diff --git a/internal/servers/controller/handlers/accounts/account_service.go b/internal/servers/controller/handlers/accounts/account_service.go
index 94ab5468e0..652968c046 100644
--- a/internal/servers/controller/handlers/accounts/account_service.go
+++ b/internal/servers/controller/handlers/accounts/account_service.go
@@ -317,7 +317,7 @@ func (s Service) changePasswordInRepo(ctx context.Context, scopeId, id string, v
 			return nil, handlers.InvalidArgumentErrorf("Error in provided request.",
 				map[string]string{"new_password": "New password equal to current password."})
 		}
-		return nil, fmt.Errorf( "unable to change password: %w", err)
+		return nil, fmt.Errorf("unable to change password: %w", err)
 	}
 	if out == nil {
 		return nil, handlers.ApiErrorWithCodeAndMessage(codes.PermissionDenied, "Failed to change password.")
diff --git a/internal/servers/controller/handlers/authenticate/authenticate_service_test.go b/internal/servers/controller/handlers/authenticate/authenticate_service_test.go
index 2a545d1eda..7b90aa7521 100644
--- a/internal/servers/controller/handlers/authenticate/authenticate_service_test.go
+++ b/internal/servers/controller/handlers/authenticate/authenticate_service_test.go
@@ -47,10 +47,10 @@ func TestAuthenticate(t *testing.T) {
 	require.NotNil(t, acct)
 
 	cases := []struct {
-		name    string
-		request *pbs.AuthenticateRequest
+		name     string
+		request  *pbs.AuthenticateRequest
 		wantType string
-		wantErr error
+		wantErr  error
 	}{
 		{
 			name: "basic",
diff --git a/internal/servers/controller/handlers/authmethods/authmethod_service.go b/internal/servers/controller/handlers/authmethods/authmethod_service.go
index e48c939a99..3848790e3a 100644
--- a/internal/servers/controller/handlers/authmethods/authmethod_service.go
+++ b/internal/servers/controller/handlers/authmethods/authmethod_service.go
@@ -192,7 +192,7 @@ func (s Service) createInRepo(ctx context.Context, scopeId string, item *pb.Auth
 	}
 	out, err := repo.CreateAuthMethod(ctx, u)
 	if err != nil {
-		return nil,fmt.Errorf("unable to create auth method: %w", err)
+		return nil, fmt.Errorf("unable to create auth method: %w", err)
 	}
 	if out == nil {
 		return nil, handlers.ApiErrorWithCodeAndMessage(codes.Internal, "Unable to create auth method but no error returned from repository.")
diff --git a/internal/servers/controller/handlers/groups/group_service_test.go b/internal/servers/controller/handlers/groups/group_service_test.go
index 2a080bf607..6996611eb4 100644
--- a/internal/servers/controller/handlers/groups/group_service_test.go
+++ b/internal/servers/controller/handlers/groups/group_service_test.go
@@ -1009,8 +1009,8 @@ func TestAddMember(t *testing.T) {
 		{
 			name: "Invalid user id in member list",
 			req: &pbs.AddGroupMembersRequest{
-				Id:      grp.GetPublicId(),
-				Version: grp.GetVersion(),
+				Id:        grp.GetPublicId(),
+				Version:   grp.GetVersion(),
 				MemberIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1018,8 +1018,8 @@ func TestAddMember(t *testing.T) {
 		{
 			name: "u_recovery",
 			req: &pbs.AddGroupMembersRequest{
-				Id:      grp.GetPublicId(),
-				Version: grp.GetVersion(),
+				Id:        grp.GetPublicId(),
+				Version:   grp.GetVersion(),
 				MemberIds: []string{"u_recovery"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1139,8 +1139,8 @@ func TestSetMember(t *testing.T) {
 		{
 			name: "Invalid user id in member list",
 			req: &pbs.SetGroupMembersRequest{
-				Id:      grp.GetPublicId(),
-				Version: grp.GetVersion(),
+				Id:        grp.GetPublicId(),
+				Version:   grp.GetVersion(),
 				MemberIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1148,8 +1148,8 @@ func TestSetMember(t *testing.T) {
 		{
 			name: "u_recovery",
 			req: &pbs.SetGroupMembersRequest{
-				Id:      grp.GetPublicId(),
-				Version: grp.GetVersion(),
+				Id:        grp.GetPublicId(),
+				Version:   grp.GetVersion(),
 				MemberIds: []string{"u_recovery"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1278,8 +1278,8 @@ func TestRemoveMember(t *testing.T) {
 		{
 			name: "Invalid user id in member list",
 			req: &pbs.RemoveGroupMembersRequest{
-				Id:      grp.GetPublicId(),
-				Version: grp.GetVersion(),
+				Id:        grp.GetPublicId(),
+				Version:   grp.GetVersion(),
 				MemberIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
diff --git a/internal/servers/controller/handlers/roles/role_service.go b/internal/servers/controller/handlers/roles/role_service.go
index 8151d11e5b..fcfdeaf035 100644
--- a/internal/servers/controller/handlers/roles/role_service.go
+++ b/internal/servers/controller/handlers/roles/role_service.go
@@ -655,7 +655,7 @@ func validateAddRolePrincipalsRequest(req *pbs.AddRolePrincipalsRequest) error {
 		badFields["principal_ids"] = "Must be non-empty."
