No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I had to do something similar but for a different resource (kubernetes SA), wrap the entire IAM policy creation statement inside an apply, that way you’ll get the email as a string and will be able to pass it to the method without issue

BTW, if it’s an SA, the email needs to be preceded with `serviceAccount:` instead of `user:` in the bindings

I can provide a go sample of this if you want

<@U014T15JGRE> thanks for the advice, I'll give it a shot!