provider/aws: Update S3 Bucket Object docs for KMS Key

[catsby]

Fixes #6172 with the power of documentation!

Currently our docs for S3 Bucket Object KMS support say this:

* `kms_key_id` - (Optional) Specifies the AWS KMS key ID to use for object encryption

In Terraform terms, this is typically the id: ${aws_kms_key.foo.id}.
In AWS terms, this is... really the arn: ${aws_kms_key.foo.arn}

For creating a bucket object AWS will accept both the unique/random bits at the end of the arn, or the full arn itself as the "ID". Unfortunately when we do a READ on the bucket object, the KMS Key ID will be the full ARN. So users that specify the id will get a reoccurring plan after, as it wants to swap out the ARN it read for the ID is has.

This PR updates the documentation to clarify that you need to use the exported ARN attribute of a KMS Key resource.

[radeksimko]

As discussed via Slack, this LGTM 👍 , although long-term we could do better (i.e. make it work with id)

I reckon someone will come back here to submit another bug arguing they used id and expected it to just work 😃 and honestly I wouldn't blame them for not reading the note in docs as the field is called kms_key_ID

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.