diff --git a/management/global/base-identities/config.tf b/management/global/base-identities/config.tf
index c692b174f..af57e748f 100644
--- a/management/global/base-identities/config.tf
+++ b/management/global/base-identities/config.tf
@@ -10,7 +10,7 @@ provider "aws" {
 # Backend Config (partial)    #
 #=============================#
 terraform {
-  required_version = "~> 1.2.7"
+  required_version = "~> 1.3.0"
 
   required_providers {
     aws = "~> 4.10"
diff --git a/management/global/base-identities/groups.tf b/management/global/base-identities/groups.tf
index 922059ff3..b4f34d666 100644
--- a/management/global/base-identities/groups.tf
+++ b/management/global/base-identities/groups.tf
@@ -11,7 +11,6 @@ module "iam_group_admins" {
     module.user["exequiel.barrirero"].iam_user_name,
     module.user["jose.peinado"].iam_user_name,
     module.user["luis.gallardo"].iam_user_name,
-    module.user["marcos.pagnucco"].iam_user_name
   ]
 
   custom_group_policy_arns = [
@@ -32,3 +31,18 @@ module "iam_group_finops" {
     "arn:aws:iam::aws:policy/job-function/ViewOnlyAccess",
   ]
 }
+
+module "iam_group_aws_iq" {
+  source = "github.com/binbashar/terraform-aws-iam.git//modules/iam-group-with-policies?ref=v5.9.2"
+  name   = "aws_iq_root_org"
+
+  group_users = [
+    module.user["emiliano.brest"].iam_user_name,
+    module.user["marcos.pagnucco"].iam_user_name
+  ]
+
+  custom_group_policy_arns = [
+    "arn:aws:iam::aws:policy/AWSIQFullAccess",
+    "arn:aws:iam::aws:policy/AWSMarketplaceSellerFullAccess"
+  ]
+}
diff --git a/management/global/base-identities/groups_policies.tf b/management/global/base-identities/groups_policies.tf
index 8e1cfa152..9426e4010 100644
--- a/management/global/base-identities/groups_policies.tf
+++ b/management/global/base-identities/groups_policies.tf
@@ -23,4 +23,4 @@ resource "aws_iam_policy" "assume_oaar_role" {
     ]
   }
   EOF
-}
\ No newline at end of file
+}
diff --git a/management/global/base-identities/locals.tf b/management/global/base-identities/locals.tf
index 6cf97f786..fc76f385b 100644
--- a/management/global/base-identities/locals.tf
+++ b/management/global/base-identities/locals.tf
@@ -7,6 +7,7 @@ locals {
   users = [
     "angelo.fenoglio",
     "diego.ojeda",
+    "emiliano.brest",
     "exequiel.barrirero",
     "jose.peinado",
     "luis.gallardo",