diff --git a/mmv1/products/compute/Subnetwork.yaml b/mmv1/products/compute/Subnetwork.yaml
index e1daa37918a4..bc262149ffca 100644
--- a/mmv1/products/compute/Subnetwork.yaml
+++ b/mmv1/products/compute/Subnetwork.yaml
@@ -165,12 +165,13 @@ properties:
     name: 'purpose'
     immutable: true
     description: |
-      The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `INTERNAL_HTTPS_LOAD_BALANCER`, `REGIONAL_MANAGED_PROXY`, or `PRIVATE_SERVICE_CONNECT`.
+      The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `INTERNAL_HTTPS_LOAD_BALANCER`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY` or `PRIVATE_SERVICE_CONNECT`.
       A subnetwork with purpose set to `INTERNAL_HTTPS_LOAD_BALANCER` is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing.
       A subnetwork in a given region with purpose set to `REGIONAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the regional Envoy-based load balancers.
+      A subnetwork in a given region with purpose set to `GLOBAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers.
       A subnetwork with purpose set to `PRIVATE_SERVICE_CONNECT` reserves the subnet for hosting a Private Service Connect published service.
       If unspecified, the purpose defaults to `PRIVATE_RFC_1918`.
-      The enableFlowLogs field isn't supported with the purpose field set to `INTERNAL_HTTPS_LOAD_BALANCER`.
+      The enableFlowLogs field isn't supported with the purpose field set to `INTERNAL_HTTPS_LOAD_BALANCER` or `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY`.
     default_from_api: true
   - !ruby/object:Api::Type::Enum
     name: 'role'
@@ -267,7 +268,7 @@ properties:
     description: |
       Denotes the logging options for the subnetwork flow logs. If logging is enabled
       logs will be exported to Stackdriver. This field cannot be set if the `purpose` of this
-      subnetwork is `INTERNAL_HTTPS_LOAD_BALANCER`
+      subnetwork is `INTERNAL_HTTPS_LOAD_BALANCER` or `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY`
     send_empty_value: true
     custom_expand: 'templates/terraform/custom_expand/subnetwork_log_config.go.erb'
     custom_flatten: 'templates/terraform/custom_flatten/subnetwork_log_config.go.erb'
diff --git a/mmv1/products/compute/TargetHttpsProxy.yaml b/mmv1/products/compute/TargetHttpsProxy.yaml
index 65202ce55a3b..aa255fe48128 100644
--- a/mmv1/products/compute/TargetHttpsProxy.yaml
+++ b/mmv1/products/compute/TargetHttpsProxy.yaml
@@ -106,16 +106,15 @@ properties:
   - !ruby/object:Api::Type::Array
     name: 'sslCertificates'
     description: |
-      A list of SslCertificate resources that are used to authenticate
-      connections between users and the load balancer. At least one SSL
-      certificate must be specified.
+      A list of SslCertificate resource URLs or Certificate Manager certificate URLs that are used to authenticate
+      connections between users and the load balancer. At least one resource must be specified.
     update_verb: :POST
     update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates'
     item_type: !ruby/object:Api::Type::ResourceRef
       name: 'sslCertificate'
       resource: 'SslCertificate'
       imports: 'selfLink'
-      description: 'The SSL certificates used by this TargetHttpsProxy'
+      description: 'The SSL certificate URL or Certificate Manager certificate resource URL used by this TargetHttpsProxy'
     custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb'
   - !ruby/object:Api::Type::String
     name: 'certificateMap'
diff --git a/mmv1/templates/terraform/custom_expand/subnetwork_log_config.go.erb b/mmv1/templates/terraform/custom_expand/subnetwork_log_config.go.erb
index 4e69ad7a2c8a..ba30a64eb5c7 100644
--- a/mmv1/templates/terraform/custom_expand/subnetwork_log_config.go.erb
+++ b/mmv1/templates/terraform/custom_expand/subnetwork_log_config.go.erb
@@ -18,8 +18,8 @@ func expand<%= prefix -%><%= titlelize_property(property) -%>(v interface{}, d t
 	if len(l) == 0 || l[0] == nil {
 		purpose, ok := d.GetOkExists("purpose")
 
-		if ok &&(purpose.(string) == "REGIONAL_MANAGED_PROXY" || purpose.(string) == "INTERNAL_HTTPS_LOAD_BALANCER") {
-			// Subnetworks for regional L7 ILB/XLB do not accept any values for logConfig
+		if ok &&(purpose.(string) == "REGIONAL_MANAGED_PROXY" || purpose.(string) == "GLOBAL_MANAGED_PROXY" || purpose.(string) == "INTERNAL_HTTPS_LOAD_BALANCER") {
+			// Subnetworks for regional L7 ILB/XLB or cross-regional L7 ILB do not accept any values for logConfig
 			return nil, nil
 		}
 		// send enable = false to ensure logging is disabled if there is no config