CloudTrail option side effect: aws_s3_bucket_notification is overwritten #53
Description
The module's CloudTrail option depends on references to an externally-created S3 bucket. If the bucket already has a notification configuration, the module overwrites it. Conversely, adding a notification configuration outside the module, for some other CloudTrail consumer, overwrites the one created by the module.
A bucket can have only one s3_bucket_notification configuration. Terraform gives no warning at the time a conflicting configuration is introduced. The old configuration is overwritten in AWS, but both the old and new ones end up in Terraform state.
Though there can only be one configuration, it may point to multiple destinations. So, if we went beyond the first step of documenting the side effect, we might be able to accept configuration contents as an optional input, and append. Or, we could eliminate the side effect by removing the s3_bucket_notification resource from the module and leaving it to the user to create or modify their CloudTrail bucket's notification configuration.