add new vars to cirrus module to allow consumer to deploy additional lambdas

[bick4ord]

… with other vars for custom IAM policies and alarms for these additional lambdas

Related issue(s)

Proposed Changes

1. Add optional hooks for deploying additional cirrus lambdas, from either S3 or ECR

Testing

This change was validated by the following observations:

1. Terraform apply to PDS dev with config in comment below

Checklist

• I have deployed and validated this change
• Changelog
  • I have added my changes to the changelog
  • No changelog entry is necessary
• README migration
  • I have added any migration steps to the Readme
  • No migration is necessary

[bick4ord]

Not sure the best place to update a readme or show examples, here is what I tested with:

module "cirrus" {
  source = "./tf-modules/modules/cirrus"

  ...

  additional_lambdas = {
    first = {
      description="my first lambda"
      s3_bucket="bicktest-pds-dev",
      s3_key="lambda-cirrus-test.zip",
      handler="lambda_function.lambda_handler",
      runtime="python3.12",
      env_vars={
        some = "value"
      },
      vpc_enabled=false,
    },

    second = {
      description="my second lambda"
      ecr_image_uri="398791403210.dkr.ecr.us-west-2.amazonaws.com/cdk-hnb659fds-container-assets-398791403210-us-west-2:latest",
      handler="lambda_function.lambda_handler",
      runtime="python3.12",
      env_vars={
        some = "value"
      },
      vpc_enabled=true,
    },
  }

  additional_lambda_roles = {
    first = jsonencode({
      Version = "2012-10-17"
      Statement = [
        {
          Action = [
            "ec2:Describe*",
          ]
          Effect   = "Allow"
          Resource = "*"
        },
      ]
    })
  }

  additional_warning_alarms = {
    first = {}
  }

  additional_error_alarms = {
    second = {
      evaluation_periods=5,
      period=60,
      threshold=100,
    }
  }