How do I bind `roles/bigquery.jobUser` to a GCP project in terraform?

I'm trying to run a query in BigQuery, and am getting:

google.api_core.exceptions.Forbidden: 403 POST https://bigquery.googleapis.com/bigquery/v2/projects/my-project/jobs?prettyPrint=false: Access Denied: Project my-project: User does not have bigquery.jobs.create permission in project my-project.

So, I need to give my service account the BigQuery Job User role in my-project.

Initially, I thought that I would bind it to the dataset so wrote the following, but the binding needs to go to the project. However, in the terraform docs for the google provider I can't see a similar pattern for binding things to projects.

Here's what I had when I thought it was bound to the dataset:

resource "google_bigquery_dataset_iam_binding" "dataset_job_user" {
  dataset_id = google_bigquery_dataset.dataset.dataset_id
  role   = "roles/bigquery.user"
  members = [
    "serviceAccount:${google_service_account.my_service_account.email}"
  ]
}

How can I bind this role at the project level in terraform?

Because there's no top-level resource inteh sidebar of the docs, I had overlooked the project resource in the terraform provider. This has a corresponding google_project_iam_binding and needed to bind to this instead.

The correct terraform code is:

resource "google_project_iam_member" "project_bigquery_job_user" {
  project = "${var.project}"
  role    = "roles/bigquery.jobUser"
  members = [
    "serviceAccount:${google_service_account.my_service_account.email}"
  ]
}