diff --git a/main.tf b/main.tf
index a76f83d..fa8e5b0 100644
--- a/main.tf
+++ b/main.tf
@@ -41,6 +41,12 @@ module "aws_data" {
   source = "./modules/aws_data"
 }
 
+module "iam_module" {
+  source = "./modules/iam"
+  identifer = module.aws_data.random_number.result
+  repo-name = var.repo-name 
+}
+
 
 module "s3_storage" {
   source = "terraform-aws-modules/s3-bucket/aws"
diff --git a/modules/iam/main.tf b/modules/iam/main.tf
new file mode 100644
index 0000000..eec7bea
--- /dev/null
+++ b/modules/iam/main.tf
@@ -0,0 +1,31 @@
+## s3 backend bucket policy
+
+resource "aws_s3_bucket_policy" "backend-policy" {
+    bucket = "${var.repo-name}-backend-${var.identifer}"
+    policy = <<EOT
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "AWS": ["arn:aws:iam::835867269469:user/AveryClark","arn:aws:iam::959867141488:user/MatthewDavis"]
+            },
+            "Action": "s3:ListBucket",
+            "Resource": "arn:aws:s3:::psychic-engine-backend-428127"
+        },
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "AWS": ["arn:aws:iam::835867269469:user/AveryClark","arn:aws:iam::959867141488:user/MatthewDavis"]
+            },
+            "Action": [
+                "s3:GetObject",
+                "s3:PutObject"
+            ],
+            "Resource": "arn:aws:s3:::psychic-engine-backend-428127/*"
+        }
+    ]
+}
+EOT
+}
\ No newline at end of file
diff --git a/modules/iam/variables.tf b/modules/iam/variables.tf
new file mode 100644
index 0000000..1661523
--- /dev/null
+++ b/modules/iam/variables.tf
@@ -0,0 +1,7 @@
+variable "repo-name" {
+    type = string
+}
+
+variable "identifer" {
+    type = string
+}
\ No newline at end of file