GCP Service Account Access

joshua.hong · December 30, 2024, 2:08am

I’m looking for a way to grant a GCP service account permission to access another service account specifically.

Say we have service account X and service account Y. My goal is to give X access to act as Y, but ONLY as Y. This means I don’t want to provide X with a project wide ServiceAccountUser permission. In the Google Console UI, you can navigate to service account Y and grant specific permission to service account X to accomplish this but I can’t seem to find any resource to replicate this in Terraform making it hard to create/import.

brucelok · January 2, 2025, 5:00am

I believe the google_service_account_iam_member may help

joshua.hong · January 2, 2025, 6:40pm

Thanks everyone, I overlooked the google_service_account_iam_member resource. The google_service_account_iam_binding seems like it should work as well.

Topic		Replies	Views
GCP service account Terraform	0	159	June 24, 2021
Error creating service account with Terraform Terraform	1	1320	July 1, 2021
Creating service account through Cloud build app (GITHUB) with Terraform Google	1	1213	February 12, 2020
Is there an example of importing an service account from provider google upon building Terraform	0	212	February 12, 2020
GCP users management from different config dirs Terraform	0	201	July 21, 2020

GCP Service Account Access

Related topics