The following permissions are necessary for Terraform.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "S3Permissions",
"Effect": "Allow",
"Action": [
"s3:CreateBucket",
"s3:PutBucketAcl",
"s3:PutBucketPolicy",
"s3:GetBucketAcl",
"s3:GetBucketPolicy",
"s3:ListBucket",
"s3:DeleteBucket",
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListAllMyBuckets"
],
"Resource": "*"
},
{
"Sid": "SQSPermissions",
"Effect": "Allow",
"Action": [
"sqs:CreateQueue",
"sqs:DeleteQueue",
"sqs:GetQueueAttributes",
"sqs:SetQueueAttributes",
"sqs:TagQueue",
"sqs:ListQueues",
"sqs:GetQueueUrl"
],
"Resource": "*"
},
{
"Sid": "IAMPermissions",
"Effect": "Allow",
"Action": [
"iam:CreateUser",
"iam:DeleteUser",
"iam:GetUser",
"iam:ListUsers",
"iam:CreatePolicy",
"iam:DeletePolicy",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:ListPolicyVersions",
"iam:AttachUserPolicy",
"iam:PutUserPolicy",
"iam:ListAttachedUserPolicies",
"iam:ListPolicies"
],
"Resource": "*"
},
{
"Sid": "STSPermissions",
"Effect": "Allow",
"Action": [
"sts:GetCallerIdentity"
],
"Resource": "*"
}
]
}