diff --git a/iam_policies.tf b/iam_policies.tf
index 075c869..7a9392e 100644
--- a/iam_policies.tf
+++ b/iam_policies.tf
@@ -73,7 +73,7 @@ data "aws_iam_policy_document" "fluent-bit" {
     effect  = "Allow"
     actions = ["ssm:GetParameter"]
     resources = [
-      "arn:aws:ssm:*:*:parameter/AmazonCloudWatch-*"
+      "arn:${data.aws_caller_identity.current.provider}:ssm:*:*:parameter/AmazonCloudWatch-*"
     ]
   }
 }
diff --git a/variables.tf b/variables.tf
index 30965f0..e81e8b9 100644
--- a/variables.tf
+++ b/variables.tf
@@ -161,8 +161,8 @@ variable "fb_log_group_name" {
   default     = "Fluent-bit-cloudwatch"
 }
 
-variable "fb_log_system_group_name" {
-  description = "Fluent-bit systemD log group name"
+variable "fb_system_log_group_name" {
+  description = "Fluent-bit systemd log group name"
   type        = string
   default     = "Fluent-bit-cloudwatch"
 }
@@ -174,7 +174,7 @@ variable "fb_log_encryption" {
 }
 
 variable "fb_log_systemd" {
-  description = "Enable Fluent-bit log encryption"
+  description = "Enable Fluent-bit cloudwatch logging for systemd"
   type        = bool
   default     = true
 }
@@ -198,7 +198,7 @@ variable "fb_log_retention" {
 }
 
 variable "fb_system_log_retention" {
-  description = "Days to retain Fluent-bit systemD logs"
+  description = "Days to retain Fluent-bit systemd logs"
   type        = number
   default     = 7
 }