From e8131e05ca984266dad3a21d174da840447bf874 Mon Sep 17 00:00:00 2001
From: Jason Vigil <jasonvigil@google.com>
Date: Thu, 19 Dec 2024 18:15:09 +0000
Subject: [PATCH] fix: Make ResourceID field "mutable"

In practice, due to in-controller enforcement, the only valid change is
to set from empty string -> actual resource ID.
---
 .../v1alpha1/config_types.go                  |  2 --
 .../v1beta1/transferconfig_types.go           |  2 --
 .../v1alpha1/dnsauthorization_types.go        |  3 +--
 .../v1beta1/dnsauthorization_types.go         |  3 +--
 apis/compute/v1beta1/targettcpproxy_types.go  |  3 +--
 .../v1beta1/cluster_types.go                  |  3 +--
 .../discoveryenginedatastore_types.go         |  2 --
 apis/kms/v1alpha1/keyhandle_types.go          |  2 --
 apis/kms/v1beta1/keyhandle_types.go           |  2 --
 .../v1alpha1/entitlement_types.go             |  2 --
 ...rivilegedaccessmanagerentitlement_types.go |  1 -
 apis/secretmanager/v1beta1/secret_types.go    |  2 --
 .../v1alpha1/repository_types.go              |  2 --
 apis/spanner/v1beta1/instance_types.go        |  2 --
 apis/workstations/v1alpha1/cluster_types.go   |  2 --
 apis/workstations/v1alpha1/config_types.go    |  2 --
 .../v1alpha1/workstation_types.go             |  2 --
 apis/workstations/v1beta1/cluster_types.go    |  2 --
 apis/workstations/v1beta1/config_types.go     |  2 --
 .../workstations/v1beta1/workstation_types.go |  2 --
 ...erydatatransfer.cnrm.cloud.google.com.yaml | 14 +++-------
 ...tificatemanager.cnrm.cloud.google.com.yaml | 18 +++++--------
 ...proxies.compute.cnrm.cloud.google.com.yaml |  7 ++---
 ...ntainerattached.cnrm.cloud.google.com.yaml |  7 ++---
 ...discoveryengine.cnrm.cloud.google.com.yaml |  7 ++---
 ...skeyhandles.kms.cnrm.cloud.google.com.yaml | 26 +++++++------------
 ...edaccessmanager.cnrm.cloud.google.com.yaml | 10 ++-----
 ...s.secretmanager.cnrm.cloud.google.com.yaml |  7 ++---
 ...resourcemanager.cnrm.cloud.google.com.yaml |  7 ++---
 ...stances.spanner.cnrm.cloud.google.com.yaml |  7 ++---
 ...rs.workstations.cnrm.cloud.google.com.yaml | 14 +++-------
 ...gs.workstations.cnrm.cloud.google.com.yaml | 14 +++-------
 ...ns.workstations.cnrm.cloud.google.com.yaml | 10 ++-----
 .../controllerbuilder/template/apis/types.go  |  2 --
 ...ated_object_awsconnectionbasic.golden.yaml |  2 --
 .../bigquerydatatransferconfig.md             |  2 +-
 .../certificatemanagerdnsauthorization.md     |  2 +-
 .../compute/computetargettcpproxy.md          |  2 +-
 .../containerattachedcluster.md               |  2 +-
 .../resource-docs/kms/kmskeyhandle.md         |  2 +-
 .../secretmanager/secretmanagersecret.md      |  2 +-
 .../resource-docs/spanner/spannerinstance.md  |  2 +-
 .../resource-docs/workstations/workstation.md |  2 +-
 .../workstations/workstationcluster.md        |  2 +-
 .../workstations/workstationconfig.md         |  2 +-
 45 files changed, 58 insertions(+), 157 deletions(-)

diff --git a/apis/bigquerydatatransfer/v1alpha1/config_types.go b/apis/bigquerydatatransfer/v1alpha1/config_types.go
index d17df68b5c1..96e44e8e517 100644
--- a/apis/bigquerydatatransfer/v1alpha1/config_types.go
+++ b/apis/bigquerydatatransfer/v1alpha1/config_types.go
@@ -82,8 +82,6 @@ type BigQueryDataTransferConfigSpec struct {
 
 	Parent `json:",inline"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The BigQueryDataTransferConfig name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/bigquerydatatransfer/v1beta1/transferconfig_types.go b/apis/bigquerydatatransfer/v1beta1/transferconfig_types.go
index 597e5126c6b..5286345be2f 100644
--- a/apis/bigquerydatatransfer/v1beta1/transferconfig_types.go
+++ b/apis/bigquerydatatransfer/v1beta1/transferconfig_types.go
@@ -108,8 +108,6 @@ type BigQueryDataTransferConfigSpec struct {
 
