diff --git a/pkg/plan_modifier/cloud_provider.go b/pkg/plan_modifier/cloud_provider.go
index ca34aed0..bcf70f4e 100644
--- a/pkg/plan_modifier/cloud_provider.go
+++ b/pkg/plan_modifier/cloud_provider.go
@@ -8,7 +8,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-go/tftypes"
 )
 
-func CustomCloudProvider() planmodifier.String {
+func CustomClusterCloudProvider() planmodifier.String {
 	return customCloudProviderModifier{}
 }
 
diff --git a/pkg/plan_modifier/data_group_custom_diff.go b/pkg/plan_modifier/data_group_custom_diff.go
index 0df65780..f93fc9b4 100644
--- a/pkg/plan_modifier/data_group_custom_diff.go
+++ b/pkg/plan_modifier/data_group_custom_diff.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"reflect"
+	"strings"
 
 	"github.com/EnterpriseDB/terraform-provider-biganimal/pkg/models/pgd/terraform"
 	"github.com/hashicorp/terraform-plugin-framework/attr"
@@ -153,6 +154,27 @@ func (m CustomDataGroupDiffModifier) PlanModifyList(ctx context.Context, req pla
 					pDg.Connection = types.StringUnknown()
 				}
 
+				// validation to remove principal ids and service account ids if cloud provider is not bah
+				if !strings.Contains(*pDg.Provider.CloudProviderId, "bah") {
+					if !pDg.PeAllowedPrincipalIds.IsNull() && len(pDg.PeAllowedPrincipalIds.Elements()) > 0 {
+						resp.Diagnostics.AddError("your cloud account 'pe_allowed_principal_ids' field not allowed error",
+							fmt.Sprintf("field 'pe_allowed_principal_ids' for region %v should only be set if you are using 'bah' cloud provider, please remove 'pe_allowed_principal_ids'\n", pDg.Region.RegionId))
+						return
+					}
+
+					if !pDg.ServiceAccountIds.IsNull() && len(pDg.ServiceAccountIds.Elements()) > 0 {
+						resp.Diagnostics.AddError("your cloud account 'service_account_ids' field not allowed error",
+							fmt.Sprintf("field 'service_account_ids' for region %v should only be set if you are using cloud provider 'bah:gcp', please remove 'service_account_ids'\n", pDg.Region.RegionId))
+						return
+					}
+				} else if strings.Contains(*pDg.Provider.CloudProviderId, "bah") && !strings.Contains(*pDg.Provider.CloudProviderId, "bah:gcp") {
+					if !pDg.ServiceAccountIds.IsNull() && len(pDg.ServiceAccountIds.Elements()) > 0 {
+						resp.Diagnostics.AddError("your cloud account 'service_account_ids' field not allowed error",
+							fmt.Sprintf("you are not using cloud provider 'bah:gcp' for region %v, field 'service_account_ids' should only be set if you are using cloud provider 'bah:gcp', please remove 'service_account_ids'", pDg.Region.RegionId))
+						return
+					}
+				}
+
 				newDgPlan = append(newDgPlan, pDg)
 			}
 		}
diff --git a/pkg/provider/resource_analytics_cluster.go b/pkg/provider/resource_analytics_cluster.go
index 5f425184..5eabc97a 100644
--- a/pkg/provider/resource_analytics_cluster.go
+++ b/pkg/provider/resource_analytics_cluster.go
@@ -171,7 +171,7 @@ func (r *analyticsClusterResource) Schema(ctx context.Context, req resource.Sche
 			"cloud_provider": schema.StringAttribute{
 				Description:   "Cloud provider. For example, \"aws\" or \"bah:aws\".",
 				Required:      true,
-				PlanModifiers: []planmodifier.String{plan_modifier.CustomCloudProvider()},
+				PlanModifiers: []planmodifier.String{plan_modifier.CustomClusterCloudProvider()},
 			},
 			"pg_type": schema.StringAttribute{
 				MarkdownDescription: "Postgres type. For example, \"epas\" or \"pgextended\".",
diff --git a/pkg/provider/resource_cluster.go b/pkg/provider/resource_cluster.go
index c15ff381..3acebbec 100644
--- a/pkg/provider/resource_cluster.go
+++ b/pkg/provider/resource_cluster.go
@@ -327,7 +327,7 @@ func (c *clusterResource) Schema(ctx context.Context, req resource.SchemaRequest
 			"cloud_provider": schema.StringAttribute{
 				Description:   "Cloud provider. For example, \"aws\", \"azure\", \"gcp\" or \"bah:aws\", \"bah:gcp\".",
 				Required:      true,
-				PlanModifiers: []planmodifier.String{plan_modifier.CustomCloudProvider()},
+				PlanModifiers: []planmodifier.String{plan_modifier.CustomClusterCloudProvider()},
 			},
 			"pg_type": schema.StringAttribute{
 				MarkdownDescription: "Postgres type. For example, \"epas\", \"pgextended\", or \"postgres\".",
diff --git a/pkg/provider/resource_pgd.go b/pkg/provider/resource_pgd.go
index d424ee83..cc1792c7 100644
--- a/pkg/provider/resource_pgd.go
+++ b/pkg/provider/resource_pgd.go
@@ -347,9 +347,8 @@ func PgdSchema(ctx context.Context) schema.Schema {
 							Required:    true,
 							Attributes: map[string]schema.Attribute{
 								"cloud_provider_id": schema.StringAttribute{
-									Description:   "Data group cloud provider id.",
-									Required:      true,
-									PlanModifiers: []planmodifier.String{plan_modifier.CustomCloudProvider()},
+									Description: "Data group cloud provider id.",
+									Required:    true,
 								},
 							},
 						},