account-waiter has incorrect syntax for iam role

[pgiuliano]

governance-at-scale-account-factory/account-waiter/v3/product.template.yaml

AccountWaiterCustomResourceRole:
    Type: AWS::IAM::Role
    Properties:
      Path: !Ref GovernanceAtScaleAccountFactoryIAMRolePath
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      Policies:
        - PolicyName: ServiceCatalogActions
          PolicyDocument:
            Version: 2012-10-17
            Statement:
              - Effect: Allow
                Action:
                  - sts:AssumeRole
                Resource: !Ref GovernanceAtScaleAccountFactoryAccountCreationSharedOrgRoleArn
              - Effect: Allow
                Action:
                  - codebuild: '*'
                Resource: '*'
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: "Allow"
            Principal:
              AWS: !Sub "arn:aws:iam::${AWS::AccountId}:root"
            Action:
              - "sts:AssumeRole"
          - Effect: "Allow"
            Principal:
              Service:
                - "lambda.amazonaws.com"
            Action:
              - "sts:AssumeRole"

codebuild: '*' should be - 'codebuild:*'