Bigtable: Refer to a functional role for bigtable (#3811) (#2328)

modular-magician · DeviaVir · web-flow · commit d8b947c49d03 · 2020-08-03T13:58:27.000-07:00
Using `roles/editor` returns the following error:
```
Error: Error setting IAM policy for Bigtable Instance XXX/XXXbigtable-instance: googleapi: Error 400: Role (roles/editor) does not exist in the resource's hierarchy., badRequest
```

Co-authored-by: Chase &lt;chase@sillevis.net&gt;
Signed-off-by: Modular Magician &lt;magic-modules@google.com&gt;

Co-authored-by: Chase &lt;chase@sillevis.net&gt;
diff --git a/.changelog/3811.txt b/.changelog/3811.txt
@@ -0,0 +1,3 @@
+```release-note:none
+
+```
diff --git a/website/docs/r/bigtable_instance_iam.html.markdown b/website/docs/r/bigtable_instance_iam.html.markdown
@@ -24,7 +24,7 @@ Three different resources help you manage IAM policies on bigtable instances. Ea
 ```hcl
 data "google_iam_policy" "admin" {
   binding {
-    role = "roles/editor"
+    role = "roles/bigtable.user"
     members = [
       "user:jane@example.com",
     ]
@@ -43,7 +43,7 @@ resource "google_bigtable_instance_iam_policy" "editor" {
 ```hcl
 resource "google_bigtable_instance_iam_binding" "editor" {
   instance = "your-bigtable-instance"
-  role     = "roles/editor"
+  role     = "roles/bigtable.user"
   members = [
     "user:jane@example.com",
   ]
@@ -55,7 +55,7 @@ resource "google_bigtable_instance_iam_binding" "editor" {
 ```hcl
 resource "google_bigtable_instance_iam_member" "editor" {
   instance = "your-bigtable-instance"
-  role     = "roles/editor"
+  role     = "roles/bigtable.user"
   member   = "user:jane@example.com"
 }
 ```
@@ -79,7 +79,7 @@ For `google_bigtable_instance_iam_member` or `google_bigtable_instance_iam_bindi
 
 * `role` - (Required) The role that should be applied. Only one
     `google_bigtable_instance_iam_binding` can be used per role. Note that custom roles must be of the format
-    `[projects|organizations]/{parent-name}/roles/{role-name}`.
+    `[projects|organizations]/{parent-name}/roles/{role-name}`. Read more about roles [here](https://cloud.google.com/bigtable/docs/access-control#roles).
 
 `google_bigtable_instance_iam_policy` only:
 * `policy_data` - (Required) The policy data generated by a `google_iam_policy` data source.
