github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/google/iam/AVD-GCP-0008/Terraform.md (about) 1 2 Use specialised service accounts for specific purposes. 3 4 ```hcl 5 resource "google_service_account" "test" { 6 account_id = "account123" 7 display_name = "account123" 8 } 9 10 resource "google_organization_iam_member" "org-123" { 11 org_id = "org-123" 12 role = "roles/whatever" 13 member = "serviceAccount:${google_service_account.test.email}" 14 } 15 16 ``` 17 18 #### Remediation Links 19 - https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_organization_iam 20 21 - 22