_server.tf
new file mode 100644
index 00000000..a1270d8e
--- /dev/null
+++ b/terraform/google/backup/google_backup_dr_management_server.tf
@@ -0,0 +1 @@
+resource "google_backup_dr_management_server" "pike" {}
diff --git a/terraform/google/backup/google_backup_dr_service_config.tf b/terraform/google/backup/google_backup_dr_service_config.tf
new file mode 100644
index 00000000..7a215de2
--- /dev/null
+++ b/terraform/google/backup/google_backup_dr_service_config.tf
@@ -0,0 +1,4 @@
+resource "google_backup_dr_service_config" "pike" {
+  location      = "us-central1"
+  resource_type = "compute.googleapis.com/Instance"
+}
diff --git a/terraform/google/backup/google_beyondcorp_app_connection.tf b/terraform/google/backup/google_beyondcorp_app_connection.tf
new file mode 100644
index 00000000..88b50d1e
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_app_connection.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_app_connection" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_app_connector.tf b/terraform/google/backup/google_beyondcorp_app_connector.tf
new file mode 100644
index 00000000..1a3b1467
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_app_connector.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_app_connector" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_app_gateway.tf b/terraform/google/backup/google_beyondcorp_app_gateway.tf
new file mode 100644
index 00000000..ad92f9e4
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_app_gateway.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_app_gateway" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_application.tf b/terraform/google/backup/google_beyondcorp_application.tf
new file mode 100644
index 00000000..0e3144c4
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_application.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_application" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_application_iam_binding.tf b/terraform/google/backup/google_beyondcorp_application_iam_binding.tf
new file mode 100644
index 00000000..da5b737b
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_application_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_application_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_application_iam_member.tf b/terraform/google/backup/google_beyondcorp_application_iam_member.tf
new file mode 100644
index 00000000..891673e6
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_application_iam_member.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_application_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_application_iam_policy.tf b/terraform/google/backup/google_beyondcorp_application_iam_policy.tf
new file mode 100644
index 00000000..494c3a2d
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_application_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_application_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway.tf b/terraform/google/backup/google_beyondcorp_security_gateway.tf
new file mode 100644
index 00000000..66d42f39
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway_application.tf b/terraform/google/backup/google_beyondcorp_security_gateway_application.tf
new file mode 100644
index 00000000..07a53866
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway_application.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway_application" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_binding.tf b/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_binding.tf
new file mode 100644
index 00000000..fe762aa0
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway_application_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_member.tf b/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_member.tf
new file mode 100644
index 00000000..e979cc49
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_member.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway_application_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_policy.tf b/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_policy.tf
new file mode 100644
index 00000000..51d206fe
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway_application_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway_application_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway_iam_binding.tf b/terraform/google/backup/google_beyondcorp_security_gateway_iam_binding.tf
new file mode 100644
index 00000000..e9703043
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway_iam_member.tf b/terraform/google/backup/google_beyondcorp_security_gateway_iam_member.tf
new file mode 100644
index 00000000..8366c3a3
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway_iam_member.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_beyondcorp_security_gateway_iam_policy.tf b/terraform/google/backup/google_beyondcorp_security_gateway_iam_policy.tf
new file mode 100644
index 00000000..da7378c7
--- /dev/null
+++ b/terraform/google/backup/google_beyondcorp_security_gateway_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_beyondcorp_security_gateway_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_biglake_catalog.tf b/terraform/google/backup/google_biglake_catalog.tf
new file mode 100644
index 00000000..b5208111
--- /dev/null
+++ b/terraform/google/backup/google_biglake_catalog.tf
@@ -0,0 +1,4 @@
+resource "google_biglake_catalog" "pike" {
+  name     = "pike"
+  location = "europe-west2"
+}
diff --git a/terraform/google/backup/google_biglake_database.tf b/terraform/google/backup/google_biglake_database.tf
new file mode 100644
index 00000000..fc980ccb
--- /dev/null
+++ b/terraform/google/backup/google_biglake_database.tf
@@ -0,0 +1,24 @@
+resource "google_storage_bucket" "bucket" {
+  name                        = "my_bucket_jgw_2025"
+  location                    = "eu"
+  force_destroy               = true
+  uniform_bucket_level_access = true
+}
+
+resource "google_storage_bucket_object" "metadata_folder" {
+  name    = "metadata/"
+  content = " "
+  bucket  = google_storage_bucket.bucket.name
+}
+
+resource "google_biglake_database" "database" {
+  name    = "pike"
+  catalog = google_biglake_catalog.catalog.id
+  type    = "HIVE"
+  hive_options {
+    location_uri = "gs://${google_storage_bucket.bucket.name}/${google_storage_bucket_object.metadata_folder.name}"
+    parameters = {
+      "owner" : "James Woolfenden"
+    }
+  }
+}
diff --git a/terraform/google/backup/google_biglake_table.tf b/terraform/google/backup/google_biglake_table.tf
new file mode 100644
index 00000000..002393bc
--- /dev/null
+++ b/terraform/google/backup/google_biglake_table.tf
@@ -0,0 +1,40 @@
+resource "google_biglake_table" "pike" {
+  name     = "my_table"
+  database = google_biglake_database.database.id
+  type     = "HIVE"
+  hive_options {
+    table_type = "MANAGED_TABLE"
+    storage_descriptor {
+      location_uri  = "gs://${google_storage_bucket.bucket.name}/${google_storage_bucket_object.data_folder.name}"
+      input_format  = "org.apache.hadoop.mapred.SequenceFileInputFormat"
+      output_format = "org.apache.hadoop.hive.ql.io.HiveSequenceFileOutputFormat"
+    }
+    # Some Example Parameters.
+    parameters = {
+      "spark.sql.create.version"          = "3.1.3"
+      "spark.sql.sources.schema.numParts" = "1"
+      "transient_lastDdlTime"             = "1680894197"
+      "spark.sql.partitionProvider"       = "catalog"
+      "owner"                             = "John Doe"
+      "spark.sql.sources.schema.part.0"   = "{\"type\":\"struct\",\"fields\":[{\"name\":\"id\",\"type\":\"integer\",\"nullable\":true,\"metadata\":{}},{\"name\":\"name\",\"type\":\"string\",\"nullable\":true,\"metadata\":{}},{\"name\":\"age\",\"type\":\"integer\",\"nullable\":true,\"metadata\":{}}]}"
+      "spark.sql.sources.provider"        = "iceberg"
+      "provider"                          = "iceberg"
+    }
+  }
+
+}
+
+
+resource "google_biglake_catalog" "catalog" {
+  name     = "my_catalog"
+  location = "US"
+}
+
+
+
+
+resource "google_storage_bucket_object" "data_folder" {
+  name    = "data/"
+  content = " "
+  bucket  = google_storage_bucket.bucket.name
+}
diff --git a/terraform/google/backup/google_bigquery_analytics_hub_listing_subscription.tf b/terraform/google/backup/google_bigquery_analytics_hub_listing_subscription.tf
new file mode 100644
index 00000000..d4b8081b
--- /dev/null
+++ b/terraform/google/backup/google_bigquery_analytics_hub_listing_subscription.tf
@@ -0,0 +1,43 @@
+resource "google_bigquery_analytics_hub_data_exchange" "subscription" {
+  location         = "US"
+  data_exchange_id = "my_data_exchange"
+  display_name     = "my_data_exchange"
+  description      = "Test Description"
+}
+
+resource "google_bigquery_analytics_hub_listing" "subscription" {
+  location         = "US"
+  data_exchange_id = google_bigquery_analytics_hub_data_exchange.subscription.data_exchange_id
+  listing_id       = "my_listing"
+  display_name     = "my_listing"
+  description      = "Test Description"
+
+  bigquery_dataset {
+    dataset = google_bigquery_dataset.subscription.id
+  }
+}
+
+resource "google_bigquery_dataset" "subscription" {
+  dataset_id    = "my_listing"
+  friendly_name = "my_listing"
+  description   = "Test Description"
+  location      = "US"
+}
+
+resource "google_bigquery_analytics_hub_listing_subscription" "subscription" {
+  location         = "US"
+  data_exchange_id = google_bigquery_analytics_hub_data_exchange.subscription.data_exchange_id
+  listing_id       = google_bigquery_analytics_hub_listing.subscription.listing_id
+  destination_dataset {
+    description   = "A test subscription"
+    friendly_name = "👋"
+    labels = {
+      testing = "123"
+    }
+    location = "US"
+    dataset_reference {
+      dataset_id = "destination_dataset"
+      project_id = google_bigquery_dataset.subscription.project
+    }
+  }
+}
diff --git a/terraform/google/backup/google_bigquery_connection.tf b/terraform/google/backup/google_bigquery_connection.tf
index da3d05d9..bddbe376 100644
--- a/terraform/google/backup/google_bigquery_connection.tf
+++ b/terraform/google/backup/google_bigquery_connection.tf
@@ -1,7 +1,7 @@
 resource "google_bigquery_connection" "pike" {
   connection_id = "my-connection"
   location      = "US"
-  friendly_name = "👋"
+  friendly_name = "something"
   description   = "a riveting description"
   cloud_resource {}
 }
diff --git a/terraform/google/backup/google_bigquery_datapolicy_data_policy.tf b/terraform/google/backup/google_bigquery_datapolicy_data_policy.tf
new file mode 100644
index 00000000..64aa9b98
--- /dev/null
+++ b/terraform/google/backup/google_bigquery_datapolicy_data_policy.tf
@@ -0,0 +1,19 @@
+resource "google_bigquery_datapolicy_data_policy" "pike" {
+  location         = "europe-west2"
+  data_policy_id   = "data_policy"
+  policy_tag       = google_data_catalog_policy_tag.pike.name
+  data_policy_type = "COLUMN_LEVEL_SECURITY_POLICY"
+}
+#
+# resource "google_data_catalog_policy_tag" "policy_tag" {
+#   taxonomy     = google_data_catalog_taxonomy.taxonomy.id
+#   display_name = "Low security"
+#   description  = "A policy tag normally associated with low security items"
+# }
+#
+# resource "google_data_catalog_taxonomy" "taxonomy" {
+#   region                 = "us-central1"
+#   display_name           = "taxonomy"
+#   description            = "A collection of policy tags"
+#   activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
+# }
diff --git a/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_binding.tf b/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_binding.tf
new file mode 100644
index 00000000..2b699748
--- /dev/null
+++ b/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_bigquery_datapolicy_data_policy_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_member.tf b/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_member.tf
new file mode 100644
index 00000000..ddb968c6
--- /dev/null
+++ b/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_member.tf
@@ -0,0 +1 @@
+resource "google_bigquery_datapolicy_data_policy_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_policy.tf b/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_policy.tf
new file mode 100644
index 00000000..2653fe6b
--- /dev/null
+++ b/terraform/google/backup/google_bigquery_datapolicy_data_policy_iam_policy.tf
@@ -0,0 +1,15 @@
+data "google_iam_policy" "admin4" {
+  binding {
+    role = "roles/viewer"
+    members = [
+      "user:james.Woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_bigquery_datapolicy_data_policy_iam_policy" "policy" {
+  project        = google_bigquery_datapolicy_data_policy.pike.project
+  location       = google_bigquery_datapolicy_data_policy.pike.location
+  data_policy_id = google_bigquery_datapolicy_data_policy.pike.data_policy_id
+  policy_data    = data.google_iam_policy.admin4.policy_data
+}
diff --git a/terraform/google/backup/google_bigquery_dataset_access.tf b/terraform/google/backup/google_bigquery_dataset_access.tf
new file mode 100644
index 00000000..efcdf738
--- /dev/null
+++ b/terraform/google/backup/google_bigquery_dataset_access.tf
@@ -0,0 +1,31 @@
+resource "google_bigquery_dataset" "dataset" {
+  dataset_id                  = "example_dataset2"
+  friendly_name               = "test"
+  description                 = "This is a test description"
+  location                    = "EU"
+  default_table_expiration_ms = 3600000
+
+  labels = {
+    env = "default"
+  }
+
+  access {
+    role          = "OWNER"
+    user_by_email = google_service_account.bqowner.email
+  }
+
+  access {
+    role   = "READER"
+    domain = "hashicorp.com"
+  }
+}
+
+resource "google_service_account" "bqowner" {
+  account_id = "bqowner"
+}
+
+resource "google_bigquery_dataset_access" "access" {
+  dataset_id    = google_bigquery_dataset.dataset.dataset_id
+  role          = "OWNER"
+  user_by_email = "james.woolfenden@gmail.com"
+}
diff --git a/terraform/google/backup/google_bigquery_row_access_policy.tf b/terraform/google/backup/google_bigquery_row_access_policy.tf
new file mode 100644
index 00000000..f508dcec
--- /dev/null
+++ b/terraform/google/backup/google_bigquery_row_access_policy.tf
@@ -0,0 +1,22 @@
+resource "google_bigquery_dataset" "example" {
+  dataset_id = "dataset_id"
+  location   = "US"
+}
+
+resource "google_bigquery_table" "example" {
+  deletion_protection = false
+
+  dataset_id = google_bigquery_dataset.example.dataset_id
+  table_id   = "table_id"
+}
+
+resource "google_bigquery_row_access_policy" "example" {
+  dataset_id = google_bigquery_dataset.example.dataset_id
+  table_id   = google_bigquery_table.example.table_id
+  policy_id  = "policy_id"
+
+  filter_predicate = "nullable_field is not NULL"
+  grantees = [
+    "domain:google.com"
+  ]
+}
diff --git a/terraform/google/backup/google_bigtable_authorized_view.tf b/terraform/google/backup/google_bigtable_authorized_view.tf
new file mode 100644
index 00000000..50e381cd
--- /dev/null
+++ b/terraform/google/backup/google_bigtable_authorized_view.tf
@@ -0,0 +1,60 @@
+resource "google_bigtable_instance" "instance" {
+  name = "tf-instance"
+
+  cluster {
+    cluster_id   = "tf-instance-cluster"
+    zone         = "us-central1-b"
+    num_nodes    = 3
+    storage_type = "HDD"
+  }
+  deletion_protection = false
+
+  #
+  # lifecycle {
+  #   prevent_destroy = true
+  # }
+}
+
+resource "google_bigtable_table" "table" {
+  name          = "tf-table"
+  instance_name = google_bigtable_instance.instance.name
+  split_keys    = ["a", "b", "c"]
+
+  # lifecycle {
+  #   prevent_destroy = true
+  # }
+
+  column_family {
+    family = "family-first"
+  }
+
+  column_family {
+    family = "family-second"
+  }
+
+  change_stream_retention = "24h0m0s"
+}
+
+resource "google_bigtable_authorized_view" "authorized_view" {
+  name          = "tf-authorized-view"
+  instance_name = google_bigtable_instance.instance.name
+  table_name    = google_bigtable_table.table.name
+
+  # lifecycle {
+  #   prevent_destroy = true
+  # }
+
+  subset_view {
+    row_prefixes = [base64encode("prefix#")]
+
+    family_subsets {
+      family_name = "family-first"
+      qualifiers  = [base64encode("qualifier"), base64encode("qualifier-second")]
+    }
+
+    family_subsets {
+      family_name        = "family-second"
+      qualifier_prefixes = [""]
+    }
+  }
+}
diff --git a/terraform/google/backup/google_bigtable_logical_view.tf b/terraform/google/backup/google_bigtable_logical_view.tf
new file mode 100644
index 00000000..4faf9f5a
--- /dev/null
+++ b/terraform/google/backup/google_bigtable_logical_view.tf
@@ -0,0 +1,13 @@
+resource "google_bigtable_logical_view" "logical_view" {
+  logical_view_id     = "btlogical"
+  instance            = google_bigtable_instance.instance.name
+  deletion_protection = false
+  query               = <<EOT
+SELECT _key,
+FROM tf-table;
+EOT
+
+  depends_on = [
+    google_bigtable_table.table
+  ]
+}
diff --git a/terraform/google/backup/google_bigtable_materialized_view.tf b/terraform/google/backup/google_bigtable_materialized_view.tf
new file mode 100644
index 00000000..32f2621e
--- /dev/null
+++ b/terraform/google/backup/google_bigtable_materialized_view.tf
@@ -0,0 +1,14 @@
+resource "google_bigtable_materialized_view" "materialized_view" {
+  materialized_view_id = "btmaterialized"
+  instance             = google_bigtable_instance.instance.name
+  deletion_protection  = false
+  query                = <<EOT
+SELECT _key,
+FROM tf-table
+ORDER BY _key;
+EOT
+
+  depends_on = [
+    google_bigtable_table.table
+  ]
+}
diff --git a/terraform/google/backup/google_bigtable_schema_bundle.tf b/terraform/google/backup/google_bigtable_schema_bundle.tf
new file mode 100644
index 00000000..8f757803
--- /dev/null
+++ b/terraform/google/backup/google_bigtable_schema_bundle.tf
@@ -0,0 +1 @@
+resource "google_bigtable_schema_bundle" "pike" {}
diff --git a/terraform/google/backup/google_bigtable_table.tf b/terraform/google/backup/google_bigtable_table.tf
index d1ada571..76e72082 100644
--- a/terraform/google/backup/google_bigtable_table.tf
+++ b/terraform/google/backup/google_bigtable_table.tf
@@ -60,6 +60,6 @@ resource "google_bigtable_table" "table" {
     family = "family-second"
   }
 
-  change_stream_retention = "0"
+  // change_stream_retention = "0"
 
 }
diff --git a/terraform/google/backup/google_billing_account_iam_binding.tf b/terraform/google/backup/google_billing_account_iam_binding.tf
new file mode 100644
index 00000000..87274455
--- /dev/null
+++ b/terraform/google/backup/google_billing_account_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_billing_account_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_billing_account_iam_member.tf b/terraform/google/backup/google_billing_account_iam_member.tf
new file mode 100644
index 00000000..e147aad7
--- /dev/null
+++ b/terraform/google/backup/google_billing_account_iam_member.tf
@@ -0,0 +1 @@
+resource "google_billing_account_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_billing_account_iam_policy.tf b/terraform/google/backup/google_billing_account_iam_policy.tf
new file mode 100644
index 00000000..00c03efa
--- /dev/null
+++ b/terraform/google/backup/google_billing_account_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_billing_account_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_billing_budget.tf b/terraform/google/backup/google_billing_budget.tf
new file mode 100644
index 00000000..c84a6195
--- /dev/null
+++ b/terraform/google/backup/google_billing_budget.tf
@@ -0,0 +1 @@
+resource "google_billing_budget" "pike" {}
diff --git a/terraform/google/backup/google_billing_project_info.tf b/terraform/google/backup/google_billing_project_info.tf
new file mode 100644
index 00000000..ce3f26ea
--- /dev/null
+++ b/terraform/google/backup/google_billing_project_info.tf
@@ -0,0 +1 @@
+resource "google_billing_project_info" "pike" {}
diff --git a/terraform/google/backup/google_binary_authorization_attestor_iam_binding.tf b/terraform/google/backup/google_binary_authorization_attestor_iam_binding.tf
new file mode 100644
index 00000000..48e728b9
--- /dev/null
+++ b/terraform/google/backup/google_binary_authorization_attestor_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_binary_authorization_attestor_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_binary_authorization_attestor_iam_member.tf b/terraform/google/backup/google_binary_authorization_attestor_iam_member.tf
new file mode 100644
index 00000000..76e3dde5
--- /dev/null
+++ b/terraform/google/backup/google_binary_authorization_attestor_iam_member.tf
@@ -0,0 +1 @@
+resource "google_binary_authorization_attestor_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_binary_authorization_attestor_iam_policy.tf b/terraform/google/backup/google_binary_authorization_attestor_iam_policy.tf
new file mode 100644
index 00000000..0947f36e
--- /dev/null
+++ b/terraform/google/backup/google_binary_authorization_attestor_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_binary_authorization_attestor_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_certificate_manager_dns_authorization.tf b/terraform/google/backup/google_certificate_manager_dns_authorization.tf
new file mode 100644
index 00000000..65627c6d
--- /dev/null
+++ b/terraform/google/backup/google_certificate_manager_dns_authorization.tf
@@ -0,0 +1,6 @@
+resource "google_certificate_manager_dns_authorization" "pike" {
+  name        = "dns-auth"
+  location    = "global"
+  description = "The default dns"
+  domain      = "subdomain.hashicorptest.com"
+}
diff --git a/terraform/google/backup/google_chronicle_data_access_label.tf b/terraform/google/backup/google_chronicle_data_access_label.tf
new file mode 100644
index 00000000..ccf3889c
--- /dev/null
+++ b/terraform/google/backup/google_chronicle_data_access_label.tf
@@ -0,0 +1 @@
+resource "google_chronicle_data_access_label" "pike" {}
diff --git a/terraform/google/backup/google_chronicle_data_access_scope.tf b/terraform/google/backup/google_chronicle_data_access_scope.tf
new file mode 100644
index 00000000..4eb770c6
--- /dev/null
+++ b/terraform/google/backup/google_chronicle_data_access_scope.tf
@@ -0,0 +1 @@
+resource "google_chronicle_data_access_scope" "pike" {}
diff --git a/terraform/google/backup/google_chronicle_reference_list.tf b/terraform/google/backup/google_chronicle_reference_list.tf
new file mode 100644
index 00000000..8eba34f5
--- /dev/null
+++ b/terraform/google/backup/google_chronicle_reference_list.tf
@@ -0,0 +1 @@
+resource "google_chronicle_reference_list" "pike" {}
diff --git a/terraform/google/backup/google_chronicle_retrohunt.tf b/terraform/google/backup/google_chronicle_retrohunt.tf
new file mode 100644
index 00000000..9bec81fc
--- /dev/null
+++ b/terraform/google/backup/google_chronicle_retrohunt.tf
@@ -0,0 +1 @@
+resource "google_chronicle_retrohunt" "pike" {}
diff --git a/terraform/google/backup/google_chronicle_rule.tf b/terraform/google/backup/google_chronicle_rule.tf
new file mode 100644
index 00000000..db56023f
--- /dev/null
+++ b/terraform/google/backup/google_chronicle_rule.tf
@@ -0,0 +1 @@
+resource "google_chronicle_rule" "pike" {}
diff --git a/terraform/google/backup/google_chronicle_rule_deployment.tf b/terraform/google/backup/google_chronicle_rule_deployment.tf
new file mode 100644
index 00000000..1134d44b
--- /dev/null
+++ b/terraform/google/backup/google_chronicle_rule_deployment.tf
@@ -0,0 +1 @@
+resource "google_chronicle_rule_deployment" "pike" {}
diff --git a/terraform/google/backup/google_chronicle_watchlist.tf b/terraform/google/backup/google_chronicle_watchlist.tf
new file mode 100644
index 00000000..dd7c6f2f
--- /dev/null
+++ b/terraform/google/backup/google_chronicle_watchlist.tf
@@ -0,0 +1 @@
+resource "google_chronicle_watchlist" "pike" {}
diff --git a/terraform/google/backup/google_cloud_run_domain_mapping.tf b/terraform/google/backup/google_cloud_run_domain_mapping.tf
new file mode 100644
index 00000000..2e18521e
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_domain_mapping.tf
@@ -0,0 +1,12 @@
+resource "google_cloud_run_domain_mapping" "pike" {
+  location = "us-central1"
+  name     = "verified-domain.com"
+
+  metadata {
+    namespace = "pike-412922"
+  }
+
+  spec {
+    route_name = google_cloud_run_service.pike.name
+  }
+}
diff --git a/terraform/google/backup/google_cloud_run_service.tf b/terraform/google/backup/google_cloud_run_service.tf
new file mode 100644
index 00000000..095d938c
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_service.tf
@@ -0,0 +1,19 @@
+resource "google_cloud_run_service" "pike" {
+  name     = "cloudrun-srv"
+  location = "europe-west2"
+
+  template {
+
+    spec {
+      containers {
+        image = "us-docker.pkg.dev/cloudrun/container/hello"
+      }
+    }
+  }
+
+  traffic {
+    percent         = 100
+    latest_revision = true
+  }
+
+}
diff --git a/terraform/google/backup/google_cloud_run_service_iam_binding.tf b/terraform/google/backup/google_cloud_run_service_iam_binding.tf
new file mode 100644
index 00000000..1ebf4b07
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_service_iam_binding.tf
@@ -0,0 +1,9 @@
+resource "google_cloud_run_service_iam_binding" "pike" {
+  project  = google_cloud_run_service.pike.project
+  location = google_cloud_run_service.pike.location
+  service  = google_cloud_run_service.pike.name
+  role     = "roles/viewer"
+  members = [
+    "user:james.woolfenden@gmail.com",
+  ]
+}
diff --git a/terraform/google/backup/google_cloud_run_service_iam_member.tf b/terraform/google/backup/google_cloud_run_service_iam_member.tf
new file mode 100644
index 00000000..ee110d50
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_cloud_run_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_cloud_run_service_iam_policy.tf b/terraform/google/backup/google_cloud_run_service_iam_policy.tf
new file mode 100644
index 00000000..0b72e171
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_cloud_run_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_cloud_run_v2_service.tf b/terraform/google/backup/google_cloud_run_v2_service.tf
index d895b569..3dc170ae 100644
--- a/terraform/google/backup/google_cloud_run_v2_service.tf
+++ b/terraform/google/backup/google_cloud_run_v2_service.tf
@@ -1,4 +1,13 @@
 resource "google_cloud_run_v2_service" "pike" {
-  name     = "pike"
-  location = ""
+  name                = "pike"
+  location            = "europe-west2"
+  deletion_protection = false
+  ingress             = "INGRESS_TRAFFIC_ALL"
+
+  template {
+    service_account = "super-544@pike-412922.iam.gserviceaccount.com"
+    containers {
+      image = "us-docker.pkg.dev/cloudrun/container/hello"
+    }
+  }
 }
diff --git a/terraform/google/backup/google_cloud_run_v2_worker_pool.tf b/terraform/google/backup/google_cloud_run_v2_worker_pool.tf
new file mode 100644
index 00000000..066eb972
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_v2_worker_pool.tf
@@ -0,0 +1,12 @@
+resource "google_cloud_run_v2_worker_pool" "pike" {
+  name                = "cloudrun-worker-pool"
+  location            = "europe-west2"
+  deletion_protection = false
+  launch_stage        = "ALPHA"
+
+  template {
+    containers {
+      image = "us-docker.pkg.dev/cloudrun/container/worker-pool"
+    }
+  }
+}
diff --git a/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_binding.tf b/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_binding.tf
new file mode 100644
index 00000000..9ea6b464
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_binding.tf
@@ -0,0 +1,9 @@
+resource "google_cloud_run_v2_worker_pool_iam_binding" "pike" {
+  project  = google_cloud_run_v2_worker_pool.pike.project
+  location = google_cloud_run_v2_worker_pool.pike.location
+  name     = google_cloud_run_v2_worker_pool.pike.name
+  role     = "roles/viewer"
+  members = [
+    "user:james.woolfenden@gmail.com",
+  ]
+}
diff --git a/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_member.tf b/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_member.tf
new file mode 100644
index 00000000..62a2f467
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_member.tf
@@ -0,0 +1 @@
+resource "google_cloud_run_v2_worker_pool_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_policy.tf b/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_policy.tf
new file mode 100644
index 00000000..43cc1047
--- /dev/null
+++ b/terraform/google/backup/google_cloud_run_v2_worker_pool_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_cloud_run_v2_worker_pool_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_cloud_tasks_queue_iam_binding.tf b/terraform/google/backup/google_cloud_tasks_queue_iam_binding.tf
new file mode 100644
index 00000000..9e4a0459
--- /dev/null
+++ b/terraform/google/backup/google_cloud_tasks_queue_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_cloud_tasks_queue_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_cloud_tasks_queue_iam_member.tf b/terraform/google/backup/google_cloud_tasks_queue_iam_member.tf
new file mode 100644
index 00000000..9db2c5ff
--- /dev/null
+++ b/terraform/google/backup/google_cloud_tasks_queue_iam_member.tf
@@ -0,0 +1 @@
+resource "google_cloud_tasks_queue_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_cloud_tasks_queue_iam_policy.tf b/terraform/google/backup/google_cloud_tasks_queue_iam_policy.tf
new file mode 100644
index 00000000..b0ac3b47
--- /dev/null
+++ b/terraform/google/backup/google_cloud_tasks_queue_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_cloud_tasks_queue_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_cloudbuildv2_connection.tf b/terraform/google/backup/google_cloudbuildv2_connection.tf
new file mode 100644
index 00000000..874dd7ef
--- /dev/null
+++ b/terraform/google/backup/google_cloudbuildv2_connection.tf
@@ -0,0 +1 @@
+resource "google_cloudbuildv2_connection" "pike" {}
diff --git a/terraform/google/backup/google_cloudbuildv2_connection_iam_binding.tf b/terraform/google/backup/google_cloudbuildv2_connection_iam_binding.tf
new file mode 100644
index 00000000..67b44df2
--- /dev/null
+++ b/terraform/google/backup/google_cloudbuildv2_connection_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_cloudbuildv2_connection_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_cloudbuildv2_connection_iam_member.tf b/terraform/google/backup/google_cloudbuildv2_connection_iam_member.tf
new file mode 100644
index 00000000..c383711b
--- /dev/null
+++ b/terraform/google/backup/google_cloudbuildv2_connection_iam_member.tf
@@ -0,0 +1 @@
+resource "google_cloudbuildv2_connection_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_cloudbuildv2_connection_iam_policy.tf b/terraform/google/backup/google_cloudbuildv2_connection_iam_policy.tf
new file mode 100644
index 00000000..5850c9a8
--- /dev/null
+++ b/terraform/google/backup/google_cloudbuildv2_connection_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_cloudbuildv2_connection_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_cloudbuildv2_repository.tf b/terraform/google/backup/google_cloudbuildv2_repository.tf
new file mode 100644
index 00000000..ef749a08
--- /dev/null
+++ b/terraform/google/backup/google_cloudbuildv2_repository.tf
@@ -0,0 +1 @@
+resource "google_cloudbuildv2_repository" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_custom_target_type_iam_binding.tf b/terraform/google/backup/google_clouddeploy_custom_target_type_iam_binding.tf
new file mode 100644
index 00000000..c1b46778
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_custom_target_type_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_custom_target_type_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_custom_target_type_iam_member.tf b/terraform/google/backup/google_clouddeploy_custom_target_type_iam_member.tf
new file mode 100644
index 00000000..ab252705
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_custom_target_type_iam_member.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_custom_target_type_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_custom_target_type_iam_policy.tf b/terraform/google/backup/google_clouddeploy_custom_target_type_iam_policy.tf
new file mode 100644
index 00000000..7565b077
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_custom_target_type_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_custom_target_type_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_binding.tf b/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_binding.tf
new file mode 100644
index 00000000..43cf62b7
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_delivery_pipeline_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_member.tf b/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_member.tf
new file mode 100644
index 00000000..b70584f9
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_member.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_delivery_pipeline_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_policy.tf b/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_policy.tf
new file mode 100644
index 00000000..4525eb31
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_delivery_pipeline_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_delivery_pipeline_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_target_iam_binding.tf b/terraform/google/backup/google_clouddeploy_target_iam_binding.tf
new file mode 100644
index 00000000..89fd6c8d
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_target_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_target_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_target_iam_member.tf b/terraform/google/backup/google_clouddeploy_target_iam_member.tf
new file mode 100644
index 00000000..0aca82ac
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_target_iam_member.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_target_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_clouddeploy_target_iam_policy.tf b/terraform/google/backup/google_clouddeploy_target_iam_policy.tf
new file mode 100644
index 00000000..24da1d93
--- /dev/null
+++ b/terraform/google/backup/google_clouddeploy_target_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_clouddeploy_target_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_cloudfunctions2_function.tf b/terraform/google/backup/google_cloudfunctions2_function.tf
new file mode 100644
index 00000000..9c9c9afe
--- /dev/null
+++ b/terraform/google/backup/google_cloudfunctions2_function.tf
@@ -0,0 +1,78 @@
+# locals {
+#   project = "412922" # Google Cloud Platform Project ID
+# }
+#
+# resource "google_service_account" "account" {
+#   account_id = "gcf-sa"
+#   display_name = "Test Service Account"
+# }
+#
+# //allows the build to assign this user to cloud run
+# resource "google_service_account_iam_member" "pike2" {
+#   service_account_id = google_service_account.account.name //service for cloud run
+#   role               = "roles/iam.serviceAccountUser"
+#   member             = "serviceAccount:${google_service_account.account.email}" //allow who context of build
+# }
+#
+# # resource "google_pubsub_topic" "topic" {
+# #   name = "functions2-topic"
+# # }
+#
+# resource "google_storage_bucket" "bucket" {
+#   name     = "${local.project}-gcf-source-jgw"  # Every bucket name must be globally unique
+#   location = "US"
+#   uniform_bucket_level_access = true
+# }
+#
+# resource "google_storage_bucket_object" "object" {
+#   name   = "test.zip"
+#   bucket = google_storage_bucket.bucket.name
+#   source = "./test.zip"  # Add path to the zipped function source code
+# }
+#
+# resource "google_cloudfunctions2_function" "function" {
+#   name = "gcf-function"
+#   location = "europe-west2"
+#   description = "a new function"
+#
+#   build_config {
+#     runtime = "go123"
+#     entry_point = "hello_http"  # Set the entry point
+#     environment_variables = {
+#       BUILD_CONFIG_TEST = "build_test"
+#     }
+#     source {
+#       storage_source {
+#         bucket = google_storage_bucket.bucket.name
+#         object = google_storage_bucket_object.object.name
+#       }
+#     }
+#   }
+#
+#   service_config {
+#     max_instance_count  = 3
+#     min_instance_count = 1
+#     available_memory    = "4Gi"
+#     timeout_seconds     = 60
+#     max_instance_request_concurrency = 80
+#     available_cpu = "4"
+#     environment_variables = {
+#       SERVICE_CONFIG_TEST      = "config_test"
+#       SERVICE_CONFIG_DIFF_TEST = google_service_account.account.email
+#     }
+#     ingress_settings = "ALLOW_INTERNAL_ONLY"
+#     all_traffic_on_latest_revision = true
+#  //   service_account_email = google_service_account.account.email
+#   }
+#
+#   # event_trigger {
+#   #   trigger_region = "us-central1"
+#   #   event_type = "google.cloud.pubsub.topic.v1.messagePublished"
+#   #   pubsub_topic = google_pubsub_topic.topic.id
+#   #   retry_policy = "RETRY_POLICY_RETRY"
+#   # }
+#
+#   depends_on = [
+#     google_service_account_iam_member.pike2
+#   ]
+# }
diff --git a/terraform/google/backup/google_cloudfunctions2_function_iam_binding.tf b/terraform/google/backup/google_cloudfunctions2_function_iam_binding.tf
new file mode 100644
index 00000000..86489763
--- /dev/null
+++ b/terraform/google/backup/google_cloudfunctions2_function_iam_binding.tf
@@ -0,0 +1,15 @@
+data "google_iam_policy" "admin3" {
+  binding {
+    role = "roles/viewer"
+    members = [
+      "user:james.woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_cloudfunctions2_function_iam_policy" "policy" {
+  project        = google_cloudfunctions2_function.function.project
+  location       = google_cloudfunctions2_function.function.location
+  cloud_function = google_cloudfunctions2_function.function.name
+  policy_data    = data.google_iam_policy.admin3.policy_data
+}
diff --git a/terraform/google/backup/google_cloudfunctions2_function_iam_member.tf b/terraform/google/backup/google_cloudfunctions2_function_iam_member.tf
new file mode 100644
index 00000000..0ef15c02
--- /dev/null
+++ b/terraform/google/backup/google_cloudfunctions2_function_iam_member.tf
@@ -0,0 +1,7 @@
+resource "google_cloudfunctions2_function_iam_member" "member" {
+  project        = google_cloudfunctions2_function.function.project
+  location       = google_cloudfunctions2_function.function.location
+  cloud_function = google_cloudfunctions2_function.function.name
+  role           = "roles/viewer"
+  member         = "user:james.woolfenden@gmail.com"
+}
diff --git a/terraform/google/backup/google_cloudfunctions2_function_iam_policy.tf b/terraform/google/backup/google_cloudfunctions2_function_iam_policy.tf
new file mode 100644
index 00000000..1c08c158
--- /dev/null
+++ b/terraform/google/backup/google_cloudfunctions2_function_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_cloudfunctions2_function_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_cloudfunctions_function.tf b/terraform/google/backup/google_cloudfunctions_function.tf
index 185a6e8b..63135f1a 100644
--- a/terraform/google/backup/google_cloudfunctions_function.tf
+++ b/terraform/google/backup/google_cloudfunctions_function.tf
@@ -1,21 +1,32 @@
-resource "google_cloudfunctions_function" "pikey" {
+resource "google_storage_bucket" "bucket" {
+  name     = "test-bucket-jgw"
+  location = "US"
+}
+
+resource "google_storage_bucket_object" "archive" {
+  name   = "test.zip"
+  bucket = google_storage_bucket.bucket.name
+  source = "./test.zip"
+}
 
-  docker_registry              = "CONTAINER_REGISTRY"
-  entry_point                  = "helloWorld"
-  environment_variables        = {}
-  https_trigger_security_level = "SECURE_ALWAYS"
-  https_trigger_url            = "https://europe-west2-pike-361314.cloudfunctions.net/pikey"
-  labels = {
-    deployment-tool = "console-cloud"
-    tag             = "deployment-tool"
-    pike            = "permissions"
-  }
-  max_instances         = 3000
-  min_instances         = 0
-  name                  = "pikey"
-  project               = "pike-361314"
-  region                = "europe-west2"
-  runtime               = "nodejs16"
-  service_account_email = "pike-361314@appspot.gserviceaccount.com"
+resource "google_cloudfunctions_function" "function" {
+  name        = "function-test"
+  description = "My function"
+  runtime     = "go121"
+
+  available_memory_mb   = 128
+  source_archive_bucket = google_storage_bucket.bucket.name
+  source_archive_object = google_storage_bucket_object.archive.name
   trigger_http          = true
+  entry_point           = "helloHTTP"
 }
+
+# IAM entry for all users to invoke the function
+resource "google_cloudfunctions_function_iam_member" "invoker" {
+  project        = google_cloudfunctions_function.function.project
+  region         = google_cloudfunctions_function.function.region
+  cloud_function = google_cloudfunctions_function.function.name
+
+  role   = "roles/cloudfunctions.invoker"
+  member = "allUsers"
+}
diff --git a/terraform/google/backup/google_cloudfunctions_function_iam_binding.tf b/terraform/google/backup/google_cloudfunctions_function_iam_binding.tf
new file mode 100644
index 00000000..4c6107df
--- /dev/null
+++ b/terraform/google/backup/google_cloudfunctions_function_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_cloudfunctions_function_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_colab_runtime_template_iam_binding.tf b/terraform/google/backup/google_colab_runtime_template_iam_binding.tf
new file mode 100644
index 00000000..bd4c34a1
--- /dev/null
+++ b/terraform/google/backup/google_colab_runtime_template_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_colab_runtime_template_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_colab_runtime_template_iam_member.tf b/terraform/google/backup/google_colab_runtime_template_iam_member.tf
new file mode 100644
index 00000000..3aeb8560
--- /dev/null
+++ b/terraform/google/backup/google_colab_runtime_template_iam_member.tf
@@ -0,0 +1 @@
+resource "google_colab_runtime_template_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_colab_runtime_template_iam_policy.tf b/terraform/google/backup/google_colab_runtime_template_iam_policy.tf
new file mode 100644
index 00000000..7b95aa9d
--- /dev/null
+++ b/terraform/google/backup/google_colab_runtime_template_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_colab_runtime_template_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_composer_environment.tf b/terraform/google/backup/google_composer_environment.tf
new file mode 100644
index 00000000..9a7da82c
--- /dev/null
+++ b/terraform/google/backup/google_composer_environment.tf
@@ -0,0 +1,33 @@
+resource "google_composer_environment" "pike" {
+  name   = "pike-test"
+  region = "europe-west2"
+
+  labels = {
+    "pike" = "permissions"
+  }
+
+  config {
+
+    software_config {
+      image_version = "composer-3-airflow-2"
+    }
+
+    environment_size = "ENVIRONMENT_SIZE_SMALL"
+
+    node_config {
+      service_account = google_service_account.test.name
+    }
+  }
+}
+
+
+resource "google_service_account" "test" {
+  account_id   = "composer-env-account"
+  display_name = "Test Service Account for Composer Environment"
+}
+
+resource "google_project_iam_member" "composer-worker" {
+  project = "pike-412922"
+  role    = "roles/composer.worker"
+  member  = "serviceAccount:${google_service_account.test.email}"
+}
diff --git a/terraform/google/backup/google_composer_user_workloads_config_map.tf b/terraform/google/backup/google_composer_user_workloads_config_map.tf
new file mode 100644
index 00000000..51223c49
--- /dev/null
+++ b/terraform/google/backup/google_composer_user_workloads_config_map.tf
@@ -0,0 +1 @@
+resource "google_composer_user_workloads_config_map" "pike" {}
diff --git a/terraform/google/backup/google_composer_user_workloads_secret.tf b/terraform/google/backup/google_composer_user_workloads_secret.tf
new file mode 100644
index 00000000..54bb22ab
--- /dev/null
+++ b/terraform/google/backup/google_composer_user_workloads_secret.tf
@@ -0,0 +1 @@
+resource "google_composer_user_workloads_secret" "pike" {}
diff --git a/terraform/google/backup/google_compute_backend_bucket_iam_binding.tf b/terraform/google/backup/google_compute_backend_bucket_iam_binding.tf
new file mode 100644
index 00000000..6f2e60b8
--- /dev/null
+++ b/terraform/google/backup/google_compute_backend_bucket_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_backend_bucket_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_backend_bucket_iam_member.tf b/terraform/google/backup/google_compute_backend_bucket_iam_member.tf
new file mode 100644
index 00000000..5526f2c6
--- /dev/null
+++ b/terraform/google/backup/google_compute_backend_bucket_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_backend_bucket_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_backend_bucket_iam_policy.tf b/terraform/google/backup/google_compute_backend_bucket_iam_policy.tf
new file mode 100644
index 00000000..f40fb96b
--- /dev/null
+++ b/terraform/google/backup/google_compute_backend_bucket_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_backend_bucket_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_backend_service.tf b/terraform/google/backup/google_compute_backend_service.tf
new file mode 100644
index 00000000..41740eac
--- /dev/null
+++ b/terraform/google/backup/google_compute_backend_service.tf
@@ -0,0 +1,4 @@
+resource "google_compute_backend_service" "default" {
+  name          = "backend-service"
+  health_checks = [google_compute_http_health_check.default.id]
+}
diff --git a/terraform/google/backup/google_compute_backend_service_iam_binding.tf b/terraform/google/backup/google_compute_backend_service_iam_binding.tf
new file mode 100644
index 00000000..8f9515e4
--- /dev/null
+++ b/terraform/google/backup/google_compute_backend_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_backend_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_backend_service_iam_member.tf b/terraform/google/backup/google_compute_backend_service_iam_member.tf
new file mode 100644
index 00000000..5d5049a0
--- /dev/null
+++ b/terraform/google/backup/google_compute_backend_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_backend_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_backend_service_iam_policy.tf b/terraform/google/backup/google_compute_backend_service_iam_policy.tf
new file mode 100644
index 00000000..390b7a1c
--- /dev/null
+++ b/terraform/google/backup/google_compute_backend_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_backend_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_disk_iam_binding.tf b/terraform/google/backup/google_compute_disk_iam_binding.tf
new file mode 100644
index 00000000..e5f5d6ec
--- /dev/null
+++ b/terraform/google/backup/google_compute_disk_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_disk_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_disk_iam_member.tf b/terraform/google/backup/google_compute_disk_iam_member.tf
new file mode 100644
index 00000000..22f98858
--- /dev/null
+++ b/terraform/google/backup/google_compute_disk_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_disk_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_disk_iam_policy.tf b/terraform/google/backup/google_compute_disk_iam_policy.tf
new file mode 100644
index 00000000..da8ed1f7
--- /dev/null
+++ b/terraform/google/backup/google_compute_disk_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_disk_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_forwarding_rule.tf b/terraform/google/backup/google_compute_forwarding_rule.tf
new file mode 100644
index 00000000..c3cceff1
--- /dev/null
+++ b/terraform/google/backup/google_compute_forwarding_rule.tf
@@ -0,0 +1 @@
+resource "google_compute_forwarding_rule" "pike" {}
diff --git a/terraform/google/backup/google_compute_global_forwarding_rule.tf b/terraform/google/backup/google_compute_global_forwarding_rule.tf
new file mode 100644
index 00000000..bc4c0cf0
--- /dev/null
+++ b/terraform/google/backup/google_compute_global_forwarding_rule.tf
@@ -0,0 +1 @@
+resource "google_compute_global_forwarding_rule" "pike" {}
diff --git a/terraform/google/backup/google_compute_global_network_endpoint_group.tf b/terraform/google/backup/google_compute_global_network_endpoint_group.tf
new file mode 100644
index 00000000..75185295
--- /dev/null
+++ b/terraform/google/backup/google_compute_global_network_endpoint_group.tf
@@ -0,0 +1 @@
+resource "google_compute_global_network_endpoint_group" "pike" {}
diff --git a/terraform/google/backup/google_compute_health_check.tf b/terraform/google/backup/google_compute_health_check.tf
new file mode 100644
index 00000000..091ba615
--- /dev/null
+++ b/terraform/google/backup/google_compute_health_check.tf
@@ -0,0 +1,10 @@
+resource "google_compute_health_check" "pike" {
+  name = "tcp-health-check"
+
+  timeout_sec        = 1
+  check_interval_sec = 1
+
+  tcp_health_check {
+    port = "80"
+  }
+}
diff --git a/terraform/google/backup/google_compute_http_health_check.tf b/terraform/google/backup/google_compute_http_health_check.tf
new file mode 100644
index 00000000..d090ad74
--- /dev/null
+++ b/terraform/google/backup/google_compute_http_health_check.tf
@@ -0,0 +1,6 @@
+resource "google_compute_http_health_check" "default" {
+  name               = "health-check"
+  request_path       = "/"
+  check_interval_sec = 1
+  timeout_sec        = 1
+}
diff --git a/terraform/google/backup/google_compute_https_health_check.tf b/terraform/google/backup/google_compute_https_health_check.tf
new file mode 100644
index 00000000..c0ad9334
--- /dev/null
+++ b/terraform/google/backup/google_compute_https_health_check.tf
@@ -0,0 +1,7 @@
+resource "google_compute_https_health_check" "pike" {
+  name         = "authentication-health-check"
+  request_path = "/health_check"
+
+  timeout_sec        = 1
+  check_interval_sec = 1
+}
diff --git a/terraform/google/backup/google_compute_image_iam_binding.tf b/terraform/google/backup/google_compute_image_iam_binding.tf
new file mode 100644
index 00000000..f238259b
--- /dev/null
+++ b/terraform/google/backup/google_compute_image_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_image_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_image_iam_member.tf b/terraform/google/backup/google_compute_image_iam_member.tf
new file mode 100644
index 00000000..1df1990e
--- /dev/null
+++ b/terraform/google/backup/google_compute_image_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_image_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_image_iam_policy.tf b/terraform/google/backup/google_compute_image_iam_policy.tf
new file mode 100644
index 00000000..99b08e7a
--- /dev/null
+++ b/terraform/google/backup/google_compute_image_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_image_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_instance_iam_binding.tf b/terraform/google/backup/google_compute_instance_iam_binding.tf
new file mode 100644
index 00000000..a4645efa
--- /dev/null
+++ b/terraform/google/backup/google_compute_instance_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_instance_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_instance_iam_member.tf b/terraform/google/backup/google_compute_instance_iam_member.tf
new file mode 100644
index 00000000..b9d2270f
--- /dev/null
+++ b/terraform/google/backup/google_compute_instance_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_instance_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_instance_iam_policy.tf b/terraform/google/backup/google_compute_instance_iam_policy.tf
new file mode 100644
index 00000000..066d984b
--- /dev/null
+++ b/terraform/google/backup/google_compute_instance_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_instance_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_instance_template_iam_binding.tf b/terraform/google/backup/google_compute_instance_template_iam_binding.tf
new file mode 100644
index 00000000..93b226e6
--- /dev/null
+++ b/terraform/google/backup/google_compute_instance_template_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_instance_template_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_instance_template_iam_member.tf b/terraform/google/backup/google_compute_instance_template_iam_member.tf
new file mode 100644
index 00000000..116ee7d1
--- /dev/null
+++ b/terraform/google/backup/google_compute_instance_template_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_instance_template_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_instance_template_iam_policy.tf b/terraform/google/backup/google_compute_instance_template_iam_policy.tf
new file mode 100644
index 00000000..7ad9a331
--- /dev/null
+++ b/terraform/google/backup/google_compute_instance_template_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_instance_template_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_instant_snapshot_iam_binding.tf b/terraform/google/backup/google_compute_instant_snapshot_iam_binding.tf
new file mode 100644
index 00000000..d9c232f9
--- /dev/null
+++ b/terraform/google/backup/google_compute_instant_snapshot_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_instant_snapshot_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_instant_snapshot_iam_member.tf b/terraform/google/backup/google_compute_instant_snapshot_iam_member.tf
new file mode 100644
index 00000000..c1407177
--- /dev/null
+++ b/terraform/google/backup/google_compute_instant_snapshot_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_instant_snapshot_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_instant_snapshot_iam_policy.tf b/terraform/google/backup/google_compute_instant_snapshot_iam_policy.tf
new file mode 100644
index 00000000..1cc16938
--- /dev/null
+++ b/terraform/google/backup/google_compute_instant_snapshot_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_instant_snapshot_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_machine_image_iam_binding.tf b/terraform/google/backup/google_compute_machine_image_iam_binding.tf
new file mode 100644
index 00000000..a92674c3
--- /dev/null
+++ b/terraform/google/backup/google_compute_machine_image_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_machine_image_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_machine_image_iam_member.tf b/terraform/google/backup/google_compute_machine_image_iam_member.tf
new file mode 100644
index 00000000..ac9b1e05
--- /dev/null
+++ b/terraform/google/backup/google_compute_machine_image_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_machine_image_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_machine_image_iam_policy.tf b/terraform/google/backup/google_compute_machine_image_iam_policy.tf
new file mode 100644
index 00000000..e41d92f7
--- /dev/null
+++ b/terraform/google/backup/google_compute_machine_image_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_machine_image_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_network_attachment.tf b/terraform/google/backup/google_compute_network_attachment.tf
new file mode 100644
index 00000000..d2bce36b
--- /dev/null
+++ b/terraform/google/backup/google_compute_network_attachment.tf
@@ -0,0 +1 @@
+resource "google_compute_network_attachment" "pike" {}
diff --git a/terraform/google/backup/google_compute_network_endpoint_group.tf b/terraform/google/backup/google_compute_network_endpoint_group.tf
new file mode 100644
index 00000000..cda72e4a
--- /dev/null
+++ b/terraform/google/backup/google_compute_network_endpoint_group.tf
@@ -0,0 +1 @@
+resource "google_compute_network_endpoint_group" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_backend_service.tf b/terraform/google/backup/google_compute_region_backend_service.tf
new file mode 100644
index 00000000..c1121b20
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_backend_service.tf
@@ -0,0 +1,8 @@
+resource "google_compute_region_backend_service" "pike" {
+  region                = "us-central1"
+  name                  = "region-service"
+  health_checks         = [google_compute_region_health_check.pike.id]
+  protocol              = "HTTPS"
+  load_balancing_scheme = "INTERNAL_MANAGED"
+  locality_lb_policy    = "ROUND_ROBIN"
+}
diff --git a/terraform/google/backup/google_compute_region_backend_service_iam_binding.tf b/terraform/google/backup/google_compute_region_backend_service_iam_binding.tf
new file mode 100644
index 00000000..6725a2b1
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_backend_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_region_backend_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_backend_service_iam_member.tf b/terraform/google/backup/google_compute_region_backend_service_iam_member.tf
new file mode 100644
index 00000000..59a2bfdd
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_backend_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_region_backend_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_backend_service_iam_policy.tf b/terraform/google/backup/google_compute_region_backend_service_iam_policy.tf
new file mode 100644
index 00000000..886fa121
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_backend_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_region_backend_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_disk_iam_binding.tf b/terraform/google/backup/google_compute_region_disk_iam_binding.tf
new file mode 100644
index 00000000..caa70151
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_disk_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_region_disk_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_disk_iam_member.tf b/terraform/google/backup/google_compute_region_disk_iam_member.tf
new file mode 100644
index 00000000..6149628a
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_disk_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_region_disk_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_disk_iam_policy.tf b/terraform/google/backup/google_compute_region_disk_iam_policy.tf
new file mode 100644
index 00000000..2bc3c9a7
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_disk_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_region_disk_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_health_check.tf b/terraform/google/backup/google_compute_region_health_check.tf
new file mode 100644
index 00000000..6951494c
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_health_check.tf
@@ -0,0 +1,11 @@
+resource "google_compute_region_health_check" "pike" {
+  name = "tcp-region-health-check"
+
+  timeout_sec        = 1
+  check_interval_sec = 1
+
+  ssl_health_check {
+    port = "443"
+  }
+  region = "us-central1"
+}
diff --git a/terraform/google/backup/google_compute_region_network_endpoint_group.tf b/terraform/google/backup/google_compute_region_network_endpoint_group.tf
new file mode 100644
index 00000000..69f48721
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_network_endpoint_group.tf
@@ -0,0 +1 @@
+resource "google_compute_region_network_endpoint_group" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_target_http_proxy.tf b/terraform/google/backup/google_compute_region_target_http_proxy.tf
new file mode 100644
index 00000000..58e78b0f
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_target_http_proxy.tf
@@ -0,0 +1,5 @@
+resource "google_compute_region_target_http_proxy" "pike" {
+  region  = "us-central1"
+  name    = "test-proxy"
+  url_map = google_compute_region_url_map.pike.id
+}
diff --git a/terraform/google/backup/google_compute_region_target_https_proxy.tf b/terraform/google/backup/google_compute_region_target_https_proxy.tf
new file mode 100644
index 00000000..0f343655
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_target_https_proxy.tf
@@ -0,0 +1 @@
+resource "google_compute_region_target_https_proxy" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_target_tcp_proxy.tf b/terraform/google/backup/google_compute_region_target_tcp_proxy.tf
new file mode 100644
index 00000000..ad3f5368
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_target_tcp_proxy.tf
@@ -0,0 +1 @@
+resource "google_compute_region_target_tcp_proxy" "pike" {}
diff --git a/terraform/google/backup/google_compute_region_url_map.tf b/terraform/google/backup/google_compute_region_url_map.tf
new file mode 100644
index 00000000..173aa1ea
--- /dev/null
+++ b/terraform/google/backup/google_compute_region_url_map.tf
@@ -0,0 +1,5 @@
+resource "google_compute_region_url_map" "pike" {
+  region          = "us-central1"
+  name            = "login"
+  default_service = google_compute_region_backend_service.pike.name
+}
diff --git a/terraform/google/backup/google_compute_snapshot_iam_binding.tf b/terraform/google/backup/google_compute_snapshot_iam_binding.tf
new file mode 100644
index 00000000..4655f36e
--- /dev/null
+++ b/terraform/google/backup/google_compute_snapshot_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_snapshot_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_snapshot_iam_member.tf b/terraform/google/backup/google_compute_snapshot_iam_member.tf
new file mode 100644
index 00000000..b80d25d5
--- /dev/null
+++ b/terraform/google/backup/google_compute_snapshot_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_snapshot_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_snapshot_iam_policy.tf b/terraform/google/backup/google_compute_snapshot_iam_policy.tf
new file mode 100644
index 00000000..95b17c65
--- /dev/null
+++ b/terraform/google/backup/google_compute_snapshot_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_snapshot_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_storage_pool_iam_binding.tf b/terraform/google/backup/google_compute_storage_pool_iam_binding.tf
new file mode 100644
index 00000000..46305d62
--- /dev/null
+++ b/terraform/google/backup/google_compute_storage_pool_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_storage_pool_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_storage_pool_iam_member.tf b/terraform/google/backup/google_compute_storage_pool_iam_member.tf
new file mode 100644
index 00000000..3663f102
--- /dev/null
+++ b/terraform/google/backup/google_compute_storage_pool_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_storage_pool_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_storage_pool_iam_policy.tf b/terraform/google/backup/google_compute_storage_pool_iam_policy.tf
new file mode 100644
index 00000000..1a9039f9
--- /dev/null
+++ b/terraform/google/backup/google_compute_storage_pool_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_storage_pool_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_subnetwork_iam_binding.tf b/terraform/google/backup/google_compute_subnetwork_iam_binding.tf
new file mode 100644
index 00000000..4b2c9402
--- /dev/null
+++ b/terraform/google/backup/google_compute_subnetwork_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_compute_subnetwork_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_compute_subnetwork_iam_member.tf b/terraform/google/backup/google_compute_subnetwork_iam_member.tf
new file mode 100644
index 00000000..03389743
--- /dev/null
+++ b/terraform/google/backup/google_compute_subnetwork_iam_member.tf
@@ -0,0 +1 @@
+resource "google_compute_subnetwork_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_compute_subnetwork_iam_policy.tf b/terraform/google/backup/google_compute_subnetwork_iam_policy.tf
new file mode 100644
index 00000000..72654732
--- /dev/null
+++ b/terraform/google/backup/google_compute_subnetwork_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_compute_subnetwork_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_compute_target_http_proxy.tf b/terraform/google/backup/google_compute_target_http_proxy.tf
new file mode 100644
index 00000000..be94005d
--- /dev/null
+++ b/terraform/google/backup/google_compute_target_http_proxy.tf
@@ -0,0 +1,4 @@
+resource "google_compute_target_http_proxy" "pike" {
+  name    = "test-proxy"
+  url_map = google_compute_url_map.urlmap.id
+}
diff --git a/terraform/google/backup/google_compute_target_https_proxy.tf b/terraform/google/backup/google_compute_target_https_proxy.tf
new file mode 100644
index 00000000..2456c082
--- /dev/null
+++ b/terraform/google/backup/google_compute_target_https_proxy.tf
@@ -0,0 +1 @@
+resource "google_compute_target_https_proxy" "pike" {}
diff --git a/terraform/google/backup/google_compute_url_map.tf b/terraform/google/backup/google_compute_url_map.tf
new file mode 100644
index 00000000..7e959b68
--- /dev/null
+++ b/terraform/google/backup/google_compute_url_map.tf
@@ -0,0 +1,68 @@
+resource "google_compute_url_map" "urlmap" {
+  name        = "urlmap"
+  description = "a description"
+
+  default_service = google_compute_backend_bucket.static.id
+
+  host_rule {
+    hosts        = ["mysite.com"]
+    path_matcher = "mysite"
+  }
+
+  host_rule {
+    hosts        = ["myothersite.com"]
+    path_matcher = "otherpaths"
+  }
+
+  path_matcher {
+    name            = "mysite"
+    default_service = google_compute_backend_bucket.static.id
+
+    path_rule {
+      paths   = ["/home"]
+      service = google_compute_backend_bucket.static.id
+    }
+
+    path_rule {
+      paths   = ["/login"]
+      service = google_compute_backend_service.login.id
+    }
+
+    path_rule {
+      paths   = ["/static"]
+      service = google_compute_backend_bucket.static.id
+    }
+  }
+
+  path_matcher {
+    name            = "otherpaths"
+    default_service = google_compute_backend_bucket.static.id
+  }
+
+  test {
+    service = google_compute_backend_bucket.static.id
+    host    = "example.com"
+    path    = "/home"
+  }
+}
+
+resource "google_compute_backend_service" "login" {
+  name        = "login"
+  port_name   = "http"
+  protocol    = "HTTP"
+  timeout_sec = 10
+
+  health_checks = [google_compute_http_health_check.default.id]
+}
+
+
+resource "google_compute_backend_bucket" "static" {
+  name        = "static-asset-backend-bucket-jgw"
+  bucket_name = google_storage_bucket.static.name
+  enable_cdn  = true
+}
+
+resource "google_storage_bucket" "static" {
+  name     = "static-asset-bucket-jgw"
+  location = "US"
+}
diff --git a/terraform/google/backup/google_contact_center_insights_analysis_rule.tf b/terraform/google/backup/google_contact_center_insights_analysis_rule.tf
new file mode 100644
index 00000000..66d4f29b
--- /dev/null
+++ b/terraform/google/backup/google_contact_center_insights_analysis_rule.tf
@@ -0,0 +1 @@
+resource "google_contact_center_insights_analysis_rule" "pike" {}
diff --git a/terraform/google/backup/google_contact_center_insights_view.tf b/terraform/google/backup/google_contact_center_insights_view.tf
new file mode 100644
index 00000000..022b4698
--- /dev/null
+++ b/terraform/google/backup/google_contact_center_insights_view.tf
@@ -0,0 +1 @@
+resource "google_contact_center_insights_view" "pike" {}
diff --git a/terraform/google/backup/google_container_analysis_note_iam_binding.tf b/terraform/google/backup/google_container_analysis_note_iam_binding.tf
new file mode 100644
index 00000000..df34ef52
--- /dev/null
+++ b/terraform/google/backup/google_container_analysis_note_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_container_analysis_note_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_container_analysis_note_iam_member.tf b/terraform/google/backup/google_container_analysis_note_iam_member.tf
new file mode 100644
index 00000000..2858c22e
--- /dev/null
+++ b/terraform/google/backup/google_container_analysis_note_iam_member.tf
@@ -0,0 +1 @@
+resource "google_container_analysis_note_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_container_analysis_note_iam_policy.tf b/terraform/google/backup/google_container_analysis_note_iam_policy.tf
new file mode 100644
index 00000000..c69a4470
--- /dev/null
+++ b/terraform/google/backup/google_container_analysis_note_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_container_analysis_note_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_entry.tf b/terraform/google/backup/google_data_catalog_entry.tf
new file mode 100644
index 00000000..cdbe5248
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_entry.tf
@@ -0,0 +1,7 @@
+resource "google_data_catalog_entry" "pike" {
+  entry_group = google_data_catalog_entry_group.pike.id
+  entry_id    = "my_entry"
+
+  user_specified_type   = "my_custom_type"
+  user_specified_system = "SomethingExternal"
+}
diff --git a/terraform/google/backup/google_data_catalog_entry_group.tf b/terraform/google/backup/google_data_catalog_entry_group.tf
new file mode 100644
index 00000000..a40621de
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_entry_group.tf
@@ -0,0 +1,3 @@
+resource "google_data_catalog_entry_group" "pike" {
+  entry_group_id = "my_group2"
+}
diff --git a/terraform/google/backup/google_data_catalog_entry_group_iam_binding.tf b/terraform/google/backup/google_data_catalog_entry_group_iam_binding.tf
new file mode 100644
index 00000000..0e01cb2b
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_entry_group_iam_binding.tf
@@ -0,0 +1,13 @@
+data "google_iam_policy" "admin3" {
+  binding {
+    role = "roles/viewer"
+    members = [
+      "user:james.woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_data_catalog_entry_group_iam_policy" "policy" {
+  entry_group = google_data_catalog_entry_group.pike.name
+  policy_data = data.google_iam_policy.admin.policy_data
+}
diff --git a/terraform/google/backup/google_data_catalog_entry_group_iam_member.tf b/terraform/google/backup/google_data_catalog_entry_group_iam_member.tf
new file mode 100644
index 00000000..0e97b84a
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_entry_group_iam_member.tf
@@ -0,0 +1 @@
+resource "google_data_catalog_entry_group_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_entry_group_iam_policy.tf b/terraform/google/backup/google_data_catalog_entry_group_iam_policy.tf
new file mode 100644
index 00000000..cc4e9400
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_entry_group_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_data_catalog_entry_group_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_policy_tag.tf b/terraform/google/backup/google_data_catalog_policy_tag.tf
new file mode 100644
index 00000000..f60c2ffa
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_policy_tag.tf
@@ -0,0 +1,5 @@
+resource "google_data_catalog_policy_tag" "pike" {
+  taxonomy     = google_data_catalog_taxonomy.pike.id
+  display_name = "Low security"
+  description  = "A policy tag normally associated with low security items"
+}
