adding bucket policy

main.tf

@@ -41,6 +41,12 @@ module "aws_data" {
   source = "./modules/aws_data"
 }
 
+module "iam_module" {
+  source = "./modules/iam"
+  identifer = module.aws_data.random_number.result
+  repo-name = var.repo-name 
+}
+
 
 module "s3_storage" {
   source = "terraform-aws-modules/s3-bucket/aws"

modules/iam/main.tf

@@ -0,0 +1,31 @@
+## s3 backend bucket policy
+
+resource "aws_s3_bucket_policy" "backend-policy" {
+    bucket = "${var.repo-name}-backend-${var.identifer}"
+    policy = <<EOT
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "AWS": ["arn:aws:iam::835867269469:user/AveryClark","arn:aws:iam::959867141488:user/MatthewDavis"]
+            },
+            "Action": "s3:ListBucket",
+            "Resource": "arn:aws:s3:::psychic-engine-backend-428127"
+        },
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "AWS": ["arn:aws:iam::835867269469:user/AveryClark","arn:aws:iam::959867141488:user/MatthewDavis"]
+            },
+            "Action": [
+                "s3:GetObject",
+                "s3:PutObject"
+            ],
+            "Resource": "arn:aws:s3:::psychic-engine-backend-428127/*"
+        }
+    ]
+}
+EOT
+}

modules/iam/variables.tf

@@ -0,0 +1,7 @@
+variable "repo-name" {
+    type = string
+}
+
+variable "identifer" {
+    type = string
+}