 	Parent `json:",inline"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The BigQueryDataTransferConfig name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/certificatemanager/v1alpha1/dnsauthorization_types.go b/apis/certificatemanager/v1alpha1/dnsauthorization_types.go
index 3e393b91dfc..058bc3e5d34 100644
--- a/apis/certificatemanager/v1alpha1/dnsauthorization_types.go
+++ b/apis/certificatemanager/v1alpha1/dnsauthorization_types.go
@@ -40,8 +40,7 @@ type CertificateManagerDNSAuthorizationSpec struct {
 	// +required
 	ProjectRef refs.ProjectRef `json:"projectRef"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
+	/* Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
 	// +optional
 	ResourceID *string `json:"resourceID,omitempty"`
 }
diff --git a/apis/certificatemanager/v1beta1/dnsauthorization_types.go b/apis/certificatemanager/v1beta1/dnsauthorization_types.go
index 7169c3fe6b2..82e3897c61e 100644
--- a/apis/certificatemanager/v1beta1/dnsauthorization_types.go
+++ b/apis/certificatemanager/v1beta1/dnsauthorization_types.go
@@ -44,8 +44,7 @@ type CertificateManagerDNSAuthorizationSpec struct {
 	// +optional
 	Location string `json:"location"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
+	/* Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
 	// +optional
 	ResourceID *string `json:"resourceID,omitempty"`
 }
diff --git a/apis/compute/v1beta1/targettcpproxy_types.go b/apis/compute/v1beta1/targettcpproxy_types.go
index fb17ec5ecee..93467358ae4 100644
--- a/apis/compute/v1beta1/targettcpproxy_types.go
+++ b/apis/compute/v1beta1/targettcpproxy_types.go
@@ -53,8 +53,7 @@ type ComputeTargetTCPProxySpec struct {
 	// the backend. Default value: "NONE" Possible values: ["NONE", "PROXY_V1"].
 	ProxyHeader *string `json:"proxyHeader,omitempty"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID is immutable"
-	// Immutable. The ComputeTargetTCPProxy name. If not given, the metadata.name will be used.
+	// The ComputeTargetTCPProxy name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 }
 
diff --git a/apis/containerattached/v1beta1/cluster_types.go b/apis/containerattached/v1beta1/cluster_types.go
index 0965f3da714..4cc336ef19c 100644
--- a/apis/containerattached/v1beta1/cluster_types.go
+++ b/apis/containerattached/v1beta1/cluster_types.go
@@ -28,8 +28,7 @@ type ContainerAttachedClusterSpec struct {
 	/* The ID of the project in which the resource belongs.*/
 	ProjectRef *refs.ProjectRef `json:"projectRef"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable, Optional.
+	// Optional.
 	// The ContainerAttachedCluster name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/discoveryengine/v1alpha1/discoveryenginedatastore_types.go b/apis/discoveryengine/v1alpha1/discoveryenginedatastore_types.go
index 890906bbaea..ff834c31843 100644
--- a/apis/discoveryengine/v1alpha1/discoveryenginedatastore_types.go
+++ b/apis/discoveryengine/v1alpha1/discoveryenginedatastore_types.go
@@ -25,8 +25,6 @@ var DiscoveryEngineDataStoreGVK = GroupVersion.WithKind("DiscoveryEngineDataStor
 // DiscoveryEngineDataStoreSpec defines the desired state of DiscoveryEngineDataStore
 // +kcc:proto=google.cloud.discoveryengine.v1.DataStore
 type DiscoveryEngineDataStoreSpec struct {
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The DiscoveryEngineDataStore name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/kms/v1alpha1/keyhandle_types.go b/apis/kms/v1alpha1/keyhandle_types.go
index 1a4816be2e2..ddd165e6776 100644
--- a/apis/kms/v1alpha1/keyhandle_types.go
+++ b/apis/kms/v1alpha1/keyhandle_types.go
@@ -27,8 +27,6 @@ var KMSKeyHandleGVK = GroupVersion.WithKind("KMSKeyHandle")
 // KMSKeyHandleSpec defines the desired state of KMSKeyHandle
 // +kcc:proto=google.cloud.kms.v1.KeyHandle
 type KMSKeyHandleSpec struct {
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The KMS Key Handle ID used for resource creation or acquisition.
