diff --git a/CHANGELOG.md b/CHANGELOG.md
index bbb1d6c..1322723 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,14 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [0.3.1] - 2025-05-29
+
+[Compare with previous version](https://github.com/sparkfabrik/terraform-google-gcp-gitlab-wif/compare/0.3.0...0.3.1)
+
+### Changed
+
+- Change `google_service_account_iam_binding` to `google_service_account_iam_member` for the role `roles/iam.workloadIdentityUser` to the desired service account to avoid issues with multiple bindings for the same role (e.g., when using the Workload Identity Federation for GKE clusters).
+
 ## [0.3.0] - 2025-05-29
 
 [Compare with previous version](https://github.com/sparkfabrik/terraform-google-gcp-gitlab-wif/compare/0.2.0...0.3.0)
diff --git a/README.md b/README.md
index 4d28e6b..a15c50f 100644
--- a/README.md
+++ b/README.md
@@ -77,7 +77,7 @@ You can refer to the official [GitLab documentation](https://docs.gitlab.com/ci/
 | [google_secret_manager_secret.secrets](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret) | resource |
 | [google_secret_manager_secret_iam_member.secrets](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret_iam_member) | resource |
 | [google_service_account.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account) | resource |
-| [google_service_account_iam_binding.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account_iam_binding) | resource |
+| [google_service_account_iam_member.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account_iam_member) | resource |
 | [random_id.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
 | [google_project.project](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/project) | data source |
 | [google_service_account.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/service_account) | data source |
diff --git a/main.tf b/main.tf
index 4dd689d..ad24dc4 100644
--- a/main.tf
+++ b/main.tf
@@ -67,11 +67,8 @@ data "google_service_account" "this" {
   account_id = var.gcp_existing_service_account_account_id
 }
 
-resource "google_service_account_iam_binding" "this" {
+resource "google_service_account_iam_member" "this" {
   service_account_id = local.sa_name
   role               = "roles/iam.workloadIdentityUser"
-
-  members = [
-    local.principal_set
-  ]
+  member             = local.principal_set
 }