I'd like to grant multiple Bigquery user roles to multiple service accounts.
With for_each in Terraform, I can only use 1 variable. How can I use 2 for_each in one resource. Below is the code I tried:
main.tf has below:
resource "google_project_iam_member" "bq_access" {
for_each = toset(var.bigquery_user_role_list)
project = var.project
role = [ for role in var.bq_roles : "${role}" ]
member = each.value
}
variables.tf has below:
variable "bigquery_user_role_list" {}
variable "bq_roles" {
type = set(string)
default = ["roles/bigquery.viewer",
"roles/bigquery.reader"
]
}
Error:
role = [ for role in var.bq_roles : "${role}" ]
var.bq_roles is set of string with 2 elements
Inappropriate value for attribute "role": string required.