diff --git a/terraform/google/backup/google_data_catalog_policy_tag_iam_binding.tf b/terraform/google/backup/google_data_catalog_policy_tag_iam_binding.tf
new file mode 100644
index 00000000..48c12f18
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_policy_tag_iam_binding.tf
@@ -0,0 +1,13 @@
+data "google_iam_policy" "admin" {
+  binding {
+    role = "roles/viewer"
+    members = [
+      "user:james.woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_data_catalog_policy_tag_iam_policy" "policy" {
+  policy_tag  = google_data_catalog_policy_tag.pike.name
+  policy_data = data.google_iam_policy.admin.policy_data
+}
diff --git a/terraform/google/backup/google_data_catalog_policy_tag_iam_member.tf b/terraform/google/backup/google_data_catalog_policy_tag_iam_member.tf
new file mode 100644
index 00000000..da40afd0
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_policy_tag_iam_member.tf
@@ -0,0 +1 @@
+resource "google_data_catalog_policy_tag_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_policy_tag_iam_policy.tf b/terraform/google/backup/google_data_catalog_policy_tag_iam_policy.tf
new file mode 100644
index 00000000..8217f1eb
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_policy_tag_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_data_catalog_policy_tag_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_tag.tf b/terraform/google/backup/google_data_catalog_tag.tf
new file mode 100644
index 00000000..490a788c
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_tag.tf
@@ -0,0 +1,9 @@
+resource "google_data_catalog_tag" "pike" {
+  parent   = google_data_catalog_entry.pike.id
+  template = google_data_catalog_tag_template.pike.id
+
+  fields {
+    field_name   = "source"
+    string_value = "my-string2"
+  }
+}
diff --git a/terraform/google/backup/google_data_catalog_tag_template.tf b/terraform/google/backup/google_data_catalog_tag_template.tf
new file mode 100644
index 00000000..07fc599b
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_tag_template.tf
@@ -0,0 +1,43 @@
+resource "google_data_catalog_tag_template" "pike" {
+  tag_template_id = "my_template"
+  region          = "us-central1"
+  display_name    = "Demo Tag Template"
+
+
+  fields {
+    field_id     = "source"
+    display_name = "Source of data asset"
+    type {
+      primitive_type = "STRING"
+    }
+    is_required = true
+  }
+
+  fields {
+    field_id     = "num_rows"
+    display_name = "Number of rows in the data asset"
+    type {
+      primitive_type = "DOUBLE"
+    }
+  }
+
+  fields {
+    field_id     = "pii_type"
+    display_name = "PII type"
+    type {
+      enum_type {
+        allowed_values {
+          display_name = "EMAIL"
+        }
+        allowed_values {
+          display_name = "SOCIAL SECURITY NUMBER"
+        }
+        allowed_values {
+          display_name = "NONE"
+        }
+      }
+    }
+  }
+
+  force_delete = "true"
+}
diff --git a/terraform/google/backup/google_data_catalog_tag_template_iam_binding.tf b/terraform/google/backup/google_data_catalog_tag_template_iam_binding.tf
new file mode 100644
index 00000000..fea8c7ed
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_tag_template_iam_binding.tf
@@ -0,0 +1,13 @@
+data "google_iam_policy" "admin2" {
+  binding {
+    role = "roles/viewer"
+    members = [
+      "user:james.woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_data_catalog_tag_template_iam_policy" "policy" {
+  tag_template = google_data_catalog_tag_template.pike.name
+  policy_data  = data.google_iam_policy.admin2.policy_data
+}
diff --git a/terraform/google/backup/google_data_catalog_tag_template_iam_member.tf b/terraform/google/backup/google_data_catalog_tag_template_iam_member.tf
new file mode 100644
index 00000000..db12efed
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_tag_template_iam_member.tf
@@ -0,0 +1 @@
+resource "google_data_catalog_tag_template_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_tag_template_iam_policy.tf b/terraform/google/backup/google_data_catalog_tag_template_iam_policy.tf
new file mode 100644
index 00000000..e61f862d
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_tag_template_iam_policy.tf
@@ -0,0 +1 @@
+# resource "google_data_catalog_tag_template_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_taxonomy.tf b/terraform/google/backup/google_data_catalog_taxonomy.tf
new file mode 100644
index 00000000..b5f4dcb9
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_taxonomy.tf
@@ -0,0 +1,6 @@
+resource "google_data_catalog_taxonomy" "pike" {
+
+  display_name           = "my_taxonomy"
+  description            = "A collection of policy tags"
+  activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
+}
diff --git a/terraform/google/backup/google_data_catalog_taxonomy_iam_binding.tf b/terraform/google/backup/google_data_catalog_taxonomy_iam_binding.tf
new file mode 100644
index 00000000..56e3f875
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_taxonomy_iam_binding.tf
@@ -0,0 +1,7 @@
+resource "google_data_catalog_taxonomy_iam_binding" "binding" {
+  taxonomy = google_data_catalog_taxonomy.pike.name
+  role     = "roles/viewer"
+  members = [
+    "user:james.woolfenden@gmail.com",
+  ]
+}
diff --git a/terraform/google/backup/google_data_catalog_taxonomy_iam_member.tf b/terraform/google/backup/google_data_catalog_taxonomy_iam_member.tf
new file mode 100644
index 00000000..6ef1fce8
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_taxonomy_iam_member.tf
@@ -0,0 +1 @@
+resource "google_data_catalog_taxonomy_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_data_catalog_taxonomy_iam_policy.tf b/terraform/google/backup/google_data_catalog_taxonomy_iam_policy.tf
new file mode 100644
index 00000000..fd0639eb
--- /dev/null
+++ b/terraform/google/backup/google_data_catalog_taxonomy_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_data_catalog_taxonomy_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_data_fusion_instance_iam_binding.tf b/terraform/google/backup/google_data_fusion_instance_iam_binding.tf
new file mode 100644
index 00000000..2d1a6b7f
--- /dev/null
+++ b/terraform/google/backup/google_data_fusion_instance_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_data_fusion_instance_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_data_fusion_instance_iam_member.tf b/terraform/google/backup/google_data_fusion_instance_iam_member.tf
new file mode 100644
index 00000000..1f7c6989
--- /dev/null
+++ b/terraform/google/backup/google_data_fusion_instance_iam_member.tf
@@ -0,0 +1 @@
+resource "google_data_fusion_instance_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_data_fusion_instance_iam_policy.tf b/terraform/google/backup/google_data_fusion_instance_iam_policy.tf
new file mode 100644
index 00000000..61a0cab3
--- /dev/null
+++ b/terraform/google/backup/google_data_fusion_instance_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_data_fusion_instance_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataflow_job.tf b/terraform/google/backup/google_dataflow_job.tf
new file mode 100644
index 00000000..33f2707b
--- /dev/null
+++ b/terraform/google/backup/google_dataflow_job.tf
@@ -0,0 +1,28 @@
+resource "google_pubsub_topic" "topic" {
+  name = "dataflow-job1"
+}
+resource "google_storage_bucket" "bucket1" {
+  name          = "tf-test-bucket1-jgw"
+  location      = "US"
+  force_destroy = true
+}
+resource "google_storage_bucket" "bucket2" {
+  name          = "tf-test-bucket2-jgw"
+  location      = "US"
+  force_destroy = true
+}
+resource "google_dataflow_job" "pubsub_stream" {
+  name                    = "tf-test-dataflow-job1"
+  template_gcs_path       = "gs://my-bucket/templates/template_file"
+  temp_gcs_location       = "gs://my-bucket/tmp_dir"
+  enable_streaming_engine = true
+  parameters = {
+    inputFilePattern = "${google_storage_bucket.bucket1.url}/*.json"
+    outputTopic      = google_pubsub_topic.topic.id
+  }
+  transform_name_mapping = {
+    name = "test_job"
+    env  = "test"
+  }
+  on_delete = "cancel"
+}
diff --git a/terraform/google/backup/google_dataform_repository.tf b/terraform/google/backup/google_dataform_repository.tf
new file mode 100644
index 00000000..4cf82d0d
--- /dev/null
+++ b/terraform/google/backup/google_dataform_repository.tf
@@ -0,0 +1,5 @@
+resource "google_dataform_repository" "pike" {
+  provider = google-beta
+  name     = "pike"
+
+}
diff --git a/terraform/google/backup/google_dataform_repository_iam_binding.tf b/terraform/google/backup/google_dataform_repository_iam_binding.tf
new file mode 100644
index 00000000..74167a74
--- /dev/null
+++ b/terraform/google/backup/google_dataform_repository_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataform_repository_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataform_repository_iam_member.tf b/terraform/google/backup/google_dataform_repository_iam_member.tf
new file mode 100644
index 00000000..d39e151b
--- /dev/null
+++ b/terraform/google/backup/google_dataform_repository_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataform_repository_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataform_repository_iam_policy.tf b/terraform/google/backup/google_dataform_repository_iam_policy.tf
new file mode 100644
index 00000000..86a29d50
--- /dev/null
+++ b/terraform/google/backup/google_dataform_repository_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataform_repository_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataform_repository_release_config.tf b/terraform/google/backup/google_dataform_repository_release_config.tf
new file mode 100644
index 00000000..f45965cd
--- /dev/null
+++ b/terraform/google/backup/google_dataform_repository_release_config.tf
@@ -0,0 +1,27 @@
+
+
+resource "google_dataform_repository_release_config" "release" {
+  provider = google-beta
+
+  project    = google_dataform_repository.pike.project
+  region     = google_dataform_repository.pike.region
+  repository = google_dataform_repository.pike.name
+
+  name          = "my_release"
+  git_commitish = "main"
+  cron_schedule = "0 7 * * *"
+  time_zone     = "America/New_York"
+
+  code_compilation_config {
+    default_database = "gcp-example-project"
+    default_schema   = "example-dataset"
+    default_location = "us-central1"
+    assertion_schema = "example-assertion-dataset"
+    database_suffix  = ""
+    schema_suffix    = ""
+    table_prefix     = ""
+    vars = {
+      var1 = "value"
+    }
+  }
+}
diff --git a/terraform/google/backup/google_dataform_repository_workflow_config.tf b/terraform/google/backup/google_dataform_repository_workflow_config.tf
new file mode 100644
index 00000000..280c7383
--- /dev/null
+++ b/terraform/google/backup/google_dataform_repository_workflow_config.tf
@@ -0,0 +1,37 @@
+
+resource "google_service_account" "dataform_sa" {
+  provider     = google-beta
+  account_id   = "dataform-sa"
+  display_name = "Dataform Service Account"
+}
+
+resource "google_dataform_repository_workflow_config" "workflow" {
+  provider = google-beta
+
+  project        = google_dataform_repository.pike.project
+  region         = google_dataform_repository.pike.region
+  repository     = google_dataform_repository.pike.name
+  name           = "my_workflow"
+  release_config = google_dataform_repository_release_config.release.id
+
+  invocation_config {
+    included_targets {
+      database = "gcp-example-project"
+      schema   = "example-dataset"
+      name     = "target_1"
+    }
+    included_targets {
+      database = "gcp-example-project"
+      schema   = "example-dataset"
+      name     = "target_2"
+    }
+    included_tags                            = ["tag_1"]
+    transitive_dependencies_included         = true
+    transitive_dependents_included           = true
+    fully_refresh_incremental_tables_enabled = false
+    service_account                          = google_service_account.dataform_sa.email
+  }
+
+  cron_schedule = "0 7 * * *"
+  time_zone     = "America/New_York"
+}
diff --git a/terraform/google/backup/google_dataplex_aspect_type.tf b/terraform/google/backup/google_dataplex_aspect_type.tf
new file mode 100644
index 00000000..3236bef3
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_aspect_type.tf
@@ -0,0 +1 @@
+resource "google_dataplex_aspect_type" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_aspect_type_iam_binding.tf b/terraform/google/backup/google_dataplex_aspect_type_iam_binding.tf
new file mode 100644
index 00000000..c3337e37
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_aspect_type_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_aspect_type_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_aspect_type_iam_member.tf b/terraform/google/backup/google_dataplex_aspect_type_iam_member.tf
new file mode 100644
index 00000000..7650c4d8
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_aspect_type_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_aspect_type_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_aspect_type_iam_policy.tf b/terraform/google/backup/google_dataplex_aspect_type_iam_policy.tf
new file mode 100644
index 00000000..5134f853
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_aspect_type_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_aspect_type_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_asset.tf b/terraform/google/backup/google_dataplex_asset.tf
new file mode 100644
index 00000000..1918f608
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_asset.tf
@@ -0,0 +1 @@
+resource "google_dataplex_asset" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_asset_iam_binding.tf b/terraform/google/backup/google_dataplex_asset_iam_binding.tf
new file mode 100644
index 00000000..69e4b6ae
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_asset_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_asset_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_asset_iam_member.tf b/terraform/google/backup/google_dataplex_asset_iam_member.tf
new file mode 100644
index 00000000..bd958abe
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_asset_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_asset_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_asset_iam_policy.tf b/terraform/google/backup/google_dataplex_asset_iam_policy.tf
new file mode 100644
index 00000000..be086cfe
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_asset_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_asset_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_datascan.tf b/terraform/google/backup/google_dataplex_datascan.tf
new file mode 100644
index 00000000..99f59080
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_datascan.tf
@@ -0,0 +1 @@
+resource "google_dataplex_datascan" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_datascan_iam_binding.tf b/terraform/google/backup/google_dataplex_datascan_iam_binding.tf
new file mode 100644
index 00000000..fc95ee87
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_datascan_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_datascan_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_datascan_iam_member.tf b/terraform/google/backup/google_dataplex_datascan_iam_member.tf
new file mode 100644
index 00000000..64e1d0c5
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_datascan_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_datascan_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_datascan_iam_policy.tf b/terraform/google/backup/google_dataplex_datascan_iam_policy.tf
new file mode 100644
index 00000000..b94056db
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_datascan_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_datascan_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry.tf b/terraform/google/backup/google_dataplex_entry.tf
new file mode 100644
index 00000000..2cd37d29
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_group.tf b/terraform/google/backup/google_dataplex_entry_group.tf
new file mode 100644
index 00000000..91a6bb9c
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_group.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_group" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_group_iam_binding.tf b/terraform/google/backup/google_dataplex_entry_group_iam_binding.tf
new file mode 100644
index 00000000..49e0ba89
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_group_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_group_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_group_iam_member.tf b/terraform/google/backup/google_dataplex_entry_group_iam_member.tf
new file mode 100644
index 00000000..e0a3e85e
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_group_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_group_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_group_iam_policy.tf b/terraform/google/backup/google_dataplex_entry_group_iam_policy.tf
new file mode 100644
index 00000000..00a6a937
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_group_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_group_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_type.tf b/terraform/google/backup/google_dataplex_entry_type.tf
new file mode 100644
index 00000000..258289fb
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_type.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_type" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_type_iam_binding.tf b/terraform/google/backup/google_dataplex_entry_type_iam_binding.tf
new file mode 100644
index 00000000..0a2175d6
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_type_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_type_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_type_iam_member.tf b/terraform/google/backup/google_dataplex_entry_type_iam_member.tf
new file mode 100644
index 00000000..d2b2aed5
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_type_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_type_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_entry_type_iam_policy.tf b/terraform/google/backup/google_dataplex_entry_type_iam_policy.tf
new file mode 100644
index 00000000..b826215d
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_entry_type_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_entry_type_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_glossary.tf b/terraform/google/backup/google_dataplex_glossary.tf
new file mode 100644
index 00000000..c4287143
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_glossary.tf
@@ -0,0 +1,4 @@
+resource "google_dataplex_glossary" "term_test_id" {
+  glossary_id = "glossary-basic"
+  location    = "us-central1"
+}
diff --git a/terraform/google/backup/google_dataplex_glossary_category.tf b/terraform/google/backup/google_dataplex_glossary_category.tf
new file mode 100644
index 00000000..958e8bf2
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_glossary_category.tf
@@ -0,0 +1,6 @@
+resource "google_dataplex_glossary_category" "pike" {
+  parent      = "projects/${google_dataplex_glossary.term_test_id.project}/locations/us-central1/glossaries/${google_dataplex_glossary.term_test_id.glossary_id}"
+  glossary_id = google_dataplex_glossary.term_test_id.glossary_id
+  location    = "us-central1"
+  category_id = "tf-test-category-basic"
+}
diff --git a/terraform/google/backup/google_dataplex_glossary_iam_binding.tf b/terraform/google/backup/google_dataplex_glossary_iam_binding.tf
new file mode 100644
index 00000000..49dc4488
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_glossary_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_glossary_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_glossary_iam_member.tf b/terraform/google/backup/google_dataplex_glossary_iam_member.tf
new file mode 100644
index 00000000..fe629d07
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_glossary_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_glossary_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_glossary_iam_policy.tf b/terraform/google/backup/google_dataplex_glossary_iam_policy.tf
new file mode 100644
index 00000000..cf972569
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_glossary_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_glossary_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_glossary_term.tf b/terraform/google/backup/google_dataplex_glossary_term.tf
new file mode 100644
index 00000000..190b02ab
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_glossary_term.tf
@@ -0,0 +1,6 @@
+resource "google_dataplex_glossary_term" "pike" {
+  parent      = "projects/${google_dataplex_glossary.term_test_id.project}/locations/us-central1/glossaries/${google_dataplex_glossary.term_test_id.glossary_id}"
+  glossary_id = google_dataplex_glossary.term_test_id.glossary_id
+  location    = "us-central1"
+  term_id     = "tf-test-term-basic"
+}
diff --git a/terraform/google/backup/google_dataplex_lake.tf b/terraform/google/backup/google_dataplex_lake.tf
new file mode 100644
index 00000000..889a1666
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_lake.tf
@@ -0,0 +1 @@
+resource "google_dataplex_lake" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_lake_iam_binding.tf b/terraform/google/backup/google_dataplex_lake_iam_binding.tf
new file mode 100644
index 00000000..51119f60
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_lake_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_lake_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_lake_iam_member.tf b/terraform/google/backup/google_dataplex_lake_iam_member.tf
new file mode 100644
index 00000000..deb22e84
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_lake_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_lake_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_lake_iam_policy.tf b/terraform/google/backup/google_dataplex_lake_iam_policy.tf
new file mode 100644
index 00000000..a7e19e03
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_lake_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_lake_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_task.tf b/terraform/google/backup/google_dataplex_task.tf
new file mode 100644
index 00000000..a1b752cb
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_task.tf
@@ -0,0 +1 @@
+resource "google_dataplex_task" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_task_iam_binding.tf b/terraform/google/backup/google_dataplex_task_iam_binding.tf
new file mode 100644
index 00000000..2c5b51c6
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_task_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_task_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_task_iam_member.tf b/terraform/google/backup/google_dataplex_task_iam_member.tf
new file mode 100644
index 00000000..41983aeb
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_task_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_task_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_task_iam_policy.tf b/terraform/google/backup/google_dataplex_task_iam_policy.tf
new file mode 100644
index 00000000..c76a5fde
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_task_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_task_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_zone.tf b/terraform/google/backup/google_dataplex_zone.tf
new file mode 100644
index 00000000..7fcd6226
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_zone.tf
@@ -0,0 +1 @@
+resource "google_dataplex_zone" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_zone_iam_binding.tf b/terraform/google/backup/google_dataplex_zone_iam_binding.tf
new file mode 100644
index 00000000..45025e2a
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_zone_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataplex_zone_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_zone_iam_member.tf b/terraform/google/backup/google_dataplex_zone_iam_member.tf
new file mode 100644
index 00000000..38e3d93a
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_zone_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataplex_zone_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataplex_zone_iam_policy.tf b/terraform/google/backup/google_dataplex_zone_iam_policy.tf
new file mode 100644
index 00000000..4d15dea6
--- /dev/null
+++ b/terraform/google/backup/google_dataplex_zone_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataplex_zone_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_autoscaling_policy.tf b/terraform/google/backup/google_dataproc_autoscaling_policy.tf
new file mode 100644
index 00000000..4bc1a465
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_autoscaling_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_autoscaling_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_autoscaling_policy_iam_binding.tf b/terraform/google/backup/google_dataproc_autoscaling_policy_iam_binding.tf
new file mode 100644
index 00000000..6ab61699
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_autoscaling_policy_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataproc_autoscaling_policy_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_autoscaling_policy_iam_member.tf b/terraform/google/backup/google_dataproc_autoscaling_policy_iam_member.tf
new file mode 100644
index 00000000..8ac46b41
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_autoscaling_policy_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataproc_autoscaling_policy_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_autoscaling_policy_iam_policy.tf b/terraform/google/backup/google_dataproc_autoscaling_policy_iam_policy.tf
new file mode 100644
index 00000000..3c2c210b
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_autoscaling_policy_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_autoscaling_policy_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_batch.tf b/terraform/google/backup/google_dataproc_batch.tf
new file mode 100644
index 00000000..fe5390fa
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_batch.tf
@@ -0,0 +1 @@
+resource "google_dataproc_batch" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_cluster.tf b/terraform/google/backup/google_dataproc_cluster.tf
new file mode 100644
index 00000000..d2c717d6
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_cluster.tf
@@ -0,0 +1 @@
+resource "google_dataproc_cluster" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_cluster_iam_binding.tf b/terraform/google/backup/google_dataproc_cluster_iam_binding.tf
new file mode 100644
index 00000000..a974e1d0
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_cluster_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataproc_cluster_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_cluster_iam_member.tf b/terraform/google/backup/google_dataproc_cluster_iam_member.tf
new file mode 100644
index 00000000..c60d318e
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_cluster_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataproc_cluster_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_cluster_iam_policy.tf b/terraform/google/backup/google_dataproc_cluster_iam_policy.tf
new file mode 100644
index 00000000..df7f41fa
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_cluster_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_cluster_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_job.tf b/terraform/google/backup/google_dataproc_job.tf
new file mode 100644
index 00000000..fbc9b24a
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_job.tf
@@ -0,0 +1 @@
+resource "google_dataproc_job" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_job_iam_binding.tf b/terraform/google/backup/google_dataproc_job_iam_binding.tf
new file mode 100644
index 00000000..f90b9c67
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_job_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataproc_job_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_job_iam_member.tf b/terraform/google/backup/google_dataproc_job_iam_member.tf
new file mode 100644
index 00000000..e8c51c86
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_job_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataproc_job_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_job_iam_policy.tf b/terraform/google/backup/google_dataproc_job_iam_policy.tf
new file mode 100644
index 00000000..4b90ae22
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_job_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_job_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_database_iam_binding.tf b/terraform/google/backup/google_dataproc_metastore_database_iam_binding.tf
new file mode 100644
index 00000000..3fb4aa1c
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_database_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_database_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_database_iam_member.tf b/terraform/google/backup/google_dataproc_metastore_database_iam_member.tf
new file mode 100644
index 00000000..ad79e618
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_database_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_database_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_database_iam_policy.tf b/terraform/google/backup/google_dataproc_metastore_database_iam_policy.tf
new file mode 100644
index 00000000..cec2fbe7
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_database_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_database_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_federation_iam_binding.tf b/terraform/google/backup/google_dataproc_metastore_federation_iam_binding.tf
new file mode 100644
index 00000000..80fd801b
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_federation_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_federation_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_federation_iam_member.tf b/terraform/google/backup/google_dataproc_metastore_federation_iam_member.tf
new file mode 100644
index 00000000..2df69ccb
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_federation_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_federation_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_federation_iam_policy.tf b/terraform/google/backup/google_dataproc_metastore_federation_iam_policy.tf
new file mode 100644
index 00000000..a1748cff
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_federation_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_federation_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_service_iam_binding.tf b/terraform/google/backup/google_dataproc_metastore_service_iam_binding.tf
new file mode 100644
index 00000000..9b75a97b
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_service_iam_member.tf b/terraform/google/backup/google_dataproc_metastore_service_iam_member.tf
new file mode 100644
index 00000000..b5f7abcd
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_service_iam_policy.tf b/terraform/google/backup/google_dataproc_metastore_service_iam_policy.tf
new file mode 100644
index 00000000..1eea1430
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_table_iam_binding.tf b/terraform/google/backup/google_dataproc_metastore_table_iam_binding.tf
new file mode 100644
index 00000000..771fadce
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_table_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_table_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_table_iam_member.tf b/terraform/google/backup/google_dataproc_metastore_table_iam_member.tf
new file mode 100644
index 00000000..204f7f41
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_table_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_table_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_metastore_table_iam_policy.tf b/terraform/google/backup/google_dataproc_metastore_table_iam_policy.tf
new file mode 100644
index 00000000..de5bee1b
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_metastore_table_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dataproc_metastore_table_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_session_template.tf b/terraform/google/backup/google_dataproc_session_template.tf
new file mode 100644
index 00000000..f5e9c215
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_session_template.tf
@@ -0,0 +1 @@
+resource "google_dataproc_session_template" "pike" {}
diff --git a/terraform/google/backup/google_dataproc_workflow_template.tf b/terraform/google/backup/google_dataproc_workflow_template.tf
new file mode 100644
index 00000000..3d18c3cd
--- /dev/null
+++ b/terraform/google/backup/google_dataproc_workflow_template.tf
@@ -0,0 +1 @@
+resource "google_dataproc_workflow_template" "pike" {}
diff --git a/terraform/google/backup/google_deployment_manager_deployment.tf b/terraform/google/backup/google_deployment_manager_deployment.tf
new file mode 100644
index 00000000..8c446331
--- /dev/null
+++ b/terraform/google/backup/google_deployment_manager_deployment.tf
@@ -0,0 +1 @@
+resource "google_deployment_manager_deployment" "pike" {}
diff --git a/terraform/google/backup/google_developer_connect_account_connector.tf b/terraform/google/backup/google_developer_connect_account_connector.tf
new file mode 100644
index 00000000..ef66e8a2
--- /dev/null
+++ b/terraform/google/backup/google_developer_connect_account_connector.tf
@@ -0,0 +1 @@
+resource "google_developer_connect_account_connector" "pike" {}
diff --git a/terraform/google/backup/google_developer_connect_connection.tf b/terraform/google/backup/google_developer_connect_connection.tf
new file mode 100644
index 00000000..ac312816
--- /dev/null
+++ b/terraform/google/backup/google_developer_connect_connection.tf
@@ -0,0 +1 @@
+resource "google_developer_connect_connection" "pike" {}
diff --git a/terraform/google/backup/google_developer_connect_git_repository_link.tf b/terraform/google/backup/google_developer_connect_git_repository_link.tf
new file mode 100644
index 00000000..3e6fef56
--- /dev/null
+++ b/terraform/google/backup/google_developer_connect_git_repository_link.tf
@@ -0,0 +1 @@
+resource "google_developer_connect_git_repository_link" "pike" {}
diff --git a/terraform/google/backup/google_dialogflow_agent.tf b/terraform/google/backup/google_dialogflow_agent.tf
new file mode 100644
index 00000000..d68bf192
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_agent.tf
@@ -0,0 +1 @@
+resource "google_dialogflow_agent" "pike" {}
diff --git a/terraform/google/backup/google_dialogflow_conversation_profile.tf b/terraform/google/backup/google_dialogflow_conversation_profile.tf
new file mode 100644
index 00000000..039f6169
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_conversation_profile.tf
@@ -0,0 +1 @@
+resource "google_dialogflow_conversation_profile" "pike" {}
diff --git a/terraform/google/backup/google_dialogflow_cx_agent.tf b/terraform/google/backup/google_dialogflow_cx_agent.tf
new file mode 100644
index 00000000..6a2f3278
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_agent.tf
@@ -0,0 +1,14 @@
+resource "google_dialogflow_cx_agent" "pike" {
+  display_name               = "dialogflowcx-agent"
+  location                   = "global"
+  default_language_code      = "en"
+  supported_language_codes   = ["fr", "de", "es"]
+  time_zone                  = "America/New_York"
+  description                = "Example description."
