Unable to provide conditional access to a service account on a project using DM

I have the following yaml :

```
resources:
- name: bind-iam-policy-secret-accessor
  type: gcp-types/cloudresourcemanager-v1:virtual.projects.iamMemberBinding
  properties: 
    resource: myprojectA
    role: roles/secretmanager.secretAccessor
    member: "serviceAccount:sandeep@myproject.iam.gserviceaccount.com"
```

The above works out but the one below with a conditional access fails : 

```
resources:
- name: bind-iam-policy-secret-accessor
  type: gcp-types/cloudresourcemanager-v1:virtual.projects.iamMemberBinding
  properties: 
    resource: myprojectA
    role: roles/secretmanager.secretAccessor
    member: "serviceAccount:sandeep@myproject.iam.gserviceaccount.com"
    condition: "resource.name.extract('/secrets/{name}').startsWith('sandeep-')"
```
    

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Unable to provide conditional access to a service account on a project using DM #684

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Unable to provide conditional access to a service account on a project using DM #684

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions