fix: bump terraform-plugin-docs and fix docs

docs/data-sources/landingzone.md

@@ -111,16 +111,16 @@ Optional:
 - `aws_lambda_arn` (String) If provided, it is invoked after each project replication. You can use it to trigger a custom Account Vending Machine to perform several additional provisioning steps.
 
 <a id="nestedatt--spec--platform_properties--aws--aws_role_mappings"></a>
-### Nested Schema for `spec.platform_properties.aws.aws_lambda_arn`
+### Nested Schema for `spec.platform_properties.aws.aws_role_mappings`
 
 Required:
 
 - `platform_role` (String) The AWS platform role
 - `policies` (List of String) List of policies associated with this role mapping
-- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--aws--aws_lambda_arn--project_role_ref))
+- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--aws--aws_role_mappings--project_role_ref))
 
-<a id="nestedatt--spec--platform_properties--aws--aws_lambda_arn--project_role_ref"></a>
-### Nested Schema for `spec.platform_properties.aws.aws_lambda_arn.project_role_ref`
+<a id="nestedatt--spec--platform_properties--aws--aws_role_mappings--project_role_ref"></a>
+### Nested Schema for `spec.platform_properties.aws.aws_role_mappings.project_role_ref`
 
 Required:
 
@@ -189,16 +189,16 @@ Optional:
 - `azure_function` (Attributes) Assign an Azure function to the Landing Zone configuration to trigger a small piece of code in the cloud. (see [below for nested schema](#nestedatt--spec--platform_properties--azurerg--azure_function))
 
 <a id="nestedatt--spec--platform_properties--azurerg--azure_rg_role_mappings"></a>
-### Nested Schema for `spec.platform_properties.azurerg.azure_function`
+### Nested Schema for `spec.platform_properties.azurerg.azure_rg_role_mappings`
 
 Required:
 
 - `azure_group_suffix` (String) The given role name will be injected into the group name via the group naming pattern configured on the platform instance.
 - `azure_role_definition_ids` (List of String) Role Definitions with the given IDs will be attached to this Azure Role.
-- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--azurerg--azure_function--project_role_ref))
+- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--azurerg--azure_rg_role_mappings--project_role_ref))
 
-<a id="nestedatt--spec--platform_properties--azurerg--azure_function--project_role_ref"></a>
-### Nested Schema for `spec.platform_properties.azurerg.azure_function.project_role_ref`
+<a id="nestedatt--spec--platform_properties--azurerg--azure_rg_role_mappings--project_role_ref"></a>
+### Nested Schema for `spec.platform_properties.azurerg.azure_rg_role_mappings.project_role_ref`
 
 Required:
 
@@ -233,15 +233,15 @@ Optional:
 - `gcp_folder_id` (String) Google Cloud Projects will be added to this Google Cloud Folder. This allows applying Organization Policies to all projects managed under this Landing Zone.
 
 <a id="nestedatt--spec--platform_properties--gcp--gcp_role_mappings"></a>
-### Nested Schema for `spec.platform_properties.gcp.gcp_folder_id`
+### Nested Schema for `spec.platform_properties.gcp.gcp_role_mappings`
 
 Required:
 
 - `platform_roles` (List of String) Can be empty. List of GCP IAM roles to assign to the meshProject role.
-- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--gcp--gcp_folder_id--project_role_ref))
+- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--gcp--gcp_role_mappings--project_role_ref))
 
-<a id="nestedatt--spec--platform_properties--gcp--gcp_folder_id--project_role_ref"></a>
-### Nested Schema for `spec.platform_properties.gcp.gcp_folder_id.project_role_ref`
+<a id="nestedatt--spec--platform_properties--gcp--gcp_role_mappings--project_role_ref"></a>
+### Nested Schema for `spec.platform_properties.gcp.gcp_role_mappings.project_role_ref`
 
 Required:
 

docs/data-sources/platform.md

@@ -166,7 +166,7 @@ Read-Only:
 - `workload_identity_config` (Attributes) Workload identity configuration (alternative to `service_user_config`) (see [below for nested schema](#nestedatt--spec--config--aws--replication--access_config--workload_identity_config))
 
 <a id="nestedatt--spec--config--aws--replication--access_config--service_user_config"></a>
-### Nested Schema for `spec.config.aws.replication.access_config.workload_identity_config`
+### Nested Schema for `spec.config.aws.replication.access_config.service_user_config`
 
 Read-Only:
 
@@ -196,11 +196,11 @@ Read-Only:
 - `sso_access_token` (String) The AWS IAM Identity Center SCIM Access Token that was generated via the Automatic provisioning config in AWS IAM Identity Center.
 