 	}
 	for _, id := range req.GetPrincipalIds() {
-		if !handlers.ValidId(iam.GroupPrefix, id) && ! handlers.ValidId(iam.UserPrefix, id) {
+		if !handlers.ValidId(iam.GroupPrefix, id) && !handlers.ValidId(iam.UserPrefix, id) {
 			badFields["principal_ids"] = "Must only have valid group and/or user ids."
 			break
 		}
@@ -679,7 +679,7 @@ func validateSetRolePrincipalsRequest(req *pbs.SetRolePrincipalsRequest) error {
 		badFields["version"] = "Required field."
 	}
 	for _, id := range req.GetPrincipalIds() {
-		if !handlers.ValidId(iam.GroupPrefix, id) && ! handlers.ValidId(iam.UserPrefix, id) {
+		if !handlers.ValidId(iam.GroupPrefix, id) && !handlers.ValidId(iam.UserPrefix, id) {
 			badFields["principal_ids"] = "Must only have valid group and/or user ids."
 			break
 		}
diff --git a/internal/servers/controller/handlers/roles/role_service_test.go b/internal/servers/controller/handlers/roles/role_service_test.go
index a12e3458ec..99a43b1e3f 100644
--- a/internal/servers/controller/handlers/roles/role_service_test.go
+++ b/internal/servers/controller/handlers/roles/role_service_test.go
@@ -1054,8 +1054,8 @@ func TestAddPrincipal(t *testing.T) {
 		{
 			name: "Bad Principal Id",
 			req: &pbs.AddRolePrincipalsRequest{
-				Id:      role.GetPublicId(),
-				Version: role.GetVersion(),
+				Id:           role.GetPublicId(),
+				Version:      role.GetVersion(),
 				PrincipalIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1063,8 +1063,8 @@ func TestAddPrincipal(t *testing.T) {
 		{
 			name: "u_recovery Id",
 			req: &pbs.AddRolePrincipalsRequest{
-				Id:      role.GetPublicId(),
-				Version: role.GetVersion(),
+				Id:           role.GetPublicId(),
+				Version:      role.GetVersion(),
 				PrincipalIds: []string{"u_recovery"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1209,8 +1209,8 @@ func TestSetPrincipal(t *testing.T) {
 		{
 			name: "Bad Principal Id",
 			req: &pbs.SetRolePrincipalsRequest{
-				Id:      role.GetPublicId(),
-				Version: role.GetVersion(),
+				Id:           role.GetPublicId(),
+				Version:      role.GetVersion(),
 				PrincipalIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1218,8 +1218,8 @@ func TestSetPrincipal(t *testing.T) {
 		{
 			name: "u_recovery",
 			req: &pbs.SetRolePrincipalsRequest{
-				Id:      role.GetPublicId(),
-				Version: role.GetVersion(),
+				Id:           role.GetPublicId(),
+				Version:      role.GetVersion(),
 				PrincipalIds: []string{"u_recovery"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1386,8 +1386,8 @@ func TestRemovePrincipal(t *testing.T) {
 		{
 			name: "Bad User Id",
 			req: &pbs.RemoveRolePrincipalsRequest{
-				Id:      role.GetPublicId(),
-				Version: role.GetVersion(),
+				Id:           role.GetPublicId(),
+				Version:      role.GetVersion(),
 				PrincipalIds: []string{"g_validgroup", "invaliduser"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -1395,8 +1395,8 @@ func TestRemovePrincipal(t *testing.T) {
 		{
 			name: "Bad Group Id",
 			req: &pbs.RemoveRolePrincipalsRequest{
-				Id:      role.GetPublicId(),
-				Version: role.GetVersion(),
+				Id:           role.GetPublicId(),
+				Version:      role.GetVersion(),
 				PrincipalIds: []string{"u_validuser", "invalidgroup"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
