From c5e2065c0bdcd05e80bead171bf39b21c89a59bb Mon Sep 17 00:00:00 2001
From: Lud <lud@reinmiedl.com>
Date: Wed, 15 Jan 2025 13:17:51 +0100
Subject: [PATCH] attach S3 access for guests to group not user (#372)

---
 aws/s3-shared/guest-iam.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/aws/s3-shared/guest-iam.tf b/aws/s3-shared/guest-iam.tf
index 0161def8..ddd545e8 100644
--- a/aws/s3-shared/guest-iam.tf
+++ b/aws/s3-shared/guest-iam.tf
@@ -28,9 +28,9 @@ data "aws_iam_policy_document" "s3" {
   }
 }
 
-resource "aws_iam_user_policy" "s3" {
+resource "aws_iam_group_policy" "s3" {
   name   = "s3-access-for-${module.s3.bucket_name}"
-  user   = aws_iam_user.guest.name
+  group  = "guest-humans"
   policy = data.aws_iam_policy_document.s3.json
 }