Adding permission to describe EKS cluster to member infra role

[julialawrence]

A reference to the issue / Description of it

ministryofjustice/analytical-platform#2454
We are building out another catalogue candidate meant to be deployed into EKS. To minimise the dependencies on MP team, we would like to build out as much infra in the MPE repository as possible. This is a request for read-level EKS permissions to allow lookups via datasources.

How does this PR fix the problem?

This gives the member infra role read-level permissions on the EKS cluster.

How has this been tested?

The local plan works because this permission is already available in the sandbox account but the deployment via GHA fails.

Deployment Plan / Instructions

This should have no impact on PROD. This adds rather than removes or restricts permissions.

Checklist (check x in [ ] of list items)

• I have performed a self-review of my own code
• All checks have passed
• [?] I have made corresponding changes to the documentation
• [?] Plan and discussed how it should be deployed to PROD (If needed)

[github-actions]

TFSEC Scan Success

Show Output

*****************************

TFSEC will check the following folders:
terraform/environments/core-network-services

*****************************

Running TFSEC in terraform/environments/core-network-services
Excluding the following checks: aws-ssm-secret-use-customer-key,github-repositories-private,aws-vpc-no-excessive-port-access,github-repositories-require-signed-commits

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             1.226449ms
  parsing              779.342667ms
  adaptation           3.243527ms
  checks               8.692228ms
  total                792.504871ms

  counts
  ──────────────────────────────────────────
  modules downloaded   1
  modules processed    14
  blocks processed     381
  files read           71

  results
  ──────────────────────────────────────────
  passed               26
  ignored              35
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

Checkov Scan Success

Show Output

*****************************

Checkov will check the following folders:
terraform/environments/core-network-services

*****************************

Running Checkov in terraform/environments/core-network-services
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2023-11-28 11:52:09,387 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-pagerduty-integration?ref=0179859e6fafc567843cd55c0b05d325d5012dc4:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 202, Failed checks: 0, Skipped checks: 88


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/core-network-services

*****************************

Running tflint in terraform/environments/core-network-services
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0