Ensure S3 access is encrypted

[mogul]

In order to minimize the potential to poison our blob store, we want to use encryption with our S3 buckets.

Acceptance Criteria

• [x] The staging and production S3 blob stores use encryption

[rogeruiz]

The current work on cg-encrypt-blobstore-boshrelease accepts a single string for the bucket name. Which you can see in the manifest for the cg-deploy-monitoring here. The idea for #28 which I closed, is to have this property from the manifest be a list that can be iterated through to encrypt multiple buckets. Something along this example.

bucket: 
- "18f-cf-bucket_one"
- "18f-cf-bucket_two"
# etc...

Something that came up during my pairing with @jmcarp was where this list of buckets should come.

1. From the aws-cli, meaning we'd ping the server for all available buckets
2. From the manifest.yml in the pipeline as a list, example above.

That should give some more clarification on #28. I don't think it's technical debt, but rather necessary to get this feature working across all s3 buckets. I hope the explanation above helps with how #28 should be prioritized, feel free to reopen if you think we should split that work out.

[rogeruiz]

After speaking to @dlapiduz about how often this script should run, he mentioned that it should be hourly.