dmlayton

## aws-hello-world.tf
provider "aws" {
  region = "eu-west-2"
}

## aws-hello-world.tf
resource "aws_s3_bucket" "test_client_bucket" {
  bucket = "test-client-bucket-x130099"
  region = "eu-west-2"
  acl = "private"

  server_side_encryption_configuration {
    rule {
      apply_server_side_encryption_by_default {
        sse_algorithm     = "AES256"
      }

## aws-hello-world.tf
resource "aws_iam_user" "test_client" {
  name = "alice"
}

## aw
resource "aws_iam_access_key" "test_client" {
  user = aws_iam_user.test_client.name
}

## aws-hello-world.tf
resource "aws_iam_access_key" "test_client" {
  user = aws_iam_user.test_client.name
}

## aws-hello-world.tf
data "aws_iam_policy_document" "test_client" {
  statement {
    actions = [
      "s3:ListBucket",
      "s3:GetBucketLocation"
    ]
    resources = [aws_s3_bucket.test_client_bucket.arn]
  }
  statement {
    actions = [

## aws-hello-world.tf
resource "aws_iam_user_policy" "test_client" {
  name = "test_policy"
  user = aws_iam_user.test_client.name

  policy = data.aws_iam_policy_document.test_client.json
}

## client.tfvars
client = {
    region = "eu-west-2"
    name = "test-client"
}
users = ["alice", "bob", "charlie"]

## client_bucket.tf
resource "aws_s3_bucket" "client_bucket" {
  bucket = sha1(format("my_super_secret_key:%s", var.client.name))
  region = var.client.region
  acl = "private"

  server_side_encryption_configuration {
    rule {
      apply_server_side_encryption_by_default {
        sse_algorithm = "AES256"
      }

## client_user_group.tf
resource "aws_iam_user" "client" {
  count = length(var.users)
  name = element(var.users, count.index)

}

resource "aws_iam_access_key" "client" {
  count = length(var.users)
  user = element(aws_iam_user.client, count.index).name
}
	resource "aws_s3_bucket" "test_client_bucket" {
	bucket = "test-client-bucket-x130099"
	region = "eu-west-2"
	acl = "private"

	server_side_encryption_configuration {
	rule {
	apply_server_side_encryption_by_default {
	sse_algorithm = "AES256"
	}
	resource "aws_iam_access_key" "test_client" {
	user = aws_iam_user.test_client.name
	}
	data "aws_iam_policy_document" "test_client" {
	statement {
	actions = [
	"s3:ListBucket",
	"s3:GetBucketLocation"
	]
	resources = [aws_s3_bucket.test_client_bucket.arn]
	}
	statement {
	actions = [
	resource "aws_iam_user_policy" "test_client" {
	name = "test_policy"
	user = aws_iam_user.test_client.name

	policy = data.aws_iam_policy_document.test_client.json
	}
	client = {
	region = "eu-west-2"
	name = "test-client"
	}
	users = ["alice", "bob", "charlie"]
	resource "aws_s3_bucket" "client_bucket" {
	bucket = sha1(format("my_super_secret_key:%s", var.client.name))
	region = var.client.region
	acl = "private"

	server_side_encryption_configuration {
	rule {
	apply_server_side_encryption_by_default {
	sse_algorithm = "AES256"
	}
	resource "aws_iam_user" "client" {
	count = length(var.users)
	name = element(var.users, count.index)

	}

	resource "aws_iam_access_key" "client" {
	count = length(var.users)
	user = element(aws_iam_user.client, count.index).name
	}