diff --git a/5-appinfra/modules/cicd-pipeline/main.tf b/5-appinfra/modules/cicd-pipeline/main.tf
index f8f72f9cd..57fb9a3d2 100644
--- a/5-appinfra/modules/cicd-pipeline/main.tf
+++ b/5-appinfra/modules/cicd-pipeline/main.tf
@@ -17,6 +17,20 @@ data "google_project" "project" {
   project_id = var.project_id
 }
 
+resource "google_project_service_identity" "cloudbuild_service_identity" {
+  provider = google-beta
+
+  project = var.project_id
+  service = "cloudbuild.googleapis.com"
+}
+
+resource "google_project_service_identity" "compute_service_identity" {
+  provider = google-beta
+
+  project = var.project_id
+  service = "compute.googleapis.com"
+}
+
 resource "google_sourcerepo_repository" "app_repo" {
   project = var.project_id
   name    = var.repo_name
diff --git a/5-appinfra/modules/cicd-pipeline/project-iam-bindings.tf b/5-appinfra/modules/cicd-pipeline/project-iam-bindings.tf
index 068d362ee..0e90cd0e2 100644
--- a/5-appinfra/modules/cicd-pipeline/project-iam-bindings.tf
+++ b/5-appinfra/modules/cicd-pipeline/project-iam-bindings.tf
@@ -30,21 +30,21 @@ module "project-iam-bindings" {
 
   bindings = {
     "roles/cloudtrace.agent" = [
-      "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com"
+      google_project_service_identity.compute_service_identity.member
     ],
     "roles/monitoring.metricWriter" = [
-      "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com"
+      google_project_service_identity.compute_service_identity.member
     ],
     "roles/logging.logWriter" = setunion(
       [
-        "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com",
+        google_project_service_identity.compute_service_identity.member,
         "serviceAccount:${google_service_account.cloud_deploy.email}"
       ],
       local.cloud_build_sas
     ),
     "roles/cloudbuild.builds.builder" = setunion(
       [
-        "serviceAccount:${data.google_project.project.number}@cloudbuild.gserviceaccount.com",
+        google_project_service_identity.cloudbuild_service_identity.member,
       ],
       local.cloud_build_sas
     ),
diff --git a/examples/standalone_single_project/3-fleetscope.tf b/examples/standalone_single_project/3-fleetscope.tf
index 97830a80a..dfc365fc4 100644
--- a/examples/standalone_single_project/3-fleetscope.tf
+++ b/examples/standalone_single_project/3-fleetscope.tf
@@ -35,4 +35,5 @@ module "fleetscope_infra" {
   fleet_project_id       = local.fleet_project_id
   namespace_ids          = var.teams
   cluster_membership_ids = module.multitenant_infra.cluster_membership_ids
+  depends_on = [ module.multitenant_infra ]
 }
diff --git a/examples/standalone_single_project/5-appinfra.tf b/examples/standalone_single_project/5-appinfra.tf
index 272922484..601b59a2e 100644
--- a/examples/standalone_single_project/5-appinfra.tf
+++ b/examples/standalone_single_project/5-appinfra.tf
@@ -45,4 +45,5 @@ module "cicd" {
   app_build_trigger_yaml = "cloudbuild.yaml"
 
   buckets_force_destroy = true
+  depends_on = [ module.fleetscope_infra ]
 }
\ No newline at end of file