Commit 62b33aa4 authored by Adam Robinson's avatar Adam Robinson
Browse files

fix jobUser role for service accounts

parent ea9b4129
resource "google_project_iam_binding" "datalab_service_account_iam_binding" {
project = google_project.hipaa_project["data"].project_id
for_each = { for v in local.worker_projects : v => v }
project = google_project.hipaa_project[each.key].project_id
role = "roles/bigquery.jobUser"
members = [ for v in local.datalab_service_account_readers : "serviceAccount:${v}" ]
members = compact([ for v in keys(var.datalab_user_list) : var.datalab_user_list[v] == each.value ? "serviceAccount:${google_service_account.datalab_service_account[v].email}" : "" ])
}
resource "google_project_service" "sourcerepo-api" {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment