Merge pull request #33 from charlieegan3/remove-extra-iam-member

Remove surplus iam member

Author: jetstack-bot

deployment/terraform/gke-datagatherer/googlecloud-scanner-serviceaccount.tf

@@ -18,7 +18,7 @@ provider "google" {
 resource "google_service_account" "preflight_scanner_service_account" {
   account_id   = "preflight-scanner"
   display_name = "Service account for getting cluster information with workload identity"
-  project = var.scanner_gcp_project_id
+  project      = var.scanner_gcp_project_id
 }
 
 resource "google_project_iam_member" "preflight_scanner_cluster_viewer" {
@@ -30,6 +30,7 @@ resource "google_project_iam_member" "preflight_scanner_cluster_viewer" {
 resource "google_project_iam_binding" "preflight_scanner_workload_identity" {
   project = var.scanner_gcp_project_id
   role    = "roles/iam.workloadIdentityUser"
-  members = ["serviceAccount:${var.scanner_gcp_project_id}.svc.id.goog[preflight-scanner/preflight-scanner]",
-    "serviceAccount:${google_service_account.preflight_scanner_service_account.email}"]
+  members = [
+    "serviceAccount:${var.scanner_gcp_project_id}.svc.id.goog[preflight-scanner/preflight-scanner]",
+  ]
 }

deployment/terraform/results-bucket/googlecloud-reports-bucket-scanner-sa.tf

@@ -20,5 +20,5 @@ resource "google_service_account_key" "preflight-scanner-reports-writter-key" {
 
 resource "local_file" "preflight-scanner-reports-writter-key-file" {
   sensitive_content = base64decode(google_service_account_key.preflight-scanner-reports-writter-key.private_key)
-  filename = "${path.module}/../../kubernetes/overlays/scanner/secrets/credentials.json"
+  filename          = "${path.module}/../../kubernetes/overlays/scanner/secrets/credentials.json"
 }