+  avatar_uri                 = "https://cloud.google.com/_static/images/cloud/icons/favicons/onecloud/super_cloud.png"
+  enable_stackdriver_logging = true
+  enable_spell_correction    = true
+  speech_to_text_settings {
+    enable_speech_adaptation = true
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_entity_type.tf b/terraform/google/backup/google_dialogflow_cx_entity_type.tf
new file mode 100644
index 00000000..47734c89
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_entity_type.tf
@@ -0,0 +1,14 @@
+resource "google_dialogflow_cx_entity_type" "pike" {
+  parent       = google_dialogflow_cx_agent.pike.id
+  display_name = "MyEntity"
+  kind         = "KIND_MAP"
+  entities {
+    value    = "value1"
+    synonyms = ["synonym1", "synonym2"]
+  }
+  entities {
+    value    = "value2"
+    synonyms = ["synonym3", "synonym4"]
+  }
+  enable_fuzzy_extraction = false
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_environment.tf b/terraform/google/backup/google_dialogflow_cx_environment.tf
new file mode 100644
index 00000000..f6c15951
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_environment.tf
@@ -0,0 +1,8 @@
+resource "google_dialogflow_cx_environment" "pike" {
+  parent       = google_dialogflow_cx_agent.pike.id
+  display_name = "Development"
+  description  = "Development Environment"
+  version_configs {
+    version = google_dialogflow_cx_version.version_1.id
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_flow.tf b/terraform/google/backup/google_dialogflow_cx_flow.tf
new file mode 100644
index 00000000..f18166e6
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_flow.tf
@@ -0,0 +1,4 @@
+resource "google_dialogflow_cx_flow" "pike" {
+  display_name = "pike"
+  parent       = google_dialogflow_cx_agent.pike.id
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_generative_settings.tf b/terraform/google/backup/google_dialogflow_cx_generative_settings.tf
new file mode 100644
index 00000000..9de224b5
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_generative_settings.tf
@@ -0,0 +1,36 @@
+resource "google_dialogflow_cx_generative_settings" "pike" {
+  parent = google_dialogflow_cx_agent.pike.id
+
+  fallback_settings {
+    selected_prompt = "example prompt"
+    prompt_templates {
+      display_name = "example prompt"
+      prompt_text  = "example prompt text"
+      frozen       = false
+    }
+  }
+
+  generative_safety_settings {
+    default_banned_phrase_match_strategy = "PARTIAL_MATCH"
+    banned_phrases {
+      text          = "example text"
+      language_code = "en"
+    }
+  }
+
+  knowledge_connector_settings {
+    business                    = "example business"
+    agent                       = "example agent"
+    agent_identity              = "virtual agent"
+    business_description        = "a family company selling freshly roasted coffee beans"
+    agent_scope                 = "Example company website"
+    disable_data_store_fallback = false
+  }
+
+  language_code = "en"
+
+  llm_model_settings {
+    model       = "gemini-2.0-flash-001"
+    prompt_text = "example prompt text"
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_generator.tf b/terraform/google/backup/google_dialogflow_cx_generator.tf
new file mode 100644
index 00000000..1aff992c
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_generator.tf
@@ -0,0 +1,15 @@
+resource "google_dialogflow_cx_generator" "pike" {
+  parent        = google_dialogflow_cx_agent.pike.id
+  language_code = "fr"
+  display_name  = "TF Prompt generator"
+  llm_model_settings {
+    model       = "gemini-2.0-flash-001"
+    prompt_text = "Return me some great results"
+  }
+  prompt_text {
+    text = "Send me great results in french"
+  }
+  model_parameter {
+    temperature = 0.55
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_intent.tf b/terraform/google/backup/google_dialogflow_cx_intent.tf
new file mode 100644
index 00000000..58749100
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_intent.tf
@@ -0,0 +1,31 @@
+resource "google_dialogflow_cx_intent" "pike" {
+  parent       = google_dialogflow_cx_agent.pike.id
+  display_name = "Example"
+  priority     = 1
+  description  = "Intent example"
+  training_phrases {
+    parts {
+      text = "training"
+    }
+
+    parts {
+      text = "phrase"
+    }
+
+    parts {
+      text = "example"
+    }
+
+    repeat_count = 1
+  }
+
+  parameters {
+    id          = "param1"
+    entity_type = "projects/-/locations/-/agents/-/entityTypes/sys.date"
+  }
+
+  labels = {
+    label1 = "value1",
+    label2 = "value2"
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_page.tf b/terraform/google/backup/google_dialogflow_cx_page.tf
new file mode 100644
index 00000000..37d2214f
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_page.tf
@@ -0,0 +1,660 @@
+
+resource "google_dialogflow_cx_page" "basic_page" {
+  parent       = google_dialogflow_cx_agent.pike.start_flow
+  display_name = "MyPage"
+
+  entry_fulfillment {
+    messages {
+      channel = "some-channel"
+      text {
+        text = ["Welcome to page"]
+      }
+    }
+    messages {
+      payload = <<EOF
+        {"some-key": "some-value", "other-key": ["other-value"]}
+      EOF
+    }
+    messages {
+      conversation_success {
+        metadata = <<EOF
+          {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+        EOF
+      }
+    }
+    messages {
+      output_audio_text {
+        text = "some output text"
+      }
+    }
+    messages {
+      output_audio_text {
+        ssml = <<EOF
+          <speak>Some example <say-as interpret-as="characters">SSML XML</say-as></speak>
+        EOF
+      }
+    }
+    messages {
+      live_agent_handoff {
+        metadata = <<EOF
+          {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+        EOF
+      }
+    }
+    messages {
+      play_audio {
+        audio_uri = "http://example.com/some-audio-file.mp3"
+      }
+    }
+    messages {
+      telephony_transfer_call {
+        phone_number = "1-234-567-8901"
+      }
+    }
+
+    set_parameter_actions {
+      parameter = "some-param"
+      value     = "123.45"
+    }
+    set_parameter_actions {
+      parameter = "another-param"
+      value     = jsonencode("abc")
+    }
+    set_parameter_actions {
+      parameter = "other-param"
+      value     = jsonencode(["foo"])
+    }
+
+    conditional_cases {
+      cases = jsonencode([
+        {
+          condition = "$sys.func.RAND() < 0.5",
+          caseContent = [
+            {
+              message = { text = { text = ["First case"] } }
+            },
+            {
+              additionalCases = {
+                cases = [
+                  {
+                    condition = "$sys.func.RAND() < 0.2"
+                    caseContent = [
+                      {
+                        message = { text = { text = ["Nested case"] } }
+                      }
+                    ]
+                  }
+                ]
+              }
+            }
+          ]
+        },
+        {
+          caseContent = [
+            {
+              message = { text = { text = ["Final case"] } }
+            }
+          ]
+        },
+      ])
+    }
+  }
+
+  event_handlers {
+    event = "some-event"
+    trigger_fulfillment {
+      return_partial_responses = true
+      messages {
+        channel = "some-channel"
+        text {
+          text = ["Some text"]
+        }
+      }
+      messages {
+        payload = <<EOF
+          {"some-key": "some-value", "other-key": ["other-value"]}
+        EOF
+      }
+      messages {
+        conversation_success {
+          metadata = <<EOF
+            {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+          EOF
+        }
+      }
+      messages {
+        output_audio_text {
+          text = "some output text"
+        }
+      }
+      messages {
+        output_audio_text {
+          ssml = <<EOF
+            <speak>Some example <say-as interpret-as="characters">SSML XML</say-as></speak>
+          EOF
+        }
+      }
+      messages {
+        live_agent_handoff {
+          metadata = <<EOF
+            {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+          EOF
+        }
+      }
+      messages {
+        play_audio {
+          audio_uri = "http://example.com/some-audio-file.mp3"
+        }
+      }
+      messages {
+        telephony_transfer_call {
+          phone_number = "1-234-567-8901"
+        }
+      }
+
+      set_parameter_actions {
+        parameter = "some-param"
+        value     = "123.45"
+      }
+      set_parameter_actions {
+        parameter = "another-param"
+        value     = jsonencode("abc")
+      }
+      set_parameter_actions {
+        parameter = "other-param"
+        value     = jsonencode(["foo"])
+      }
+
+      conditional_cases {
+        cases = jsonencode([
+          {
+            condition = "$sys.func.RAND() < 0.5",
+            caseContent = [
+              {
+                message = { text = { text = ["First case"] } }
+              },
+              {
+                additionalCases = {
+                  cases = [
+                    {
+                      condition = "$sys.func.RAND() < 0.2"
+                      caseContent = [
+                        {
+                          message = { text = { text = ["Nested case"] } }
+                        }
+                      ]
+                    }
+                  ]
+                }
+              }
+            ]
+          },
+          {
+            caseContent = [
+              {
+                message = { text = { text = ["Final case"] } }
+              }
+            ]
+          },
+        ])
+      }
+    }
+  }
+
+  form {
+    parameters {
+      display_name  = "param1"
+      entity_type   = "projects/-/locations/-/agents/-/entityTypes/sys.date"
+      default_value = jsonencode("2000-01-01")
+      fill_behavior {
+        initial_prompt_fulfillment {
+          messages {
+            channel = "some-channel"
+            text {
+              text = ["Please provide param1"]
+            }
+          }
+          messages {
+            payload = <<EOF
+              {"some-key": "some-value", "other-key": ["other-value"]}
+            EOF
+          }
+          messages {
+            conversation_success {
+              metadata = <<EOF
+                {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+              EOF
+            }
+          }
+          messages {
+            output_audio_text {
+              text = "some output text"
+            }
+          }
+          messages {
+            output_audio_text {
+              ssml = <<EOF
+                <speak>Some example <say-as interpret-as="characters">SSML XML</say-as></speak>
+              EOF
+            }
+          }
+          messages {
+            live_agent_handoff {
+              metadata = <<EOF
+                {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+              EOF
+            }
+          }
+          messages {
+            play_audio {
+              audio_uri = "http://example.com/some-audio-file.mp3"
+            }
+          }
+          messages {
+            telephony_transfer_call {
+              phone_number = "1-234-567-8901"
+            }
+          }
+
+          set_parameter_actions {
+            parameter = "some-param"
+            value     = "123.45"
+          }
+          set_parameter_actions {
+            parameter = "another-param"
+            value     = jsonencode("abc")
+          }
+          set_parameter_actions {
+            parameter = "other-param"
+            value     = jsonencode(["foo"])
+          }
+
+          conditional_cases {
+            cases = jsonencode([
+              {
+                condition = "$sys.func.RAND() < 0.5",
+                caseContent = [
+                  {
+                    message = { text = { text = ["First case"] } }
+                  },
+                  {
+                    additionalCases = {
+                      cases = [
+                        {
+                          condition = "$sys.func.RAND() < 0.2"
+                          caseContent = [
+                            {
+                              message = { text = { text = ["Nested case"] } }
+                            }
+                          ]
+                        }
+                      ]
+                    }
+                  }
+                ]
+              },
+              {
+                caseContent = [
+                  {
+                    message = { text = { text = ["Final case"] } }
+                  }
+                ]
+              },
+            ])
+          }
+        }
+        reprompt_event_handlers {
+          event = "sys.no-match-1"
+          trigger_fulfillment {
+            return_partial_responses = true
+            webhook                  = google_dialogflow_cx_webhook.pike.id
+            tag                      = "some-tag"
+
+            messages {
+              channel = "some-channel"
+              text {
+                text = ["Please provide param1"]
+              }
+            }
+            messages {
+              payload = <<EOF
+                {"some-key": "some-value", "other-key": ["other-value"]}
+              EOF
+            }
+            messages {
+              conversation_success {
+                metadata = <<EOF
+                  {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+                EOF
+              }
+            }
+            messages {
+              output_audio_text {
+                text = "some output text"
+              }
+            }
+            messages {
+              output_audio_text {
+                ssml = <<EOF
+                  <speak>Some example <say-as interpret-as="characters">SSML XML</say-as></speak>
+                EOF
+              }
+            }
+            messages {
+              live_agent_handoff {
+                metadata = <<EOF
+                  {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+                EOF
+              }
+            }
+            messages {
+              play_audio {
+                audio_uri = "http://example.com/some-audio-file.mp3"
+              }
+            }
+            messages {
+              telephony_transfer_call {
+                phone_number = "1-234-567-8901"
+              }
+            }
+
+            set_parameter_actions {
+              parameter = "some-param"
+              value     = "123.45"
+            }
+            set_parameter_actions {
+              parameter = "another-param"
+              value     = jsonencode("abc")
+            }
+            set_parameter_actions {
+              parameter = "other-param"
+              value     = jsonencode(["foo"])
+            }
+
+            conditional_cases {
+              cases = jsonencode([
+                {
+                  condition = "$sys.func.RAND() < 0.5",
+                  caseContent = [
+                    {
+                      message = { text = { text = ["First case"] } }
+                    },
+                    {
+                      additionalCases = {
+                        cases = [
+                          {
+                            condition = "$sys.func.RAND() < 0.2"
+                            caseContent = [
+                              {
+                                message = { text = { text = ["Nested case"] } }
+                              }
+                            ]
+                          }
+                        ]
+                      }
+                    }
+                  ]
+                },
+                {
+                  caseContent = [
+                    {
+                      message = { text = { text = ["Final case"] } }
+                    }
+                  ]
+                },
+              ])
+            }
+          }
+        }
+        reprompt_event_handlers {
+          event       = "sys.no-match-2"
+          target_flow = google_dialogflow_cx_agent.pike.start_flow
+        }
+        reprompt_event_handlers {
+          event       = "sys.no-match-3"
+          target_page = google_dialogflow_cx_page.my_page2.id
+        }
+      }
+      required = "true"
+      redact   = "true"
+      advanced_settings {
+        dtmf_settings {
+          enabled      = true
+          max_digits   = 1
+          finish_digit = "#"
+        }
+      }
+    }
+  }
+
+  transition_routes {
+    condition = "$page.params.status = 'FINAL'"
+    trigger_fulfillment {
+      messages {
+        channel = "some-channel"
+        text {
+          text = ["information completed, navigating to page 2"]
+        }
+      }
+      messages {
+        payload = <<EOF
+          {"some-key": "some-value", "other-key": ["other-value"]}
+        EOF
+      }
+      messages {
+        conversation_success {
+          metadata = <<EOF
+            {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+          EOF
+        }
+      }
+      messages {
+        output_audio_text {
+          text = "some output text"
+        }
+      }
+      messages {
+        output_audio_text {
+          ssml = <<EOF
+            <speak>Some example <say-as interpret-as="characters">SSML XML</say-as></speak>
+          EOF
+        }
+      }
+      messages {
+        live_agent_handoff {
+          metadata = <<EOF
+            {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+          EOF
+        }
+      }
+      messages {
+        play_audio {
+          audio_uri = "http://example.com/some-audio-file.mp3"
+        }
+      }
+      messages {
+        telephony_transfer_call {
+          phone_number = "1-234-567-8901"
+        }
+      }
+
+      set_parameter_actions {
+        parameter = "some-param"
+        value     = "123.45"
+      }
+      set_parameter_actions {
+        parameter = "another-param"
+        value     = jsonencode("abc")
+      }
+      set_parameter_actions {
+        parameter = "other-param"
+        value     = jsonencode(["foo"])
+      }
+
+      conditional_cases {
+        cases = jsonencode([
+          {
+            condition = "$sys.func.RAND() < 0.5",
+            caseContent = [
+              {
+                message = { text = { text = ["First case"] } }
+              },
+              {
+                additionalCases = {
+                  cases = [
+                    {
+                      condition = "$sys.func.RAND() < 0.2"
+                      caseContent = [
+                        {
+                          message = { text = { text = ["Nested case"] } }
+                        }
+                      ]
+                    }
+                  ]
+                }
+              }
+            ]
+          },
+          {
+            caseContent = [
+              {
+                message = { text = { text = ["Final case"] } }
+              }
+            ]
+          },
+        ])
+      }
+    }
+    target_page = google_dialogflow_cx_page.my_page2.id
+  }
+
+  advanced_settings {
+    dtmf_settings {
+      enabled      = true
+      max_digits   = 1
+      finish_digit = "#"
+    }
+  }
+  knowledge_connector_settings {
+    enabled = true
+    trigger_fulfillment {
+      messages {
+        channel = "some-channel"
+        knowledge_info_card {}
+      }
+      messages {
+        channel = "some-channel"
+        text {
+          text = ["information completed, navigating to page 2"]
+        }
+      }
+      messages {
+        payload = <<EOF
+          {"some-key": "some-value", "other-key": ["other-value"]}
+        EOF
+      }
+      messages {
+        conversation_success {
+          metadata = <<EOF
+            {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+          EOF
+        }
+      }
+      messages {
+        output_audio_text {
+          text = "some output text"
+        }
+      }
+      messages {
+        output_audio_text {
+          ssml = <<EOF
+            <speak>Some example <say-as interpret-as="characters">SSML XML</say-as></speak>
+          EOF
+        }
+      }
+      messages {
+        live_agent_handoff {
+          metadata = <<EOF
+            {"some-metadata-key": "some-value", "other-metadata-key": 1234}
+          EOF
+        }
+      }
+      messages {
+        play_audio {
+          audio_uri = "http://example.com/some-audio-file.mp3"
+        }
+      }
+      messages {
+        telephony_transfer_call {
+          phone_number = "1-234-567-8902"
+        }
+      }
+      webhook                  = google_dialogflow_cx_webhook.pike.id
+      return_partial_responses = true
+      tag                      = "some-tag"
+      set_parameter_actions {
+        parameter = "some-param"
+        value     = "123.45"
+      }
+      conditional_cases {
+        cases = jsonencode([
+          {
+            condition = "$sys.func.RAND() < 0.5",
+            caseContent = [
+              {
+                message = { text = { text = ["First case"] } }
+              }
+            ]
+          },
+          {
+            caseContent = [
+              {
+                message = { text = { text = ["Final case"] } }
+              }
+            ]
+          },
+        ])
+      }
+      advanced_settings {
+        speech_settings {
+          endpointer_sensitivity        = 30
+          no_speech_timeout             = "3.500s"
+          use_timeout_based_endpointing = true
+          models = {
+            name : "wrench"
+            mass : "1.3kg"
+            count : "3"
+          }
+        }
+        dtmf_settings {
+          enabled                      = true
+          max_digits                   = 1
+          finish_digit                 = "#"
+          interdigit_timeout_duration  = "3.500s"
+          endpointing_timeout_duration = "3.500s"
+        }
+        logging_settings {
+          enable_stackdriver_logging     = true
+          enable_interaction_logging     = true
+          enable_consent_based_redaction = true
+        }
+      }
+      enable_generative_fallback = true
+    }
+    data_store_connections {
+      data_store_type          = "PUBLIC_WEB"
+      data_store               = "projects/${data.google_project.project.number}/locations/${google_dialogflow_cx_agent.pike.location}/collections/default_collection/dataStores/datastore-page-full"
+      document_processing_mode = "CHUNKS"
+    }
+    target_page = google_dialogflow_cx_page.my_page2.id
+  }
+}
+
+resource "google_dialogflow_cx_page" "my_page2" {
+  parent       = google_dialogflow_cx_agent.pike.start_flow
+  display_name = "MyPage2"
+}
+
+data "google_project" "project" {
+
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_playbook.tf b/terraform/google/backup/google_dialogflow_cx_playbook.tf
new file mode 100644
index 00000000..9cc5b730
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_playbook.tf
@@ -0,0 +1,36 @@
+resource "google_dialogflow_cx_playbook" "pike" {
+  parent        = google_dialogflow_cx_agent.pike.id
+  display_name  = "Example Display Name"
+  goal          = "Example Goal"
+  playbook_type = "ROUTINE"
+  instruction {
+    steps {
+      text = "step 1"
+      steps = jsonencode([
+        {
+          "text" : "step 1 1"
+        },
+        {
+          "text" : "step 1 2",
+          "steps" : [
+            {
+              "text" : "step 1 2 1"
+            },
+            {
+              "text" : "step 1 2 2"
+            }
+          ]
+        },
+        {
+          "text" : "step 1 3"
+        }
+      ])
+    }
+    steps {
+      text = "step 2"
+    }
+    steps {
+      text = "step 3"
+    }
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_security_settings.tf b/terraform/google/backup/google_dialogflow_cx_security_settings.tf
new file mode 100644
index 00000000..9556599f
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_security_settings.tf
@@ -0,0 +1,6 @@
+resource "google_dialogflow_cx_security_settings" "pike" {
+  display_name          = "dialogflowcx-security-settings"
+  location              = "global"
+  purge_data_types      = []
+  retention_window_days = 7
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_tool.tf b/terraform/google/backup/google_dialogflow_cx_tool.tf
new file mode 100644
index 00000000..465d460f
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_tool.tf
@@ -0,0 +1,70 @@
+resource "google_dialogflow_cx_tool" "pike" {
+  parent       = google_dialogflow_cx_agent.pike.id
+  display_name = "Example Open API Tool"
+  description  = "Example Description"
+  open_api_spec {
+    authentication {
+      oauth_config {
+        oauth_grant_type = "CLIENT_CREDENTIAL"
+        client_id        = "example client ID"
+        client_secret    = "example client secret"
+        scopes = [
+          "example scope"
+        ]
+        secret_version_for_client_secret = "projects/-/secrets/-/versions/-"
+        token_endpoint                   = "https://example.com/oauth/token"
+      }
+    }
+    tls_config {
+      ca_certs {
+        display_name = "example ca cert name"
+        cert         = base64encode("example cert")
+      }
+    }
+    service_directory_config {
+      service = "projects/-/locations/-/namespaces/-/services/-"
+    }
+    text_schema = <<EOF
+    {
+      "openapi": "3.0.0",
+      "info": {
+        "title": "Time API",
+        "version": "1.0.0",
+        "description": "A simple API to get the current time."
+      },
+      "servers": [
+        {
+          "url": "https://example-api-endpoint.com"
+        }
+      ],
+      "paths": {
+        "/time": {
+          "get": {
+            "operationId": "getCurrentTime",
+            "summary": "Gets the current server time.",
+            "responses": {
+              "200": {
+                "description": "Successful response with the current time.",
+                "content": {
+                  "application/json": {
+                    "schema": {
+                      "type": "object",
+                      "properties": {
+                        "currentTime": {
+                          "type": "string",
+                          "format": "date-time",
+                          "description": "The current time in ISO 8601 format."
