feat: add retention policy to gcs module [DA-3815]

[thadchais]

Pull Request Submission Checklist

Please confirm that you have done the following before requesting reviews:

• I have confirmed that the PR type is appropriate for the change I am making according to the Honest Pull Request and Commit Message Naming Conventions.
• I have typed an adequate description that explains why I am making this change.
• I have installed and run standard pre-commit hooks that lints and validates my code.
• All entities that I am working with are up-to-date in Backstage; if updates are needed, I have linked the relevant PRs. Backstage guide

Description

This PR introduces the following changes to the gcp_gcs_bucket module:

• Retention Lock Configuration:
  Added a retention_policy block to the google_storage_bucket resource to enable retention lock on the bucket.
  Introduced two new variables: retention_lock_enabled and retention_lock_duration_seconds to control the retention lock settings.

• Object Versioning:

Added a new variable: object_versioning_enabled to control the versioning of objects in the bucket.

Why

Retention Lock: Ensures that objects in the bucket are protected from deletion for a specified period, enhancing data security and compliance with data retention policies.

Data Engineers use this feature to backup data platform and secure the archived data. Here is the design document

Object Versioning: Allows multiple versions of an object to be stored, enabling retrieval, restoration, or permanent deletion of specific versions of objects.

APPENDIX

The variable var.object_versioning_enabled is a boolean variable that, when set to true, enables versioning for the Google Cloud Storage bucket. This means that multiple versions of an object can be stored in the bucket, allowing you to retrieve, restore, or permanently delete specific versions of objects.

Mutually Exclusive with Retention Lock

The retention_policy block, which includes the retention_lock_enabled and retention_lock_duration_seconds variables, is used to enforce a retention lock on the bucket. This lock ensures that objects cannot be deleted or replaced for a specified period.

However, the retention_policy and object versioning are mutually exclusive. This means you cannot enable both at the same time for a single bucket. If retention_lock_enabled is set to true, you cannot enable object_versioning_enabled, and vice versa. This restriction is in place because the retention policy enforces strict deletion rules that conflict with the flexibility provided by object versioning.

More detail: Considerations with other features

Completed DA-3820 fixed Terratest workflow

---

This change is 

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[olli-honest]

Should this be covered by the test case as well here?

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform

[honestbank-bot]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan

Pusher: @thadchais, Action: pull_request, Working Directory: ``, Workflow: terraform