Temporarily grant legacy permissions

The current CI uploads Rustup build to the dev-static bucket. To not
break the existing workflow while implementing the new release process,
the current permissions are temporarily granted to the new user for
Rustup's CI. They should be removed once the new release process has
been implemented.

Author: jdno

terragrunt/modules/rustup/s3.tf

@@ -30,3 +30,22 @@ resource "aws_iam_user_policy" "upload_builds" {
   user   = module.aws_iam_user.user_name
   policy = data.aws_iam_policy_document.upload_builds.json
 }
+
+data "aws_iam_policy_document" "legacy_ci" {
+  statement {
+    sid    = "WriteToDevStatic"
+    effect = "Allow"
+
+    actions = [
+      "s3:*",
+    ]
+
+    resources = ["arn:aws:s3:::dev-static-rust-lang-org/rustup/*"]
+  }
+}
+
+resource "aws_iam_user_policy" "legacy_ci" {
+  name   = "legacy-ci"
+  user   = module.aws_iam_user.user_name
+  policy = data.aws_iam_policy_document.legacy_ci.json
+}