Thanks for the reply.
I want to create a project by borrowing and running another SA's permissions instead of granting them directly to CloudBuildSA.

ok, you mentioned you are running your terraform scripts thru cloud build. is that with the use of a cloud build trigger? If that's the case, did you set the service account, to run the cloud build deployment, in the cloud build trigger settings? It's available at the bottom of the cloud build trigger setup form. Then it won't automatically use the cloud build SA when running your cloud build pipeline (FYI - I don't see the ability to set the service account in the gcloud cli command when running a build).

make sure that your service account you do use, has the required permissions to create the project. usually if a process fails due to permission issues, it will let you know what permissions are missing.

Yes you are right.
And I am using cloud build trigger.
I have tried both ways, with and without setting the service account in cloud build trigger settings.

The way I do it without setting the service account is as described above.
And the problem is also as written above.

The way not to set the service account is,
administrator@sample.iam.gseerviceaccount.com
I did this by setting the
However, I was able to set up the trigger, but I could not find the error code or the error message, so I did not include it in the question this time.

Hi @robertcarlos 

Thanks for the reply.

I reviewed everything as you said.
I also looked at the reference articles, but they didn't come close to solving my problem.
Is --verbosity=debug an option for the gcloud command? Or is it a terraform option?

Hi @noll_6451,

It's a gcloud command.

Hi, @robertcarlos 

terraform was running using cloud build SA.
What I was hoping to do was to borrow privileges to run a temporarily created service account.

A new question arose here.
If a user account borrows a service account and another service account borrows a service account

Are the required privileges the same?