'Terraform IAM binding for GCP Cloud Tasks

[Edited]

My concern is related with this open issue

As I know there is no iam binding module in terraform for GCP CloudTasks.

The only solution is using module = terraform-google-modules/gcloud/google, where you can run gcloud commands within terraform.

That means in case that I want to assign viewer role to 3xSAs + 5xUsers + 2xGroups I should have 10 copies of my terraform-google-modules/gcloud/google module.

Similar with running 10 times bellow command:

gcloud tasks queues add-iam-policy-binding GCP_CLOUD_TASK_ID --member=serviceAccount:SERVICE_ACCOUNT --role=roles/cloudtasks.viewer

Suppose I have additional roles: cloudtasks.viewer, cloudtasks.enqueuer, cloudtasks.taskRunner etc., in result I get a lot of gcloud module copies in my .tf definition file.

Is there a workaround using tf loops, conditionals to simply de tf file definitions with gcloud module? Couldn't find any examples and can't figure it out by myself.

terraform-provider-gcpgoogle-iam


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

GCP equivalent of "deny" permissions in aws policy

Grant your originating account the Service Account Token Creator role on the target service account

How to solve Error creating Service: googleapi: Error 403: Permission 'iam.serviceaccounts.actAs' denied on service account

How can i get the logs of roles modifications on some specific IAM user in GCP

How do I export(to a file) all people with a certain role per project in an organization in GCP?

Provision a GCP VM instance with no external IP via Terraform

Terraform 'Failed to instantiate provider' for GCP error on Mac OS X

Google Cloud: Pubsub subscription filter expression options

Error when creating the firebase project using terraform

Terraform - iterate over nested map

Linking a series of GCP disks to corresponding instances dynamically in terraform

How to hook up Terraform to create Cloud Build Triggers that pull from a private bitbucket Repo In the GCP

How to hook up Terraform to create Cloud Build Triggers that pull from a private bitbucket Repo In the GCP

Comparing: should I choose Terraform gcp modules or google gcp modules from git

Terraform file for gcp, how to input path for json key