Add BYOK resource

[emerkle826]

Fixes #320

[CalebAlbers]

Thank you so much for doing this @emerkle826! Once these changes get merged and released, I'll get our code updated to use it. If you're open to it, I'd be happy to create a PR to add some example terraform that creates an AWS KMS key and configures Astra BYOK with it.

I left a few comments around clarifying expectations in documentation (specifically around not being able to delete keys via DevOps API, which has bitten us in the past).

Looking forward to using these! 🙂

[CalebAlbers]

I think a support ticket is required to delete a customer key, which wouldn't be idiomatic for terraform providers normally - I think it is worth calling that out in the docs for the resource so people know that manual clean-up is required.

[CalebAlbers]

Would it be worth calling one of the diagnostic functions to return a warning to the user during a destroy run so they are aware manual cleanup is needed?

[CalebAlbers]

This is probably more a of a question for the DevOps API folks, but will this only ever return an array of length 1, or are there situations where Astra organizations will have more than one cloud accounts for a given cloud provider and region?

I ask since the primary use case for this data source is to be able to feed it into an AWS KMS access policy, which would require creating an ARN based on the provider_id returned in this data source's response. I'm curious if it is safe to just refer to it with data.astra_cloud_accounts.this[0].provider_id, or if some HCL manipulation needs to be done to turn it into an array of provider IDs/ARNs for the KMS key policy.

[emerkle826]

For GCP, I happen to have 2 accounts, so it can be more than 1. That may only be the case for GCP, but the code handles both AWS and GCP.

[vaishakhbn]

This can happen to aws too.