diff --git a/catalog/resource_credential.go b/catalog/resource_credential.go
index 0f5921c81..5d9d6edf3 100644
--- a/catalog/resource_credential.go
+++ b/catalog/resource_credential.go
@@ -139,6 +139,17 @@ func ResourceCredential() common.Resource {
 			}
 
 			updateCredRequest.Owner = ""
+			// Workaround until backend team fixes API issue
+			if updateCredRequest.AwsIamRole != nil { // Update API accepts only RoleArn, not the rest of attributes
+				updateCredRequest.AwsIamRole = &catalog.AwsIamRole{RoleArn: updateCredRequest.AwsIamRole.RoleArn}
+			}
+			if updateCredRequest.AzureManagedIdentity != nil {
+				updateCredRequest.AzureManagedIdentity.CredentialId = "" // this is Computed attribute
+			}
+			if updateCredRequest.DatabricksGcpServiceAccount != nil { // we can't update it at all
+				updateCredRequest.DatabricksGcpServiceAccount = nil
+			}
+			// End of workaround
 			_, err = w.Credentials.UpdateCredential(ctx, updateCredRequest)
 			if err != nil {
 				if d.HasChange("owner") {
diff --git a/catalog/resource_storage_credential.go b/catalog/resource_storage_credential.go
index 25a5a9ffd..40f6fd472 100644
--- a/catalog/resource_storage_credential.go
+++ b/catalog/resource_storage_credential.go
@@ -185,6 +185,9 @@ func ResourceStorageCredential() common.Resource {
 				if d.HasChange("read_only") {
 					update.ForceSendFields = append(update.ForceSendFields, "ReadOnly")
 				}
+				if update.DatabricksGcpServiceAccount != nil { // we can't update it at all
+					update.DatabricksGcpServiceAccount = nil
+				}
 				update.Owner = ""
 				_, err := acc.StorageCredentials.Update(ctx, catalog.AccountsUpdateStorageCredential{
 					CredentialInfo:        &update,
@@ -232,6 +235,9 @@ func ResourceStorageCredential() common.Resource {
 				if d.HasChange("read_only") {
 					update.ForceSendFields = append(update.ForceSendFields, "ReadOnly")
 				}
+				if update.DatabricksGcpServiceAccount != nil { // we can't update it at all
+					update.DatabricksGcpServiceAccount = nil
+				}
 				update.Owner = ""
 				_, err = w.StorageCredentials.Update(ctx, update)
 				if err != nil {
diff --git a/internal/acceptance/credential_test.go b/internal/acceptance/credential_test.go
index 80e3cb5b8..24c88d62a 100644
--- a/internal/acceptance/credential_test.go
+++ b/internal/acceptance/credential_test.go
@@ -1,35 +1,48 @@
 package acceptance
 
 import (
+	"fmt"
 	"testing"
 )
 
-func TestUcAccCredential(t *testing.T) {
-	LoadUcwsEnv(t)
-	if IsAws(t) {
-		UnityWorkspaceLevel(t, Step{
-			Template: `
+func awsCredentialWithComment(comment string) string {
+	return fmt.Sprintf(`
 				resource "databricks_credential" "external" {
-					name = "service-cred-{var.RANDOM}"
+					name = "service-cred-{var.STICKY_RANDOM}"
 					aws_iam_role {
 						role_arn = "{env.TEST_METASTORE_DATA_ACCESS_ARN}"
 					}
 					purpose = "SERVICE"
 					skip_validation = true
-					comment = "Managed by TF"
-				}`,
-		})
-	} else if IsGcp(t) {
-		UnityWorkspaceLevel(t, Step{
-			// TODO: update purpose to SERVICE when it's released
-			Template: `
+					comment = "%s"
+				}`, comment)
+}
+
+func gcpCredentialWithComment(comment string) string {
+	// TODO: update purpose to SERVICE when it's released
+	return fmt.Sprintf(`
 				resource "databricks_credential" "external" {
-					name = "storage-cred-{var.RANDOM}"
+					name = "storage-cred-{var.STICKY_RANDOM}"
 					databricks_gcp_service_account {}
 					purpose = "STORAGE"
 					skip_validation = true
-					comment = "Managed by TF"
-				}`,
+					comment = "%s"
+				}`, comment)
+}
+
+func TestUcAccCredential(t *testing.T) {
+	LoadUcwsEnv(t)
+	if IsAws(t) {
+		UnityWorkspaceLevel(t, Step{
+			Template: awsCredentialWithComment("Managed by TF"),
+		}, Step{
+			Template: awsCredentialWithComment("Managed by TF updated"),
+		})
+	} else if IsGcp(t) {
+		UnityWorkspaceLevel(t, Step{
+			Template: gcpCredentialWithComment("Managed by TF"),
+		}, Step{
+			Template: gcpCredentialWithComment("Managed by TF updated"),
 		})
 	}
 }
diff --git a/internal/acceptance/storage_credential_test.go b/internal/acceptance/storage_credential_test.go
index bdc10e832..26f1b0327 100644
--- a/internal/acceptance/storage_credential_test.go
+++ b/internal/acceptance/storage_credential_test.go
@@ -1,9 +1,21 @@
 package acceptance
 
 import (
+	"fmt"
 	"testing"
 )
 
+func gcpStorageCredentialWithComment(comment string) string {
+	// TODO: update purpose to SERVICE when it's released
+	return fmt.Sprintf(`
+				resource "databricks_storage_credential" "external" {
+					name = "cred-{var.RANDOM}"
+					databricks_gcp_service_account {}
+					skip_validation = true
+					comment = "%s"
+				}`, comment)
+}
+
 func TestUcAccStorageCredential(t *testing.T) {
 	LoadUcwsEnv(t)
 	if IsAws(t) {
@@ -30,13 +42,9 @@ func TestUcAccStorageCredential(t *testing.T) {
 		})
 	} else if IsGcp(t) {
 		UnityWorkspaceLevel(t, Step{
-			Template: `
-				resource "databricks_storage_credential" "external" {
-					name = "cred-{var.RANDOM}"
-					databricks_gcp_service_account {}
-					skip_validation = true
-					comment = "Managed by TF"
-				}`,
+			Template: gcpStorageCredentialWithComment("Managed by TF"),
+		}, Step{
+			Template: gcpStorageCredentialWithComment("Managed by TF updated"),
 		})
 	}
 }