rm unnecessary binding in config posture

sysdiglabs · Sep 16, 2024 · 420bf8b · 420bf8b
1 parent 1189524
commit 420bf8b
Showing 1 changed file with 0 additions and 10 deletions.
diff --git a/modules/config-posture/main.tf b/modules/config-posture/main.tf
@@ -29,15 +29,6 @@ resource "google_service_account" "posture_auth" {
   project      = var.project_id
 }
 
-resource "google_service_account_iam_binding" "posture_auth_binding" {
-  service_account_id = google_service_account.posture_auth.name
-  role               = "roles/iam.workloadIdentityUser"
-
-  members = [
-    "serviceAccount:${google_service_account.posture_auth.email}",
-  ]
-}
-
 #------------------------------------------------------------#
 # Configure Workload Identity Federation for auth            #
 # See https://cloud.google.com/iam/docs/access-resources-aws #
@@ -106,7 +97,6 @@ resource "sysdig_secure_cloud_auth_account_component" "google_service_principal"
   })
   depends_on = [
     google_service_account.posture_auth,
-    google_service_account_iam_binding.posture_auth_binding,
     google_iam_workload_identity_pool.posture_auth_pool,
     google_iam_workload_identity_pool_provider.posture_auth_pool_provider,
     google_project_iam_member.cspm,