strong-intern-84363
05/13/2022, 11:14 PMsarolebinding = gcp.projects.IAMBinding(
f"sa-role-binding-{self.projectName}-owner",
role=self.role,
project=self.project.name,
members=[f"serviceAccount:{self.service_account.email}"],
)
return sarolebinding
This fails with the following error
Request `Set IAM Binding for role "projects/app-burger-nonprod-wzj/roles/projectOwner" on "project \"app-burger-nonprod-wzj\""` returned error: Error applying IAM policy for project "app-burger-nonprod-wzj": Error setting IAM policy for project "app-burger-nonprod-wzj": googleapi: Error 400: Invalid service account (<pulumi.output.Output object at 0x7fbf29648640>)., badRequest
Looks like the service_account.email field is wrong.
How can I refer to the email of the newly created service account and use it as the value of the members arguments ?
Thanks for reading, have a nice day.billowy-army-68599
strong-intern-84363
05/13/2022, 11:24 PMbillowy-army-68599
strong-intern-84363
05/13/2022, 11:35 PMbillowy-army-68599
strong-intern-84363
05/13/2022, 11:45 PMbillowy-army-68599
strong-intern-84363
05/14/2022, 12:14 PM