Create log metric filter and alarm for root user access.

[Matthew-Grayson]

🗣 Description

Create log metric filter for CloudWatch.1 to monitor use of AWS root account. Create alarm for CloudWatch.1 with action set as SNS topic. Create SNS topic to aggregate all CloudWatch control alarms.

💭 Motivation and context

Address 1 of 14 AWS CloudWatch controls CloudWatch.1 flagged by AWS security hub.

🧪 Testing

✅ Pre-approval checklist

• [x] This PR has an informative and human-readable title.
• [x] Changes are limited to a single goal - eschew scope creep!
• [x] All future TODOs are captured in issues, which are referenced in code comments.
• [x] All relevant type-of-change labels have been added.
• [x] I have read the CONTRIBUTING document.
• [x] These code changes follow cisagov code standards.
• [x] All relevant repo and/or project documentation has been updated to reflect the changes in this PR.
• [x] Tests have been added and/or modified to cover the changes in this PR.
• [x] All new and existing tests pass.

✅ Pre-merge checklist

• [ ] Revert dependencies to default branches.
• [ ] Finalize version.

✅ Post-merge checklist

• [ ] Create a release.