resource "aws_iam_user" "terraform" { name = "terraform" } resource "aws_s3_bucket" "tfstate" { bucket = "0rng-terraform" } resource "aws_s3_bucket_versioning" "tfstate" { bucket = aws_s3_bucket.tfstate.id versioning_configuration { status = "Enabled" } } resource "aws_s3_bucket_server_side_encryption_configuration" "tfstate" { bucket = aws_s3_bucket.tfstate.bucket rule { apply_server_side_encryption_by_default { sse_algorithm = "AES256" } } } resource "aws_s3_bucket_lifecycle_configuration" "tfstate" { bucket = aws_s3_bucket.tfstate.id rule { id = "Delete old non-current versions" status = "Enabled" noncurrent_version_expiration { noncurrent_days = 30 } } } resource "aws_s3_bucket_acl" "tfstate" { bucket = aws_s3_bucket.tfstate.id acl = "private" } resource "aws_iam_user_policy" "modify-terraform-user" { name = "modify-terraform-user" user = aws_iam_user.terraform.name policy = <