 	// For creation: If specified, this value is used as the key handle ID. If not provided, a UUID will be generated and assigned as the key handle ID.
 	// For acquisition: This field must be provided to identify the key handle resource to acquire.
diff --git a/apis/kms/v1beta1/keyhandle_types.go b/apis/kms/v1beta1/keyhandle_types.go
index 8384b6bd4cd..80dd800deed 100644
--- a/apis/kms/v1beta1/keyhandle_types.go
+++ b/apis/kms/v1beta1/keyhandle_types.go
@@ -27,8 +27,6 @@ var KMSKeyHandleGVK = SchemeGroupVersion.WithKind("KMSKeyHandle")
 // KMSKeyHandleSpec defines the desired state of KMSKeyHandle
 // +kcc:proto=google.cloud.kms.v1.KeyHandle
 type KMSKeyHandleSpec struct {
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The KMS Key Handle ID used for resource creation or acquisition.
 	// For creation: If specified, this value is used as the key handle ID. If not provided, a UUID will be generated and assigned as the key handle ID.
 	// For acquisition: This field must be provided to identify the key handle resource to acquire.
diff --git a/apis/privilegedaccessmanager/v1alpha1/entitlement_types.go b/apis/privilegedaccessmanager/v1alpha1/entitlement_types.go
index 28319705023..6013c22dfcf 100644
--- a/apis/privilegedaccessmanager/v1alpha1/entitlement_types.go
+++ b/apis/privilegedaccessmanager/v1alpha1/entitlement_types.go
@@ -48,10 +48,8 @@ type PrivilegedAccessManagerEntitlementSpec struct {
 	// +required
 	Location *string `json:"location"`
 
-	// Immutable.
 	// The PrivilegedAccessManagerEntitlement name. If not given, the
 	// 'metadata.name' will be used.
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
 	// +optional
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/privilegedaccessmanager/v1beta1/privilegedaccessmanagerentitlement_types.go b/apis/privilegedaccessmanager/v1beta1/privilegedaccessmanagerentitlement_types.go
index 345c9b5555a..e67fcebc08d 100644
--- a/apis/privilegedaccessmanager/v1beta1/privilegedaccessmanagerentitlement_types.go
+++ b/apis/privilegedaccessmanager/v1beta1/privilegedaccessmanagerentitlement_types.go
@@ -51,7 +51,6 @@ type PrivilegedAccessManagerEntitlementSpec struct {
 	// Immutable.
 	// The PrivilegedAccessManagerEntitlement name. If not given, the
 	// 'metadata.name' will be used.
