google_project_iam_custom_role should be given a role_id_prefix field to make management easier.

[james-lawrence]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment. If the issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If the issue is assigned to a user, that user is claiming responsibility for the issue. If the issue is assigned to "hashibot", a community member has claimed the issue already.

Description

google_project_iam_custom_role documents the role management issue with soft deletes. which is nice and all but doesn't improve the experience of managing roles.

effectively this solves the error from occurring when doing a destroy / apply cycle.

propose a role_id_prefix field is added like in various other resources to generate a random suffix. currently managing this manually using a random_id but be nice to just have it builtin to the resource.

New or Affected Resource(s)

google_project_iam_custom_role

Potential Terraform Configuration

resource "google_project_iam_custom_role" "default" {
role_id_prefix = "my_role_"
title = "my role"
}

b/308569543

[rileykarson]

Note: this is just a slightly different name for name_prefix, given the field's called role_id

[danil-smirnov]

Faced the same issue since

After the role has been permanently deleted, up to 44 days after the initial deletion request, you can create a new role using the same role ID.

See https://cloud.google.com/iam/docs/creating-custom-roles#deleting-custom-role