feat: Add Security Inspector S3 exposure and versioning checks

[nathanhuh]

Summary

Add S3-focused Security Inspector checks for public exposure and missing versioning.

Details

• Implement bucket public access checks using ACL and policy evaluation
• Implement bucket versioning checks
• Reuse the existing S3 service/client layer where possible and add missing calls only if needed
• Emit findings with clear remediation recommendations
• Add focused unit tests for each rule path

Checklist

• Add S3 public access rules
• Add S3 versioning rule
• Wire rules into the Inspector rule registry
• Add tests for passing and failing bucket states

Related umbrella issue: #59
Depends on: #89

[nathanhuh]

@Unic-bot: assign me

[github-actions]

@nathanhuh has been assigned to this issue.