 <a id="nestedatt--spec--config--aws--replication--aws_sso--aws_role_mappings"></a>
-### Nested Schema for `spec.config.aws.replication.aws_sso.sso_access_token`
+### Nested Schema for `spec.config.aws.replication.aws_sso.aws_role_mappings`
 
 Required:
 
-- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--config--aws--replication--aws_sso--sso_access_token--project_role_ref))
+- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--config--aws--replication--aws_sso--aws_role_mappings--project_role_ref))
 
 Optional:
 
@@ -210,8 +210,8 @@ Read-Only:
 
 - `aws_role` (String) The AWS role name
 
-<a id="nestedatt--spec--config--aws--replication--aws_sso--sso_access_token--project_role_ref"></a>
-### Nested Schema for `spec.config.aws.replication.aws_sso.sso_access_token.aws_role`
+<a id="nestedatt--spec--config--aws--replication--aws_sso--aws_role_mappings--project_role_ref"></a>
+### Nested Schema for `spec.config.aws.replication.aws_sso.aws_role_mappings.project_role_ref`
 
 Required:
 
@@ -292,7 +292,7 @@ Read-Only:
 - `azure_role` (Attributes) The Azure role definition. (see [below for nested schema](#nestedatt--spec--config--azure--replication--azure_role_mappings--azure_role))
 
 <a id="nestedatt--spec--config--azure--replication--azure_role_mappings--project_role_ref"></a>
-### Nested Schema for `spec.config.azure.replication.azure_role_mappings.azure_role`
+### Nested Schema for `spec.config.azure.replication.azure_role_mappings.project_role_ref`
 
 Required:
 
@@ -333,18 +333,18 @@ Read-Only:
 - `subscription_owner_object_ids` (List of String) One or more principals Object IDs (e.g. user groups, SPNs) that meshStack will ensure have an 'Owner' role assignment on the managed subscriptions. This can be useful to satisfy Azure's constraint of at least one direct 'Owner' role assignment per Subscription. If you want to use a Service Principal please use the Enterprise Application Object ID. You can not use the replicator object ID here, because meshStack always removes its high privilege access after a Subscription creation.
 
 <a id="nestedatt--spec--config--azure--replication--provisioning--customer_agreement"></a>
-### Nested Schema for `spec.config.azure.replication.provisioning.subscription_owner_object_ids`
+### Nested Schema for `spec.config.azure.replication.provisioning.customer_agreement`
 
 Read-Only:
 
 - `billing_scope` (String) ID of the MCA Billing Scope used for creating subscriptions. Must follow this format: `/providers/Microsoft.Billing/billingAccounts/$accountId/billingProfiles/$profileId/invoiceSections/$sectionId`.
 - `destination_entra_id` (String) Microsoft Entra ID Tenant UUID where created subscriptions should be moved. Set this to the Microsoft Entra ID Tenant hosting your landing zones.
 - `source_entra_tenant` (String) Microsoft Entra ID Tenant UUID or domain name used for creating subscriptions. Set this to the Microsoft Entra ID Tenant owning the MCA Billing Scope. If source and destination Microsoft Entra ID Tenants are the same, you need to use UUID.
-- `source_service_principal` (Attributes) Configure the SPN used by meshStack to create a new Subscription in your MCA billing scope. For more information on the required permissions, see the [Azure docs](https://learn.microsoft.com/en-us/azure/cost-management-billing/manage/programmatically-create-subscription-microsoft-customer-agreement-across-tenants). (see [below for nested schema](#nestedatt--spec--config--azure--replication--provisioning--subscription_owner_object_ids--source_service_principal))
+- `source_service_principal` (Attributes) Configure the SPN used by meshStack to create a new Subscription in your MCA billing scope. For more information on the required permissions, see the [Azure docs](https://learn.microsoft.com/en-us/azure/cost-management-billing/manage/programmatically-create-subscription-microsoft-customer-agreement-across-tenants). (see [below for nested schema](#nestedatt--spec--config--azure--replication--provisioning--customer_agreement--source_service_principal))
 - `subscription_creation_error_cooldown_sec` (Number) This value must be defined in seconds. It is a safety mechanism to avoid duplicate Subscription creation in case of an error on Azure's MCA API. This delay should be a bit higher than it usually takes to create subscriptions. For big installations this is somewhere between 5-15 minutes. The default of 900s should be fine for most installations.
 
