Allow custom reason to be provided on access request through granted

[ckluy31]

What changed?

When granted attempts to request access for a request that requires approval, it will now also ask for a reason for access

Why?

Access Reason will improve security and help to understand why a request for an access is needed

How did you test it?

Scenario where reason is supplied:

calvinluy➜~/Git/granted(calvin/cf-3181-allow-custom-reasons-to-be-provided-when-using-granted-to)» dassume                                                                                            [12:27:52]

? Please select the profile you would like to assume: Audit/AWSAdministratorAccess                                  
[i] To assume this profile again later without needing to select it, run this command:
> assume Audit/AWSAdministratorAccess 
[i] You don't currently have access to Audit/AWSAdministratorAccess, checking if we can request access...       [target=AWS::Account::"125928628396", role=AWSAdministratorAccess, url=https://internal.commonfate.io]
[WILL REQUEST] AWSAdministratorAccess access to Audit will require approval
? Apply proposed access changes Yes
[i] Attempting to grant access...
? Reason for access: I need it for this reason
[REQUESTED] AWSAdministratorAccess access to Audit requires approval: https://internal.commonfate.io/access/requests/req_2gZmaYfYsvxpW4CHfdmS7wpx2cb
[✘] applying access was attempted but the resources requested require approval before activation
calvinluy➜~/Git/granted(calvin/cf-3181-allow-custom-reasons-to-be-provided-when-using-granted-to)» dassume                                                                                            [12:38:57]

? Please select the profile you would like to assume: Audit/AWSAdministratorAccess                                  
[i] To assume this profile again later without needing to select it, run this command:
> assume Audit/AWSAdministratorAccess 
[i] You don't currently have access to Audit/AWSAdministratorAccess, checking if we can request access...       [target=AWS::Account::"125928628396", role=AWSAdministratorAccess, url=https://internal.commonfate.io]
[WILL ACTIVATE] AWSAdministratorAccess access to Audit will be activated for 2h: https://internal.commonfate.io/access/requests/req_2gZmaYfYsvxpW4CHfdmS7wpx2cb
? Apply proposed access changes Yes
[i] Attempting to grant access...
? Reason for access: 
[ACTIVATED] AWSAdministratorAccess access to Audit was activated for 2h: https://internal.commonfate.io/access/requests/req_2gZmaYfYsvxpW4CHfdmS7wpx2cb
[✔] [Audit/AWSAdministratorAccess](ap-southeast-2) session credentials will expire in 1 hour

Scenario where Reason is not required, and no reason is supplied:

calvinluy➜~/Git/granted(calvin/cf-3181-allow-custom-reasons-to-be-provided-when-using-granted-to✗)» dassume                                                                                           [10:44:04]

? Please select the profile you would like to assume: Audit/AWSAdministratorAccess                                  
[i] To assume this profile again later without needing to select it, run this command:
> assume Audit/AWSAdministratorAccess 
[i] You don't currently have access to Audit/AWSAdministratorAccess, checking if we can request access...       [target=AWS::Account::"125928628396", role=AWSAdministratorAccess, url=https://internal.commonfate.io]
[WILL ACTIVATE] AWSAdministratorAccess access to Audit will be activated for 2h: https://internal.commonfate.io/access/requests/req_2gZYZsiXCKd6HLzVE2BbyABwu5b
? Apply proposed access changes Yes
[i] Attempting to grant access...
[i] Start...
? Reason for access: 
[ACTIVATED] AWSAdministratorAccess access to Audit was activated for 2h: https://internal.commonfate.io/access/requests/req_2gZYZsiXCKd6HLzVE2BbyABwu5b
[✔] [Audit/AWSAdministratorAccess](ap-southeast-2) session credentials will expire in 1 hour

Scenario where Reason is required, but no reason was supplied. Reason is then inputted after:

calvinluy➜~/Git/granted(calvin/cf-3181-allow-custom-reasons-to-be-provided-when-using-granted-to✗)» dassume                                                                                           [11:07:18]

? Please select the profile you would like to assume: Audit/AWSAdministratorAccess                                  
[i] To assume this profile again later without needing to select it, run this command:
> assume Audit/AWSAdministratorAccess 
[i] You don't currently have access to Audit/AWSAdministratorAccess, checking if we can request access...       [target=AWS::Account::"125928628396", role=AWSAdministratorAccess, url=https://internal.commonfate.io]
[WILL REQUEST] AWSAdministratorAccess access to Audit will require approval
? Apply proposed access changes Yes
[i] Attempting to grant access...
X Sorry, your reply was invalid: Value is required
? Reason for access: reason 1
[REQUESTED] AWSAdministratorAccess access to Audit requires approval: https://internal.commonfate.io/access/requests/req_2gZcQBDdqY18ZjCv7oJStOjLZ7J
[✘] applying access was attempted but the resources requested require approval before activation

Potential risks

Is patch release candidate?

Link to relevant docs PRs