fix: allow security.txt through the WAF

[patheard]

Summary

Add a rule to allow the /.well-known/security.txt requests through the WAF.

[github-actions]

⚠ Terrform update available

Terraform: 1.14.5 (using 1.12.2)
Terragrunt: 0.99.2 (using 0.83.0)

[github-actions]

Staging: load_balancer

✅   Terraform Init: success
✅   Terraform Validate: success
✅   Terraform Format: success
✅   Terraform Plan: success
✅   Conftest: success

Plan: 0 to add, 1 to change, 0 to destroy

Show summary

CHANGE	NAME
update	aws_wafv2_regex_pattern_set.valid_app_uri_paths

Show plan

Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_wafv2_regex_pattern_set.valid_app_uri_paths will be updated in-place
  ~ resource "aws_wafv2_regex_pattern_set" "valid_app_uri_paths" {
        id          = "2020c3bc-eb87-45f3-8ee7-99cd707612e7"
        name        = "valid_app_uri_paths"
        tags        = {}
        # (7 unchanged attributes hidden)

      + regular_expression {
          + regex_string = "^\\/\\.well-known\\/security\\.txt$"
        }

        # (5 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Warning: Deprecated attribute

  on .terraform/modules/waf_ip_blocklist/waf_ip_blocklist/data.tf line 6, in locals:
   6:   athena_region = var.athena_region != "" ? var.athena_region : data.aws_region.current.name

The attribute "name" is deprecated. Refer to the provider documentation for
details.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"

Show Conftest results

WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.form_viewer"]
WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.form_viewer_maintenance_mode"]
WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.forms_api"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener_rule.forms_api"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener_rule.security_txt"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudfront_distribution.maintenance_mode"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.UnHealthyHostCount-TargetGroup1"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.UnHealthyHostCount-TargetGroup2"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_role.firehose_waf_logs"]
WARN - plan.json - main - Missing Common Tags: ["aws_kinesis_firehose_delivery_stream.firehose_waf_logs"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb.form_viewer"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_listener.form_viewer_http"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_listener.form_viewer_https"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_target_group.form_viewer_1"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_target_group.form_viewer_2"]
WARN - plan.json - main - Missing Common Tags: ["aws_lb_target_group.forms_api"]
WARN - plan.json - main - Missing Common Tags: ["aws_route53_health_check.lb_web_app_global_target_group"]
WARN - plan.json - main - Missing Common Tags: ["aws_route53_health_check.lb_web_app_target_group_1"]
WARN - plan.json - main - Missing Common Tags: ["aws_route53_health_check.lb_web_app_target_group_2"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket.maintenance_mode"]
WARN - plan.json - main - Missing Common Tags: ["aws_s3_object.maintenance_static_page_css_files[\"style.css\"]"]
WARN - plan.json - main - Missing Common Tags:...