Add support for Server-Side Encryption to SQS

[brandonstevens]

AWS recently added support for server-side encryption (SSE to SQS. This updates the aws_sqs_queue resource to include two SSE attributes. Updated code, tests, and docs. Ran acceptance tests.

Marked as a WIP for a couple reasons:

• First time contributing to the project. No idea if I missed anything.
• There is an edge case with KmsDataKeyReusePeriodSeconds that I need advice on how to handle. In the AWS API, when KmsDataKeyReusePeriodSeconds is set, but KmsMasterKeyId is not set, the API does not encrypt the queue and ignores KmsDataKeyReusePeriodSeconds. The code as it stands makes the API call and silently saves kms_data_key_reuse_period_seconds to the state even though it's not used.

[radeksimko]

Hi @brandonstevens
your PR looks great. Good test coverage.

Regarding the second concern about KmsDataKeyReusePeriodSeconds - there are long-term plans on supporting RequiredWhen in the schema, so we could express a case when a field is only required under certain conditions. Unfortunately we don't support that yet, so we can either leave it fail silently (current situation) or add a simple condition to the CRUD. I think the first option is OK.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!