-<a id="nestedatt--spec--config--azure--replication--provisioning--subscription_owner_object_ids--source_service_principal"></a>
-### Nested Schema for `spec.config.azure.replication.provisioning.subscription_owner_object_ids.subscription_creation_error_cooldown_sec`
+<a id="nestedatt--spec--config--azure--replication--provisioning--customer_agreement--source_service_principal"></a>
+### Nested Schema for `spec.config.azure.replication.provisioning.customer_agreement.source_service_principal`
 
 Read-Only:
 
@@ -355,7 +355,7 @@ Read-Only:
 
 
 <a id="nestedatt--spec--config--azure--replication--provisioning--enterprise_enrollment"></a>
-### Nested Schema for `spec.config.azure.replication.provisioning.subscription_owner_object_ids`
+### Nested Schema for `spec.config.azure.replication.provisioning.enterprise_enrollment`
 
 Read-Only:
 
@@ -366,7 +366,7 @@ Read-Only:
 
 
 <a id="nestedatt--spec--config--azure--replication--provisioning--pre_provisioned"></a>
-### Nested Schema for `spec.config.azure.replication.provisioning.subscription_owner_object_ids`
+### Nested Schema for `spec.config.azure.replication.provisioning.pre_provisioned`
 
 Read-Only:
 
@@ -506,7 +506,7 @@ Read-Only:
 - `gcp_role` (String) The GCP IAM role
 
 <a id="nestedatt--spec--config--gcp--replication--gcp_role_mappings--project_role_ref"></a>
-### Nested Schema for `spec.config.gcp.replication.gcp_role_mappings.gcp_role`
+### Nested Schema for `spec.config.gcp.replication.gcp_role_mappings.project_role_ref`
 
 Required:
 
@@ -527,7 +527,7 @@ Read-Only:
 - `service_account_workload_identity_config` (Attributes) Service account workload identity configuration (alternative to serviceAccountCredentialsConfig) (see [below for nested schema](#nestedatt--spec--config--gcp--replication--service_account_config--service_account_workload_identity_config))
 
 <a id="nestedatt--spec--config--gcp--replication--service_account_config--service_account_credentials_config"></a>
-### Nested Schema for `spec.config.gcp.replication.service_account_config.service_account_workload_identity_config`
+### Nested Schema for `spec.config.gcp.replication.service_account_config.service_account_credentials_config`
 
 Read-Only:
 
@@ -633,7 +633,7 @@ Read-Only:
 - `openshift_role` (String) The OpenShift role name
 
 <a id="nestedatt--spec--config--openshift--replication--openshift_role_mappings--project_role_ref"></a>
-### Nested Schema for `spec.config.openshift.replication.openshift_role_mappings.openshift_role`
+### Nested Schema for `spec.config.openshift.replication.openshift_role_mappings.project_role_ref`
 
 Required:
 

docs/data-sources/tag_definition.md

@@ -75,7 +75,7 @@ Read-Only:
 - `string` (Attributes) string, represented as JSON string (see [below for nested schema](#nestedatt--tag_definition--spec--value_type--string))
 
 <a id="nestedatt--tag_definition--spec--value_type--email"></a>
-### Nested Schema for `tag_definition.spec.value_type.string`
+### Nested Schema for `tag_definition.spec.value_type.email`
 
 Read-Only:
 
@@ -84,15 +84,15 @@ Read-Only:
 
 
 <a id="nestedatt--tag_definition--spec--value_type--integer"></a>
-### Nested Schema for `tag_definition.spec.value_type.string`
+### Nested Schema for `tag_definition.spec.value_type.integer`
 
 Read-Only:
 
 - `default_value` (Number) The default value of the tag.
 
 
 <a id="nestedatt--tag_definition--spec--value_type--multi_select"></a>
-### Nested Schema for `tag_definition.spec.value_type.string`
+### Nested Schema for `tag_definition.spec.value_type.multi_select`
 
 Read-Only:
 
@@ -101,15 +101,15 @@ Read-Only:
 
 
 <a id="nestedatt--tag_definition--spec--value_type--number"></a>
-### Nested Schema for `tag_definition.spec.value_type.string`
+### Nested Schema for `tag_definition.spec.value_type.number`
 
 Read-Only:
 
 - `default_value` (Number) The default value of the tag.
 
 
 <a id="nestedatt--tag_definition--spec--value_type--single_select"></a>
-### Nested Schema for `tag_definition.spec.value_type.string`
+### Nested Schema for `tag_definition.spec.value_type.single_select`
 
 Read-Only:
 

docs/data-sources/tag_definitions.md

@@ -71,7 +71,7 @@ Read-Only:
 - `string` (Attributes) string, represented as JSON string (see [below for nested schema](#nestedatt--tag_definitions--spec--value_type--string))
 
 <a id="nestedatt--tag_definitions--spec--value_type--email"></a>
-### Nested Schema for `tag_definitions.spec.value_type.string`
+### Nested Schema for `tag_definitions.spec.value_type.email`
 
 Read-Only:
 
@@ -80,15 +80,15 @@ Read-Only:
 
 
 <a id="nestedatt--tag_definitions--spec--value_type--integer"></a>
-### Nested Schema for `tag_definitions.spec.value_type.string`
+### Nested Schema for `tag_definitions.spec.value_type.integer`
 
 Read-Only:
 
 - `default_value` (Number) The default value of the tag.
 
