chore(infrastructure): change the AWS account used for tests

infrastructure/tofu/main.tf

@@ -11,28 +11,20 @@ module "aws_iam_ci_user" {
   source = "git::ssh://git@git.adyxax.org/adyxax/tofu-module-aws-iam-ci-user?depth=1&ref=1.0.1"
 
   name = local.name
-}
-
-resource "aws_iam_policy" "tftest" {
-  provider = aws.all["root"]
-
-  name = "${local.name}-tftest"
-  policy = jsonencode({
-    Statement = [{
+  tests_policy_statements = jsonencode([
+    {
       Action = "iam:*"
       Effect = "Allow"
       Resource = [
         "arn:aws:iam::*:user/tftest-user",
         "arn:aws:iam::*:policy/${local.name}-tftest",
       ]
-    }]
-    Version = "2012-10-17"
-  })
-}
-
-resource "aws_iam_user_policy_attachment" "tftest" {
-  provider = aws.all["root"]
-
-  policy_arn = aws_iam_policy.tftest.arn
-  user       = local.name
+    },
+    {
+      # Necessary for removing an IAM user
+      Action   = "iam:ListVirtualMFADevices",
+      Effect   = "Allow"
+      Resource = "*"
+    }
+  ])
 }

main.tftest.hcl

@@ -1,5 +1,5 @@
 provider "aws" {
-  profile = "root"
+  profile = "tests"
   region  = "eu-west-3"
 }