+                        }
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+    EOF
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_version.tf b/terraform/google/backup/google_dialogflow_cx_version.tf
new file mode 100644
index 00000000..d9965959
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_version.tf
@@ -0,0 +1,5 @@
+resource "google_dialogflow_cx_version" "version_1" {
+  parent       = google_dialogflow_cx_agent.pike.start_flow
+  display_name = "1.0.0"
+  description  = "version 1.0.0"
+}
diff --git a/terraform/google/backup/google_dialogflow_cx_webhook.tf b/terraform/google/backup/google_dialogflow_cx_webhook.tf
new file mode 100644
index 00000000..37c20596
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_cx_webhook.tf
@@ -0,0 +1,26 @@
+resource "google_dialogflow_cx_webhook" "pike" {
+  parent       = google_dialogflow_cx_agent.pike.id
+  display_name = "MyFlow"
+  generic_web_service {
+    allowed_ca_certs = ["BQA="]
+    uri              = "https://example.com"
+    request_headers  = { "example-key" : "example-value" }
+    webhook_type     = "STANDARD"
+    oauth_config {
+      client_id                        = "example-client-id"
+      secret_version_for_client_secret = "projects/example-proj/secrets/example-secret/versions/example-version"
+      token_endpoint                   = "https://example.com"
+      scopes                           = ["example-scope"]
+    }
+    service_agent_auth                   = "NONE"
+    secret_version_for_username_password = "projects/example-proj/secrets/example-secret/versions/example-version"
+    secret_versions_for_request_headers {
+      key            = "example-key-1"
+      secret_version = "projects/example-proj/secrets/example-secret/versions/example-version"
+    }
+    secret_versions_for_request_headers {
+      key            = "example-key-2"
+      secret_version = "projects/example-proj/secrets/example-secret/versions/example-version-2"
+    }
+  }
+}
diff --git a/terraform/google/backup/google_dialogflow_encryption_spec.tf b/terraform/google/backup/google_dialogflow_encryption_spec.tf
new file mode 100644
index 00000000..eb7f9379
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_encryption_spec.tf
@@ -0,0 +1 @@
+resource "google_dialogflow_encryption_spec" "pike" {}
diff --git a/terraform/google/backup/google_dialogflow_entity_type.tf b/terraform/google/backup/google_dialogflow_entity_type.tf
new file mode 100644
index 00000000..5123ea01
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_entity_type.tf
@@ -0,0 +1 @@
+resource "google_dialogflow_entity_type" "pike" {}
diff --git a/terraform/google/backup/google_dialogflow_fulfillment.tf b/terraform/google/backup/google_dialogflow_fulfillment.tf
new file mode 100644
index 00000000..81dd7a74
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_fulfillment.tf
@@ -0,0 +1 @@
+resource "google_dialogflow_fulfillment" "pike" {}
diff --git a/terraform/google/backup/google_dialogflow_intent.tf b/terraform/google/backup/google_dialogflow_intent.tf
new file mode 100644
index 00000000..3f067dd3
--- /dev/null
+++ b/terraform/google/backup/google_dialogflow_intent.tf
@@ -0,0 +1 @@
+resource "google_dialogflow_intent" "pike" {}
diff --git a/terraform/google/backup/google_dns_managed_zone_iam_binding.tf b/terraform/google/backup/google_dns_managed_zone_iam_binding.tf
new file mode 100644
index 00000000..45c15523
--- /dev/null
+++ b/terraform/google/backup/google_dns_managed_zone_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_dns_managed_zone_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_dns_managed_zone_iam_member.tf b/terraform/google/backup/google_dns_managed_zone_iam_member.tf
new file mode 100644
index 00000000..bc526b7d
--- /dev/null
+++ b/terraform/google/backup/google_dns_managed_zone_iam_member.tf
@@ -0,0 +1 @@
+resource "google_dns_managed_zone_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_dns_managed_zone_iam_policy.tf b/terraform/google/backup/google_dns_managed_zone_iam_policy.tf
new file mode 100644
index 00000000..499501de
--- /dev/null
+++ b/terraform/google/backup/google_dns_managed_zone_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_dns_managed_zone_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_edgecontainer_cluster.tf b/terraform/google/backup/google_edgecontainer_cluster.tf
new file mode 100644
index 00000000..932d4012
--- /dev/null
+++ b/terraform/google/backup/google_edgecontainer_cluster.tf
@@ -0,0 +1 @@
+resource "google_edgecontainer_cluster" "pike" {}
diff --git a/terraform/google/backup/google_edgecontainer_node_pool.tf b/terraform/google/backup/google_edgecontainer_node_pool.tf
new file mode 100644
index 00000000..836f112c
--- /dev/null
+++ b/terraform/google/backup/google_edgecontainer_node_pool.tf
@@ -0,0 +1 @@
+resource "google_edgecontainer_node_pool" "pike" {}
diff --git a/terraform/google/backup/google_edgecontainer_vpn_connection.tf b/terraform/google/backup/google_edgecontainer_vpn_connection.tf
new file mode 100644
index 00000000..ea4215c1
--- /dev/null
+++ b/terraform/google/backup/google_edgecontainer_vpn_connection.tf
@@ -0,0 +1 @@
+resource "google_edgecontainer_vpn_connection" "pike" {}
diff --git a/terraform/google/backup/google_edgenetwork_interconnect_attachment.tf b/terraform/google/backup/google_edgenetwork_interconnect_attachment.tf
new file mode 100644
index 00000000..63d91754
--- /dev/null
+++ b/terraform/google/backup/google_edgenetwork_interconnect_attachment.tf
@@ -0,0 +1 @@
+resource "google_edgenetwork_interconnect_attachment" "pike" {}
diff --git a/terraform/google/backup/google_edgenetwork_network.tf b/terraform/google/backup/google_edgenetwork_network.tf
new file mode 100644
index 00000000..96de2c9f
--- /dev/null
+++ b/terraform/google/backup/google_edgenetwork_network.tf
@@ -0,0 +1 @@
+resource "google_edgenetwork_network" "pike" {}
diff --git a/terraform/google/backup/google_edgenetwork_subnet.tf b/terraform/google/backup/google_edgenetwork_subnet.tf
new file mode 100644
index 00000000..9698bdd3
--- /dev/null
+++ b/terraform/google/backup/google_edgenetwork_subnet.tf
@@ -0,0 +1 @@
+resource "google_edgenetwork_subnet" "pike" {}
diff --git a/terraform/google/backup/google_endpoints_service_consumers_iam_binding.tf b/terraform/google/backup/google_endpoints_service_consumers_iam_binding.tf
new file mode 100644
index 00000000..5704b955
--- /dev/null
+++ b/terraform/google/backup/google_endpoints_service_consumers_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_endpoints_service_consumers_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_endpoints_service_consumers_iam_member.tf b/terraform/google/backup/google_endpoints_service_consumers_iam_member.tf
new file mode 100644
index 00000000..5fc39194
--- /dev/null
+++ b/terraform/google/backup/google_endpoints_service_consumers_iam_member.tf
@@ -0,0 +1 @@
+resource "google_endpoints_service_consumers_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_endpoints_service_consumers_iam_policy.tf b/terraform/google/backup/google_endpoints_service_consumers_iam_policy.tf
new file mode 100644
index 00000000..89feedbd
--- /dev/null
+++ b/terraform/google/backup/google_endpoints_service_consumers_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_endpoints_service_consumers_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_endpoints_service_iam_binding.tf b/terraform/google/backup/google_endpoints_service_iam_binding.tf
new file mode 100644
index 00000000..e72471e0
--- /dev/null
+++ b/terraform/google/backup/google_endpoints_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_endpoints_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_endpoints_service_iam_member.tf b/terraform/google/backup/google_endpoints_service_iam_member.tf
new file mode 100644
index 00000000..902255ab
--- /dev/null
+++ b/terraform/google/backup/google_endpoints_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_endpoints_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_endpoints_service_iam_policy.tf b/terraform/google/backup/google_endpoints_service_iam_policy.tf
new file mode 100644
index 00000000..88d947f0
--- /dev/null
+++ b/terraform/google/backup/google_endpoints_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_endpoints_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_eventarc_channel.tf b/terraform/google/backup/google_eventarc_channel.tf
new file mode 100644
index 00000000..11a5fb8f
--- /dev/null
+++ b/terraform/google/backup/google_eventarc_channel.tf
@@ -0,0 +1 @@
+resource "google_eventarc_channel" "pike" {}
diff --git a/terraform/google/backup/google_eventarc_enrollment.tf b/terraform/google/backup/google_eventarc_enrollment.tf
new file mode 100644
index 00000000..86f4d627
--- /dev/null
+++ b/terraform/google/backup/google_eventarc_enrollment.tf
@@ -0,0 +1 @@
+resource "google_eventarc_enrollment" "pike" {}
diff --git a/terraform/google/backup/google_eventarc_google_api_source.tf b/terraform/google/backup/google_eventarc_google_api_source.tf
new file mode 100644
index 00000000..f78f2fb5
--- /dev/null
+++ b/terraform/google/backup/google_eventarc_google_api_source.tf
@@ -0,0 +1 @@
+resource "google_eventarc_google_api_source" "pike" {}
diff --git a/terraform/google/backup/google_eventarc_google_channel_config.tf b/terraform/google/backup/google_eventarc_google_channel_config.tf
new file mode 100644
index 00000000..1dbb9459
--- /dev/null
+++ b/terraform/google/backup/google_eventarc_google_channel_config.tf
@@ -0,0 +1 @@
+resource "google_eventarc_google_channel_config" "pike" {}
diff --git a/terraform/google/backup/google_eventarc_message_bus.tf b/terraform/google/backup/google_eventarc_message_bus.tf
new file mode 100644
index 00000000..8b233318
--- /dev/null
+++ b/terraform/google/backup/google_eventarc_message_bus.tf
@@ -0,0 +1 @@
+resource "google_eventarc_message_bus" "pike" {}
diff --git a/terraform/google/backup/google_eventarc_pipeline.tf b/terraform/google/backup/google_eventarc_pipeline.tf
new file mode 100644
index 00000000..b5157930
--- /dev/null
+++ b/terraform/google/backup/google_eventarc_pipeline.tf
@@ -0,0 +1 @@
+resource "google_eventarc_pipeline" "pike" {}
diff --git a/terraform/google/backup/google_eventarc_trigger.tf b/terraform/google/backup/google_eventarc_trigger.tf
new file mode 100644
index 00000000..e7f40482
--- /dev/null
+++ b/terraform/google/backup/google_eventarc_trigger.tf
@@ -0,0 +1 @@
+resource "google_eventarc_trigger" "pike" {}
diff --git a/terraform/google/backup/google_folder_iam_binding.tf b/terraform/google/backup/google_folder_iam_binding.tf
new file mode 100644
index 00000000..bab12b3c
--- /dev/null
+++ b/terraform/google/backup/google_folder_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_folder_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_folder_iam_member.tf b/terraform/google/backup/google_folder_iam_member.tf
new file mode 100644
index 00000000..dd9df8b7
--- /dev/null
+++ b/terraform/google/backup/google_folder_iam_member.tf
@@ -0,0 +1 @@
+resource "google_folder_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_folder_iam_policy.tf b/terraform/google/backup/google_folder_iam_policy.tf
new file mode 100644
index 00000000..079ecf6c
--- /dev/null
+++ b/terraform/google/backup/google_folder_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_folder_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_gemini_code_repository_index.tf b/terraform/google/backup/google_gemini_code_repository_index.tf
new file mode 100644
index 00000000..026330be
--- /dev/null
+++ b/terraform/google/backup/google_gemini_code_repository_index.tf
@@ -0,0 +1 @@
+resource "google_gemini_code_repository_index" "pike" {}
diff --git a/terraform/google/backup/google_gemini_code_tools_setting.tf b/terraform/google/backup/google_gemini_code_tools_setting.tf
new file mode 100644
index 00000000..9ce6b776
--- /dev/null
+++ b/terraform/google/backup/google_gemini_code_tools_setting.tf
@@ -0,0 +1 @@
+resource "google_gemini_code_tools_setting" "pike" {}
diff --git a/terraform/google/backup/google_gemini_code_tools_setting_binding.tf b/terraform/google/backup/google_gemini_code_tools_setting_binding.tf
new file mode 100644
index 00000000..07f71a46
--- /dev/null
+++ b/terraform/google/backup/google_gemini_code_tools_setting_binding.tf
@@ -0,0 +1 @@
+resource "google_gemini_code_tools_setting_binding" "pike" {}
diff --git a/terraform/google/backup/google_gemini_data_sharing_with_google_setting.tf b/terraform/google/backup/google_gemini_data_sharing_with_google_setting.tf
new file mode 100644
index 00000000..578c6c56
--- /dev/null
+++ b/terraform/google/backup/google_gemini_data_sharing_with_google_setting.tf
@@ -0,0 +1 @@
+resource "google_gemini_data_sharing_with_google_setting" "pike" {}
diff --git a/terraform/google/backup/google_gemini_data_sharing_with_google_setting_binding.tf b/terraform/google/backup/google_gemini_data_sharing_with_google_setting_binding.tf
new file mode 100644
index 00000000..a2424373
--- /dev/null
+++ b/terraform/google/backup/google_gemini_data_sharing_with_google_setting_binding.tf
@@ -0,0 +1 @@
+resource "google_gemini_data_sharing_with_google_setting_binding" "pike" {}
diff --git a/terraform/google/backup/google_gemini_gemini_gcp_enablement_setting.tf b/terraform/google/backup/google_gemini_gemini_gcp_enablement_setting.tf
new file mode 100644
index 00000000..ece968ad
--- /dev/null
+++ b/terraform/google/backup/google_gemini_gemini_gcp_enablement_setting.tf
@@ -0,0 +1 @@
+resource "google_gemini_gemini_gcp_enablement_setting" "pike" {}
diff --git a/terraform/google/backup/google_gemini_gemini_gcp_enablement_setting_binding.tf b/terraform/google/backup/google_gemini_gemini_gcp_enablement_setting_binding.tf
new file mode 100644
index 00000000..d39ed9c2
--- /dev/null
+++ b/terraform/google/backup/google_gemini_gemini_gcp_enablement_setting_binding.tf
@@ -0,0 +1 @@
+resource "google_gemini_gemini_gcp_enablement_setting_binding" "pike" {}
diff --git a/terraform/google/backup/google_gemini_logging_setting.tf b/terraform/google/backup/google_gemini_logging_setting.tf
new file mode 100644
index 00000000..737c6ad5
--- /dev/null
+++ b/terraform/google/backup/google_gemini_logging_setting.tf
@@ -0,0 +1 @@
+resource "google_gemini_logging_setting" "pike" {}
diff --git a/terraform/google/backup/google_gemini_logging_setting_binding.tf b/terraform/google/backup/google_gemini_logging_setting_binding.tf
new file mode 100644
index 00000000..4dbe8c0c
--- /dev/null
+++ b/terraform/google/backup/google_gemini_logging_setting_binding.tf
@@ -0,0 +1 @@
+resource "google_gemini_logging_setting_binding" "pike" {}
diff --git a/terraform/google/backup/google_gemini_release_channel_setting.tf b/terraform/google/backup/google_gemini_release_channel_setting.tf
new file mode 100644
index 00000000..33baf40b
--- /dev/null
+++ b/terraform/google/backup/google_gemini_release_channel_setting.tf
@@ -0,0 +1 @@
+resource "google_gemini_release_channel_setting" "pike" {}
diff --git a/terraform/google/backup/google_gemini_release_channel_setting_binding.tf b/terraform/google/backup/google_gemini_release_channel_setting_binding.tf
new file mode 100644
index 00000000..ecc410b3
--- /dev/null
+++ b/terraform/google/backup/google_gemini_release_channel_setting_binding.tf
@@ -0,0 +1 @@
+resource "google_gemini_release_channel_setting_binding" "pike" {}
diff --git a/terraform/google/backup/google_gemini_repository_group.tf b/terraform/google/backup/google_gemini_repository_group.tf
new file mode 100644
index 00000000..b075d499
--- /dev/null
+++ b/terraform/google/backup/google_gemini_repository_group.tf
@@ -0,0 +1 @@
+resource "google_gemini_repository_group" "pike" {}
diff --git a/terraform/google/backup/google_gemini_repository_group_iam_binding.tf b/terraform/google/backup/google_gemini_repository_group_iam_binding.tf
new file mode 100644
index 00000000..363d77f4
--- /dev/null
+++ b/terraform/google/backup/google_gemini_repository_group_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_gemini_repository_group_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_gemini_repository_group_iam_member.tf b/terraform/google/backup/google_gemini_repository_group_iam_member.tf
new file mode 100644
index 00000000..24790279
--- /dev/null
+++ b/terraform/google/backup/google_gemini_repository_group_iam_member.tf
@@ -0,0 +1 @@
+resource "google_gemini_repository_group_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_gemini_repository_group_iam_policy.tf b/terraform/google/backup/google_gemini_repository_group_iam_policy.tf
new file mode 100644
index 00000000..a6e7f94a
--- /dev/null
+++ b/terraform/google/backup/google_gemini_repository_group_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_gemini_repository_group_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_gke_backup_backup_plan_iam_binding.tf b/terraform/google/backup/google_gke_backup_backup_plan_iam_binding.tf
new file mode 100644
index 00000000..ec7d5eaa
--- /dev/null
+++ b/terraform/google/backup/google_gke_backup_backup_plan_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_gke_backup_backup_plan_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_gke_backup_backup_plan_iam_member.tf b/terraform/google/backup/google_gke_backup_backup_plan_iam_member.tf
new file mode 100644
index 00000000..a0d37dcc
--- /dev/null
+++ b/terraform/google/backup/google_gke_backup_backup_plan_iam_member.tf
@@ -0,0 +1 @@
+resource "google_gke_backup_backup_plan_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_gke_backup_backup_plan_iam_policy.tf b/terraform/google/backup/google_gke_backup_backup_plan_iam_policy.tf
new file mode 100644
index 00000000..b7837041
--- /dev/null
+++ b/terraform/google/backup/google_gke_backup_backup_plan_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_gke_backup_backup_plan_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_gke_backup_restore_plan_iam_binding.tf b/terraform/google/backup/google_gke_backup_restore_plan_iam_binding.tf
new file mode 100644
index 00000000..ac91f42f
--- /dev/null
+++ b/terraform/google/backup/google_gke_backup_restore_plan_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_gke_backup_restore_plan_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_gke_backup_restore_plan_iam_member.tf b/terraform/google/backup/google_gke_backup_restore_plan_iam_member.tf
new file mode 100644
index 00000000..a0ff5422
--- /dev/null
+++ b/terraform/google/backup/google_gke_backup_restore_plan_iam_member.tf
@@ -0,0 +1 @@
+resource "google_gke_backup_restore_plan_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_gke_backup_restore_plan_iam_policy.tf b/terraform/google/backup/google_gke_backup_restore_plan_iam_policy.tf
new file mode 100644
index 00000000..29a35cd4
--- /dev/null
+++ b/terraform/google/backup/google_gke_backup_restore_plan_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_gke_backup_restore_plan_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_feature_iam_binding.tf b/terraform/google/backup/google_gke_hub_feature_iam_binding.tf
new file mode 100644
index 00000000..4323d803
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_feature_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_feature_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_feature_iam_member.tf b/terraform/google/backup/google_gke_hub_feature_iam_member.tf
new file mode 100644
index 00000000..bb95f911
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_feature_iam_member.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_feature_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_feature_iam_policy.tf b/terraform/google/backup/google_gke_hub_feature_iam_policy.tf
new file mode 100644
index 00000000..df94a1e3
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_feature_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_feature_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_membership_iam_binding.tf b/terraform/google/backup/google_gke_hub_membership_iam_binding.tf
new file mode 100644
index 00000000..d73def3c
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_membership_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_membership_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_membership_iam_member.tf b/terraform/google/backup/google_gke_hub_membership_iam_member.tf
new file mode 100644
index 00000000..1edf4966
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_membership_iam_member.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_membership_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_membership_iam_policy.tf b/terraform/google/backup/google_gke_hub_membership_iam_policy.tf
new file mode 100644
index 00000000..352d9160
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_membership_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_membership_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_scope_iam_binding.tf b/terraform/google/backup/google_gke_hub_scope_iam_binding.tf
new file mode 100644
index 00000000..daa00b8a
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_scope_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_scope_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_scope_iam_member.tf b/terraform/google/backup/google_gke_hub_scope_iam_member.tf
new file mode 100644
index 00000000..0a3e0ae0
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_scope_iam_member.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_scope_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_gke_hub_scope_iam_policy.tf b/terraform/google/backup/google_gke_hub_scope_iam_policy.tf
new file mode 100644
index 00000000..70807250
--- /dev/null
+++ b/terraform/google/backup/google_gke_hub_scope_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_gke_hub_scope_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_consent_store_iam_binding.tf b/terraform/google/backup/google_healthcare_consent_store_iam_binding.tf
new file mode 100644
index 00000000..8c96bdee
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_consent_store_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_healthcare_consent_store_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_consent_store_iam_member.tf b/terraform/google/backup/google_healthcare_consent_store_iam_member.tf
new file mode 100644
index 00000000..86235ad9
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_consent_store_iam_member.tf
@@ -0,0 +1 @@
+resource "google_healthcare_consent_store_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_consent_store_iam_policy.tf b/terraform/google/backup/google_healthcare_consent_store_iam_policy.tf
new file mode 100644
index 00000000..bb9ed3f7
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_consent_store_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_healthcare_consent_store_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_dataset_iam_binding.tf b/terraform/google/backup/google_healthcare_dataset_iam_binding.tf
new file mode 100644
index 00000000..b413e578
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_dataset_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_healthcare_dataset_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_dataset_iam_member.tf b/terraform/google/backup/google_healthcare_dataset_iam_member.tf
new file mode 100644
index 00000000..901c4a23
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_dataset_iam_member.tf
@@ -0,0 +1 @@
+resource "google_healthcare_dataset_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_dataset_iam_policy.tf b/terraform/google/backup/google_healthcare_dataset_iam_policy.tf
new file mode 100644
index 00000000..841f9f1a
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_dataset_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_healthcare_dataset_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_dicom_store_iam_binding.tf b/terraform/google/backup/google_healthcare_dicom_store_iam_binding.tf
new file mode 100644
index 00000000..e701f754
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_dicom_store_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_healthcare_dicom_store_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_dicom_store_iam_member.tf b/terraform/google/backup/google_healthcare_dicom_store_iam_member.tf
new file mode 100644
index 00000000..0ac4f222
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_dicom_store_iam_member.tf
@@ -0,0 +1 @@
+resource "google_healthcare_dicom_store_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_dicom_store_iam_policy.tf b/terraform/google/backup/google_healthcare_dicom_store_iam_policy.tf
new file mode 100644
index 00000000..612a71d6
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_dicom_store_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_healthcare_dicom_store_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_fhir_store_iam_binding.tf b/terraform/google/backup/google_healthcare_fhir_store_iam_binding.tf
new file mode 100644
index 00000000..bbbb8e47
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_fhir_store_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_healthcare_fhir_store_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_fhir_store_iam_member.tf b/terraform/google/backup/google_healthcare_fhir_store_iam_member.tf
new file mode 100644
index 00000000..e28f3399
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_fhir_store_iam_member.tf
@@ -0,0 +1 @@
+resource "google_healthcare_fhir_store_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_fhir_store_iam_policy.tf b/terraform/google/backup/google_healthcare_fhir_store_iam_policy.tf
new file mode 100644
index 00000000..2ac9b511
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_fhir_store_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_healthcare_fhir_store_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_hl7_v2_store_iam_binding.tf b/terraform/google/backup/google_healthcare_hl7_v2_store_iam_binding.tf
new file mode 100644
index 00000000..ad3dabfb
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_hl7_v2_store_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_healthcare_hl7_v2_store_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_hl7_v2_store_iam_member.tf b/terraform/google/backup/google_healthcare_hl7_v2_store_iam_member.tf
new file mode 100644
index 00000000..c6f77b58
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_hl7_v2_store_iam_member.tf
@@ -0,0 +1 @@
+resource "google_healthcare_hl7_v2_store_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_healthcare_hl7_v2_store_iam_policy.tf b/terraform/google/backup/google_healthcare_hl7_v2_store_iam_policy.tf
new file mode 100644
index 00000000..2199cbf6
--- /dev/null
+++ b/terraform/google/backup/google_healthcare_hl7_v2_store_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_healthcare_hl7_v2_store_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iam_workforce_pool.tf b/terraform/google/backup/google_iam_workforce_pool.tf
new file mode 100644
index 00000000..21a91fa3
--- /dev/null
+++ b/terraform/google/backup/google_iam_workforce_pool.tf
@@ -0,0 +1 @@
+resource "google_iam_workforce_pool" "pike" {}
diff --git a/terraform/google/backup/google_iam_workforce_pool_iam_binding.tf b/terraform/google/backup/google_iam_workforce_pool_iam_binding.tf
new file mode 100644
index 00000000..37267617
--- /dev/null
+++ b/terraform/google/backup/google_iam_workforce_pool_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iam_workforce_pool_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iam_workforce_pool_iam_member.tf b/terraform/google/backup/google_iam_workforce_pool_iam_member.tf
new file mode 100644
index 00000000..1bf5507a
--- /dev/null
+++ b/terraform/google/backup/google_iam_workforce_pool_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iam_workforce_pool_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iam_workforce_pool_iam_policy.tf b/terraform/google/backup/google_iam_workforce_pool_iam_policy.tf
new file mode 100644
index 00000000..6cb3f11e
--- /dev/null
+++ b/terraform/google/backup/google_iam_workforce_pool_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iam_workforce_pool_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iam_workforce_pool_provider.tf b/terraform/google/backup/google_iam_workforce_pool_provider.tf
new file mode 100644
index 00000000..3829b2df
--- /dev/null
+++ b/terraform/google/backup/google_iam_workforce_pool_provider.tf
@@ -0,0 +1 @@
+resource "google_iam_workforce_pool_provider" "pike" {}
diff --git a/terraform/google/backup/google_iam_workforce_pool_provider_key.tf b/terraform/google/backup/google_iam_workforce_pool_provider_key.tf
new file mode 100644
index 00000000..a71290e7
--- /dev/null
+++ b/terraform/google/backup/google_iam_workforce_pool_provider_key.tf
@@ -0,0 +1 @@
+resource "google_iam_workforce_pool_provider_key" "pike" {}
diff --git a/terraform/google/backup/google_iam_workload_identity_pool.tf b/terraform/google/backup/google_iam_workload_identity_pool.tf
new file mode 100644
index 00000000..b18ca770
--- /dev/null
+++ b/terraform/google/backup/google_iam_workload_identity_pool.tf
@@ -0,0 +1,6 @@
+resource "google_iam_workload_identity_pool" "pike" {
+  workload_identity_pool_id = "example-pike-pool2"
+  display_name              = "Name of pool"
+  description               = "Identity pool for automated test 2"
+  disabled                  = true
+}
diff --git a/terraform/google/backup/google_iam_workload_identity_pool_iam_binding.tf b/terraform/google/backup/google_iam_workload_identity_pool_iam_binding.tf
new file mode 100644
index 00000000..c1ca5163
--- /dev/null
+++ b/terraform/google/backup/google_iam_workload_identity_pool_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iam_workload_identity_pool_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iam_workload_identity_pool_iam_member.tf b/terraform/google/backup/google_iam_workload_identity_pool_iam_member.tf
new file mode 100644
index 00000000..d8e9e0a5
--- /dev/null
+++ b/terraform/google/backup/google_iam_workload_identity_pool_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iam_workload_identity_pool_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iam_workload_identity_pool_iam_policy.tf b/terraform/google/backup/google_iam_workload_identity_pool_iam_policy.tf
new file mode 100644
index 00000000..eeef4bea
--- /dev/null
+++ b/terraform/google/backup/google_iam_workload_identity_pool_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iam_workload_identity_pool_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iam_workload_identity_pool_provider.tf b/terraform/google/backup/google_iam_workload_identity_pool_provider.tf
new file mode 100644
index 00000000..a72564a2
--- /dev/null
+++ b/terraform/google/backup/google_iam_workload_identity_pool_provider.tf
@@ -0,0 +1,11 @@
+resource "google_iam_workload_identity_pool_provider" "pike" {
+  workload_identity_pool_id          = google_iam_workload_identity_pool.pike.workload_identity_pool_id
+  workload_identity_pool_provider_id = "example-prvdr"
+  attribute_mapping = {
+    "google.subject" = "assertion.sub"
+  }
+  oidc {
+    issuer_uri = "https://sts.windows.net/azure-tenant-id"
+  }
+  display_name = "Example IDP provider"
+}
diff --git a/terraform/google/backup/google_iap_app_engine_service_iam_binding.tf b/terraform/google/backup/google_iap_app_engine_service_iam_binding.tf
new file mode 100644
index 00000000..a6982a81
--- /dev/null
+++ b/terraform/google/backup/google_iap_app_engine_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_app_engine_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_app_engine_service_iam_member.tf b/terraform/google/backup/google_iap_app_engine_service_iam_member.tf
new file mode 100644
index 00000000..6265712e
--- /dev/null
+++ b/terraform/google/backup/google_iap_app_engine_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_app_engine_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_app_engine_service_iam_policy.tf b/terraform/google/backup/google_iap_app_engine_service_iam_policy.tf
new file mode 100644
index 00000000..feda7c04
--- /dev/null
+++ b/terraform/google/backup/google_iap_app_engine_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_app_engine_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_app_engine_version_iam_binding.tf b/terraform/google/backup/google_iap_app_engine_version_iam_binding.tf
new file mode 100644
index 00000000..6615890d
--- /dev/null
+++ b/terraform/google/backup/google_iap_app_engine_version_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_app_engine_version_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_app_engine_version_iam_member.tf b/terraform/google/backup/google_iap_app_engine_version_iam_member.tf
new file mode 100644
index 00000000..f3e5b3bd
--- /dev/null
+++ b/terraform/google/backup/google_iap_app_engine_version_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_app_engine_version_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_app_engine_version_iam_policy.tf b/terraform/google/backup/google_iap_app_engine_version_iam_policy.tf
new file mode 100644
index 00000000..583e2a39
--- /dev/null
