Add policy for s3 replication (#111)

for s3 replication, we need additional policy to assume role.

ref: https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html#receiving-replicated-objects

Author: Julian-Chu

config/iam/recommended-inline-policy

@@ -0,0 +1,25 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "S3AllPermission",
+      "Effect": "Allow",
+      "Action": [
+        "s3:*",
+        "s3-object-lambda:*"
+      ],
+      "Resource": "*"
+    },
+    {
+      "Sid": "S3ReplicationPassRole",
+      "Condition": {
+        "StringEquals": {
+          "iam:PassedToService": "s3.amazonaws.com"
+        }
+      },
+      "Action": "iam:PassRole",
+      "Resource": "*",
+      "Effect": "Allow"
+    }
+  ]
+}