No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

It shouldn’t be a problem - if you create a bucket using pulumi and pass the created `Bucket` object (in TS/python etc.) to the next object (`BucketIAMBinding`), it should implicitly create a dependency graph. In other words, bucket must exist before the code responsible for setting up IAM is executed:

```    bucket_name = "my-bucket-name"

    bucket = gcp.storage.Bucket(
        bucket_name,
        location="EU",
        uniform_bucket_level_access=True,
    )
    gcp.storage.BucketIAMBinding(
        f"{bucket_name}-allusers-storage-legacyobjectreader",
=&gt;      bucket=bucket.name,
        role="roles/storage.legacyObjectReader",
        members=["allUsers"],
    )```

Additionally, take a closer look at the differences among: `BucketIAMPolicy`, `BucketIAMBinding` and `BucketIAMMember`, especially the part regarding authoritative vs non-authoritative:
<https://www.pulumi.com/registry/packages/gcp/api-docs/storage/bucketiambinding/#bucketiambinding>

I'm not sure all of these are present in the new `gcp-native` provider are they?

I might just roll back to the `gcp` one until I'm sure about this

Oh… I have no experience with `gcp-native` so I won’t help with that. I’m still using classic gcp provider.

I've done it ages ago with the old `gcp` one, but we never used that pulumi stack in the end

I'll switch back anyways. I'd rather roll with something I know works and hopefully docs, etc. will improve on the new one