Revert cloudwatch bucket policy (pushing those changes in separate PR).

infrastructure/cloudwatch.tf

@@ -29,7 +29,7 @@ resource "aws_s3_bucket_policy" "cloudwatch_bucket" {
           "Service" : "logs.amazonaws.com"
         },
         "Action" : "s3:GetBucketAcl",
-        "Resource" : aws_s3_bucket.cloudwatch_bucket.arn
+        "Resource" : "arn:aws:s3:::${var.cloudwatch_bucket_name}"
       },
       {
         "Sid" : "Allow Cloudwatch to write to bucket",
@@ -38,10 +38,7 @@ resource "aws_s3_bucket_policy" "cloudwatch_bucket" {
           "Service" : "logs.amazonaws.com"
         },
         "Action" : "s3:PutObject",
-        "Resource" : [
-          aws_s3_bucket.cloudwatch_bucket.arn,
-          "${aws_s3_bucket.cloudwatch_bucket.arn}/*"
-        ],
+        "Resource" : "arn:aws:s3:::${var.cloudwatch_bucket_name}/*",
         "Condition" : {
           "StringEquals" : {
             "s3:x-amz-acl" : "bucket-owner-full-control"