feat(codepipeline-actions): show status reason in the pipeline for failed change set executions (#29534)

### Reason for this change

The CodePipeline ExecuteChangeSet action can now show a summary of why the change set execution failed. But, it needs an additional IAM permission: `cloudformation:DescribeStackEvents`.

With the current action policy generated by CDK, I get the following message in the pipeline when a change set execution fails:
```
Additional Information: Failed to execute change set.
Current stack status: UPDATE_ROLLBACK_COMPLETE.
Status reason is not available because IAM role associated with the action does not have CloudFormation DescribeStackEvents permission
```

### Description of changes

Added `cloudformation:DescribeStackEvents` permission to the policy generated for the ChangeSetExecute pipeline action.

### Description of how you validated changes

Updated unit tests and integ test with the new permission.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Author: clareliguori

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/aws-cdk-codepipeline-cloudformation.assets.json

@@ -795,6 +795,7 @@
       {
        "Action": [
         "cloudformation:DescribeChangeSet",
+        "cloudformation:DescribeStackEvents",
         "cloudformation:DescribeStacks",
         "cloudformation:ExecuteChangeSet"
        ],

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/aws-cdk-codepipeline-cloudformation.template.json

@@ -37,6 +37,7 @@ export class SingletonPolicy extends Construct implements iam.IGrantable {
     this.statementFor({
       actions: [
         'cloudformation:DescribeStacks',
+        'cloudformation:DescribeStackEvents',
         'cloudformation:DescribeChangeSet',
         'cloudformation:ExecuteChangeSet',
       ],

packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.cfn-template-from-repo.lit.js.snapshot/cdk.out

@@ -163,6 +163,7 @@ describe('Pipeline Actions', () => {
           {
             Action: [
               'cloudformation:DescribeChangeSet',
+              'cloudformation:DescribeStackEvents',
               'cloudformation:DescribeStacks',
               'cloudformation:ExecuteChangeSet',
             ],