Remove iam_roles from service accounts, folder and organization modules

2020-10-21 09:37:05 +02:00
parent 66942cc5c6
commit 85fda5b1fe
18 changed files with 15 additions and 72 deletions
--- a/modules/organization/main.tf
+++ b/modules/organization/main.tf
@@ -37,7 +37,7 @@ resource "google_organization_iam_custom_role" "roles" {
 }

 resource "google_organization_iam_binding" "authoritative" {
-  for_each = toset(var.iam_roles)
+  for_each = toset(keys(var.iam_members))
  org_id   = var.org_id
  role     = each.value
  members  = lookup(var.iam_members, each.value, [])