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
 	// +optional
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/secretmanager/v1beta1/secret_types.go b/apis/secretmanager/v1beta1/secret_types.go
index 9c9418ebff8..eaf1c3fc933 100644
--- a/apis/secretmanager/v1beta1/secret_types.go
+++ b/apis/secretmanager/v1beta1/secret_types.go
@@ -28,8 +28,6 @@ var SecretManagerSecretGVK = GroupVersion.WithKind("SecretManagerSecret")
 // SecretManagerSecretSpec defines the desired state of SecretManagerSecret
 // +kcc:proto=google.cloud.secretmanager.v1.Secret
 type SecretManagerSecretSpec struct {
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The SecretManagerSecret name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/securesourcemanager/v1alpha1/repository_types.go b/apis/securesourcemanager/v1alpha1/repository_types.go
index dd035b63c82..da1e6859a85 100644
--- a/apis/securesourcemanager/v1alpha1/repository_types.go
+++ b/apis/securesourcemanager/v1alpha1/repository_types.go
@@ -35,8 +35,6 @@ type SecureSourceManagerRepositorySpec struct {
 	// +required
 	Location string `json:"location"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The SecureSourceManagerRepository name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/spanner/v1beta1/instance_types.go b/apis/spanner/v1beta1/instance_types.go
index f719b8d00a6..135ba30a467 100644
--- a/apis/spanner/v1beta1/instance_types.go
+++ b/apis/spanner/v1beta1/instance_types.go
@@ -45,8 +45,6 @@ type SpannerInstanceSpec struct {
 	// +optional
 	ProcessingUnits *int32 `json:"processingUnits,omitempty"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The SpannerInstance name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 }
diff --git a/apis/workstations/v1alpha1/cluster_types.go b/apis/workstations/v1alpha1/cluster_types.go
index 5666536904d..18813affed6 100644
--- a/apis/workstations/v1alpha1/cluster_types.go
+++ b/apis/workstations/v1alpha1/cluster_types.go
@@ -36,8 +36,6 @@ type WorkstationClusterSpec struct {
 	// The location of the cluster.
 	Location string `json:"location,omitempty"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The WorkstationCluster name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/workstations/v1alpha1/config_types.go b/apis/workstations/v1alpha1/config_types.go
index 97e489150c2..c3ab8df4202 100644
--- a/apis/workstations/v1alpha1/config_types.go
+++ b/apis/workstations/v1alpha1/config_types.go
@@ -274,8 +274,6 @@ type WorkstationConfigSpec struct {
 	// Parent is a reference to the parent WorkstationCluster for this WorkstationConfig.
 	Parent *WorkstationClusterRef `json:"parentRef"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The WorkstationConfig name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/workstations/v1alpha1/workstation_types.go b/apis/workstations/v1alpha1/workstation_types.go
index 04eaecaf22e..0601371243f 100644
--- a/apis/workstations/v1alpha1/workstation_types.go
+++ b/apis/workstations/v1alpha1/workstation_types.go
@@ -27,8 +27,6 @@ type WorkstationSpec struct {
 	// Parent is a reference to the parent WorkstationConfig for this Workstation.
 	Parent *WorkstationConfigRef `json:"parentRef"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The Workstation name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/workstations/v1beta1/cluster_types.go b/apis/workstations/v1beta1/cluster_types.go
index b22184de3e9..acd2f855609 100644
--- a/apis/workstations/v1beta1/cluster_types.go
+++ b/apis/workstations/v1beta1/cluster_types.go
@@ -36,8 +36,6 @@ type WorkstationClusterSpec struct {
 	// The location of the cluster.
 	Location string `json:"location,omitempty"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The WorkstationCluster name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/workstations/v1beta1/config_types.go b/apis/workstations/v1beta1/config_types.go
index aa2f1c7e300..ec65fecea83 100644
--- a/apis/workstations/v1beta1/config_types.go
+++ b/apis/workstations/v1beta1/config_types.go
@@ -274,8 +274,6 @@ type WorkstationConfigSpec struct {
 	// Parent is a reference to the parent WorkstationCluster for this WorkstationConfig.
 	Parent *WorkstationClusterRef `json:"parentRef"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The WorkstationConfig name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/apis/workstations/v1beta1/workstation_types.go b/apis/workstations/v1beta1/workstation_types.go
index 2e7f3ed29a1..1df85c01d29 100644
--- a/apis/workstations/v1beta1/workstation_types.go
+++ b/apis/workstations/v1beta1/workstation_types.go
@@ -27,8 +27,6 @@ type WorkstationSpec struct {
 	// Parent is a reference to the parent WorkstationConfig for this Workstation.
 	Parent *WorkstationConfigRef `json:"parentRef"`
 
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The Workstation name. If not given, the metadata.name will be used.
 	ResourceID *string `json:"resourceID,omitempty"`
 
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com.yaml
index 20938cd8280..2cbad467a22 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com.yaml
@@ -232,12 +232,9 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. The BigQueryDataTransferConfig name. If not
-                  given, the metadata.name will be used.
+                description: The BigQueryDataTransferConfig name. If not given, the
+                  metadata.name will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               schedule:
                 description: |-
                   Data transfer schedule.
@@ -621,12 +618,9 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. The BigQueryDataTransferConfig name. If not
-                  given, the metadata.name will be used.
+                description: The BigQueryDataTransferConfig name. If not given, the
+                  metadata.name will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               schedule:
                 description: |-
                   Data transfer schedule.
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_certificatemanagerdnsauthorizations.certificatemanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_certificatemanagerdnsauthorizations.certificatemanager.cnrm.cloud.google.com.yaml
index 87beb40017c..86681936a33 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_certificatemanagerdnsauthorizations.certificatemanager.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_certificatemanagerdnsauthorizations.certificatemanager.cnrm.cloud.google.com.yaml
@@ -107,13 +107,10 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. Optional. The name of the resource. Used for
-                  creation and acquisition. When unset, the value of `metadata.name`
-                  is used as the default.
+                description: Optional. The name of the resource. Used for creation
+                  and acquisition. When unset, the value of `metadata.name` is used
+                  as the default.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - domain
             - projectRef
@@ -270,13 +267,10 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. Optional. The name of the resource. Used for
-                  creation and acquisition. When unset, the value of `metadata.name`
-                  is used as the default.
+                description: Optional. The name of the resource. Used for creation
+                  and acquisition. When unset, the value of `metadata.name` is used
+                  as the default.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - domain
             - projectRef
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computetargettcpproxies.compute.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computetargettcpproxies.compute.cnrm.cloud.google.com.yaml
index 185478604c5..d6382d0376f 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computetargettcpproxies.compute.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computetargettcpproxies.compute.cnrm.cloud.google.com.yaml
@@ -116,12 +116,9 @@ spec:
                   ["NONE", "PROXY_V1"].'
                 type: string
               resourceID:
-                description: Immutable. The ComputeTargetTCPProxy name. If not given,
-                  the metadata.name will be used.
+                description: The ComputeTargetTCPProxy name. If not given, the metadata.name
+                  will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID is immutable
-                  rule: self == oldSelf
             required:
             - backendServiceRef
             type: object
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_containerattachedclusters.containerattached.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_containerattachedclusters.containerattached.cnrm.cloud.google.com.yaml
index db85a59b96d..4f03b72b641 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_containerattachedclusters.containerattached.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_containerattachedclusters.containerattached.cnrm.cloud.google.com.yaml
@@ -270,12 +270,9 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable, Optional. The ContainerAttachedCluster name.
-                  If not given, the metadata.name will be used.
+                description: Optional. The ContainerAttachedCluster name. If not given,
+                  the metadata.name will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - distribution
             - fleet
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com.yaml
index eeb69801937..d2d981fec4b 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com.yaml
@@ -121,12 +121,9 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. The DiscoveryEngineDataStore name. If not
-                  given, the metadata.name will be used.
+                description: The DiscoveryEngineDataStore name. If not given, the
+                  metadata.name will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               solutionTypes:
                 description: |-
                   The solutions that the data store enrolls. Available solutions for each
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_kmskeyhandles.kms.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_kmskeyhandles.kms.cnrm.cloud.google.com.yaml
index 00325908637..404ae3f7020 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_kmskeyhandles.kms.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_kmskeyhandles.kms.cnrm.cloud.google.com.yaml
@@ -96,15 +96,12 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: 'Immutable. The KMS Key Handle ID used for resource creation
-                  or acquisition. For creation: If specified, this value is used as
-                  the key handle ID. If not provided, a UUID will be generated and
-                  assigned as the key handle ID. For acquisition: This field must
-                  be provided to identify the key handle resource to acquire.'
+                description: 'The KMS Key Handle ID used for resource creation or
+                  acquisition. For creation: If specified, this value is used as the
+                  key handle ID. If not provided, a UUID will be generated and assigned
+                  as the key handle ID. For acquisition: This field must be provided
+                  to identify the key handle resource to acquire.'
