Bug: conflicting s3 bucket policies

[jverhoeks]

Found a bug? Maybe our Slack Community can help.

Describe the Bug

The s3 bucket policy conflicts with the bucket policy in the storage module. Every apply the policy is changed either one of the policies is active.

Expected Behavior

Changes to the policy are active and the terraform plan is consistent

Steps to Reproduce

Steps to reproduce the behavior:
Create module with

module "aws_config_storage" {
  source = "cloudposse/config-storage/aws"

  access_log_bucket_name  = local.log_bucket
  allow_ssl_requests_only = true
}

2. Run plan and apply
3. Run again plan and apply and it keeps changing

Screenshots

If applicable, add screenshots or logs to help explain your problem.

Environment (please complete the following information):

Terraform v0.14.11

• provider registry.terraform.io/hashicorp/aws v3.45.0

Additional Context

Same problem in the flowlogs and cloudtrail bucket modules.

[ghost]

Related issue: this module does not respect the the policy variable. In the terraform-aws-cloudtrail-s3-bucket module, var.policy is incorporated as the source_json in the data document, which is absent in this module.