backups: update permissions
CompleteMultiPartUpload permission doesn't exist, createbucket
permission is needed.
Change-Id: Id4cad64f4661b645a161129f17724defd0dd14bc
diff --git a/backups.tf b/backups.tf
index cec2e99..49bb6b3 100644
--- a/backups.tf
+++ b/backups.tf
@@ -10,7 +10,7 @@
policy_file = "templates/role_policy.tmpl"
actions = [
"s3:AbortMultipartUpload",
- "s3:CompleteMultipartUpload",
+ "s3:CreateBucket",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:PutObject",
@@ -19,7 +19,8 @@
"s3:PutObjectAcl"
]
resources = [
- "arn:aws:s3:::trustedfirmware-backups-*/*"
+ "arn:aws:s3:::trustedfirmware-backups",
+ "arn:aws:s3:::trustedfirmware-backups/*"
]
}