This module manages custom IAM roles in Google Cloud Platform.
- Manage roles at the organization or project level
- Include permissions from existing roles
- Exclude permissions
- Manage multiple roles at once
Basic usage of this module is as follows:
module "example" {
source = "notablehealth/<module-name>/google"
# Recommend pinning every module to a specific version
# version = "x.x.x"
# Required variables
target_id =
}| Name | Version |
|---|---|
| terraform | >= 1.3.7 |
| >= 4.51.0 |
| Name | Version |
|---|---|
| 4.68.0 |
No modules.
| Name | Type |
|---|---|
| google_organization_iam_custom_role.self | resource |
| google_project_iam_custom_role.self | resource |
| google_iam_role.self | data source |
| google_iam_testable_permissions.unsupported_permissions | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| roles | Role objects to manage | list(object({ |
[] |
no |
| target_id | The id of the target resource (organization or project) ID) | string |
n/a | yes |
| target_level | The level at which to create the custom role (organization or project)) | string |
"project" |
no |
| Name | Description |
|---|---|
| data_roles | Included roles details |
| exclude_permissions | Requested permissions to exclude |
| exclude_permissions_unsupported | Unsupported permissions to exclude |
| include_permissions | Requested permissions to include |
| include_roles | Include roles to get permissions from |
| permissions | Actual permissions to grant |
| roles | Managed roles |