hashicorp
diff --git a/‎website/docs/r/access_context_manager_access_policy_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/access_context_manager_access_policy_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/api_gateway_api_config_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/api_gateway_api_config_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/api_gateway_api_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/api_gateway_api_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/api_gateway_gateway_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/api_gateway_gateway_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/apigee_environment_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/apigee_environment_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/artifact_registry_repository_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/artifact_registry_repository_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/beyondcorp_security_gateway_application_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/beyondcorp_security_gateway_application_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/beyondcorp_security_gateway_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/beyondcorp_security_gateway_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/bigquery_analytics_hub_data_exchange_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/bigquery_analytics_hub_data_exchange_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎website/docs/r/bigquery_analytics_hub_listing_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions b/‎website/docs/r/bigquery_analytics_hub_listing_iam.html.markdown‎
Lines changed: 1 addition & 0 deletions
@@ -95,6 +95,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_access_context_manager_access_policy_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -109,6 +109,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_api_gateway_api_config_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -107,6 +107,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_api_gateway_api_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -114,6 +114,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_api_gateway_gateway_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -101,6 +101,7 @@ in the format `organizations/{{org_name}}`.
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_apigee_environment_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -112,6 +112,7 @@ data source for possible values. Used to find the parent resource to bind the IA
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_artifact_registry_repository_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -167,6 +167,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_beyondcorp_security_gateway_application_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -169,6 +169,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_beyondcorp_security_gateway_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -108,6 +108,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_bigquery_analytics_hub_data_exchange_iam_binding` can be used per role. Note that custom roles must be of the format
 
@@ -112,6 +112,7 @@ The following arguments are supported:
   * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
   * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
   * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
+  * **Federated identities**: One or more federated identities in a workload or workforce identity pool, workload running on GKE, etc. Refer to the [Principal identifiers documentation](https://cloud.google.com/iam/docs/principal-identifiers#allow) for examples of targets and valid configuration. For example, "principal://iam.googleapis.com/locations/global/workforcePools/example-contractors/subject/[email protected]"
 
 * `role` - (Required) The role that should be applied. Only one
     `google_bigquery_analytics_hub_listing_iam_binding` can be used per role. Note that custom roles must be of the format