add new variable for changing managed policies and default to adding policy to use cloudwatch agent
Cloudwatch Agent requires access to the Cloudwatch api and this is provided by this Managed Policy from AWS.
This change updates the AWS IAM role for our servers to include this managed policy by default. The change also updates the role so that Managed Policies can be altered now through a variable.