feat: add AWS discovery rules for ELB, Lambda, and RDS

[axonstone]

Summary

• What changed?
  • Added discovery-only AWS rules for ELB network load balancers, Lambda error rate and timeout review, and RDS reserved coverage, Graviton review, CPU utilization, unsupported engine versions, and orphaned snapshots.
  • Extended AWS discovery datasets and hydrators for Lambda metrics plus enriched RDS instance, reservation, CPU, and snapshot metadata.
  • Updated rule catalogs, metadata tests, SDK export expectations, discovery wiring tests, reference docs, and package changesets.
• Why was this needed?
  • CloudBurn was missing these Thrifty-aligned discovery controls for several high-signal AWS cost and cleanup scenarios, so the built-in AWS discovery coverage was incomplete.

Diagram

flowchart LR
    RE["Resource Explorer catalog"] --> ELB["ELB datasets\nload balancers + target groups"]
    RE --> Lambda["Lambda datasets\nfunctions + 7d metrics"]
    RE --> RDS["RDS datasets\ninstances + reservations + CPU + snapshots"]
    ELB --> ELBRule["CLDBRN-AWS-ELB-4"]
    Lambda --> LambdaRules["CLDBRN-AWS-LAMBDA-2\nCLDBRN-AWS-LAMBDA-3"]
    RDS --> RDSRules["CLDBRN-AWS-RDS-3..7"]

Loading

Scope

• cloudburn (cli)
• @cloudburn/sdk
• @cloudburn/rules
• docs/community files

Release Notes

• Added a .changeset/*.md file for published package changes
• No published package changes in this PR

Verification

• pnpm lint
• pnpm typecheck
• pnpm test
• pnpm build
• pnpm verify

Boundary Checks

• No engine/parser/provider logic added to @cloudburn/rules
• CLI delegates scan logic to SDK
• README/CONTRIBUTING/docs updated when behavior changed

---

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 5 additional findings.