Move to alexs aws

[kurtwheeler]

This PR does a few things:

• Changes the AWS account from Greenelab to Alexslemonade. This mostly happens via running terraform with AWS credentials from a different account, but that change is also explicit because a different route53 zone is specified. (That resource cannot be created via Terraform.)
• Changes the availability zone. Both availability zones appear to have similar costs, but we accidentally created the route53 zone in the new zone so rather than destroying it and recreating it (which would require reconfirming the domain name ownership) we just changed the AZ we're spinning this up in.
• Tightens up the IAM policy statements so Cognoma resourcces are limited to the Cognoma VPC.

I tested that the syntax is parsable by terraform and that the resources I have IAM permissions to create are creatable, however I cannot create IAM roles so there are 13 resources which I cannot test the creation of.

[kurtwheeler]

BTW, this PR no longer changes the AZ because SES is not supported in us-east-2.

[Miserlou]

LGTM - how is our Route53 being managed?

[kurtwheeler]

Route53 is primarily managed through terraform, however the zone itself is not. I'm not sure why now... I had thought terraform didn't offer a way to create a zone, only reference it via a data block, but now I found https://www.terraform.io/docs/providers/aws/r/route53_zone.html. However at this point I think it may not be worth fixing that small thing because we already have cognoma.org as a verified domain within the zone which involved @cgreene's authorization.