Issues with Custom Config Rules and LZA

[senyberg]

Describe the bug
There are multiple issues with launching Custom Config Rules with LZA:

1. When setting periodic: false you are still required to set maximumExecutionFrequency parameter. This should be optional.
2. When setting periodic: true you are still required to set triggerResources parameter. This should be optional.
3. When setting configurationChanges: true and configure triggeringResources with lookupType: ResourceTypes you still need to add a lookupKey. According to documentation this can be an empty string, but you will get an error: /awsConfig/ruleSets/1/rules/2/customRule/triggeringResources/lookupKey => must NOT have fewer than 1 characters
4. The rolePolicyFile in lambda does not support LZA Solution Specific Variables (https://docs.aws.amazon.com/solutions/latest/landing-zone-accelerator-on-aws/working-with-solution-specific-variables.html). Trying to use ${PARTITION} or ${ACCOUNT_ID} will result in errors (these are the ones I tested with) in "Security_Resources" action in the pipeline.

To Reproduce

1. Set periodic: false and try and run pipeline without setting maximumExecutionFrequency
2. Set periodic: true and try and run pipeline without setting triggerResources
3. Set configurationChanges: true and try and run pipeline with settings lookupType: Resources and lookupKey: ""
4. Try adding a policy for custom lambda with LZA Solution Specific Variables

Expected behavior
Configuration should be more flexible, and not require parameters not needed. Policy should be able to parse LZA Solution Specific Variables.

Please complete the following information about the solution:

• Version: v1.14.2
• Region: eu-north-1
• Was the solution modified from the version published on this repository?
• If the answer to the previous question was yes, are the changes available on GitHub?
• Have you checked your service quotas for the services this solution uses?
• Were there any errors in the CloudWatch Logs?