Skip to content

Commit

Permalink
add-iam-policy-binding should specify --condition explicitly (#50)
Browse files Browse the repository at this point in the history
  • Loading branch information
@kitagry
kitagry authored Feb 15, 2023
1 parent 215b3e2 commit 6e0dbcd
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions bqrole/project.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,8 +121,9 @@ func grantProjectRole(project, user, role string, policy *ProjectPolicy) error {
member = "user:" + user
}

cmd := fmt.Sprintf("gcloud projects add-iam-policy-binding %s --member %s --role %s", project, member, role)
if err := exec.Command("bash", "-c", cmd).Run(); err != nil {
cmd := exec.Command("gcloud", "projects", "add-iam-policy-binding", project, "--member", member, "--role", role, "--condition=None")
cmd.Stderr = os.Stderr
if err := cmd.Run(); err != nil {
return fmt.Errorf("failed to update policy bindings to grant %s %s: %s\n%s", user, role, err, err.(*exec.ExitError).Stderr)
}

Expand Down

0 comments on commit 6e0dbcd

Please sign in to comment.