Add permissions for AWS Elemental MediaLive

[buxell]

Add permissions for AWS Elemental MediaLive

This PR adds comprehensive support for AWS Elemental MediaLive by updating IAM policies and implementing resource cleanup functionality.

Changes

IAM Policy Updates

• aws/policy/security-services.yaml: Added AWSElementalMediaLiveFullAccess to allowed managed policies and consolidated several policy patterns to stay under max policy length
• aws/policy/application-services.yaml: Added MediaLive-specific permissions including:
  • Read permissions: medialive:Describe*, medialive:List*
  • Resource management: Create, delete, update, start/stop operations for channels, inputs, clusters, networks, and other MediaLive resources
  • Resource ARNs for MediaLive services

Resource Cleanup Implementation

• aws/terminator/application_services.py: Added 8 new terminator classes for MediaLive resources:
  • MediaLiveChannel - Handles channel lifecycle with proper stop-before-delete logic
  • MediaLiveInput - Manages input sources
  • MediaLiveInputSecurityGroup - Security group cleanup
  • MediaLiveChannelPlacementGroup - Placement group management
  • MediaLiveCluster - Cluster resource cleanup
  • MediaLiveNetwork - Network resource management
  • MediaLiveNode - Node cleanup
  • MediaLiveSdiSource - SDI source management

Testing

• ✅ Sanity tests passed via tox
• ✅ Deployed IAM role with updated permissions
• ✅ MediaLive integration tests executed successfully

Tox output (click to expand)

...

PLAY RECAP *******************************************************************************************************************************************************************************************************
localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0

pycodestyle: OK (0.32=setup[0.06]+cmd[0.26] seconds)
pylint: OK (3.48=setup[0.02]+cmd[3.47] seconds)
yamllint: OK (1.47=setup[0.02]+cmd[1.45] seconds)
policy: OK (1.82=setup[0.02]+cmd[0.83,0.98] seconds)
congratulations :) (7.21 seconds)