IAM Policy for S3 replication doesn't include new destination bucket name

[rstml]

Describe the Bug

Destination bucket was moved from destination_bucket to destination.bucket as described here:

terraform-aws-s3-bucket/variables.tf

Lines 260 to 266 in 1c227f1

	# destination_bucket is specified here rather than inside the destination object because before optional
	# attributes, it made it easier to work with the Terraform type system and create a list of consistent type.
	# It is preserved for backward compatibility, but the nested version takes priority if both are provided.
	destination_bucket = optional(string) # destination bucket ARN, overrides s3_replica_bucket_arn
	destination = object({
	bucket = optional(string) # destination bucket ARN, overrides s3_replica_bucket_arn

However, the IAM policy for replication doesn't account for this new bucket name:

terraform-aws-s3-bucket/replication.tf

Lines 60 to 63 in 1c227f1

	resources = toset(concat(
	try(length(var.s3_replica_bucket_arn), 0) > 0 ? ["${var.s3_replica_bucket_arn}/*"] : [],
	[for rule in local.s3_replication_rules : "${rule.destination_bucket}/*" if try(length(rule.destination_bucket), 0) > 0],
	))

Expected Behavior

concat should also include destination.bucket

Steps to Reproduce

N/A

Screenshots

No response

Environment

No response

Additional Context

No response