+++ b/terraform/google/backup/google_iap_app_engine_version_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_app_engine_version_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_brand.tf b/terraform/google/backup/google_iap_brand.tf
new file mode 100644
index 00000000..4c6ad5c4
--- /dev/null
+++ b/terraform/google/backup/google_iap_brand.tf
@@ -0,0 +1 @@
+resource "google_iap_brand" "pike" {}
diff --git a/terraform/google/backup/google_iap_client.tf b/terraform/google/backup/google_iap_client.tf
new file mode 100644
index 00000000..0e6a0f62
--- /dev/null
+++ b/terraform/google/backup/google_iap_client.tf
@@ -0,0 +1 @@
+resource "google_iap_client" "pike" {}
diff --git a/terraform/google/backup/google_iap_settings.tf b/terraform/google/backup/google_iap_settings.tf
new file mode 100644
index 00000000..c093ea64
--- /dev/null
+++ b/terraform/google/backup/google_iap_settings.tf
@@ -0,0 +1,68 @@
+data "google_project" "project" {
+}
+
+resource "google_compute_region_backend_service" "default" {
+  name                            = "iap-settings-tf"
+  region                          = "us-central1"
+  health_checks                   = [google_compute_health_check.default.id]
+  connection_draining_timeout_sec = 10
+  session_affinity                = "CLIENT_IP"
+}
+
+resource "google_compute_health_check" "default" {
+  name               = "iap-bs-health-check"
+  check_interval_sec = 1
+  timeout_sec        = 1
+
+  tcp_health_check {
+    port = "80"
+  }
+}
+
+resource "google_iap_settings" "iap_settings" {
+  name = "projects/${data.google_project.project.number}/iap_web/compute-us-central1/services/${google_compute_region_backend_service.default.name}"
+  access_settings {
+    identity_sources = ["WORKFORCE_IDENTITY_FEDERATION"]
+    allowed_domains_settings {
+      domains = ["test.abc.com"]
+      enable  = true
+    }
+    cors_settings {
+      allow_http_options = true
+    }
+    reauth_settings {
+      method      = "SECURE_KEY"
+      max_age     = "305s"
+      policy_type = "MINIMUM"
+    }
+    gcip_settings {
+      login_page_uri = "https://test.com/?apiKey=abc"
+    }
+    oauth_settings {
+      login_hint = "test"
+    }
+    workforce_identity_settings {
+      workforce_pools = ["wif-pool"]
+      oauth2 {
+        client_id     = "test-client-id"
+        client_secret = "test-client-secret"
+      }
+    }
+  }
+  application_settings {
+    cookie_domain = "test.abc.com"
+    csm_settings {
+      rctoken_aud = "test-aud-set"
+    }
+    access_denied_page_settings {
+      access_denied_page_uri               = "test-uri"
+      generate_troubleshooting_uri         = true
+      remediation_token_generation_enabled = false
+    }
+    attribute_propagation_settings {
+      output_credentials = ["HEADER"]
+      expression         = "attributes.saml_attributes.filter(attribute, attribute.name in [\"test1\", \"test2\"])"
+      enable             = false
+    }
+  }
+}
diff --git a/terraform/google/backup/google_iap_tunnel_dest_group.tf b/terraform/google/backup/google_iap_tunnel_dest_group.tf
new file mode 100644
index 00000000..806e562f
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_dest_group.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_dest_group" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_dest_group_iam_binding.tf b/terraform/google/backup/google_iap_tunnel_dest_group_iam_binding.tf
new file mode 100644
index 00000000..cdc07968
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_dest_group_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_dest_group_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_dest_group_iam_member.tf b/terraform/google/backup/google_iap_tunnel_dest_group_iam_member.tf
new file mode 100644
index 00000000..0993d6f8
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_dest_group_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_dest_group_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_dest_group_iam_policy.tf b/terraform/google/backup/google_iap_tunnel_dest_group_iam_policy.tf
new file mode 100644
index 00000000..74c9a060
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_dest_group_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_dest_group_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_iam_binding.tf b/terraform/google/backup/google_iap_tunnel_iam_binding.tf
new file mode 100644
index 00000000..38c633ed
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_iam_member.tf b/terraform/google/backup/google_iap_tunnel_iam_member.tf
new file mode 100644
index 00000000..0dc7f8c6
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_iam_policy.tf b/terraform/google/backup/google_iap_tunnel_iam_policy.tf
new file mode 100644
index 00000000..e70deec4
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_instance_iam_binding.tf b/terraform/google/backup/google_iap_tunnel_instance_iam_binding.tf
new file mode 100644
index 00000000..2f51bdea
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_instance_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_instance_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_instance_iam_member.tf b/terraform/google/backup/google_iap_tunnel_instance_iam_member.tf
new file mode 100644
index 00000000..bb895e7a
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_instance_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_instance_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_tunnel_instance_iam_policy.tf b/terraform/google/backup/google_iap_tunnel_instance_iam_policy.tf
new file mode 100644
index 00000000..40ace3c6
--- /dev/null
+++ b/terraform/google/backup/google_iap_tunnel_instance_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_tunnel_instance_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_backend_service_iam_binding.tf b/terraform/google/backup/google_iap_web_backend_service_iam_binding.tf
new file mode 100644
index 00000000..734bb49c
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_backend_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_backend_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_backend_service_iam_member.tf b/terraform/google/backup/google_iap_web_backend_service_iam_member.tf
new file mode 100644
index 00000000..cc6ac135
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_backend_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_backend_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_backend_service_iam_policy.tf b/terraform/google/backup/google_iap_web_backend_service_iam_policy.tf
new file mode 100644
index 00000000..176d3579
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_backend_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_backend_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_cloud_run_service_iam_binding.tf b/terraform/google/backup/google_iap_web_cloud_run_service_iam_binding.tf
new file mode 100644
index 00000000..96228ec2
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_cloud_run_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_cloud_run_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_cloud_run_service_iam_member.tf b/terraform/google/backup/google_iap_web_cloud_run_service_iam_member.tf
new file mode 100644
index 00000000..5e7b8516
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_cloud_run_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_cloud_run_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_cloud_run_service_iam_policy.tf b/terraform/google/backup/google_iap_web_cloud_run_service_iam_policy.tf
new file mode 100644
index 00000000..1bffb945
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_cloud_run_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_cloud_run_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_binding.tf b/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_binding.tf
new file mode 100644
index 00000000..f50e6d02
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_forwarding_rule_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_member.tf b/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_member.tf
new file mode 100644
index 00000000..93be6493
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_forwarding_rule_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_policy.tf b/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_policy.tf
new file mode 100644
index 00000000..6333c07f
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_forwarding_rule_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_forwarding_rule_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_iam_binding.tf b/terraform/google/backup/google_iap_web_iam_binding.tf
new file mode 100644
index 00000000..d5abd0dd
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_iam_member.tf b/terraform/google/backup/google_iap_web_iam_member.tf
new file mode 100644
index 00000000..af160ee3
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_iam_policy.tf b/terraform/google/backup/google_iap_web_iam_policy.tf
new file mode 100644
index 00000000..9b76fbc3
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_region_backend_service_iam_binding.tf b/terraform/google/backup/google_iap_web_region_backend_service_iam_binding.tf
new file mode 100644
index 00000000..bab54621
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_region_backend_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_region_backend_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_region_backend_service_iam_member.tf b/terraform/google/backup/google_iap_web_region_backend_service_iam_member.tf
new file mode 100644
index 00000000..ce22bf67
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_region_backend_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_region_backend_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_region_backend_service_iam_policy.tf b/terraform/google/backup/google_iap_web_region_backend_service_iam_policy.tf
new file mode 100644
index 00000000..c9910cd8
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_region_backend_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_region_backend_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_binding.tf b/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_binding.tf
new file mode 100644
index 00000000..e54b2cbb
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_region_forwarding_rule_service_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_member.tf b/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_member.tf
new file mode 100644
index 00000000..50c9324a
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_region_forwarding_rule_service_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_policy.tf b/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_policy.tf
new file mode 100644
index 00000000..aa73cab4
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_region_forwarding_rule_service_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_region_forwarding_rule_service_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_type_app_engine_iam_binding.tf b/terraform/google/backup/google_iap_web_type_app_engine_iam_binding.tf
new file mode 100644
index 00000000..265aee81
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_type_app_engine_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_type_app_engine_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_type_app_engine_iam_member.tf b/terraform/google/backup/google_iap_web_type_app_engine_iam_member.tf
new file mode 100644
index 00000000..88b43f68
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_type_app_engine_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_type_app_engine_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_type_app_engine_iam_policy.tf b/terraform/google/backup/google_iap_web_type_app_engine_iam_policy.tf
new file mode 100644
index 00000000..ff4fcaf0
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_type_app_engine_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_type_app_engine_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_type_compute_iam_binding.tf b/terraform/google/backup/google_iap_web_type_compute_iam_binding.tf
new file mode 100644
index 00000000..7268e727
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_type_compute_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_iap_web_type_compute_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_type_compute_iam_member.tf b/terraform/google/backup/google_iap_web_type_compute_iam_member.tf
new file mode 100644
index 00000000..8baa315e
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_type_compute_iam_member.tf
@@ -0,0 +1 @@
+resource "google_iap_web_type_compute_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_iap_web_type_compute_iam_policy.tf b/terraform/google/backup/google_iap_web_type_compute_iam_policy.tf
new file mode 100644
index 00000000..09d19ec7
--- /dev/null
+++ b/terraform/google/backup/google_iap_web_type_compute_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_iap_web_type_compute_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_kms_crypto_key_version.tf b/terraform/google/backup/google_kms_crypto_key_version.tf
new file mode 100644
index 00000000..f49fabcd
--- /dev/null
+++ b/terraform/google/backup/google_kms_crypto_key_version.tf
@@ -0,0 +1,3 @@
+resource "google_kms_crypto_key_version" "pike" {
+  crypto_key = google_kms_crypto_key.cryptokey.id
+}
diff --git a/terraform/google/backup/google_kms_ekm_connection_iam_binding.tf b/terraform/google/backup/google_kms_ekm_connection_iam_binding.tf
new file mode 100644
index 00000000..9c462083
--- /dev/null
+++ b/terraform/google/backup/google_kms_ekm_connection_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_kms_ekm_connection_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_kms_ekm_connection_iam_member.tf b/terraform/google/backup/google_kms_ekm_connection_iam_member.tf
new file mode 100644
index 00000000..2f863bc1
--- /dev/null
+++ b/terraform/google/backup/google_kms_ekm_connection_iam_member.tf
@@ -0,0 +1 @@
+resource "google_kms_ekm_connection_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_kms_ekm_connection_iam_policy.tf b/terraform/google/backup/google_kms_ekm_connection_iam_policy.tf
new file mode 100644
index 00000000..eca6a438
--- /dev/null
+++ b/terraform/google/backup/google_kms_ekm_connection_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_kms_ekm_connection_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_kms_key_handle.tf b/terraform/google/backup/google_kms_key_handle.tf
new file mode 100644
index 00000000..684456e5
--- /dev/null
+++ b/terraform/google/backup/google_kms_key_handle.tf
@@ -0,0 +1,7 @@
+resource "google_kms_key_handle" "pike" {
+  provider               = google-beta
+  project                = "pike-412922"
+  name                   = "tf-test-key-handle"
+  location               = "global"
+  resource_type_selector = "storage.googleapis.com/Bucket"
+}
diff --git a/terraform/google/backup/google_kms_key_ring_iam_binding.tf b/terraform/google/backup/google_kms_key_ring_iam_binding.tf
new file mode 100644
index 00000000..41e6f8ef
--- /dev/null
+++ b/terraform/google/backup/google_kms_key_ring_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_kms_key_ring_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_kms_key_ring_iam_member.tf b/terraform/google/backup/google_kms_key_ring_iam_member.tf
new file mode 100644
index 00000000..463fa3fa
--- /dev/null
+++ b/terraform/google/backup/google_kms_key_ring_iam_member.tf
@@ -0,0 +1 @@
+resource "google_kms_key_ring_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_kms_key_ring_iam_policy.tf b/terraform/google/backup/google_kms_key_ring_iam_policy.tf
new file mode 100644
index 00000000..f226ca37
--- /dev/null
+++ b/terraform/google/backup/google_kms_key_ring_iam_policy.tf
@@ -0,0 +1,14 @@
+data "google_iam_policy" "admin" {
+  binding {
+    role = "roles/editor"
+
+    members = [
+      "user:james.woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_kms_key_ring_iam_policy" "key_ring" {
+  key_ring_id = google_kms_key_ring.keyring.id
+  policy_data = data.google_iam_policy.admin.policy_data
+}
diff --git a/terraform/google/backup/google_kms_key_ring_import_job.tf b/terraform/google/backup/google_kms_key_ring_import_job.tf
new file mode 100644
index 00000000..c85b26bb
--- /dev/null
+++ b/terraform/google/backup/google_kms_key_ring_import_job.tf
@@ -0,0 +1,7 @@
+resource "google_kms_key_ring_import_job" "pike" {
+  key_ring      = google_kms_key_ring.keyring.id
+  import_job_id = "my-import-job2"
+
+  import_method    = "RSA_OAEP_3072_SHA1_AES_256"
+  protection_level = "SOFTWARE"
+}
diff --git a/terraform/google/backup/google_kms_secret_ciphertext.tf b/terraform/google/backup/google_kms_secret_ciphertext.tf
new file mode 100644
index 00000000..4285df88
--- /dev/null
+++ b/terraform/google/backup/google_kms_secret_ciphertext.tf
@@ -0,0 +1,19 @@
+resource "google_kms_key_ring" "keyring" {
+  name     = "keyring-example"
+  location = "global"
+}
+
+resource "google_kms_crypto_key" "cryptokey" {
+  name            = "crypto-key-example"
+  key_ring        = google_kms_key_ring.keyring.id
+  rotation_period = "7776000s"
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+resource "google_kms_secret_ciphertext" "my_password" {
+  crypto_key = google_kms_crypto_key.cryptokey.id
+  plaintext  = "my-secret-password"
+}
diff --git a/terraform/google/backup/google_logging_billing_account_exclusion.tf b/terraform/google/backup/google_logging_billing_account_exclusion.tf
new file mode 100644
index 00000000..5f0dcc0c
--- /dev/null
+++ b/terraform/google/backup/google_logging_billing_account_exclusion.tf
@@ -0,0 +1 @@
+resource "google_logging_billing_account_exclusion" "pike" {}
diff --git a/terraform/google/backup/google_logging_billing_account_sink.tf b/terraform/google/backup/google_logging_billing_account_sink.tf
new file mode 100644
index 00000000..25a9f967
--- /dev/null
+++ b/terraform/google/backup/google_logging_billing_account_sink.tf
@@ -0,0 +1 @@
+resource "google_logging_billing_account_sink" "pike" {}
diff --git a/terraform/google/backup/google_logging_folder_exclusion.tf b/terraform/google/backup/google_logging_folder_exclusion.tf
new file mode 100644
index 00000000..d5f5f8ed
--- /dev/null
+++ b/terraform/google/backup/google_logging_folder_exclusion.tf
@@ -0,0 +1 @@
+resource "google_logging_folder_exclusion" "pike" {}
diff --git a/terraform/google/backup/google_logging_folder_settings.tf b/terraform/google/backup/google_logging_folder_settings.tf
new file mode 100644
index 00000000..5ffd4227
--- /dev/null
+++ b/terraform/google/backup/google_logging_folder_settings.tf
@@ -0,0 +1 @@
+resource "google_logging_folder_settings" "pike" {}
diff --git a/terraform/google/backup/google_logging_folder_sink.tf b/terraform/google/backup/google_logging_folder_sink.tf
new file mode 100644
index 00000000..65db37e3
--- /dev/null
+++ b/terraform/google/backup/google_logging_folder_sink.tf
@@ -0,0 +1 @@
+resource "google_logging_folder_sink" "pike" {}
diff --git a/terraform/google/backup/google_logging_linked_dataset.tf b/terraform/google/backup/google_logging_linked_dataset.tf
new file mode 100644
index 00000000..3ec99efd
--- /dev/null
+++ b/terraform/google/backup/google_logging_linked_dataset.tf
@@ -0,0 +1 @@
+resource "google_logging_linked_dataset" "pike" {}
diff --git a/terraform/google/backup/google_logging_log_scope.tf b/terraform/google/backup/google_logging_log_scope.tf
new file mode 100644
index 00000000..1c70a777
--- /dev/null
+++ b/terraform/google/backup/google_logging_log_scope.tf
@@ -0,0 +1 @@
+resource "google_logging_log_scope" "pike" {}
diff --git a/terraform/google/backup/google_logging_log_view.tf b/terraform/google/backup/google_logging_log_view.tf
new file mode 100644
index 00000000..bee26a14
--- /dev/null
+++ b/terraform/google/backup/google_logging_log_view.tf
@@ -0,0 +1 @@
+resource "google_logging_log_view" "pike" {}
diff --git a/terraform/google/backup/google_logging_log_view_iam_binding.tf b/terraform/google/backup/google_logging_log_view_iam_binding.tf
new file mode 100644
index 00000000..0d2d1515
--- /dev/null
+++ b/terraform/google/backup/google_logging_log_view_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_logging_log_view_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_logging_log_view_iam_member.tf b/terraform/google/backup/google_logging_log_view_iam_member.tf
new file mode 100644
index 00000000..f1bbc947
--- /dev/null
+++ b/terraform/google/backup/google_logging_log_view_iam_member.tf
@@ -0,0 +1 @@
+resource "google_logging_log_view_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_logging_log_view_iam_policy.tf b/terraform/google/backup/google_logging_log_view_iam_policy.tf
new file mode 100644
index 00000000..f5e8ca31
--- /dev/null
+++ b/terraform/google/backup/google_logging_log_view_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_logging_log_view_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_logging_metric.tf b/terraform/google/backup/google_logging_metric.tf
new file mode 100644
index 00000000..24a82149
--- /dev/null
+++ b/terraform/google/backup/google_logging_metric.tf
@@ -0,0 +1 @@
+resource "google_logging_metric" "pike" {}
diff --git a/terraform/google/backup/google_logging_organization_exclusion.tf b/terraform/google/backup/google_logging_organization_exclusion.tf
new file mode 100644
index 00000000..9784bc7c
--- /dev/null
+++ b/terraform/google/backup/google_logging_organization_exclusion.tf
@@ -0,0 +1 @@
+resource "google_logging_organization_exclusion" "pike" {}
diff --git a/terraform/google/backup/google_logging_organization_settings.tf b/terraform/google/backup/google_logging_organization_settings.tf
new file mode 100644
index 00000000..a371473a
--- /dev/null
+++ b/terraform/google/backup/google_logging_organization_settings.tf
@@ -0,0 +1 @@
+resource "google_logging_organization_settings" "pike" {}
diff --git a/terraform/google/backup/google_logging_organization_sink.tf b/terraform/google/backup/google_logging_organization_sink.tf
new file mode 100644
index 00000000..171de082
--- /dev/null
+++ b/terraform/google/backup/google_logging_organization_sink.tf
@@ -0,0 +1 @@
+resource "google_logging_organization_sink" "pike" {}
diff --git a/terraform/google/backup/google_logging_project_exclusion.tf b/terraform/google/backup/google_logging_project_exclusion.tf
new file mode 100644
index 00000000..29dc83db
--- /dev/null
+++ b/terraform/google/backup/google_logging_project_exclusion.tf
@@ -0,0 +1 @@
+resource "google_logging_project_exclusion" "pike" {}
diff --git a/terraform/google/backup/google_logging_project_sink.tf b/terraform/google/backup/google_logging_project_sink.tf
new file mode 100644
index 00000000..3fc3bbec
--- /dev/null
+++ b/terraform/google/backup/google_logging_project_sink.tf
@@ -0,0 +1 @@
+resource "google_logging_project_sink" "pike" {}
diff --git a/terraform/google/backup/google_managed_kafka_acl.tf b/terraform/google/backup/google_managed_kafka_acl.tf
new file mode 100644
index 00000000..2f4cf5b4
--- /dev/null
+++ b/terraform/google/backup/google_managed_kafka_acl.tf
@@ -0,0 +1,40 @@
+resource "google_managed_kafka_cluster" "cluster" {
+  cluster_id = "my-cluster"
+  location   = "us-central1"
+  capacity_config {
+    vcpu_count   = 3
+    memory_bytes = 3221225472
+  }
+  gcp_config {
+    access_config {
+      network_configs {
+        subnet = "projects/${data.google_project.project.number}/regions/us-central1/subnetworks/default"
+      }
+    }
+  }
+}
+
+resource "google_managed_kafka_acl" "example" {
+  acl_id   = "topic/mytopic"
+  cluster  = google_managed_kafka_cluster.cluster.cluster_id
+  location = "us-central1"
+  acl_entries {
+    principal       = "User:admin@pike-412922.iam.gserviceaccount.com"
+    permission_type = "ALLOW"
+    operation       = "ALL"
+    host            = "*"
+  }
+  acl_entries {
+    principal       = "User:producer-client@pike-412922.iam.gserviceaccount.com"
+    permission_type = "ALLOW"
+    operation       = "WRITE"
+    host            = "*"
+  }
+
+  depends_on = [
+    google_managed_kafka_cluster.cluster
+  ]
+}
+
+data "google_project" "project" {
+}
diff --git a/terraform/google/backup/google_managed_kafka_cluster.tf b/terraform/google/backup/google_managed_kafka_cluster.tf
new file mode 100644
index 00000000..e3c017c7
--- /dev/null
+++ b/terraform/google/backup/google_managed_kafka_cluster.tf
@@ -0,0 +1 @@
+resource "google_managed_kafka_cluster" "pike" {}
diff --git a/terraform/google/backup/google_managed_kafka_connect_cluster.tf b/terraform/google/backup/google_managed_kafka_connect_cluster.tf
new file mode 100644
index 00000000..b79b7908
--- /dev/null
+++ b/terraform/google/backup/google_managed_kafka_connect_cluster.tf
@@ -0,0 +1 @@
+resource "google_managed_kafka_connect_cluster" "pike" {}
diff --git a/terraform/google/backup/google_managed_kafka_connector.tf b/terraform/google/backup/google_managed_kafka_connector.tf
new file mode 100644
index 00000000..5efc91bb
--- /dev/null
+++ b/terraform/google/backup/google_managed_kafka_connector.tf
@@ -0,0 +1 @@
+resource "google_managed_kafka_connector" "pike" {}
diff --git a/terraform/google/backup/google_managed_kafka_topic.tf b/terraform/google/backup/google_managed_kafka_topic.tf
new file mode 100644
index 00000000..28543d53
--- /dev/null
+++ b/terraform/google/backup/google_managed_kafka_topic.tf
@@ -0,0 +1 @@
+resource "google_managed_kafka_topic" "pike" {}
diff --git a/terraform/google/backup/google_memcache_instance.tf b/terraform/google/backup/google_memcache_instance.tf
new file mode 100644
index 00000000..f1187e0f
--- /dev/null
+++ b/terraform/google/backup/google_memcache_instance.tf
@@ -0,0 +1 @@
+resource "google_memcache_instance" "pike" {}
diff --git a/terraform/google/backup/google_memorystore_instance.tf b/terraform/google/backup/google_memorystore_instance.tf
new file mode 100644
index 00000000..fbc02d8b
--- /dev/null
+++ b/terraform/google/backup/google_memorystore_instance.tf
@@ -0,0 +1 @@
+resource "google_memorystore_instance" "pike" {}
diff --git a/terraform/google/backup/google_model_armor_floorsetting.tf b/terraform/google/backup/google_model_armor_floorsetting.tf
new file mode 100644
index 00000000..4ad07cb8
--- /dev/null
+++ b/terraform/google/backup/google_model_armor_floorsetting.tf
@@ -0,0 +1 @@
+resource "google_model_armor_floorsetting" "pike" {}
diff --git a/terraform/google/backup/google_model_armor_template.tf b/terraform/google/backup/google_model_armor_template.tf
new file mode 100644
index 00000000..888c49c3
--- /dev/null
+++ b/terraform/google/backup/google_model_armor_template.tf
@@ -0,0 +1 @@
+resource "google_model_armor_template" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_alert_policy.tf b/terraform/google/backup/google_monitoring_alert_policy.tf
new file mode 100644
index 00000000..2b6e1fae
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_alert_policy.tf
@@ -0,0 +1 @@
+resource "google_monitoring_alert_policy" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_custom_service.tf b/terraform/google/backup/google_monitoring_custom_service.tf
new file mode 100644
index 00000000..3ef5ca58
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_custom_service.tf
@@ -0,0 +1,13 @@
+resource "google_monitoring_custom_service" "pike" {
+  service_id   = "custom-srv"
+  display_name = "My Custom Service custom-srv"
+
+  telemetry {
+    resource_name = "//product.googleapis.com/foo/foo/services/test"
+  }
+
+  user_labels = {
+    my_key       = "my_value"
+    my_other_key = "my_other_value"
+  }
+}
diff --git a/terraform/google/backup/google_monitoring_dashboard.tf b/terraform/google/backup/google_monitoring_dashboard.tf
new file mode 100644
index 00000000..1d603da4
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_dashboard.tf
@@ -0,0 +1 @@
+resource "google_monitoring_dashboard" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_group.tf b/terraform/google/backup/google_monitoring_group.tf
new file mode 100644
index 00000000..cff7b678
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_group.tf
@@ -0,0 +1 @@
+resource "google_monitoring_group" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_metric_descriptor.tf b/terraform/google/backup/google_monitoring_metric_descriptor.tf
new file mode 100644
index 00000000..daf2ddc1
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_metric_descriptor.tf
@@ -0,0 +1 @@
+resource "google_monitoring_metric_descriptor" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_monitored_project.tf b/terraform/google/backup/google_monitoring_monitored_project.tf
new file mode 100644
index 00000000..5276b687
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_monitored_project.tf
@@ -0,0 +1 @@
+resource "google_monitoring_monitored_project" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_notification_channel.tf b/terraform/google/backup/google_monitoring_notification_channel.tf
new file mode 100644
index 00000000..5101b4ea
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_notification_channel.tf
@@ -0,0 +1 @@
+resource "google_monitoring_notification_channel" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_service.tf b/terraform/google/backup/google_monitoring_service.tf
new file mode 100644
index 00000000..bb6202b6
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_service.tf
@@ -0,0 +1 @@
+resource "google_monitoring_service" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_slo.tf b/terraform/google/backup/google_monitoring_slo.tf
new file mode 100644
index 00000000..619450c5
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_slo.tf
@@ -0,0 +1 @@
+resource "google_monitoring_slo" "pike" {}
diff --git a/terraform/google/backup/google_monitoring_uptime_check_config.tf b/terraform/google/backup/google_monitoring_uptime_check_config.tf
new file mode 100644
index 00000000..5ef50495
--- /dev/null
+++ b/terraform/google/backup/google_monitoring_uptime_check_config.tf
@@ -0,0 +1 @@
+resource "google_monitoring_uptime_check_config" "pike" {}
diff --git a/terraform/google/backup/google_network_security_address_group_iam_binding.tf b/terraform/google/backup/google_network_security_address_group_iam_binding.tf
new file mode 100644
index 00000000..ca2935c0
--- /dev/null
+++ b/terraform/google/backup/google_network_security_address_group_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_network_security_address_group_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_network_security_address_group_iam_member.tf b/terraform/google/backup/google_network_security_address_group_iam_member.tf
new file mode 100644
index 00000000..9f1eadac
--- /dev/null
+++ b/terraform/google/backup/google_network_security_address_group_iam_member.tf
@@ -0,0 +1 @@
+resource "google_network_security_address_group_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_network_security_address_group_iam_policy.tf b/terraform/google/backup/google_network_security_address_group_iam_policy.tf
new file mode 100644
index 00000000..83eb7bb7
--- /dev/null
+++ b/terraform/google/backup/google_network_security_address_group_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_network_security_address_group_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_environment.tf b/terraform/google/backup/google_notebooks_environment.tf
new file mode 100644
index 00000000..29e93bcd
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_environment.tf
@@ -0,0 +1 @@
+resource "google_notebooks_environment" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_instance.tf b/terraform/google/backup/google_notebooks_instance.tf
new file mode 100644
index 00000000..6f16303e
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_instance.tf
@@ -0,0 +1 @@
+resource "google_notebooks_instance" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_instance_iam_binding.tf b/terraform/google/backup/google_notebooks_instance_iam_binding.tf
new file mode 100644
index 00000000..7328f806
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_instance_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_notebooks_instance_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_instance_iam_member.tf b/terraform/google/backup/google_notebooks_instance_iam_member.tf
new file mode 100644
index 00000000..93e8d53e
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_instance_iam_member.tf
@@ -0,0 +1 @@
+resource "google_notebooks_instance_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_instance_iam_policy.tf b/terraform/google/backup/google_notebooks_instance_iam_policy.tf
new file mode 100644
index 00000000..aecc0ce9
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_instance_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_notebooks_instance_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_runtime.tf b/terraform/google/backup/google_notebooks_runtime.tf
new file mode 100644
index 00000000..631dd460
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_runtime.tf
@@ -0,0 +1 @@
+resource "google_notebooks_runtime" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_runtime_iam_binding.tf b/terraform/google/backup/google_notebooks_runtime_iam_binding.tf
new file mode 100644
index 00000000..6abc7169
