chore: Change format

fegmorte · fegmorte · commit 421fc7637f0c · 2026-04-09T11:01:59.000+02:00
diff --git a/modules/mpc-backup-vault/main.tf b/modules/mpc-backup-vault/main.tf
@@ -73,6 +73,60 @@ resource "aws_s3_bucket_policy" "backup_bucket" {
   })
 }
 
+# ***************************************
+#  IAM Role & Policy for MPC Backup Vault
+# ***************************************
+
+# Trust policy: Allow trusted principals to assume this role
+data "aws_iam_policy_document" "assume_role" {
+  statement {
+    actions = ["sts:AssumeRole"]
+    effect  = "Allow"
+    principals {
+      type        = "AWS"
+      identifiers = var.trusted_principal_arns
+    }
+  }
+}
+
+resource "aws_iam_role" "mpc_backup_role" {
+  name               = var.mpc_backup_role_name != null ? var.mpc_backup_role_name : "mpc-backup-${var.party_name}"
+  assume_role_policy = data.aws_iam_policy_document.assume_role.json
+  tags               = var.tags
+}
+
+# Policy allowing access to the bucket
+resource "aws_iam_policy" "mpc_aws" {
+  name = var.mpc_backup_role_name != null ? var.mpc_backup_role_name : "mpc-backup-${var.party_name}"
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Sid    = "AllowObjectActions"
+        Effect = "Allow"
+        Action = "s3:*Object"
+        Resource = [
+          "arn:aws:s3:::${aws_s3_bucket.backup_bucket.id}/*"
+        ]
+      },
+      {
+        Sid    = "AllowListBucket"
+        Effect = "Allow"
+        Action = "s3:ListBucket"
+        Resource = [
+          "arn:aws:s3:::${aws_s3_bucket.backup_bucket.id}"
+        ]
+      }
+    ]
+  })
+}
+
+# Attach policy to the role
+resource "aws_iam_role_policy_attachment" "mpc_backup_attach" {
+  role       = aws_iam_role.mpc_backup_role.name
+  policy_arn = aws_iam_policy.mpc_aws.arn
+}
+
 # ***************************************
 #  S3 Replica Bucket (Cross-Region)
 # ***************************************
@@ -206,57 +260,3 @@ resource "aws_s3_bucket_replication_configuration" "backup_bucket" {
     aws_s3_bucket_versioning.replica_bucket
   ]
 }
-
-# ***************************************
-#  IAM Role & Policy for MPC Backup Vault
-# ***************************************
-
-# Trust policy: Allow trusted principals to assume this role
-data "aws_iam_policy_document" "assume_role" {
-  statement {
-    actions = ["sts:AssumeRole"]
-    effect  = "Allow"
-    principals {
-      type        = "AWS"
-      identifiers = var.trusted_principal_arns
-    }
-  }
-}
-
-resource "aws_iam_role" "mpc_backup_role" {
-  name               = var.mpc_backup_role_name != null ? var.mpc_backup_role_name : "mpc-backup-${var.party_name}"
-  assume_role_policy = data.aws_iam_policy_document.assume_role.json
-  tags               = var.tags
-}
-
-# Policy allowing access to the bucket
-resource "aws_iam_policy" "mpc_aws" {
-  name = var.mpc_backup_role_name != null ? var.mpc_backup_role_name : "mpc-backup-${var.party_name}"
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Sid    = "AllowObjectActions"
-        Effect = "Allow"
-        Action = "s3:*Object"
-        Resource = [
-          "arn:aws:s3:::${aws_s3_bucket.backup_bucket.id}/*"
-        ]
-      },
-      {
-        Sid    = "AllowListBucket"
-        Effect = "Allow"
-        Action = "s3:ListBucket"
-        Resource = [
-          "arn:aws:s3:::${aws_s3_bucket.backup_bucket.id}"
-        ]
-      }
-    ]
-  })
-}
-
-# Attach policy to the role
-resource "aws_iam_role_policy_attachment" "mpc_backup_attach" {
-  role       = aws_iam_role.mpc_backup_role.name
-  policy_arn = aws_iam_policy.mpc_aws.arn
-}
