Can someone explain to me what cloud_identity_group is for?

This is as much a google question as a tf question.

I use G Suite groups to provide access to GCP resources- I put service accounts in them.

Can I use this TF resource to create these G Suite groups?

Is this a new thing? viewing groups in the console is in beta, and apparently there is something called identity-mapped groups- this is confusing as hell

Google has always been terrible with security and identity in their platform and docs are always confusing and wrong or out of date. I feel like this is an example of poor guidance and docs for how G Suite and GCP can/should be used together and where one ends and the other begins- sorry for ranting