Add new review workflow

[nhatnghiho]

Description of changes:

Add a new security review workflow that runs on every PR.

Call-outs:

The AWS account used for this workflow will need to be updated to the production account once changes are approved.

Testing:

Check out the findings report linked at security-review / report. Also review this sample report on an early commit of this PR that demonstrates the findings being flagged.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 78.13%. Comparing base (cff38f4) to head (86d2e8b).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3230   +/-   ##
=======================================
  Coverage   78.12%   78.13%           
=======================================
  Files         689      689           
  Lines      123123   123123           
  Branches    17124    17124           
=======================================
+ Hits        96190    96197    +7     
+ Misses      26032    26026    -6     
+ Partials      901      900    -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.