Use wildcard in S3 bucket resource pattern for NAG suppression

Author: kris-szlapa

packages/cdk/nagSuppressions.ts

@@ -96,7 +96,7 @@ export const nagSuppressions = (stack: Stack) => {
         reason: "Bedrock Knowledge Base requires these permissions to access S3 documents and OpenSearch collection.",
         appliesTo: [
           "Action::bedrock:Delete*",
-          "Resource::<StorageDocsBucketepsamDocsF25F63F1.Arn>/*",
+          "Resource::<StorageDocsBucket*>/*",
           "Resource::arn:aws:bedrock:eu-west-2:undefined:knowledge-base/*",
           "Resource::arn:aws:bedrock:eu-west-2:591291862413:knowledge-base/*",
           "Resource::arn:aws:aoss:eu-west-2:undefined:collection/*",