EventBridge Event bus doesn't receive cross-account events

I'm trying to send EventBridge events to the Event bus of our backup account, but the bus isn't receiving the events. I've been following this blog post, and translated the example given into Terraform code. The rule in the source account is triggered, but the Event bus in the destination account isn't receiving the events.

Here's the Terraform code for the destination account:

data "aws_cloudwatch_event_bus" "default_bus" {
  name = "default"
}
resource "aws_cloudwatch_event_bus_policy" "copy_rds_backups" {
  event_bus_name = data.aws_cloudwatch_event_bus.default_bus.id
  policy         = data.aws_iam_policy_document.event_bus_policy.json
}
data "aws_iam_policy_document" "event_bus_policy" {
  statement {
    sid     = "AWSBackupCopyCompleteEvent"
    actions = ["events:PutEvents"]
    principals {
      type = "AWS"
      identifiers = [
        "arn:aws:iam::SOURCE_ACCOUNT_ID:root"
      ]
    }
    resources = ["${data.aws_cloudwatch_event_bus.default_bus.arn}"]
  }
}

resource "aws_cloudwatch_event_rule" "copy_rds_backups" {
  name        = "copy_rds_backups"
  description = "EventBridge rule for CopyCompleteJob event to trigger cross-region backup copy of RDS resources."
  state       = "ENABLED"

  event_pattern = jsonencode({
    source = ["aws.backup"],
    account = [{
      anything-but = "DESTINATION_ACCOUNT_ID"
    }],
    detail-type = ["Copy Job State Changed"],
    detail = {
      "state"         = ["COMPLETED"],
      "resourceType" = ["RDS", "Aurora"]
    }
  })
}

And the source account:

resource "aws_iam_role" "cloudwatch_backup_event_role" {
  name               = "cloudwatch-backup-event-role"
  description        = "Role for CloudWatch Event Rule to notify Backup account vault of RDS backup completion"
  assume_role_policy = data.aws_iam_policy_document.cloudwatch_assume_role.json
}
data "aws_iam_policy_document" "cloudwatch_assume_role" {
  statement {
    effect = "Allow"
    actions = [
      "sts:AssumeRole"
    ]
    principals {
      type        = "Service"
      identifiers = ["events.amazonaws.com"]
    }
  }
}
resource "aws_iam_policy_attachment" "cloudwatch_backup_event_policy_attachment" {
  name = "cloudwatch-event-policy-attachment"
  roles = [
    aws_iam_role.cloudwatch_backup_event_role.name
  ]
  policy_arn = aws_iam_policy.cloudwatch_backup_event_policy.arn
}
resource "aws_iam_policy" "cloudwatch_backup_event_policy" {
  name        = "cloudwatch-event-policy"
  description = "Policy for CloudWatch Event Rule to notify Backup account vault of RDS backup completion"
  policy      = data.aws_iam_policy_document.cloudwatch_backup_event_policy.json

}
data "aws_iam_policy_document" "cloudwatch_backup_event_policy" {
  statement {
    effect = "Allow"
    actions = [
      "events:PutEvents"
    ]
    resources = [
      "arn:aws:events:eu-west-1:DESTINATION_ACCOUNT_ID:event-bus/default"
    ]
  }
}

resource "aws_cloudwatch_event_rule" "rds_backup_complete" {
  name        = "rds-backup-complete"
  description = "Rule to trigger event when RDS backup is complete"
  state       = "ENABLED"

  
  event_pattern = jsonencode({
    source      = ["aws.backup"],
    detail-type = ["Copy Job State Change"],
    detail = {
      "state"         = ["COMPLETED"],
      "resourceType" = ["RDS", "Aurora"],
      "destinationBackupVaultArn" : [{
        "prefix": "arn:aws:backup:eu-west-1:DESTINATION_ACCOUNT_ID:backup-vault:",
        }]
    }
  })
}
resource "aws_cloudwatch_event_target" "rds_backup_complete" {
  rule      = aws_cloudwatch_event_rule.rds_backup_complete.name
  target_id = "rds-backup-complete"
  role_arn  = aws_iam_role.cloudwatch_backup_event_role.arn
  arn       = "arn:aws:events:eu-west-1:DESTINATION_ACCOUNT_ID:event-bus/default"
}