rajtmana/rajtmana_gcp-terraform_iam_main.tf

## rajtmana_gcp-terraform_iam_main.tf
variable "gcp_project" {
  type    = "string"
  default = "proteen-12176181"
}

provider "google" {
  project = "${var.gcp_project}"
}

resource "google_service_account" "mservice_svc_sa" {
  account_id   = "mservice-svc-service-account"
  display_name = "Service Deployment Service Account"
}

resource "google_project_iam_custom_role" "mservice_svc_admin_role" {
  role_id     = "mservice_svc_admin_role"
  title       = "mservice_svc_admin_role"
  description = "Service Deployment Custom Role"

  permissions = [
    "container.apiServices.get",
    "container.apiServices.list",
    "container.clusters.get",
    "container.clusters.getCredentials",
  ]
}

resource "google_project_iam_binding" "mservice_svc_binding" {
  role = "projects/${var.gcp_project}/roles/${google_project_iam_custom_role.mservice_svc_admin_role.role_id}"

  members = [
    "serviceAccount:${google_service_account.mservice_svc_sa.email}",
  ]
}
	variable "gcp_project" {
	type = "string"
	default = "proteen-12176181"
	}

	provider "google" {
	project = "${var.gcp_project}"
	}

	resource "google_service_account" "mservice_svc_sa" {
	account_id = "mservice-svc-service-account"
	display_name = "Service Deployment Service Account"
	}

	resource "google_project_iam_custom_role" "mservice_svc_admin_role" {
	role_id = "mservice_svc_admin_role"
	title = "mservice_svc_admin_role"
	description = "Service Deployment Custom Role"

	permissions = [
	"container.apiServices.get",
	"container.apiServices.list",
	"container.clusters.get",
	"container.clusters.getCredentials",
	]
	}

	resource "google_project_iam_binding" "mservice_svc_binding" {
	role = "projects/${var.gcp_project}/roles/${google_project_iam_custom_role.mservice_svc_admin_role.role_id}"

	members = [
	"serviceAccount:${google_service_account.mservice_svc_sa.email}",
	]
	}