S3-credentials

- New `--statement JSON` option for both the `s3-credentials create` and `s3-credentials policy` commands, allowing one or more additional policy statements (provided as JSON strings) to be added to the generated IAM policy. [72](https://github.com/simonw/s3-credentials/issues/72)

- New `set-cors-policy` and `get-cors-policy` for altering the CORS policy for a bucket, [documented here](https://github.com/simonw/s3-credentials/blob/0.11/README.md#set-cors-policy-and-get-cors-policy). [47](https://github.com/simonw/s3-credentials/issues/47)
- Each command now shows example usage in `--help`. [67](https://github.com/simonw/s3-credentials/issues/67)
- New [documentation page](https://github.com/simonw/s3-credentials/blob/main/help.md) listing the `--help` for every command.

- New `list-roles` command for listing roles configured for your AWS account. [61](https://github.com/simonw/s3-credentials/issues/61)

See [Weeknotes: s3-credentials prefix and Datasette 0.60](https://simonwillison.net/2022/Jan/18/weeknotes/) for extra background on these new features.

- New `--prefix myprefix/` option to `s3-credentials create`, which configures the credentials to only allow access to keys within the S3 bucket that start with the provided prefix. [12](https://github.com/simonw/s3-credentials/issues/12)
- `s3-credentials policy --prefix myprefix/` command for generating and outputting a JSON policy that is restricted to the specified prefix. You can see examples [in the README](https://github.com/simonw/s3-credentials#--prefix-my-prefix).
- New `list-bucket` command for listing the contents of a specified bucket. [28](https://github.com/simonw/s3-credentials/issues/28)
- The `list-users`, `list-buckets` and `list-bucket` command all default to outputting an indented JSON array - previously the outputted indented JSON objects separated by newlines. The `--nl` option can be used to return newline-delimited single line JSON objects. The new `--csv` and `--tsv` options can be used to return CSV or TSV output. [48](https://github.com/simonw/s3-credentials/issues/48)

* `s3-credentials create my-bucket --public` option for creating public buckets, which allow anyone with knowledge of a filename to download that file. This works by attaching [this public bucket policy](https://github.com/simonw/s3-credentials/blob/0.8/README.md#public-bucket-policy) to the bucket after it is created. [42](https://github.com/simonw/s3-credentials/issues/42)
* `s3-credentials put-object` now sets the `Content-Type` header on the uploaded object. The type is detected based on the filename, or can be specified using the new `--content-type` option. [43](https://github.com/simonw/s3-credentials/issues/43)
* `s3-credentials policy my-bucket --public-bucket` outputs the public bucket policy that would be attached to a bucket of that name. [44](https://github.com/simonw/s3-credentials/issues/44)

- `s3-credentials policy` command, to output the JSON policy that would be used directly to the terminal. [37](https://github.com/simonw/s3-credentials/issues/37)
- README now includes [examples](https://github.com/simonw/s3-credentials/blob/0.7/README.md#policy-documents) of the three different policies. [36](https://github.com/simonw/s3-credentials/issues/36)
- `s3-credentials put-object` and `s3-credentials get-object` commands for uploading and downloading files from an S3 bucket. [38](https://github.com/simonw/s3-credentials/issues/38)