There is a bug at the moment in which if a VPC is created then it will flush the logs potentially after the log group has gone and because it has access to Create Log groups it will create that log group and then be unable to be destroyed as it's not tied to the Terraform State
There's two aspects to this fix
Use a GUID to create a separate identity for the logs
Delete the Create Log Group Permission from the IAM policy (It doesn't need it)
There is a bug at the moment in which if a VPC is created then it will flush the logs potentially after the log group has gone and because it has access to Create Log groups it will create that log group and then be unable to be destroyed as it's not tied to the Terraform State
There's two aspects to this fix