No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hello, I am currently working on enabling Workload Identity in our env managed by Pulumi. I think I know what needs to be created / wired up. But looking at the Pulumi documentation I am unsure on one of the mandatory parameters to assign the right roles to the Service Account I am creating.

Following the steps in the <https://cloud.google.com/config-connector/docs/how-to/install-upgrade-uninstall#identity|documentation> I think I can use either <https://www.pulumi.com/docs/reference/pkg/gcp/serviceaccount/iambinding/#iambinding|IAMBinding> or <https://www.pulumi.com/docs/reference/pkg/gcp/serviceaccount/iammember/#iammember|IAMMember> to implement step 2. I think IAMMember would be the better fit, but anyway, both resources require me to specify a parameter <https://www.pulumi.com/docs/reference/pkg/gcp/serviceaccount/iammember/#inputs|member>(s). As their is no documentation on this param I would assume that I have to pass in the same value as for the parameter serviceAccountId, or?

Found the solution:
member expects a value in the following format:
```&lt;account-type&gt;:&lt;account-email&gt; e.g. 
serviceAccount:db-service-account@my-project.iam.gserviceaccount.com```
Is there any easy way to contribute this to the Pulumi documentation?