diff --git a/internal/servers/controller/handlers/targets/target_service_test.go b/internal/servers/controller/handlers/targets/target_service_test.go
index 70ef04f8e5..70f65e37cb 100644
--- a/internal/servers/controller/handlers/targets/target_service_test.go
+++ b/internal/servers/controller/handlers/targets/target_service_test.go
@@ -469,7 +469,7 @@ func TestUpdate(t *testing.T) {
 					Description:            wrapperspb.String("desc"),
 					SessionMaxSeconds:      wrapperspb.UInt32(3600),
 					SessionConnectionLimit: wrapperspb.Int32(5),
-					Type: target.TcpSubType.String(),
+					Type:                   target.TcpSubType.String(),
 				},
 			},
 			res: &pbs.UpdateTargetResponse{
@@ -500,7 +500,7 @@ func TestUpdate(t *testing.T) {
 				Item: &pb.Target{
 					Name:        wrapperspb.String("name"),
 					Description: wrapperspb.String("desc"),
-					Type: target.TcpSubType.String(),
+					Type:        target.TcpSubType.String(),
 				},
 			},
 			res: &pbs.UpdateTargetResponse{
@@ -786,10 +786,10 @@ func TestUpdate_BadVersion(t *testing.T) {
 	require.NoError(t, err, "Failed to create a new host set service.")
 
 	upTar, err := tested.UpdateTarget(auth.DisabledAuthTestContext(auth.WithScopeId(proj.GetPublicId())), &pbs.UpdateTargetRequest{
-		Id:         gtar.GetPublicId(),
-		Item:       &pb.Target{
-			Description:            wrapperspb.String("updated"),
-			Version:                72,
+		Id: gtar.GetPublicId(),
+		Item: &pb.Target{
+			Description: wrapperspb.String("updated"),
+			Version:     72,
 		},
 		UpdateMask: &field_mask.FieldMask{Paths: []string{"description"}},
 	})
@@ -890,8 +890,8 @@ func TestAddTargetHostSets(t *testing.T) {
 		{
 			name: "Incorrect host set ids",
 			req: &pbs.AddTargetHostSetsRequest{
-				Id:      tar.GetPublicId(),
-				Version: tar.GetVersion(),
+				Id:         tar.GetPublicId(),
+				Version:    tar.GetVersion(),
 				HostSetIds: []string{"incorrect"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
diff --git a/internal/servers/controller/handlers/users/user_service_test.go b/internal/servers/controller/handlers/users/user_service_test.go
index 08d768ea13..b4556de9b0 100644
--- a/internal/servers/controller/handlers/users/user_service_test.go
+++ b/internal/servers/controller/handlers/users/user_service_test.go
@@ -709,8 +709,8 @@ func TestAddAccount(t *testing.T) {
 		{
 			name: "Bad account Id",
 			req: &pbs.AddUserAccountsRequest{
-				Id:      usr.GetPublicId(),
-				Version: usr.GetVersion(),
+				Id:         usr.GetPublicId(),
+				Version:    usr.GetVersion(),
 				AccountIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -832,8 +832,8 @@ func TestSetAccount(t *testing.T) {
 		{
 			name: "Bad account Id",
 			req: &pbs.SetUserAccountsRequest{
-				Id:      usr.GetPublicId(),
-				Version: usr.GetVersion(),
+				Id:         usr.GetPublicId(),
+				Version:    usr.GetVersion(),
 				AccountIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
@@ -965,8 +965,8 @@ func TestRemoveAccount(t *testing.T) {
 		{
 			name: "Bad account Id",
 			req: &pbs.RemoveUserAccountsRequest{
-				Id:      usr.GetPublicId(),
-				Version: usr.GetVersion(),
+				Id:         usr.GetPublicId(),
+				Version:    usr.GetVersion(),
 				AccountIds: []string{"invalid"},
 			},
 			err: handlers.ApiErrorWithCode(codes.InvalidArgument),