From f92019b77f29e787d8a13889aa7e4fda29863733 Mon Sep 17 00:00:00 2001
From: Marko Fabry <marko.fabry@vertice.one>
Date: Wed, 25 Oct 2023 13:26:53 +0200
Subject: [PATCH] fix: Fix incorrect S3 policy when *_s3_key_prefix is empty
 string

---
 bucket.tf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bucket.tf b/bucket.tf
index 5d92b3d9..16603180 100644
--- a/bucket.tf
+++ b/bucket.tf
@@ -8,9 +8,9 @@ locals {
   audit_log_bucket_id  = local.use_external_bucket ? data.aws_s3_bucket.external[0].id : module.audit_log_bucket[0].this_bucket.id
   audit_log_bucket_arn = local.use_external_bucket ? data.aws_s3_bucket.external[0].arn : module.audit_log_bucket[0].this_bucket.arn
 
-  audit_log_cloudtrail_destination = join("/", [local.audit_log_bucket_arn, trim(var.cloudtrail_s3_key_prefix, "/")])
-  audit_log_config_destination     = join("/", [local.audit_log_bucket_arn, trim(var.config_s3_bucket_key_prefix, "/")])
-  audit_log_flow_logs_destination  = join("/", [local.audit_log_bucket_arn, trim(var.vpc_flow_logs_s3_key_prefix, "/")])
+  audit_log_cloudtrail_destination = trimsuffix(join("/", [local.audit_log_bucket_arn, trim(var.cloudtrail_s3_key_prefix, "/")]), "/")
+  audit_log_config_destination     = trimsuffix(join("/", [local.audit_log_bucket_arn, trim(var.config_s3_bucket_key_prefix, "/")]), "/")
+  audit_log_flow_logs_destination  = trimsuffix(join("/", [local.audit_log_bucket_arn, trim(var.vpc_flow_logs_s3_key_prefix, "/")]), "/")
 }
 
 # --------------------------------------------------------------------------------------------------