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               resourceTypeSelector:
                 description: Indicates the resource type that the resulting [CryptoKey][]
                   is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See
@@ -239,15 +236,12 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: 'Immutable. The KMS Key Handle ID used for resource creation
-                  or acquisition. For creation: If specified, this value is used as
-                  the key handle ID. If not provided, a UUID will be generated and
-                  assigned as the key handle ID. For acquisition: This field must
-                  be provided to identify the key handle resource to acquire.'
+                description: 'The KMS Key Handle ID used for resource creation or
+                  acquisition. For creation: If specified, this value is used as the
+                  key handle ID. If not provided, a UUID will be generated and assigned
+                  as the key handle ID. For acquisition: This field must be provided
+                  to identify the key handle resource to acquire.'
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               resourceTypeSelector:
                 description: Indicates the resource type that the resulting [CryptoKey][]
                   is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_privilegedaccessmanagerentitlements.privilegedaccessmanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_privilegedaccessmanagerentitlements.privilegedaccessmanager.cnrm.cloud.google.com.yaml
index 33ed8273e23..a51b2c38bf9 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_privilegedaccessmanagerentitlements.privilegedaccessmanager.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_privilegedaccessmanagerentitlements.privilegedaccessmanager.cnrm.cloud.google.com.yaml
@@ -303,12 +303,9 @@ spec:
                     x-kubernetes-preserve-unknown-fields: true
                 type: object
               resourceID:
-                description: Immutable. The PrivilegedAccessManagerEntitlement name.
-                  If not given, the 'metadata.name' will be used.
+                description: The PrivilegedAccessManagerEntitlement name. If not given,
+                  the 'metadata.name' will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - eligibleUsers
             - location
@@ -673,9 +670,6 @@ spec:
                 description: Immutable. The PrivilegedAccessManagerEntitlement name.
                   If not given, the 'metadata.name' will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - eligibleUsers
             - location
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml
index 22597ec76f7..0390b610627 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml
@@ -239,12 +239,9 @@ spec:
                     type: object
                 type: object
               resourceID:
-                description: Immutable. The SecretManagerSecret name. If not given,
-                  the metadata.name will be used.
+                description: The SecretManagerSecret name. If not given, the metadata.name
+                  will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               rotation:
                 description: Optional. Rotation policy attached to the [Secret][google.cloud.secretmanager.v1.Secret].
                   May be excluded if there is no rotation policy.
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml
index 8e6014f8c65..be6ccb19e70 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml
@@ -268,12 +268,9 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. The SecureSourceManagerRepository name. If
-                  not given, the metadata.name will be used.
+                description: The SecureSourceManagerRepository name. If not given,
+                  the metadata.name will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - instanceRef
             - location
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_spannerinstances.spanner.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_spannerinstances.spanner.cnrm.cloud.google.com.yaml
index 29863500fc0..7107942e955 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_spannerinstances.spanner.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_spannerinstances.spanner.cnrm.cloud.google.com.yaml
@@ -83,12 +83,9 @@ spec:
                 format: int32
                 type: integer
               resourceID:
-                description: Immutable. The SpannerInstance name. If not given, the
-                  metadata.name will be used.
+                description: The SpannerInstance name. If not given, the metadata.name
+                  will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - config
             - displayName
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationclusters.workstations.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationclusters.workstations.cnrm.cloud.google.com.yaml
index aab34cd6820..6872239ffcd 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationclusters.workstations.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationclusters.workstations.cnrm.cloud.google.com.yaml
@@ -202,12 +202,9 @@ spec:
                 - message: ResourceID field is immutable
                   rule: self == oldSelf
               resourceID:
-                description: Immutable. The WorkstationCluster name. If not given,
-                  the metadata.name will be used.
+                description: The WorkstationCluster name. If not given, the metadata.name
+                  will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               subnetworkRef:
                 description: Immutable. Reference to the Compute Engine subnetwork
                   in which instances associated with this workstation cluster will
@@ -548,12 +545,9 @@ spec:
                 - message: ResourceID field is immutable
                   rule: self == oldSelf
               resourceID:
-                description: Immutable. The WorkstationCluster name. If not given,
-                  the metadata.name will be used.
