If you have multiple Google Cloud Projects and want to access your GCE VM images from a single project, you will need to grant each project access by adding a role to the Google APIs service account specific to each Project.

Confusingly this requires the use of the Project ID as opposed to the Project Name.

Note that using google_project_iam_member in Terraform will simply add that role to the service account in each Project. Be careful if you update this to use google_project_iam_binding or google_project_iam_policy as they are authoritative and may revoke existing roles from the service account if used incorrectly!

  • By: Andrew Kirkpatrick
  • In: Uncategorised
  • Under: