[Feature] Add multipart permissions to databricks_aws_unity_catalog_policy data source (#4440)

## Changes
<!-- Summary of your changes that are easy to understand -->

To support uploading of big files to UC volumes, etc. we need to give
permissions to perform operations related to AWS multipart uploads APIs.

## Tests
<!-- 
How is this tested? Please see the checklist below and also describe any
other relevant tests
-->

- [x] `make test` run locally
- [ ] relevant change in `docs/` folder
- [ ] covered with integration tests in `internal/acceptance`
- [ ] using Go SDK
- [ ] using TF Plugin Framework

---------

Co-authored-by: vuong-nguyen <[email protected]>

Author: alexott

NEXT_CHANGELOG.md

@@ -4,8 +4,7 @@
 
 ### New Features and Improvements
 
- * Support updating `options` in `databricks_catalog` ([#4476](https://github.com/databricks/terraform-provider-databricks/pull/4476)).
- * Increase `databricks_library` timeout from 15m to 30m.
+ * Add multipart permissions to `databricks_aws_unity_catalog_policy` data source ([#4440](https://github.com/databricks/terraform-provider-databricks/pull/4440)).
 
 ### Bug Fixes
  * Fixed an issue where reordering objects in a (pluginfw) Share wouldn’t update properly unless other changes were made ([#4481](https://github.com/databricks/terraform-provider-databricks/pull/4481)).

aws/data_aws_unity_catalog_policy.go

@@ -28,6 +28,10 @@ func generateReadContext(ctx context.Context, d *schema.ResourceData, m *common.
 					"s3:DeleteObject",
 					"s3:ListBucket",
 					"s3:GetBucketLocation",
+					// Multipart uploads support
+					"s3:ListBucketMultipartUploads",
+					"s3:ListMultipartUploadParts",
+					"s3:AbortMultipartUpload",
 				},
 				Resources: []string{
 					fmt.Sprintf("arn:%s:s3:::%s/*", awsPartition, bucket),

aws/data_aws_unity_catalog_policy_test.go

@@ -33,7 +33,10 @@ func TestDataAwsUnityCatalogPolicy(t *testing.T) {
                 "s3:PutObject",
                 "s3:DeleteObject",
                 "s3:ListBucket",
-                "s3:GetBucketLocation"
+                "s3:GetBucketLocation",
+                "s3:ListBucketMultipartUploads",
+		"s3:ListMultipartUploadParts",
+		"s3:AbortMultipartUpload"
               ],
               "Resource": [
                 "arn:aws:s3:::databricks-bucket/*",
@@ -146,7 +149,10 @@ func TestDataAwsUnityCatalogPolicyFullKms(t *testing.T) {
                 "s3:PutObject",
                 "s3:DeleteObject",
                 "s3:ListBucket",
-                "s3:GetBucketLocation"
+                "s3:GetBucketLocation",
+                "s3:ListBucketMultipartUploads",
+		"s3:ListMultipartUploadParts",
+		"s3:AbortMultipartUpload"
               ],
               "Resource": [
                 "arn:aws:s3:::databricks-bucket/*",
@@ -258,7 +264,10 @@ func TestDataAwsUnityCatalogPolicyWithoutKMS(t *testing.T) {
                 "s3:PutObject",
                 "s3:DeleteObject",
                 "s3:ListBucket",
-                "s3:GetBucketLocation"
+                "s3:GetBucketLocation",
+                "s3:ListBucketMultipartUploads",
+		"s3:ListMultipartUploadParts",
+		"s3:AbortMultipartUpload"
               ],
               "Resource": [
                 "arn:aws:s3:::databricks-bucket/*",
@@ -361,7 +370,10 @@ func TestDataAwsUnityCatalogPolicyPartionGov(t *testing.T) {
                 "s3:PutObject",
                 "s3:DeleteObject",
                 "s3:ListBucket",
-                "s3:GetBucketLocation"
+                "s3:GetBucketLocation",
+                "s3:ListBucketMultipartUploads",
+		"s3:ListMultipartUploadParts",
+		"s3:AbortMultipartUpload"
               ],
               "Resource": [
                 "arn:aws-us-gov:s3:::databricks-bucket/*",