Document required S3 bucket policy

[lindhe]

This PR attempts to document the required S3 bucket policies required by the Barman Cloud plugin to work as intended.

Relevant documentation:

• https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3.html
• https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions

[lindhe]

Doing some trial-and-error, these actions seems to be required:

• s3:DeleteObject*
• s3:GetObject
• s3:ListBucket
• s3:PutObject

I've also added these:

• s3:AbortMultipartUpload
• s3:ListMultipartUploadParts

I think it would make sense for Barman to utilize mutlipart uploads, but I'm not sure. Perhaps it does its own chunking and never requires large files?

* I've not seen a delete operation first-hand, but everyone I've spoken to seems to agree that retention policy can delete objects.

[lindhe]

After a few rounds of discussions and comments, and some trial-and-error on my side, I think this is ready for review.

I'm still not sure if actions for multi-part uploads are required or not. Maintainers help?

[lindhe]

I just ran into an error with multipart upload! It is required. I'll add it.

Relevant docs:

• https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions

[lindhe]

Strange, I'm still seeing the same errors:

ERROR: Backup failed uploading data (An error occurred (AccessDenied) when calling the CreateMultipartUpload operation: Access Denied)
ERROR: Backup failed uploading backup.info file (An error occurred (AccessDenied) when calling the PutObject operation: Access Denied)

EDIT: Oops, I had a typo in the username. 🙈 It works for me now, but I'm not 100% confident if the newly added permissions are strictly required or not anymore.