Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

GetDataProtectionPolicy for aws_cloudwatchlogs_log_group_data_protection_policies causes ValidationException error because log group arns end with :* and the allowed pattern for logGroupIdentifier for GetDataProtectionPolicy is [\w#+=/:,.@-]* which doesn't allow *

This seems like an AWS bug but could be fixed by stripping the trailing * from the log group arn.

Expected Behavior

No ValidationException when GetDataProtectionPolicy called

CloudQuery (redacted) config

Steps To Reproduce

No response

CloudQuery (redacted) logs

{
    "level": "error",
    "module": "aws-src",
    "client": "************:us-east-2",
    "error": "operation error CloudWatch Logs: GetDataProtectionPolicy, https response error StatusCode: 400, RequestID: 53f1c155-a3f5-44bd-a6c2-ec93e711991e, api error ValidationException: 1 validation error detected: Value 'arn:aws:logs:us-east-2:***********:log-group:<log-group-name-redacted>:*' at 'logGroupIdentifier' failed to satisfy constraint: Member must satisfy regular expression pattern: [\\w#+=/:,.@-]*",
    "message": "table resolver finished with error",
    "table": "aws_cloudwatchlogs_log_group_data_protection_policies",
    "time": "2023-04-19T08:23:40Z"
}

CloudQuery version

2.5.3

Additional Context

AWS plugin v.16.2.0
Postgres plugin v3.0.3

Pull request (optional)

• I can submit a pull request