* feat: allows to create X policies to restrict accesses to sub-directories in the S3 bucket * refactor: moves data to `data.tf` * fix: makes sure the policy created allows to access the KMS key use to encrypt/decrypt the S3 bucket content z un message pour l'étiquette :