backups: update permissions

CompleteMultiPartUpload permission doesn't exist, createbucket
permission is needed.

Change-Id: Id4cad64f4661b645a161129f17724defd0dd14bc
diff --git a/backups.tf b/backups.tf
index cec2e99..49bb6b3 100644
--- a/backups.tf
+++ b/backups.tf
@@ -10,7 +10,7 @@
   policy_file = "templates/role_policy.tmpl"
   actions = [
                 "s3:AbortMultipartUpload",
-                "s3:CompleteMultipartUpload",
+                "s3:CreateBucket",
                 "s3:ListBucket",
                 "s3:ListBucketMultipartUploads",
                 "s3:PutObject",
@@ -19,7 +19,8 @@
                 "s3:PutObjectAcl"
   ]
   resources = [
-                "arn:aws:s3:::trustedfirmware-backups-*/*"
+                "arn:aws:s3:::trustedfirmware-backups",
+                "arn:aws:s3:::trustedfirmware-backups/*"
   ]
 }