diff --git a/tp-cloud/terraform/modules/iam/main.tf b/tp-cloud/terraform/modules/iam/main.tf
index 3928621..aea1a5e 100644
--- a/tp-cloud/terraform/modules/iam/main.tf
+++ b/tp-cloud/terraform/modules/iam/main.tf
@@ -1,28 +1,25 @@
 resource "google_service_account" "terraform_sa" {
-  account_id   = "${var.projet_main}-tf-sa"
-  project      = var.projet_main
-  display_name = "Terraform service account for ${var.project}"
-}
-
-resource "google_project_iam_member" "sa_compute_admin" {
-  project = var.projet_main
-  role    = "roles/compute.instanceAdmin.v1"
-  member  = "serviceAccount:${google_service_account.terraform_sa.email}"
-}
-
-resource "google_project_iam_member" "sa_os_login" {
-  project = var.projet_main
-  role    = "roles/compute.osLogin"
-  member  = "serviceAccount:${google_service_account.terraform_sa.email}"
+  account_id   = "terraform"
+  display_name = "Service Account pour Terraform Automation"
 }
 
 resource "google_service_account_key" "terraform_sa_key" {
   service_account_id = google_service_account.terraform_sa.name
+  public_key_type    = "TYPE_X509_PEM_FILE"
 }
 
-resource "google_project_metadata" "oslogin" {
-  project = var.projet_main
-  metadata = {
-    enable-oslogin = "TRUE"
-  }
+resource "google_project_iam_binding" "terraform_viewer" {
+  project = var.project_id
+  role    = "roles/viewer"
+
+  members = [
+    "serviceAccount:${google_service_account.terraform_sa.email}",
+  ]
+}
+
+data "google_client_openid_userinfo" "me" {}
+
+resource "google_os_login_ssh_public_key" "my_ssh_key" {
+  user = data.google_client_openid_userinfo.me.email
+  key  = file("~/.ssh/id_ed25519.pub")
 }
diff --git a/tp-cloud/terraform/modules/iam/outputs.tf b/tp-cloud/terraform/modules/iam/outputs.tf
index 15a3525..64edad5 100644
--- a/tp-cloud/terraform/modules/iam/outputs.tf
+++ b/tp-cloud/terraform/modules/iam/outputs.tf
@@ -1,9 +1,9 @@
 output "service_account_email" {
-  value = google_service_account.terraform_sa.email
+  value       = google_service_account.terraform_sa.email
 }
 
 output "service_account_key" {
-  value     = google_service_account_key.terraform_sa_key.private_key
-  sensitive = true
+  value       = google_service_account_key.terraform_sa_key.private_key
+  sensitive   = true
 }
 
diff --git a/tp-cloud/terraform/modules/iam/variables.tf b/tp-cloud/terraform/modules/iam/variables.tf
index ab3e203..077c509 100644
--- a/tp-cloud/terraform/modules/iam/variables.tf
+++ b/tp-cloud/terraform/modules/iam/variables.tf
@@ -1,5 +1,4 @@
 variable "projet_name" {
-  description = "GCP project id"
   type        = string
   default     = "projet-hugo-478713"
 }