# google-cloud


11/05/2020, 6:05 PM
Hello, I am currently working on enabling Workload Identity in our env managed by Pulumi. I think I know what needs to be created / wired up. But looking at the Pulumi documentation I am unsure on one of the mandatory parameters to assign the right roles to the Service Account I am creating. Following the steps in the documentation I think I can use either IAMBinding or IAMMember to implement step 2. I think IAMMember would be the better fit, but anyway, both resources require me to specify a parameter member(s). As their is no documentation on this param I would assume that I have to pass in the same value as for the parameter serviceAccountId, or?
Found the solution: member expects a value in the following format:
Copy code
<account-type>:<account-email> e.g.
Is there any easy way to contribute this to the Pulumi documentation?