From 3f01190208633bf299bbca1611d2473e2c1202de Mon Sep 17 00:00:00 2001
From: Dominique Dumont <dominique.dumont@non.se.com>
Date: Thu, 1 Jun 2023 14:53:15 +0200
Subject: [PATCH] feat: add user_policy_document parameter

This parameter allows the user to specify policies that are applied to
the S3 bucket with the policies defined by this module.

Closes: #115
---
 main.tf      | 2 ++
 variables.tf | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/main.tf b/main.tf
index 5a50729..43a8aec 100644
--- a/main.tf
+++ b/main.tf
@@ -56,6 +56,8 @@ data "aws_region" "current" {}
 data "aws_iam_policy_document" "bucket_policy" {
   count = local.enabled ? 1 : 0
 
+  source_policy_documents = var.user_policy_documents
+
   dynamic "statement" {
     for_each = local.prevent_unencrypted_uploads ? ["true"] : []
 
diff --git a/variables.tf b/variables.tf
index 922efa3..729a34f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -189,3 +189,9 @@ variable "permissions_boundary" {
   default     = ""
   description = "ARN of the policy that is used to set the permissions boundary for the IAM replication role"
 }
+
+variable "user_policy_documents" {
+  type        = list(string)
+  default     = []
+  description = "List of IAM policy documents (in JSON format) to attach to the S3 bucket in addition of the policies created by this module."
+}