Allow 'deployer' to be a role or group, not just a single user

[gobengo]

I want to let multiple users be the 'deployer' to my s3 bucket, e.g. me, my colleagues, + the user from a CI app like Jenkins or something.

Normally to facilitate this I'd have a 'deployer' role (not user), and then authorize any of the above users assume that role so that they can deploy.

As this is coded now, there can only be one user. https://github.com/ringods/terraform-website-s3-cloudfront-route53/blob/d2e06/site-redirect/main.tf#L78

Agree it's a good idea to have this module support making a role instead? It could output the role arn, and users of this module could authorize users to assume that role as needed. https://www.terraform.io/docs/providers/aws/r/iam_role_policy_attachment.html

Alternatively, the modules could just output the policy JSON, and then users of this module could use that to send into IAM however makes sense.

[iuriaranda]

Hi @gobengo , sorry not responding sooner.

Although we don't have a specific use case for this ourselves, I think it might be useful for other users. We don't have the bandwidth to handle this at the moment, so would you be willing to submit a PR to tackle this?

[iuriaranda]

I'm going to close this issue due to lack of activity. Feel free to re-open it or create a new one if the problem persists.