From 6c2b2515bd1acbc253b63bb7551d00ce140bc5d2 Mon Sep 17 00:00:00 2001
From: Andrew Haines <andrew@haines.org.nz>
Date: Wed, 4 Apr 2018 09:20:08 +0100
Subject: [PATCH 1/2] Update reference to deprecated argument in S3 backend
 docs

---
 website/docs/backends/types/s3.html.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/docs/backends/types/s3.html.md b/website/docs/backends/types/s3.html.md
index 5851d292a..f958c20e1 100644
--- a/website/docs/backends/types/s3.html.md
+++ b/website/docs/backends/types/s3.html.md
@@ -199,7 +199,7 @@ Your administrative AWS account will contain at least the following items:
   workspace.
 
 Provide the S3 bucket name and DynamoDB table name to Terraform within the
-S3 backend configuration using the `bucket` and `lock_table` arguments
+S3 backend configuration using the `bucket` and `dynamodb_table` arguments
 respectively, and configure a suitable `workspace_key_prefix` to contain
 the states of the various workspaces that will subsequently be created for
 this configuration.

From b6fbb42be6a3217f4cf777fecc995fc9f887db53 Mon Sep 17 00:00:00 2001
From: Andrew Haines <andrew@haines.org.nz>
Date: Wed, 4 Apr 2018 09:35:31 +0100
Subject: [PATCH 2/2] Add required DynamoDB IAM permissions for state locking
 to S3 backend docs

---
 website/docs/backends/types/s3.html.md | 28 ++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/website/docs/backends/types/s3.html.md b/website/docs/backends/types/s3.html.md
index f958c20e1..e82087971 100644
--- a/website/docs/backends/types/s3.html.md
+++ b/website/docs/backends/types/s3.html.md
@@ -67,6 +67,34 @@ This is seen in the following AWS IAM Statement:
 }
 ```
 
+### DynamoDB Table Permissions
+
+If you are using state locking, Terraform will need the following AWS IAM
+permissions on the DynamoDB table (`arn:aws:dynamodb:::table/mytable`):
+
+* `dynamodb:GetItem`
+* `dynamodb:PutItem`
+* `dynamodb:DeleteItem`
+
+This is seen in the following AWS IAM Statement:
+
+```json
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "dynamodb:GetItem",
+        "dynamodb:PutItem",
+        "dynamodb:DeleteItem"
+      ],
+      "Resource": "arn:aws:dynamodb:*:*:table/mytable"
+    }
+  ]
+}
+```
+
 ## Using the S3 remote state
 
 To make use of the S3 remote state we can use the