 
 <a id="nestedatt--tag_definitions--spec--value_type--multi_select"></a>
-### Nested Schema for `tag_definitions.spec.value_type.string`
+### Nested Schema for `tag_definitions.spec.value_type.multi_select`
 
 Read-Only:
 
@@ -97,15 +97,15 @@ Read-Only:
 
 
 <a id="nestedatt--tag_definitions--spec--value_type--number"></a>
-### Nested Schema for `tag_definitions.spec.value_type.string`
+### Nested Schema for `tag_definitions.spec.value_type.number`
 
 Read-Only:
 
 - `default_value` (Number) The default value of the tag.
 
 
 <a id="nestedatt--tag_definitions--spec--value_type--single_select"></a>
-### Nested Schema for `tag_definitions.spec.value_type.string`
+### Nested Schema for `tag_definitions.spec.value_type.single_select`
 
 Read-Only:
 

docs/resources/landingzone.md

@@ -114,16 +114,16 @@ Optional:
 - `aws_lambda_arn` (String) If provided, it is invoked after each project replication. You can use it to trigger a custom Account Vending Machine to perform several additional provisioning steps.
 
 <a id="nestedatt--spec--platform_properties--aws--aws_role_mappings"></a>
-### Nested Schema for `spec.platform_properties.aws.aws_lambda_arn`
+### Nested Schema for `spec.platform_properties.aws.aws_role_mappings`
 
 Required:
 
 - `platform_role` (String) The AWS platform role
 - `policies` (List of String) List of policies associated with this role mapping
-- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--aws--aws_lambda_arn--project_role_ref))
+- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--aws--aws_role_mappings--project_role_ref))
 
-<a id="nestedatt--spec--platform_properties--aws--aws_lambda_arn--project_role_ref"></a>
-### Nested Schema for `spec.platform_properties.aws.aws_lambda_arn.project_role_ref`
+<a id="nestedatt--spec--platform_properties--aws--aws_role_mappings--project_role_ref"></a>
+### Nested Schema for `spec.platform_properties.aws.aws_role_mappings.project_role_ref`
 
 Required:
 
@@ -192,16 +192,16 @@ Optional:
 - `azure_function` (Attributes) Assign an Azure function to the Landing Zone configuration to trigger a small piece of code in the cloud. (see [below for nested schema](#nestedatt--spec--platform_properties--azurerg--azure_function))
 
 <a id="nestedatt--spec--platform_properties--azurerg--azure_rg_role_mappings"></a>
-### Nested Schema for `spec.platform_properties.azurerg.azure_function`
+### Nested Schema for `spec.platform_properties.azurerg.azure_rg_role_mappings`
 
 Required:
 
 - `azure_group_suffix` (String) The given role name will be injected into the group name via the group naming pattern configured on the platform instance.
 - `azure_role_definition_ids` (List of String) Role Definitions with the given IDs will be attached to this Azure Role.
-- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--azurerg--azure_function--project_role_ref))
+- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--azurerg--azure_rg_role_mappings--project_role_ref))
 
-<a id="nestedatt--spec--platform_properties--azurerg--azure_function--project_role_ref"></a>
-### Nested Schema for `spec.platform_properties.azurerg.azure_function.project_role_ref`
+<a id="nestedatt--spec--platform_properties--azurerg--azure_rg_role_mappings--project_role_ref"></a>
+### Nested Schema for `spec.platform_properties.azurerg.azure_rg_role_mappings.project_role_ref`
 
 Required:
 
@@ -236,15 +236,15 @@ Optional:
 - `gcp_folder_id` (String) Google Cloud Projects will be added to this Google Cloud Folder. This allows applying Organization Policies to all projects managed under this Landing Zone.
 
 <a id="nestedatt--spec--platform_properties--gcp--gcp_role_mappings"></a>
-### Nested Schema for `spec.platform_properties.gcp.gcp_folder_id`
+### Nested Schema for `spec.platform_properties.gcp.gcp_role_mappings`
 
 Required:
 
 - `platform_roles` (List of String) Can be empty. List of GCP IAM roles to assign to the meshProject role.
-- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--gcp--gcp_folder_id--project_role_ref))
+- `project_role_ref` (Attributes) the meshProject role (see [below for nested schema](#nestedatt--spec--platform_properties--gcp--gcp_role_mappings--project_role_ref))
 
-<a id="nestedatt--spec--platform_properties--gcp--gcp_folder_id--project_role_ref"></a>
-### Nested Schema for `spec.platform_properties.gcp.gcp_folder_id.project_role_ref`
+<a id="nestedatt--spec--platform_properties--gcp--gcp_role_mappings--project_role_ref"></a>
+### Nested Schema for `spec.platform_properties.gcp.gcp_role_mappings.project_role_ref`
 
 Required: