👀 Views: 1 💬 Answers: 1 📅 Created: 2025-06-08

terraform google-cloud-platform cloud-run HCL

Does anyone know how to I'm sure I'm missing something obvious here, but After trying multiple solutions online, I still can't figure this out... I'm trying to deploy a Google Cloud Run service using Terraform, but I'm working with an 'Invalid Argument' behavior related to service account permissions. Here's the relevant portion of my Terraform configuration: ```hcl provider "google" { project = "my-gcp-project" region = "us-central1" } resource "google_service_account" "cloud_run_sa" { account_id = "cloud-run-sa" display_name = "Cloud Run Service Account" } resource "google_cloud_run_service" "my_service" { name = "my-service" location = "us-central1" template { spec { containers { image = "gcr.io/my-gcp-project/my-image:latest" ports { container_port = 8080 } } service_account_name = google_service_account.cloud_run_sa.email } } } ``` When I run `terraform apply`, I get the following behavior message: ``` behavior: behavior creating CloudRunService "my-service": googleapi: behavior 400: Invalid argument: The service account 'cloud-run-sa@my-gcp-project.iam.gserviceaccount.com' is not enabled for this service., invalid ``` I've ensured that the service account exists and that it has the `roles/run.admin` and `roles/iam.serviceAccountUser` roles assigned to it. I also tried enabling the Cloud Run API and checked the IAM settings to confirm the service account permissions are correct, yet the behavior continues. I even attempted recreating the service account and redeploying, but nothing seems to work. Any insights on what might be causing this behavior or how to debug it further would be appreciated! For context: I'm using Hcl on Linux. What's the best practice here? Thanks for any help you can provide!