Notify about new devices signing in to AWS console

[defvol]

See the discussion in #79

TODO

• Add a new rule for the ConsoleLogin event
• Add s3 permissions
• Generate device ids
• Persist ids in s3
• Match current login against the s3 list of known devices
• Fix matching regexp (should compare the full SHA hash not just a pattern)

Nice to have

• Post to a slack channel
• CC a sec group
• Notify user through email

[defvol]

@ianshward finally I've fixed the tests!

mind taking a look?

[defvol]

cc: @zmully you might be interested in this PR ^^
local tests are solid now

TL;DR this rule will trigger an event when a new device logs in. To keep a list of known devices, a SHA1 hash is generated and stored in a custom S3 bucket everytime a new device logs in.

[ianshward]

This looks good to me @rodowi We're going to want to have some mechanism in patrol to do a notification to a non high priority pagerduty escalation policy, a message to a slack channel, or to an individual user, so that this does not page a main pagerduty escalation policy. That shouldn't prevent this from merging, but to deploy this, we'll want this alternative notification type in place. Ideally the notification mechanism used can be decided within the logic of rules (high, medium, low, or, pager, slack, personal email) and/or configurable when implementing the rules using lambda-cfn / in the cloudformation template.