diff --git a/.github/release-please.yml b/.github/release-please.yml
index 6366b9cb..884357c8 100644
--- a/.github/release-please.yml
+++ b/.github/release-please.yml
@@ -1,2 +1,16 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 releaseType: terraform-module
 handleGHRelease: true
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index fcf18fea..de1fd4ad 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -1,3 +1,17 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 name: "Close stale issues"
 on:
   schedule:
diff --git a/.gitignore b/.gitignore
index da5364be..1cf5db44 100644
--- a/.gitignore
+++ b/.gitignore
@@ -43,3 +43,6 @@ credentials.json
 
 # Test files
 .kitchen/
+
+# tf lock file
+.terraform.lock.hcl
diff --git a/Makefile b/Makefile
index 0095a724..30643a85 100644
--- a/Makefile
+++ b/Makefile
@@ -18,7 +18,7 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.13
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.0
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 
diff --git a/README.md b/README.md
index 50474773..7666d1d0 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,8 @@ This is a collection of submodules that make it easier to non-destructively mana
 * [Secret Manager IAM](modules/secret_manager_iam)
 
 ## Compatibility
-This module is meant for use with Terraform 0.13. If you haven't
+This module is meant for use with Terraform 0.13+ and tested using Terraform 1.0+. If you find incompatibilities using Terraform >=0.13, please open an issue.
+ If you haven't
 [upgraded](https://www.terraform.io/upgrade-guides/0-13.html) and need a Terraform
 0.12.x-compatible version of this module, the last released version
 intended for Terraform 0.12.x is [v6.4.1](https://registry.terraform.io/modules/terraform-google-modules/-iam/google/v6.4.1).
diff --git a/build/int.cloudbuild.yaml b/build/int.cloudbuild.yaml
index a1670634..70471592 100644
--- a/build/int.cloudbuild.yaml
+++ b/build/int.cloudbuild.yaml
@@ -305,4 +305,4 @@ tags:
 - 'integration'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.13'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.0'
diff --git a/build/lint.cloudbuild.yaml b/build/lint.cloudbuild.yaml
index e70d58af..d5704913 100644
--- a/build/lint.cloudbuild.yaml
+++ b/build/lint.cloudbuild.yaml
@@ -21,4 +21,4 @@ tags:
 - 'lint'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.13'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.0'
diff --git a/modules/custom_role_iam/main.tf b/modules/custom_role_iam/main.tf
index 0743344e..a311227d 100644
--- a/modules/custom_role_iam/main.tf
+++ b/modules/custom_role_iam/main.tf
@@ -17,7 +17,7 @@
 locals {
   excluded_permissions = concat(data.google_iam_testable_permissions.unsupported_permissions.permissions[*].name, var.excluded_permissions)
   included_permissions = concat(flatten(values(data.google_iam_role.role_permissions)[*].included_permissions), var.permissions)
-  permissions          = [for permission in local.included_permissions : permission if ! contains(local.excluded_permissions, permission)]
+  permissions          = [for permission in local.included_permissions : permission if !contains(local.excluded_permissions, permission)]
   custom-role-output   = (var.target_level == "project") ? google_project_iam_custom_role.project-custom-role[0].role_id : google_organization_iam_custom_role.org-custom-role[0].role_id
 }