Add Snowflake support, update OCSF, bug fixes & experiments

[jonrau1]

Primarily, this PR is to address #292 to add Snowflake to the list of SaaS Security Posture Management checks in ElectricEye, which I did. Albeit, only somewhat, I don't have access to an Enterprise Account and cannot evaluate any of the encryption-related checks and will not do so blindly in good faith (and to save myself asspain in the future).

Additionally, as is the tradition, whenever I am dicking around with the code I want to eek out some small performance improvements, bugfixes, and mess around with Outputs and some experimental features -- much like how I added same-account session creation and even came up with the idea of using a TOML file.

Breaking Changes

• Updated OCSF outputs for ocsf_stdout and ocsf_kdf to 1.4.0 from 1.1.0
• Retired DisruptOps/Firemon Cloud Defense output
• Retired --create-insights option from the Controller, removed the old code that it called to create AWS Security Hub Insights

Bugfixes

• Fixed normalization of base_event as well as resources.cloud_partition, resources.region, cloud.account.uid, and cloud.region for non-AWS checks that have placeholder ASFF values for Account, Region, and Partition
• Fixed the --list-controls arg to display finding titles in a JSON list
• Fixed the fake "aws-global-*" regions from displaying in OCSF outputs
• Fixed the architecture diagram to make it a lot more self-explanatory and less busy
• Fixed several mismatches where print and logger.* were used
• Added missing types and fixed missing types within EEAuditor and CloudUtils for easier debugging - mostly for me
• Fixed an issue where several duplicate boto3.Session() objects were created due to improper nesting
• Fixed an issue where your default AWS session wouldn't be used if you did not include an argument for electric_eye_role_name in the TOML or experimental --args feature
• Fixed an issue where assessment targets could be errantly called despite specifying one with -t -- notably ServiceNow was called when evaluating AWS
• Fixed failing/passing logic in several AWS Glue, Amazon ECR, and AWS S3 checks due to improper exception handling or just me being an absolute bonehead

Features & Improvements

• Snowflake supported with 21 checks - primarily for User & Account-level best practices. This includes adding HTML report iconography, compliance control mappings, documentation, control objectives, and screenshots.
• Added support for OCSF 1.4.0 Compliance Findings output as ocsf_v1_4_0
• Improved performance of EEAuditor notably for AWS checks
• Improved the performance of AWS Glue, Amazon ECR, and AWS S3 checks while fixing logic evaluation bugs
• Improved the usage of logging and default to INFO - this can make it a bit chatty so in the future I will have to change it I am sure - that will be a larger project I don't want to dick with right now
• Improved type-hinting, especially for complex types like Azure, Snowflake, and AWS objects for auth and cursors
• Improved typing and processing of several args in CloudUtils
• Added several "single-dash"/shorthand commands for args where they didn't exist before such as -tp for --toml-path or -of for --output-file
• Minor documentation updates for Setup

Experimental

• Added an argument -ut / --use-toml to decide when to read from the TOML configuration file or use externally provided details
• Added an argument --args which allows you to provide escaped JSON when -ut is set to False, this will call a new function in CloudUtils to process the configuration details from a JSON object instead of the TOML. This is a WIP and only AWS and Snowflake are ported with minimal documentation. The concept is to make it easier to run ElectricEye within Docker or another orchestrator, especially for providing several Accounts/Regions/Compartments to execute in parallel instead of in series.