+                description: The WorkstationCluster name. If not given, the metadata.name
+                  will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               subnetworkRef:
                 description: Immutable. Reference to the Compute Engine subnetwork
                   in which instances associated with this workstation cluster will
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationconfigs.workstations.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationconfigs.workstations.cnrm.cloud.google.com.yaml
index 9c688483fef..24158c31088 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationconfigs.workstations.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstationconfigs.workstations.cnrm.cloud.google.com.yaml
@@ -506,12 +506,9 @@ spec:
                   type: string
                 type: array
               resourceID:
-                description: Immutable. The WorkstationConfig name. If not given,
-                  the metadata.name will be used.
+                description: The WorkstationConfig name. If not given, the metadata.name
+                  will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               runningTimeout:
                 description: |-
                   Optional. Number of seconds that a workstation can run until it is
@@ -1136,12 +1133,9 @@ spec:
                   type: string
                 type: array
               resourceID:
-                description: Immutable. The WorkstationConfig name. If not given,
-                  the metadata.name will be used.
+                description: The WorkstationConfig name. If not given, the metadata.name
+                  will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
               runningTimeout:
                 description: |-
                   Optional. Number of seconds that a workstation can run until it is
diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstations.workstations.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstations.workstations.cnrm.cloud.google.com.yaml
index e3fcb204291..c680d7c072e 100644
--- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstations.workstations.cnrm.cloud.google.com.yaml
+++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_workstations.workstations.cnrm.cloud.google.com.yaml
@@ -118,12 +118,9 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. The Workstation name. If not given, the metadata.name
+                description: The Workstation name. If not given, the metadata.name
                   will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - parentRef
             type: object
@@ -310,12 +307,9 @@ spec:
                     type: string
                 type: object
               resourceID:
-                description: Immutable. The Workstation name. If not given, the metadata.name
+                description: The Workstation name. If not given, the metadata.name
                   will be used.
                 type: string
-                x-kubernetes-validations:
-                - message: ResourceID field is immutable
-                  rule: self == oldSelf
             required:
             - parentRef
             type: object
diff --git a/dev/tools/controllerbuilder/template/apis/types.go b/dev/tools/controllerbuilder/template/apis/types.go
index 6821e94681e..97d083c018d 100644
--- a/dev/tools/controllerbuilder/template/apis/types.go
+++ b/dev/tools/controllerbuilder/template/apis/types.go
@@ -37,8 +37,6 @@ var {{ .Kind }}GVK = GroupVersion.WithKind("{{ .Kind }}")
 // +kcc:proto={{ .KindProtoTag }}
 {{- end }}
 type {{ .Kind }}Spec struct {
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable"
-	// Immutable.
 	// The {{ .Kind }} name. If not given, the metadata.name will be used.
 	ResourceID *string ` + "`" + `json:"resourceID,omitempty"` + "`" + `
 }
diff --git a/pkg/test/resourcefixture/testdata/basic/bigqueryconnection/v1beta1/bigqueryconnectionconnection/awsconnectionbasic/_generated_object_awsconnectionbasic.golden.yaml b/pkg/test/resourcefixture/testdata/basic/bigqueryconnection/v1beta1/bigqueryconnectionconnection/awsconnectionbasic/_generated_object_awsconnectionbasic.golden.yaml
index 47c211398ae..3350a885105 100644
--- a/pkg/test/resourcefixture/testdata/basic/bigqueryconnection/v1beta1/bigqueryconnectionconnection/awsconnectionbasic/_generated_object_awsconnectionbasic.golden.yaml
+++ b/pkg/test/resourcefixture/testdata/basic/bigqueryconnection/v1beta1/bigqueryconnectionconnection/awsconnectionbasic/_generated_object_awsconnectionbasic.golden.yaml
@@ -1,8 +1,6 @@
 apiVersion: bigqueryconnection.cnrm.cloud.google.com/v1beta1
 kind: BigQueryConnectionConnection
 metadata:
-  annotations:
-    cnrm.cloud.google.com/management-conflict-prevention-policy: none
   finalizers:
   - cnrm.cloud.google.com/finalizer
   - cnrm.cloud.google.com/deletion-defender
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquerydatatransfer/bigquerydatatransferconfig.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquerydatatransfer/bigquerydatatransferconfig.md
index 133b139f817..b9a298c03d3 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquerydatatransfer/bigquerydatatransferconfig.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquerydatatransfer/bigquerydatatransferconfig.md
@@ -387,7 +387,7 @@ serviceAccountRef:
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The BigQueryDataTransferConfig name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}The BigQueryDataTransferConfig name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
     <tr>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/certificatemanager/certificatemanagerdnsauthorization.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/certificatemanager/certificatemanagerdnsauthorization.md
