provider "aws" {
  region = var.REGION
}

resource "aws_iam_user" "user" {
  name = "devops-readonly"
}

resource "aws_iam_user_policy_attachment" "attachment" {
  user       = aws_iam_user.user.name
  policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
}

resource "aws_iam_access_key" "access_key" {
  user = aws_iam_user.user.name
}