POL-1362 Flexera Policy CloudFormation Template Automation

[XOmniverse]

Description

This PR enables automatic generation of the tools/cloudformation-template/FlexeraAutomationPolicies.template file from permissions listed in the data/policy_permissions_list/master_policy_permissions_list.json file. The latter now includes every AWS policy template that is not deprecated, and as a result, the CFT should now include every AWS policy and always be up to date as we add new policies and make changes to existing policies that affect the required permissions.

NOTE: If the user tries to enable individual inline policies for every policy template, this exceeds the size limit for AWS. To handle this, a special "All AWS policies" entry is added to the top to create a single inline policy for users that simply want to enable everything. This is still restricted to just the permissions needed for Flexera policies and does not grant read or read/write access to everything across the board.

This also removes a duplicate entry from the validated permissions list and corrects a handful of permissions in README files that were not valid and were caught by the CloudFormation Template linter.

Testing

The newly generated cloudformation template has been tested in an AWS environment and works as expected.

[github-actions]

	2 Warnings
⚠️	Important Files Modified Please make sure these modifications were intentional and have been tested. These files are necessary for configuring the Github repository and managing automation. .github/workflows/generate-aws-cloudformation-template.yaml .spellignore
⚠️	tools/cloudformation-template/README.md Textlint errors found: 10:48 error https://github.com/flexera-public/policy_templates/blob/master/tools/cloudformation-template/FlexeraAutomationPoliciesReadOnly.template is dead. (404 Not Found) no-dead-link 11:46 error https://github.com/flexera-public/policy_templates/blob/master/tools/cloudformation-template/FlexeraAutomationPoliciesSimple.template is dead. (404 Not Found) no-dead-link ✖ 2 problems (2 errors, 0 warnings)

Generated by 🚫 Danger

[nia-vf1]

I cannot select the line as it is not a part of this change but...

Line 80 says - Under **Maximum concurrent accounts**, choose `Percent` and set field value to `100`.

It should reference 'Failure tolerance' rather than 'Maximum concurrent accounts':

Therefore line 80 should read - Under **Failure tolerance**, choose `Percent` and set field value to `100`.

[bryankaraffa]

Both Max Concurrent Accounts and Failure tolerance should be set to "Percentage" and "100" for the value

[nia-vf1]

Yeah but the doc references Max Concurrent Accounts twice, rather than referencing Max Concurrent Accounts once and Failure Tolerance once @bryankaraffa

[nia-vf1]

See line 80 compared to line 77

[bryankaraffa]

We should keep revisioning for this PT imo.. for anytime it generates a CFT and there's a diff, create a branch/PR and we can approve it (like the other "automation" workflows we have in this repo).

Also, the publish to S3 workflow logic depends on revisioned copies in the repo:
https://github.com/flexera-public/policy_templates/blob/master/.github/workflows/cfn-publish.yaml
This will need to be changed, or we'll need to keep creating revisioned copied