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_runtime_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_notebooks_runtime_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_runtime_iam_member.tf b/terraform/google/backup/google_notebooks_runtime_iam_member.tf
new file mode 100644
index 00000000..0a965169
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_runtime_iam_member.tf
@@ -0,0 +1 @@
+resource "google_notebooks_runtime_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_notebooks_runtime_iam_policy.tf b/terraform/google/backup/google_notebooks_runtime_iam_policy.tf
new file mode 100644
index 00000000..82e64ec0
--- /dev/null
+++ b/terraform/google/backup/google_notebooks_runtime_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_notebooks_runtime_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_organization_iam_binding.tf b/terraform/google/backup/google_organization_iam_binding.tf
new file mode 100644
index 00000000..63db4f48
--- /dev/null
+++ b/terraform/google/backup/google_organization_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_organization_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_organization_iam_member.tf b/terraform/google/backup/google_organization_iam_member.tf
new file mode 100644
index 00000000..3121cd71
--- /dev/null
+++ b/terraform/google/backup/google_organization_iam_member.tf
@@ -0,0 +1 @@
+resource "google_organization_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_organization_iam_policy.tf b/terraform/google/backup/google_organization_iam_policy.tf
new file mode 100644
index 00000000..171f7377
--- /dev/null
+++ b/terraform/google/backup/google_organization_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_organization_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_os_config_guest_policies.tf b/terraform/google/backup/google_os_config_guest_policies.tf
new file mode 100644
index 00000000..fcf73314
--- /dev/null
+++ b/terraform/google/backup/google_os_config_guest_policies.tf
@@ -0,0 +1 @@
+resource "google_os_config_guest_policies" "pike" {}
diff --git a/terraform/google/backup/google_os_config_os_policy_assignment.tf b/terraform/google/backup/google_os_config_os_policy_assignment.tf
new file mode 100644
index 00000000..6ee42d79
--- /dev/null
+++ b/terraform/google/backup/google_os_config_os_policy_assignment.tf
@@ -0,0 +1 @@
+resource "google_os_config_os_policy_assignment" "pike" {}
diff --git a/terraform/google/backup/google_os_config_patch_deployment.tf b/terraform/google/backup/google_os_config_patch_deployment.tf
new file mode 100644
index 00000000..74ecabe8
--- /dev/null
+++ b/terraform/google/backup/google_os_config_patch_deployment.tf
@@ -0,0 +1 @@
+resource "google_os_config_patch_deployment" "pike" {}
diff --git a/terraform/google/backup/google_os_config_v2_policy_orchestrator.tf b/terraform/google/backup/google_os_config_v2_policy_orchestrator.tf
new file mode 100644
index 00000000..1206b2a2
--- /dev/null
+++ b/terraform/google/backup/google_os_config_v2_policy_orchestrator.tf
@@ -0,0 +1 @@
+resource "google_os_config_v2_policy_orchestrator" "pike" {}
diff --git a/terraform/google/backup/google_os_config_v2_policy_orchestrator_for_folder.tf b/terraform/google/backup/google_os_config_v2_policy_orchestrator_for_folder.tf
new file mode 100644
index 00000000..b32ca7f9
--- /dev/null
+++ b/terraform/google/backup/google_os_config_v2_policy_orchestrator_for_folder.tf
@@ -0,0 +1 @@
+resource "google_os_config_v2_policy_orchestrator_for_folder" "pike" {}
diff --git a/terraform/google/backup/google_os_config_v2_policy_orchestrator_for_organization.tf b/terraform/google/backup/google_os_config_v2_policy_orchestrator_for_organization.tf
new file mode 100644
index 00000000..a548b59b
--- /dev/null
+++ b/terraform/google/backup/google_os_config_v2_policy_orchestrator_for_organization.tf
@@ -0,0 +1 @@
+resource "google_os_config_v2_policy_orchestrator_for_organization" "pike" {}
diff --git a/terraform/google/backup/google_parallelstore_instance.tf b/terraform/google/backup/google_parallelstore_instance.tf
new file mode 100644
index 00000000..2c7041ac
--- /dev/null
+++ b/terraform/google/backup/google_parallelstore_instance.tf
@@ -0,0 +1 @@
+resource "google_parallelstore_instance" "pike" {}
diff --git a/terraform/google/backup/google_privateca_ca_pool.tf b/terraform/google/backup/google_privateca_ca_pool.tf
new file mode 100644
index 00000000..172536cd
--- /dev/null
+++ b/terraform/google/backup/google_privateca_ca_pool.tf
@@ -0,0 +1,12 @@
+resource "google_privateca_ca_pool" "pike" {
+  name     = "my-pool2"
+  location = "us-central1"
+  tier     = "DEVOPS"
+  publishing_options {
+    publish_ca_cert = true
+    publish_crl     = false
+  }
+  labels = {
+    foo = "bar"
+  }
+}
diff --git a/terraform/google/backup/google_privateca_ca_pool_iam_binding.tf b/terraform/google/backup/google_privateca_ca_pool_iam_binding.tf
new file mode 100644
index 00000000..4b48dc78
--- /dev/null
+++ b/terraform/google/backup/google_privateca_ca_pool_iam_binding.tf
@@ -0,0 +1,7 @@
+resource "google_privateca_ca_pool_iam_binding" "binding" {
+  ca_pool = google_privateca_ca_pool.pike.id
+  role    = "roles/privateca.certificateManager"
+  members = [
+    "user:james.woolfenden@gmail.com",
+  ]
+}
diff --git a/terraform/google/backup/google_privateca_ca_pool_iam_member.tf b/terraform/google/backup/google_privateca_ca_pool_iam_member.tf
new file mode 100644
index 00000000..bee46734
--- /dev/null
+++ b/terraform/google/backup/google_privateca_ca_pool_iam_member.tf
@@ -0,0 +1,5 @@
+resource "google_privateca_ca_pool_iam_member" "member" {
+  ca_pool = google_privateca_ca_pool.pike.id
+  role    = "roles/privateca.certificateManager"
+  member  = "user:james.woolfenden@gmail.com"
+}
diff --git a/terraform/google/backup/google_privateca_ca_pool_iam_policy.tf b/terraform/google/backup/google_privateca_ca_pool_iam_policy.tf
new file mode 100644
index 00000000..f26dd6ad
--- /dev/null
+++ b/terraform/google/backup/google_privateca_ca_pool_iam_policy.tf
@@ -0,0 +1,13 @@
+data "google_iam_policy" "admin2" {
+  binding {
+    role = "roles/privateca.certificateManager"
+    members = [
+      "user:james.woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_privateca_ca_pool_iam_policy" "policy" {
+  ca_pool     = google_privateca_ca_pool.pike.id
+  policy_data = data.google_iam_policy.admin2.policy_data
+}
diff --git a/terraform/google/backup/google_privateca_certificate.tf b/terraform/google/backup/google_privateca_certificate.tf
new file mode 100644
index 00000000..ba2ddc76
--- /dev/null
+++ b/terraform/google/backup/google_privateca_certificate.tf
@@ -0,0 +1 @@
+resource "google_privateca_certificate" "pike" {}
diff --git a/terraform/google/backup/google_privateca_certificate_authority.tf b/terraform/google/backup/google_privateca_certificate_authority.tf
new file mode 100644
index 00000000..4c053794
--- /dev/null
+++ b/terraform/google/backup/google_privateca_certificate_authority.tf
@@ -0,0 +1 @@
+resource "google_privateca_certificate_authority" "pike" {}
diff --git a/terraform/google/backup/google_privateca_certificate_template.tf b/terraform/google/backup/google_privateca_certificate_template.tf
new file mode 100644
index 00000000..7bf288d9
--- /dev/null
+++ b/terraform/google/backup/google_privateca_certificate_template.tf
@@ -0,0 +1,72 @@
+resource "google_privateca_certificate_template" "default" {
+  name        = "my-template2"
+  location    = "europe-west2"
+  description = "A sample certificate template"
+
+  identity_constraints {
+    allow_subject_alt_names_passthrough = true
+    allow_subject_passthrough           = true
+
+    cel_expression {
+      description = "Always true"
+      expression  = "true"
+      location    = "any.file.anywhere"
+      title       = "Sample expression"
+    }
+  }
+
+  maximum_lifetime = "86400s"
+
+  passthrough_extensions {
+    additional_extensions {
+      object_id_path = [1, 6]
+    }
+    known_extensions = ["EXTENDED_KEY_USAGE"]
+  }
+
+  predefined_values {
+    additional_extensions {
+      object_id {
+        object_id_path = [1, 6]
+      }
+      value    = "c3RyaW5nCg=="
+      critical = true
+    }
+    aia_ocsp_servers = ["string"]
+    ca_options {
+      is_ca                  = false
+      max_issuer_path_length = 6
+    }
+    key_usage {
+      base_key_usage {
+        cert_sign          = false
+        content_commitment = true
+        crl_sign           = false
+        data_encipherment  = true
+        decipher_only      = true
+        digital_signature  = true
+        encipher_only      = true
+        key_agreement      = true
+        key_encipherment   = true
+      }
+      extended_key_usage {
+        client_auth      = true
+        code_signing     = true
+        email_protection = true
+        ocsp_signing     = true
+        server_auth      = true
+        time_stamping    = true
+      }
+      unknown_extended_key_usages {
+        object_id_path = [1, 6]
+      }
+    }
+    policy_ids {
+      object_id_path = [1, 6]
+    }
+  }
+
+  labels = {
+    label-one = "value-one"
+  }
+}
diff --git a/terraform/google/backup/google_privateca_certificate_template_iam_binding.tf b/terraform/google/backup/google_privateca_certificate_template_iam_binding.tf
new file mode 100644
index 00000000..025bce36
--- /dev/null
+++ b/terraform/google/backup/google_privateca_certificate_template_iam_binding.tf
@@ -0,0 +1,7 @@
+resource "google_privateca_certificate_template_iam_binding" "binding" {
+  certificate_template = google_privateca_certificate_template.default.id
+  role                 = "roles/privateca.templateUser"
+  members = [
+    "user:james.woolfenden@gmail.com",
+  ]
+}
diff --git a/terraform/google/backup/google_privateca_certificate_template_iam_member.tf b/terraform/google/backup/google_privateca_certificate_template_iam_member.tf
new file mode 100644
index 00000000..5c93215e
--- /dev/null
+++ b/terraform/google/backup/google_privateca_certificate_template_iam_member.tf
@@ -0,0 +1,5 @@
+resource "google_privateca_certificate_template_iam_member" "member" {
+  certificate_template = google_privateca_certificate_template.default.id
+  role                 = "roles/privateca.templateUser"
+  member               = "user:james.woolfenden@gmail.com"
+}
diff --git a/terraform/google/backup/google_privateca_certificate_template_iam_policy.tf b/terraform/google/backup/google_privateca_certificate_template_iam_policy.tf
new file mode 100644
index 00000000..125c4d84
--- /dev/null
+++ b/terraform/google/backup/google_privateca_certificate_template_iam_policy.tf
@@ -0,0 +1,13 @@
+data "google_iam_policy" "admin" {
+  binding {
+    role = "roles/privateca.templateUser"
+    members = [
+      "user:james.woolfenden@gmail.com",
+    ]
+  }
+}
+
+resource "google_privateca_certificate_template_iam_policy" "policy" {
+  certificate_template = google_privateca_certificate_template.default.id
+  policy_data          = data.google_iam_policy.admin.policy_data
+}
diff --git a/terraform/google/backup/google_privileged_access_manager_entitlement.tf b/terraform/google/backup/google_privileged_access_manager_entitlement.tf
new file mode 100644
index 00000000..c9610fda
--- /dev/null
+++ b/terraform/google/backup/google_privileged_access_manager_entitlement.tf
@@ -0,0 +1,48 @@
+resource "google_privileged_access_manager_entitlement" "entitlement" {
+  entitlement_id       = "example-entitlement"
+  location             = "global"
+  max_request_duration = "43200s"
+  parent               = "projects/pike"
+  requester_justification_config {
+    unstructured {}
+  }
+  eligible_users {
+    principals = [
+      "group:test@google.com"
+    ]
+  }
+  privileged_access {
+    gcp_iam_access {
+      role_bindings {
+        role                 = "roles/storage.admin"
+        condition_expression = "request.time < timestamp(\"2024-04-23T18:30:00.000Z\")"
+      }
+      resource      = "//cloudresourcemanager.googleapis.com/projects/my-project-name"
+      resource_type = "cloudresourcemanager.googleapis.com/Project"
+    }
+  }
+  additional_notification_targets {
+    admin_email_recipients = [
+      "user@example.com",
+    ]
+    requester_email_recipients = [
+      "user@example.com"
+    ]
+  }
+  approval_workflow {
+    manual_approvals {
+      require_approver_justification = true
+      steps {
+        approvals_needed = 1
+        approver_email_recipients = [
+          "james.woolfenden@gmail.com"
+        ]
+        approvers {
+          principals = [
+            "group:james.woolfenden@gmail.com"
+          ]
+        }
+      }
+    }
+  }
+}
diff --git a/terraform/google/backup/google_project.tf b/terraform/google/backup/google_project.tf
new file mode 100644
index 00000000..7fbb7b0c
--- /dev/null
+++ b/terraform/google/backup/google_project.tf
@@ -0,0 +1,4 @@
+resource "google_project" "pike" {
+  project_id = "pike-plus"
+  name       = "pike-plus"
+}
diff --git a/terraform/google/backup/google_project_access_approval_settings.tf b/terraform/google/backup/google_project_access_approval_settings.tf
new file mode 100644
index 00000000..cd5774ce
--- /dev/null
+++ b/terraform/google/backup/google_project_access_approval_settings.tf
@@ -0,0 +1,9 @@
+resource "google_project_access_approval_settings" "pike" {
+  project_id          = "pike-plus"
+  notification_emails = ["james.woolfenden@gmail.com"]
+
+  enrolled_services {
+    cloud_product    = "all"
+    enrollment_level = "BLOCK_ALL"
+  }
+}
diff --git a/terraform/google/backup/google_project_default_service_accounts.tf b/terraform/google/backup/google_project_default_service_accounts.tf
new file mode 100644
index 00000000..29a86df7
--- /dev/null
+++ b/terraform/google/backup/google_project_default_service_accounts.tf
@@ -0,0 +1,5 @@
+resource "google_project_default_service_accounts" "my_project" {
+  project        = "pike-412922"
+  action         = "DISABLE"
+  restore_policy = "REVERT"
+}
diff --git a/terraform/google/backup/google_project_iam_audit_config.tf b/terraform/google/backup/google_project_iam_audit_config.tf
new file mode 100644
index 00000000..53e6b615
--- /dev/null
+++ b/terraform/google/backup/google_project_iam_audit_config.tf
@@ -0,0 +1,13 @@
+resource "google_project_iam_audit_config" "pike" {
+  project = "pike-412922"
+  service = "allServices"
+  audit_log_config {
+    log_type = "ADMIN_READ"
+  }
+  audit_log_config {
+    log_type = "DATA_READ"
+    # exempted_members = [
+    #   "user:james.woolfenden@gmail.com",
+    # ]
+  }
+}
diff --git a/terraform/google/backup/google_project_iam_member_remove.tf b/terraform/google/backup/google_project_iam_member_remove.tf
new file mode 100644
index 00000000..e2a45dc3
--- /dev/null
+++ b/terraform/google/backup/google_project_iam_member_remove.tf
@@ -0,0 +1,5 @@
+resource "google_project_iam_member_remove" "pike" {
+  project = "pike-412922"
+  role    = "roles/compute.networkUser"
+  member  = "user:crwwoolfenden@gmail.com"
+}
diff --git a/terraform/google/backup/google_project_organization_policy.tf b/terraform/google/backup/google_project_organization_policy.tf
new file mode 100644
index 00000000..5e3cd819
--- /dev/null
+++ b/terraform/google/backup/google_project_organization_policy.tf
@@ -0,0 +1,8 @@
+resource "google_project_organization_policy" "pike" {
+  project    = "pike-plus"
+  constraint = "compute.disableSerialPortAccess"
+
+  boolean_policy {
+    enforced = true
+  }
+}
diff --git a/terraform/google/backup/google_project_services.tf b/terraform/google/backup/google_project_services.tf
new file mode 100644
index 00000000..21a8b3ee
--- /dev/null
+++ b/terraform/google/backup/google_project_services.tf
@@ -0,0 +1 @@
+resource "google_project_services" "pike" {}
diff --git a/terraform/google/backup/google_project_usage_export_bucket.tf b/terraform/google/backup/google_project_usage_export_bucket.tf
new file mode 100644
index 00000000..6cfc3942
--- /dev/null
+++ b/terraform/google/backup/google_project_usage_export_bucket.tf
@@ -0,0 +1,10 @@
+resource "google_project_usage_export_bucket" "pike" {
+  project     = "pike-412922"
+  bucket_name = google_storage_bucket.temp.name
+}
+
+resource "google_storage_bucket" "temp" {
+  name                        = "usage-tracking-bucket-jgw"
+  location                    = "europe-west2"
+  uniform_bucket_level_access = true
+}
diff --git a/terraform/google/backup/google_pubsub_schema_iam_binding.tf b/terraform/google/backup/google_pubsub_schema_iam_binding.tf
new file mode 100644
index 00000000..59762b30
--- /dev/null
+++ b/terraform/google/backup/google_pubsub_schema_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_pubsub_schema_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_pubsub_schema_iam_member.tf b/terraform/google/backup/google_pubsub_schema_iam_member.tf
new file mode 100644
index 00000000..ea3f6d8a
--- /dev/null
+++ b/terraform/google/backup/google_pubsub_schema_iam_member.tf
@@ -0,0 +1 @@
+resource "google_pubsub_schema_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_pubsub_schema_iam_policy.tf b/terraform/google/backup/google_pubsub_schema_iam_policy.tf
new file mode 100644
index 00000000..57def094
--- /dev/null
+++ b/terraform/google/backup/google_pubsub_schema_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_pubsub_schema_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_pubsub_subscription_iam_binding.tf b/terraform/google/backup/google_pubsub_subscription_iam_binding.tf
new file mode 100644
index 00000000..f72650ab
--- /dev/null
+++ b/terraform/google/backup/google_pubsub_subscription_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_pubsub_subscription_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_pubsub_subscription_iam_member.tf b/terraform/google/backup/google_pubsub_subscription_iam_member.tf
new file mode 100644
index 00000000..e979611f
--- /dev/null
+++ b/terraform/google/backup/google_pubsub_subscription_iam_member.tf
@@ -0,0 +1 @@
+resource "google_pubsub_subscription_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_pubsub_subscription_iam_policy.tf b/terraform/google/backup/google_pubsub_subscription_iam_policy.tf
new file mode 100644
index 00000000..8e8d0f17
--- /dev/null
+++ b/terraform/google/backup/google_pubsub_subscription_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_pubsub_subscription_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_redis_cluster.tf b/terraform/google/backup/google_redis_cluster.tf
new file mode 100644
index 00000000..55c76ee2
--- /dev/null
+++ b/terraform/google/backup/google_redis_cluster.tf
@@ -0,0 +1 @@
+resource "google_redis_cluster" "pike" {}
diff --git a/terraform/google/backup/google_redis_cluster_user_created_connections.tf b/terraform/google/backup/google_redis_cluster_user_created_connections.tf
new file mode 100644
index 00000000..29a9d703
--- /dev/null
+++ b/terraform/google/backup/google_redis_cluster_user_created_connections.tf
@@ -0,0 +1 @@
+resource "google_redis_cluster_user_created_connections" "pike" {}
diff --git a/terraform/google/backup/google_runtimeconfig_config.tf b/terraform/google/backup/google_runtimeconfig_config.tf
new file mode 100644
index 00000000..84ee6601
--- /dev/null
+++ b/terraform/google/backup/google_runtimeconfig_config.tf
@@ -0,0 +1 @@
+resource "google_runtimeconfig_config" "pike" {}
diff --git a/terraform/google/backup/google_runtimeconfig_config_iam_binding.tf b/terraform/google/backup/google_runtimeconfig_config_iam_binding.tf
new file mode 100644
index 00000000..6ed02368
--- /dev/null
+++ b/terraform/google/backup/google_runtimeconfig_config_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_runtimeconfig_config_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_runtimeconfig_config_iam_member.tf b/terraform/google/backup/google_runtimeconfig_config_iam_member.tf
new file mode 100644
index 00000000..9d878e56
--- /dev/null
+++ b/terraform/google/backup/google_runtimeconfig_config_iam_member.tf
@@ -0,0 +1 @@
+resource "google_runtimeconfig_config_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_runtimeconfig_config_iam_policy.tf b/terraform/google/backup/google_runtimeconfig_config_iam_policy.tf
new file mode 100644
index 00000000..81eaea8f
--- /dev/null
+++ b/terraform/google/backup/google_runtimeconfig_config_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_runtimeconfig_config_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_runtimeconfig_variable.tf b/terraform/google/backup/google_runtimeconfig_variable.tf
new file mode 100644
index 00000000..a6799694
--- /dev/null
+++ b/terraform/google/backup/google_runtimeconfig_variable.tf
@@ -0,0 +1 @@
+resource "google_runtimeconfig_variable" "pike" {}
diff --git a/terraform/google/backup/google_scc_source_iam_binding.tf b/terraform/google/backup/google_scc_source_iam_binding.tf
new file mode 100644
index 00000000..df0ea276
--- /dev/null
+++ b/terraform/google/backup/google_scc_source_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_scc_source_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_scc_source_iam_member.tf b/terraform/google/backup/google_scc_source_iam_member.tf
new file mode 100644
index 00000000..f888417c
--- /dev/null
+++ b/terraform/google/backup/google_scc_source_iam_member.tf
@@ -0,0 +1 @@
+resource "google_scc_source_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_scc_source_iam_policy.tf b/terraform/google/backup/google_scc_source_iam_policy.tf
new file mode 100644
index 00000000..60905d43
--- /dev/null
+++ b/terraform/google/backup/google_scc_source_iam_policy.tf
@@ -0,0 +1,4 @@
+data "google_scc_source_iam_policy" "test" {
+  source       = "102278311227"
+  organization = "102278311227"
+}
diff --git a/terraform/google/backup/google_scc_v2_organization_source_iam_binding.tf b/terraform/google/backup/google_scc_v2_organization_source_iam_binding.tf
new file mode 100644
index 00000000..7dc8557b
--- /dev/null
+++ b/terraform/google/backup/google_scc_v2_organization_source_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_scc_v2_organization_source_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_scc_v2_organization_source_iam_member.tf b/terraform/google/backup/google_scc_v2_organization_source_iam_member.tf
new file mode 100644
index 00000000..9d3bc311
--- /dev/null
+++ b/terraform/google/backup/google_scc_v2_organization_source_iam_member.tf
@@ -0,0 +1 @@
+resource "google_scc_v2_organization_source_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_scc_v2_organization_source_iam_policy.tf b/terraform/google/backup/google_scc_v2_organization_source_iam_policy.tf
new file mode 100644
index 00000000..54643429
--- /dev/null
+++ b/terraform/google/backup/google_scc_v2_organization_source_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_scc_v2_organization_source_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_secret_manager_regional_secret.tf b/terraform/google/backup/google_secret_manager_regional_secret.tf
new file mode 100644
index 00000000..edbdcc84
--- /dev/null
+++ b/terraform/google/backup/google_secret_manager_regional_secret.tf
@@ -0,0 +1,14 @@
+resource "google_secret_manager_regional_secret" "pike" {
+  secret_id = "tf-reg-secret"
+  location  = "us-central1"
+
+  labels = {
+    label = "my-label"
+  }
+
+  annotations = {
+    key1 = "value1",
+    key2 = "value2",
+    key3 = "value3"
+  }
+}
diff --git a/terraform/google/backup/google_secret_manager_regional_secret_iam_binding.tf b/terraform/google/backup/google_secret_manager_regional_secret_iam_binding.tf
new file mode 100644
index 00000000..fb09acf6
--- /dev/null
+++ b/terraform/google/backup/google_secret_manager_regional_secret_iam_binding.tf
@@ -0,0 +1,11 @@
+resource "google_secret_manager_regional_secret_iam_binding" "pike" {
+  project   = google_secret_manager_regional_secret.pike.project
+  secret_id = google_secret_manager_regional_secret.pike.secret_id
+  role      = "roles/secretmanager.secretAccessor"
+  members = [
+    "user:james.woolfenden@gmail.com",
+  ]
+  depends_on = [
+    google_secret_manager_regional_secret.pike
+  ]
+}
diff --git a/terraform/google/backup/google_secret_manager_regional_secret_iam_member.tf b/terraform/google/backup/google_secret_manager_regional_secret_iam_member.tf
new file mode 100644
index 00000000..6ba8f179
--- /dev/null
+++ b/terraform/google/backup/google_secret_manager_regional_secret_iam_member.tf
@@ -0,0 +1,7 @@
+resource "google_secret_manager_regional_secret_iam_member" "pike" {
+  project   = google_secret_manager_regional_secret.pike.project
+  location  = google_secret_manager_regional_secret.pike.location
+  secret_id = google_secret_manager_regional_secret.pike.secret_id
+  role      = "roles/secretmanager.secretAccessor"
+  member    = "user:james.woolfenden@gmail.com"
+}
diff --git a/terraform/google/backup/google_secret_manager_regional_secret_iam_policy.tf b/terraform/google/backup/google_secret_manager_regional_secret_iam_policy.tf
new file mode 100644
index 00000000..e00b01ed
--- /dev/null
+++ b/terraform/google/backup/google_secret_manager_regional_secret_iam_policy.tf
@@ -0,0 +1,3 @@
+resource "google_secret_manager_regional_secret_iam_policy" "pike" {
+
+}
diff --git a/terraform/google/backup/google_secret_manager_regional_secret_version.tf b/terraform/google/backup/google_secret_manager_regional_secret_version.tf
new file mode 100644
index 00000000..5a565b66
--- /dev/null
+++ b/terraform/google/backup/google_secret_manager_regional_secret_version.tf
@@ -0,0 +1,4 @@
+resource "google_secret_manager_regional_secret_version" "pike" {
+  secret      = google_secret_manager_regional_secret.pike.id
+  secret_data = "secret-data"
+}
diff --git a/terraform/google/backup/google_secure_source_manager_branch_rule.tf b/terraform/google/backup/google_secure_source_manager_branch_rule.tf
new file mode 100644
index 00000000..d867f5ca
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_branch_rule.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_branch_rule" "pike" {}
diff --git a/terraform/google/backup/google_secure_source_manager_instance.tf b/terraform/google/backup/google_secure_source_manager_instance.tf
new file mode 100644
index 00000000..4563b95d
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_instance.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_instance" "pike" {}
diff --git a/terraform/google/backup/google_secure_source_manager_instance_iam_binding.tf b/terraform/google/backup/google_secure_source_manager_instance_iam_binding.tf
new file mode 100644
index 00000000..1bac6b0f
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_instance_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_instance_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_secure_source_manager_instance_iam_member.tf b/terraform/google/backup/google_secure_source_manager_instance_iam_member.tf
new file mode 100644
index 00000000..e84e4f27
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_instance_iam_member.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_instance_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_secure_source_manager_instance_iam_policy.tf b/terraform/google/backup/google_secure_source_manager_instance_iam_policy.tf
new file mode 100644
index 00000000..f9cdb5be
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_instance_iam_policy.tf
@@ -0,0 +1,3 @@
+data "google_secure_source_manager_instance_iam_policy" "pike" {
+  instance_id = "102278311227"
+}
diff --git a/terraform/google/backup/google_secure_source_manager_repository.tf b/terraform/google/backup/google_secure_source_manager_repository.tf
new file mode 100644
index 00000000..6f0bcba6
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_repository.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_repository" "pike" {}
diff --git a/terraform/google/backup/google_secure_source_manager_repository_iam_binding.tf b/terraform/google/backup/google_secure_source_manager_repository_iam_binding.tf
new file mode 100644
index 00000000..534c2728
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_repository_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_repository_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_secure_source_manager_repository_iam_member.tf b/terraform/google/backup/google_secure_source_manager_repository_iam_member.tf
new file mode 100644
index 00000000..910b3f90
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_repository_iam_member.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_repository_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_secure_source_manager_repository_iam_policy.tf b/terraform/google/backup/google_secure_source_manager_repository_iam_policy.tf
new file mode 100644
index 00000000..33e54780
--- /dev/null
+++ b/terraform/google/backup/google_secure_source_manager_repository_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_secure_source_manager_repository_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_site_verification_owner.tf b/terraform/google/backup/google_site_verification_owner.tf
new file mode 100644
index 00000000..74f728c9
--- /dev/null
+++ b/terraform/google/backup/google_site_verification_owner.tf
@@ -0,0 +1,36 @@
+resource "google_storage_bucket" "bucket" {
+  name     = "example-storage-bucket-jgw"
+  location = "US"
+}
+
+data "google_site_verification_token" "token" {
+  type                = "SITE"
+  identifier          = "https://${google_storage_bucket.bucket.name}.storage.googleapis.com/"
+  verification_method = "FILE"
+}
+
+resource "google_storage_bucket_object" "object" {
+  name    = data.google_site_verification_token.token.token
+  content = "google-site-verification: ${data.google_site_verification_token.token.token}"
+  bucket  = google_storage_bucket.bucket.name
+}
+
+resource "google_storage_object_access_control" "public_rule" {
+  bucket = google_storage_bucket.bucket.name
+  object = google_storage_bucket_object.object.name
+  role   = "READER"
+  entity = "allUsers"
+}
+
+resource "google_site_verification_web_resource" "example" {
+  site {
+    type       = data.google_site_verification_token.token.type
+    identifier = data.google_site_verification_token.token.identifier
+  }
+  verification_method = data.google_site_verification_token.token.verification_method
+}
+
+resource "google_site_verification_owner" "example" {
+  web_resource_id = google_site_verification_web_resource.example.id
+  email           = "user@example.com"
+}
diff --git a/terraform/google/backup/google_site_verification_web_resource.tf b/terraform/google/backup/google_site_verification_web_resource.tf
new file mode 100644
index 00000000..296c6435
--- /dev/null
+++ b/terraform/google/backup/google_site_verification_web_resource.tf
@@ -0,0 +1 @@
+# resource "google_site_verification_web_resource" "pike" {}
diff --git a/terraform/google/backup/google_sourcerepo_repository_iam_binding.tf b/terraform/google/backup/google_sourcerepo_repository_iam_binding.tf
new file mode 100644
index 00000000..d3bb71bf
--- /dev/null
+++ b/terraform/google/backup/google_sourcerepo_repository_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_sourcerepo_repository_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_sourcerepo_repository_iam_member.tf b/terraform/google/backup/google_sourcerepo_repository_iam_member.tf
new file mode 100644
index 00000000..bb4e143b
--- /dev/null
+++ b/terraform/google/backup/google_sourcerepo_repository_iam_member.tf
@@ -0,0 +1 @@
+resource "google_sourcerepo_repository_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_sourcerepo_repository_iam_policy.tf b/terraform/google/backup/google_sourcerepo_repository_iam_policy.tf
new file mode 100644
index 00000000..9813af80
--- /dev/null
+++ b/terraform/google/backup/google_sourcerepo_repository_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_sourcerepo_repository_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_spanner_backup_schedule.tf b/terraform/google/backup/google_spanner_backup_schedule.tf
new file mode 100644
index 00000000..cf67b3ca
--- /dev/null
+++ b/terraform/google/backup/google_spanner_backup_schedule.tf
@@ -0,0 +1,39 @@
+
+
+resource "google_spanner_database" "database" {
+  instance                 = google_spanner_instance.main.name
+  name                     = "database-id"
+  version_retention_period = "3d"
+  ddl = [
+    "CREATE TABLE t1 (t1 INT64 NOT NULL,) PRIMARY KEY(t1)",
+    "CREATE TABLE t2 (t2 INT64 NOT NULL,) PRIMARY KEY(t2)",
+  ]
+  deletion_protection = false
+}
+
+resource "google_spanner_backup_schedule" "full-backup" {
+  instance = google_spanner_instance.main.name
+
+  database = google_spanner_database.database.name
+
+  name = "backup-schedule-id"
+
+  retention_duration = "31620000s" // 366 days (maximum possible retention)
+
+  spec {
+    cron_spec {
+      //   0 2/12 * * * : every 12 hours at (2, 14) hours past midnight in UTC.
+      //   0 2,14 * * * : every 12 hours at (2,14) hours past midnight in UTC.
+      //   0 2 * * *    : once a day at 2 past midnight in UTC.
+      //   0 2 * * 0    : once a week every Sunday at 2 past midnight in UTC.
+      //   0 2 8 * *    : once a month on 8th day at 2 past midnight in UTC.
+      text = "0 12 * * *"
+    }
+  }
+  // The schedule creates only full backups.
