This optional module is used to assign subnet roles
module "subnet-iam-bindings" {
source = "terraform-google-modules/iam/google//modules/subnets_iam"
subnets = ["my-subnet_one", "my-subnet_two"]
subnets_region = "my-region"
project = "my-project"
mode = "authoritative"
bindings = {
"roles/compute.networkUser" = [
"serviceAccount:my-sa@my-project.iam.gserviceaccount.com",
"group:my-group@my-org.com",
"user:my-user@my-org.com",
]
"roles/compute.networkViewer" = [
"serviceAccount:my-sa@my-project.iam.gserviceaccount.com",
"group:my-group@my-org.com",
"user:my-user@my-org.com",
]
}
}
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| bindings | Map of role (key) and list of members (value) to add the IAM policies/bindings | map(list(string)) | n/a | yes |
| mode | Mode for adding the IAM policies/bindings, additive and authoritative | string | "additive" |
no |
| project | Project to add the IAM policies/bindings | string | "" |
no |
| subnets | Subnetwork list to add the IAM policies/bindings | list(string) | <list> |
no |
| subnets_region | Subnetworks region | string | n/a | yes |
| Name | Description |
|---|---|
| members | Members which were bound to the Subnetwork. |
| roles | Roles which were assigned to members. |
| subnets | Subnetworks which received bindings. |