devops-exercises/topics/gcp/exercises/assign_roles/main.tf
Arie Bregman 7cceb86b38 Update
2022-10-23 13:02:53 +03:00

19 lines
543 B
HCL

locals {
roles = [
"roles/compute.storageAdmin",
"roles/compute.networkAdmin",
"roles/compute.securityAdmin"
]
}
resource "google_service_account" "some_member" {
account_id = "${substr(var.env_id, 0, min(length(var.env_id), 10))}-some-member"
display_name = "${var.env_id} some-member"
}
resource "google_project_iam_member" "storageAdminMaster" {
for_each = toset(concat(local.roles))
project = "${var.project_id}"
role = each.key
member = "serviceAccount:${google_service_account.some_member.email}"
}