Assigning multiple roles to the single custom service account in GCP

Hello All,

I am using below code for the ‘Assigning multiple roles to the single custom service account in GCP’

data “google_iam_policy” “admin” {
binding {
role = “roles/bigquery.dataEditor”
members = [
“serviceAccount: ${google_service_account.sa.email}”,
]
}
}

resource “google_service_account” “sa” {
account_id = “etl-serviceaccount-id”
display_name = “A custom service account”
}

resource “google_service_account_iam_policy” “admin-account-iam” {
service_account_id = google_service_account.sa.name
policy_data = data.google_iam_policy.admin.policy_data
}

But I am getting below error, please help me in this, thank you so much in advance for the help:

Error: Error setting IAM policy for service account ‘projects/pune-powerhouse-etl/serviceAccounts/etl-serviceaccount-id@pune-powerhouse-etl.iam.gserviceaccount.com’: googleapi: Error 400: Role roles/bigquery.dataEditor is not supported for this resource., badRequest

resource “google_service_account” “sa-name” {
account_id = “sa-name”
display_name = “SA”
}

resource “google_project_iam_binding” “firestore_owner_binding” {
project = “project-name”
role = “roles/datastore.owner”
members = [
“serviceAccount:sa-name@project-name.iam.gserviceaccount.com”,
]
depends_on = [google_service_account.sa-name]
}

resource “google_project_iam_binding” “dataflow_admin_binding” {
project = “project-name”
role = “roles/dataflow.admin”
members = [
“serviceAccount:sa-name@project-name.iam.gserviceaccount.com”,
]
depends_on = [google_service_account.sa-name]
}