fix(ec2): guard seeded AMIs, reseed on restore, persist image criteria, lazy read

[vieiralucas]

Summary

Bug-hunt 2026-06-26 cycle 3, batch 2 of 3 — fixes three regressions the cycle-3 AMI-seed work (#1964/#1965) introduced, plus a pre-existing stub.

• ci: add Moto compatibility test suite to CI #2 (MEDIUM): DeregisterImage / ModifyImageAttribute had no owner guard, so a caller could remove or mutate the seeded amazon/Canonical-owned public AMIs in its own account — permanently breaking data.aws_ami { owners=["amazon"] } (the exact thing the catalogue exists for). Now reject ops on an AMI owned by another owner with AuthFailure, matching AWS. User-registered AMIs (owner_id == None) are still freely deregistered/modified.
• feat(eventbridge): implement archives, connections, API destinations, replays #5 (LOW): a snapshot written by a pre-feat(ec2): seed a public AMI catalogue so aws_ami data sources resolve #1964 binary restored an account whose images map lacked the seeds, and the read-path fallback only seeds ABSENT accounts → after upgrade+restart aws_ami returned empty. On restore, idempotently reseed the public catalogue into every restored account (deterministic ids → no-op for already-seeded).
• feat(sns): implement platform endpoints, SMS, PublishBatch and improve compatibility #4 (LOW): ReplaceImageCriteriaInAllowedImagesSettings was a write-succeeds/read-default stub. Now persists the ImageCriterion ImageProviders and emits them from GetAllowedImagesSettings.
• fix(ci): add missing test deps to Moto workflow #6 (LOW): DescribeImages eagerly built the (now seed-heavier) throwaway Ec2State on every read; use a deferred fallback so it's constructed only for a not-yet-created account.

Test plan

• New e2e ec2_ami_catalogue: seeded-AMI deregister/modify rejected (AuthFailure) + user AMI deregister OK; ReplaceImageCriteria → GetAllowedImagesSettings round-trip (verified the real wire shape ImageCriterion.N.ImageProvider.M via the aws CLI against a live server); catalogue survives start_persistent → restart.
• ec2 image conformance (register/modify/deregister/get-allowed-images/replace) — 5/5 green.
• cargo clippy -p fakecloud-ec2 --all-targets -- -D warnings clean; cargo fmt.

Batch 1 = #1966 (S3 aws-chunked). Batch 3 = bedrock InvokeGuardrailChecks. Report: bug-hunt-reports/2026-06-26-cycle3.md.

---

Summary by cubic

Block DeregisterImage/ModifyImageAttribute on seeded amazon/Canonical AMIs and reseed the public AMI catalogue on snapshot restore. Persist allowed-image criteria and make DescribeImages lazy to reduce read overhead.

• Bug Fixes

  • Reject deregister/modify on AMIs owned by other accounts with AuthFailure; user-registered AMIs still allowed.
  • On snapshot restore, reseed the public AMI catalogue for each account; deterministic ids make this idempotent.
  • Persist ImageCriterion providers from ReplaceImageCriteriaInAllowedImagesSettings and return them via GetAllowedImagesSettings.

• Performance

  • DescribeImages now builds the default seeded state only when the account doesn’t exist, reducing work on reads.

^{Written for commit 473935e. Summary will update on new commits.}