Module fails when policy admin IAM role is missing

Question

Module fails when policy admin IAM role is missing

Closed this issue 5 years ago · 0 comments

Module vpc_service_control_organizational_access_policy failed in infra setup because role roles/accesscontextmanager.policyAdmin was missing. Per https://registry.terraform.io/modules/terraform-google-modules/vpc-service-controls/google/0.1.0 this role needs to be assigned to user that runs Terraform.

gcloud organizations add-iam-policy-binding ORGANIZATION_ID \ --member="serviceAccount:example@project_id.iam.gserviceaccount.com" \ --role="roles/accesscontextmanager.policyAdmin"