From 93a90d613853b03a981d968ae72ce92059b5a09f Mon Sep 17 00:00:00 2001
From: Dominique Dumont <domi.dumont@free.fr>
Date: Thu, 8 Jun 2023 15:28:00 +0200
Subject: [PATCH] feat: add user_policy_document parameter

This parameter allows the user to specify policies that are applied to
the S3 bucket along the policies defined by this module.

Closes: #115
---
 main.tf      | 2 ++
 variables.tf | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/main.tf b/main.tf
index 5a50729..43a8aec 100644
--- a/main.tf
+++ b/main.tf
@@ -56,6 +56,8 @@ data "aws_region" "current" {}
 data "aws_iam_policy_document" "bucket_policy" {
   count = local.enabled ? 1 : 0
 
+  source_policy_documents = var.user_policy_documents
+
   dynamic "statement" {
     for_each = local.prevent_unencrypted_uploads ? ["true"] : []
 
diff --git a/variables.tf b/variables.tf
index 922efa3..729a34f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -189,3 +189,9 @@ variable "permissions_boundary" {
   default     = ""
   description = "ARN of the policy that is used to set the permissions boundary for the IAM replication role"
 }
+
+variable "user_policy_documents" {
+  type        = list(string)
+  default     = []
+  description = "List of IAM policy documents (in JSON format) to attach to the S3 bucket in addition of the policies created by this module."
+}