index 7edeac39a5d..2b29ebe9526 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/certificatemanager/certificatemanagerdnsauthorization.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/certificatemanager/certificatemanagerdnsauthorization.md
@@ -168,7 +168,7 @@ resourceID: string
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.{% endverbatim %}</p>
+            <p>{% verbatim %}Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.{% endverbatim %}</p>
         </td>
     </tr>
 </tbody>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/compute/computetargettcpproxy.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/compute/computetargettcpproxy.md
index ea27c12cb61..ab230809995 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/compute/computetargettcpproxy.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/compute/computetargettcpproxy.md
@@ -182,7 +182,7 @@ resourceID: string
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The ComputeTargetTCPProxy name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}The ComputeTargetTCPProxy name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
 </tbody>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/containerattached/containerattachedcluster.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/containerattached/containerattachedcluster.md
index 072d78a671c..3cea3273b0c 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/containerattached/containerattachedcluster.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/containerattached/containerattachedcluster.md
@@ -512,7 +512,7 @@ while clusters with private issuers need to provide both 'issuerUrl' and 'jwks'.
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable, Optional. The ContainerAttachedCluster name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}Optional. The ContainerAttachedCluster name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
 </tbody>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/kms/kmskeyhandle.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/kms/kmskeyhandle.md
index 19d558294b1..fe15c216edf 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/kms/kmskeyhandle.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/kms/kmskeyhandle.md
@@ -147,7 +147,7 @@ resourceTypeSelector: string
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The KMS Key Handle ID used for resource creation or acquisition. For creation: If specified, this value is used as the key handle ID. If not provided, a UUID will be generated and assigned as the key handle ID. For acquisition: This field must be provided to identify the key handle resource to acquire.{% endverbatim %}</p>
+            <p>{% verbatim %}The KMS Key Handle ID used for resource creation or acquisition. For creation: If specified, this value is used as the key handle ID. If not provided, a UUID will be generated and assigned as the key handle ID. For acquisition: This field must be provided to identify the key handle resource to acquire.{% endverbatim %}</p>
         </td>
     </tr>
     <tr>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md
index 042d5539493..2cee06f8084 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md
@@ -395,7 +395,7 @@ versionAliases:
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The SecretManagerSecret name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}The SecretManagerSecret name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
     <tr>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/spanner/spannerinstance.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/spanner/spannerinstance.md
index 1acaec36cfb..48cd9330bb2 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/spanner/spannerinstance.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/spanner/spannerinstance.md
@@ -159,7 +159,7 @@ resourceID: string
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The SpannerInstance name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}The SpannerInstance name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
 </tbody>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstation.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstation.md
index c7ed37994f4..9eac4309a1d 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstation.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstation.md
@@ -219,7 +219,7 @@ resourceID: string
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The Workstation name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}The Workstation name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
 </tbody>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationcluster.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationcluster.md
index 7507fef4eaf..423077e1797 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationcluster.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationcluster.md
@@ -376,7 +376,7 @@ subnetworkRef:
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The WorkstationCluster name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}The WorkstationCluster name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
     <tr>
diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationconfig.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationconfig.md
index 989eb6f1d94..c5baeed10b3 100644
--- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationconfig.md
+++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/workstations/workstationconfig.md
@@ -955,7 +955,7 @@ runningTimeout: string
         </td>
         <td>
             <p><code class="apitype">string</code></p>
-            <p>{% verbatim %}Immutable. The WorkstationConfig name. If not given, the metadata.name will be used.{% endverbatim %}</p>
+            <p>{% verbatim %}The WorkstationConfig name. If not given, the metadata.name will be used.{% endverbatim %}</p>
         </td>
     </tr>
     <tr>