IAM user accounts should not have permissions directly granted to the user as it is best practice to use role-based access control in the case of cloud services. For more information on roles and permissions, see the GCP documentation.
References:
https://cloud.google.com/iam/docs/roles-overview
In GCP Console -
In Terraform -
References:
https://cloud.google.com/iam/docs/granting-changing-revoking-access
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam