github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/google/iam/AVD-GCP-0007/Terraform.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/google/iam/AVD-GCP-0007/Terraform.md (about)

     1  
     2  Limit service account access to minimal required set
     3  
     4  ```hcl
     5   resource "google_service_account" "test" {
     6   	account_id   = "account123"
     7   	display_name = "account123"
     8      email        = "jim@tfsec.dev"
     9   }
    10   
    11   resource "google_project_iam_member" "project" {
    12   	project = "your-project-id"
    13   	role    = "roles/logging.logWriter"
    14   	member  = "serviceAccount:${google_service_account.test.email}"
    15   }
    16   			
    17  ```
    18  
    19  #### Remediation Links
    20   - https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam
    21