No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Does anyone know how to bind a GKE workload identity service account to firestore in Pulumi? The firestore API is pretty limited compared to the other products: <https://www.pulumi.com/docs/reference/pkg/gcp/firestore/>

Was able to figure it out using project binding, in case anyone else needs it (python):
```firestore_iam = gcp.projects.IAMBinding(
    resource_name="firestore-binding",
    project=project,
    role="roles/datastore.owner",
    members=[gcp_sa.email.apply(lambda email: f"serviceAccount:{email}")],
    opts=pulumi.ResourceOptions(provider=gcp_provider),
)```