First-class EC2 support

[BohdanPetryshyn]

Summary

Currently, users must use the custom connection target approach to connect to services running on EC2 instances. This involves manually setting up connectivity (at init time) and providing Basti with the target's IP and port (at connect time).

Solution

The first-class EC2 support could be implemented in the following way:

1. User selects the EC2 instance and a port where the service is running during basti init
2. The Basti access security group, which allows connection from the bastion instance to the target will have one ingress rule service (one ingress rule will be added per one basti init run)
3. The per-service ingress rule will have the name of the service in the description (the
   user will be prompted for a name during initialization)
4. When connecting, the user will be presented not only with the EC2 instances but with services running on those instances based on the ingress rules of the Basti access security group.

This includes:

1. Detecting EC2 instances in the user's AWS account and presenting them during initialization
2. EC2 instance initialization (setting up the access security group or reusing the existing one)
3. Detecting services running on the EC2 instances by the Basti access SG and it's ingress rules
4. EC2-related resources cleanup in basti cleanup command