photography_backups access has been moved to iam-users

[agnesgaroux]

What's changing and why?

NOT APPLIED Applied 2024-05-21

Photography S3 access has been moved to https://github.com/wellcomecollection/iam-users
PR -> https://github.com/wellcomecollection/iam-users/pull/26

terraform plan diff

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  - destroy

Terraform will perform the following actions:

  # aws_iam_access_key.photography_backups will be destroyed
  # (because aws_iam_access_key.photography_backups is not in configuration)
  - resource "aws_iam_access_key" "photography_backups" {
      - create_date = "2019-04-08T14:02:29Z" -> null
      - id          = "AKIA3B6K4VLA7MX7E5SB" -> null
      - status      = "Active" -> null
      - user        = "photography_backups" -> null
    }

  # aws_iam_user.photography_backups will be destroyed
  # (because aws_iam_user.photography_backups is not in configuration)
  - resource "aws_iam_user" "photography_backups" {
      - arn           = "arn:aws:iam::760097843905:user/automated_systems/photography_backups" -> null
      - force_destroy = false -> null
      - id            = "photography_backups" -> null
      - name          = "photography_backups" -> null
      - path          = "/automated_systems/" -> null
      - tags          = {} -> null
      - tags_all      = {} -> null
      - unique_id     = "AIDAJMMGQ7F6TMZ7KQQ6M" -> null
    }

  # aws_iam_user_policy.allow_backups_s3_access will be destroyed
  # (because aws_iam_user_policy.allow_backups_s3_access is not in configuration)
  - resource "aws_iam_user_policy" "allow_backups_s3_access" {
      - id          = "photography_backups:terraform-20180801141913192500000001" -> null
      - name        = "terraform-20180801141913192500000001" -> null
      - name_prefix = "terraform-" -> null
      - policy      = jsonencode(
            {
              - Statement = [
                  - {
                      - Action   = "s3:*"
                      - Effect   = "Allow"
                      - Resource = [
                          - "arn:aws:s3:::wellcomecollection-backups-photography/*",
                          - "arn:aws:s3:::wellcomecollection-backups-photography",
                        ]
                      - Sid      = ""
                    },
                  - {
                      - Action   = "s3:List*"
                      - Effect   = "Allow"
                      - Resource = "*"
                      - Sid      = ""
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> null
      - user        = "photography_backups" -> null
    }

Plan: 0 to add, 0 to change, 3 to destroy.

Changes to Outputs:
  - photography_backups_access_id = "AKIA3B6K4VLA7MX7E5SB" -> null