Move inline_policy to aws_iam_role_policy resource

Fixes this warning:

│ Warning: Argument is deprecated
│
│   with module.cluster.aws_iam_role.eks_cluster_role,
│   on .terraform/modules/cluster/cluster_iam.tf line 5, in resource "aws_iam_role" "eks_cluster_role":
│    5: resource "aws_iam_role" "eks_cluster_role" {
│
│ The inline_policy argument is deprecated. Use the aws_iam_role_policy resource instead. If Terraform should exclusively manage all inline policy associations (the current behavior of
│ this argument), use the aws_iam_role_policies_exclusive resource as well.

cluster_iam.tf

@@ -6,24 +6,29 @@ resource "aws_iam_role" "eks_cluster_role" {
   count              = length(var.cluster_role_arn) == 0 ? 1 : 0
   name               = "${var.iam_role_name_prefix}EksCluster-${var.name}"
   assume_role_policy = data.aws_iam_policy_document.eks_assume_role_policy.json
+}
+
+resource "aws_iam_role_policy" "deny_log_group_creation" {
+  count = length(var.cluster_role_arn) == 0 ? 1 : 0
+  name  = "DenyLogGroupCreation"
+  role  = aws_iam_role.eks_cluster_role[0].id
 
   # Resources running on the cluster are still generating logs when destroying the module resources
   # which results in the log group being re-created even after Terraform destroys it. Removing the
   # ability for the cluster role to create the log group prevents this log group from being re-created
   # outside of Terraform due to services still generating logs during destroy process
-  inline_policy {
-    name = "DenyLogGroupCreation"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = [
-        {
-          Action   = ["logs:CreateLogGroup"]
-          Effect   = "Deny"
-          Resource = "*"
-        },
-      ]
-    })
-  }
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = [
+          "ec2:Describe*",
+        ]
+        Effect   = "Allow"
+        Resource = "*"
+      },
+    ]
+  })
 }
 
 data "aws_iam_policy_document" "eks_assume_role_policy" {