github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/google/platform/AVD-GCP-0007/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/google/platform/AVD-GCP-0007/Terraform.md (about)

     1  
     2  Limit service account access to minimal required set
     3  
     4  ```hcl
     5  resource "google_service_account" "test" {
     6    account_id   = "account123"
     7    display_name = "account123"
     8  }
     9  
    10  resource "google_project_iam_member" "project" {
    11    project = "your-project-id"
    12    role    = "roles/logging.logWriter"
    13    member  = "serviceAccount:${google_service_account.test.email}"
    14  }
    15  ```
    16  
    17  #### Remediation Links
    18   - https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam
    19