From 2d7f81cc25f86319953a136e2f068841cb4570ff Mon Sep 17 00:00:00 2001
From: Tyler Coyner <11138451+tcoyze@users.noreply.github.com>
Date: Wed, 23 Aug 2023 15:19:57 -0700
Subject: [PATCH] feat: add pubsub iam member for bigquery subscription dead
 letter topics

---
 main.tf | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/main.tf b/main.tf
index 2e80964..2a62e45 100644
--- a/main.tf
+++ b/main.tf
@@ -86,6 +86,18 @@ resource "google_pubsub_topic_iam_member" "pull_topic_binding" {
   ]
 }
 
+resource "google_pubsub_topic_iam_member" "bigquery_topic_binding" {
+  for_each = var.create_topic ? { for i in var.bigquery_subscriptions : i.name => i if try(i.dead_letter_topic, "") != "" } : {}
+
+  project = var.project_id
+  topic   = each.value.dead_letter_topic
+  role    = "roles/pubsub.publisher"
+  member  = "serviceAccount:${local.pubsub_svc_account_email}"
+  depends_on = [
+    google_pubsub_topic.topic,
+  ]
+}
+
 resource "google_pubsub_subscription_iam_member" "pull_subscription_binding" {
   for_each = var.create_subscriptions ? { for i in var.pull_subscriptions : i.name => i if try(i.dead_letter_topic, "") != "" } : {}
 
@@ -110,6 +122,18 @@ resource "google_pubsub_subscription_iam_member" "push_subscription_binding" {
   ]
 }
 
+resource "google_pubsub_subscription_iam_member" "bigquery_subscription_binding" {
+  for_each = var.create_subscriptions ? { for i in var.bigquery_subscriptions : i.name => i if try(i.dead_letter_topic, "") != "" } : {}
+
+  project      = var.project_id
+  subscription = each.value.name
+  role         = "roles/pubsub.subscriber"
+  member       = "serviceAccount:${local.pubsub_svc_account_email}"
+  depends_on = [
+    google_pubsub_subscription.bigquery_subscriptions,
+  ]
+}
+
 resource "google_pubsub_topic" "topic" {
   count                      = var.create_topic ? 1 : 0
   project                    = var.project_id