Hey lovely community ! Can someone help me to unde...
# getting-started
Hey lovely community ! Can someone help me to understand this ? Let’s imagine that I have a piece of code that creates a GCP service account, a custom role (both works fine) and a IAM Binding to assign this role to this service account (this one fails) Here is my IAM binding call
Copy code
sarolebinding = gcp.projects.IAMBinding(
        return sarolebinding
This fails with the following error
Copy code
Request `Set IAM Binding for role "projects/app-burger-nonprod-wzj/roles/projectOwner" on "project \"app-burger-nonprod-wzj\""` returned error: Error applying IAM policy for project "app-burger-nonprod-wzj": Error setting IAM policy for project "app-burger-nonprod-wzj": googleapi: Error 400: Invalid service account (<pulumi.output.Output object at 0x7fbf29648640>)., badRequest
Looks like the service_account.email field is wrong. How can I refer to the email of the newly created service account and use it as the value of the members arguments ? Thanks for reading, have a nice day.