Terraform google_project_iam_binding deletes GCP compute engine default service account from IAM principals

terraform google-cloud-platform service-accounts terraform-provider-gcp gcp-iam

Solution 1:

You can restore the service accounts using the “gcloud beta iam service-accounts undelete” command.

If you accidentally delete a service account, you can try to undelete the service account instead of creating a new service account.

Please review this link if you need more info. You may notice that in order to restore a deleted account you may need the 21 digit unique ID. If you do not have this ID for the account, you could try this command :

gcloud logging read --freshness=30d --format='table(timestamp,resource.labels.email_id,resource.labels.project_id,resource.labels.unique_id)' protoPayload.methodName="google.iam.admin.v1.DeleteServiceAccount" resource.type="service_account" logName:"cloudaudit.googleapis.com%2Factivity"'

or this command:

gcloud logging read --freshness=30d protoPayload.methodName="google.iam.admin.v1.DeleteServiceAccount" | grep 'email_id|unique_id'

Related

Items recompose during scrolling list
Load file system icon at runtime C#
Laravel Database Foreign Key Constraints not working
Retrieving the position of the PlayerEntity class (Fabric)
How do i remove non vowels from a given string
store Perl hash data in a database
Which preferred IDE for Office JS Excel addins
python -m pip install neo4j throws a SyntaxError: invalid syntax [duplicate]
"No exported member" error when trying to add & { session: Express.Session } to type MyContext when following React, Express and Typescript tutorial
Reducing Babylon CDN load size to increase site loading side speed
In Javascript, when opening a file via an "input file" button, is the entire file read into memory
Django - Uploaded image gets saved twice: under original and validated name