+  full_backup_spec {}
+
+  encryption_config {
+    encryption_type = "USE_DATABASE_ENCRYPTION"
+  }
+}
diff --git a/terraform/google/backup/google_spanner_instance_config.tf b/terraform/google/backup/google_spanner_instance_config.tf
new file mode 100644
index 00000000..78d5a3c5
--- /dev/null
+++ b/terraform/google/backup/google_spanner_instance_config.tf
@@ -0,0 +1,13 @@
+resource "google_spanner_instance_config" "example" {
+  name         = "custom-nam11-config"
+  display_name = "Test Spanner Instance Config"
+  base_config  = "nam11"
+  replicas {
+    location                = "us-west1"
+    type                    = "READ_ONLY"
+    default_leader_location = false
+  }
+  labels = {
+    "foo" = "bar"
+  }
+}
diff --git a/terraform/google/backup/google_spanner_instance_partition.tf b/terraform/google/backup/google_spanner_instance_partition.tf
new file mode 100644
index 00000000..23424ecb
--- /dev/null
+++ b/terraform/google/backup/google_spanner_instance_partition.tf
@@ -0,0 +1,15 @@
+resource "google_spanner_instance" "main" {
+  name         = "test-instance"
+  config       = "nam6"
+  display_name = "main-instance"
+  num_nodes    = 1
+  edition      = "ENTERPRISE_PLUS"
+}
+
+resource "google_spanner_instance_partition" "partition" {
+  name         = "test-partition"
+  instance     = google_spanner_instance.main.name
+  config       = "nam8"
+  display_name = "test-spanner-partition"
+  node_count   = 1
+}
diff --git a/terraform/google/backup/google_sql_ssl_cert.tf b/terraform/google/backup/google_sql_ssl_cert.tf
new file mode 100644
index 00000000..e9d5fc1d
--- /dev/null
+++ b/terraform/google/backup/google_sql_ssl_cert.tf
@@ -0,0 +1 @@
+resource "google_sql_ssl_cert" "pike" {}
diff --git a/terraform/google/backup/google_storage_control_folder_intelligence_config.tf b/terraform/google/backup/google_storage_control_folder_intelligence_config.tf
new file mode 100644
index 00000000..73676bb4
--- /dev/null
+++ b/terraform/google/backup/google_storage_control_folder_intelligence_config.tf
@@ -0,0 +1,12 @@
+resource "google_storage_control_folder_intelligence_config" "example" {
+  name           = "pike-412922"
+  edition_config = "STANDARD"
+  filter {
+    included_cloud_storage_buckets {
+      bucket_id_regexes = ["test-id-1*", "test-id-2*"]
+    }
+    excluded_cloud_storage_locations {
+      locations = ["test-location-1*", "test-locations-2*"]
+    }
+  }
+}
diff --git a/terraform/google/backup/google_storage_control_organization_intelligence_config.tf b/terraform/google/backup/google_storage_control_organization_intelligence_config.tf
new file mode 100644
index 00000000..aa6fa01b
--- /dev/null
+++ b/terraform/google/backup/google_storage_control_organization_intelligence_config.tf
@@ -0,0 +1 @@
+# resource "google_storage_control_organization_intelligence_config" "pike" {}
diff --git a/terraform/google/backup/google_storage_control_project_intelligence_config.tf b/terraform/google/backup/google_storage_control_project_intelligence_config.tf
new file mode 100644
index 00000000..0346edd1
--- /dev/null
+++ b/terraform/google/backup/google_storage_control_project_intelligence_config.tf
@@ -0,0 +1 @@
+# resource "google_storage_control_project_intelligence_config" "pike" {}
diff --git a/terraform/google/backup/google_storage_insights_dataset_config.tf b/terraform/google/backup/google_storage_insights_dataset_config.tf
new file mode 100644
index 00000000..89a8cfb0
--- /dev/null
+++ b/terraform/google/backup/google_storage_insights_dataset_config.tf
@@ -0,0 +1,52 @@
+data "google_project" "project" {
+}
+
+resource "google_storage_insights_report_config" "config" {
+  display_name = "Test Report Config"
+  location     = "us-central1"
+  frequency_options {
+    frequency = "WEEKLY"
+    start_date {
+      day   = 15
+      month = 3
+      year  = 2050
+    }
+    end_date {
+      day   = 15
+      month = 4
+      year  = 2050
+    }
+  }
+  csv_options {
+    record_separator = "\n"
+    delimiter        = ","
+    header_required  = false
+  }
+  object_metadata_report_options {
+    metadata_fields = ["bucket", "name", "project"]
+    storage_filters {
+      bucket = google_storage_bucket.report_bucket.name
+    }
+    storage_destination_options {
+      bucket           = google_storage_bucket.report_bucket.name
+      destination_path = "test-insights-reports"
+    }
+  }
+
+  depends_on = [
+    google_storage_bucket_iam_member.admin
+  ]
+}
+
+resource "google_storage_bucket" "report_bucket" {
+  name                        = "my-bucket-jgw-01"
+  location                    = "us-central1"
+  force_destroy               = true
+  uniform_bucket_level_access = true
+}
+
+resource "google_storage_bucket_iam_member" "admin" {
+  bucket = google_storage_bucket.report_bucket.name
+  role   = "roles/storage.admin"
+  member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-storageinsights.iam.gserviceaccount.com"
+}
diff --git a/terraform/google/backup/google_storage_managed_folder_iam_binding.tf b/terraform/google/backup/google_storage_managed_folder_iam_binding.tf
new file mode 100644
index 00000000..c0f17aea
--- /dev/null
+++ b/terraform/google/backup/google_storage_managed_folder_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_storage_managed_folder_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_storage_managed_folder_iam_member.tf b/terraform/google/backup/google_storage_managed_folder_iam_member.tf
new file mode 100644
index 00000000..3c3cad6a
--- /dev/null
+++ b/terraform/google/backup/google_storage_managed_folder_iam_member.tf
@@ -0,0 +1 @@
+resource "google_storage_managed_folder_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_storage_managed_folder_iam_policy.tf b/terraform/google/backup/google_storage_managed_folder_iam_policy.tf
new file mode 100644
index 00000000..35bb812c
--- /dev/null
+++ b/terraform/google/backup/google_storage_managed_folder_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_storage_managed_folder_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_tags_location_tag_binding.tf b/terraform/google/backup/google_tags_location_tag_binding.tf
new file mode 100644
index 00000000..a69a9f66
--- /dev/null
+++ b/terraform/google/backup/google_tags_location_tag_binding.tf
@@ -0,0 +1 @@
+resource "google_tags_location_tag_binding" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_binding.tf b/terraform/google/backup/google_tags_tag_binding.tf
new file mode 100644
index 00000000..3a9ee428
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_binding.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_binding" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_key.tf b/terraform/google/backup/google_tags_tag_key.tf
new file mode 100644
index 00000000..8f3db6cd
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_key.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_key" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_key_iam_binding.tf b/terraform/google/backup/google_tags_tag_key_iam_binding.tf
new file mode 100644
index 00000000..f6f031b1
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_key_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_key_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_key_iam_member.tf b/terraform/google/backup/google_tags_tag_key_iam_member.tf
new file mode 100644
index 00000000..b69e3c54
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_key_iam_member.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_key_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_key_iam_policy.tf b/terraform/google/backup/google_tags_tag_key_iam_policy.tf
new file mode 100644
index 00000000..e4f9c9a5
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_key_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_key_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_value.tf b/terraform/google/backup/google_tags_tag_value.tf
new file mode 100644
index 00000000..6e709a47
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_value.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_value" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_value_iam_binding.tf b/terraform/google/backup/google_tags_tag_value_iam_binding.tf
new file mode 100644
index 00000000..b2020e4e
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_value_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_value_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_value_iam_member.tf b/terraform/google/backup/google_tags_tag_value_iam_member.tf
new file mode 100644
index 00000000..3abe3f09
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_value_iam_member.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_value_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_tags_tag_value_iam_policy.tf b/terraform/google/backup/google_tags_tag_value_iam_policy.tf
new file mode 100644
index 00000000..6ad868f1
--- /dev/null
+++ b/terraform/google/backup/google_tags_tag_value_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_tags_tag_value_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_tpu_node.tf b/terraform/google/backup/google_tpu_node.tf
new file mode 100644
index 00000000..1ef3f4f9
--- /dev/null
+++ b/terraform/google/backup/google_tpu_node.tf
@@ -0,0 +1 @@
+resource "google_tpu_node" "pike" {}
diff --git a/terraform/google/backup/google_tpu_v2_queued_resource.tf b/terraform/google/backup/google_tpu_v2_queued_resource.tf
new file mode 100644
index 00000000..8b1edcb6
--- /dev/null
+++ b/terraform/google/backup/google_tpu_v2_queued_resource.tf
@@ -0,0 +1,18 @@
+resource "google_tpu_v2_queued_resource" "qr" {
+  provider = google-beta
+
+  name = "test-qr"
+  zone = "us-central1-c"
+
+  tpu {
+    node_spec {
+      parent  = "projects/pike-412922/locations/us-central1-c"
+      node_id = "test-tpu"
+      node {
+        runtime_version  = "tpu-vm-tf-2.13.0"
+        accelerator_type = "v2-8"
+        description      = "Text description of the TPU."
+      }
+    }
+  }
+}
diff --git a/terraform/google/backup/google_tpu_v2_vm.tf b/terraform/google/backup/google_tpu_v2_vm.tf
new file mode 100644
index 00000000..17a0f9bb
--- /dev/null
+++ b/terraform/google/backup/google_tpu_v2_vm.tf
@@ -0,0 +1,13 @@
+data "google_tpu_v2_runtime_versions" "available" {
+  provider = google-beta
+  zone     = "us-central1-c"
+}
+
+resource "google_tpu_v2_vm" "tpu" {
+  provider = google-beta
+
+  name = "test-tpu"
+  zone = "us-central1-c"
+
+  runtime_version = "tpu-vm-tf-2.13.0"
+}
diff --git a/terraform/google/backup/google_transcoder_job.tf b/terraform/google/backup/google_transcoder_job.tf
new file mode 100644
index 00000000..11379f2c
--- /dev/null
+++ b/terraform/google/backup/google_transcoder_job.tf
@@ -0,0 +1 @@
+resource "google_transcoder_job" "pike" {}
diff --git a/terraform/google/backup/google_transcoder_job_template.tf b/terraform/google/backup/google_transcoder_job_template.tf
new file mode 100644
index 00000000..d4fe4fbe
--- /dev/null
+++ b/terraform/google/backup/google_transcoder_job_template.tf
@@ -0,0 +1 @@
+resource "google_transcoder_job_template" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_cache_config.tf b/terraform/google/backup/google_vertex_ai_cache_config.tf
new file mode 100644
index 00000000..350c09aa
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_cache_config.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_cache_config" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_deployment_resource_pool.tf b/terraform/google/backup/google_vertex_ai_deployment_resource_pool.tf
new file mode 100644
index 00000000..bc12d6ab
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_deployment_resource_pool.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_deployment_resource_pool" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_endpoint_with_model_garden_deployment.tf b/terraform/google/backup/google_vertex_ai_endpoint_with_model_garden_deployment.tf
new file mode 100644
index 00000000..aeddf2ba
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_endpoint_with_model_garden_deployment.tf
@@ -0,0 +1,7 @@
+resource "google_vertex_ai_endpoint_with_model_garden_deployment" "deploy" {
+  publisher_model_name = "publishers/google/models/paligemma@paligemma-224-float32"
+  location             = "europe-west2"
+  model_config {
+    accept_eula = true
+  }
+}
diff --git a/terraform/google/backup/google_vertex_ai_feature_group_iam_binding.tf b/terraform/google/backup/google_vertex_ai_feature_group_iam_binding.tf
new file mode 100644
index 00000000..117dffb2
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_group_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_group_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_group_iam_member.tf b/terraform/google/backup/google_vertex_ai_feature_group_iam_member.tf
new file mode 100644
index 00000000..63da363c
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_group_iam_member.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_group_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_group_iam_policy.tf b/terraform/google/backup/google_vertex_ai_feature_group_iam_policy.tf
new file mode 100644
index 00000000..765e843f
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_group_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_group_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_binding.tf b/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_binding.tf
new file mode 100644
index 00000000..70b56ebd
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_online_store_featureview_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_member.tf b/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_member.tf
new file mode 100644
index 00000000..5a33d2d0
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_member.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_online_store_featureview_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_policy.tf b/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_policy.tf
new file mode 100644
index 00000000..576d5f9d
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_online_store_featureview_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_online_store_featureview_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_online_store_iam_binding.tf b/terraform/google/backup/google_vertex_ai_feature_online_store_iam_binding.tf
new file mode 100644
index 00000000..457366af
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_online_store_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_online_store_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_online_store_iam_member.tf b/terraform/google/backup/google_vertex_ai_feature_online_store_iam_member.tf
new file mode 100644
index 00000000..315662b9
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_online_store_iam_member.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_online_store_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_feature_online_store_iam_policy.tf b/terraform/google/backup/google_vertex_ai_feature_online_store_iam_policy.tf
new file mode 100644
index 00000000..60ebd9f5
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_feature_online_store_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_feature_online_store_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_index_endpoint_deployed_index.tf b/terraform/google/backup/google_vertex_ai_index_endpoint_deployed_index.tf
new file mode 100644
index 00000000..10f29671
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_index_endpoint_deployed_index.tf
@@ -0,0 +1,83 @@
+resource "google_vertex_ai_index_endpoint_deployed_index" "basic_deployed_index" {
+  deployed_index_id     = "deployed_index_id"
+  display_name          = "vertex-deployed-index"
+  region                = "us-central1"
+  index                 = google_vertex_ai_index.index.id
+  index_endpoint        = google_vertex_ai_index_endpoint.vertex_index_endpoint_deployed.id
+  enable_access_logging = false
+  reserved_ip_ranges    = ["vertex-ai-range"]
+
+  deployed_index_auth_config {
+
+    auth_provider {
+      audiences       = ["123456-my-app"]
+      allowed_issuers = ["${google_service_account.sa.email}"]
+    }
+  }
+}
+
+resource "google_vertex_ai_index" "index" {
+  region              = "us-central1"
+  display_name        = "test-index"
+  description         = "index for test"
+  index_update_method = "BATCH_UPDATE"
+  labels = {
+    foo = "bar"
+  }
+
+  metadata {
+    contents_delta_uri = "gs://${google_storage_bucket.bucket.name}/contents"
+
+    config {
+      dimensions                  = 2
+      approximate_neighbors_count = 150
+      shard_size                  = "SHARD_SIZE_SMALL"
+      distance_measure_type       = "DOT_PRODUCT_DISTANCE"
+
+      algorithm_config {
+
+        tree_ah_config {
+          leaf_node_embedding_count    = 500
+          leaf_nodes_to_search_percent = 7
+        }
+      }
+    }
+  }
+}
+
+resource "google_vertex_ai_index_endpoint" "vertex_index_endpoint_deployed" {
+  display_name = "sample-endpoint"
+  description  = "A sample vertex endpoint"
+  region       = "us-central1"
+  network      = "projects/${data.google_project.project.number}/global/networks/${data.google_compute_network.vertex_network.name}"
+  labels = {
+    label-one = "value-one"
+  }
+}
+
+resource "google_service_account" "sa" {
+  account_id = "vertex-sa"
+}
+
+resource "google_storage_bucket" "bucket" {
+  name                        = "bucket-name-jgw-test"
+  location                    = "us-central1"
+  uniform_bucket_level_access = true
+}
+
+# The sample data comes from the following link:
+# https://cloud.google.com/vertex-ai/docs/matching-engine/filtering#specify-namespaces-tokens
+resource "google_storage_bucket_object" "data" {
+  name    = "contents/data.json"
+  bucket  = google_storage_bucket.bucket.name
+  content = <<EOF
+{"id": "42", "embedding": [0.5, 1.0], "restricts": [{"namespace": "class", "allow": ["cat", "pet"]},{"namespace": "category", "allow": ["feline"]}]}
+{"id": "43", "embedding": [0.6, 1.0], "restricts": [{"namespace": "class", "allow": ["dog", "pet"]},{"namespace": "category", "allow": ["canine"]}]}
+EOF
+}
+
+data "google_compute_network" "vertex_network" {
+  name = "default"
+}
+
+data "google_project" "project" {}
diff --git a/terraform/google/backup/google_vertex_ai_rag_engine_config.tf b/terraform/google/backup/google_vertex_ai_rag_engine_config.tf
new file mode 100644
index 00000000..34154b30
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_rag_engine_config.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_rag_engine_config" "pike" {}
diff --git a/terraform/google/backup/google_vertex_ai_reasoning_engine.tf b/terraform/google/backup/google_vertex_ai_reasoning_engine.tf
new file mode 100644
index 00000000..535de45a
--- /dev/null
+++ b/terraform/google/backup/google_vertex_ai_reasoning_engine.tf
@@ -0,0 +1 @@
+resource "google_vertex_ai_reasoning_engine" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_cluster.tf b/terraform/google/backup/google_vmwareengine_cluster.tf
new file mode 100644
index 00000000..130e2524
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_cluster.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_cluster" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_external_access_rule.tf b/terraform/google/backup/google_vmwareengine_external_access_rule.tf
new file mode 100644
index 00000000..d9f77946
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_external_access_rule.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_external_access_rule" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_external_address.tf b/terraform/google/backup/google_vmwareengine_external_address.tf
new file mode 100644
index 00000000..5dd22b68
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_external_address.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_external_address" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_network.tf b/terraform/google/backup/google_vmwareengine_network.tf
new file mode 100644
index 00000000..1ac6aa07
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_network.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_network" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_network_peering.tf b/terraform/google/backup/google_vmwareengine_network_peering.tf
new file mode 100644
index 00000000..bade0390
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_network_peering.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_network_peering" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_network_policy.tf b/terraform/google/backup/google_vmwareengine_network_policy.tf
new file mode 100644
index 00000000..a4b957c4
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_network_policy.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_network_policy" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_private_cloud.tf b/terraform/google/backup/google_vmwareengine_private_cloud.tf
new file mode 100644
index 00000000..d9555da3
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_private_cloud.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_private_cloud" "pike" {}
diff --git a/terraform/google/backup/google_vmwareengine_subnet.tf b/terraform/google/backup/google_vmwareengine_subnet.tf
new file mode 100644
index 00000000..07238d25
--- /dev/null
+++ b/terraform/google/backup/google_vmwareengine_subnet.tf
@@ -0,0 +1 @@
+resource "google_vmwareengine_subnet" "pike" {}
diff --git a/terraform/google/backup/google_vpc_access_connector.tf b/terraform/google/backup/google_vpc_access_connector.tf
new file mode 100644
index 00000000..e6dea45e
--- /dev/null
+++ b/terraform/google/backup/google_vpc_access_connector.tf
@@ -0,0 +1 @@
+resource "google_vpc_access_connector" "pike" {}
diff --git a/terraform/google/backup/google_workbench_instance.tf b/terraform/google/backup/google_workbench_instance.tf
new file mode 100644
index 00000000..34e49605
--- /dev/null
+++ b/terraform/google/backup/google_workbench_instance.tf
@@ -0,0 +1,4 @@
+resource "google_workbench_instance" "instance" {
+  name     = "workbench-instance"
+  location = "us-west1-a"
+}
diff --git a/terraform/google/backup/google_workbench_instance_iam_binding.tf b/terraform/google/backup/google_workbench_instance_iam_binding.tf
new file mode 100644
index 00000000..f9d7e346
--- /dev/null
+++ b/terraform/google/backup/google_workbench_instance_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_workbench_instance_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_workbench_instance_iam_member.tf b/terraform/google/backup/google_workbench_instance_iam_member.tf
new file mode 100644
index 00000000..e77774d9
--- /dev/null
+++ b/terraform/google/backup/google_workbench_instance_iam_member.tf
@@ -0,0 +1 @@
+resource "google_workbench_instance_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_workbench_instance_iam_policy.tf b/terraform/google/backup/google_workbench_instance_iam_policy.tf
new file mode 100644
index 00000000..5fdf3a9f
--- /dev/null
+++ b/terraform/google/backup/google_workbench_instance_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_workbench_instance_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_workflows_workflow.tf b/terraform/google/backup/google_workflows_workflow.tf
new file mode 100644
index 00000000..bd5fe41f
--- /dev/null
+++ b/terraform/google/backup/google_workflows_workflow.tf
@@ -0,0 +1 @@
+resource "google_workflows_workflow" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation.tf b/terraform/google/backup/google_workstations_workstation.tf
new file mode 100644
index 00000000..a59d8e4b
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_cluster.tf b/terraform/google/backup/google_workstations_workstation_cluster.tf
new file mode 100644
index 00000000..a0614976
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_cluster.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_cluster" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_config.tf b/terraform/google/backup/google_workstations_workstation_config.tf
new file mode 100644
index 00000000..132a5d86
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_config.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_config" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_config_iam_binding.tf b/terraform/google/backup/google_workstations_workstation_config_iam_binding.tf
new file mode 100644
index 00000000..0536842f
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_config_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_config_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_config_iam_member.tf b/terraform/google/backup/google_workstations_workstation_config_iam_member.tf
new file mode 100644
index 00000000..0c03085a
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_config_iam_member.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_config_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_config_iam_policy.tf b/terraform/google/backup/google_workstations_workstation_config_iam_policy.tf
new file mode 100644
index 00000000..0aa265c1
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_config_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_config_iam_policy" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_iam_binding.tf b/terraform/google/backup/google_workstations_workstation_iam_binding.tf
new file mode 100644
index 00000000..df0c3d41
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_iam_binding.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_iam_binding" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_iam_membe.tf b/terraform/google/backup/google_workstations_workstation_iam_membe.tf
new file mode 100644
index 00000000..fdd33f80
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_iam_membe.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_iam_member" "pike" {}
diff --git a/terraform/google/backup/google_workstations_workstation_iam_policy.tf b/terraform/google/backup/google_workstations_workstation_iam_policy.tf
new file mode 100644
index 00000000..547715e4
--- /dev/null
+++ b/terraform/google/backup/google_workstations_workstation_iam_policy.tf
@@ -0,0 +1 @@
+resource "google_workstations_workstation_iam_policy" "pike" {}
diff --git a/terraform/google/data.google_cloud_identity_policy.tf b/terraform/google/data.google_cloud_identity_policy.tf
new file mode 100644
index 00000000..4c1f9ba1
--- /dev/null
+++ b/terraform/google/data.google_cloud_identity_policy.tf
@@ -0,0 +1,7 @@
+# data "google_cloud_identity_policy" "pike" {
+#   provider = google-beta
+# }
+#
+# output "google_cloud_identity_policy" {
+#   value = data.google_cloud_identity_policy.pike
+# }
diff --git a/terraform/google/google_apigee_environment.tf b/terraform/google/google_apigee_environment.tf
new file mode 100644
index 00000000..49c99f1b
--- /dev/null
+++ b/terraform/google/google_apigee_environment.tf
@@ -0,0 +1,4 @@
+resource "google_apigee_environment" "pike" {
+  org_id = "pike"
+  name   = "pike"
+}
diff --git a/terraform/google/provider.google.tf b/terraform/google/provider.google.tf
index 96345407..16af8596 100644
--- a/terraform/google/provider.google.tf
+++ b/terraform/google/provider.google.tf
@@ -1,21 +1,19 @@
 provider "google" {
-  project     = "pike-gcp"
+  project     = "pike-477416"
   region      = "europe-west2"
-  credentials = "C:\\Users\\jim_w\\pike-gcp-basic.json"
-  //credentials = "/Users/jwoolfenden/pike-service.json"
+  credentials = var.basic_gcp_credentials
 }
 
 provider "google-beta" {
-  project     = "pike-gcp"
-  region      = "europe-west2"
-  credentials = "C:\\Users\\jim_w\\pike-gcp-basic.json"
-  //credentials = "/Users/jwoolfenden/pike-service.json"
+  project = "pike-477416"
+  # region  = "europe-west2"
+  region      = "us-central1"
+  credentials = var.basic_gcp_credentials
 }
 
 provider "google" {
   alias       = "central"
-  project     = "pike-gcp"
+  project     = "pike-477416"
   region      = "us-central1"
-  credentials = "C:\\Users\\jim_w\\pike-gcp-basic.json"
-  //credentials = "/Users/jwoolfenden/pike-service.json"
+  credentials = var.basic_gcp_credentials
 }
diff --git a/terraform/google/role/Makefile b/terraform/google/role/Makefile
index 914c1044..edaa0b90 100644
--- a/terraform/google/role/Makefile
+++ b/terraform/google/role/Makefile
@@ -4,16 +4,16 @@ clean:
 	-rm terraform.tfstate
 	-rm terraform.tfstate.backup
 apply: init
-	terraform apply -auto-approve
+	tofu apply -auto-approve
 
 plan: init
-	terraform plan
+	tofu plan
 
 destroy: init
-	terraform destroy -auto-approve
+	tofu destroy -auto-approve
 
 init:
-	terraform init
+	tofu init
 
 role: FORCE
 	GOOGLE_CLOUD_KEYFILE_JSON="" terraform  -chdir=apply -auto-approve
diff --git a/terraform/google/role/google_project_iam_binding.tf b/terraform/google/role/google_project_iam_binding.tf
index a27fb6f2..63ccc883 100644
--- a/terraform/google/role/google_project_iam_binding.tf
+++ b/terraform/google/role/google_project_iam_binding.tf
@@ -1,6 +1,6 @@
 resource "google_project_iam_binding" "pike" {
-  project = "pike-gcp"
-  role    = google_project_iam_custom_role.pike.id
+  project = "pike-477416"
+  role    = google_project_iam_custom_role.terraform_pike.id
 
   members = [
     "serviceAccount:${google_service_account.pike.email}",
diff --git a/terraform/google/role/google_project_iam_custom_role.tf b/terraform/google/role/google_project_iam_custom_role.tf
index c91e5013..f3e5d2c2 100644
--- a/terraform/google/role/google_project_iam_custom_role.tf
+++ b/terraform/google/role/google_project_iam_custom_role.tf
@@ -1,11 +1,10 @@
-resource "google_project_iam_custom_role" "pike" {
-  project     = "pike-gcp"
+
+resource "google_project_iam_custom_role" "terraform_pike" {
+  project     = "pike-477416"
   role_id     = "terraform_pike"
-  title       = "pike terraform user"
+  title       = "terraform_pike"
   description = "A user with least privileges"
   permissions = [
-
-
-
+    "artifactregistry.packages.list"
   ]
 }
diff --git a/terraform/google/role/google_project_service.tf b/terraform/google/role/google_project_service.tf
new file mode 100644
index 00000000..cd802888
--- /dev/null
+++ b/terraform/google/role/google_project_service.tf
@@ -0,0 +1,9 @@
+resource "google_project_service" "project" {
+  project = "pike-477416"
+  service = "iam.googleapis.com"
+}
+
+resource "google_project_service" "cloudresources" {
+  project = "pike-477416"
+  service = "cloudresourcemanager.googleapis.com"
+}
diff --git a/terraform/google/role/google_service_account.tf b/terraform/google/role/google_service_account.tf
index 9ec2fa8f..ee51e55a 100644
--- a/terraform/google/role/google_service_account.tf
+++ b/terraform/google/role/google_service_account.tf
@@ -1,5 +1,5 @@
 resource "google_service_account" "pike" {
   account_id   = "pike-service"
   display_name = "pike"
-  project      = "pike-gcp"
+  project      = "pike-477416"
 }
diff --git a/terraform/google/role/google_storage_bucket.tf b/terraform/google/role/google_storage_bucket.tf
index e919de84..6b51481c 100644
--- a/terraform/google/role/google_storage_bucket.tf
+++ b/terraform/google/role/google_storage_bucket.tf
@@ -7,9 +7,9 @@ resource "google_storage_bucket" "default" {
   versioning {
     enabled = true
   }
-  encryption {
-    default_kms_key_name = "projects/pike-gcp/locations/europe-west2/keyRings/pike/cryptoKeys/state"
-  }
+  # encryption {
+  #   default_kms_key_name = "projects/pike/locations/europe-west2/keyRings/pike/cryptoKeys/state"
+  # }
 
   lifecycle_rule {
     action {
diff --git a/terraform/google/role/output.tf b/terraform/google/role/output.tf
index 92fee6c0..12aecc51 100644
--- a/terraform/google/role/output.tf
+++ b/terraform/google/role/output.tf
@@ -7,5 +7,13 @@ output "iam_binding" {
 }
 
 output "custom_role" {
-  value = google_project_iam_custom_role.pike
+  value = google_project_iam_custom_role.terraform_pike
+}
+
+output "state_bucket" {
+  value = google_storage_bucket.default
+}
+
+output "services" {
+  value = google_project_service.project
 }
diff --git a/terraform/google/role/provider.gcp.tf b/terraform/google/role/provider.gcp.tf
index 497a84ef..de4978bc 100644
--- a/terraform/google/role/provider.gcp.tf
+++ b/terraform/google/role/provider.gcp.tf
@@ -1,5 +1,5 @@
 provider "google" {
-  project     = "pike-gcp"
-  credentials = "C:\\Users\\jim_w\\pike-gcp-super.json"
-  //credentials = "/Users/jwoolfenden/pike-gcp-super.json"
+  project = "pike-477416"
+  # credentials = "c:/Users/jim_w/pike-412922-3277f720572e.json"
+  credentials = "/Users/jwoolfenden/pike-gcp-super.json"
 }
diff --git a/terraform/google/role/terraform.tf b/terraform/google/role/terraform.tf
index 003b7a83..4a8c7766 100644
--- a/terraform/google/role/terraform.tf
+++ b/terraform/google/role/terraform.tf
@@ -1,5 +1,7 @@
 terraform {
   backend "gcs" {
+    credentials = "/Users/jwoolfenden/pike-gcp-super.json"
+    # credentials = "c:/Users/jim_w/pike-412922-3277f720572e.json"
     bucket = "terraform-pike-bucket-tfstate"
     prefix = "iam/state"
   }
diff --git a/terraform/google/terraform.tf b/terraform/google/terraform.tf
new file mode 100644
index 00000000..e8aa3c32
--- /dev/null
+++ b/terraform/google/terraform.tf
@@ -0,0 +1,9 @@
+terraform {
+  backend "gcs" {
+
+    # credentials = "/Users/jwoolfenden/pike-gcp-super.json"
+    credentials = "c:/Users/jim_w/pike-412922-3277f720572e.json"
+    bucket      = "terraform-pike-bucket-tfstate"
+    prefix      = "trial/state"
+  }
+}
diff --git a/terraform/google/variables.tf b/terraform/google/variables.tf
new file mode 100644
index 00000000..dd3d657a
--- /dev/null
+++ b/terraform/google/variables.tf
@@ -0,0 +1,5 @@
+variable "basic_gcp_credentials" {
+  type    = string
+  default = "C:\\Users\\jim_w\\pike-basic.json"
+  # default = "/Users/jwoolfenden/pike-gcp-basic.json"
+}
diff --git a/testdata/data/google_clouddeploy_delivery_pipeline_iam_policy.tf b/testdata/data/google_clouddeploy_delivery_pipeline_iam_policy.tf
new file mode 100644
index 00000000..5e1cd0ca
--- /dev/null
+++ b/testdata/data/google_clouddeploy_delivery_pipeline_iam_policy.tf
@@ -0,0 +1,3 @@
+data "google_clouddeploy_delivery_pipeline_iam_policy" "pike" {
+
+}