diff --git a/examples/data-sources/interfaces.tf b/examples/data-sources/routeros_interfaces/data-source.tf
similarity index 100%
rename from examples/data-sources/interfaces.tf
rename to examples/data-sources/routeros_interfaces/data-source.tf
diff --git a/examples/data-sources/ip_addresses.tf b/examples/data-sources/routeros_ip_addresses/data-source.tf
similarity index 100%
rename from examples/data-sources/ip_addresses.tf
rename to examples/data-sources/routeros_ip_addresses/data-source.tf
diff --git a/examples/data-sources/ip_routes.tf b/examples/data-sources/routeros_ip_routes/data-source.tf
similarity index 100%
rename from examples/data-sources/ip_routes.tf
rename to examples/data-sources/routeros_ip_routes/data-source.tf
diff --git a/examples/data-sources/ipv6_addresses.tf b/examples/data-sources/routeros_ipv6_addresses/data-source.tf
similarity index 100%
rename from examples/data-sources/ipv6_addresses.tf
rename to examples/data-sources/routeros_ipv6_addresses/data-source.tf
diff --git a/examples/data-sources/wireguard_keys.tf b/examples/data-sources/wireguard_keys.tf
deleted file mode 100644
index a21ba69f..00000000
--- a/examples/data-sources/wireguard_keys.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-data "routeros_wireguard_keys" "wgk" {
-  number = 3
-}
-
-output "wg_keys" {
-  value = data.routeros_wireguard_keys.wgk.keys[*]
-}
-
-output "wg_key" {
-  value = data.routeros_wireguard_keys.wgk.keys[2].private
-}
\ No newline at end of file
diff --git a/examples/resources/routeros_wireguard_keys/resource.tf b/examples/resources/routeros_wireguard_keys/resource.tf
new file mode 100644
index 00000000..db1bf6fb
--- /dev/null
+++ b/examples/resources/routeros_wireguard_keys/resource.tf
@@ -0,0 +1,12 @@
+resource "routeros_wireguard_keys" "wgk" {
+  number = 3
+}
+
+output "wg_keys" {
+  value     = routeros_wireguard_keys.wgk.keys[*]
+  sensitive = true
+}
+
+output "wg_key" {
+  value = nonsensitive(routeros_wireguard_keys.wgk.keys[1].public)
+}
\ No newline at end of file
diff --git a/routeros/datasource_wireguard_keys_test.go b/routeros/datasource_wireguard_keys_test.go
deleted file mode 100644
index f66ec1bb..00000000
--- a/routeros/datasource_wireguard_keys_test.go
+++ /dev/null
@@ -1,39 +0,0 @@
-package routeros
-
-import (
-	"testing"
-
-	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
-)
-
-const testDatasourceWireGuardKeys = "data.routeros_wireguard_keys.keys"
-
-func TestAccDatasourceWireGuardKeys_basic(t *testing.T) {
-	t.Run("WG keys", func(t *testing.T) {
-		resource.Test(t, resource.TestCase{
-			ProviderFactories: testAccProviderFactories,
-			Steps: []resource.TestStep{
-				{
-					Config: testAccDatasourceWireGuardKeysConfig(),
-					Check: resource.ComposeTestCheckFunc(
-						testResourcePrimaryInstanceId(testDatasourceWireGuardKeys),
-					),
-				},
-			},
-		})
-
-	})
-}
-
-func testAccDatasourceWireGuardKeysConfig() string {
-	return `
-
-provider "routeros" {
-	insecure = true
-}
-
-data "routeros_wireguard_keys" "keys" {
-	number = 3
-}
-`
-}
diff --git a/routeros/provider.go b/routeros/provider.go
index 8ae292f4..e5babc09 100644
--- a/routeros/provider.go
+++ b/routeros/provider.go
@@ -174,6 +174,9 @@ func Provider() *schema.Provider {
 			// SNMP
 			"routeros_snmp":           ResourceSNMP(),
 			"routeros_snmp_community": ResourceSNMPCommunity(),
+
+			// Helpers
+			"routeros_wireguard_keys": ResourceWireguardKeys(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"routeros_interfaces":     DatasourceInterfaces(),
@@ -181,7 +184,6 @@ func Provider() *schema.Provider {
 			"routeros_ip_routes":      DatasourceIPRoutes(),
 			"routeros_firewall":       DatasourceFirewall(),
 			"routeros_ipv6_addresses": DatasourceIPv6Addresses(),
-			"routeros_wireguard_keys": DatasourceWireguardKeys(),
 		},
 		ConfigureContextFunc: NewClient,
 	}
diff --git a/routeros/datasource_wireguard_keys.go b/routeros/resource_wireguard_keys.go
similarity index 78%
rename from routeros/datasource_wireguard_keys.go
rename to routeros/resource_wireguard_keys.go
index f25f3ff2..7148ca2f 100644
--- a/routeros/datasource_wireguard_keys.go
+++ b/routeros/resource_wireguard_keys.go
@@ -11,20 +11,39 @@ import (
 	"golang.org/x/crypto/curve25519"
 )
 
