aws/permissions: Add s3:GetBucketObjectLockConfiguration to pre-flight checks

[wking]

And alphabetize this section. The new permission avoids:

error getting S3 Bucket Object Lock configuration: AccessDenied

which came in with our Terraform bump from d1c17b7 (#1442).

[wking]

From @csrwng:

btw, install is progressing now with the new permission

so I don't think we're missing anything else. It would be nice to have CI coverage to ensure that our set of required permissions was sufficient (even if it would be hard to ensure it was minimal), but I'm punting all of that to follow-up work.

[abhinavdahiya]

/lgtm

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abhinavdahiya, wking

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [abhinavdahiya,wking]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[abhinavdahiya]

Failing tests:

[Feature:DeploymentConfig] deploymentconfigs when run iteratively [Conformance] should only deploy the last deployment [Suite:openshift/conformance/parallel/minimal]

/retest

[wking]

e2e-aws:

level=fatal msg="waiting for Kubernetes API: context deadline exceeded"

/retest

[wking]

e2e-aws:

Flaky tests:

[sig-cli] Kubectl client [k8s.io] Kubectl logs should be able to retrieve and filter logs  [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s]

Failing tests:

[Feature:Platform] Managed cluster should have no crashlooping pods in core namespaces over two minutes [Suite:openshift/conformance/parallel]

/retest