GDPR and iframes


i am currently working on making my OmekaS instance GDPR compliant.

I installed the Eucookie bar module that i modified to use tarteaucitron, and allow users to block our 1 (One) tracker: matomo; but then it dawned on me that we used iframes from other services.

For instance, we have youtube videos served from an Iframe that bring trackers with them. Some services will display their own cookie management solution from the iframe, but i have a responsibility in blocking them first right ?

For that, it seems that the iframe itself needs to be modified, which really complicates everything.

Has anyone managed to confidently implement GDPR on their website, and particularly with iframes ?