[terraform] Add reports service
Summary:
Added reports service to terraform. Mostly copy-paste from other services. Diff is long, a few notes here:
- Used EC2 backend (not Fargate) because 512MB memory is too much for this service.
- Introduced IAM role for the service. It has access to single DynamoDB table (+ ECS Exec capability for debugging).
- E-mail config, despite being encrypted by SOPS, is stored in Secrets Manager - the reason is that ECS Task Definition config would either expose it or, if marked as sensitive, its terraform diffs would be unusable.
- It reaches Blob service endpoint through ECS Service Connect (D9038)
- Load balancers are standard, copy-pasted from other services
Test Plan: Tested on staging. Reports service worked E2E (sending e-mails, storing in DDB, storing in Blob service).
Reviewers: michal, kamil, jon, varun
Reviewed By: michal
Subscribers: ashoat, tomek
Differential Revision: https://phab.comm.dev/D9040