Use CMK blocks rather than CMK resources in Terraform

[yuvalyaron]

Resolves #4241

What is being addressed

Currently, CMKs are configured using separate Terraform resources, where the Azure resource is created first, and the CMK is added as a separate resource later.

This approach is problematic for tenants with policies requiring CMK to be enabled, as the resource is initially created without the CMK, resulting in a policy violation even if the CMK is added later.

This PR addresses the issue by using CMK blocks within the resources themselves, instead of defining them as separate resources.

[github-actions]

Unit Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit b887b4a.

♻️ This comment has been updated with latest results.

[yuvalyaron]

/test-extended

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/12572911353 (with refid d812a81a)

(in response to this comment from @yuvalyaron)

[yuvalyaron]

/test-extended

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/12573094999 (with refid d812a81a)

(in response to this comment from @yuvalyaron)

[yuvalyaron]

/test-extended

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/12573272383 (with refid d812a81a)

(in response to this comment from @yuvalyaron)

[yuvalyaron]

/test-extended

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/12573293655 (with refid d812a81a)

(in response to this comment from @yuvalyaron)

[marrobi]

LGTM as long as its been tested.

[tamirkamara]

/test-force-approve

[github-actions]

🤖 pr-bot 🤖

✅ Marking tests as complete (for commit b887b4a)

(in response to this comment from @tamirkamara)