CloudTrail Data Events S3 bucket is created even if aft_feature_cloudtrail_data_events is set to false

[agnasillo]

Terraform Version & Prov:

AFT Version: 1.12.0 (Can be found in the AFT Management Account in the SSM Parameter /aft/config/aft/version)

Terraform Version & Provider Versions Please provide the outputs of terraform version and terraform providers from within your AFT environment

terraform version

1.6.0

terraform providers

hashicorp/aws = 5.21.0

Bug Description S3 bucket aws-aft-logs-${ACCOUNT-ID}-${REGION} is created even if aft_feature_cloudtrail_data_events is set to false

To Reproduce Steps to reproduce the behavior:

1. Set aft_feature_cloudtrail_data_events as false for aws-ia/control_tower_account_factory/aws module.
2. Login into the AFT Management account
3. See that s3 bucket aws-aft-logs-${ACCOUNT-ID}-${REGION} exists, e.g. aws-aft-logs-11111111111-us-east-1 is created

Expected behavior Bucket should not be created and remain empty if user opts out of cloudtrail data events feature.

Related Logs N/A

Additional context N/A

[snebhu3]

@anasillo thank you for reporting this. I will create an internal backlog to address this.