diff --git a/modules/iam-service-account/README.md b/modules/iam-service-account/README.md
index e87d1d31b..a62ce8f53 100644
--- a/modules/iam-service-account/README.md
+++ b/modules/iam-service-account/README.md
@@ -8,10 +8,9 @@ Note that this module does not fully comply with our design principles, as outpu
 
 ```hcl
 module "myproject-default-service-accounts" {
-  source       = "./fabric/modules/iam-service-account"
-  project_id   = "myproject"
-  name         = "vm-default"
-  generate_key = true
+  source     = "./fabric/modules/iam-service-account"
+  project_id = "myproject"
+  name       = "vm-default"
   # authoritative roles granted *on* the service accounts to other identities
   iam = {
     "roles/iam.serviceAccountUser" = ["user:foo@example.com"]
@@ -24,7 +23,7 @@ module "myproject-default-service-accounts" {
     ]
   }
 }
-# tftest modules=1 resources=5
+# tftest modules=1 resources=4 inventory=basic.yaml
 ```
 <!-- TFDOC OPTS files:1 -->
 <!-- BEGIN TFDOC -->
diff --git a/tests/examples/test_plan.py b/tests/examples/test_plan.py
index 4248f641b..cbcc0b16e 100644
--- a/tests/examples/test_plan.py
+++ b/tests/examples/test_plan.py
@@ -40,7 +40,8 @@ def test_example(plan_validator, tmp_path, example):
 
     inventory = []
     if match.group(4) is not None:
-      inventory = BASE_PATH.parent / example.module / 'examples'
+      python_test_path = str(example.module).replace('-', '_')
+      inventory = BASE_PATH.parent / python_test_path / 'examples'
       inventory = inventory / match.group(4)
 
     # TODO: force plan_validator to never copy files (we're already
diff --git a/tests/modules/iam_service_account/examples/basic.yaml b/tests/modules/iam_service_account/examples/basic.yaml
new file mode 100644
index 000000000..4acc58519
--- /dev/null
+++ b/tests/modules/iam_service_account/examples/basic.yaml
@@ -0,0 +1,39 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+values:
+  module.myproject-default-service-accounts.google_project_iam_member.project-roles["myproject-roles/logging.logWriter"]:
+    condition: []
+    project: myproject
+    role: roles/logging.logWriter
+  module.myproject-default-service-accounts.google_project_iam_member.project-roles["myproject-roles/monitoring.metricWriter"]:
+    condition: []
+    project: myproject
+    role: roles/monitoring.metricWriter
+  module.myproject-default-service-accounts.google_service_account.service_account[0]:
+    account_id: vm-default
+    description: null
+    disabled: false
+    display_name: Terraform-managed.
+    project: myproject
+    timeouts: null
+  module.myproject-default-service-accounts.google_service_account_iam_binding.roles["roles/iam.serviceAccountUser"]:
+    condition: []
+    members:
+    - user:foo@example.com
+    role: roles/iam.serviceAccountUser
+
+counts:
+  google_project_iam_member: 2
+  google_service_account: 1
+  google_service_account_iam_binding: 1