28 lines
592 B
HCL
28 lines
592 B
HCL
resource "aws_iam_user" "rclone" {
|
|
name = "rclone"
|
|
}
|
|
|
|
resource "aws_iam_user_policy" "read-terraform-state" {
|
|
name = "read-terraform-state"
|
|
user = aws_iam_user.rclone.name
|
|
|
|
policy = <<EOF
|
|
{
|
|
"Version": "2012-10-17",
|
|
"Statement": [
|
|
{
|
|
"Sid": "ReadTerraformState",
|
|
"Effect": "Allow",
|
|
"Action": [
|
|
"s3:GetObject",
|
|
"s3:ListBucket"
|
|
],
|
|
"Resource": [
|
|
"${aws_s3_bucket.tfstate.arn}/*",
|
|
"${aws_s3_bucket.tfstate.arn}"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
EOF
|
|
}
|