Skip to content

Commit 42d93f1

Browse files
davidz627davidz627
committed
Remove old policy bindings so that setup-project is reentrant
1 parent fc8a07e commit 42d93f1

File tree

1 file changed

+3
-2
lines changed

1 file changed

+3
-2
lines changed

deploy/setup-project.sh

+3-2
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,11 @@ if [ -f $SA_FILE ]; then
1010
rm "$SA_FILE"
1111
fi
1212
gcloud iam service-accounts delete "$IAM_NAME" --quiet || true
13-
# TODO: Delete ALL policy bindings
13+
gcloud projects remove-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/compute.admin --quiet || true
14+
gcloud projects remove-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/iam.serviceAccountUser --quiet || true
1415

1516
# Create new Service Account and Keys
1617
gcloud iam service-accounts create "${GCEPD_SA_NAME}"
1718
gcloud iam service-accounts keys create "${SA_FILE}" --iam-account "${IAM_NAME}"
1819
gcloud projects add-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/compute.admin
19-
gcloud projects add-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/iam.serviceAccountUser
20+
gcloud projects add-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/iam.serviceAccountUser

0 commit comments

Comments
 (0)