The "for_each" value depends on resource attributes that cannot be determined until apply

@jkemsley,

While valid, the drawback to your approach is that you are directly coupling the resource instances to the order of the values in service_account_emails. This means that any change to the order will destroy and recreate the resources, and adding or removing any values from the list will destroy and recreate all values later in the list. What you have is exactly equivalent to count, only formatting the indexes as strings:

resource "google_storage_bucket_iam_member" "configuration_access" {
  count =  length(local.service_account_emails)
  bucket   = google_storage_bucket.configuration_bucket.name
  member   = "serviceAccount:${local.service_account_emails[count.index]}"
  role     = "roles/storage.admin"
}