diff --git a/fast/stages/01-resman/README.md b/fast/stages/01-resman/README.md
index 002407b9f..10052605f 100644
--- a/fast/stages/01-resman/README.md
+++ b/fast/stages/01-resman/README.md
@@ -158,6 +158,7 @@ Due to its simplicity, this stage lends itself easily to customizations: adding
 | [main.tf](./main.tf) | Module-level locals and resources. |  |  |
 | [organization.tf](./organization.tf) | Organization policies. | <code>organization</code> |  |
 | [outputs.tf](./outputs.tf) | Module outputs. |  | <code>local_file</code> |
+| [providers.tf](./providers.tf) | Provider configurations. |  |  |
 | [variables.tf](./variables.tf) | Module variables. |  |  |
 
 ## Variables
@@ -178,12 +179,13 @@ Due to its simplicity, this stage lends itself easily to customizations: adding
 
 | name | description | sensitive | consumers |
 |---|---|:---:|---|
-| [networking](outputs.tf#L107) | Data for the networking stage. |  | <code>02-networking</code> |
-| [project_factories](outputs.tf#L117) | Data for the project factories stage. |  | <code>xx-teams</code> |
-| [providers](outputs.tf#L134) | Terraform provider files for this stage and dependent stages. | ✓ | <code>02-networking</code> · <code>02-security</code> · <code>xx-sandbox</code> · <code>xx-teams</code> |
-| [sandbox](outputs.tf#L141) | Data for the sandbox stage. |  | <code>xx-sandbox</code> |
-| [security](outputs.tf#L151) | Data for the networking stage. |  | <code>02-security</code> |
-| [teams](outputs.tf#L161) | Data for the teams stage. |  |  |
-| [tfvars](outputs.tf#L174) | Terraform variable files for the following stages. | ✓ |  |
+| [dataplatform](outputs.tf#L104) | Data for the Data Platform stage. |  | <code>02-networking</code> |
+| [networking](outputs.tf#L121) | Data for the networking stage. |  | <code>02-networking</code> |
+| [project_factories](outputs.tf#L131) | Data for the project factories stage. |  | <code>xx-teams</code> |
+| [providers](outputs.tf#L148) | Terraform provider files for this stage and dependent stages. | ✓ | <code>02-networking</code> · <code>02-security</code> · <code>xx-sandbox</code> · <code>xx-teams</code> |
+| [sandbox](outputs.tf#L155) | Data for the sandbox stage. |  | <code>xx-sandbox</code> |
+| [security](outputs.tf#L165) | Data for the networking stage. |  | <code>02-security</code> |
+| [teams](outputs.tf#L175) | Data for the teams stage. |  |  |
+| [tfvars](outputs.tf#L188) | Terraform variable files for the following stages. | ✓ |  |
 
 <!-- END TFDOC -->
diff --git a/fast/stages/01-resman/branch-dataplatform.tf b/fast/stages/01-resman/branch-dataplatform.tf
index 2573564a7..c90142069 100644
--- a/fast/stages/01-resman/branch-dataplatform.tf
+++ b/fast/stages/01-resman/branch-dataplatform.tf
@@ -35,21 +35,11 @@ module "branch-dp-dev-folder" {
   group_iam = {}
   iam = {
     # remove owner here and at project level if SA does not manage project resources
-    "roles/owner" = [
-      module.branch-dp-dev-sa.iam_email
-    ]
-    "roles/logging.admin" = [
-      module.branch-dp-dev-sa.iam_email
-    ]
-    "roles/resourcemanager.folderAdmin" = [
-      module.branch-dp-dev-sa.iam_email
-    ]
-    "roles/resourcemanager.projectCreator" = [
-      module.branch-dp-dev-sa.iam_email
-    ]
-    "roles/compute.xpnAdmin" = [
-      module.branch-teams-dev-projectfactory-sa.iam_email
-    ]
+    "roles/logging.admin"                  = [module.branch-dp-dev-sa.iam_email]
+    "roles/owner"                          = [module.branch-dp-dev-sa.iam_email]
+    "roles/resourcemanager.folderAdmin"    = [module.branch-dp-dev-sa.iam_email]
+    "roles/resourcemanager.projectCreator" = [module.branch-dp-dev-sa.iam_email]
+    "roles/compute.xpnAdmin"               = [module.branch-dp-dev-sa.iam_email]
   }
 }
 
diff --git a/fast/stages/01-resman/organization.tf b/fast/stages/01-resman/organization.tf
index bfd25a69a..e745524d3 100644
--- a/fast/stages/01-resman/organization.tf
+++ b/fast/stages/01-resman/organization.tf
@@ -78,11 +78,11 @@ module "organization" {
           module.branch-network-sa.iam_email,
           module.branch-security-sa.iam_email,
         ],
+        local.branch_dataplatform_sa_iam_emails,
         # enable if individual teams can create their own projects
         # [
         #   for k, v in module.branch-teams-team-sa : v.iam_email
         # ],
-        local.branch_dataplatform_sa_iam_emails,
         local.branch_teams_pf_sa_iam_emails
       )
     } : {}
diff --git a/fast/stages/01-resman/outputs.tf b/fast/stages/01-resman/outputs.tf
index 9fc6f636f..c5b7f24a9 100644
--- a/fast/stages/01-resman/outputs.tf
+++ b/fast/stages/01-resman/outputs.tf
@@ -101,6 +101,23 @@ resource "local_file" "tfvars" {
 
 # outputs
 
+output "dataplatform" {
+  # tfdoc:output:consumers 03-dataplatform
+  description = "Data for the Data Platform stage."
+  value = {
+    dev = {
+      folder          = module.branch-dp-dev-folder.id
+      gcs_bucket      = module.branch-dp-dev-gcs.name
+      service_account = module.branch-dp-dev-sa.email
+    }
+    prod = {
+      folder          = module.branch-dp-prod-folder.id
+      gcs_bucket      = module.branch-dp-prod-gcs.name
+      service_account = module.branch-dp-prod-sa.email
+    }
+  }
+}
+
 output "networking" {
   # tfdoc:output:consumers 02-networking
   description = "Data for the networking stage."
@@ -129,7 +146,7 @@ output "project_factories" {
 # ready to use provider configurations for subsequent stages
 
 output "providers" {
-  # tfdoc:output:consumers 02-networking 02-security xx-sandbox xx-teams
+  # tfdoc:output:consumers 02-networking 02-security 03-dataplatform xx-sandbox xx-teams
   description = "Terraform provider files for this stage and dependent stages."
   sensitive   = true
   value       = local.providers