fix(controller): Allow wildcard resources with specific actions in rate limit config

[AbhiMgowda]

Description

controller startup failure when configuring API rate limits with wildcard resources and specific actions, for example
resources = ["*"] and actions = ["read", "list"]

ubuntu@ip-10-255-1-83:~$ boundary server -config=/etc/boundary.d/boundary.hcl
Error initializing controller: error initializing rate limiter: ratelimit.(Configs).Limits: action read not valid for resource billing: configuration issue: error #5000

Current behavior validates each requested action against every expanded resource. Some resources, like billing, do not support read/list and only expose custom actions. That causes config validation to fail with: action read not valid for resource billing and the controller does not initialize.

ratelimit_config

Files Changed

internal/daemon/controller/rate_limiter_test.go
internal/ratelimit/config.go
internal/ratelimit/config_test.go

I would like to propose changing wildcard action handling in rate-limit config from fail-fast to apply-where-valid. Explicit resource configs remain strict.

PCI review checklist

• I have documented a clear reason for, and description of, the change I am making.
• If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.
• If applicable, I've documented the impact of any changes to security controls.
  Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.