diff --git a/integration/test_resources/help/generate_cloud-account_aws_controltower b/integration/test_resources/help/generate_cloud-account_aws_controltower
index 1c2049d1a..aa0768797 100644
--- a/integration/test_resources/help/generate_cloud-account_aws_controltower
+++ b/integration/test_resources/help/generate_cloud-account_aws_controltower
@@ -24,20 +24,26 @@ Usage:
 Flags:
       --apply                            run terraform apply without executing plan or prompting
       --audit_account string             The audit account flag input in the format profile:region
-      --aws_profile string               specify aws profile
   -h, --help                             help for controltower
+      --iam_role_arn string              specify the arn of the existing iam role
+      --iam_role_external_id string      specify the external id of the existing iam role
+      --iam_role_name string             specify the name of the existing iam role
       --lacework_aws_account_id string   the Lacework AWS root account id
       --log_archive_account string       The log archive account flag input in the format profile:region
+      --org_account_mapping string       Org account mapping json string. Example:
+                                         ''{"default_lacework_account":"main","mapping": [{ "aws_accounts": ["123456789011"], "lacework_account": "sub-account-1"}]}'
       --output string                    location to write generated content
       --prefix string                    specify the prefix that will be used at the beginning of every generated resource
       --s3_bucket_arn string             the S3 Bucket for consolidated CloudTrail
       --sns_topic_arn string             the SNS Topic
+      --sqs_queue_name string            specify the name of the sqs queue
 
 Global Flags:
   -a, --account string                        account subdomain of URL (i.e. <ACCOUNT>.lacework.net)
   -k, --api_key string                        access key id
   -s, --api_secret string                     secret access key
       --api_token string                      access token (replaces the use of api_key and api_secret)
+      --aws_profile string                    specify aws profile
       --aws_region string                     specify aws region
       --aws_subaccount strings                configure an additional aws account; value format must be <aws profile>:<region>
       --bucket_encryption_enabled             enable S3 bucket encryption when creating bucket (default true)
@@ -65,6 +71,5 @@ Global Flags:
       --sns_topic_name string                 specify SNS topic name if creating new one
       --sqs_encryption_enabled                enable encryption on SQS queue when creating (default true)
       --sqs_encryption_key_arn string         specify existing KMS encryption key arn for SQS queue
-      --sqs_queue_name string                 specify SQS queue name if creating new one
       --subaccount string                     sub-account name inside your organization (org admins only)
       --use_s3_bucket_notification            enable S3 bucket notifications