diff --git a/modules/vpc-sc/README.md b/modules/vpc-sc/README.md
index 01bcf59d..1537c119 100644
--- a/modules/vpc-sc/README.md
+++ b/modules/vpc-sc/README.md
@@ -136,6 +136,53 @@ module "vpc-sc" {
 # tftest:modules=1:resources=3
 ```
 
+## Example VCP-SC: 2 standard perimeters with one bridge  between the two (dry run mode).
+```hcl
+module "vpc-sc" {
+  source              = "./modules/vpc-sc"
+  organization_id     = "organizations/112233"
+  access_policy_title = "My Access Policy"
+  perimeters = {
+    perimeter_1 = {
+      type = "PERIMETER_TYPE_REGULAR"
+      dry_run_config = {
+        restricted_services     = ["storage.googleapis.com", "bigquery.googleapis.com"]
+        vpc_accessible_services = ["storage.googleapis.com", "bigquery.googleapis.com"]
+      }
+      enforced_config = null
+    }
+    perimeter_2 = {
+      type = "PERIMETER_TYPE_REGULAR"
+      dry_run_config = {
+        restricted_services     = ["storage.googleapis.com", "bigquery.googleapis.com"]
+        vpc_accessible_services = ["storage.googleapis.com", "bigquery.googleapis.com"]
+      }
+      enforced_config = null
+    }
+    perimeter_bridge = {
+      type = "PERIMETER_TYPE_BRIDGE"
+      dry_run_config = null
+      enforced_config = null
+    }
+  }
+  perimeter_projects = {
+    perimeter_1 = {
+      enforced = []
+      dry_run  = [111111111]
+    }
+    perimeter_2 = {
+      enforced = []
+      dry_run  = [222222222]
+    }
+    perimeter_bridge = {
+      enforced = []
+      dry_run  = [111111111, 222222222]
+    }
+  }
+}
+# tftest:modules=1:resources=4
+```
+
 ## Example VCP-SC standard perimeter with one service and one project in dry run mode in a Organization with an already existent access policy
 ```hcl
 module "vpc-sc-first" {
diff --git a/modules/vpc-sc/main.tf b/modules/vpc-sc/main.tf
index abae2e35..3e6c2801 100644
--- a/modules/vpc-sc/main.tf
+++ b/modules/vpc-sc/main.tf
@@ -330,11 +330,14 @@ resource "google_access_context_manager_service_perimeter" "bridge" {
   }
 
   # Dry run mode configuration
+  use_explicit_dry_run_spec = try(lookup(var.perimeter_projects, each.key, null).dry_run, null) != null ? true : null
   dynamic "spec" {
-    for_each = try(lookup(var.perimeter_projects, each.key, {}).dry_run, []) != null ? [""] : []
+    for_each = try(lookup(var.perimeter_projects, each.key, null).dry_run, null) != null ? [""] : []
 
     content {
-      resources = formatlist("projects/%s", try(lookup(var.perimeter_projects, each.key, {}).dry_run, []))
+      resources           = try(formatlist("projects/%s", lookup(var.perimeter_projects, each.key, {}).dry_run), null)
+      restricted_services = []
+      access_levels       = []
     }
   }