-func DatasourceWireguardKeys() *schema.Resource {
+func ResourceWireguardKeys() *schema.Resource {
 	return &schema.Resource{
 		Description: "Creating key sets for WireGuard tunnels.",
-		ReadContext: datasourceMakeWGKeys,
 		Schema: map[string]*schema.Schema{
+			MetaId: {
+				Type:     schema.TypeInt,
+				Optional: true,
+				ForceNew: true,
+				Default:  int(Name),
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					return true
+				},
+			},
+			MetaResourcePath: {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				Default:  "local",
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					return true
+				},
+			},
 			"number": {
 				Type:        schema.TypeInt,
 				Optional:    true,
+				ForceNew:    true,
 				Default:     1,
 				Description: "The number of key sets.",
 			},
 			"keys": {
-				Type:     schema.TypeList,
-				Computed: true,
+				Type:      schema.TypeList,
+				Computed:  true,
+				Sensitive: true,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"preshared": {
@@ -46,6 +65,14 @@ func DatasourceWireguardKeys() *schema.Resource {
 				},
 			},
 		},
+		CreateContext: wgKeysCreate,
+		ReadContext: func(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+			return nil
+		},
+		DeleteContext: func(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+			d.SetId("")
+			return nil
+		},
 	}
 }
 
@@ -125,7 +152,7 @@ func (k Key) String() string {
 	return base64.StdEncoding.EncodeToString(k[:])
 }
 
-func datasourceMakeWGKeys(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+func wgKeysCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	var res []map[string]any
 
 	for i := 0; i < d.Get("number").(int); i++ {
diff --git a/routeros/resource_wireguard_keys_test.go b/routeros/resource_wireguard_keys_test.go
new file mode 100644
index 00000000..02ec9031
--- /dev/null
+++ b/routeros/resource_wireguard_keys_test.go
@@ -0,0 +1,41 @@
+package routeros
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+const testResourceWireGuardKeys = "routeros_wireguard_keys.keys"
+
+func TestAccResourceWireGuardKeys_basic(t *testing.T) {
+	t.Parallel()
+	t.Run("WG keys", func(t *testing.T) {
+		resource.Test(t, resource.TestCase{
+			ProviderFactories: testAccProviderFactories,
+			Steps: []resource.TestStep{
+				{
+					Config: testAccResourceWireGuardKeysConfig(),
+					Check: resource.ComposeTestCheckFunc(
+						testResourcePrimaryInstanceId(testResourceWireGuardKeys),
+						resource.TestCheckResourceAttr(testResourceWireGuardKeys, "number", "3"),
+					),
+				},
+			},
+		})
+
+	})
+}
+
+func testAccResourceWireGuardKeysConfig() string {
+	return `
+
+provider "routeros" {
+	insecure = true
+}
+
+resource "routeros_wireguard_keys" "keys" {
+	number = 3
+}
+`
+}