From b8390bda9b445cc44c30482b2c52cc2e533d53d9 Mon Sep 17 00:00:00 2001
From: Tymofii Polekhin <tpolekhin@users.noreply.github.com>
Date: Fri, 13 Nov 2020 22:03:37 +0200
Subject: [PATCH] feat: Use non-authoritative iam binding for subscription
 (#46)

Fixes #44
---
 main.tf | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/main.tf b/main.tf
index 1f70326..ecfce5c 100644
--- a/main.tf
+++ b/main.tf
@@ -54,27 +54,23 @@ resource "google_pubsub_topic_iam_member" "pull_topic_binding" {
   ]
 }
 
-resource "google_pubsub_subscription_iam_binding" "pull_subscription_binding" {
+resource "google_pubsub_subscription_iam_member" "pull_subscription_binding" {
   count        = var.create_topic ? length(var.pull_subscriptions) : 0
   project      = var.project_id
   subscription = var.pull_subscriptions[count.index].name
   role         = "roles/pubsub.subscriber"
-  members = [
-    "serviceAccount:${local.pubsub_svc_account_email}",
-  ]
+  member       = "serviceAccount:${local.pubsub_svc_account_email}"
   depends_on = [
     google_pubsub_subscription.pull_subscriptions,
   ]
 }
 
-resource "google_pubsub_subscription_iam_binding" "push_subscription_binding" {
+resource "google_pubsub_subscription_iam_member" "push_subscription_binding" {
   count        = var.create_topic ? length(var.push_subscriptions) : 0
   project      = var.project_id
   subscription = var.push_subscriptions[count.index].name
   role         = "roles/pubsub.subscriber"
-  members = [
-    "serviceAccount:${local.pubsub_svc_account_email}",
-  ]
+  member       = "serviceAccount:${local.pubsub_svc_account_email}"
   depends_on = [
     google_pubsub_subscription.push_subscriptions,
   ]