VED-814 Resolve sonarcloud warnings on S3 bucket ownership

[dlzhry2nhs]

Summary

• Routine Change

Resolves the outstanding security warnings we have in Sonarcloud that causes us to fail on master/overall coverage: https://sonarcloud.io/project/issues?issueStatuses=OPEN%2CCONFIRMED&types=VULNERABILITY&severities=BLOCKER%2CCRITICAL%2CMAJOR%2CMINOR&inNewCodePeriod=true&sinceLeakPeriod=true&id=NHSDigital_immunisation-fhir-api

• Add expected bucket owner account to boto3 S3 calls
• Update tests to pass using the moto default account ID

Reviews Required

• Dev

Review Checklist

ℹ️ This section is to be filled in by the reviewer.

• I have reviewed the changes in this PR and they fill all or part of the acceptance criteria of the ticket, and the code is in a mergeable state.
• If there were infrastructure, operational, or build changes, I have made sure there is sufficient evidence that the changes will work.
• I have ensured the changelog has been updated by the submitter, if necessary.

[github-actions]

This branch is working on a ticket in the NHS England VED JIRA Project. Here's a handy link to the ticket:

VED-814

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Akol125]

just curious as to why two arguments references the same value

[dlzhry2nhs]

It's a good question. So for any copy request (you can check boto3 - S3) you can set both the bucket owner and source bucket i.e. the bucket you are copying from.

In both cases, these are buckets that belong in our account. Hope that makes sense.

[Akol125]

Hence the same account ID, makes total sense